urlscan.io logo urlscan.io
SecurityTrails logo

www.xxlmag.com Open in urlscan Pro
192.229.233.172  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://link.morningbrew.com/click/24404729.50301/aHR0cHM6Ly93d3cueHhsbWFnLmNvbS9rYW55ZS13ZXN0LWFkaWRhcy1zbmVha2Vycy1uaWtlLXN...
Effective URL: https://www.xxlmag.com/kanye-west-adidas-sneakers-nike-socks/?utm_source=morning_brew
Submission: On July 10 via api from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 98 IPs in 9 countries across 84 domains to perform 344 HTTP transactions. The main IP is 192.229.233.172, located in Culver City, United States and belongs to EDGECAST, US. The main domain is www.xxlmag.com.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on April 22nd 2021. Valid for: 6 months.
This is the only time www.xxlmag.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 3.226.166.212 14618 (AMAZON-AES)
24 192.229.233.172 15133 (EDGECAST)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
12 192.229.233.181 15133 (EDGECAST)
1 2600:9000:20e... 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
4 15 2.18.234.21 16625 (AKAMAI-AS)
1 192.229.233.218 15133 (EDGECAST)
1 34.195.13.237 14618 (AMAZON-AES)
1 2a00:1450:400... 15169 (GOOGLE)
1 1 2a03:2880:f22... 32934 (FACEBOOK)
1 2 2a03:2880:f22... 32934 (FACEBOOK)
2 104.111.219.144 16625 (AKAMAI-AS)
2 34.95.69.49 15169 (GOOGLE)
3 13.224.192.34 16509 (AMAZON-02)
15 2606:2800:234... 15133 (EDGECAST)
5 2a03:2880:f02... 32934 (FACEBOOK)
6 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
6 12 76.223.111.131 16509 (AMAZON-02)
1 34.120.133.55 15169 (GOOGLE)
4 142.250.181.226 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
1 151.139.128.11 20446 (HIGHWINDS3)
6 2a03:2880:f12... 32934 (FACEBOOK)
4 104.111.247.126 16625 (AKAMAI-AS)
2 18.195.223.2 16509 (AMAZON-02)
11 134.209.131.220 14061 (DIGITALOC...)
11 18 37.252.173.62 29990 (ASN-APPNEX)
2 2.18.232.7 16625 (AKAMAI-AS)
4 54.77.19.59 16509 (AMAZON-02)
4 22 35.244.159.8 15169 (GOOGLE)
2 178.162.133.150 60781 (LEASEWEB-...)
5 213.19.162.61 26667 (RUBICONPR...)
2 13.224.193.35 16509 (AMAZON-02)
2 2.21.111.28 16625 (AKAMAI-AS)
2 18.158.84.255 16509 (AMAZON-02)
1 213.19.147.43 3356 (LEVEL3)
2 34.107.148.139 15169 (GOOGLE)
1 185.64.189.112 62713 (AS-PUBMATIC)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
4 104.244.42.136 13414 (TWITTER)
3 2a02:fa8:8806... 41041 (VCLK-EU-SE)
3 34.233.22.207 14618 (AMAZON-AES)
4 13.224.193.72 16509 (AMAZON-02)
1 5 54.246.2.88 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
1 2 142.250.185.134 15169 (GOOGLE)
2 3.230.83.122 14618 (AMAZON-AES)
2 34.203.157.179 14618 (AMAZON-AES)
1 2a00:1450:400... 15169 (GOOGLE)
6 13.225.74.103 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:2800:134... 15133 (EDGECAST)
1 104.244.43.131 54113 (FASTLY)
2 2606:2800:134... 15133 (EDGECAST)
4 13.225.74.79 16509 (AMAZON-02)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
1 13.225.74.96 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 151.101.13.194 54113 (FASTLY)
2 2.18.235.93 16625 (AKAMAI-AS)
2 2 167.172.1.14 14061 (DIGITALOC...)
2 205.185.216.42 20446 (HIGHWINDS3)
5 2.18.233.180 16625 (AKAMAI-AS)
4 14 3.65.212.7 16509 (AMAZON-02)
2 2600:9000:21f... 16509 (AMAZON-02)
3 13.224.192.221 16509 (AMAZON-02)
12 104.109.78.125 16625 (AKAMAI-AS)
2 185.64.190.78 62713 (AS-PUBMATIC)
5 5 3.66.135.160 16509 (AMAZON-02)
11 12 52.28.82.26 16509 (AMAZON-02)
1 1 13.225.74.18 16509 (AMAZON-02)
7 11 52.209.246.140 16509 (AMAZON-02)
19 23 142.250.184.194 15169 (GOOGLE)
5 5 185.29.135.227 30419 (MEDIAMATH...)
3 3 2620:116:800d... 16509 (AMAZON-02)
4 5 37.157.2.237 198622 (ADFORM)
2 2 3.120.83.159 16509 (AMAZON-02)
4 4 185.64.189.110 62713 (AS-PUBMATIC)
5 5 2.19.35.65 16625 (AKAMAI-AS)
10 107.21.58.76 14618 (AMAZON-AES)
6 6 52.59.28.101 16509 (AMAZON-02)
8 8 3.126.56.137 16509 (AMAZON-02)
8 69.173.144.138 26667 (RUBICONPR...)
2 2 88.214.206.247 46636 (NATCOWEB)
11 11 185.64.190.79 62713 (AS-PUBMATIC)
1 3 2a02:fa8:8806... 41041 (VCLK-EU-SE)
2 2620:1ec:c11:... 8068 (MICROSOFT...)
3 4 2a00:1288:110... 34010 (YAHOO-IRD)
3 6 52.46.130.13 16509 (AMAZON-02)
2 2 70.42.32.95 13789 (INTERNAP-...)
29 43 213.19.147.44 26120 (RHYTHMONE)
1 178.250.0.163 44788 (ASN-CRITE...)
1 35.244.174.68 15169 (GOOGLE)
1 3 185.64.190.81 62713 (AS-PUBMATIC)
6 52.3.173.52 14618 (AMAZON-AES)
1 159.253.128.188 36351 (SOFTLAYER)
1 1 2001:678:cb4:... 56396 (TURN)
4 4 185.64.190.80 62713 (AS-PUBMATIC)
4 4 151.101.114.49 54113 (FASTLY)
1 1 162.55.6.211 24940 (HETZNER-AS)
1 1 35.186.193.173 15169 (GOOGLE)
1 1 54.175.198.118 14618 (AMAZON-AES)
1 1 198.148.27.139 19189 (PULSEPOINT)
2 18.195.155.181 16509 (AMAZON-02)
2 178.162.133.148 60781 (LEASEWEB-...)
2 152.199.22.191 15133 (EDGECAST)
2 193.122.174.27 31898 (ORACLE-BM...)
4 4 216.52.2.48 29791 (VOXEL-DOT...)
2 178.162.133.149 60781 (LEASEWEB-...)
2 2 188.42.196.115 7979 (SERVERS-COM)
1 34.98.67.61 15169 (GOOGLE)
1 72.251.241.204 29791 (VOXEL-DOT...)
1 2 35.170.231.210 14618 (AMAZON-AES)
1 185.64.189.114 62713 (AS-PUBMATIC)
344 98
1    3.226.166.212 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
link.morningbrew.com
24    192.229.233.172 (Culver City, United States)

ASN15133 (EDGECAST, US)
www.xxlmag.com
1    2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
12    192.229.233.181 (Culver City, United States)

ASN15133 (EDGECAST, US)
townsquare.media
1    2600:9000:20eb:e400:7:7419:8e80:21 (United States)

ASN16509 (AMAZON-02, US)
doi3unldljdx6.cloudfront.net.
1    2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
15    2.18.234.21 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com
js-sec.indexww.com
as-sec.casalemedia.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
1    192.229.233.218 (Culver City, United States)

ASN15133 (EDGECAST, US)
cdn.production.townsquareblogs.com
1    34.195.13.237 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-195-13-237.compute-1.amazonaws.com
embed.air.tv
1    2a00:1450:4001:803::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
apis.google.com
1    2a03:2880:f22d:1c2:face:b00c:0:43fe (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
platform.instagram.com
2    2a03:2880:f22d:1e6:face:b00c:0:4420 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.instagram.com
2    104.111.219.144 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-219-144.deploy.static.akamaitechnologies.com
secure.cdn.fastclick.net
2    34.95.69.49 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 49.69.95.34.bc.googleusercontent.com
i.clean.gg
3    13.224.192.34 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-192-34.fra2.r.cloudfront.net
c.amazon-adsystem.com
15    2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)
platform.twitter.com
5    2a03:2880:f02d:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
6    2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2a00:1450:400c:c08::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
12    76.223.111.131 (United States)

ASN16509 (AMAZON-02, US)
PTR: a97adde81b00f2ca4.awsglobalaccelerator.com
match.adsrvr.org
1    34.120.133.55 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 55.133.120.34.bc.googleusercontent.com
api.rlcdn.com
4    142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net
securepubads.g.doubleclick.net
1    2a00:1450:4001:831::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    2a02:fa8:8806:13::1460 (United States)

ASN41041 (VCLK-EU-SE, US)
proc.ad.cpe.dotomi.com
1    151.139.128.11 (United States)

ASN20446 (HIGHWINDS3, US)
cdn-sp-s3.air.tv
6    2a03:2880:f12d:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
4    104.111.247.126 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-247-126.deploy.static.akamaitechnologies.com
cdn.conversant.mgr.consensu.org
2    18.195.223.2 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-223-2.eu-central-1.compute.amazonaws.com
krk.kargo.com
11    134.209.131.220 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
e.serverbid.com
18    37.252.173.62 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
secure.adnxs.com
2    2.18.232.7 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-7.deploy.static.akamaitechnologies.com
a.teads.tv
4    54.77.19.59 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-77-19-59.eu-west-1.compute.amazonaws.com
g2.gumgum.com
22    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
townsquaremedia-d.openx.net
eu-u.openx.net
us-u.openx.net
2    178.162.133.150 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-apex.go.sonobi.com
apex.go.sonobi.com
5    213.19.162.61 (United Kingdom)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
2    13.224.193.35 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-193-35.fra2.r.cloudfront.net
hb.undertone.com
2    2.21.111.28 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-21-111-28.deploy.static.akamaitechnologies.com
htlb.casalemedia.com
2    18.158.84.255 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-158-84-255.eu-central-1.compute.amazonaws.com
tlx.3lift.com
1    213.19.147.43 (United Kingdom)

ASN3356 (LEVEL3, US)
targeting.unrulymedia.com
2    34.107.148.139 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 139.148.107.34.bc.googleusercontent.com
prebid.media.net
1    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
1    2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
2    2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
4    104.244.42.136 (United States)

ASN13414 (TWITTER, US)
syndication.twitter.com
3    2a02:fa8:8806:20::2010 (United States)

ASN41041 (VCLK-EU-SE, US)
api.conversant.mgr.consensu.org
3    34.233.22.207 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-233-22-207.compute-1.amazonaws.com
www.zergnet.com
4    13.224.193.72 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-193-72.fra2.r.cloudfront.net
static.solutionshindsight.net
5    54.246.2.88 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-246-2-88.eu-west-1.compute.amazonaws.com
srv.clickfuse.com
2    2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    142.250.185.134 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f6.1e100.net
5352434.fls.doubleclick.net
2    3.230.83.122 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-230-83-122.compute-1.amazonaws.com
events.air.tv
2    34.203.157.179 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-203-157-179.compute-1.amazonaws.com
counts.air.tv
1    2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
6    13.225.74.103 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-74-103.fra2.r.cloudfront.net
api.solutionshindsight.net
1    2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
1    2606:2800:134:fa2:1627:1fe:edb:1665 (United States)

ASN15133 (EDGECAST, US)
cdn.syndication.twimg.com
1    104.244.43.131 (United States)

ASN54113 (FASTLY, US)
abs-0.twimg.com
2    2606:2800:134:1a0d:1429:742:782:b6 (United States)

ASN15133 (EDGECAST, US)
pbs.twimg.com
4    13.225.74.79 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-74-79.fra2.r.cloudfront.net
img1.zergnet.com
img2.zergnet.com
img4.zergnet.com
1    2606:4700:20::ac43:4686 (United States)

ASN13335 (CLOUDFLARENET, US)
btloader.com
2    2606:4700::6812:b4f (United States)

ASN13335 (CLOUDFLARENET, US)
action.dstillery.com
action.media6degrees.com
1    13.225.74.96 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-74-96.fra2.r.cloudfront.net
sb.scorecardresearch.com
1    2a00:1450:4001:828::2010 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
storage.googleapis.com
1    151.101.13.194 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
confiant-integrations.global.ssl.fastly.net
2    2.18.235.93 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-93.deploy.static.akamaitechnologies.com
contextual.media.net
2    167.172.1.14 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
sync.serverbid.com
2    205.185.216.42 (United States)

ASN20446 (HIGHWINDS3, US)
PTR: map2.hwcdn.net
serverbid-sync.nyc3.cdn.digitaloceanspaces.com
5    2.18.233.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com
ads.pubmatic.com
14    3.65.212.7 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
eb2.3lift.com
2    2600:9000:21f3:d200:1f:2473:9080:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.undertone.com
3    13.224.192.221 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-192-221.fra2.r.cloudfront.net
video.unrulymedia.com
12    104.109.78.125 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-109-78-125.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
2    185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
5    3.66.135.160 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
pm.w55c.net
12    52.28.82.26 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
x.bidswitch.net
1    13.225.74.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-74-18.fra2.r.cloudfront.net
cm.smadex.com
11    52.209.246.140 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
match.prod.bidr.io
23    142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net
cm.g.doubleclick.net
5    185.29.135.227 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
3    2620:116:800d:21:51e4:db4b:4436:b305 (United States)

ASN16509 (AMAZON-02, US)
pixel.quantserve.com
cms.quantserve.com
5    37.157.2.237 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
2    3.120.83.159 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
ads.creative-serving.com
4    185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
5    2.19.35.65 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-35-65.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
10    107.21.58.76 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-21-58-76.compute-1.amazonaws.com
usr.undertone.com
6    52.59.28.101 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-59-28-101.eu-central-1.compute.amazonaws.com
pixel.advertising.com
8    3.126.56.137 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
ups.analytics.yahoo.com
8    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
token.rubiconproject.com
2    88.214.206.247 (United Kingdom)

ASN46636 (NATCOWEB, US)
PTR: buycheapfags.com
cs.admanmedia.com
11    185.64.190.79 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image8.pubmatic.com
3    2a02:fa8:8806:13::1400 (United States)

ASN41041 (VCLK-EU-SE, US)
pubmatic-match.dotomi.com
casale-match.dotomi.com
2    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
4    2a00:1288:110:c305::8000 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
pr-bh.ybp.yahoo.com
6    52.46.130.13 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
2    70.42.32.95 (United States)

ASN13789 (INTERNAP-BLK3, US)
PTR: ny.outbrain.com
b1sync.zemanta.com
43    213.19.147.44 (United Kingdom)

ASN26120 (RHYTHMONE, US)
usermatch.targeting.unrulymedia.com
sync.1rx.io
sync.targeting.unrulymedia.com
1    178.250.0.163 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
1    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
idsync.rlcdn.com
3    185.64.190.81 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
6    52.3.173.52 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
rtb.adentifi.com
1    159.253.128.188 (Amsterdam, Netherlands)

ASN36351 (SOFTLAYER, US)
PTR: bc.80.fd9f.ip4.static.sl-reverse.com
um.simpli.fi
1    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (TURN, GB)
ad.turn.com
4    185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
4    151.101.114.49 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    162.55.6.211 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.211.6.55.162.clients.your-server.de
csync.loopme.me
1    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
cm.ctnsnet.com
1    54.175.198.118 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
sync.srv.stackadapt.com
1    198.148.27.139 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
2    18.195.155.181 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
cs.emxdgt.com
2    178.162.133.148 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
go.sonobi.com
2    152.199.22.191 (United States)

ASN15133 (EDGECAST, US)
ad-cdn.technoratimedia.com
2    193.122.174.27 (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)
sync.technoratimedia.com
4    216.52.2.48 (United States)

ASN29791 (VOXEL-DOT-NET, US)
ap.lijit.com
2    178.162.133.149 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-sync.go.sonobi.com
sync.go.sonobi.com
2    188.42.196.115 (Luxembourg)

ASN7979 (SERVERS-COM, US)
ads.betweendigital.com
1    34.98.67.61 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 61.67.98.34.bc.googleusercontent.com
odr.mookie1.com
1    72.251.241.204 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)
cm.adgrx.com
2    35.170.231.210 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-170-231-210.compute-1.amazonaws.com
um2.eqads.com
1    185.64.189.114 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage4.pubmatic.com
Apex Domain
Subdomains		 Transfer
31 pubmatic.com
hbopenbid.pubmatic.com
ads.pubmatic.com
image6.pubmatic.com
image2.pubmatic.com
image8.pubmatic.com
image4.pubmatic.com
simage2.pubmatic.com
simage4.pubmatic.com
63 KB
30 rubiconproject.com
fastlane.rubiconproject.com
eus.rubiconproject.com
secure-assets.rubiconproject.com
pixel.rubiconproject.com
token.rubiconproject.com
73 KB
30 doubleclick.net
stats.g.doubleclick.net
securepubads.g.doubleclick.net
5352434.fls.doubleclick.net
cm.g.doubleclick.net
259 KB
29 unrulymedia.com
targeting.unrulymedia.com
video.unrulymedia.com
usermatch.targeting.unrulymedia.com
sync.targeting.unrulymedia.com
14 KB
24 xxlmag.com
www.xxlmag.com
328 KB
22 openx.net
townsquaremedia-d.openx.net
eu-u.openx.net
us-u.openx.net
5 KB
19 twitter.com
platform.twitter.com
syndication.twitter.com
386 KB
18 1rx.io
sync.1rx.io
5 KB
18 adnxs.com
ib.adnxs.com
secure.adnxs.com
12 KB
16 3lift.com
tlx.3lift.com
eb2.3lift.com
7 KB
14 undertone.com
hb.undertone.com
cdn.undertone.com
usr.undertone.com
8 KB
14 casalemedia.com
as-sec.casalemedia.com
htlb.casalemedia.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
11 KB
13 serverbid.com
e.serverbid.com
sync.serverbid.com
930 B
12 yahoo.com
ups.analytics.yahoo.com
pr-bh.ybp.yahoo.com
10 KB
12 bidswitch.net
x.bidswitch.net
4 KB
12 adsrvr.org
match.adsrvr.org
5 KB
12 townsquare.media
townsquare.media
998 KB
11 bidr.io
match.prod.bidr.io
5 KB
10 solutionshindsight.net
static.solutionshindsight.net
api.solutionshindsight.net
30 KB
9 amazon-adsystem.com
c.amazon-adsystem.com
s.amazon-adsystem.com
38 KB
7 zergnet.com
www.zergnet.com
img1.zergnet.com
img2.zergnet.com
img4.zergnet.com
86 KB
7 consensu.org
cdn.conversant.mgr.consensu.org
api.conversant.mgr.consensu.org
181 KB
6 adentifi.com
rtb.adentifi.com
528 B
6 advertising.com
pixel.advertising.com
2 KB
6 sonobi.com
apex.go.sonobi.com
go.sonobi.com
sync.go.sonobi.com
4 KB
6 facebook.com
www.facebook.com
474 B
6 gstatic.com
fonts.gstatic.com
94 KB
6 air.tv
embed.air.tv
cdn-sp-s3.air.tv
events.air.tv
counts.air.tv
103 KB
5 adform.net
c1.adform.net
2 KB
5 mathtag.com
sync.mathtag.com
3 KB
5 w55c.net
pm.w55c.net
4 KB
5 clickfuse.com
srv.clickfuse.com
12 KB
5 facebook.net
connect.facebook.net
242 KB
4 lijit.com
ap.lijit.com
2 KB
4 technoratimedia.com
ad-cdn.technoratimedia.com
sync.technoratimedia.com
12 KB
4 everesttech.net
sync-tm.everesttech.net
1 KB
4 twimg.com
cdn.syndication.twimg.com
abs-0.twimg.com
pbs.twimg.com
65 KB
4 media.net
prebid.media.net
contextual.media.net
16 KB
4 gumgum.com
g2.gumgum.com
4 KB
4 dotomi.com
proc.ad.cpe.dotomi.com
pubmatic-match.dotomi.com
casale-match.dotomi.com
1015 B
3 quantserve.com
pixel.quantserve.com
cms.quantserve.com
1 KB
3 instagram.com
platform.instagram.com
www.instagram.com
5 KB
3 google.com
apis.google.com
www.google.com
adservice.google.com
1 KB
3 indexww.com
js-sec.indexww.com
16 KB
3 google-analytics.com
www.google-analytics.com
20 KB
2 eqads.com
um2.eqads.com
563 B
2 betweendigital.com
ads.betweendigital.com
1023 B
2 emxdgt.com
cs.emxdgt.com
2 zemanta.com
b1sync.zemanta.com
602 B
2 bing.com
c.bing.com
714 B
2 admanmedia.com
cs.admanmedia.com
826 B
2 creative-serving.com
ads.creative-serving.com
1 KB
2 digitaloceanspaces.com
serverbid-sync.nyc3.cdn.digitaloceanspaces.com
11 KB
2 googletagmanager.com
www.googletagmanager.com
69 KB
2 youtube.com
www.youtube.com
43 KB
2 teads.tv
a.teads.tv
496 B
2 kargo.com
krk.kargo.com
1 KB
2 google.de
www.google.de
adservice.google.de
1 KB
2 rlcdn.com
api.rlcdn.com
idsync.rlcdn.com
394 B
2 clean.gg
i.clean.gg
104 B
2 fastclick.net
secure.cdn.fastclick.net
19 KB
2 googleapis.com
fonts.googleapis.com
storage.googleapis.com
12 KB
1 adgrx.com
cm.adgrx.com
408 B
1 mookie1.com
odr.mookie1.com
324 B
1 contextweb.com
bh.contextweb.com
392 B
1 stackadapt.com
sync.srv.stackadapt.com
605 B
1 ctnsnet.com
cm.ctnsnet.com
392 B
1 loopme.me
csync.loopme.me
211 B
1 turn.com
ad.turn.com
518 B
1 simpli.fi
um.simpli.fi
609 B
1 criteo.com
dis.criteo.com
338 B
1 smadex.com
cm.smadex.com
525 B
1 fastly.net
confiant-integrations.global.ssl.fastly.net
28 KB
1 scorecardresearch.com
sb.scorecardresearch.com
2 KB
1 media6degrees.com
action.media6degrees.com
233 B
1 dstillery.com
action.dstillery.com
252 B
1 btloader.com
btloader.com
11 KB
1 googlesyndication.com
pagead2.googlesyndication.com
48 KB
1 townsquareblogs.com
cdn.production.townsquareblogs.com
94 KB
1 googletagservices.com
www.googletagservices.com
24 KB
1 net.
doi3unldljdx6.cloudfront.net.
37 KB
1 morningbrew.com
link.morningbrew.com
583 B
0 id5-sync.com Failed
id5-sync.com Failed
0 tapad.com Failed
pixel.tapad.com Failed
344 84
Domain Requested by
24 www.xxlmag.com www.xxlmag.com
doi3unldljdx6.cloudfront.net.
23 cm.g.doubleclick.net 19 redirects eu-u.openx.net
eb2.3lift.com
18 sync.1rx.io 17 redirects video.unrulymedia.com
17 ib.adnxs.com 10 redirects cdn.production.townsquareblogs.com
cdn.undertone.com
eb2.3lift.com
15 platform.twitter.com doi3unldljdx6.cloudfront.net.
platform.twitter.com
14 eb2.3lift.com 4 redirects doi3unldljdx6.cloudfront.net.
eb2.3lift.com
13 usermatch.targeting.unrulymedia.com 12 redirects video.unrulymedia.com
12 sync.targeting.unrulymedia.com video.unrulymedia.com
ssum-sec.casalemedia.com
12 x.bidswitch.net 11 redirects ssum-sec.casalemedia.com
12 eus.rubiconproject.com doi3unldljdx6.cloudfront.net.
eus.rubiconproject.com
cdn.undertone.com
video.unrulymedia.com
serverbid-sync.nyc3.cdn.digitaloceanspaces.com
12 eu-u.openx.net 2 redirects doi3unldljdx6.cloudfront.net.
eu-u.openx.net
12 match.adsrvr.org 6 redirects js-sec.indexww.com
eu-u.openx.net
eb2.3lift.com
ssum-sec.casalemedia.com
12 townsquare.media www.xxlmag.com
doi3unldljdx6.cloudfront.net.
11 image8.pubmatic.com 11 redirects
11 match.prod.bidr.io 7 redirects eu-u.openx.net
ads.pubmatic.com
video.unrulymedia.com
11 e.serverbid.com cdn.production.townsquareblogs.com
serverbid-sync.nyc3.cdn.digitaloceanspaces.com
10 usr.undertone.com cdn.undertone.com
ads.pubmatic.com
8 ups.analytics.yahoo.com 8 redirects
8 us-u.openx.net 2 redirects eu-u.openx.net
7 ssum-sec.casalemedia.com 3 redirects js-sec.indexww.com
video.unrulymedia.com
ssum-sec.casalemedia.com
6 token.rubiconproject.com eus.rubiconproject.com
6 rtb.adentifi.com ads.pubmatic.com
6 s.amazon-adsystem.com 3 redirects eb2.3lift.com
ssum-sec.casalemedia.com
6 pixel.advertising.com 6 redirects
6 api.solutionshindsight.net static.solutionshindsight.net
doi3unldljdx6.cloudfront.net.
6 www.facebook.com www.xxlmag.com
doi3unldljdx6.cloudfront.net.
connect.facebook.net
6 fonts.gstatic.com fonts.googleapis.com
5 secure-assets.rubiconproject.com 5 redirects
5 c1.adform.net 4 redirects ads.pubmatic.com
5 sync.mathtag.com 5 redirects
5 pm.w55c.net 5 redirects
5 ads.pubmatic.com doi3unldljdx6.cloudfront.net.
ads.pubmatic.com
serverbid-sync.nyc3.cdn.digitaloceanspaces.com
5 srv.clickfuse.com 1 redirects doi3unldljdx6.cloudfront.net.
srv.clickfuse.com
www.xxlmag.com
5 fastlane.rubiconproject.com cdn.production.townsquareblogs.com
5 connect.facebook.net doi3unldljdx6.cloudfront.net.
4 ap.lijit.com 4 redirects
4 sync-tm.everesttech.net 4 redirects
4 simage2.pubmatic.com 4 redirects
4 pr-bh.ybp.yahoo.com 3 redirects ads.pubmatic.com
4 image2.pubmatic.com 4 redirects
4 static.solutionshindsight.net doi3unldljdx6.cloudfront.net.
4 syndication.twitter.com platform.twitter.com
www.xxlmag.com
4 g2.gumgum.com cdn.production.townsquareblogs.com
4 cdn.conversant.mgr.consensu.org doi3unldljdx6.cloudfront.net.
cdn.conversant.mgr.consensu.org
4 securepubads.g.doubleclick.net doi3unldljdx6.cloudfront.net.
www.googletagservices.com
www.xxlmag.com
3 dsum-sec.casalemedia.com 1 redirects ssum-sec.casalemedia.com
um2.eqads.com
3 image4.pubmatic.com 1 redirects ads.pubmatic.com
3 video.unrulymedia.com doi3unldljdx6.cloudfront.net.
video.unrulymedia.com
3 www.zergnet.com doi3unldljdx6.cloudfront.net.
3 api.conversant.mgr.consensu.org cdn.conversant.mgr.consensu.org
3 c.amazon-adsystem.com doi3unldljdx6.cloudfront.net.
c.amazon-adsystem.com
3 js-sec.indexww.com www.xxlmag.com
doi3unldljdx6.cloudfront.net.
3 www.google-analytics.com www.xxlmag.com
www.google-analytics.com
2 um2.eqads.com 1 redirects ssum-sec.casalemedia.com
2 ads.betweendigital.com 2 redirects
2 sync.go.sonobi.com serverbid-sync.nyc3.cdn.digitaloceanspaces.com
2 sync.technoratimedia.com serverbid-sync.nyc3.cdn.digitaloceanspaces.com
2 ad-cdn.technoratimedia.com serverbid-sync.nyc3.cdn.digitaloceanspaces.com
2 go.sonobi.com serverbid-sync.nyc3.cdn.digitaloceanspaces.com
2 cs.emxdgt.com serverbid-sync.nyc3.cdn.digitaloceanspaces.com
2 b1sync.zemanta.com 2 redirects
2 c.bing.com eb2.3lift.com
2 pubmatic-match.dotomi.com cdn.undertone.com
2 cs.admanmedia.com 2 redirects
2 pixel.rubiconproject.com cdn.undertone.com
2 ads.creative-serving.com 2 redirects
2 pixel.quantserve.com 2 redirects
2 image6.pubmatic.com ads.pubmatic.com
2 cdn.undertone.com doi3unldljdx6.cloudfront.net.
2 serverbid-sync.nyc3.cdn.digitaloceanspaces.com doi3unldljdx6.cloudfront.net.
2 sync.serverbid.com 2 redirects
2 contextual.media.net doi3unldljdx6.cloudfront.net.
2 img2.zergnet.com www.xxlmag.com
2 pbs.twimg.com www.xxlmag.com
2 counts.air.tv cdn-sp-s3.air.tv
2 events.air.tv cdn-sp-s3.air.tv
2 5352434.fls.doubleclick.net 1 redirects doi3unldljdx6.cloudfront.net.
2 www.googletagmanager.com doi3unldljdx6.cloudfront.net.
2 www.youtube.com doi3unldljdx6.cloudfront.net.
2 prebid.media.net cdn.production.townsquareblogs.com
2 tlx.3lift.com cdn.production.townsquareblogs.com
2 htlb.casalemedia.com cdn.production.townsquareblogs.com
2 hb.undertone.com cdn.production.townsquareblogs.com
2 apex.go.sonobi.com cdn.production.townsquareblogs.com
2 townsquaremedia-d.openx.net cdn.production.townsquareblogs.com
2 a.teads.tv cdn.production.townsquareblogs.com
2 krk.kargo.com cdn.production.townsquareblogs.com
2 i.clean.gg doi3unldljdx6.cloudfront.net.
2 secure.cdn.fastclick.net www.xxlmag.com
doi3unldljdx6.cloudfront.net.
2 www.instagram.com 1 redirects www.xxlmag.com
1 simage4.pubmatic.com ads.pubmatic.com
1 cm.adgrx.com ssum-sec.casalemedia.com
1 dsum.casalemedia.com ssum-sec.casalemedia.com
1 casale-match.dotomi.com 1 redirects
1 odr.mookie1.com serverbid-sync.nyc3.cdn.digitaloceanspaces.com
1 cms.quantserve.com 1 redirects
1 bh.contextweb.com 1 redirects
1 sync.srv.stackadapt.com 1 redirects
1 secure.adnxs.com 1 redirects
1 cm.ctnsnet.com 1 redirects
1 csync.loopme.me 1 redirects
1 ad.turn.com 1 redirects
1 um.simpli.fi ads.pubmatic.com
1 idsync.rlcdn.com ads.pubmatic.com
1 dis.criteo.com ads.pubmatic.com
1 cm.smadex.com 1 redirects
1 confiant-integrations.global.ssl.fastly.net www.xxlmag.com
1 storage.googleapis.com www.xxlmag.com
1 sb.scorecardresearch.com doi3unldljdx6.cloudfront.net.
1 action.media6degrees.com
1 action.dstillery.com 1 redirects
1 btloader.com doi3unldljdx6.cloudfront.net.
1 img4.zergnet.com www.xxlmag.com
1 img1.zergnet.com www.xxlmag.com
1 abs-0.twimg.com www.xxlmag.com
1 cdn.syndication.twimg.com platform.twitter.com
1 adservice.google.de adservice.google.com
1 adservice.google.com 5352434.fls.doubleclick.net
1 pagead2.googlesyndication.com doi3unldljdx6.cloudfront.net.
1 hbopenbid.pubmatic.com cdn.production.townsquareblogs.com
1 targeting.unrulymedia.com cdn.production.townsquareblogs.com
1 as-sec.casalemedia.com js-sec.indexww.com
1 cdn-sp-s3.air.tv doi3unldljdx6.cloudfront.net.
1 proc.ad.cpe.dotomi.com secure.cdn.fastclick.net
1 www.google.de www.xxlmag.com
1 www.google.com www.xxlmag.com
1 api.rlcdn.com js-sec.indexww.com
1 stats.g.doubleclick.net www.google-analytics.com
1 platform.instagram.com 1 redirects
1 apis.google.com www.xxlmag.com
1 embed.air.tv www.xxlmag.com
1 cdn.production.townsquareblogs.com www.xxlmag.com
1 www.googletagservices.com www.xxlmag.com
1 doi3unldljdx6.cloudfront.net. www.xxlmag.com
1 fonts.googleapis.com www.xxlmag.com
1 link.morningbrew.com 1 redirects
0 id5-sync.com Failed
0 pixel.tapad.com Failed
344 138
Subject Issuer Validity Valid
www5.townsquaremedia.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-04-22 -
2021-10-26		 6 months crt.sh
upload.video.google.com
GTS CA 1O1		 2021-06-22 -
2021-09-14		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-06-22 -
2021-09-14		 3 months crt.sh
www6.townsquaremedia.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-04-09 -
2021-10-26		 7 months crt.sh
*.cloudfront.net
Amazon		 2021-03-19 -
2022-03-17		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-06-22 -
2021-09-14		 3 months crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-02-05 -
2022-02-09		 a year crt.sh
www8.townsquaremedia.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-06-09 -
2021-10-27		 5 months crt.sh
*.air.tv
Amazon		 2020-07-31 -
2021-08-31		 a year crt.sh
*.apis.google.com
GTS CA 1C3		 2021-06-22 -
2021-09-14		 3 months crt.sh
*.www.instagram.com
DigiCert SHA2 High Assurance Server CA		 2021-06-19 -
2021-09-17		 3 months crt.sh
secure.cdn.fastclick.net
DigiCert SHA2 Secure Server CA		 2021-03-11 -
2022-03-15		 a year crt.sh
i.clean.gg
GTS CA 1D4		 2021-06-28 -
2021-09-26		 3 months crt.sh
c.amazon-adsystem.com
Amazon		 2020-08-04 -
2021-08-02		 a year crt.sh
*.twimg.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-05 -
2021-11-09		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-05-26 -
2021-08-24		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-06-22 -
2021-09-14		 3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-18 -
2022-04-19		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-25 -
2022-03-28		 a year crt.sh
www.google.com
GTS CA 1C3		 2021-06-22 -
2021-09-14		 3 months crt.sh
www.google.de
GTS CA 1C3		 2021-06-22 -
2021-09-14		 3 months crt.sh
ad.cpe.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2020-03-30 -
2022-06-25		 2 years crt.sh
cdn-sp-s3.air.tv
R3		 2021-05-12 -
2021-08-10		 3 months crt.sh
cdn.conversant.mgr.consensu.org
R3		 2021-06-07 -
2021-09-05		 3 months crt.sh
*.dev.kargo.com
Amazon		 2021-03-16 -
2022-04-14		 a year crt.sh
e.serverbid.com
R3		 2021-06-01 -
2021-08-30		 3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2021-03-05 -
2022-02-19		 a year crt.sh
teads.tv
R3		 2021-06-14 -
2021-09-12		 3 months crt.sh
*.gumgum.com
Amazon		 2021-06-05 -
2022-07-04		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2020-06-18 -
2021-08-17		 a year crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2		 2020-12-06 -
2022-01-07		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-12-18 -
2022-01-18		 a year crt.sh
*.undertone.com
Amazon		 2020-11-03 -
2021-12-02		 a year crt.sh
*.3lift.com
Amazon		 2021-06-12 -
2022-07-11		 a year crt.sh
*.targeting.unrulymedia.com
DigiCert SHA2 Secure Server CA		 2020-05-04 -
2022-05-09		 2 years crt.sh
*.media.net
Sectigo RSA Domain Validation Secure Server CA		 2021-04-12 -
2022-05-05		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2020-12-07 -
2021-12-14		 a year crt.sh
*.google.com
GTS CA 1C3		 2021-06-22 -
2021-09-14		 3 months crt.sh
syndication.twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-02-05 -
2022-02-04		 a year crt.sh
*.conversant.mgr.consensu.org
GlobalSign RSA OV SSL CA 2018		 2020-03-31 -
2022-06-06		 2 years crt.sh
*.zergnet.com
Amazon		 2021-04-12 -
2022-05-11		 a year crt.sh
solutionshindsight.net
Amazon		 2021-02-19 -
2022-03-20		 a year crt.sh
srv.clickfuse.com
Amazon		 2020-11-23 -
2021-12-22		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2021-06-22 -
2021-09-14		 3 months crt.sh
*.google.de
GTS CA 1C3		 2021-06-22 -
2021-09-14		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-10-06 -
2021-10-06		 a year crt.sh
dstillery.com
Sectigo RSA Domain Validation Secure Server CA		 2021-04-09 -
2022-05-10		 a year crt.sh
*.scorecardresearch.com
Amazon		 2021-02-28 -
2022-03-29		 a year crt.sh
*.storage.googleapis.com
GTS CA 1O1		 2021-06-22 -
2021-09-14		 3 months crt.sh
*.freetls.fastly.net
GlobalSign Atlas R3 DV TLS CA 2020		 2021-04-27 -
2022-05-29		 a year crt.sh
*.nyc3.cdn.digitaloceanspaces.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-03-30 -
2022-04-30		 a year crt.sh
*.unrulymedia.com
Sectigo RSA Domain Validation Secure Server CA		 2020-10-16 -
2021-11-16		 a year crt.sh
*.match.prod.bidr.io
Amazon		 2021-02-26 -
2022-03-27		 a year crt.sh
*.k8s-cluster-p-us-east-1.ramp-ut.io
Amazon		 2020-11-18 -
2021-12-18		 a year crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2019-06-19 -
2021-08-31		 2 years crt.sh
www.bing.com
Microsoft RSA TLS CA 01		 2021-04-12 -
2021-10-12		 6 months crt.sh
s.amazon-adsystem.com
Amazon		 2020-08-28 -
2021-08-20		 a year crt.sh
track.adform.net
DigiCert SHA2 Secure Server CA		 2019-09-16 -
2021-09-20		 2 years crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-06-27 -
2021-09-24		 3 months crt.sh
adentifi.com
Amazon		 2020-10-02 -
2021-11-02		 a year crt.sh
*.simpli.fi
DigiCert SHA2 Secure Server CA		 2019-09-18 -
2021-12-12		 2 years crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-03-29 -
2021-09-22		 6 months crt.sh
*.1rx.io
Sectigo RSA Domain Validation Secure Server CA		 2021-06-01 -
2022-07-02		 a year crt.sh
*.emxdgt.com
Go Daddy Secure Certificate Authority - G2		 2021-05-18 -
2022-06-19		 a year crt.sh
*.technoratimedia.com
DigiCert SHA2 High Assurance Server CA		 2020-07-28 -
2021-10-01		 a year crt.sh
*.mookie1.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-02-22 -
2022-03-25		 a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2020-04-23 -
2022-05-04		 2 years crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-24 -
2022-03-26		 a year crt.sh
um3.eqads.com
Amazon		 2021-06-26 -
2022-07-25		 a year crt.sh

This page contains 56 frames:

Primary Page: https://www.xxlmag.com/kanye-west-adidas-sneakers-nike-socks/?utm_source=morning_brew
Frame ID: 06A34D8DF74D3D591EFBEB19559502B0
Requests: 152 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.06c6ee58c3810956b7509218508c7b56.html?origin=https%3A%2F%2Fwww.xxlmag.com
Frame ID: B73F54E55FA14EF79B8B66BE53E013E8
Requests: 2 HTTP requests in this frame

Frame: https://5352434.fls.doubleclick.net/activityi;dc_pre=CJSL1sex1_ECFTniuwgdEdcLFQ;src=5352434;type=xxlmag;cat=xxl_f0;ord=1411766397089;gtm=2od770;auiddc=149742296.1625881763;~oref=https%3A%2F%2Fwww.xxlmag.com%2Fkanye-west-adidas-sneakers-nike-socks%2F%3Futm_source%3Dmorning_brew
Frame ID: 5F4D51D8CDBB9C0CEB69ABFE5891C746
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/follow_button.06c6ee58c3810956b7509218508c7b56.en.html
Frame ID: 8D12495A2BC4B4CF1480D7891A8FE4FF
Requests: 2 HTTP requests in this frame

Frame: https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-1&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3R3ZWV0X2VtYmVkX2NsaWNrYWJpbGl0eV8xMjEwMiI6eyJidWNrZXQiOiJjb250cm9sIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1412836987506135046&lang=en&origin=https%3A%2F%2Fwww.xxlmag.com%2Fkanye-west-adidas-sneakers-nike-socks%2F&sessionId=48409f860d7f0e16deaa3cd038dcaf29d4017556&siteScreenName=XXL&theme=light&widgetsVersion=82e1070%3A1619632193066&width=550px
Frame ID: D238DDEC4180B07A8363FC99DE996C1C
Requests: 16 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CJSL1sex1_ECFTniuwgdEdcLFQ;src=5352434;type=xxlmag;cat=xxl_f0;ord=1411766397089;gtm=2od770;auiddc=149742296.1625881763;~oref=https%3A%2F%2Fwww.xxlmag.com%2Fkanye-west-adidas-sneakers-nike-socks%2F%3Futm_source%3Dmorning_brew
Frame ID: 2BF4B1738AE9067EB34C44C8FC605CB6
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.de/ddm/fls/i/dc_pre=CJSL1sex1_ECFTniuwgdEdcLFQ;src=5352434;type=xxlmag;cat=xxl_f0;ord=1411766397089;gtm=2od770;auiddc=149742296.1625881763;~oref=https%3A%2F%2Fwww.xxlmag.com%2Fkanye-west-adidas-sneakers-nike-socks%2F%3Futm_source%3Dmorning_brew
Frame ID: 8729CEBE82FC4147DBBAF53AA18D3F84
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v2.8/plugins/like.php?action=like&app_id=184854740153433&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df283dc54ce7c%26domain%3Dwww.xxlmag.com%26origin%3Dhttps%253A%252F%252Fwww.xxlmag.com%252Ff214ed64626afc%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.facebook.com%2Fxxlmag&layout=button&locale=en_US&sdk=joey&share=false&show_faces=false&width=47px
Frame ID: A561ABC67614F24E98D44E3200E34D86
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: 92C1D8518E6AA1B7588C5DF7792F0C3F
Requests: 8 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 6642F08EA537664DD61427B05B75CA42
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUMP71D3&prvid=77&purpose1=1&gdprconsent=0&gdpr=1&usp_status=0&usp_consent=1&itype=PREBID
Frame ID: A1088F2A21F476169E4D0D8F0DA126B7
Requests: 1 HTTP requests in this frame

Frame: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000775.html
Frame ID: 5256897EB7EF6072DFC540600AED96EC
Requests: 8 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: D55F90A1985B0F306A4658FF90BDF114
Requests: 16 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?&ld=1
Frame ID: 149194DD34B5D0DA3931F6CA7BB346ED
Requests: 11 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=eceef17b-3677-408c-87cd-98b37bb51f08&gdpr=1
Frame ID: 7AAED55F9F836476A37766742DD8C393
Requests: 11 HTTP requests in this frame

Frame: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000775.html
Frame ID: 43F5AFCACF025BC2C5970F8D4B4136CA
Requests: 8 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=eceef17b-3677-408c-87cd-98b37bb51f08&gdpr=1
Frame ID: 12EAFC2A47A20752C25CA93510410371
Requests: 11 HTTP requests in this frame

Frame: https://cdn.undertone.com/js/usersync.html
Frame ID: CB2A7E00B59A9A3B9A902ACE8164D4DF
Requests: 8 HTTP requests in this frame

Frame: https://cdn.undertone.com/js/usersync.html
Frame ID: 529B219E51FDF3143C42BB83A5D08266
Requests: 8 HTTP requests in this frame

Frame: https://video.unrulymedia.com/iframes/third-party-iframes.html
Frame ID: 703BBB27A6063795DD7BF265FC96E25F
Requests: 6 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUMP71D3&prvid=77&purpose1=1&gdprconsent=0&gdpr=1&usp_status=0&usp_consent=1&itype=PREBID
Frame ID: DA884C43229D57B7A6CFD2C58AB02D5D
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 29A90BF43925A91CC321147EA9DDBC15
Requests: 2 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: E1E05CB795F6FD1D7CDE3E18233E5614
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?&ld=1
Frame ID: 97A2D70424C02E84C31B7A3C82A4FEFD
Requests: 11 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 460479B25FF710081E6F11AFFE1DEB6A
Requests: 3 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=CPJGd5iPJGd5iAXADAENBiCgAAAAAH_AAAAAAAAQEAJMNS-AC7EscGTaNKoUQIwrCQ6AUAFFAMLRNYQMDgp2VgEeoIWACE1ARgRAgxBRiwCAAQCAJCIgJADwQCIAiAQAAgBUgIQAETAILACwMAgAFANCxAigCECQgyOCo5TAgIkWignsrAEou9jTCEMosAKBR_RUYCJQggWBkJCwcxwBIAAA.YAAAAAAAAAAA&d=https://www.xxlmag.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: AD650DC6F4FD1E2148825EADB74EB1F7
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=CPJGd5iPJGd5iAXADAENBiCgAAAAAH_AAAAAAAAQEAJMNS-AC7EscGTaNKoUQIwrCQ6AUAFFAMLRNYQMDgp2VgEeoIWACE1ARgRAgxBRiwCAAQCAJCIgJADwQCIAiAQAAgBUgIQAETAILACwMAgAFANCxAigCECQgyOCo5TAgIkWignsrAEou9jTCEMosAKBR_RUYCJQggWBkJCwcxwBIAAA.YAAAAAAAAAAA&d=https://www.xxlmag.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 761C3D267D034D7C5159E889CBD507E1
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=12776
Frame ID: 4E7E7F5E8D68C3BC83D61B7885544083
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=12776
Frame ID: A6F9526F92F14CBCD7D65868B69F0602
Requests: 3 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=6BAACCB9-48E3-49D2-BFE9-D4BC33D3906D
Frame ID: 3105B3573959549AE73C5B1900F0A414
Requests: 1 HTTP requests in this frame

Frame: https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
Frame ID: 9E031828677863C28F179067FDE8B8B0
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: CD1906922B86F58F3557B69FA7D30BF9
Requests: 1 HTTP requests in this frame

Frame: https://sync.targeting.unrulymedia.com/csync/RX-a399cdfd-f431-4a18-9179-44ff40a40442-003
Frame ID: 200B0D69874D15CE69C68148738DBA1B
Requests: 1 HTTP requests in this frame

Frame: https://sync.targeting.unrulymedia.com/csync/RX-a399cdfd-f431-4a18-9179-44ff40a40442-003
Frame ID: 60092EB1741A6A997A726BE19A751CFE
Requests: 1 HTTP requests in this frame

Frame: https://sync.targeting.unrulymedia.com/csync/RX-a399cdfd-f431-4a18-9179-44ff40a40442-003
Frame ID: B3BAC6A3D95517F9A4B9140518CE4700
Requests: 1 HTTP requests in this frame

Frame: https://sync.targeting.unrulymedia.com/csync/RX-a399cdfd-f431-4a18-9179-44ff40a40442-003
Frame ID: 54DF161B348460BA9B01F2ECB133ADD2
Requests: 1 HTTP requests in this frame

Frame: https://sync.targeting.unrulymedia.com/csync/RX-a399cdfd-f431-4a18-9179-44ff40a40442-003
Frame ID: 12420101BE62E7CEAE980D49451BCDC8
Requests: 1 HTTP requests in this frame

Frame: https://sync.targeting.unrulymedia.com/csync/RX-a399cdfd-f431-4a18-9179-44ff40a40442-003
Frame ID: 6D56AA208A41415242B36AC00EE2EB28
Requests: 1 HTTP requests in this frame

Frame: https://sync.targeting.unrulymedia.com/csync/RX-a399cdfd-f431-4a18-9179-44ff40a40442-003
Frame ID: CB722D2297089D6CD3A93C192A05B6D1
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=unruly&endpoint=us-east
Frame ID: F95BDBAFF728212C94AEC54B92D64A4C
Requests: 3 HTTP requests in this frame

Frame: https://sync.targeting.unrulymedia.com/csync/RX-a399cdfd-f431-4a18-9179-44ff40a40442-003
Frame ID: AF5B962CB6B1AB2D96F83FB16F957443
Requests: 1 HTTP requests in this frame

Frame: https://sync.targeting.unrulymedia.com/csync/RX-a399cdfd-f431-4a18-9179-44ff40a40442-003
Frame ID: 97C7A9CD41ABF51AE626CB4F4135CE1F
Requests: 1 HTTP requests in this frame

Frame: https://sync.targeting.unrulymedia.com/csync/RX-a399cdfd-f431-4a18-9179-44ff40a40442-003
Frame ID: 91051706C84399F7DC60FC2359591A42
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusermatch.targeting.unrulymedia.com%2Fusermatch%2Fcasale%2F&s=182257&C=1
Frame ID: BD63589BE8B193E3E014EC9196F38672
Requests: 9 HTTP requests in this frame

Frame: https://match.prod.bidr.io/cookie-sync/unr?_bee_ppp=1
Frame ID: 3B33CC9C763C59A02713FCE0B2F05D8B
Requests: 1 HTTP requests in this frame

Frame: https://cs.emxdgt.com/um?ssp=pbs&redirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D44%26userId%3D%24UID
Frame ID: B0E20F36B974ADF8BB5F055B335E8BD0
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
Frame ID: AD682ED04063B3049EA307741FE03842
Requests: 3 HTTP requests in this frame

Frame: https://go.sonobi.com/uc.html?pubid=e55fb5d7c2
Frame ID: EC3B1097FF0146EDE51CE0C1D4AB7C93
Requests: 1 HTTP requests in this frame

Frame: https://ad-cdn.technoratimedia.com/html/usersync.html
Frame ID: 0E5DE73FA59F1E43503FDDF7E53B739F
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&userIdMacro=PM_UID&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3DPM_UID
Frame ID: 2882C5B3005EA34A744504F777C0D338
Requests: 1 HTTP requests in this frame

Frame: https://cs.emxdgt.com/um?ssp=pbs&redirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D44%26userId%3D%24UID
Frame ID: 2E629E60B80776CFFC60D8340BFCCB12
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
Frame ID: 6F220190B29E21BFF4A536EE40E3A026
Requests: 3 HTTP requests in this frame

Frame: https://go.sonobi.com/uc.html?pubid=e55fb5d7c2
Frame ID: D9B830CAE042C1E70FBBE822BAFFF4B5
Requests: 1 HTTP requests in this frame

Frame: https://ad-cdn.technoratimedia.com/html/usersync.html
Frame ID: 2C07439C5D6EE865B4631BE85425C5C7
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&userIdMacro=PM_UID&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3DPM_UID
Frame ID: 46CDA2B59C70625A7D825F211B708BE1
Requests: 1 HTTP requests in this frame

Frame: https://um2.eqads.com/um/cs&eq_cc=1
Frame ID: FF42C54B20E0DAF9280B500FA5A0EFE2
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://link.morningbrew.com/click/24404729.50301/aHR0cHM6Ly93d3cueHhsbWFnLmNvbS9rYW55ZS13ZXN0LWFkaWRhcy1... HTTP 302
    https://www.xxlmag.com/kanye-west-adidas-sneakers-nike-socks/?utm_source=morning_brew Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers via /varnish(?: \(Varnish\/([\d.]+)\))?/i
Overall confidence: 100%
Detected patterns
  • headers server /^ECS/i
Overall confidence: 100%
Detected patterns
  • headers server /^ECS/i
Overall confidence: 100%
Detected patterns
  • headers server /^ECS/i
Overall confidence: 100%
Detected patterns
  • headers server /^(?:ECAcc|ECS|ECD)/i

Page Statistics

344
Requests

99 %
HTTPS

26 %
IPv6

84
Domains

138
Subdomains

98
IPs

9
Countries

3520 kB
Transfer

9498 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://link.morningbrew.com/click/24404729.50301/aHR0cHM6Ly93d3cueHhsbWFnLmNvbS9rYW55ZS13ZXN0LWFkaWRhcy1zbmVha2Vycy1uaWtlLXNvY2tzLz91dG1fc291cmNlPW1vcm5pbmdfYnJldw/5f25d5b8190eb1244f75d631B9aa2e72a HTTP 302
    https://www.xxlmag.com/kanye-west-adidas-sneakers-nike-socks/?utm_source=morning_brew Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 10
  • https://platform.instagram.com/en_US/embeds.js HTTP 301
  • https://www.instagram.com/embed.js HTTP 302
  • https://www.instagram.com/static/bundles/es6/EmbedSDK.js/58b07fec4121.js
Request Chain 119
  • https://5352434.fls.doubleclick.net/activityi;src=5352434;type=xxlmag;cat=xxl_f0;ord=1411766397089;gtm=2od770;auiddc=149742296.1625881763;~oref=https%3A%2F%2Fwww.xxlmag.com%2Fkanye-west-adidas-sneakers-nike-socks%2F%3Futm_source%3Dmorning_brew HTTP 302
  • https://5352434.fls.doubleclick.net/activityi;dc_pre=CJSL1sex1_ECFTniuwgdEdcLFQ;src=5352434;type=xxlmag;cat=xxl_f0;ord=1411766397089;gtm=2od770;auiddc=149742296.1625881763;~oref=https%3A%2F%2Fwww.xxlmag.com%2Fkanye-west-adidas-sneakers-nike-socks%2F%3Futm_source%3Dmorning_brew
Request Chain 153
  • https://srv.clickfuse.com/showads/adunit.php?id=100001357&di=cf_async_431233157&subtag=&search=&artist=Kanye%20West&song=&tvt=&alb=&alb_is=false&dvid=&f=false&vpw=1600&abf=0&d=&pid=&cs=1&bl=false&ro=&uc=&uf=&position=0&ctr=&bp_abf=false&cf=&cc=&kv=&ps=1&af=&if=0&ii=0&pe=&ph=&pf=&fh=&mo=undefined&url=https%3A%2F%2Fwww.xxlmag.com%2Fkanye-west-adidas-sneakers-nike-socks%2F%3Futm_source%3Dmorning_brew&t=1625881763809 HTTP 302
  • https://srv.clickfuse.com/showads/adunit.php?fc=1&id=100001357&di=cf_async_431233157&subtag=&search=&artist=Kanye%20West&song=&tvt=&alb=&alb_is=false&dvid=&f=false&vpw=1600&abf=0&d=&pid=&cs=1&bl=false&ro=&uc=&uf=&position=0&ctr=&bp_abf=false&cf=&cc=&kv=&ps=1&af=&if=0&ii=0&pe=&ph=&pf=&fh=&mo=undefined&url=https%3A%2F%2Fwww.xxlmag.com%2Fkanye-west-adidas-sneakers-nike-socks%2F%3Futm_source%3Dmorning_brew&t=1625881763809
Request Chain 166
  • https://action.dstillery.com/orbserv/nsjs?adv=cl1016361&ns=3141&nc=XXL&ncv=24 HTTP 302
  • https://action.media6degrees.com/orbserv/nsjs?adv=cl1016361&ns=3141&nc=XXL&ncv=24
Request Chain 183
  • https://sync.serverbid.com/ss/2000775.html HTTP 302
  • https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000775.html
Request Chain 185
  • https://eb2.3lift.com/sync HTTP 302
  • https://eb2.3lift.com/sync?&ld=1
Request Chain 186
  • https://eu-u.openx.net/w/1.0/pd?plm=10&ph=eceef17b-3677-408c-87cd-98b37bb51f08&gdpr=1 HTTP 302
  • https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=eceef17b-3677-408c-87cd-98b37bb51f08&gdpr=1
Request Chain 187
  • https://sync.serverbid.com/ss/2000775.html HTTP 302
  • https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000775.html
Request Chain 188
  • https://eu-u.openx.net/w/1.0/pd?plm=10&ph=eceef17b-3677-408c-87cd-98b37bb51f08&gdpr=1 HTTP 302
  • https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=eceef17b-3677-408c-87cd-98b37bb51f08&gdpr=1
Request Chain 195
  • https://eb2.3lift.com/sync HTTP 302
  • https://eb2.3lift.com/sync?&ld=1
Request Chain 197
  • https://id5-sync.com/s/441/9.gif?puid=e_c1940b83-3087-4c61-9bec-76c291d4219d&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/441/441/9/1.gif?puid=e_c1940b83-3087-4c61-9bec-76c291d4219d&gdpr=1&gdpr_consent= HTTP 302
  • https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMO5SiV3F_0hStwWsobKUTJGIfiCmkRQXJsHj1HvQ&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F441%2F124%2F8%2F2.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
  • https://ice.360yield.com/ul_cb/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMO5SiV3F_0hStwWsobKUTJGIfiCmkRQXJsHj1HvQ&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F441%2F124%2F8%2F2.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/cq/441/124/8/2.gif?puid=68a5ebc7-c7c2-4fe3-b452-f187b0748f25&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent= HTTP 302
  • https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=id517&sd=Y2FzY2FkZXNSZW1haW5pbmc9NyZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY HTTP 303
  • https://cookie-matching.mediarithmics.com/v1/get_or_create?sd=Y2FzY2FkZXNSZW1haW5pbmc9NyZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&domid=1033 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NyZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domid=1033&ops=apx HTTP 302
  • https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NyZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domid=1033&ops=apx&google_gid=CAESEOaC_at4j-H6QfdkiV0tGP8&google_cver=1 HTTP 303
  • https://ib.adnxs.com/getuid?https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=$UID&opid=apx&ops=&utidl=tech:goo:CAESEOaC_at4j-H6QfdkiV0tGP8&sd=Y2FzY2FkZXNSZW1haW5pbmc9NyZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&action=GET_ID&etid=&domid=1033 HTTP 302
  • https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=2238049204240508785&opid=apx&ops=&utidl=tech:goo:CAESEOaC_at4j-H6QfdkiV0tGP8&sd=Y2FzY2FkZXNSZW1haW5pbmc9NyZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&action=GET_ID&etid=&domid=1033 HTTP 303
  • https://id5-sync.com/qp/18.gif?puid=vec%3A18845874255&sd=Y2FzY2FkZXNSZW1haW5pbmc9NyZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY HTTP 302
  • https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/441/19/6/4.gif?puid=${profile_id}&gdpr=1&gdpr_consent= HTTP 302
  • https://sync.crwdcntrl.net/map/ct=y/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/441/19/6/4.gif?puid=${profile_id}&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/441/19/6/4.gif?puid=259f313db5fefb73630e998da9b45299&gdpr=1&gdpr_consent= HTTP 302
  • https://ads.creative-serving.com/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F101%2F5%2F5.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
  • https://id5-sync.com/c/441/101/5/5.gif?puid=c5063de4-2eff-4090-9771-2348bc5610df&gdpr=1&gdpr_consent= HTTP 302
  • https://loadus.exelator.com/load/?p=1082&g=204&j=r&gdpr=1&gdpr_consent=&ru=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F103%2F4%2F6.gif%3Fpuid%3D%25%25UID%25%25%26gdpr%3D1%26gdpr_consent%3D HTTP 302
  • https://loadus.exelator.com/load/?p=1082&g=204&j=r&gdpr=1&gdpr_consent=&ru=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F103%2F4%2F6.gif%3Fpuid%3D%25%25UID%25%25%26gdpr%3D1%26gdpr_consent%3D&xl8blockcheck=1 HTTP 302
  • https://id5-sync.com/c/441/103/4/6.gif?puid=ffc8e05ed58f0229a7f63ea96147431b&gdpr=1&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F108%2F3%2F7.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent=
Request Chain 198
  • https://id5-sync.com/s/441/9.gif?puid=e_ea8da931-6179-4eb9-9c68-47170d4eefb7&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/441/441/9/1.gif?puid=e_ea8da931-6179-4eb9-9c68-47170d4eefb7&gdpr=1&gdpr_consent= HTTP 302
  • https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMO5SiV3F_0hStwWsobKUTJGIfiCmkRQXJsHj1HvQ&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F441%2F124%2F8%2F2.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
  • https://ice.360yield.com/ul_cb/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMO5SiV3F_0hStwWsobKUTJGIfiCmkRQXJsHj1HvQ&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F441%2F124%2F8%2F2.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/cq/441/124/8/2.gif?puid=68a5ebc7-c7c2-4fe3-b452-f187b0748f25&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent= HTTP 302
  • https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=id517&sd=Y2FzY2FkZXNSZW1haW5pbmc9NyZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY HTTP 303
  • https://cookie-matching.mediarithmics.com/v1/get_or_create?sd=Y2FzY2FkZXNSZW1haW5pbmc9NyZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&domid=1033 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NyZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domid=1033&ops=apx HTTP 302
  • https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NyZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domid=1033&ops=apx&google_gid=CAESEOaC_at4j-H6QfdkiV0tGP8&google_cver=1 HTTP 303
  • https://ib.adnxs.com/getuid?https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=$UID&opid=apx&ops=&utidl=tech:goo:CAESEOaC_at4j-H6QfdkiV0tGP8&sd=Y2FzY2FkZXNSZW1haW5pbmc9NyZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&action=GET_ID&etid=&domid=1033 HTTP 302
  • https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=2238049204240508785&opid=apx&ops=&utidl=tech:goo:CAESEOaC_at4j-H6QfdkiV0tGP8&sd=Y2FzY2FkZXNSZW1haW5pbmc9NyZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&action=GET_ID&etid=&domid=1033 HTTP 303
  • https://id5-sync.com/qp/18.gif?puid=vec%3A18846877099&sd=Y2FzY2FkZXNSZW1haW5pbmc9NyZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY HTTP 302
  • https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/441/19/6/4.gif?puid=${profile_id}&gdpr=1&gdpr_consent= HTTP 302
  • https://sync.crwdcntrl.net/map/ct=y/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/441/19/6/4.gif?puid=${profile_id}&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/441/19/6/4.gif?puid=259f313db5fefb73630e998da9b45299&gdpr=1&gdpr_consent= HTTP 302
  • https://loadus.exelator.com/load/?p=1082&g=204&j=r&gdpr=1&gdpr_consent=&ru=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F103%2F5%2F5.gif%3Fpuid%3D%25%25UID%25%25%26gdpr%3D1%26gdpr_consent%3D HTTP 302
  • https://loadus.exelator.com/load/?p=1082&g=204&j=r&gdpr=1&gdpr_consent=&ru=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F103%2F5%2F5.gif%3Fpuid%3D%25%25UID%25%25%26gdpr%3D1%26gdpr_consent%3D&xl8blockcheck=1 HTTP 302
  • https://id5-sync.com/c/441/103/5/5.gif?puid=ffc8e05ed58f0229a7f63ea96147431b&gdpr=1&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F108%2F4%2F6.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/push/check?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F108%2F4%2F6.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/441/108/4/6.gif?puid=119907c5-7656-4f8f-8890-2e90e0e08cf5&gdpr=1&gdpr_consent=
Request Chain 199
  • https://id5-sync.com/s/441/9.gif?puid=e_b5f71157-8f86-4a19-ac25-a31c4e471285&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/441/441/9/1.gif?puid=e_b5f71157-8f86-4a19-ac25-a31c4e471285&gdpr=1&gdpr_consent= HTTP 302
  • https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMO5SiV3F_0hStwWsobKUTJGIfiCmkRQXJsHj1HvQ&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F441%2F124%2F8%2F2.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
  • https://ice.360yield.com/ul_cb/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMO5SiV3F_0hStwWsobKUTJGIfiCmkRQXJsHj1HvQ&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F441%2F124%2F8%2F2.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/cq/441/124/8/2.gif?puid=68a5ebc7-c7c2-4fe3-b452-f187b0748f25&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent= HTTP 302
  • https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=id517&sd=Y2FzY2FkZXNSZW1haW5pbmc9NyZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY HTTP 303
  • https://cookie-matching.mediarithmics.com/v1/get_or_create?sd=Y2FzY2FkZXNSZW1haW5pbmc9NyZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&domid=1033 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NyZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domid=1033&ops=apx HTTP 302
  • https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NyZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domid=1033&ops=apx&google_gid=CAESEOaC_at4j-H6QfdkiV0tGP8&google_cver=1 HTTP 303
  • https://ib.adnxs.com/getuid?https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=$UID&opid=apx&ops=&utidl=tech:goo:CAESEOaC_at4j-H6QfdkiV0tGP8&sd=Y2FzY2FkZXNSZW1haW5pbmc9NyZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&action=GET_ID&etid=&domid=1033 HTTP 302
  • https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=2238049204240508785&opid=apx&ops=&utidl=tech:goo:CAESEOaC_at4j-H6QfdkiV0tGP8&sd=Y2FzY2FkZXNSZW1haW5pbmc9NyZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&action=GET_ID&etid=&domid=1033 HTTP 303
  • https://id5-sync.com/qp/18.gif?puid=vec%3A18845410837&sd=Y2FzY2FkZXNSZW1haW5pbmc9NyZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY HTTP 302
  • https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/441/19/6/4.gif?puid=${profile_id}&gdpr=1&gdpr_consent= HTTP 302
  • https://sync.crwdcntrl.net/map/ct=y/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/441/19/6/4.gif?puid=${profile_id}&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/441/19/6/4.gif?puid=259f313db5fefb73630e998da9b45299&gdpr=1&gdpr_consent= HTTP 302
  • https://ads.creative-serving.com/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F101%2F5%2F5.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
  • https://id5-sync.com/c/441/101/5/5.gif?puid=c5063de4-2eff-4090-9771-2348bc5610df&gdpr=1&gdpr_consent= HTTP 302
  • https://loadus.exelator.com/load/?p=1082&g=204&j=r&gdpr=1&gdpr_consent=&ru=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F103%2F4%2F6.gif%3Fpuid%3D%25%25UID%25%25%26gdpr%3D1%26gdpr_consent%3D HTTP 302
  • https://loadus.exelator.com/load/?p=1082&g=204&j=r&gdpr=1&gdpr_consent=&ru=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F103%2F4%2F6.gif%3Fpuid%3D%25%25UID%25%25%26gdpr%3D1%26gdpr_consent%3D&xl8blockcheck=1 HTTP 302
  • https://id5-sync.com/c/441/103/4/6.gif?puid=ffc8e05ed58f0229a7f63ea96147431b&gdpr=1&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F108%2F3%2F7.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent=
Request Chain 200
  • https://id5-sync.com/s/441/9.gif?puid=e_dfe7b94a-362c-4698-be6a-c165e14612fe&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/441/441/9/1.gif?puid=e_dfe7b94a-362c-4698-be6a-c165e14612fe&gdpr=1&gdpr_consent= HTTP 302
  • https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMO5SiV3F_0hStwWsobKUTJGIfiCmkRQXJsHj1HvQ&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F441%2F124%2F8%2F2.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
  • https://ice.360yield.com/ul_cb/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMO5SiV3F_0hStwWsobKUTJGIfiCmkRQXJsHj1HvQ&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F441%2F124%2F8%2F2.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/cq/441/124/8/2.gif?puid=68a5ebc7-c7c2-4fe3-b452-f187b0748f25&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent= HTTP 302
  • https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=id517&sd=Y2FzY2FkZXNSZW1haW5pbmc9NyZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY HTTP 303
  • https://cookie-matching.mediarithmics.com/v1/get_or_create?sd=Y2FzY2FkZXNSZW1haW5pbmc9NyZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&domid=1033 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NyZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domid=1033&ops=apx HTTP 302
  • https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NyZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domid=1033&ops=apx&google_gid=CAESEOaC_at4j-H6QfdkiV0tGP8&google_cver=1 HTTP 303
  • https://ib.adnxs.com/getuid?https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=$UID&opid=apx&ops=&utidl=tech:goo:CAESEOaC_at4j-H6QfdkiV0tGP8&sd=Y2FzY2FkZXNSZW1haW5pbmc9NyZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&action=GET_ID&etid=&domid=1033 HTTP 302
  • https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=2238049204240508785&opid=apx&ops=&utidl=tech:goo:CAESEOaC_at4j-H6QfdkiV0tGP8&sd=Y2FzY2FkZXNSZW1haW5pbmc9NyZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&action=GET_ID&etid=&domid=1033 HTTP 303
  • https://id5-sync.com/qp/18.gif?puid=vec%3A18846877099&sd=Y2FzY2FkZXNSZW1haW5pbmc9NyZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY HTTP 302
  • https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/441/19/6/4.gif?puid=${profile_id}&gdpr=1&gdpr_consent= HTTP 302
  • https://sync.crwdcntrl.net/map/ct=y/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/441/19/6/4.gif?puid=${profile_id}&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/441/19/6/4.gif?puid=259f313db5fefb73630e998da9b45299&gdpr=1&gdpr_consent= HTTP 302
  • https://loadus.exelator.com/load/?p=1082&g=204&j=r&gdpr=1&gdpr_consent=&ru=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F103%2F5%2F5.gif%3Fpuid%3D%25%25UID%25%25%26gdpr%3D1%26gdpr_consent%3D HTTP 302
  • https://loadus.exelator.com/load/?p=1082&g=204&j=r&gdpr=1&gdpr_consent=&ru=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F103%2F5%2F5.gif%3Fpuid%3D%25%25UID%25%25%26gdpr%3D1%26gdpr_consent%3D&xl8blockcheck=1 HTTP 302
  • https://id5-sync.com/c/441/103/5/5.gif?puid=ffc8e05ed58f0229a7f63ea96147431b&gdpr=1&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F108%2F4%2F6.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/push/check?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F108%2F4%2F6.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/441/108/4/6.gif?puid=119907c5-7656-4f8f-8890-2e90e0e08cf5&gdpr=1&gdpr_consent=
Request Chain 206
  • https://pm.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537072979&val=aqsw2XJt1M227s5
Request Chain 207
  • https://x.bidswitch.net/sync?ssp=openx HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=openx HTTP 302
  • https://cm.smadex.com/sync?sm_did=bds&bds_ssp_id=openx&bds_param=d83c9bcd-b4ec-499e-98d8-4eecd3e78d25 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=340&user_id=edd74b0a-5701-4422-b7cf-6b0fec9f5d7c&expires=10&ssp=openx&bsw_param=d83c9bcd-b4ec-499e-98d8-4eecd3e78d25 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072968&val=d83c9bcd-b4ec-499e-98d8-4eecd3e78d25
Request Chain 208
  • https://ib.adnxs.com/getuid?https://eu-u.openx.net/w/1.0/sd?id=537072399&val=$UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072399%26val%3D%24UID HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537072399&val=4122171323174047318
Request Chain 209
  • https://match.prod.bidr.io/cookie-sync/ox HTTP 303
  • https://match.prod.bidr.io/cookie-sync/ox?_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFCUVZFN0IwZmtBQURlNG1GdVNkZw&bee_sync_partners=pm%2Cpp%2Csas%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Cpp%2Csas%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1
Request Chain 210
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=424c60e8-fca6-4b00-b2f0-f22187eff141
Request Chain 211
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=INmIoXCKjK870digJNrAqyLQ36s70N2vcN-acDWA
Request Chain 212
  • https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=7002490424558948009
Request Chain 214
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=M2Y4ODA4NGUtNGFlNi02OWE0LTQ2YzQtZDNkODE3YzUyMGVh HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=M2Y4ODA4NGUtNGFlNi02OWE0LTQ2YzQtZDNkODE3YzUyMGVh&google_tc=
Request Chain 215
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&google_tc= HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELYh2WuTxCFmr_dnTi-B4cI&google_cver=1
Request Chain 216
  • https://pm.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537072979&val=aqsw2XJt1M227s5
Request Chain 217
  • https://x.bidswitch.net/sync?ssp=openx HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=openx HTTP 302
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=openx&bsw_custom_parameter=d83c9bcd-b4ec-499e-98d8-4eecd3e78d25 HTTP 302
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=openx&bsw_custom_parameter=d83c9bcd-b4ec-499e-98d8-4eecd3e78d25 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=c5063de4-2eff-4090-9771-2348bc5610df&ssp=openx&expires=30&user_group=5&bsw_param=d83c9bcd-b4ec-499e-98d8-4eecd3e78d25 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072968&val=d83c9bcd-b4ec-499e-98d8-4eecd3e78d25
Request Chain 218
  • https://ib.adnxs.com/getuid?https://eu-u.openx.net/w/1.0/sd?id=537072399&val=$UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072399%26val%3D%24UID HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537072399&val=2238049204240508785
Request Chain 219
  • https://match.prod.bidr.io/cookie-sync/ox HTTP 303
  • https://match.prod.bidr.io/cookie-sync/ox?_bee_ppp=1 HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAAoe07B0fkAADghfHUO9Q&r=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Csas%252Cox%26bee_sync_current_partner%3Dpm%26bee_sync_initiator%3Dox%26bee_sync_hop_count%3D1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=pp%2Csas%2Cox&bee_sync_current_partner=pm&bee_sync_initiator=ox&bee_sync_hop_count=1
Request Chain 220
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=e6e160e8-fca6-4b00-9acb-a599ff0ba2fe
Request Chain 221
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=wcG2y5GSssXayebLzpP-lZOU6srakubLx8ZEqCDV
Request Chain 222
  • https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=7913871185167847792
Request Chain 224
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=M2Y4ODA4NGUtNGFlNi02OWE0LTQ2YzQtZDNkODE3YzUyMGVh HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=M2Y4ODA4NGUtNGFlNi02OWE0LTQ2YzQtZDNkODE3YzUyMGVh&google_tc=
Request Chain 225
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&google_tc= HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDUSm-koje4ZVz6r8JLyhCE&google_cver=1
Request Chain 227
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=12776 HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=12776
Request Chain 229
  • https://us-u.openx.net/w/1.0/cm?id=fba3d144-1026-4d31-a758-943b9545e305&r=https://usr.undertone.com/userPixel/sync?partnerId=39&uid= HTTP 302
  • https://usr.undertone.com/userPixel/sync?partnerId=39&uid=588abca3-833e-0b63-39a1-96a62a8bced8
Request Chain 230
  • https://pixel.advertising.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
  • https://pixel.advertising.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true&verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP0eecea80-e121-11eb-aea8-0218f49b87b6 HTTP 302
  • https://ups.analytics.yahoo.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP0eecea80-e121-11eb-aea8-0218f49b87b6&verify=true HTTP 302
  • https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-kZ_65l1E2uGliVD1KUsnhLlgvFsHJAxr~A~UP0eecea80-e121-11eb-aea8-0218f49b87b6
Request Chain 231
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sirnsvg&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=sirnsvg&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://usr.undertone.com/userPixel/sync?partner=ttd&uid=403bdaff-89eb-4834-95e1-28dbb88d3754&ttl=1628473766
Request Chain 233
  • https://cs.admanmedia.com/sync/undertone?url=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3Fpartner%3Dacuityads%26uid%3D%24UID HTTP 302
  • https://usr.undertone.com/userPixel/sync?partner=acuityads&uid=083ceb0090f51f9a863a6a73b1125531c01aac12
Request Chain 234
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160318&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160318%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fusr.undertone.com%252FuserPixel%252Fsync%253FpartnerId%253D53%2526uid%253D%2523PMUID HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160318&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160318%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fusr.undertone.com%252FuserPixel%252Fsync%253FpartnerId%253D53%2526uid%253D%2523PMUID&rdf=1 HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=6BAACCB9-48E3-49D2-BFE9-D4BC33D3906D&gdpr=0&gdpr_consent=
Request Chain 235
  • https://ib.adnxs.com/getuidnb?https://usr.undertone.com/userPixel/sync?partner=appnexus&uid=$UID HTTP 302
  • https://usr.undertone.com/userPixel/sync?partner=appnexus&uid=2238049204240508785
Request Chain 236
  • https://us-u.openx.net/w/1.0/cm?id=fba3d144-1026-4d31-a758-943b9545e305&r=https://usr.undertone.com/userPixel/sync?partnerId=39&uid= HTTP 302
  • https://usr.undertone.com/userPixel/sync?partnerId=39&uid=588abca3-833e-0b63-39a1-96a62a8bced8
Request Chain 237
  • https://pixel.advertising.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
  • https://pixel.advertising.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true&verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP0eecea80-e121-11eb-aea8-0218f49b87b6 HTTP 302
  • https://ups.analytics.yahoo.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP0eecea80-e121-11eb-aea8-0218f49b87b6&verify=true HTTP 302
  • https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-kZ_65l1E2uGliVD1KUsnhLlgvFsHJAxr~A~UP0eecea80-e121-11eb-aea8-0218f49b87b6
Request Chain 238
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sirnsvg&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=sirnsvg&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://usr.undertone.com/userPixel/sync?partner=ttd&uid=403bdaff-89eb-4834-95e1-28dbb88d3754&ttl=1628473766
Request Chain 240
  • https://cs.admanmedia.com/sync/undertone?url=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3Fpartner%3Dacuityads%26uid%3D%24UID HTTP 302
  • https://usr.undertone.com/userPixel/sync?partner=acuityads&uid=083ceb0090f51f9a863a6a73b1125531c01aac12
Request Chain 241
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160318&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160318%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fusr.undertone.com%252FuserPixel%252Fsync%253FpartnerId%253D53%2526uid%253D%2523PMUID HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160318&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160318%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fusr.undertone.com%252FuserPixel%252Fsync%253FpartnerId%253D53%2526uid%253D%2523PMUID&rdf=1 HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=6BAACCB9-48E3-49D2-BFE9-D4BC33D3906D&gdpr=0&gdpr_consent=
Request Chain 242
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=12776 HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=12776
Request Chain 244
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=1&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm=&google_sc=&gdpr=1&gdpr_consent=&google_tc= HTTP 302
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESENgqEzkfy8gbtp8APMx0zo4&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
Request Chain 245
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=1&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDQ2MTI4NTczODk5MDI3NTg3MA%3D%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDQ2MTI4NTczODk5MDI3NTg3MA%3D%3D&google_tc=
Request Chain 247
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/4461285738990275870?gdpr=1&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-j7m3PplE2oRvSIdGUbVaZnx.O23.ErWuY5PV5d1cIg--~A&dongle=0883
Request Chain 248
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=1%26gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3335&xuid=2238049204240508785&dongle=4d58&gdpr=1&gdpr_consent=
Request Chain 249
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=1&gdpr_consent=&uid=4461285738990275870 HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=4461285738990275870&dcc=t
Request Chain 250
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=1&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Request Chain 254
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=1&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm=&google_sc=&gdpr=1&gdpr_consent=&google_tc= HTTP 302
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEJNZ5BlxKRsVxB_ErlR4BQo&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
Request Chain 255
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=1&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDQ2MTI4NTczODk5MDI3NTg3MA%3D%3D
Request Chain 257
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/4461285738990275870?gdpr=1&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-iCYF1C9E2oQwHZD.2wLdFN2znvHKZpypKuzeEUjUcw--~A&dongle=0883
Request Chain 258
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=1%26gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3335&xuid=4122171323174047318&dongle=4d58&gdpr=1&gdpr_consent=
Request Chain 259
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=1&gdpr_consent=&uid=4461285738990275870 HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=4461285738990275870&dcc=t
Request Chain 260
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=1&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Request Chain 265
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFBb2UwN0IwZmtBQURnaGZIVU85UQ&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
Request Chain 267
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=a6rMuUjjSdK_6dS8M9OQbQ%3D%3D HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Request Chain 269
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=e6e160e8-fca6-4b00-9acb-a599ff0ba2fe
Request Chain 270
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NkJBQUNDQjktNDhFMy00OUQyLUJGRTktRDRCQzMzRDM5MDZE&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.adentifi.com/CookieSyncPubMatic&gdpr=0&gdpr_consent=
Request Chain 271
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEJ9RdaWtZ5utC71-QkDi_8Q&google_cver=1 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.adentifi.com/CookieSyncPubMatic&gdpr=0&gdpr_consent=
Request Chain 273
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2317974087860146848&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.adentifi.com/CookieSyncPubMatic&gdpr=0&gdpr_consent=
Request Chain 274
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=403bdaff-89eb-4834-95e1-28dbb88d3754 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.adentifi.com/CookieSyncPubMatic&gdpr=0&gdpr_consent=
Request Chain 275
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=YOj8pgACs35VQQA4 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YOj8pgACs35VQQA4&gdpr=0&gdpr_consent=&_test=YOj8pgACs35VQQA4 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?p=160318&pmc=1&pr=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D53%26uid%3D6BAACCB9-48E3-49D2-BFE9-D4BC33D3906D HTTP 302
  • https://usr.undertone.com/userPixel/sync?partnerId=53&uid=6BAACCB9-48E3-49D2-BFE9-D4BC33D3906D
Request Chain 276
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:e6e160e8-fca6-4b00-9acb-a599ff0ba2fe&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.adentifi.com/CookieSyncPubMatic&gdpr=0&gdpr_consent=
Request Chain 278
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=6BAACCB9-48E3-49D2-BFE9-D4BC33D3906D&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=6BAACCB9-48E3-49D2-BFE9-D4BC33D3906D&redir=true&gdpr=0&gdpr_consent=&verify=true HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-jUbjsR5E2uXBiTh.7JPS2hahylk8mrc-~A&gdpr=0&gdpr_consent=
Request Chain 279
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2238049204240508785&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.adentifi.com/CookieSyncPubMatic&gdpr=0&gdpr_consent=
Request Chain 282
  • https://x.bidswitch.net/sync?ssp=unrulyx HTTP 302
  • https://pm.w55c.net/ping_match.gif?st=bidswitch&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D79%26user_id%3D_wfivefivec_%26expires%3D30%26ssp%3Dunrulyx%26bsw_param%3Dd83c9bcd-b4ec-499e-98d8-4eecd3e78d25 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=79&user_id=aqsw2XJt1M227s5&expires=30&ssp=unrulyx&bsw_param=d83c9bcd-b4ec-499e-98d8-4eecd3e78d25 HTTP 302
  • https://usermatch.targeting.unrulymedia.com/usermatch/iponweb/d83c9bcd-b4ec-499e-98d8-4eecd3e78d25?gdpr=&gdpr_consent= HTTP 302
  • https://sync.1rx.io/usersync/bidswitch/d83c9bcd-b4ec-499e-98d8-4eecd3e78d25?gdpr=&gdpr_consent= HTTP 302
  • https://sync.1rx.io/usersync/bidswitch/d83c9bcd-b4ec-499e-98d8-4eecd3e78d25?zcc=1&dspret=0&cb=1625881766704 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-a399cdfd-f431-4a18-9179-44ff40a40442-003
Request Chain 283
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fusermatch.targeting.unrulymedia.com%2Fusermatch%2Floopme%2F%7Bdevice_id%7D HTTP 307
  • https://usermatch.targeting.unrulymedia.com/usermatch/loopme/ad8f8fc1-5d8a-499b-87c0-89c93e1d2b16 HTTP 302
  • https://sync.1rx.io/usersync/loopme/ad8f8fc1-5d8a-499b-87c0-89c93e1d2b16 HTTP 302
  • https://sync.1rx.io/usersync/loopme/ad8f8fc1-5d8a-499b-87c0-89c93e1d2b16?zcc=1&dspret=0&cb=1625881766704 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-a399cdfd-f431-4a18-9179-44ff40a40442-003
Request Chain 284
  • https://cm.ctnsnet.com/int/cm?exc=23&redir=https%3A%2F%2Fusermatch.targeting.unrulymedia.com%2Fusermatch%2Fcrimtan%2F%5Buser_id%5D HTTP 302
  • https://usermatch.targeting.unrulymedia.com/usermatch/crimtan/9b71536f8a7847f4bb8127ef3557bbf7 HTTP 302
  • https://sync.1rx.io/usersync/crimtan/9b71536f8a7847f4bb8127ef3557bbf7 HTTP 302
  • https://sync.1rx.io/usersync/crimtan/9b71536f8a7847f4bb8127ef3557bbf7?zcc=1&dspret=0&cb=1625881766704 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-a399cdfd-f431-4a18-9179-44ff40a40442-003
Request Chain 285
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fusermatch.targeting.unrulymedia.com%2Fusermatch%2Fappnexus%2F%24UID HTTP 302
  • https://usermatch.targeting.unrulymedia.com/usermatch/appnexus/2238049204240508785 HTTP 302
  • https://sync.1rx.io/usersync/appnexus/2238049204240508785 HTTP 302
  • https://sync.1rx.io/usersync/appnexus/2238049204240508785?zcc=1&dspret=0&cb=1625881766704 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-a399cdfd-f431-4a18-9179-44ff40a40442-003
Request Chain 286
  • https://sync.mathtag.com/sync/img?mt_exid=74&redir=https%3A%2F%2Fusermatch.targeting.unrulymedia.com%2Fusermatch%2Fmediamath%2F%5BMM_UUID%5D HTTP 302
  • https://usermatch.targeting.unrulymedia.com/usermatch/mediamath/e6e160e8-fca6-4b00-9acb-a599ff0ba2fe HTTP 302
  • https://sync.1rx.io/usersync/mediamathtest/e6e160e8-fca6-4b00-9acb-a599ff0ba2fe HTTP 302
  • https://sync.1rx.io/usersync/mediamathtest/e6e160e8-fca6-4b00-9acb-a599ff0ba2fe?zcc=1&dspret=0&cb=1625881766704 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-a399cdfd-f431-4a18-9179-44ff40a40442-003
Request Chain 287
  • https://sync-tm.everesttech.net/upi/pid/1cMuUcwh?redir=https%3A%2F%2Fusermatch.targeting.unrulymedia.com%2Fusermatch%2Fadobe%2F%24%7BTM_USER_ID%7D%3F HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/1cMuUcwh?redir=https%3A%2F%2Fusermatch.targeting.unrulymedia.com%2Fusermatch%2Fadobe%2F%24%7BTM_USER_ID%7D%3F&_test=YOj8pgACmZKXbwAC HTTP 302
  • https://usermatch.targeting.unrulymedia.com/usermatch/adobe/YOj8pgACmZKXbwAC?&_test=YOj8pgACmZKXbwAC HTTP 302
  • https://sync.1rx.io/usersync/adobe/YOj8pgACmZKXbwAC?&_test=YOj8pgACmZKXbwAC HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-a399cdfd-f431-4a18-9179-44ff40a40442-003
Request Chain 288
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=unruly&ttd_tpi=1 HTTP 302
  • https://usermatch.targeting.unrulymedia.com/usermatch/tradedesk/403bdaff-89eb-4834-95e1-28dbb88d3754 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/403bdaff-89eb-4834-95e1-28dbb88d3754 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-a399cdfd-f431-4a18-9179-44ff40a40442-003
Request Chain 289
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=unruly&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=unruly&endpoint=us-east
Request Chain 290
  • https://sync.srv.stackadapt.com/sync?nid=41 HTTP 302
  • https://usermatch.targeting.unrulymedia.com/usermatch/stackadapt/3kkQnbILQdpgYcGmLU_sfZBMbR4 HTTP 302
  • https://sync.1rx.io/usersync/stackadapt/3kkQnbILQdpgYcGmLU_sfZBMbR4 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-a399cdfd-f431-4a18-9179-44ff40a40442-003
Request Chain 291
  • https://pr-bh.ybp.yahoo.com/sync/unruly/ HTTP 302
  • https://usermatch.targeting.unrulymedia.com/usermatch/oath/y-dDBu6RVE2oV8EMQ4ZvTzUaMOmdcEG3gGHZyN~A HTTP 302
  • https://sync.1rx.io/usersync/verizon/y-dDBu6RVE2oV8EMQ4ZvTzUaMOmdcEG3gGHZyN~A HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-a399cdfd-f431-4a18-9179-44ff40a40442-003
Request Chain 292
  • https://bh.contextweb.com/bh/rtset?pid=560138&ev=1&daaqp=1&rurl=https%3A%2F%2Fusermatch.targeting.unrulymedia.com%2Fusermatch%2Fpulsepoint%2F%25%25VGUID%25%25 HTTP 302
  • https://usermatch.targeting.unrulymedia.com/usermatch/pulsepoint/A6Q9qrKcnVTw HTTP 302
  • https://sync.1rx.io/usersync/pulse/A6Q9qrKcnVTw HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-a399cdfd-f431-4a18-9179-44ff40a40442-003
Request Chain 293
  • https://ssum-sec.casalemedia.com/usermatch?s=182257&cb=https%3A%2F%2Fusermatch.targeting.unrulymedia.com%2Fusermatch%2Fcasale%2F HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusermatch.targeting.unrulymedia.com%2Fusermatch%2Fcasale%2F&s=182257&C=1
Request Chain 294
  • https://match.prod.bidr.io/cookie-sync/unr HTTP 303
  • https://match.prod.bidr.io/cookie-sync/unr?_bee_ppp=1
Request Chain 295
  • https://cms.quantserve.com/pixel/p-QcHdy7VcGLKJK.gif?idmatch=0 HTTP 302
  • https://sync.1rx.io/usersync/quantcast/OProy2ip7MUj8rjLN6iglWqvtMojqbjLPv0sK9Vj?gdpr=1
Request Chain 296
  • https://cm.g.doubleclick.net/pixel?google_nid=unruly_dbm&google_cm&google_sc HTTP 302
  • https://usermatch.targeting.unrulymedia.com/usermatch/google/CAESEI611eIUsYfXwd_aUBy8yT4?google_cver=1 HTTP 302
  • https://sync.1rx.io/usersync/google/CAESEI611eIUsYfXwd_aUBy8yT4?google_cver=1 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-a399cdfd-f431-4a18-9179-44ff40a40442-003
Request Chain 298
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17632&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
Request Chain 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D28%26userId%3D%24UID HTTP 302
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=28&userId=2238049204240508785
Request Chain 304
  • https://ssum-sec.casalemedia.com/usermatchredir?s=185073&cb=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D HTTP 302
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=1&userId=YOj8pu882BbQRl1VrXga2wAA%261182
Request Chain 305
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D24%26userId%3D%24UID HTTP 307
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D24%26userId%3D%24UID&sovrn_retry=true HTTP 307
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=24&userId=22c2f92a89a131114ea2f2fb
Request Chain 307
  • https://pixel.advertising.com/ups/56621/occ HTTP 302
  • https://ups.analytics.yahoo.com/ups/56621/occ?apid=UP0eecea80-e121-11eb-aea8-0218f49b87b6 HTTP 302
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=29&userId=UP0eecea80-e121-11eb-aea8-0218f49b87b6
Request Chain 308
  • https://x.bidswitch.net/sync?ssp=consumable HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43092&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dconsumable%26expires%3D30%26user_group%3D%24%7BUSER_GROUP%7D HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43092&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dconsumable%26expires%3D30%26user_group%3D%24%7BUSER_GROUP%7D&crf=1 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=429&user_id=8add5728-7228-52bf-857f-5debe597a14d&ssp=consumable&expires=30&user_group=1 HTTP 302
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=52&userId=d83c9bcd-b4ec-499e-98d8-4eecd3e78d25
Request Chain 309
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D28%26userId%3D%24UID HTTP 302
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=28&userId=2238049204240508785
Request Chain 311
  • https://ssum-sec.casalemedia.com/usermatchredir?s=185073&cb=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D HTTP 302
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=1&userId=YOj8pu882BbQRl1VrXga2wAA%261182
Request Chain 312
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D24%26userId%3D%24UID HTTP 307
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D24%26userId%3D%24UID&sovrn_retry=true HTTP 307
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=24&userId=22c2f92a89a131114ea2f2fb
Request Chain 314
  • https://pixel.advertising.com/ups/56621/occ HTTP 302
  • https://ups.analytics.yahoo.com/ups/56621/occ?apid=UP0eecea80-e121-11eb-aea8-0218f49b87b6 HTTP 302
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=29&userId=UP0eecea80-e121-11eb-aea8-0218f49b87b6
Request Chain 315
  • https://x.bidswitch.net/sync?ssp=consumable HTTP 302
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=d83c9bcd-b4ec-499e-98d8-4eecd3e78d25&ssp=consumable&gdpr=&gdpr_consent=
Request Chain 317
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17632&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
Request Chain 322
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YOj8pu882BbQRl1VrXga2wAABJ4AAAAB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YOj8pu882BbQRl1VrXga2wAABJ4AAAAB&dcc=t
Request Chain 323
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YOj8pu882BbQRl1VrXga2wAABJ4AAAAB&gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESENyfD9bhOKf2oU7Btsdi-qY&google_cver=1
Request Chain 325
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YOj8pu882BbQRl1VrXga2wAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEByxUS8Oo-rFQuZl886PNEE&google_cver=1&gdpr=1
Request Chain 326
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1&gdpr=1 HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1625968166&gdpr=1
Request Chain 329
  • https://usermatch.targeting.unrulymedia.com/usermatch/casale/YOj8pu882BbQRl1VrXga2wAA%261182 HTTP 302
  • https://sync.1rx.io/usersync/index/YOj8pu882BbQRl1VrXga2wAA&1182 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-a399cdfd-f431-4a18-9179-44ff40a40442-003
Request Chain 330
  • https://um2.eqads.com/um/cs HTTP 302
  • https://um2.eqads.com/um/cs&eq_cc=1

344 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.xxlmag.com/kanye-west-adidas-sneakers-nike-socks/
Redirect Chain
  • https://link.morningbrew.com/click/24404729.50301/aHR0cHM6Ly93d3cueHhsbWFnLmNvbS9rYW55ZS13ZXN0LWFkaWRhcy1zbmVha2Vycy1uaWtlLXNvY2tzLz91dG1fc291cmNlPW1vcm5pbmdfYnJldw/5f25d5b8190eb1244f75d631B9aa2e72a
  • https://www.xxlmag.com/kanye-west-adidas-sneakers-nike-socks/?utm_source=morning_brew
52 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.xxlmag.com/kanye-west-adidas-sneakers-nike-socks/?utm_source=morning_brew
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.172 Culver City, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (lcy/1D3F) / Express
Resource Hash
9da46ce79c8b8974cb54bb29150e433a4c6ea6fbd3721c9d7e7fc402cd9202ca

Request headers

:method
GET
:authority
www.xxlmag.com
:scheme
https
:path
/kanye-west-adidas-sneakers-nike-socks/?utm_source=morning_brew
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-encoding
gzip
accept-ranges
bytes
age
43
cache-control
no-cache
content-type
text/html; charset=utf-8
date
Sat, 10 Jul 2021 01:49:22 GMT
etag
W/"d1d3-MlJ9kqbsxr5s6ipgLLt50w"
expires
Sat, 10 Jul 2021 01:49:21 GMT
gdpr-source
DE
last-modified
Sat, 10 Jul 2021 01:48:40 GMT
server
ECS (lcy/1D3F)
set-cookie
gdpr-source=DE
vary
Accept-Encoding
via
1.1 varnish
x-abgroup
B
x-cache
HIT
x-device
desktop
x-powered-by
Express
x-ua-device
desktop
x-varnish
1602514261
content-length
14653

Redirect headers

date
Sat, 10 Jul 2021 01:49:22 GMT
server
Sailthru
set-cookie
sailthru_hid=a9ba56e53d6a01ffb775a1ade1e1ca875f25d5b8190eb1244f75d63148b0ff37ade9131b3af966c7ff01aa4c; expires=Sun, 10-Jul-2022 07:38:08 GMT; Max-Age=31556926; path=/; domain=morningbrew.com sailthru_bid=24404729.50301; expires=Sat, 10-Jul-2021 04:49:22 GMT; Max-Age=10800; path=/; domain=morningbrew.com
location
https://www.xxlmag.com/kanye-west-adidas-sneakers-nike-socks/?utm_source=morning_brew
content-length
0
content-type
text/html; charset=UTF-8
connection
close
base.css
www.xxlmag.com/styles/desktop/ 		536 KB
116 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.xxlmag.com/styles/desktop/base.css?ver=dccbd421313dae057671ffa1e639d4d1b4c2b92d&mver=199&gver=3
Requested by
Host: www.xxlmag.com
URL: https://www.xxlmag.com/kanye-west-adidas-sneakers-nike-socks/?utm_source=morning_brew
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.172 Culver City, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67F3) / Express
Resource Hash
c491e6b83c202765a61599c43681a189388c95c08906016ebfc0b15a4fb50f1a

Request headers

:path
/styles/desktop/base.css?ver=dccbd421313dae057671ffa1e639d4d1b4c2b92d&mver=199&gver=3
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.xxlmag.com
referer
https://www.xxlmag.com/kanye-west-adidas-sneakers-nike-socks/?utm_source=morning_brew
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.xxlmag.com/kanye-west-adidas-sneakers-nike-socks/?utm_source=morning_brew
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-abgroup
A
date
Sat, 10 Jul 2021 01:49:22 GMT
content-encoding
gzip
age
24803
x-powered-by
Express
x-cache
HIT
x-ua-device
desktop
x-device
desktop
content-length
118479
last-modified
Fri, 09 Jul 2021 18:56:00 GMT
server
ECS (frb/67F3)
etag
W/"860f4-/eTntu+OtNnX8iViRri1+A"
vary
Accept-Encoding
x-varnish
1597652670
via
1.1 varnish
cache-control
no-cache
gdpr-source
DE
set-cookie
gdpr-source=DE
accept-ranges
bytes
content-type
text/css; charset=utf-8
expires
Sat, 10 Jul 2021 01:49:21 GMT
css
fonts.googleapis.com/ 		22 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,400italic,500,500italic,700,300italic,300|Roboto+Condensed:300,400,700&display=swap
Requested by
Host: www.xxlmag.com
URL: https://www.xxlmag.com/kanye-west-adidas-sneakers-nike-socks/?utm_source=morning_brew
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e88202b7d4aa0af217e4e1a913095f30ed7e4f29777632db674cb740f3e052f7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.xxlmag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 10 Jul 2021 01:49:22 GMT
server
ESF
date
Sat, 10 Jul 2021 01:49:22 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 10 Jul 2021 01:49:22 GMT
analytics.js
www.google-analytics.com/ 		48 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.xxlmag.com
URL: https://www.xxlmag.com/kanye-west-adidas-sneakers-nike-socks/?utm_source=morning_brew
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.xxlmag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 09 Jun 2021 17:36:57 GMT
server
Golfe2
age
1417
date
Sat, 10 Jul 2021 01:25:45 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19661
expires
Sat, 10 Jul 2021 03:25:45 GMT
autotrack.carbon.js
townsquare.media/public/resources/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://townsquare.media/public/resources/js/autotrack.carbon.js
Requested by
Host: www.xxlmag.com
URL: https://www.xxlmag.com/kanye-west-adidas-sneakers-nike-socks/?utm_source=morning_brew
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.181 Culver City, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6793) / Express
Resource Hash
17c048bfb0138677a5774ee0301b7858b6d3fa8620fcaf62b6b81a0b5a37996a

Request headers

Referer
https://www.xxlmag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-abgroup
B
date
Sat, 10 Jul 2021 01:49:22 GMT
content-encoding
gzip
age
29930
x-powered-by
Express
x-cache
HIT
x-ua-device
desktop
x-device
desktop
content-length
2031
last-modified
Thu, 03 Oct 2019 20:12:19 GMT
server
ECS (frb/6793)
etag
W/"119a-16d93407ae3"
vary
Accept-Encoding
x-varnish
2549906220 2547676402
via
1.1 varnish
cache-control
no-cache
gdpr-source
DE
accept-ranges
bytes
content-type
application/javascript
expires
Sat, 10 Jul 2021 01:49:21 GMT
script.js
doi3unldljdx6.cloudfront.net./ 		111 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://doi3unldljdx6.cloudfront.net./script.js
Requested by
Host: www.xxlmag.com
URL: https://www.xxlmag.com/kanye-west-adidas-sneakers-nike-socks/?utm_source=morning_brew
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:e400:7:7419:8e80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0d8d1736e7e99fdc0ec83890bcfc98ab317bfc86c662ac7d323f2672aa7bd8fb

Request headers

Referer
https://www.xxlmag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Jul 2021 01:46:51 GMT
content-encoding
gzip
last-modified
Fri, 09 Jul 2021 21:30:38 GMT
server
AmazonS3
age
160
etag
W/"85b7e4f614b194dc00bfec908fabb880"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 0f538ee832e1105649039b38ce89e883.cloudfront.net (CloudFront)
cache-control
max-age=600,public,must-revalidate
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
B0O7NeS91qJt7rrmRyg5t0T7qvHPy6xAuLzrDRIE0o_-uPH7U34qiQ==
gpt.js
www.googletagservices.com/tag/js/ 		68 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: www.xxlmag.com
URL: https://www.xxlmag.com/kanye-west-adidas-sneakers-nike-socks/?utm_source=morning_brew
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
458d574a06157b29babfa4cde96fd9acd377e6902d8c1554eafef56abb010074
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.xxlmag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Jul 2021 01:49:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"926 / 26 of 1000 / last-modified: 1625868492"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24107
x-xss-protection
0
expires
Sat, 10 Jul 2021 01:49:22 GMT
186854-113710634486999.js
js-sec.indexww.com/ht/p/ 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/ht/p/186854-113710634486999.js
Requested by
Host: www.xxlmag.com
URL: https://www.xxlmag.com/kanye-west-adidas-sneakers-nike-socks/?utm_source=morning_brew
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
c1f87b6ebedfe2a978cb946c520baf745f8e3a4b47c690f9c7b353a84f7b53ca

Request headers

Referer
https://www.xxlmag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 10 Jul 2021 01:49:22 GMT
Content-Encoding
gzip
Last-Modified
Sat, 10 Jul 2021 00:56:09 GMT
Server
Apache
ETag
"7642bc-930b-5c6ba5a97e8c8"
Vary
Accept-Encoding
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=416
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
text/javascript
Content-Length
12790
Expires
Sat, 10 Jul 2021 01:56:18 GMT
pb.js
cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/ 		314 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=www.xxlmag.com&v=dccbd421313dae057671ffa1e639d4d1b4c2b92d&mver=199&gver=3
Requested by
Host: www.xxlmag.com
URL: https://www.xxlmag.com/kanye-west-adidas-sneakers-nike-socks/?utm_source=morning_brew
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.218 Culver City, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/669F) / Express
Resource Hash
679cf9eb13939003252c7f3eeae69f3bd141de69f5057b49e9412e5f8bfc63ce

Request headers

Referer
https://www.xxlmag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-abgroup
B
date
Sat, 10 Jul 2021 01:49:22 GMT
content-encoding
gzip
age
24807
x-powered-by
Express
x-cache
HIT
x-ua-device
desktop, desktop
x-device
carbon, carbon
content-length
95626
access-control-allow-origin
*
last-modified
Fri, 09 Jul 2021 18:56:08 GMT
server
ECS (frb/669F)
etag
W/"4e62d-Mj5PpTbo9pvlb17chE6p6A"
vary
Accept-Encoding
x-varnish
1597651096, 1597655134 1597651094
via
1.1 varnish, 1.1 varnish
cache-control
no-cache
gdpr-source
DE
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
expires
Sat, 10 Jul 2021 01:49:21 GMT
twoview_bootstrap.js
embed.air.tv/v1/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.air.tv/v1/twoview_bootstrap.js?organization=AQIWQ5-rSHOajREf3hV1Fg
Requested by
Host: www.xxlmag.com
URL: https://www.xxlmag.com/kanye-west-adidas-sneakers-nike-socks/?utm_source=morning_brew
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.195.13.237 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-195-13-237.compute-1.amazonaws.com
Software
nginx/1.16.1 /
Resource Hash
802f98225351115f877da6651f3d564131d75d97b9806227fcebcde25e910f72

Request headers

Referer
https://www.xxlmag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Jul 2021 01:49:22 GMT
content-encoding
gzip
server
nginx/1.16.1
vary
Accept-Encoding
access-control-allow-methods
GET, PATCH, POST, PUT, DELETE, OPTIONS
content-type
text/javascript
access-control-expose-headers
Authorization,Location
cache-control
max-age=0, private, no-cache
access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Mx-ReqToken,X-Requested-With
platform.js
apis.google.com/js/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/js/platform.js
Requested by
Host: www.xxlmag.com
URL: https://www.xxlmag.com/kanye-west-adidas-sneakers-nike-socks/?utm_source=morning_brew
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.xxlmag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
58b07fec4121.js
www.instagram.com/static/bundles/es6/EmbedSDK.js/
Redirect Chain
  • https://platform.instagram.com/en_US/embeds.js
  • https://www.instagram.com/embed.js
  • https://www.instagram.com/static/bundles/es6/EmbedSDK.js/58b07fec4121.js
15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.instagram.com/static/bundles/es6/EmbedSDK.js/58b07fec4121.js
Requested by
Host: www.xxlmag.com
URL: https://www.xxlmag.com/kanye-west-adidas-sneakers-nike-socks/?utm_source=morning_brew
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f22d:1e6:face:b00c:0:4420 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
55e4952be9599ffd0c411a904a954ac984ed919d612ac2c044545a373aebd1f8

Request headers

Referer
https://www.xxlmag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Jul 2021 18:25:59 GMT
content-encoding
br
etag
"58b07fec4121"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
edge-control
max-age=1209600, no-transform
cache-control
public,max-age=31536000,immutable
content-length
4824
priority
u=3,i

Redirect headers

date
Sat, 10 Jul 2021 01:49:22 GMT
x-fb-trip-id
1679558926
x-ig-origin-region
vll
content-type
text/html; charset=utf-8
location
https://www.instagram.com/static/bundles/es6/EmbedSDK.js/58b07fec4121.js
cache-control
max-age=21600
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
0
xxl-trimmed-spacing.png
townsquare.media/site/812/files/2017/10/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://townsquare.media/site/812/files/2017/10/xxl-trimmed-spacing.png
Requested by
Host: www.xxlmag.com
URL: https://www.xxlmag.com/kanye-west-adidas-sneakers-nike-socks/?utm_source=morning_brew
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.181 Culver City, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67A8) / Express
Resource Hash
f55fdfabe595363032c7909158714a72825276b03affb5781386d4f7d1c73d0a

Request headers

Referer
https://www.xxlmag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-abgroup
A
date
Sat, 10 Jul 2021 01:49:22 GMT
via
1.1 varnish
age
19123985
x-powered-by
Express
x-cache
HIT
x-carbon-image
compressed-gm
x-ua-device
desktop
x-device
desktop
content-length
15520
last-modified
Thu, 12 Sep 2019 12:52:12 GMT
server
ECS (frb/67A8)
x-varnish
2895622193 2895482164
access-control-allow-origin
*
cache-control
no-cache
gdpr-source
DE
accept-ranges
bytes
content-type
image/png
expires
Sat, 10 Jul 2021 01:49:21 GMT
cogitoergosum
www.xxlmag.com/rest/high/api/ 		128 B
495 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.xxlmag.com/rest/high/api/cogitoergosum
Requested by
Host: www.xxlmag.com
URL: https://www.xxlmag.com/kanye-west-adidas-sneakers-nike-socks/?utm_source=morning_brew
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.172 Culver City, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
nginx / Express
Resource Hash
93166d31b9fcb0ed058eaff3a9c4cf225964d2eae33ab8f0a15ad82f730fe7e4

Request headers

sec-fetch-mode
cors
origin
https://www.xxlmag.com
accept-encoding
gzip, deflate, br
accept-language
en-US
sec-fetch-dest
empty
cookie
abgroup=B
content-length
364
:path
/rest/high/api/cogitoergosum
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
application/json
accept
*/*
cache-control
no-cache
:authority
www.xxlmag.com
referer
https://www.xxlmag.com/kanye-west-adidas-sneakers-nike-socks/?utm_source=morning_brew
:scheme
https
sec-fetch-site
same-origin
:method
POST
Referer
https://www.xxlmag.com/kanye-west-adidas-sneakers-nike-socks/?utm_source=morning_brew
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
application/json

Response headers

date
Sat, 10 Jul 2021 01:49:22 GMT
etag
W/"80-EGGG3A4ePhI+D1Sc3k1zyg"
server
nginx
x-powered-by
Express
vary
Accept-Encoding
content-type
application/json; charset=utf-8
x-ua-device
desktop
cache-control
no-cache
gdpr-source
DE
x-device
desktop
set-cookie
cogitoergosum=eyJsb2NhdGlvbiI6InVuZGVmaW5lZCx1bmRlZmluZWQiLCJ0aW1lc3RhbXAiOiJTYXQsIDEwIEp1bCAyMDIxIDAxOjQ5OjIyIEdNVCJ9; Max-Age=1800; Path=/; Expires=Sat, 10 Jul 2021 02:19:22 GMT connect.sid=s%3A4MhPKlPqqRJFhn9o0XQm_M8XS_Nxl4r5.zEELnGcmB2NtCgz1qrTf0XupvnaP0yVP2IZTlD3VkYM; Path=/; Expires=Mon, 09 Aug 2021 01:49:22 GMT; HttpOnly gdpr-source=DE
content-length
128
expires
Sat, 10 Jul 2021 01:49:21 GMT
cmp.bundle.js
townsquare.media/public/resources/js/ 		185 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://townsquare.media/public/resources/js/cmp.bundle.js
Requested by
Host: www.xxlmag.com
URL: https://www.xxlmag.com/kanye-west-adidas-sneakers-nike-socks/?utm_source=morning_brew
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.181 Culver City, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67C2) / Express
Resource Hash
9fe8e056e719eda00a080764b82240552e04ca6b449c5cb5ef36d5554e3bce9f

Request headers

Referer
https://www.xxlmag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-abgroup
B
date
Sat, 10 Jul 2021 01:49:22 GMT
content-encoding
gzip
age
2266
x-powered-by
Express
x-cache
HIT
x-ua-device
desktop
x-device
desktop
content-length
46582
last-modified
Mon, 26 Oct 2020 18:28:45 GMT
server
ECS (frb/67C2)
etag
W/"2e534-175662b7509"
vary
Accept-Encoding
x-varnish
1602103111
via
1.1 varnish
cache-control
no-cache
gdpr-source
DE
accept-ranges
bytes
content-type
application/javascript
expires
Sat, 10 Jul 2021 01:49:21 GMT
launcher-stub.min.js
secure.cdn.fastclick.net/js/cnvr-launcher/latest/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher-stub.min.js
Requested by
Host: www.xxlmag.com
URL: https://www.xxlmag.com/kanye-west-adidas-sneakers-nike-socks/?utm_source=morning_brew
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.219.144 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-219-144.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
6b2b5b05933a00a9e1beb6e53fba22bf77feaa3c203e361d637985750fec4bab

Request headers

Referer
https://www.xxlmag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Jul 2021 01:49:22 GMT
content-encoding
gzip
last-modified
Tue, 19 Jan 2021 22:23:11 GMT
server
Apache
etag
"2988-5b94848b276f9-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
3813
expires
Sat, 10 Jul 2021 02:04:22 GMT
1a
i.clean.gg/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://i.clean.gg/1a
Protocol
H2
Server
34.95.69.49 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
49.69.95.34.bc.googleusercontent.com
Software
nginx/1.17.4 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.xxlmag.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx/1.17.4
date
Sat, 10 Jul 2021 01:49:22 GMT
access-control-allow-origin
*
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
access-control-max-age
1728000
content-type
text/plain; charset=utf-8
content-length
0
via
1.1 google
alt-svc
clear
1a
i.clean.gg/ 		0
104 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://i.clean.gg/1a
Requested by
Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.69.49 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
49.69.95.34.bc.googleusercontent.com
Software
nginx/1.17.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.xxlmag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 10 Jul 2021 01:49:22 GMT
via
1.1 google
server
nginx/1.17.4
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/octet-stream
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
alt-svc
clear
content-length
0
apstag.js
c.amazon-adsystem.com/aax2/ 		123 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.192.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-192-34.fra2.r.cloudfront.net
Software
Server /
Resource Hash
0f4b08d07ecca9f8fcaf108ea78bb163fc98cfc19a844bd0f87412ab34a41873

Request headers

Referer
https://www.xxlmag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
solAsf6cT0znHo3.WmotmwzgHSp5bXCi
content-encoding
gzip
server
Server
age
226
etag
c457e964d47ff007ca9e04843536c474
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 0e7eb16f335fe24acf3f13c5dee19c88.cloudfront.net (CloudFront)
cache-control
public, max-age=900
date
Sat, 10 Jul 2021 01:45:36 GMT
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
PVAbxPiWht_7gMSBOg-_zx3LIraBbBjNqdf6GDOOUl8djflvGy7r7g==
widgets.js
platform.twitter.com/ 		95 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/674C) /
Resource Hash
a12b87855b6403c6f73092396d80541a6984aae03097a637769291d9cad15d19

Request headers

Referer
https://www.xxlmag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 10 Jul 2021 01:49:22 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Age
525
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Content-Length
28779
x-tw-cdn
VZ
Last-Modified
Wed, 28 Apr 2021 17:57:32 GMT
Server
ECS (frb/674C)
Etag
"9eb59e5602fef4b3ebf6090856ff21db+gzip"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=1800
sdk.js
connect.facebook.net/en_US/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d7397d75317e2a7a0ee6589027e161572424e4208f5f380685f9dbfcec5a832a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.xxlmag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
IRHTVu82SPnFoDbJ2kWIzQ==
content-security-policy-report-only
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'unsafe-inline' 'unsafe-eval';report-uri https://www.facebook.com/csp/reporting/?m=c;
cross-origin-resource-policy
cross-origin
expires
Sat, 10 Jul 2021 01:50:46 GMT
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
1685
x-fb-rlafr
0
x-fb-debug
Ui0lsaQFLLoxG7/ZIldVw/2b1J4i9xqbwKGvTv2mDnWvy/7eI76b9pzZbbKggf00L+7z1lVQPkg0lFw1JkNV0Q==
x-fb-trip-id
917726464
x-fb-content-md5
e12e8185c91bf4f925a4016df355097a
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coop_report"
date
Sat, 10 Jul 2021 01:49:22 GMT
x-frame-options
DENY
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"a098f72915c1f2c5d7afe02ae6d50fc0"
timing-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
fbevents.js
connect.facebook.net/en_US/ 		95 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
0d17b8a38d3dce6f7357bbc8da105d92c21b6cf1c4b92351ce2b1861b065f2c5
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.xxlmag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
24676
x-xss-protection
0
pragma
public
x-fb-debug
kv6RCnPNBtk9bnmLGxpVLTJ2qif10LDA3xvegmaYD9L155mdcRiDGhYKmMBdzXeFLZpYUfmf7JT3f88cB7ddVg==
x-fb-trip-id
917726464
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Sat, 10 Jul 2021 01:49:22 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
instagram-icon.png
www.xxlmag.com/public/assets/img/nav/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.xxlmag.com/public/assets/img/nav/instagram-icon.png
Requested by
Host: www.xxlmag.com
URL: https://www.xxlmag.com/styles/desktop/base.css?ver=dccbd421313dae057671ffa1e639d4d1b4c2b92d&mver=199&gver=3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.172 Culver City, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67D5) / Express
Resource Hash
64d2653d551fc8075979181b1d93b46f8a0f58dbc0b7b47480304a12b011c65e

Request headers

:path
/public/assets/img/nav/instagram-icon.png
pragma
no-cache
cookie
abgroup=B
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.xxlmag.com
referer
https://www.xxlmag.com/styles/desktop/base.css?ver=dccbd421313dae057671ffa1e639d4d1b4c2b92d&mver=199&gver=3
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.xxlmag.com/styles/desktop/base.css?ver=dccbd421313dae057671ffa1e639d4d1b4c2b92d&mver=199&gver=3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-abgroup
B
date
Sat, 10 Jul 2021 01:49:22 GMT
via
1.1 varnish
age
2018669
x-powered-by
Express
x-cache
HIT
x-ua-device
desktop
x-device
desktop
content-length
9483
last-modified
Thu, 03 Oct 2019 21:28:36 GMT
server
ECS (frb/67D5)
etag
W/"250b-16d938652cb"
x-varnish
2216688082
cache-control
no-cache
gdpr-source
DE
set-cookie
gdpr-source=DE
accept-ranges
bytes
content-type
image/png
expires
Sat, 10 Jul 2021 01:49:21 GMT
attachment-kanye-west-adidas-nike.jpg
townsquare.media/site/812/files/2021/07/ 		84 KB
84 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://townsquare.media/site/812/files/2021/07/attachment-kanye-west-adidas-nike.jpg?w=980&q=75
Requested by
Host: www.xxlmag.com
URL: https://www.xxlmag.com/kanye-west-adidas-sneakers-nike-socks/?utm_source=morning_brew
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.181 Culver City, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6793) / Express
Resource Hash
3970c3c3d7b0d73d57a25b99e124c1e7c7c942b9a40548cbf25b80b97bb09d75

Request headers

Referer
https://www.xxlmag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-abgroup
B
date
Sat, 10 Jul 2021 01:49:22 GMT
via
1.1 varnish
age
190512
x-powered-by
Express
x-cache
HIT
x-carbon-image
compressed-gm
x-ua-device
desktop
x-device
desktop
content-length
86238
last-modified
Wed, 07 Jul 2021 20:50:39 GMT
server
ECS (frb/6793)
x-varnish
2519029710
access-control-allow-origin
*
cache-control
no-cache
gdpr-source
DE
accept-ranges
bytes
content-type
image/jpeg
expires
Sat, 10 Jul 2021 01:49:21 GMT
base.css
www.xxlmag.com/styles/desktop/ 		64 KB
64 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.xxlmag.com/styles/desktop/base.css?ver=dccbd421313dae057671ffa1e639d4d1b4c2b92d&mver=199&gver=3
Requested by
Host: www.xxlmag.com
URL: https://www.xxlmag.com/styles/desktop/base.css?ver=dccbd421313dae057671ffa1e639d4d1b4c2b92d&mver=199&gver=3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.172 Culver City, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67F3) / Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:path
/styles/desktop/base.css?ver=dccbd421313dae057671ffa1e639d4d1b4c2b92d&mver=199&gver=3
pragma
no-cache
cookie
gdpr-source=DE; abgroup=B
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.xxlmag.com
referer
https://www.xxlmag.com/styles/desktop/base.css?ver=dccbd421313dae057671ffa1e639d4d1b4c2b92d&mver=199&gver=3
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.xxlmag.com/styles/desktop/base.css?ver=dccbd421313dae057671ffa1e639d4d1b4c2b92d&mver=199&gver=3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-abgroup
B
date
Sat, 10 Jul 2021 01:49:22 GMT
content-encoding
gzip
age
24808
x-powered-by
Express
x-cache
HIT
x-ua-device
desktop
x-device
desktop
content-length
118479
last-modified
Fri, 09 Jul 2021 18:55:55 GMT
server
ECS (frb/67F3)
etag
W/"860f4-/eTntu+OtNnX8iViRri1+A"
vary
Accept-Encoding
x-varnish
1597650906
via
1.1 varnish
cache-control
no-cache
gdpr-source
DE
accept-ranges
bytes
content-type
text/css; charset=utf-8
expires
Sat, 10 Jul 2021 01:49:21 GMT
ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2
fonts.gstatic.com/s/robotocondensed/v19/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/robotocondensed/v19/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,400italic,500,500italic,700,300italic,300|Roboto+Condensed:300,400,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c867104326e3c4b658209d8e5bcea0900aaf7fbc2bbc181ca01c482cac2810f3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.xxlmag.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Jul 2021 01:30:05 GMT
x-content-type-options
nosniff
age
346757
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15640
x-xss-protection
0
last-modified
Tue, 15 Sep 2020 18:08:37 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 06 Jul 2022 01:30:05 GMT
ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
fonts.gstatic.com/s/robotocondensed/v19/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/robotocondensed/v19/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,400italic,500,500italic,700,300italic,300|Roboto+Condensed:300,400,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
53b907326f7c21a04f6d39cc32ff471aafec57d887feabfabb53394f378c659f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.xxlmag.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Jul 2021 00:30:52 GMT
x-content-type-options
nosniff
age
350310
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15720
x-xss-protection
0
last-modified
Tue, 15 Sep 2020 18:08:56 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 06 Jul 2022 00:30:52 GMT
truncated
/ 		50 KB
50 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3400c27c9329fc2805aa324d61c60db41f90c338450da456b31cde72fd83122c

Request headers

Origin
https://www.xxlmag.com
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
font/opentype;charset=utf-8
ieVi2ZhZI2eCN5jzbjEETS9weq8-33mZGCQYbw.woff2
fonts.gstatic.com/s/robotocondensed/v19/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/robotocondensed/v19/ieVi2ZhZI2eCN5jzbjEETS9weq8-33mZGCQYbw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,400italic,500,500italic,700,300italic,300|Roboto+Condensed:300,400,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ab106619cd53cba1c09e1b3aedcf87dc90958fef3b886f9107a0ae94f5dd7733
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.xxlmag.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Jul 2021 05:15:24 GMT
x-content-type-options
nosniff
age
333238
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15604
x-xss-protection
0
last-modified
Tue, 15 Sep 2020 18:08:39 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 06 Jul 2022 05:15:24 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,400italic,500,500italic,700,300italic,300|Roboto+Condensed:300,400,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.xxlmag.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Jul 2021 03:00:34 GMT
x-content-type-options
nosniff
age
341328
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15828
x-xss-protection
0
last-modified
Mon, 05 Apr 2021 21:10:46 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 06 Jul 2022 03:00:34 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,400italic,500,500italic,700,300italic,300|Roboto+Condensed:300,400,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.xxlmag.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Jul 2021 06:52:18 GMT
x-content-type-options
nosniff
age
327424
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
last-modified
Mon, 05 Apr 2021 21:10:35 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 06 Jul 2022 06:52:18 GMT
main.bundle.dccbd421313dae057671ffa1e639d4d1b4c2b92d.js
townsquare.media/public/dist/desktop/ 		1 MB
321 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://townsquare.media/public/dist/desktop/main.bundle.dccbd421313dae057671ffa1e639d4d1b4c2b92d.js?mver=199&gver=3
Requested by
Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.181 Culver City, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67E2) / Express
Resource Hash
c264f0f7b928a1d43e7de3f662d9212e5652c1bc05d35e240aaa10800e71cd20

Request headers

Referer
https://www.xxlmag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-abgroup
B
date
Sat, 10 Jul 2021 01:49:22 GMT
content-encoding
gzip
age
24834
x-powered-by
Express
x-cache
HIT
x-ua-device
desktop
x-device
desktop
content-length
328804
last-modified
Fri, 09 Jul 2021 18:54:23 GMT
server
ECS (frb/67E2)
etag
W/"1160a6-17a8c9eebd7"
vary
Accept-Encoding
x-varnish
2548675499
via
1.1 varnish
cache-control
no-cache
gdpr-source
DE
accept-ranges
bytes
content-type
application/javascript
expires
Sat, 10 Jul 2021 01:49:21 GMT
/
www.xxlmag.com/kanye-west-adidas-sneakers-nike-socks/ 		114 KB
23 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.xxlmag.com/kanye-west-adidas-sneakers-nike-socks/?utm_source=morning_brew&initialState=dccbd421313dae057671ffa1e639d4d1b4c2b92d
Requested by
Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.172 Culver City, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
nginx / Express
Resource Hash
0f9e1044ba4d3673a42486e3b9582e3abce2aab922ce013964928d9dc4331ee0

Request headers

:path
/kanye-west-adidas-sneakers-nike-socks/?utm_source=morning_brew&initialState=dccbd421313dae057671ffa1e639d4d1b4c2b92d
pragma
no-cache
cookie
gdpr-source=DE; abgroup=B; cogitoergosum=eyJsb2NhdGlvbiI6InVuZGVmaW5lZCx1bmRlZmluZWQiLCJ0aW1lc3RhbXAiOiJTYXQsIDEwIEp1bCAyMDIxIDAxOjQ5OjIyIEdNVCJ9; connect.sid=s%3A4MhPKlPqqRJFhn9o0XQm_M8XS_Nxl4r5.zEELnGcmB2NtCgz1qrTf0XupvnaP0yVP2IZTlD3VkYM
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
empty
:authority
www.xxlmag.com
referer
https://www.xxlmag.com/kanye-west-adidas-sneakers-nike-socks/?utm_source=morning_brew
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.xxlmag.com/kanye-west-adidas-sneakers-nike-socks/?utm_source=morning_brew
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-abgroup
B
date
Sat, 10 Jul 2021 01:49:22 GMT
content-encoding
gzip
age
0
x-powered-by
Express
x-cache
MISS
x-ua-device
desktop
x-device
desktop
content-length
23719
server
nginx
etag
W/"1c62d-zL1rHJjRfLH4m+tGO6H82Q"
vary
Accept-Encoding
x-varnish
1602521973
via
1.1 varnish
cache-control
no-cache
gdpr-source
DE
accept-ranges
bytes
content-type
application/json; charset=utf-8
expires
Sat, 10 Jul 2021 01:49:21 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
463 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j91&tid=UA-19109753-54&cid=1815658449.1625881762&jid=2131129068&gjid=1619768859&_gid=291213849.1625881762&_u=aGBAgAADAAAAAE~&z=303845403
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c08::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.xxlmag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Sat, 10 Jul 2021 01:49:22 GMT
content-type
text/plain
access-control-allow-origin
https://www.xxlmag.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j91&a=308780510&t=pageview&_s=1&dl=https%3A%2F%2Fwww.xxlmag.com%2Fkanye-west-adidas-sneakers-nike-socks%2F%3Futm_source%3Dmorning_brew&ul=en-us&de=UTF-8&dt=Kanye%20West%20Wearing%20Adidas%20Sneakers%20With%20Nike%20Socks%20Confuses%20Fans%20-%20XXL&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAgAAD~&jid=2131129068&gjid=1619768859&cid=1815658449.1625881762&tid=UA-19109753-54&_gid=291213849.1625881762&_av=2.4.1&_au=20&cd1=trentfitzgerald&cd2=news&cd3=kanye-west&cd4=post&cd5=Wed%20Jul%2007%202021&cd6=16%3A53&cd7=standard&cd8=422&cd9=B&cd10=yes&cd12=&cd13=&did=i5iSjo&z=2003797863
Requested by
Host: www.xxlmag.com
URL: https://www.xxlmag.com/kanye-west-adidas-sneakers-nike-socks/?utm_source=morning_brew
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.xxlmag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 09 Jul 2021 05:28:47 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
73235
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
launcher.min.js
secure.cdn.fastclick.net/js/cnvr-launcher/latest/ 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Requested by
Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.219.144 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-219-144.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d7cd09b590143e055a2a0bbfa2b87359e72b419db9f29ecdf3e946fc08c74a56

Request headers

Referer
https://www.xxlmag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Jul 2021 01:49:22 GMT
content-encoding
gzip
last-modified
Tue, 19 Jan 2021 22:23:11 GMT
server
Apache
etag
"a253-5b94848b276f1-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
14886
expires
Sat, 10 Jul 2021 02:04:22 GMT
sdk.js
connect.facebook.net/en_US/ 		228 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=16aa5bcb21d92988de353ec8b8aa78ec
Requested by
Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d317b24dfaefebb2b238c856123fb07cf5e74c0a0db2140f47a637e1c7f7c65a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Origin
https://www.xxlmag.com
Referer
https://www.xxlmag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
3Qsa5/5noEzqLj3fngi9ZQ==
cross-origin-resource-policy
cross-origin
expires
Sun, 10 Jul 2022 00:52:21 GMT
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
67901
x-fb-rlafr
0
x-fb-debug
ui6njzWfODOdbvBeEN80NQdwRMWOWiIzZ6pQDxhiLiFQA0+5FDqkgipcX4VrUKbj3M+z5LjEeCXjai6Lyrz/Mg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coop_report"
x-fb-content-md5
c19295577f3252a22149209657a8e79c
cross-origin-opener-policy
same-origin-allow-popups
date
Sat, 10 Jul 2021 01:49:22 GMT
x-frame-options
DENY
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"d072caebe9cb2213f775ceda55d1843a"
timing-allow-origin
*
priority
u=3,i
access-control-expose-headers
X-FB-Content-MD5
rid
match.adsrvr.org/track/ 		109 B
544 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=casale&fmt=json&p=186854
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/186854-113710634486999.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
7a933c4fef2fedf2a2176cff6375dab356cdd4f22ecbb7586e707bd696370ee1

Request headers

Referer
https://www.xxlmag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Sat, 10 Jul 2021 01:49:22 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.xxlmag.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
109
expires
Mon, 09 Aug 2021 01:49:22 GMT
identity
api.rlcdn.com/api/ 		44 B
328 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.rlcdn.com/api/identity?pid=2&rt=envelope
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/186854-113710634486999.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.133.55 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
55.133.120.34.bc.googleusercontent.com
Software
/
Resource Hash
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.xxlmag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Sat, 10 Jul 2021 01:49:22 GMT
via
1.1 google
x-content-type-options
nosniff
access-control-allow-headers
Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
access-control-allow-methods
GET, OPTIONS
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.xxlmag.com
access-control-allow-credentials
true
alt-svc
clear
content-length
44
631470830669776
connect.facebook.net/signals/config/ 		261 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/631470830669776?v=2.9.43&r=stable
Requested by
Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d10b167ace3ba921bc305dc762610e7f7510700e9e32896d7b982c676f8b3474
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.xxlmag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
76150
x-xss-protection
0
pragma
public
x-fb-debug
dpHuihVlmrjZy11+v/pE1vqm3W9Et8RwptkS+s1Dx4LdjGaGVBMqR4bfd3K2318D6xeNhkIQtzyP8EOVGTcYGA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coop_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Sat, 10 Jul 2021 01:49:22 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
widget_iframe.06c6ee58c3810956b7509218508c7b56.html
platform.twitter.com/widgets/ Frame B73F 		319 KB
103 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/widget_iframe.06c6ee58c3810956b7509218508c7b56.html?origin=https%3A%2F%2Fwww.xxlmag.com
Requested by
Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6723) /
Resource Hash
5f789ea36ae4671282524bda454709578d63b915b782c1e041132a7e726ff1c3

Request headers

Host
platform.twitter.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.xxlmag.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.xxlmag.com/

Response headers

Content-Encoding
gzip
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
706867
Cache-Control
public, max-age=315360000
Content-Type
text/html; charset=utf-8
Date
Sat, 10 Jul 2021 01:49:22 GMT
Etag
"dab7ee9ff99366614e06e117bab5e542+gzip"
Last-Modified
Wed, 28 Apr 2021 17:56:54 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (frb/6723)
Vary
Accept-Encoding
X-Cache
HIT
x-tw-cdn
VZ
Content-Length
105298
pubads_impl_2021070101.js
securepubads.g.doubleclick.net/gpt/ 		329 KB
115 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021070101.js
Requested by
Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
sffe /
Resource Hash
0e4f0cc2a47e98ed56d5416afb1177b7337b7dc7cf561d9297854f527a9796d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.xxlmag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Jul 2021 01:49:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 01 Jul 2021 08:37:23 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
117092
x-xss-protection
0
expires
Sat, 10 Jul 2021 01:49:22 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		130 B
756 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.xxlmag.com
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
709bf6bebe72962aa04f730f56811e7e520362994ae3fa8383139ac14c97e62e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.xxlmag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 10 Jul 2021 01:49:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
99
x-xss-protection
0
expires
Sat, 10 Jul 2021 01:49:22 GMT
config
c.amazon-adsystem.com/cdn/prod/ 		0
311 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=3227&u=https%3A%2F%2Fwww.xxlmag.com%2Fkanye-west-adidas-sneakers-nike-socks%2F%3Futm_source%3Dmorning_brew
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.192.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-192-34.fra2.r.cloudfront.net
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.xxlmag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Jul 2021 00:54:35 GMT
via
1.1 0e7eb16f335fe24acf3f13c5dee19c88.cloudfront.net (CloudFront)
server
Server
age
3287
x-cache
Hit from cloudfront
access-control-allow-origin
https://www.xxlmag.com
cache-control
max-age=86087, s-maxage=86400
access-control-allow-credentials
true
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
LxP8uN-9MdF7LPvfXP3yzF5z-WSRDBkcxH-q92BEaK0NSCP3PSKDLQ==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.192.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-192-34.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Referer
https://www.xxlmag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
UwMoja_wiYmXZ_L.v58hX8_8XzeYFzV9
content-encoding
gzip
etag
W/"a4d296427fc806b21335359e398c025c"
age
2442
x-cache
Hit from cloudfront
access-control-max-age
3000
access-control-allow-origin
*
last-modified
Thu, 01 Jul 2021 22:05:10 GMT
server
AmazonS3
date
Sat, 10 Jul 2021 01:08:41 GMT
vary
Origin
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 2ec3090d74e200e4acdb2780da3c3c44.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
oOkX9Fcqq2pgQ8K1rhBA1HzxvETrKgTZv7lZN0D4j8uz2RBLo7y8lg==
ga-audiences
www.google.com/ads/ 		42 B
290 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j91&tid=UA-19109753-54&cid=1815658449.1625881762&jid=2131129068&_u=aGBAgAADAAAAAE~&z=2103513631
Requested by
Host: www.xxlmag.com
URL: https://www.xxlmag.com/kanye-west-adidas-sneakers-nike-socks/?utm_source=morning_brew
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.xxlmag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Jul 2021 01:49:22 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
522 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j91&tid=UA-19109753-54&cid=1815658449.1625881762&jid=2131129068&_u=aGBAgAADAAAAAE~&z=2103513631
Requested by
Host: www.xxlmag.com
URL: https://www.xxlmag.com/kanye-west-adidas-sneakers-nike-socks/?utm_source=morning_brew
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.xxlmag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Jul 2021 01:49:22 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
launcher
proc.ad.cpe.dotomi.com/cvx/client/direct/ 		415 B
622 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://proc.ad.cpe.dotomi.com/cvx/client/direct/launcher?version=1.0.8&lid=336
Requested by
Host: secure.cdn.fastclick.net
URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:fa8:8806:13::1460 , United States, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
33e35e9cfc120a2f7a56d46bd1abb9e882362d11f5c89fc521b5f204ac423d71

Request headers

Referer
https://www.xxlmag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Jul 2021 01:49:22 GMT
server
nginx
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.xxlmag.com
cache-control
max-age=1800
access-control-allow-credentials
true
content-length
415
expires
Sat, 10 Jul 2021 02:19:22 GMT
twoview-1.0.js
cdn-sp-s3.air.tv/airtv.js/v/2021-06-21_17-40-06/ 		426 KB
100 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-sp-s3.air.tv/airtv.js/v/2021-06-21_17-40-06/twoview-1.0.js
Requested by
Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
79c239516e5e88e406844b029dd7e94214c5990880e6646ac9d64e6ce05c4b07

Request headers

Referer
https://www.xxlmag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Jul 2021 01:49:22 GMT
content-encoding
gzip
last-modified
Tue, 22 Jun 2021 00:40:45 GMT
server
AmazonS3
x-amz-request-id
XKD2GN6Q4S206MNT
etag
"d6da2a719a43c00265e82c588b67535d"
x-hw
1625881762.cds008.fr8.hn,1625881762.cds231.fr8.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
content-length
102532
x-amz-id-2
2qdpo1j/yjR5sEpg0lV5KZqbdjiBn7zIgreEicXssN6iVcu3wgJnLxVRcCtXtYhMdTAlqejY85o=
/
www.facebook.com/tr/ 		44 B
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=631470830669776&ev=PageView&dl=https%3A%2F%2Fwww.xxlmag.com%2Fkanye-west-adidas-sneakers-nike-socks%2F%3Futm_source%3Dmorning_brew&rl=&if=false&ts=1625881762726&sw=1600&sh=1200&v=2.9.43&r=stable&ec=0&o=30&fbp=fb.1.1625881762724.1691969221&it=1625881762540&coo=false&rqm=GET
Requested by
Host: www.xxlmag.com
URL: https://www.xxlmag.com/kanye-west-adidas-sneakers-nike-socks/?utm_source=morning_brew
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.xxlmag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Jul 2021 01:49:22 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Sat, 10 Jul 2021 01:49:22 GMT
headerstats
as-sec.casalemedia.com/ 		0
428 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://as-sec.casalemedia.com/headerstats?s=254982&u=https%3A%2F%2Fwww.xxlmag.com%2Fkanye-west-adidas-sneakers-nike-socks%2F%3Futm_source%3Dmorning_brew&v=3
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/186854-113710634486999.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.xxlmag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma
no-cache
Date
Sat, 10 Jul 2021 01:49:22 GMT
X-AK-INITIAL-GEO
CC:[DE], RC:[SN], CN:[EU], CIP:[144.76.109.30], XFF:[]
Server
Apache
Access-Control-Allow-Origin
https://www.xxlmag.com
X-CS-CLIENT-GEO
12
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
X-AK-CLIENT-GEO
12
Expires
Sat, 10 Jul 2021 01:49:22 GMT
gdpr-cmp-bootstrap.js
cdn.conversant.mgr.consensu.org/gdpr/cmp/3/ 		318 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.conversant.mgr.consensu.org/gdpr/cmp/3/gdpr-cmp-bootstrap.js
Requested by
Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.247.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-247-126.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
160a189978d8d578dbaf912cefefd4125c5569a5d2a7167056fe4afbb6415a34

Request headers

Referer
https://www.xxlmag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Jul 2021 01:49:22 GMT
content-encoding
gzip
last-modified
Thu, 24 Jun 2021 18:44:36 GMT
server
Apache
etag
"4f7ec-5c5876a375030-gzip"
vary
Accept-Encoding
access-control-allow-methods
GET,POST,OPTIONS
content-type
application/javascript
access-control-allow-origin
*
access-control-max-age
3600
cache-control
max-age=900
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
content-length
68538
cogitoergosum
www.xxlmag.com/rest/high/api/ 		128 B
334 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.xxlmag.com/rest/high/api/cogitoergosum
Requested by
Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.172 Culver City, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
nginx / Express
Resource Hash
93166d31b9fcb0ed058eaff3a9c4cf225964d2eae33ab8f0a15ad82f730fe7e4

Request headers

sec-fetch-mode
cors
origin
https://www.xxlmag.com
accept-encoding
gzip, deflate, br
accept-language
en-US
sec-fetch-dest
empty
cookie
gdpr-source=DE; abgroup=B; cogitoergosum=eyJsb2NhdGlvbiI6InVuZGVmaW5lZCx1bmRlZmluZWQiLCJ0aW1lc3RhbXAiOiJTYXQsIDEwIEp1bCAyMDIxIDAxOjQ5OjIyIEdNVCJ9; connect.sid=s%3A4MhPKlPqqRJFhn9o0XQm_M8XS_Nxl4r5.zEELnGcmB2NtCgz1qrTf0XupvnaP0yVP2IZTlD3VkYM; _ga=GA1.2.1815658449.1625881762; _gid=GA1.2.291213849.1625881762; _gat_primary=1; _fbp=fb.1.1625881762724.1691969221
content-length
376
:path
/rest/high/api/cogitoergosum
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
application/json
accept
*/*
cache-control
no-cache
:authority
www.xxlmag.com
referer
https://www.xxlmag.com/kanye-west-adidas-sneakers-nike-socks/?utm_source=morning_brew
:scheme
https
sec-fetch-site
same-origin
:method
POST
Referer
https://www.xxlmag.com/kanye-west-adidas-sneakers-nike-socks/?utm_source=morning_brew
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 10 Jul 2021 01:49:22 GMT
etag
W/"80-EGGG3A4ePhI+D1Sc3k1zyg"
server
nginx
x-powered-by
Express
vary
Accept-Encoding
content-type
application/json; charset=utf-8
x-ua-device
desktop
cache-control
no-cache
gdpr-source
DE
x-device
desktop
set-cookie
cogitoergosum=eyJsb2NhdGlvbiI6InVuZGVmaW5lZCx1bmRlZmluZWQiLCJ0aW1lc3RhbXAiOiJTYXQsIDEwIEp1bCAyMDIxIDAxOjQ5OjIyIEdNVCJ9; Max-Age=1800; Path=/; Expires=Sat, 10 Jul 2021 02:19:22 GMT
content-length
128
expires
Sat, 10 Jul 2021 01:49:21 GMT
status
www.facebook.com/x/oauth/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/x/oauth/status?client_id=184854740153433&input_token&origin=1&redirect_uri=https%3A%2F%2Fwww.xxlmag.com%2Fkanye-west-adidas-sneakers-nike-socks%2F%3Futm_source%3Dmorning_brew&sdk=joey&wants_cookie_data=false
Requested by
Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.xxlmag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; preload
x-content-type-options
nosniff
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
0
x-fb-rlafr
0
pragma
no-cache
x-fb-debug
iys+9lJdKgmKC8DM9A1b3JunG14fnWwjNvphgM2eh0rM7X/kF14zHryWsQZT6z7tvlquOTdPyxURGIvP8A2egw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coop_report"
fb-s
unknown
cross-origin-opener-policy
same-origin-allow-popups
date
Sat, 10 Jul 2021 01:49:22 GMT
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.xxlmag.com
access-control-expose-headers
fb-s
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
chunk-28.fd0dfc83ecc1ec9709ce.1625854580238.js
www.xxlmag.com/public/dist/desktop/ 		1 KB
734 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.xxlmag.com/public/dist/desktop/chunk-28.fd0dfc83ecc1ec9709ce.1625854580238.js
Requested by
Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.172 Culver City, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/668D) / Express
Resource Hash
4d41f53df2e8dcc2797bf83287d8f9a570ef9fb5f0fa5cfe4949e6f050e088f2

Request headers

:path
/public/dist/desktop/chunk-28.fd0dfc83ecc1ec9709ce.1625854580238.js
pragma
no-cache
cookie
abgroup=B; cogitoergosum=eyJsb2NhdGlvbiI6InVuZGVmaW5lZCx1bmRlZmluZWQiLCJ0aW1lc3RhbXAiOiJTYXQsIDEwIEp1bCAyMDIxIDAxOjQ5OjIyIEdNVCJ9; connect.sid=s%3A4MhPKlPqqRJFhn9o0XQm_M8XS_Nxl4r5.zEELnGcmB2NtCgz1qrTf0XupvnaP0yVP2IZTlD3VkYM; _ga=GA1.2.1815658449.1625881762; _gid=GA1.2.291213849.1625881762; _gat_primary=1; _fbp=fb.1.1625881762724.1691969221
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.xxlmag.com
referer
https://www.xxlmag.com/kanye-west-adidas-sneakers-nike-socks/?utm_source=morning_brew
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.xxlmag.com/kanye-west-adidas-sneakers-nike-socks/?utm_source=morning_brew
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-abgroup
B
date
Sat, 10 Jul 2021 01:49:22 GMT
content-encoding
gzip
age
24803
x-powered-by
Express
x-cache
HIT
x-ua-device
desktop
x-device
desktop
content-length
590
last-modified
Fri, 09 Jul 2021 18:54:10 GMT
server
ECS (frb/668D)
etag
W/"46a-17a8c9eba03"
vary
Accept-Encoding
x-varnish
2548684037
via
1.1 varnish
cache-control
no-cache
gdpr-source
DE
set-cookie
gdpr-source=DE
accept-ranges
bytes
content-type
application/javascript
expires
Sat, 10 Jul 2021 01:49:21 GMT
chunk-15.08c265f08f6506fea3b1.1625854580238.js
www.xxlmag.com/public/dist/desktop/ 		39 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.xxlmag.com/public/dist/desktop/chunk-15.08c265f08f6506fea3b1.1625854580238.js
Requested by
Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.172 Culver City, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67C1) / Express
Resource Hash
ce9f02cb93d28eea66a9173abfa43c724815d54664e4dc0cace6cc3cde1dc360

Request headers

:path
/public/dist/desktop/chunk-15.08c265f08f6506fea3b1.1625854580238.js
pragma
no-cache
cookie
abgroup=B; cogitoergosum=eyJsb2NhdGlvbiI6InVuZGVmaW5lZCx1bmRlZmluZWQiLCJ0aW1lc3RhbXAiOiJTYXQsIDEwIEp1bCAyMDIxIDAxOjQ5OjIyIEdNVCJ9; connect.sid=s%3A4MhPKlPqqRJFhn9o0XQm_M8XS_Nxl4r5.zEELnGcmB2NtCgz1qrTf0XupvnaP0yVP2IZTlD3VkYM; _ga=GA1.2.1815658449.1625881762; _gid=GA1.2.291213849.1625881762; _gat_primary=1; _fbp=fb.1.1625881762724.1691969221
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.xxlmag.com
referer
https://www.xxlmag.com/kanye-west-adidas-sneakers-nike-socks/?utm_source=morning_brew
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.xxlmag.com/kanye-west-adidas-sneakers-nike-socks/?utm_source=morning_brew
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-abgroup
B
date
Sat, 10 Jul 2021 01:49:22 GMT
content-encoding
gzip
age
24822
x-powered-by
Express
x-cache
HIT
x-ua-device
desktop
x-device
desktop
content-length
11692
last-modified
Fri, 09 Jul 2021 18:54:23 GMT
server
ECS (frb/67C1)
etag
W/"9a88-17a8c9eeb57"
vary
Accept-Encoding
x-varnish
2548684042 2548678420
via
1.1 varnish
cache-control
no-cache
gdpr-source
DE
set-cookie
gdpr-source=DE
accept-ranges
bytes
content-type
application/javascript
expires
Sat, 10 Jul 2021 01:49:21 GMT
chunk-4.f079555344eee6385632.1625854580238.js
www.xxlmag.com/public/dist/desktop/ 		26 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.xxlmag.com/public/dist/desktop/chunk-4.f079555344eee6385632.1625854580238.js
Requested by
Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.172 Culver City, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6760) / Express
Resource Hash
73f78905a0f9875ea0aad23633e3a6a81c164a0521c73de26224fde6e759b0df

Request headers

:path
/public/dist/desktop/chunk-4.f079555344eee6385632.1625854580238.js
pragma
no-cache
cookie
abgroup=B; cogitoergosum=eyJsb2NhdGlvbiI6InVuZGVmaW5lZCx1bmRlZmluZWQiLCJ0aW1lc3RhbXAiOiJTYXQsIDEwIEp1bCAyMDIxIDAxOjQ5OjIyIEdNVCJ9; connect.sid=s%3A4MhPKlPqqRJFhn9o0XQm_M8XS_Nxl4r5.zEELnGcmB2NtCgz1qrTf0XupvnaP0yVP2IZTlD3VkYM; _ga=GA1.2.1815658449.1625881762; _gid=GA1.2.291213849.1625881762; _gat_primary=1; _fbp=fb.1.1625881762724.1691969221
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.xxlmag.com
referer
https://www.xxlmag.com/kanye-west-adidas-sneakers-nike-socks/?utm_source=morning_brew
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.xxlmag.com/kanye-west-adidas-sneakers-nike-socks/?utm_source=morning_brew
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-abgroup
B
date
Sat, 10 Jul 2021 01:49:22 GMT
content-encoding
gzip
age
24822
x-powered-by
Express
x-cache
HIT
x-ua-device
desktop
x-device
desktop
content-length
7754
last-modified
Fri, 09 Jul 2021 18:54:23 GMT
server
ECS (frb/6760)
etag
W/"669c-17a8c9eebb7"
vary
Accept-Encoding
x-varnish
2548684043 2548678407
via
1.1 varnish
cache-control
no-cache
gdpr-source
DE
set-cookie
gdpr-source=DE
accept-ranges
bytes
content-type
application/javascript
expires
Sat, 10 Jul 2021 01:49:21 GMT
chunk-31.740605bef5c7c934ce60.1625854580238.js
www.xxlmag.com/public/dist/desktop/ 		920 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.xxlmag.com/public/dist/desktop/chunk-31.740605bef5c7c934ce60.1625854580238.js
Requested by
Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.172 Culver City, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67D6) / Express
Resource Hash
a09bc7a911d1369719b974f3a9c6d24c909d74f669b690a59300f92857db0f59

Request headers

:path
/public/dist/desktop/chunk-31.740605bef5c7c934ce60.1625854580238.js
pragma
no-cache
cookie
abgroup=B; cogitoergosum=eyJsb2NhdGlvbiI6InVuZGVmaW5lZCx1bmRlZmluZWQiLCJ0aW1lc3RhbXAiOiJTYXQsIDEwIEp1bCAyMDIxIDAxOjQ5OjIyIEdNVCJ9; connect.sid=s%3A4MhPKlPqqRJFhn9o0XQm_M8XS_Nxl4r5.zEELnGcmB2NtCgz1qrTf0XupvnaP0yVP2IZTlD3VkYM; _ga=GA1.2.1815658449.1625881762; _gid=GA1.2.291213849.1625881762; _gat_primary=1; _fbp=fb.1.1625881762724.1691969221
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.xxlmag.com
referer
https://www.xxlmag.com/kanye-west-adidas-sneakers-nike-socks/?utm_source=morning_brew
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.xxlmag.com/kanye-west-adidas-sneakers-nike-socks/?utm_source=morning_brew
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-abgroup
B
date
Sat, 10 Jul 2021 01:49:22 GMT
via
1.1 varnish
age
24803
x-powered-by
Express
x-cache
HIT
x-ua-device
desktop
x-device
desktop
content-length
920
last-modified
Fri, 09 Jul 2021 18:54:11 GMT
server
ECS (frb/67D6)
etag
W/"398-17a8c9ebf3e"
x-varnish
1597652567
cache-control
no-cache
gdpr-source
DE
set-cookie
gdpr-source=DE
accept-ranges
bytes
content-type
application/javascript
expires
Sat, 10 Jul 2021 01:49:21 GMT
chunk-32.1b3db3d79ba80c2dafed.1625854580238.js
www.xxlmag.com/public/dist/desktop/ 		1 KB
738 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.xxlmag.com/public/dist/desktop/chunk-32.1b3db3d79ba80c2dafed.1625854580238.js
Requested by
Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.172 Culver City, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/674B) / Express
Resource Hash
bef0b3b88c21ef2445ef94eff8cceb4215f6689193782121cee06c7eaa6e81a1

Request headers

:path
/public/dist/desktop/chunk-32.1b3db3d79ba80c2dafed.1625854580238.js
pragma
no-cache
cookie
abgroup=B; cogitoergosum=eyJsb2NhdGlvbiI6InVuZGVmaW5lZCx1bmRlZmluZWQiLCJ0aW1lc3RhbXAiOiJTYXQsIDEwIEp1bCAyMDIxIDAxOjQ5OjIyIEdNVCJ9; connect.sid=s%3A4MhPKlPqqRJFhn9o0XQm_M8XS_Nxl4r5.zEELnGcmB2NtCgz1qrTf0XupvnaP0yVP2IZTlD3VkYM; _ga=GA1.2.1815658449.1625881762; _gid=GA1.2.291213849.1625881762; _gat_primary=1; _fbp=fb.1.1625881762724.1691969221
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.xxlmag.com
referer
https://www.xxlmag.com/kanye-west-adidas-sneakers-nike-socks/?utm_source=morning_brew
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.xxlmag.com/kanye-west-adidas-sneakers-nike-socks/?utm_source=morning_brew
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-abgroup
B
date
Sat, 10 Jul 2021 01:49:22 GMT
content-encoding
gzip
age
24803
x-powered-by
Express
x-cache
HIT
x-ua-device
desktop
x-device
desktop
content-length
634
last-modified
Fri, 09 Jul 2021 18:54:10 GMT
server
ECS (frb/674B)
etag
W/"5a3-17a8c9eba07"
vary
Accept-Encoding
x-varnish
1597652569
via
1.1 varnish
cache-control
no-cache
gdpr-source
DE
set-cookie
gdpr-source=DE
accept-ranges
bytes
content-type
application/javascript
expires
Sat, 10 Jul 2021 01:49:21 GMT
bid
krk.kargo.com/api/v2/ 		2 B
677 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://krk.kargo.com/api/v2/bid?json=%7B%22sessionId%22%3A%2263454a41-19d7-494a-b7b8-e55342c8c09a%22%2C%22requestCount%22%3A0%2C%22timeout%22%3A2000%2C%22currency%22%3A%22USD%22%2C%22cpmGranularity%22%3A1%2C%22timestamp%22%3A1625881762867%2C%22cpmRange%22%3A%7B%22floor%22%3A0%2C%22ceil%22%3A20%7D%2C%22bidIDs%22%3A%7B%2241136dbdf59bb%22%3A%22_vNCheCkO9Y%22%7D%2C%22bidSizes%22%3A%7B%2241136dbdf59bb%22%3A%5B%5B1%2C1%5D%2C%5B300%2C250%5D%2C%5B336%2C280%5D%5D%7D%2C%22prebidRawBidRequests%22%3A%5B%7B%22bidder%22%3A%22kargo%22%2C%22params%22%3A%7B%22placementId%22%3A%22_vNCheCkO9Y%22%7D%2C%22mediaTypes%22%3A%7B%22banner%22%3A%7B%22sizes%22%3A%5B%5B1%2C1%5D%2C%5B300%2C250%5D%2C%5B336%2C280%5D%5D%7D%2C%22video%22%3A%7B%22context%22%3A%22outstream%22%2C%22mimes%22%3A%5B%22video%2Fmp4%22%5D%2C%22maxduration%22%3A120%2C%22protocols%22%3A%5B1%2C2%2C3%2C4%2C5%2C6%2C7%2C8%5D%2C%22maxbitrate%22%3A30000%2C%22minbitrate%22%3A200%2C%22api%22%3A%5B1%2C2%2C3%2C4%2C5%2C6%5D%2C%22skip%22%3A0%2C%22playerSize%22%3A%5B%5B400%2C225%5D%5D%7D%7D%2C%22adUnitCode%22%3A%22tsm-ad-in-article-pixel-1%22%2C%22transactionId%22%3A%2297345ccc-248b-4af6-a5ec-6d7fb0917722%22%2C%22sizes%22%3A%5B%5B1%2C1%5D%2C%5B300%2C250%5D%2C%5B336%2C280%5D%5D%2C%22bidId%22%3A%2241136dbdf59bb%22%2C%22bidderRequestId%22%3A%223e50e24c8c1fb1%22%2C%22auctionId%22%3A%2209055189-3cf9-485d-85c1-e46ffeaf7efb%22%2C%22src%22%3A%22client%22%2C%22bidRequestsCount%22%3A1%2C%22bidderRequestsCount%22%3A1%2C%22bidderWinsCount%22%3A0%7D%5D%2C%22userIDs%22%3A%7B%22crbIDs%22%3A%7B%7D%7D%2C%22krux%22%3A%7B%22userID%22%3Anull%2C%22segments%22%3A%5B%5D%7D%2C%22pageURL%22%3A%22https%3A%2F%2Fwww.xxlmag.com%2Fkanye-west-adidas-sneakers-nike-socks%2F%3Futm_source%3Dmorning_brew%22%2C%22rawCRB%22%3Anull%2C%22rawCRBLocalStorage%22%3Anull%7D
Requested by
Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=www.xxlmag.com&v=dccbd421313dae057671ffa1e639d4d1b4c2b92d&mver=199&gver=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.223.2 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-223-2.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://www.xxlmag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 10 Jul 2021 01:49:22 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://www.xxlmag.com
Cache-Control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Krk-No-Bid-Reason
consent
Content-Length
26
X-Accel-Expires
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
v2
e.serverbid.com/api/ 		16 B
168 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://e.serverbid.com/api/v2
Requested by
Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=www.xxlmag.com&v=dccbd421313dae057671ffa1e639d4d1b4c2b92d&mver=199&gver=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
134.209.131.220 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
903eb8f1cc364e01930ba03579f049a72794aa91d1a5842a2edb6365e436bb7c

Request headers

Referer
https://www.xxlmag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.xxlmag.com
date
Sat, 10 Jul 2021 01:49:23 GMT
access-control-allow-credentials
true
content-length
16
vary
Origin
content-type
application/json
prebid
ib.adnxs.com/ut/v3/ 		19 B
696 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=www.xxlmag.com&v=dccbd421313dae057671ffa1e639d4d1b4c2b92d&mver=199&gver=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.62 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.xxlmag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 10 Jul 2021 01:49:22 GMT
X-Proxy-Origin
144.76.109.30; 144.76.109.30; 535.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
f24cf45d-95d2-41ad-b2a5-7c7aa4d200dd
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.xxlmag.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bid-request
a.teads.tv/hb/ 		16 B
248 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=www.xxlmag.com&v=dccbd421313dae057671ffa1e639d4d1b4c2b92d&mver=199&gver=3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.232.7 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-7.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://www.xxlmag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 10 Jul 2021 01:49:22 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.xxlmag.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Sat, 10 Jul 2021 01:49:22 GMT
imp
g2.gumgum.com/hbid/ 		470 B
982 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?si=9104&pi=3&bf=1x1%2C300x250%2C336x280&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.xxlmag.com%2Fkanye-west-adidas-sneakers-nike-socks%2F%3Futm_source%3Dmorning_brew&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%224.41.0%22%7D&ogu=https%3A%2F%2Fwww.xxlmag.com%2Fkanye-west-adidas-sneakers-nike-socks%2F&ns=10240
Requested by
Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=www.xxlmag.com&v=dccbd421313dae057671ffa1e639d4d1b4c2b92d&mver=199&gver=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.19.59 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-19-59.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
5d4dfa89c461f6df0531fc1e2035a40da01b3454b3815d3743a1416ffa183111

Request headers

Referer
https://www.xxlmag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 10 Jul 2021 01:49:22 GMT
content-encoding
gzip
server
nginx
timing-allow-origin
*
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://www.xxlmag.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-type
application/json;charset=UTF-8
expires
0
arj
townsquaremedia-d.openx.net/w/1.0/ 		173 B
355 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://townsquaremedia-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.xxlmag.com%2Fkanye-west-adidas-sneakers-nike-socks%2F%3Futm_source%3Dmorning_brew&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-120&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=97345ccc-248b-4af6-a5ec-6d7fb0917722&nocache=1625881762887&aus=1x1%2C300x250%2C336x280&divids=tsm-ad-in-article-pixel-1&aucs=&auid=539823956&aumfs=250
Requested by
Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=www.xxlmag.com&v=dccbd421313dae057671ffa1e639d4d1b4c2b92d&mver=199&gver=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.210.0 /
Resource Hash
89ac2bb731bfe1627906d7de38175948399c2ec491351f424479ce1007ee5166

Request headers

Referer
https://www.xxlmag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 10 Jul 2021 01:49:22 GMT
content-encoding
gzip
server
OXGW/16.210.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.xxlmag.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
163
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
trinity.json
apex.go.sonobi.com/ 		95 B
731 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%221849dd46bb61dea%22%3A%22050f0480323d77767e1d%7C%7Cgpid%3D%2F8328825%2Fnational%2FXXL%2Fsharethrough%22%7D&ref=https%3A%2F%2Fwww.xxlmag.com%2Fkanye-west-adidas-sneakers-nike-socks%2F%3Futm_source%3Dmorning_brew&s=c3b46e8d-83ad-4c8e-8930-0e08e6a8a3b0&pv=a9d1e75a-f782-45e6-b6be-9d4efeddbd00&vp=desktop&lib_name=prebid&lib_v=4.41.0&us=5&ius=1&coppa=0
Requested by
Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=www.xxlmag.com&v=dccbd421313dae057671ffa1e639d4d1b4c2b92d&mver=199&gver=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.150 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-apex.go.sonobi.com
Software
sonobi-go /
Resource Hash
0d04e71ee75511c9ff59731721f7050a7b4545a398ec0f143a12c4bcac1272ac
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.xxlmag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 10 Jul 2021 01:49:22 GMT
Content-Encoding
gzip
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
apex-ams-1-6-10
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
https://www.xxlmag.com
Cache-Control
no-cache, no-store, private
Access-Control-Allow-Credentials
true
Tcn
Choice
Content-Type
application/json
Content-Length
120
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		260 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11266&site_id=173182&zone_id=836168&size_id=15&alt_size_ids=16%2C221&rf=https%3A%2F%2Fwww.xxlmag.com%2Fkanye-west-adidas-sneakers-nike-socks%2F%3Futm_source%3Dmorning_brew&kw=in-article-pixel&tk_flint=pbjs_lite_v4.41.0&x_source.tid=97345ccc-248b-4af6-a5ec-6d7fb0917722&p_screen_res=1600x1200&rp_floor=0.25&rp_secure=1&rp_maxbids=1&slots=1&rand=0.03622341751816771
Requested by
Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=www.xxlmag.com&v=dccbd421313dae057671ffa1e639d4d1b4c2b92d&mver=199&gver=3
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
213.19.162.61 , United Kingdom, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
c4949740bfe0c034bf2ed6876e670a8259f07cba2a05fda32d96f2356a0057d2

Request headers

Referer
https://www.xxlmag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 10 Jul 2021 01:49:22 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.xxlmag.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
260
Expires
Wed, 17 Sep 1975 21:32:10 GMT
hb
hb.undertone.com/ 		0
449 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.undertone.com/hb?pid=2552&domain=xxlmag.com
Requested by
Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=www.xxlmag.com&v=dccbd421313dae057671ffa1e639d4d1b4c2b92d&mver=199&gver=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.193.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-193-35.fra2.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.xxlmag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 10 Jul 2021 01:49:22 GMT
via
1.1 37c215a6cf8b04439db2f97a633421e6.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
FRA2-C1
x-cache
Miss from cloudfront
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSDo OUR BUS UNI COM NAV"
access-control-allow-origin
https://www.xxlmag.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
x-amz-cf-id
84fjpwqfD8Qu6xHvty-5Qc5KJbLoKXFEPQSiOy3BSnylTJ1DjFezzw==
expires
Mon, 26 Jul 1997 05:00:00 GMT
cygnus
htlb.casalemedia.com/ 		25 B
373 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=257436&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2223a467669614497%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.xxlmag.com%2Fkanye-west-adidas-sneakers-nike-socks%2F%3Futm_source%3Dmorning_brew%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A1%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A1%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%224.41.0%22%2C%22userIds%22%3A%5B%5D%2C%22msd%22%3A2%2C%22msi%22%3A2%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22adserver.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2241a38e85-0fb4-4918-9ab7-1109f2b70d3e%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID%22%7D%7D%2C%7B%22id%22%3A%22FALSE%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID_LOOKUP%22%7D%7D%2C%7B%22id%22%3A%222021-07-10T01%3A49%3A22%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID_CREATED_AT%22%7D%7D%5D%7D%5D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2224c9d1a190297bc%22%2C%22ext%22%3A%7B%22siteID%22%3A%22257436%22%2C%22sid%22%3A%221x1%22%7D%2C%22banner%22%3A%7B%22w%22%3A1%2C%22h%22%3A1%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2224c9d1a190297bc%22%2C%22ext%22%3A%7B%22siteID%22%3A%22257436%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2224c9d1a190297bc%22%2C%22ext%22%3A%7B%22siteID%22%3A%22257436%22%2C%22sid%22%3A%22336x280%22%7D%2C%22banner%22%3A%7B%22w%22%3A336%2C%22h%22%3A280%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by
Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=www.xxlmag.com&v=dccbd421313dae057671ffa1e639d4d1b4c2b92d&mver=199&gver=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.111.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-111-28.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
60c5dd72d42ad2497a5da20b22ee48321f030d9195af3dc80edb611a2e53df50

Request headers

Referer
https://www.xxlmag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 10 Jul 2021 01:49:22 GMT
content-encoding
gzip
x-ak-initial-geo
CC:[DE], RC:[SN], CN:[EU], CIP:[144.76.109.30], XFF:[]
server
Apache
vary
Is-Traffic-Invalid,Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.xxlmag.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
45
x-ak-client-geo
12
expires
Sat, 10 Jul 2021 01:49:22 GMT
auction
tlx.3lift.com/header/ 		19 B
493 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=4.41.0&referrer=https%3A%2F%2Fwww.xxlmag.com%2Fkanye-west-adidas-sneakers-nike-socks%2F%3Futm_source%3Dmorning_brew&tmax=2000
Requested by
Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=www.xxlmag.com&v=dccbd421313dae057671ffa1e639d4d1b4c2b92d&mver=199&gver=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.158.84.255 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-84-255.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.xxlmag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 10 Jul 2021 01:49:22 GMT
x-auction-status
12
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
access-control-allow-origin
https://www.xxlmag.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
prebid
targeting.unrulymedia.com/ 		0
170 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/prebid
Requested by
Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=www.xxlmag.com&v=dccbd421313dae057671ffa1e639d4d1b4c2b92d&mver=199&gver=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.xxlmag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.xxlmag.com
pragma
no-cache
date
Sat, 10 Jul 2021 01:49:22 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
Tengine
prebid
prebid.media.net/rtb/ 		330 B
314 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUMP71D3
Requested by
Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=www.xxlmag.com&v=dccbd421313dae057671ffa1e639d4d1b4c2b92d&mver=199&gver=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
62ce7500ebcaf2cee5e868e3351b6f00fb7a1594c05b2ad392e6aef5a21e2333

Request headers

Referer
https://www.xxlmag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 10 Jul 2021 01:49:22 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.xxlmag.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
chunk-12.26a5d66d8e8af980d272.1625854580238.js
www.xxlmag.com/public/dist/desktop/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.xxlmag.com/public/dist/desktop/chunk-12.26a5d66d8e8af980d272.1625854580238.js
Requested by
Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.172 Culver City, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67C0) / Express
Resource Hash
ba09e780460eda7e29db596aa2588dd79d50a3cb26e2260a9d85842e07d4e813

Request headers

:path
/public/dist/desktop/chunk-12.26a5d66d8e8af980d272.1625854580238.js
pragma
no-cache
cookie
gdpr-source=DE; abgroup=B; cogitoergosum=eyJsb2NhdGlvbiI6InVuZGVmaW5lZCx1bmRlZmluZWQiLCJ0aW1lc3RhbXAiOiJTYXQsIDEwIEp1bCAyMDIxIDAxOjQ5OjIyIEdNVCJ9; connect.sid=s%3A4MhPKlPqqRJFhn9o0XQm_M8XS_Nxl4r5.zEELnGcmB2NtCgz1qrTf0XupvnaP0yVP2IZTlD3VkYM; _ga=GA1.2.1815658449.1625881762; _gid=GA1.2.291213849.1625881762; _gat_primary=1; _fbp=fb.1.1625881762724.1691969221
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.xxlmag.com
referer
https://www.xxlmag.com/kanye-west-adidas-sneakers-nike-socks/?utm_source=morning_brew
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.xxlmag.com/kanye-west-adidas-sneakers-nike-socks/?utm_source=morning_brew
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-abgroup
B
date
Sat, 10 Jul 2021 01:49:22 GMT
content-encoding
gzip
age
24822
x-powered-by
Express
x-cache
HIT
x-ua-device
desktop
x-device
desktop
content-length
6655
last-modified
Fri, 09 Jul 2021 18:54:11 GMT
server
ECS (frb/67C0)
etag
W/"5379-17a8c9ebeba"
vary
Accept-Encoding
x-varnish
1597652609 1597646792
via
1.1 varnish
cache-control
no-cache
gdpr-source
DE
accept-ranges
bytes
content-type
application/javascript
expires
Sat, 10 Jul 2021 01:49:21 GMT
/
www.xxlmag.com/rest/carbon/filter/main/kanye-west-wal-mart-lawsuit-yeezys/ 		80 KB
16 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.xxlmag.com/rest/carbon/filter/main/kanye-west-wal-mart-lawsuit-yeezys/
Requested by
Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.172 Culver City, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (lcy/1D64) / Express
Resource Hash
dfb9e7b02c57ff3ecb7ff5a75e4b8248f13ad2b8470923768c66b872f17f75b1

Request headers

:path
/rest/carbon/filter/main/kanye-west-wal-mart-lawsuit-yeezys/
pragma
no-cache
cookie
abgroup=B; cogitoergosum=eyJsb2NhdGlvbiI6InVuZGVmaW5lZCx1bmRlZmluZWQiLCJ0aW1lc3RhbXAiOiJTYXQsIDEwIEp1bCAyMDIxIDAxOjQ5OjIyIEdNVCJ9; connect.sid=s%3A4MhPKlPqqRJFhn9o0XQm_M8XS_Nxl4r5.zEELnGcmB2NtCgz1qrTf0XupvnaP0yVP2IZTlD3VkYM; _ga=GA1.2.1815658449.1625881762; _gid=GA1.2.291213849.1625881762; _gat_primary=1; _fbp=fb.1.1625881762724.1691969221
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
empty
:authority
www.xxlmag.com
referer
https://www.xxlmag.com/kanye-west-adidas-sneakers-nike-socks/?utm_source=morning_brew
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.xxlmag.com/kanye-west-adidas-sneakers-nike-socks/?utm_source=morning_brew
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Jul 2021 01:49:22 GMT
content-encoding
gzip
age
119
x-powered-by
Express
x-cache
HIT
x-ua-device
desktop
x-device
desktop
content-length
16033
last-modified
Sat, 10 Jul 2021 01:47:23 GMT
server
ECS (lcy/1D64)
etag
W/"13e1f-sLq6J+8MLRMQFZrLxS9zFA"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
cache-control
no-cache
gdpr-source
DE
set-cookie
gdpr-source=DE
accept-ranges
bytes
expires
Sat, 10 Jul 2021 01:49:21 GMT
/
www.xxlmag.com/rest/carbon/filter/main/rappers-won-the-most-awards/ 		81 KB
16 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.xxlmag.com/rest/carbon/filter/main/rappers-won-the-most-awards/
Requested by
Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.172 Culver City, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6711) / Express
Resource Hash
626a8fa9f58eb3fc3f5f9584963872182f66e5239d1f400286c5edeff1e155f7

Request headers

:path
/rest/carbon/filter/main/rappers-won-the-most-awards/
pragma
no-cache
cookie
abgroup=B; cogitoergosum=eyJsb2NhdGlvbiI6InVuZGVmaW5lZCx1bmRlZmluZWQiLCJ0aW1lc3RhbXAiOiJTYXQsIDEwIEp1bCAyMDIxIDAxOjQ5OjIyIEdNVCJ9; connect.sid=s%3A4MhPKlPqqRJFhn9o0XQm_M8XS_Nxl4r5.zEELnGcmB2NtCgz1qrTf0XupvnaP0yVP2IZTlD3VkYM; _ga=GA1.2.1815658449.1625881762; _gid=GA1.2.291213849.1625881762; _gat_primary=1; _fbp=fb.1.1625881762724.1691969221
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
empty
:authority
www.xxlmag.com
referer
https://www.xxlmag.com/kanye-west-adidas-sneakers-nike-socks/?utm_source=morning_brew
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.xxlmag.com/kanye-west-adidas-sneakers-nike-socks/?utm_source=morning_brew
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Jul 2021 01:49:22 GMT
content-encoding
gzip
age
119
x-powered-by
Express
x-cache
HIT
x-ua-device
desktop
x-device
desktop
content-length
16484
last-modified
Sat, 10 Jul 2021 01:47:23 GMT
server
ECS (frb/6711)
etag
W/"1457f-X2S1YVZlsQKzxOdZbs6Zzw"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
cache-control
no-cache
gdpr-source
DE
set-cookie
gdpr-source=DE
accept-ranges
bytes
expires
Sat, 10 Jul 2021 01:49:21 GMT
chunk-29.04126f6327b4760a403a.1625854580238.js
www.xxlmag.com/public/dist/desktop/ 		2 KB
936 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.xxlmag.com/public/dist/desktop/chunk-29.04126f6327b4760a403a.1625854580238.js
Requested by
Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.172 Culver City, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6763) / Express
Resource Hash
770171b650e81b66f2c23eece155ff06cc78a5deadc3e457402b4968772a1aa2

Request headers

:path
/public/dist/desktop/chunk-29.04126f6327b4760a403a.1625854580238.js
pragma
no-cache
cookie
gdpr-source=DE; abgroup=B; cogitoergosum=eyJsb2NhdGlvbiI6InVuZGVmaW5lZCx1bmRlZmluZWQiLCJ0aW1lc3RhbXAiOiJTYXQsIDEwIEp1bCAyMDIxIDAxOjQ5OjIyIEdNVCJ9; connect.sid=s%3A4MhPKlPqqRJFhn9o0XQm_M8XS_Nxl4r5.zEELnGcmB2NtCgz1qrTf0XupvnaP0yVP2IZTlD3VkYM; _ga=GA1.2.1815658449.1625881762; _gid=GA1.2.291213849.1625881762; _gat_primary=1; _fbp=fb.1.1625881762724.1691969221
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.xxlmag.com
referer
https://www.xxlmag.com/kanye-west-adidas-sneakers-nike-socks/?utm_source=morning_brew
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.xxlmag.com/kanye-west-adidas-sneakers-nike-socks/?utm_source=morning_brew
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-abgroup
B
date
Sat, 10 Jul 2021 01:49:22 GMT
content-encoding
gzip
age
24803
x-powered-by
Express
x-cache
HIT
x-ua-device
desktop
x-device
desktop
content-length
847
last-modified
Fri, 09 Jul 2021 18:54:10 GMT
server
ECS (frb/6763)
etag
W/"6ab-17a8c9eba03"
vary
Accept-Encoding
x-varnish
2548684100
via
1.1 varnish
cache-control
no-cache
gdpr-source
DE
accept-ranges
bytes
content-type
application/javascript
expires
Sat, 10 Jul 2021 01:49:21 GMT
chunk-18.4c88f39b9077510dc1c2.1625854580238.js
www.xxlmag.com/public/dist/desktop/ 		65 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.xxlmag.com/public/dist/desktop/chunk-18.4c88f39b9077510dc1c2.1625854580238.js
Requested by
Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.172 Culver City, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6727) / Express
Resource Hash
c37bf160d88f9d8bdc34b0b12b5bd574129146493466d6398afcf953b2bae9fb

Request headers

:path
/public/dist/desktop/chunk-18.4c88f39b9077510dc1c2.1625854580238.js
pragma
no-cache
cookie
gdpr-source=DE; abgroup=B; cogitoergosum=eyJsb2NhdGlvbiI6InVuZGVmaW5lZCx1bmRlZmluZWQiLCJ0aW1lc3RhbXAiOiJTYXQsIDEwIEp1bCAyMDIxIDAxOjQ5OjIyIEdNVCJ9; connect.sid=s%3A4MhPKlPqqRJFhn9o0XQm_M8XS_Nxl4r5.zEELnGcmB2NtCgz1qrTf0XupvnaP0yVP2IZTlD3VkYM; _ga=GA1.2.1815658449.1625881762; _gid=GA1.2.291213849.1625881762; _gat_primary=1; _fbp=fb.1.1625881762724.1691969221
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.xxlmag.com
referer
https://www.xxlmag.com/kanye-west-adidas-sneakers-nike-socks/?utm_source=morning_brew
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.xxlmag.com/kanye-west-adidas-sneakers-nike-socks/?utm_source=morning_brew
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-abgroup
B
date
Sat, 10 Jul 2021 01:49:22 GMT
content-encoding
gzip
age
24822
x-powered-by
Express
x-cache
HIT
x-ua-device
desktop
x-device
desktop
content-length
16776
last-modified
Fri, 09 Jul 2021 18:54:23 GMT
server
ECS (frb/6727)
etag
W/"103c9-17a8c9eeb9f"
vary
Accept-Encoding
x-varnish
2548684105 2548678463
via
1.1 varnish
cache-control
no-cache
gdpr-source
DE
accept-ranges
bytes
content-type
application/javascript
expires
Sat, 10 Jul 2021 01:49:21 GMT
chunk-8.90621c2ace2e92b57a4e.1625854580238.js
www.xxlmag.com/public/dist/desktop/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.xxlmag.com/public/dist/desktop/chunk-8.90621c2ace2e92b57a4e.1625854580238.js
Requested by
Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.172 Culver City, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6731) / Express
Resource Hash
2647ed1a2695a9787bc1248239c8c67fd19c39bf87c6e7230894029ce048f8b7

Request headers

:path
/public/dist/desktop/chunk-8.90621c2ace2e92b57a4e.1625854580238.js
pragma
no-cache
cookie
gdpr-source=DE; abgroup=B; cogitoergosum=eyJsb2NhdGlvbiI6InVuZGVmaW5lZCx1bmRlZmluZWQiLCJ0aW1lc3RhbXAiOiJTYXQsIDEwIEp1bCAyMDIxIDAxOjQ5OjIyIEdNVCJ9; connect.sid=s%3A4MhPKlPqqRJFhn9o0XQm_M8XS_Nxl4r5.zEELnGcmB2NtCgz1qrTf0XupvnaP0yVP2IZTlD3VkYM; _ga=GA1.2.1815658449.1625881762; _gid=GA1.2.291213849.1625881762; _gat_primary=1; _fbp=fb.1.1625881762724.1691969221
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.xxlmag.com
referer
https://www.xxlmag.com/kanye-west-adidas-sneakers-nike-socks/?utm_source=morning_brew
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.xxlmag.com/kanye-west-adidas-sneakers-nike-socks/?utm_source=morning_brew
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-abgroup
B
date
Sat, 10 Jul 2021 01:49:22 GMT
content-encoding
gzip
age
24803
x-powered-by
Express
x-cache
HIT
x-ua-device
desktop
x-device
desktop
content-length
3409
last-modified
Fri, 09 Jul 2021 18:54:15 GMT
server
ECS (frb/6731)
etag
W/"27e6-17a8c9ece41"
vary
Accept-Encoding
x-varnish
2548684102
via
1.1 varnish
cache-control
no-cache
gdpr-source
DE
accept-ranges
bytes
content-type
application/javascript
expires
Sat, 10 Jul 2021 01:49:21 GMT
chunk-1.934d06c0b88de1017a9f.1625854580238.js
www.xxlmag.com/public/dist/desktop/ 		984 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.xxlmag.com/public/dist/desktop/chunk-1.934d06c0b88de1017a9f.1625854580238.js
Requested by
Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.172 Culver City, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67E0) / Express
Resource Hash
b63a946a54c90afbbbdac017375920c04e9d60bd57bf49ed27500db26ac2e78e

Request headers

:path
/public/dist/desktop/chunk-1.934d06c0b88de1017a9f.1625854580238.js
pragma
no-cache
cookie
gdpr-source=DE; abgroup=B; cogitoergosum=eyJsb2NhdGlvbiI6InVuZGVmaW5lZCx1bmRlZmluZWQiLCJ0aW1lc3RhbXAiOiJTYXQsIDEwIEp1bCAyMDIxIDAxOjQ5OjIyIEdNVCJ9; connect.sid=s%3A4MhPKlPqqRJFhn9o0XQm_M8XS_Nxl4r5.zEELnGcmB2NtCgz1qrTf0XupvnaP0yVP2IZTlD3VkYM; _ga=GA1.2.1815658449.1625881762; _gid=GA1.2.291213849.1625881762; _gat_primary=1; _fbp=fb.1.1625881762724.1691969221
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.xxlmag.com
referer
https://www.xxlmag.com/kanye-west-adidas-sneakers-nike-socks/?utm_source=morning_brew
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.xxlmag.com/kanye-west-adidas-sneakers-nike-socks/?utm_source=morning_brew
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-abgroup
B
date
Sat, 10 Jul 2021 01:49:22 GMT
via
1.1 varnish
age
24818
x-powered-by
Express
x-cache
HIT
x-ua-device
desktop
x-device
desktop
content-length
984
last-modified
Fri, 09 Jul 2021 18:54:15 GMT
server
ECS (frb/67E0)
etag
W/"3d8-17a8c9ece55"
x-varnish
1597652626 1597648072
cache-control
no-cache
gdpr-source
DE
accept-ranges
bytes
content-type
application/javascript
expires
Sat, 10 Jul 2021 01:49:21 GMT
chunk-2.039cb2d1580138db5062.1625854580238.js
www.xxlmag.com/public/dist/desktop/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.xxlmag.com/public/dist/desktop/chunk-2.039cb2d1580138db5062.1625854580238.js
Requested by
Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.172 Culver City, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/668C) / Express
Resource Hash
aa7d92941b9efd02d014d965ab109ad48bf19a56d6de058a5a66634a9a1e6501

Request headers

:path
/public/dist/desktop/chunk-2.039cb2d1580138db5062.1625854580238.js
pragma
no-cache
cookie
gdpr-source=DE; abgroup=B; cogitoergosum=eyJsb2NhdGlvbiI6InVuZGVmaW5lZCx1bmRlZmluZWQiLCJ0aW1lc3RhbXAiOiJTYXQsIDEwIEp1bCAyMDIxIDAxOjQ5OjIyIEdNVCJ9; connect.sid=s%3A4MhPKlPqqRJFhn9o0XQm_M8XS_Nxl4r5.zEELnGcmB2NtCgz1qrTf0XupvnaP0yVP2IZTlD3VkYM; _ga=GA1.2.1815658449.1625881762; _gid=GA1.2.291213849.1625881762; _gat_primary=1; _fbp=fb.1.1625881762724.1691969221
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.xxlmag.com
referer
https://www.xxlmag.com/kanye-west-adidas-sneakers-nike-socks/?utm_source=morning_brew
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.xxlmag.com/kanye-west-adidas-sneakers-nike-socks/?utm_source=morning_brew
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-abgroup
B
date
Sat, 10 Jul 2021 01:49:22 GMT
content-encoding
gzip
age
24822
x-powered-by
Express
x-cache
HIT
x-ua-device
desktop
x-device
desktop
content-length
1501
last-modified
Fri, 09 Jul 2021 18:54:11 GMT
server
ECS (frb/668C)
etag
W/"e0f-17a8c9ebf2a"
vary
Accept-Encoding
x-varnish
2548684115 2548678454
via
1.1 varnish
cache-control
no-cache
gdpr-source
DE
accept-ranges
bytes
content-type
application/javascript
expires
Sat, 10 Jul 2021 01:49:21 GMT
arj
townsquaremedia-d.openx.net/w/1.0/ 		173 B
559 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://townsquaremedia-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.xxlmag.com%2Fkanye-west-adidas-sneakers-nike-socks%2F%3Futm_source%3Dmorning_brew&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-120&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=4915b56e-e2ac-4f6c-8441-9f84443fd044%2C014cf5a9-694b-498f-ba0e-4397a3710273%2Cc4533906-71c3-4cda-aa76-225dbc802dff%2Cedf8b234-408c-4151-bb2b-41e288a76dc6&nocache=1625881762912&aus=300x250%2C300x600%7C728x90%7C728x90%7C970x250&divids=tsm-ad-300a%2Ctsm-ad-728a%2Ctsm-ad-728b%2Ctsm-ad-970a&aucs=%2C%2C%2C&auid=540963437%2C540963438%2C540963438%2C540963440&aumfs=250%2C250%2C250%2C250
Requested by
Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=www.xxlmag.com&v=dccbd421313dae057671ffa1e639d4d1b4c2b92d&mver=199&gver=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.210.0 /
Resource Hash
34cad758a4aebd79ec581e62ae41580624eca853b967b61a454392ac04c3da70

Request headers

Referer
https://www.xxlmag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 10 Jul 2021 01:49:22 GMT
content-encoding
gzip
server
OXGW/16.210.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.xxlmag.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
163
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
cygnus
htlb.casalemedia.com/ 		25 B
373 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=257435&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2236d5c055dc15923%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.xxlmag.com%2Fkanye-west-adidas-sneakers-nike-socks%2F%3Futm_source%3Dmorning_brew%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A3%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A3%2C%22ren%22%3Afalse%2C%22version%22%3A%224.41.0%22%2C%22userIds%22%3A%5B%5D%2C%22msd%22%3A1%2C%22msi%22%3A1%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22adserver.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2241a38e85-0fb4-4918-9ab7-1109f2b70d3e%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID%22%7D%7D%2C%7B%22id%22%3A%22FALSE%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID_LOOKUP%22%7D%7D%2C%7B%22id%22%3A%222021-07-10T01%3A49%3A22%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID_CREATED_AT%22%7D%7D%5D%7D%5D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2237fb97ffe3c2489%22%2C%22ext%22%3A%7B%22siteID%22%3A%22257435%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2238b394a53b86302%22%2C%22ext%22%3A%7B%22siteID%22%3A%22257438%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2239ecc6ab498bab7%22%2C%22ext%22%3A%7B%22siteID%22%3A%22257439%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2237fb97ffe3c2489%22%2C%22ext%22%3A%7B%22siteID%22%3A%22257435%22%2C%22sid%22%3A%22300x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by
Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=www.xxlmag.com&v=dccbd421313dae057671ffa1e639d4d1b4c2b92d&mver=199&gver=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.111.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-111-28.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
4b811923f5f695a9e5bf95b923a0797cd12b60f0117ffebdfe67e928d7fe065a

Request headers

Referer
https://www.xxlmag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 10 Jul 2021 01:49:22 GMT
content-encoding
gzip
x-ak-initial-geo
CC:[DE], RC:[SN], CN:[EU], CIP:[144.76.109.30], XFF:[]
server
Apache
vary
Is-Traffic-Invalid,Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.xxlmag.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
45
x-ak-client-geo
12
expires
Sat, 10 Jul 2021 01:49:22 GMT
trinity.json
apex.go.sonobi.com/ 		158 B
792 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%2241eb013f9ef98fe%22%3A%22e4cc28fe00d33a22ec11%7C300x250%2C300x600%7Cgpid%3D%2F8328825%2Fnational%2FXXL%2Fpost%22%2C%22423768fa29a52af%22%3A%22bd9353b0b56f14676b5d%7C728x90%7Cgpid%3D%2F8328825%2Fnational%2FXXL%2Fpost%22%2C%2243363405d4bb5cb%22%3A%22c99a69f0d282bf033c3f%7C728x90%7Cgpid%3D%2F8328825%2Fnational%2FXXL%2Fpost%22%2C%2244bc32d37adc584%22%3A%22f77cce5412c0bdd56dca%7C970x250%7Cgpid%3D%2F8328825%2Fnational%2FXXL%2Fpost%22%7D&ref=https%3A%2F%2Fwww.xxlmag.com%2Fkanye-west-adidas-sneakers-nike-socks%2F%3Futm_source%3Dmorning_brew&s=65111572-a302-4123-b849-3ef4d654ab5a&pv=a9d1e75a-f782-45e6-b6be-9d4efeddbd00&vp=desktop&lib_name=prebid&lib_v=4.41.0&us=5&ius=1&coppa=0
Requested by
Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=www.xxlmag.com&v=dccbd421313dae057671ffa1e639d4d1b4c2b92d&mver=199&gver=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.150 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-apex.go.sonobi.com
Software
sonobi-go /
Resource Hash
35d8fab4de39fe80bb0c6c7a52d2b956d466e634b247f25d1bc757821b436356
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.xxlmag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 10 Jul 2021 01:49:22 GMT
Content-Encoding
gzip
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
apex-ams-1-6-8
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
https://www.xxlmag.com
Cache-Control
no-cache, no-store, private
Access-Control-Allow-Credentials
true
Tcn
Choice
Content-Type
application/json
Content-Length
183
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
auction
tlx.3lift.com/header/ 		19 B
540 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=4.41.0&referrer=https%3A%2F%2Fwww.xxlmag.com%2Fkanye-west-adidas-sneakers-nike-socks%2F%3Futm_source%3Dmorning_brew&tmax=2000
Requested by
Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=www.xxlmag.com&v=dccbd421313dae057671ffa1e639d4d1b4c2b92d&mver=199&gver=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.158.84.255 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-84-255.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.xxlmag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 10 Jul 2021 01:49:22 GMT
x-auction-status
12, 12, 12, 12
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
access-control-allow-origin
https://www.xxlmag.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
bid-request
a.teads.tv/hb/ 		16 B
248 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=www.xxlmag.com&v=dccbd421313dae057671ffa1e639d4d1b4c2b92d&mver=199&gver=3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.232.7 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-7.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://www.xxlmag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 10 Jul 2021 01:49:22 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.xxlmag.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Sat, 10 Jul 2021 01:49:22 GMT
prebid
prebid.media.net/rtb/ 		330 B
451 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUMP71D3
Requested by
Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=www.xxlmag.com&v=dccbd421313dae057671ffa1e639d4d1b4c2b92d&mver=199&gver=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
64483cca08c29e2cab76ff3335a70509b92b2e3f0286bf5e9c8f9e3a69342e3a

Request headers

Referer
https://www.xxlmag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 10 Jul 2021 01:49:22 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.xxlmag.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
fastlane.json
fastlane.rubiconproject.com/a/api/ 		260 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11266&site_id=173182&zone_id=836168&size_id=15&alt_size_ids=10&p_pos=atf&rf=https%3A%2F%2Fwww.xxlmag.com%2Fkanye-west-adidas-sneakers-nike-socks%2F%3Futm_source%3Dmorning_brew&kw=tsm-ad-300a&tk_flint=pbjs_lite_v4.41.0&x_source.tid=4915b56e-e2ac-4f6c-8441-9f84443fd044&p_screen_res=1600x1200&rp_floor=0.25&rp_secure=1&rp_maxbids=1&slots=1&rand=0.941814755054144
Requested by
Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=www.xxlmag.com&v=dccbd421313dae057671ffa1e639d4d1b4c2b92d&mver=199&gver=3
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
213.19.162.61 , United Kingdom, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
00358559572e7ad470632eec7b315c5088d58b5636f2d0cbaaf9750c0854fef0

Request headers

Referer
https://www.xxlmag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 10 Jul 2021 01:49:22 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.xxlmag.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
260
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		239 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11266&site_id=173182&zone_id=836168&size_id=2&p_pos=atf&rf=https%3A%2F%2Fwww.xxlmag.com%2Fkanye-west-adidas-sneakers-nike-socks%2F%3Futm_source%3Dmorning_brew&kw=tsm-ad-728a&tk_flint=pbjs_lite_v4.41.0&x_source.tid=014cf5a9-694b-498f-ba0e-4397a3710273&p_screen_res=1600x1200&rp_floor=0.25&rp_secure=1&rp_maxbids=1&slots=1&rand=0.5924200436440459
Requested by
Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=www.xxlmag.com&v=dccbd421313dae057671ffa1e639d4d1b4c2b92d&mver=199&gver=3
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
213.19.162.61 , United Kingdom, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
056ccd5e8ec88538c0b43f5e14b16b184841b4e8dc0f6539e3c66177bc78f277

Request headers

Referer
https://www.xxlmag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 10 Jul 2021 01:49:22 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.xxlmag.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
239
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		235 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11266&site_id=173182&zone_id=836168&size_id=2&rf=https%3A%2F%2Fwww.xxlmag.com%2Fkanye-west-adidas-sneakers-nike-socks%2F%3Futm_source%3Dmorning_brew&kw=tsm-ad-728b&tk_flint=pbjs_lite_v4.41.0&x_source.tid=c4533906-71c3-4cda-aa76-225dbc802dff&p_screen_res=1600x1200&rp_floor=0.25&rp_secure=1&rp_maxbids=1&slots=1&rand=0.17480269542647475
Requested by
Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=www.xxlmag.com&v=dccbd421313dae057671ffa1e639d4d1b4c2b92d&mver=199&gver=3
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
213.19.162.61 , United Kingdom, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
e234846850c3079c7c9cc4d85b130b7d68a3508194e6748da30e6a52b59df697

Request headers

Referer
https://www.xxlmag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 10 Jul 2021 01:49:23 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.xxlmag.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
235
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		240 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11266&site_id=173182&zone_id=836168&size_id=57&p_pos=atf&rf=https%3A%2F%2Fwww.xxlmag.com%2Fkanye-west-adidas-sneakers-nike-socks%2F%3Futm_source%3Dmorning_brew&kw=tsm-ad-970a&tk_flint=pbjs_lite_v4.41.0&x_source.tid=edf8b234-408c-4151-bb2b-41e288a76dc6&p_screen_res=1600x1200&rp_floor=0.25&rp_secure=1&rp_maxbids=1&slots=1&rand=0.004094091293349367
Requested by
Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=www.xxlmag.com&v=dccbd421313dae057671ffa1e639d4d1b4c2b92d&mver=199&gver=3
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
213.19.162.61 , United Kingdom, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
cd2557c29dc89ce0c38c463796e56b035ccce3e135badad39b0597c3a0048407

Request headers

Referer
https://www.xxlmag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 10 Jul 2021 01:49:22 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.xxlmag.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
240
Expires
Wed, 17 Sep 1975 21:32:10 GMT
translator
hbopenbid.pubmatic.com/ 		0
116 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=www.xxlmag.com&v=dccbd421313dae057671ffa1e639d4d1b4c2b92d&mver=199&gver=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.xxlmag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.xxlmag.com
date
Sat, 10 Jul 2021 01:49:23 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
v2
e.serverbid.com/api/ 		16 B
168 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://e.serverbid.com/api/v2
Requested by
Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=www.xxlmag.com&v=dccbd421313dae057671ffa1e639d4d1b4c2b92d&mver=199&gver=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
134.209.131.220 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
903eb8f1cc364e01930ba03579f049a72794aa91d1a5842a2edb6365e436bb7c

Request headers

Referer
https://www.xxlmag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.xxlmag.com
date
Sat, 10 Jul 2021 01:49:22 GMT
access-control-allow-credentials
true
content-length
16
vary
Origin
content-type
application/json
prebid
ib.adnxs.com/ut/v3/ 		19 B
696 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=www.xxlmag.com&v=dccbd421313dae057671ffa1e639d4d1b4c2b92d&mver=199&gver=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.62 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.xxlmag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 10 Jul 2021 01:49:22 GMT
X-Proxy-Origin
144.76.109.30; 144.76.109.30; 535.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
5d9dd8c0-4e01-4ee7-8aad-e72bc32f5039
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.xxlmag.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bid
krk.kargo.com/api/v2/ 		2 B
677 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://krk.kargo.com/api/v2/bid?json=%7B%22sessionId%22%3A%2263454a41-19d7-494a-b7b8-e55342c8c09a%22%2C%22requestCount%22%3A1%2C%22timeout%22%3A2000%2C%22currency%22%3A%22USD%22%2C%22cpmGranularity%22%3A1%2C%22timestamp%22%3A1625881762923%2C%22cpmRange%22%3A%7B%22floor%22%3A0%2C%22ceil%22%3A20%7D%2C%22bidIDs%22%3A%7B%2280e6bd3ad902791%22%3A%22_rDGTkl2SED%22%2C%22818d8bea2c3d798%22%3A%22_nZZ09Txjo3%22%7D%2C%22bidSizes%22%3A%7B%2280e6bd3ad902791%22%3A%5B%5B300%2C250%5D%2C%5B300%2C600%5D%5D%2C%22818d8bea2c3d798%22%3A%5B%5B970%2C250%5D%5D%7D%2C%22prebidRawBidRequests%22%3A%5B%7B%22bidder%22%3A%22kargo%22%2C%22params%22%3A%7B%22placementId%22%3A%22_rDGTkl2SED%22%7D%2C%22mediaTypes%22%3A%7B%22banner%22%3A%7B%22sizes%22%3A%5B%5B300%2C250%5D%2C%5B300%2C600%5D%5D%7D%7D%2C%22adUnitCode%22%3A%22tsm-ad-300a%22%2C%22transactionId%22%3A%224915b56e-e2ac-4f6c-8441-9f84443fd044%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%2C%5B300%2C600%5D%5D%2C%22bidId%22%3A%2280e6bd3ad902791%22%2C%22bidderRequestId%22%3A%22797d2821c0d5bb4%22%2C%22auctionId%22%3A%2263512dab-eee9-4364-98a6-ddd336974c55%22%2C%22src%22%3A%22client%22%2C%22bidRequestsCount%22%3A1%2C%22bidderRequestsCount%22%3A1%2C%22bidderWinsCount%22%3A0%7D%2C%7B%22bidder%22%3A%22kargo%22%2C%22params%22%3A%7B%22placementId%22%3A%22_nZZ09Txjo3%22%7D%2C%22mediaTypes%22%3A%7B%22banner%22%3A%7B%22sizes%22%3A%5B%5B970%2C250%5D%5D%7D%7D%2C%22adUnitCode%22%3A%22tsm-ad-970a%22%2C%22transactionId%22%3A%22edf8b234-408c-4151-bb2b-41e288a76dc6%22%2C%22sizes%22%3A%5B%5B970%2C250%5D%5D%2C%22bidId%22%3A%22818d8bea2c3d798%22%2C%22bidderRequestId%22%3A%22797d2821c0d5bb4%22%2C%22auctionId%22%3A%2263512dab-eee9-4364-98a6-ddd336974c55%22%2C%22src%22%3A%22client%22%2C%22bidRequestsCount%22%3A1%2C%22bidderRequestsCount%22%3A1%2C%22bidderWinsCount%22%3A0%7D%5D%2C%22userIDs%22%3A%7B%22crbIDs%22%3A%7B%7D%7D%2C%22krux%22%3A%7B%22userID%22%3Anull%2C%22segments%22%3A%5B%5D%7D%2C%22pageURL%22%3A%22https%3A%2F%2Fwww.xxlmag.com%2Fkanye-west-adidas-sneakers-nike-socks%2F%3Futm_source%3Dmorning_brew%22%2C%22rawCRB%22%3Anull%2C%22rawCRBLocalStorage%22%3Anull%7D
Requested by
Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=www.xxlmag.com&v=dccbd421313dae057671ffa1e639d4d1b4c2b92d&mver=199&gver=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.223.2 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-223-2.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://www.xxlmag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 10 Jul 2021 01:49:22 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://www.xxlmag.com
Cache-Control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Krk-No-Bid-Reason
consent
Content-Length
26
X-Accel-Expires
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
imp
g2.gumgum.com/hbid/ 		470 B
982 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?si=9103&pi=3&bf=300x250%2C300x600&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.xxlmag.com%2Fkanye-west-adidas-sneakers-nike-socks%2F%3Futm_source%3Dmorning_brew&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%224.41.0%22%7D&ogu=https%3A%2F%2Fwww.xxlmag.com%2Fkanye-west-adidas-sneakers-nike-socks%2F&ns=10240
Requested by
Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=www.xxlmag.com&v=dccbd421313dae057671ffa1e639d4d1b4c2b92d&mver=199&gver=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.19.59 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-19-59.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
77ea2d2ab130dbeb2f5143593d6ad16e57c5f51e5610405a07ade4c6b408da7c

Request headers

Referer
https://www.xxlmag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 10 Jul 2021 01:49:22 GMT
content-encoding
gzip
server
nginx
timing-allow-origin
*
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://www.xxlmag.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-type
application/json;charset=UTF-8
expires
0
imp
g2.gumgum.com/hbid/ 		470 B
982 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?si=9106&pi=3&bf=728x90&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.xxlmag.com%2Fkanye-west-adidas-sneakers-nike-socks%2F%3Futm_source%3Dmorning_brew&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%224.41.0%22%7D&ogu=https%3A%2F%2Fwww.xxlmag.com%2Fkanye-west-adidas-sneakers-nike-socks%2F&ns=10240
Requested by
Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=www.xxlmag.com&v=dccbd421313dae057671ffa1e639d4d1b4c2b92d&mver=199&gver=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.19.59 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-19-59.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
3647e350b3326ddc80e0d95a654cdd57e08d8b129a74afd29a18a14aa06e9a6a

Request headers

Referer
https://www.xxlmag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 10 Jul 2021 01:49:22 GMT
content-encoding
gzip
server
nginx
timing-allow-origin
*
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://www.xxlmag.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-type
application/json;charset=UTF-8
expires
0
imp
g2.gumgum.com/hbid/ 		470 B
979 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?si=9107&pi=3&bf=728x90&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.xxlmag.com%2Fkanye-west-adidas-sneakers-nike-socks%2F%3Futm_source%3Dmorning_brew&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%224.41.0%22%7D&ogu=https%3A%2F%2Fwww.xxlmag.com%2Fkanye-west-adidas-sneakers-nike-socks%2F&ns=10240
Requested by
Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=www.xxlmag.com&v=dccbd421313dae057671ffa1e639d4d1b4c2b92d&mver=199&gver=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.19.59 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-19-59.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
c12860c7047a35a8ed64bd38e76381000922a3066b12d62ecd45d24d3c8b04db

Request headers

Referer
https://www.xxlmag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 10 Jul 2021 01:49:22 GMT
content-encoding
gzip
server
nginx
timing-allow-origin
*
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://www.xxlmag.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-type
application/json;charset=UTF-8
expires
0
hb
hb.undertone.com/ 		0
448 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.undertone.com/hb?pid=2552&domain=xxlmag.com
Requested by
Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=www.xxlmag.com&v=dccbd421313dae057671ffa1e639d4d1b4c2b92d&mver=199&gver=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.193.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-193-35.fra2.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.xxlmag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 10 Jul 2021 01:49:23 GMT
via
1.1 37c215a6cf8b04439db2f97a633421e6.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
FRA2-C1
x-cache
Miss from cloudfront
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSDo OUR BUS UNI COM NAV"
access-control-allow-origin
https://www.xxlmag.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
x-envoy-upstream-service-time
4
x-amz-cf-id
fi9cYZIfF8iDAptwNmFW_NfoDk6bn1qvYImfh8fTR380qM7BXWkHug==
expires
Mon, 26 Jul 1997 05:00:00 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		135 KB
48 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fd140742c354c506c7bb90f383e236b9b6886581b286fa810ebdd27540181846
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.xxlmag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Jul 2021 01:49:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48619
x-xss-protection
0
server
cafe
etag
2461876098917531654
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sat, 10 Jul 2021 01:49:22 GMT
/
www.xxlmag.com/internal-ad-api/ 		11 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.xxlmag.com/internal-ad-api/?kw[]=trentfitzgerald&kw[]=kanye-west-adidas-sneakers-nike-socks&kw[]=news&kw[]=kanye-west&kw[]=pagetype-post&kw[]=device-desktop
Requested by
Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.172 Culver City, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (lcy/1D2D) /
Resource Hash
1239cded17181826afb25a505191b6e0951b6dedc4548aedfcb6f05e04eab1cf

Request headers

:path
/internal-ad-api/?kw[]=trentfitzgerald&kw[]=kanye-west-adidas-sneakers-nike-socks&kw[]=news&kw[]=kanye-west&kw[]=pagetype-post&kw[]=device-desktop
pragma
no-cache
cookie
abgroup=B; cogitoergosum=eyJsb2NhdGlvbiI6InVuZGVmaW5lZCx1bmRlZmluZWQiLCJ0aW1lc3RhbXAiOiJTYXQsIDEwIEp1bCAyMDIxIDAxOjQ5OjIyIEdNVCJ9; connect.sid=s%3A4MhPKlPqqRJFhn9o0XQm_M8XS_Nxl4r5.zEELnGcmB2NtCgz1qrTf0XupvnaP0yVP2IZTlD3VkYM; _ga=GA1.2.1815658449.1625881762; _gid=GA1.2.291213849.1625881762; _gat_primary=1; _fbp=fb.1.1625881762724.1691969221
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
empty
:authority
www.xxlmag.com
referer
https://www.xxlmag.com/kanye-west-adidas-sneakers-nike-socks/?utm_source=morning_brew
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.xxlmag.com/kanye-west-adidas-sneakers-nike-socks/?utm_source=morning_brew
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-abgroup
B
date
Sat, 10 Jul 2021 01:49:22 GMT
content-encoding
gzip
age
119
x-cache
HIT
x-ua-device
desktop
x-device
desktop
content-length
3429
last-modified
Sat, 10 Jul 2021 01:47:24 GMT
server
ECS (lcy/1D2D)
vary
Accept-Encoding
x-varnish
1602500185
via
1.1 varnish
cache-control
no-cache
gdpr-source
DE
set-cookie
gdpr-source=DE
accept-ranges
bytes
content-type
application/json; charset=utf-8
expires
Sat, 10 Jul 2021 01:49:21 GMT
iframe_api
www.youtube.com/ 		980 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/iframe_api
Requested by
Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
38557bb8483434b6ad5e1d1a5e3b24ef800f7c63845322e8d67c8f7d041dde25
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.xxlmag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Jul 2021 01:49:23 GMT
content-encoding
br
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
cache-control
private, max-age=0
permissions-policy
ch-ua-full-version=*, ch-ua-platform=*, ch-ua-platform-version=*, ch-ua-arch=*, ch-ua-model=*
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000
content-type
text/javascript; charset=utf-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
expires
Sat, 10 Jul 2021 01:49:23 GMT
attachment-styles-p-vince-staples-idk.jpg
townsquare.media/site/812/files/2021/07/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://townsquare.media/site/812/files/2021/07/attachment-styles-p-vince-staples-idk.jpg?w=300&q=75
Requested by
Host: www.xxlmag.com
URL: https://www.xxlmag.com/kanye-west-adidas-sneakers-nike-socks/?utm_source=morning_brew
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.181 Culver City, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67E2) / Express
Resource Hash
f8dbd66c17987bc2cfd86e4e23bad4ab3b72f6f3abe4a48d9c65051d8895844c

Request headers

Referer
https://www.xxlmag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-abgroup
B
date
Sat, 10 Jul 2021 01:49:23 GMT
via
1.1 varnish
age
77988
x-powered-by
Express
x-cache
HIT
x-carbon-image
compressed-gm
x-ua-device
desktop
x-device
desktop
content-length
18460
last-modified
Fri, 09 Jul 2021 04:07:22 GMT
server
ECS (frb/67E2)
x-varnish
1588633488
access-control-allow-origin
*
cache-control
no-cache
gdpr-source
DE
accept-ranges
bytes
content-type
image/jpeg
expires
Sat, 10 Jul 2021 01:49:22 GMT
cogitoergosum
www.xxlmag.com/rest/high/api/ 		22 B
130 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.xxlmag.com/rest/high/api/cogitoergosum
Requested by
Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.172 Culver City, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
nginx / Express
Resource Hash
38e1e6c680ef39235e64726496ece6b39355e5fb5d2ff9f94881393427ef9d67

Request headers

sec-fetch-mode
cors
origin
https://www.xxlmag.com
accept-encoding
gzip, deflate, br
accept-language
en-US
sec-fetch-dest
empty
cookie
gdpr-source=DE; abgroup=B; cogitoergosum=eyJsb2NhdGlvbiI6InVuZGVmaW5lZCx1bmRlZmluZWQiLCJ0aW1lc3RhbXAiOiJTYXQsIDEwIEp1bCAyMDIxIDAxOjQ5OjIyIEdNVCJ9; connect.sid=s%3A4MhPKlPqqRJFhn9o0XQm_M8XS_Nxl4r5.zEELnGcmB2NtCgz1qrTf0XupvnaP0yVP2IZTlD3VkYM; _ga=GA1.2.1815658449.1625881762; _gid=GA1.2.291213849.1625881762; _gat_primary=1; _fbp=fb.1.1625881762724.1691969221; blingblocksession=1
content-length
107
:path
/rest/high/api/cogitoergosum
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
application/json
accept
*/*
cache-control
no-cache
:authority
www.xxlmag.com
referer
https://www.xxlmag.com/kanye-west-adidas-sneakers-nike-socks/?utm_source=morning_brew
:scheme
https
sec-fetch-site
same-origin
:method
POST
Referer
https://www.xxlmag.com/kanye-west-adidas-sneakers-nike-socks/?utm_source=morning_brew
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 10 Jul 2021 01:49:23 GMT
etag
W/"16-9TAjjH5B1CRTDKLX0cVR1g"
server
nginx
x-powered-by
Express
vary
Accept-Encoding
content-type
application/json; charset=utf-8
x-ua-device
desktop
cache-control
no-cache
gdpr-source
DE
x-device
desktop
content-length
22
expires
Sat, 10 Jul 2021 01:49:22 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j91&a=308780510&t=event&_s=1&dl=https%3A%2F%2Fwww.xxlmag.com%2Fkanye-west-adidas-sneakers-nike-socks%2F%3Futm_source%3Dmorning_brew&ul=en-us&de=UTF-8&dt=Kanye%20West%20Wearing%20Adidas%20Sneakers%20With%20Nike%20Socks%20Confuses%20Fans%20-%20XXL&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=adblock&ea=detection&el=off&_u=6GDAAAADAAAAAG~&jid=73946439&gjid=981923317&cid=1815658449.1625881762&tid=UA-115003007-7&_gid=291213849.1625881762&_r=1&_slc=1&did=i5iSjo&z=1802824985
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.xxlmag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 10 Jul 2021 01:49:23 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.xxlmag.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
settings
syndication.twitter.com/ Frame B73F 		256 B
442 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://syndication.twitter.com/settings?session_id=48409f860d7f0e16deaa3cd038dcaf29d4017556
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.06c6ee58c3810956b7509218508c7b56.html?origin=https%3A%2F%2Fwww.xxlmag.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.42.136 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
c9815821ab1442501b9e9bae3d4bc5730315d6a513c8b40141b2d47b76da1916
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Jul 2021 01:49:22 GMT
content-encoding
gzip
last-modified
Sat, 10 Jul 2021 01:49:23 GMT
server
tsa_o
vary
Origin
strict-transport-security
max-age=631138519
content-type
application/json; charset=utf-8
access-control-allow-origin
https://platform.twitter.com
cache-control
must-revalidate, max-age=600
access-control-allow-credentials
true
x-connection-hash
0277b8b325d87427fc55eb6662ef03c8070e969269bdf2506180383ef89af21d
content-length
176
euconsent
api.conversant.mgr.consensu.org/ 		120 B
319 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.conversant.mgr.consensu.org/euconsent?configId=10164&cmpVersion=3.3.2&c=99161573054
Requested by
Host: cdn.conversant.mgr.consensu.org
URL: https://cdn.conversant.mgr.consensu.org/gdpr/cmp/3/gdpr-cmp-bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:fa8:8806:20::2010 , United States, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
0cc47319b82a519bfb4538712056d891530b44750cee29e544614d447dae46a5

Request headers

Referer
https://www.xxlmag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://www.xxlmag.com
date
Sat, 10 Jul 2021 01:49:23 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server
nginx
vary
Origin
content-type
application/json;charset=UTF-8
60b580967ab3ee24ef34cead
www.xxlmag.com/rest/carbon/api/gallery/ 		17 KB
6 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.xxlmag.com/rest/carbon/api/gallery/60b580967ab3ee24ef34cead
Requested by
Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.172 Culver City, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (lcy/1D59) / Express
Resource Hash
86018f7ff582c389667998ea4eea5c36253abc3e54e7b97d1f2312a038609bba

Request headers

:path
/rest/carbon/api/gallery/60b580967ab3ee24ef34cead
pragma
no-cache
cookie
abgroup=B; cogitoergosum=eyJsb2NhdGlvbiI6InVuZGVmaW5lZCx1bmRlZmluZWQiLCJ0aW1lc3RhbXAiOiJTYXQsIDEwIEp1bCAyMDIxIDAxOjQ5OjIyIEdNVCJ9; connect.sid=s%3A4MhPKlPqqRJFhn9o0XQm_M8XS_Nxl4r5.zEELnGcmB2NtCgz1qrTf0XupvnaP0yVP2IZTlD3VkYM; _ga=GA1.2.1815658449.1625881762; _gid=GA1.2.291213849.1625881762; _gat_primary=1; _fbp=fb.1.1625881762724.1691969221; blingblocksession=1; _gat_UA1150030077=1
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
empty
:authority
www.xxlmag.com
referer
https://www.xxlmag.com/kanye-west-adidas-sneakers-nike-socks/?utm_source=morning_brew
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.xxlmag.com/kanye-west-adidas-sneakers-nike-socks/?utm_source=morning_brew
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Jul 2021 01:49:23 GMT
content-encoding
gzip
age
120
x-powered-by
Express
x-cache
HIT
x-ua-device
desktop
x-device
desktop
content-length
5643
last-modified
Sat, 10 Jul 2021 01:47:24 GMT
server
ECS (lcy/1D59)
etag
W/"452d-uZfqBIp6RzIayPLALT9Lsw"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
cache-control
no-cache
gdpr-source
DE
set-cookie
gdpr-source=DE
accept-ranges
bytes
expires
Sat, 10 Jul 2021 01:49:22 GMT
zerg-lk.js
www.zergnet.com/ 		391 B
353 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.zergnet.com/zerg-lk.js?ref=https%3A%2F%2Fwww.xxlmag.com%2Fkanye-west-adidas-sneakers-nike-socks%2F%3Futm_source%3Dmorning_brew&domain=www.xxlmag.com&fb=84856&u=751&q=Sidebar
Requested by
Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.233.22.207 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-233-22-207.compute-1.amazonaws.com
Software
nginx /
Resource Hash
d3f7bd016c6b1728f467dd32befabe05b7d286e708250e37bf75090025a2c2ae

Request headers

Referer
https://www.xxlmag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Jul 2021 01:49:23 GMT
content-encoding
gzip
server
nginx
content-type
text/html; charset=UTF-8
KFOkCnqEu92Fr1Mu51xIIzI.woff2
fonts.gstatic.com/s/roboto/v27/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOkCnqEu92Fr1Mu51xIIzI.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,400italic,500,500italic,700,300italic,300|Roboto+Condensed:300,400,700&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
46375ee9192c1e0f6eabe4d32b2a48b996b93037f7b4beb970df5b87359548fd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.xxlmag.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Jul 2021 04:27:12 GMT
x-content-type-options
nosniff
age
336131
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17304
x-xss-protection
0
last-modified
Mon, 05 Apr 2021 21:10:35 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 06 Jul 2022 04:27:12 GMT
teju-webclient.min.js
static.solutionshindsight.net/teju-webclient/ 		68 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.solutionshindsight.net/teju-webclient/teju-webclient.min.js
Requested by
Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.193.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-193-72.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b3e3972688b431bcf21224f57c1258952dc5faa80b92f1cd7123c9e417b0fe0b

Request headers

Referer
https://www.xxlmag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Jul 2021 01:38:22 GMT
content-encoding
gzip
last-modified
Thu, 08 Jul 2021 19:33:48 GMT
server
AmazonS3
age
1072
etag
"b56bf427a0599b2139fd8c637775466a"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 3b02f73dccc5077f1ad544a27a475ed6.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
content-length
19786
x-amz-cf-id
nm2_L4AZQCgHChM_kzUOzVav7x090A7ia0863JVsxooPIzVChiCZug==
showad.js
srv.clickfuse.com/showads/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://srv.clickfuse.com/showads/showad.js
Requested by
Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.246.2.88 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-246-2-88.eu-west-1.compute.amazonaws.com
Software
Apache/2.4.46 (Amazon) /
Resource Hash
8d382d8744e1c760c0b4f3c9b4bab898ef226983a3d57a2c3bd1393a9fe7b3c6

Request headers

Referer
https://www.xxlmag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 10 Jul 2021 01:49:23 GMT
Content-Encoding
gzip
Last-Modified
Thu, 18 Mar 2021 21:19:17 GMT
Server
Apache/2.4.46 (Amazon)
ETag
"4436-5bdd626f46de7-gzip"
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=60, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5933
Expires
Sat, 10 Jul 2021 01:50:23 GMT
js
www.googletagmanager.com/gtag/ 		85 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=DC-5352434
Requested by
Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
8b048afbd55fc3c471847a4345d630cb1fb88c66fc96a0d7505d56259f54c30c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.xxlmag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Jul 2021 01:49:23 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34787
x-xss-protection
0
last-modified
Sat, 10 Jul 2021 00:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 10 Jul 2021 01:49:23 GMT
vendor-list.json
cdn.conversant.mgr.consensu.org/gdpr/vendorlist/v2/ 		264 KB
35 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.conversant.mgr.consensu.org/gdpr/vendorlist/v2/vendor-list.json
Requested by
Host: cdn.conversant.mgr.consensu.org
URL: https://cdn.conversant.mgr.consensu.org/gdpr/cmp/3/gdpr-cmp-bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.247.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-247-126.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
aa35aece945b1b1e3e8f5b33ad501c801e625ae22c3cc37231e38b0503c2451a

Request headers

Referer
https://www.xxlmag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Jul 2021 01:49:23 GMT
content-encoding
gzip
last-modified
Thu, 08 Jul 2021 16:15:01 GMT
server
Apache
etag
"41f25-5c69ef5092b06-gzip"
vary
Accept-Encoding
access-control-allow-methods
GET,POST,OPTIONS
content-type
application/json
access-control-allow-origin
*
access-control-max-age
3600
cache-control
max-age=900
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
content-length
35712
/
www.facebook.com/tr/ 		0
15 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.xxlmag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundaryo3NBhE6AQ1oDDvf8

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
server
proxygen-bolt
date
Sat, 10 Jul 2021 01:49:23 GMT
content-type
text/plain
access-control-allow-origin
https://www.xxlmag.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-length
0
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
www-widgetapi.js
www.youtube.com/s/player/51ff6aac/www-widgetapi.vflset/ 		125 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/51ff6aac/www-widgetapi.vflset/www-widgetapi.js
Requested by
Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a2699cc909bdef9af6474579102a1114f4f81ad3b7319b0e89f09be85a57664f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.xxlmag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Jul 2021 23:39:35 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 08 Jul 2021 00:18:29 GMT
server
sffe
age
7788
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42629
x-xss-protection
0
expires
Sat, 09 Jul 2022 23:39:35 GMT
button.5573c974dc31bbdab5ea7923a0bd5cf3.js
platform.twitter.com/js/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/js/button.5573c974dc31bbdab5ea7923a0bd5cf3.js
Requested by
Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/674C) /
Resource Hash
e05edf2ae58e3a9f1d2a84d32a8b216fd0aece46f527b58dcbce75255989ea88

Request headers

Referer
https://www.xxlmag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 10 Jul 2021 01:49:23 GMT
Content-Encoding
gzip
Last-Modified
Wed, 28 Apr 2021 17:56:41 GMT
Server
ECS (frb/674C)
Age
706868
Etag
"382be2960021b88f6ce982d997cdbd01+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
2294
horizon_tweet.2bd42981e3af03ce9186a5655508da28.js
platform.twitter.com/js/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/js/horizon_tweet.2bd42981e3af03ce9186a5655508da28.js
Requested by
Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/669E) /
Resource Hash
263627ec362c25037d69022de008fad33cf85ec7267604a5ae5c8e6fe4ad9e38

Request headers

Referer
https://www.xxlmag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 10 Jul 2021 01:49:23 GMT
Content-Encoding
gzip
Last-Modified
Wed, 28 Apr 2021 17:56:41 GMT
Server
ECS (frb/669E)
Age
706869
Etag
"43544c32afe87494042045e40e7b3213+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
2436
d3d3Lnh4bG1hZy5jb20%3D
static.solutionshindsight.net/assets/ 		5 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://static.solutionshindsight.net/assets/d3d3Lnh4bG1hZy5jb20%3D
Requested by
Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.193.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-193-72.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
54e66b560fe6ce3453ba832987b3462fb2bd248de6edc3d3b6e74eacb672e4d8

Request headers

Referer
https://www.xxlmag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
last-modified
Sat, 24 Apr 2021 16:01:33 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
etag
W/"6facc0960725b63acc4c14afdee38fae"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
date
Sat, 10 Jul 2021 01:49:24 GMT
x-cache
RefreshHit from cloudfront
x-amz-cf-id
chtn0LBVLI0KXcdy7dofQSgR3AEVKFVsq_n3wOZv7ONxEDxqsUgJbg==
via
1.1 cb33a7a4640adbb55df3e0d143601559.cloudfront.net (CloudFront)
event
api.conversant.mgr.consensu.org/gdpr/cmp/ 		0
120 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.conversant.mgr.consensu.org/gdpr/cmp/event
Requested by
Host: cdn.conversant.mgr.consensu.org
URL: https://cdn.conversant.mgr.consensu.org/gdpr/cmp/3/gdpr-cmp-bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:fa8:8806:20::2010 , United States, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.xxlmag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.xxlmag.com
date
Sat, 10 Jul 2021 01:49:23 GMT
access-control-allow-credentials
true
server
nginx
vary
Origin
gdpr-cmp-ui.js
cdn.conversant.mgr.consensu.org/gdpr/cmp/3/ 		289 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.conversant.mgr.consensu.org/gdpr/cmp/3/gdpr-cmp-ui.js
Requested by
Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.247.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-247-126.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
2d4b82db5678f0d8db66c3f3de0fc55ff36e549cbe8f2ddb7674a06983acf668

Request headers

Referer
https://www.xxlmag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Jul 2021 01:49:23 GMT
content-encoding
gzip
last-modified
Thu, 24 Jun 2021 18:44:36 GMT
server
Apache
etag
"4828e-5c5876a375fd0-gzip"
vary
Accept-Encoding
access-control-allow-methods
GET,POST,OPTIONS
content-type
application/javascript
access-control-allow-origin
*
access-control-max-age
3600
cache-control
max-age=900
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
content-length
77499
activityi;dc_pre=CJSL1sex1_ECFTniuwgdEdcLFQ;src=5352434;type=xxlmag;cat=xxl_f0;ord=1411766397089;gtm=2od770;auiddc=149742296.1625881763;~oref=https%3A%2F%2Fwww.xxlmag.com%2Fkanye-west-adidas-sneake...
5352434.fls.doubleclick.net/ Frame 5F4D
Redirect Chain
  • https://5352434.fls.doubleclick.net/activityi;src=5352434;type=xxlmag;cat=xxl_f0;ord=1411766397089;gtm=2od770;auiddc=149742296.1625881763;~oref=https%3A%2F%2Fwww.xxlmag.com%2Fkanye-west-adidas-snea...
  • https://5352434.fls.doubleclick.net/activityi;dc_pre=CJSL1sex1_ECFTniuwgdEdcLFQ;src=5352434;type=xxlmag;cat=xxl_f0;ord=1411766397089;gtm=2od770;auiddc=149742296.1625881763;~oref=https%3A%2F%2Fwww.x...
546 B
447 B 		Document
General
Check archive.org
Download Go to
Full URL
https://5352434.fls.doubleclick.net/activityi;dc_pre=CJSL1sex1_ECFTniuwgdEdcLFQ;src=5352434;type=xxlmag;cat=xxl_f0;ord=1411766397089;gtm=2od770;auiddc=149742296.1625881763;~oref=https%3A%2F%2Fwww.xxlmag.com%2Fkanye-west-adidas-sneakers-nike-socks%2F%3Futm_source%3Dmorning_brew?
Requested by
Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.134 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f6.1e100.net
Software
cafe /
Resource Hash
aa12675594ab44d98466d28aeb35917cf7a50687af4591f06ef0d5e537c923b5
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
5352434.fls.doubleclick.net
:scheme
https
:path
/activityi;dc_pre=CJSL1sex1_ECFTniuwgdEdcLFQ;src=5352434;type=xxlmag;cat=xxl_f0;ord=1411766397089;gtm=2od770;auiddc=149742296.1625881763;~oref=https%3A%2F%2Fwww.xxlmag.com%2Fkanye-west-adidas-sneakers-nike-socks%2F%3Futm_source%3Dmorning_brew?
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.xxlmag.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
about:blank

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Sat, 10 Jul 2021 01:49:23 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
strict-transport-security
max-age=21600
content-type
text/html; charset=UTF-8
pragma
no-cache
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
422
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Sat, 10-Jul-2021 02:04:23 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Sat, 10 Jul 2021 01:49:23 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
follow-only-when-prerender-shown
1
strict-transport-security
max-age=21600
location
https://5352434.fls.doubleclick.net/activityi;dc_pre=CJSL1sex1_ECFTniuwgdEdcLFQ;src=5352434;type=xxlmag;cat=xxl_f0;ord=1411766397089;gtm=2od770;auiddc=149742296.1625881763;~oref=https%3A%2F%2Fwww.xxlmag.com%2Fkanye-west-adidas-sneakers-nike-socks%2F%3Futm_source%3Dmorning_brew?
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
entityTagging.min.js
static.solutionshindsight.net/teju-webclient/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.solutionshindsight.net/teju-webclient/entityTagging.min.js
Requested by
Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.193.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-193-72.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e2abfacd7e7b062fc91f795e9f8595dd8f50487981c5e031a57771cde107d082

Request headers

Referer
https://www.xxlmag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Jul 2021 01:40:50 GMT
content-encoding
gzip
last-modified
Thu, 08 Jul 2021 19:33:48 GMT
server
AmazonS3
age
1171
etag
"35924a5e9dff0c236d9287c9a3c3e335"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 3b02f73dccc5077f1ad544a27a475ed6.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
content-length
4517
x-amz-cf-id
OfVS-OQsxf9MPrJooVmAbXdCF-awQqqgIlaIWhSq1BXWfm4ODWvzNQ==
en.json
cdn.conversant.mgr.consensu.org/gdpr/cmp/3/languages/ 		4 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.conversant.mgr.consensu.org/gdpr/cmp/3/languages/en.json
Requested by
Host: cdn.conversant.mgr.consensu.org
URL: https://cdn.conversant.mgr.consensu.org/gdpr/cmp/3/gdpr-cmp-ui.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.247.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-247-126.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7f500782cb117cf91e9efdb60a0f9dcc445cdcf735f4399690d7d8079f346d68

Request headers

Referer
https://www.xxlmag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Jul 2021 01:49:23 GMT
content-encoding
gzip
last-modified
Thu, 24 Jun 2021 18:44:36 GMT
server
Apache
etag
"f30-5c5876a377b28-gzip"
vary
Accept-Encoding
access-control-allow-methods
GET,POST,OPTIONS
content-type
application/json
access-control-allow-origin
*
access-control-max-age
3600
cache-control
max-age=900
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
content-length
1178
event
api.conversant.mgr.consensu.org/gdpr/cmp/ 		0
119 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.conversant.mgr.consensu.org/gdpr/cmp/event
Requested by
Host: cdn.conversant.mgr.consensu.org
URL: https://cdn.conversant.mgr.consensu.org/gdpr/cmp/3/gdpr-cmp-bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:fa8:8806:20::2010 , United States, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.xxlmag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.xxlmag.com
date
Sat, 10 Jul 2021 01:49:23 GMT
access-control-allow-credentials
true
server
nginx
vary
Origin
follow_button.06c6ee58c3810956b7509218508c7b56.en.html
platform.twitter.com/widgets/ Frame 8D12 		36 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/follow_button.06c6ee58c3810956b7509218508c7b56.en.html
Requested by
Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/674C) /
Resource Hash
2aad1dea74398906714d858498fcf050795f15a08fac55ce829a107393b5cfa6

Request headers

Host
platform.twitter.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.xxlmag.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.xxlmag.com/

Response headers

Content-Encoding
gzip
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
706867
Cache-Control
public, max-age=315360000
Content-Type
text/html; charset=utf-8
Date
Sat, 10 Jul 2021 01:49:23 GMT
Etag
"2619db8370b1a8c68c62850e51110674+gzip"
Last-Modified
Wed, 28 Apr 2021 17:56:42 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (frb/674C)
Vary
Accept-Encoding
X-Cache
HIT
x-tw-cdn
VZ
Content-Length
13632
Tweet.html
platform.twitter.com/embed/ Frame D238 		487 B
1002 B 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-1&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3R3ZWV0X2VtYmVkX2NsaWNrYWJpbGl0eV8xMjEwMiI6eyJidWNrZXQiOiJjb250cm9sIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1412836987506135046&lang=en&origin=https%3A%2F%2Fwww.xxlmag.com%2Fkanye-west-adidas-sneakers-nike-socks%2F&sessionId=48409f860d7f0e16deaa3cd038dcaf29d4017556&siteScreenName=XXL&theme=light&widgetsVersion=82e1070%3A1619632193066&width=550px
Requested by
Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6724) /
Resource Hash
b920759f5ba868ff7a8fa71208a7746bfd37babe29c116ba245522f8cc492b82

Request headers

Host
platform.twitter.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.xxlmag.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.xxlmag.com/

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Access-Control-Max-Age
3000
Age
1127
Cache-Control
public, max-age=1800
Content-Type
text/html; charset=utf-8
Date
Sat, 10 Jul 2021 01:49:23 GMT
Etag
"e3278d70fc9f6dce021527fdb4770376"
Last-Modified
Thu, 01 Jul 2021 21:20:26 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (frb/6724)
X-Cache
HIT
x-tw-cdn
VZ
Content-Length
487
social-embed-loads
events.air.tv/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://events.air.tv/social-embed-loads
Protocol
H2
Server
3.230.83.122 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-83-122.compute-1.amazonaws.com
Software
nginx/1.18.0 / Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.xxlmag.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Sat, 10 Jul 2021 01:49:23 GMT
server
nginx/1.18.0
x-powered-by
Express
access-control-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
expires
0
social-embed-loads
counts.air.tv/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://counts.air.tv/social-embed-loads
Protocol
H2
Server
34.203.157.179 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-203-157-179.compute-1.amazonaws.com
Software
nginx/1.18.0 / Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.xxlmag.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Sat, 10 Jul 2021 01:49:23 GMT
server
nginx/1.18.0
x-powered-by
Express
access-control-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
expires
0
social-embed-loads
events.air.tv/ 		0
210 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.air.tv/social-embed-loads
Requested by
Host: cdn-sp-s3.air.tv
URL: https://cdn-sp-s3.air.tv/airtv.js/v/2021-06-21_17-40-06/twoview-1.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.230.83.122 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-83-122.compute-1.amazonaws.com
Software
nginx/1.18.0 / Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.xxlmag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Sat, 10 Jul 2021 01:49:23 GMT
server
nginx/1.18.0
x-powered-by
Express
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
expires
0
social-embed-loads
counts.air.tv/ 		0
210 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://counts.air.tv/social-embed-loads
Requested by
Host: cdn-sp-s3.air.tv
URL: https://cdn-sp-s3.air.tv/airtv.js/v/2021-06-21_17-40-06/twoview-1.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.203.157.179 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-203-157-179.compute-1.amazonaws.com
Software
nginx/1.18.0 / Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.xxlmag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Sat, 10 Jul 2021 01:49:23 GMT
server
nginx/1.18.0
x-powered-by
Express
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
expires
0
d3d3Lnh4bG1hZy5jb20=
static.solutionshindsight.net/assets/ 		5 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://static.solutionshindsight.net/assets/d3d3Lnh4bG1hZy5jb20=
Requested by
Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.193.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-193-72.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
54e66b560fe6ce3453ba832987b3462fb2bd248de6edc3d3b6e74eacb672e4d8

Request headers

Referer
https://www.xxlmag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
etag
W/"6facc0960725b63acc4c14afdee38fae"
age
482
x-cache
Hit from cloudfront
access-control-max-age
3000
access-control-allow-origin
*
last-modified
Sat, 24 Apr 2021 16:01:33 GMT
server
AmazonS3
date
Sat, 10 Jul 2021 01:42:21 GMT
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET
content-type
application/json
via
1.1 cb33a7a4640adbb55df3e0d143601559.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
fkjlx4EWJueMSoxHDRchGDFJl3hB8k2OlWUbcJckR5GU5OVDRaXS1Q==
zerg.js
www.zergnet.com/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.zergnet.com/zerg.js?id=65667
Requested by
Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.233.22.207 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-233-22-207.compute-1.amazonaws.com
Software
nginx /
Resource Hash
dd8ed08918b5a70cf9632627e0146160d5d89606102baf9b90b06a62c0fe6992

Request headers

Referer
https://www.xxlmag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Jul 2021 01:49:23 GMT
content-encoding
gzip
expires
Sat, 17 Jul 2021 01:49:23 GMT
server
nginx
content-type
application/javascript; charset=UTF-8
truncated
/ Frame 8D12 		822 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
embed.runtime.abff6a82314c4833181a.js
platform.twitter.com/embed/ Frame D238 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.runtime.abff6a82314c4833181a.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-1&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3R3ZWV0X2VtYmVkX2NsaWNrYWJpbGl0eV8xMjEwMiI6eyJidWNrZXQiOiJjb250cm9sIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1412836987506135046&lang=en&origin=https%3A%2F%2Fwww.xxlmag.com%2Fkanye-west-adidas-sneakers-nike-socks%2F&sessionId=48409f860d7f0e16deaa3cd038dcaf29d4017556&siteScreenName=XXL&theme=light&widgetsVersion=82e1070%3A1619632193066&width=550px
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67E2) /
Resource Hash
893ceb2ff84c4dc7e5519c40d57efe2d6b6cd4969cef99794212dcaf823448be

Request headers

Referer
https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-1&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3R3ZWV0X2VtYmVkX2NsaWNrYWJpbGl0eV8xMjEwMiI6eyJidWNrZXQiOiJjb250cm9sIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1412836987506135046&lang=en&origin=https%3A%2F%2Fwww.xxlmag.com%2Fkanye-west-adidas-sneakers-nike-socks%2F&sessionId=48409f860d7f0e16deaa3cd038dcaf29d4017556&siteScreenName=XXL&theme=light&widgetsVersion=82e1070%3A1619632193066&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 10 Jul 2021 01:49:23 GMT
Content-Encoding
gzip
Last-Modified
Thu, 01 Jul 2021 21:20:26 GMT
Server
ECS (frb/67E2)
Age
706868
Etag
"9b459491c0f29d1c8dd34feb25724636+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
3516
embed.modules.b77b7cad63a09dd863a4.js
platform.twitter.com/embed/ Frame D238 		501 KB
160 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.modules.b77b7cad63a09dd863a4.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-1&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3R3ZWV0X2VtYmVkX2NsaWNrYWJpbGl0eV8xMjEwMiI6eyJidWNrZXQiOiJjb250cm9sIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1412836987506135046&lang=en&origin=https%3A%2F%2Fwww.xxlmag.com%2Fkanye-west-adidas-sneakers-nike-socks%2F&sessionId=48409f860d7f0e16deaa3cd038dcaf29d4017556&siteScreenName=XXL&theme=light&widgetsVersion=82e1070%3A1619632193066&width=550px
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6795) /
Resource Hash
ce2c83aa57d73b90ff0266ebe6d8631a0a090a0406e1108a36056a28b7128a61

Request headers

Referer
https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-1&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3R3ZWV0X2VtYmVkX2NsaWNrYWJpbGl0eV8xMjEwMiI6eyJidWNrZXQiOiJjb250cm9sIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1412836987506135046&lang=en&origin=https%3A%2F%2Fwww.xxlmag.com%2Fkanye-west-adidas-sneakers-nike-socks%2F&sessionId=48409f860d7f0e16deaa3cd038dcaf29d4017556&siteScreenName=XXL&theme=light&widgetsVersion=82e1070%3A1619632193066&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 10 Jul 2021 01:49:23 GMT
Content-Encoding
gzip
Last-Modified
Thu, 01 Jul 2021 21:20:26 GMT
Server
ECS (frb/6795)
Age
706868
Etag
"835a67b4167ec7940920d0e1f512c7f5+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
163558
embed.i18n.c12629618c7555761d5d.js
platform.twitter.com/embed/ Frame D238 		146 B
651 B 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.i18n.c12629618c7555761d5d.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-1&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3R3ZWV0X2VtYmVkX2NsaWNrYWJpbGl0eV8xMjEwMiI6eyJidWNrZXQiOiJjb250cm9sIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1412836987506135046&lang=en&origin=https%3A%2F%2Fwww.xxlmag.com%2Fkanye-west-adidas-sneakers-nike-socks%2F&sessionId=48409f860d7f0e16deaa3cd038dcaf29d4017556&siteScreenName=XXL&theme=light&widgetsVersion=82e1070%3A1619632193066&width=550px
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67BE) /
Resource Hash
bcce16468496437c5089ea25ac4a21df4b96043deb2220bda588d72283991fff

Request headers

Referer
https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-1&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3R3ZWV0X2VtYmVkX2NsaWNrYWJpbGl0eV8xMjEwMiI6eyJidWNrZXQiOiJjb250cm9sIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1412836987506135046&lang=en&origin=https%3A%2F%2Fwww.xxlmag.com%2Fkanye-west-adidas-sneakers-nike-socks%2F&sessionId=48409f860d7f0e16deaa3cd038dcaf29d4017556&siteScreenName=XXL&theme=light&widgetsVersion=82e1070%3A1619632193066&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 10 Jul 2021 01:49:23 GMT
Access-Control-Allow-Methods
GET
Last-Modified
Thu, 01 Jul 2021 21:20:26 GMT
Server
ECS (frb/67BE)
Age
706869
Etag
"5f4a09fa71bda22516384aa36d71d94d"
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Accept-Ranges
bytes
Content-Type
application/javascript; charset=utf-8
Content-Length
146
embed.Tweet.24c669c1f9bff5021722.js
platform.twitter.com/embed/ Frame D238 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.Tweet.24c669c1f9bff5021722.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-1&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3R3ZWV0X2VtYmVkX2NsaWNrYWJpbGl0eV8xMjEwMiI6eyJidWNrZXQiOiJjb250cm9sIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1412836987506135046&lang=en&origin=https%3A%2F%2Fwww.xxlmag.com%2Fkanye-west-adidas-sneakers-nike-socks%2F&sessionId=48409f860d7f0e16deaa3cd038dcaf29d4017556&siteScreenName=XXL&theme=light&widgetsVersion=82e1070%3A1619632193066&width=550px
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6725) /
Resource Hash
069a30f19020243cb38546e37d2bdfbd9e07c048fcf9dab8a7bad2c637267448

Request headers

Referer
https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-1&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3R3ZWV0X2VtYmVkX2NsaWNrYWJpbGl0eV8xMjEwMiI6eyJidWNrZXQiOiJjb250cm9sIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1412836987506135046&lang=en&origin=https%3A%2F%2Fwww.xxlmag.com%2Fkanye-west-adidas-sneakers-nike-socks%2F&sessionId=48409f860d7f0e16deaa3cd038dcaf29d4017556&siteScreenName=XXL&theme=light&widgetsVersion=82e1070%3A1619632193066&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 10 Jul 2021 01:49:23 GMT
Content-Encoding
gzip
Last-Modified
Thu, 01 Jul 2021 21:20:26 GMT
Server
ECS (frb/6725)
Age
288320
Etag
"7180de3430ddb648daf8401f8553a028+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
5568
dc_pre=CJSL1sex1_ECFTniuwgdEdcLFQ;src=5352434;type=xxlmag;cat=xxl_f0;ord=1411766397089;gtm=2od770;auiddc=149742296.1625881763;~oref=https%3A%2F%2Fwww.xxlmag.com%2Fkanye-west-adidas-sneakers-nike-so...
adservice.google.com/ddm/fls/i/ Frame 2BF4 		545 B
911 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/ddm/fls/i/dc_pre=CJSL1sex1_ECFTniuwgdEdcLFQ;src=5352434;type=xxlmag;cat=xxl_f0;ord=1411766397089;gtm=2od770;auiddc=149742296.1625881763;~oref=https%3A%2F%2Fwww.xxlmag.com%2Fkanye-west-adidas-sneakers-nike-socks%2F%3Futm_source%3Dmorning_brew
Requested by
Host: 5352434.fls.doubleclick.net
URL: https://5352434.fls.doubleclick.net/activityi;dc_pre=CJSL1sex1_ECFTniuwgdEdcLFQ;src=5352434;type=xxlmag;cat=xxl_f0;ord=1411766397089;gtm=2od770;auiddc=149742296.1625881763;~oref=https%3A%2F%2Fwww.xxlmag.com%2Fkanye-west-adidas-sneakers-nike-socks%2F%3Futm_source%3Dmorning_brew?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e09ea960e63f26275ad9579ab9f3b0ca692a7efdb07512121c490aaf54ef2e73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
adservice.google.com
:scheme
https
:path
/ddm/fls/i/dc_pre=CJSL1sex1_ECFTniuwgdEdcLFQ;src=5352434;type=xxlmag;cat=xxl_f0;ord=1411766397089;gtm=2od770;auiddc=149742296.1625881763;~oref=https%3A%2F%2Fwww.xxlmag.com%2Fkanye-west-adidas-sneakers-nike-socks%2F%3Futm_source%3Dmorning_brew
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://5352434.fls.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://5352434.fls.doubleclick.net/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Sat, 10 Jul 2021 01:49:23 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
content-type
text/html; charset=UTF-8
pragma
no-cache
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
422
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
articles
api.solutionshindsight.net/v1/ 		2 KB
1016 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.solutionshindsight.net/v1/articles?publisher_id=5f9a1cef1d69656fa3bc95cb&article_external_id=https%3A%2F%2Fwww.xxlmag.com%2Fkanye-west-adidas-sneakers-nike-socks%2F
Requested by
Host: static.solutionshindsight.net
URL: https://static.solutionshindsight.net/teju-webclient/entityTagging.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.74.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-74-103.fra2.r.cloudfront.net
Software
/
Resource Hash
672023609a3b981262a361332c1c8d3801c1beaf544eb99eb47cc4557761c7be

Request headers

Referer
https://www.xxlmag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Jul 2021 01:49:23 GMT
content-encoding
gzip
x-amzn-remapped-content-length
1638
x-amz-cf-pop
FRA2-C2
x-amzn-requestid
99217693-6af4-4977-905a-7514f2e7fd88
vary
Origin
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
https://www.xxlmag.com
x-amzn-trace-id
Root=1-60e8fca3-13345807179fab901365426f;Sampled=0
access-control-allow-credentials
true
x-amz-apigw-id
COxpmF9voAMFtWg=
content-length
548
via
1.1 90cf045072373c2c671297de3161846f.cloudfront.net (CloudFront)
x-amz-cf-id
TBMRi7MhwVW9zmFnDNJEHaG-BTmXzJiDYFWBpIiJBo2t1pOBmDtxsw==
embed.vendors~ondemand.horizon-web.en-js.da67c80b15a261987832.js
platform.twitter.com/embed/ Frame D238 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.vendors~ondemand.horizon-web.en-js.da67c80b15a261987832.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.abff6a82314c4833181a.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67F2) /
Resource Hash
c84737ed98fba5d40474804773fa4a889faad2a9f5a7f049c1d850494e9b5f39

Request headers

Referer
https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-1&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3R3ZWV0X2VtYmVkX2NsaWNrYWJpbGl0eV8xMjEwMiI6eyJidWNrZXQiOiJjb250cm9sIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1412836987506135046&lang=en&origin=https%3A%2F%2Fwww.xxlmag.com%2Fkanye-west-adidas-sneakers-nike-socks%2F&sessionId=48409f860d7f0e16deaa3cd038dcaf29d4017556&siteScreenName=XXL&theme=light&widgetsVersion=82e1070%3A1619632193066&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 10 Jul 2021 01:49:23 GMT
Content-Encoding
gzip
Last-Modified
Thu, 01 Jul 2021 21:20:26 GMT
Server
ECS (frb/67F2)
Age
706868
Etag
"633742842407ac7dad3d420012727391+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
7050
embed.ondemand.i18n.en-js.b4b5f7fe932f900b7057.js
platform.twitter.com/embed/ Frame D238 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.ondemand.i18n.en-js.b4b5f7fe932f900b7057.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.abff6a82314c4833181a.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6763) /
Resource Hash
7b612ff529725ae692fe908ca7abab4d85d2cf65d40a0490185df84bc1bf5654

Request headers

Referer
https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-1&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3R3ZWV0X2VtYmVkX2NsaWNrYWJpbGl0eV8xMjEwMiI6eyJidWNrZXQiOiJjb250cm9sIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1412836987506135046&lang=en&origin=https%3A%2F%2Fwww.xxlmag.com%2Fkanye-west-adidas-sneakers-nike-socks%2F&sessionId=48409f860d7f0e16deaa3cd038dcaf29d4017556&siteScreenName=XXL&theme=light&widgetsVersion=82e1070%3A1619632193066&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 10 Jul 2021 01:49:23 GMT
Content-Encoding
gzip
Last-Modified
Thu, 01 Jul 2021 21:20:26 GMT
Server
ECS (frb/6763)
Age
706869
Etag
"e2a8baad532925d1d8cb8923f885aba8+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
1545
jot
syndication.twitter.com/i/ 		43 B
352 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://syndication.twitter.com/i/jot?l=%7B%22widget_origin%22%3A%22https%3A%2F%2Fwww.xxlmag.com%2Fkanye-west-adidas-sneakers-nike-socks%2F%22%2C%22widget_frame%22%3Afalse%2C%22widget_site_screen_name%22%3A%22XXL%22%2C%22language%22%3A%22en%22%2C%22message%22%3A%22m%3Awithcount%3A%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1625881763665%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%2282e1070%3A1619632193066%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22follow%22%2C%22action%22%3A%22impression%22%7D%7D
Requested by
Host: www.xxlmag.com
URL: https://www.xxlmag.com/kanye-west-adidas-sneakers-nike-socks/?utm_source=morning_brew
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.42.136 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.xxlmag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Jul 2021 01:49:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200 OK
x-twitter-response-tags
BouncerCompliant
content-length
65
x-xss-protection
0
pragma
no-cache
last-modified
Sat, 10 Jul 2021 01:49:23 GMT
server
tsa_o
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=631138519
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
0277b8b325d87427fc55eb6662ef03c8070e969269bdf2506180383ef89af21d
x-transaction
2f1e516675b600d2
expires
Tue, 31 Mar 1981 05:00:00 GMT
output.js
www.zergnet.com/ 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.zergnet.com/output.js?id=65667&time=1625881763672&sc=1&callback=json2097824
Requested by
Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.233.22.207 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-233-22-207.compute-1.amazonaws.com
Software
nginx /
Resource Hash
6134c3420e217cd48d264fd5e1f53b07ee65494eb2ad3605c10e5778c8a6bb8c

Request headers

Referer
https://www.xxlmag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Jul 2021 01:49:23 GMT
content-encoding
gzip
server
nginx
p3p
CP="ZergNet does not have a P3P policy. Learn why here: http://www.zergnet.com/p3p"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
application/javascript; charset=UTF-8
expires
Mon, 26 Jul 1997 05:00:00 GMT
embed.vendors~ondemand.TimelineList~ondemand.TimelineProfile~ondemand.Tweet.22ed862f34c8c98fa79c.js
platform.twitter.com/embed/ Frame D238 		118 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.vendors~ondemand.TimelineList~ondemand.TimelineProfile~ondemand.Tweet.22ed862f34c8c98fa79c.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.abff6a82314c4833181a.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67E2) /
Resource Hash
404c99a291c53119a6bc17d791918a0c258daa0b2ff5740d8387da180085cc35

Request headers

Referer
https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-1&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3R3ZWV0X2VtYmVkX2NsaWNrYWJpbGl0eV8xMjEwMiI6eyJidWNrZXQiOiJjb250cm9sIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1412836987506135046&lang=en&origin=https%3A%2F%2Fwww.xxlmag.com%2Fkanye-west-adidas-sneakers-nike-socks%2F&sessionId=48409f860d7f0e16deaa3cd038dcaf29d4017556&siteScreenName=XXL&theme=light&widgetsVersion=82e1070%3A1619632193066&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 10 Jul 2021 01:49:23 GMT
Content-Encoding
gzip
Last-Modified
Thu, 01 Jul 2021 21:20:26 GMT
Server
ECS (frb/67E2)
Age
706868
Etag
"5f5c2203dc3e7463e8048cccdc25073d+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
31959
embed.vendors~ondemand.Tweet.1ff8a181d909c06588bc.js
platform.twitter.com/embed/ Frame D238 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.vendors~ondemand.Tweet.1ff8a181d909c06588bc.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.abff6a82314c4833181a.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6738) /
Resource Hash
de6bfdf9ff0a2da5cf6e7f959ff0298d69a2eba4d4fafc5a457dd9513e2147b6

Request headers

Referer
https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-1&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3R3ZWV0X2VtYmVkX2NsaWNrYWJpbGl0eV8xMjEwMiI6eyJidWNrZXQiOiJjb250cm9sIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1412836987506135046&lang=en&origin=https%3A%2F%2Fwww.xxlmag.com%2Fkanye-west-adidas-sneakers-nike-socks%2F&sessionId=48409f860d7f0e16deaa3cd038dcaf29d4017556&siteScreenName=XXL&theme=light&widgetsVersion=82e1070%3A1619632193066&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 10 Jul 2021 01:49:23 GMT
Content-Encoding
gzip
Last-Modified
Thu, 01 Jul 2021 21:20:26 GMT
Server
ECS (frb/6738)
Age
706868
Etag
"4e87c3299d0f183ececc85b416a98a5d+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
5753
embed.ondemand.Tweet.f12d18c605bc02cedaf7.js
platform.twitter.com/embed/ Frame D238 		60 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.ondemand.Tweet.f12d18c605bc02cedaf7.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.abff6a82314c4833181a.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6738) /
Resource Hash
a71138bec5eca04da7fc6e41b176c80ab023e76f1149ced24ff0a04af4c478f9

Request headers

Referer
https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-1&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3R3ZWV0X2VtYmVkX2NsaWNrYWJpbGl0eV8xMjEwMiI6eyJidWNrZXQiOiJjb250cm9sIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1412836987506135046&lang=en&origin=https%3A%2F%2Fwww.xxlmag.com%2Fkanye-west-adidas-sneakers-nike-socks%2F&sessionId=48409f860d7f0e16deaa3cd038dcaf29d4017556&siteScreenName=XXL&theme=light&widgetsVersion=82e1070%3A1619632193066&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 10 Jul 2021 01:49:23 GMT
Content-Encoding
gzip
Last-Modified
Thu, 01 Jul 2021 21:20:26 GMT
Server
ECS (frb/6738)
Age
706867
Etag
"f6a0f30123abebcd192930fb7a15e612+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
14468
dc_pre=CJSL1sex1_ECFTniuwgdEdcLFQ;src=5352434;type=xxlmag;cat=xxl_f0;ord=1411766397089;gtm=2od770;auiddc=149742296.1625881763;~oref=https%3A%2F%2Fwww.xxlmag.com%2Fkanye-west-adidas-sneakers-nike-so...
adservice.google.de/ddm/fls/i/ Frame 8729 		194 B
931 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/ddm/fls/i/dc_pre=CJSL1sex1_ECFTniuwgdEdcLFQ;src=5352434;type=xxlmag;cat=xxl_f0;ord=1411766397089;gtm=2od770;auiddc=149742296.1625881763;~oref=https%3A%2F%2Fwww.xxlmag.com%2Fkanye-west-adidas-sneakers-nike-socks%2F%3Futm_source%3Dmorning_brew
Requested by
Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CJSL1sex1_ECFTniuwgdEdcLFQ;src=5352434;type=xxlmag;cat=xxl_f0;ord=1411766397089;gtm=2od770;auiddc=149742296.1625881763;~oref=https%3A%2F%2Fwww.xxlmag.com%2Fkanye-west-adidas-sneakers-nike-socks%2F%3Futm_source%3Dmorning_brew
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
adservice.google.de
:scheme
https
:path
/ddm/fls/i/dc_pre=CJSL1sex1_ECFTniuwgdEdcLFQ;src=5352434;type=xxlmag;cat=xxl_f0;ord=1411766397089;gtm=2od770;auiddc=149742296.1625881763;~oref=https%3A%2F%2Fwww.xxlmag.com%2Fkanye-west-adidas-sneakers-nike-socks%2F%3Futm_source%3Dmorning_brew
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://adservice.google.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://adservice.google.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Sat, 10 Jul 2021 01:49:23 GMT
expires
Sat, 10 Jul 2021 01:49:23 GMT
cache-control
private, max-age=0
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
177
x-xss-protection
0
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
tweet
cdn.syndication.twimg.com/ Frame D238 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.syndication.twimg.com/tweet?features=tfw_experiments_cookie_expiration%3A1209600%3Btfw_horizon_tweet_embed_9555%3Ahte%3Btfw_tweet_embed_clickability_12102%3Acontrol&id=1412836987506135046&lang=en
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.modules.b77b7cad63a09dd863a4.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6795) / Express
Resource Hash
3815663ad1cbdd3b18afdb004ee6517f0ac84ca8ba61097d273a8c7e1f96c4ae
Security Headers
Name Value
Content-Security-Policy connect-src 'self'; default-src 'self'; frame-src 'self'; font-src 'self'; form-action 'self'; img-src 'self'; media-src 'self'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://twitter.com/i/csp_report?a=O5RXE%3D%3D%3D&ro=false
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
connect-src 'self'; default-src 'self'; frame-src 'self'; font-src 'self'; form-action 'self'; img-src 'self'; media-src 'self'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://twitter.com/i/csp_report?a=O5RXE%3D%3D%3D&ro=false
content-encoding
gzip
etag
W/"4be-0RlXvFvgHXp2xQfsUD7VKnfQXhQ"
age
41
x-powered-by
Express
x-cache
HIT
access-control-allow-methods
GET
strict-transport-security
max-age=631138519
content-length
660
x-xss-protection
0
last-modified
Sat, 10 Jul 2021 01:48:42 GMT
server
ECS (frb/6795)
x-frame-options
SAMEORIGIN
date
Sat, 10 Jul 2021 01:49:23 GMT
vary
Accept-Encoding
x-tw-cdn
VZ, VZ
content-type
application/json; charset=utf-8
access-control-allow-origin
https://platform.twitter.com
cache-control
must-revalidate, max-age=60
access-control-allow-credentials
true
x-connection-hash
a5caaea9d220fe8efb153ac68926593cc4b5cf6e156b7beae5551d6daefd7bdd
accept-ranges
bytes
x-content-type-options
nosniff
access-contol-allow-origin
platform.twitter.com
gtm.js
www.googletagmanager.com/ 		91 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-K346HJZ
Requested by
Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
0ad8c1cad151121c0384d90b19299fa487a4ee2fd1a6df3ae9785a0bb8d751b3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.xxlmag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Jul 2021 01:49:23 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35107
x-xss-protection
0
last-modified
Sat, 10 Jul 2021 00:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 10 Jul 2021 01:49:23 GMT
jot
syndication.twitter.com/i/ Frame D238 		43 B
119 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://syndication.twitter.com/i/jot?l=%7B%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1625881763770%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22tweet%22%2C%22action%22%3A%22results%22%2C%22section%22%3A%22main%22%7D%2C%22context%22%3A%22horizon%22%2C%22client_version%22%3A%2282e1070%3A1619632193066%22%2C%22dnt%22%3Afalse%2C%22widget_id%22%3A%22twitter-widget-1%22%2C%22widget_origin%22%3A%22https%3A%2F%2Fwww.xxlmag.com%2Fkanye-west-adidas-sneakers-nike-socks%2F%22%2C%22widget_frame%22%3A%22false%22%2C%22widget_partner%22%3A%22%22%2C%22widget_site_screen_name%22%3A%22XXL%22%2C%22widget_site_user_id%22%3A%22%22%2C%22widget_creator_screen_name%22%3A%22%22%2C%22widget_creator_user_id%22%3A%22%22%2C%22widget_iframe_version%22%3A%228d0aa66%3A1625168834488%22%2C%22item_ids%22%3A%5B%221412836987506135046%22%5D%2C%22item_details%22%3A%7B%221412836987506135046%22%3A%7B%22item_type%22%3A0%7D%7D%7D
Requested by
Host: www.xxlmag.com
URL: https://www.xxlmag.com/kanye-west-adidas-sneakers-nike-socks/?utm_source=morning_brew
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.42.136 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Jul 2021 01:49:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200 OK
x-twitter-response-tags
BouncerCompliant
content-length
65
x-xss-protection
0
pragma
no-cache
last-modified
Sat, 10 Jul 2021 01:49:23 GMT
server
tsa_o
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=631138519
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
0277b8b325d87427fc55eb6662ef03c8070e969269bdf2506180383ef89af21d
x-transaction
9f0d8e4bbd9c3a18
expires
Tue, 31 Mar 1981 05:00:00 GMT
1f50d.svg
abs-0.twimg.com/emoji/v2/svg/ Frame D238 		460 B
639 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://abs-0.twimg.com/emoji/v2/svg/1f50d.svg
Requested by
Host: www.xxlmag.com
URL: https://www.xxlmag.com/kanye-west-adidas-sneakers-nike-socks/?utm_source=morning_brew
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.43.131 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
426d4db7bb4ca89f374e8c1b85807741e44b26a8d1691517f670256125624134
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=631138519
content-encoding
gzip
x-content-type-options
nosniff
x-cache
HIT, HIT
timing-server-allow
https://twitter.com;https://mobile.twitter.com
server-timing
x-cache;desc=HIT, HIT, x-tw-cdn;desc=FT
content-length
280
x-served-by
cache-fty21370-FTY, cache-fra19142-FRA
last-modified
Thu, 16 Apr 2020 18:19:04 GMT
etag
"3esqkN0yhnt34isezPX6VQ=="
vary
Accept-Encoding
x-tw-cdn
FT
content-type
image/svg+xml
access-control-allow-origin
*
accept-ranges
bytes
date
Sat, 10 Jul 2021 01:49:23 GMT
expires
Sat, 22 Jan 2022 08:01:33 GMT
_bulk
api.solutionshindsight.net/v2/events/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.solutionshindsight.net/v2/events/_bulk
Protocol
H2
Server
13.225.74.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-74-103.fra2.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.xxlmag.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

content-type
application/json
content-length
0
date
Sat, 10 Jul 2021 01:49:24 GMT
x-amzn-requestid
76109ac5-c41e-40de-85d7-0f480d72185a
access-control-allow-origin
*
access-control-allow-headers
Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
x-amz-apigw-id
COxpqFM4oAMFqPQ=
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
x-cache
Miss from cloudfront
via
1.1 90cf045072373c2c671297de3161846f.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
ICuLV76GXSo3AwGbUM92-68OhGP2lccGOjLAsILmgF-HH6IDsh4YGw==
_bulk
api.solutionshindsight.net/v2/events/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.solutionshindsight.net/v2/events/_bulk
Requested by
Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.74.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-74-103.fra2.r.cloudfront.net
Software
/
Resource Hash

Request headers

Referer
https://www.xxlmag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 10 Jul 2021 01:49:24 GMT
via
1.1 90cf045072373c2c671297de3161846f.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
x-amzn-requestid
04e4b3c6-1a2c-43b3-95fd-ff3e4594efa1
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
x-amzn-trace-id
Root=1-60e8fca4-58e762b057c50c047f8d2560
x-amz-apigw-id
COxptE64IAMFaTg=
content-length
0
x-amz-cf-id
lo_oB8exGykkE4qif6gayoVbJwSFCTpr57-P9EESKRGXVihMBXH_yA==
bl.php
srv.clickfuse.com/ads/ 		0
303 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://srv.clickfuse.com/ads/bl.php
Requested by
Host: srv.clickfuse.com
URL: https://srv.clickfuse.com/showads/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.246.2.88 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-246-2-88.eu-west-1.compute.amazonaws.com
Software
Apache/2.4.46 (Amazon) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.xxlmag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundaryRtttJwzT53oQ5Pdk

Response headers

Date
Sat, 10 Jul 2021 01:49:23 GMT
Server
Apache/2.4.46 (Amazon)
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=60
Connection
keep-alive
Access-Control-Allow-Headers
*
Content-Length
0
Expires
Sat, 10 Jul 2021 01:50:23 GMT
adunit.php
srv.clickfuse.com/showads/
Redirect Chain
  • https://srv.clickfuse.com/showads/adunit.php?id=100001357&di=cf_async_431233157&subtag=&search=&artist=Kanye%20West&song=&tvt=&alb=&alb_is=false&dvid=&f=false&vpw=1600&abf=0&d=&pid=&cs=1&bl=false&r...
  • https://srv.clickfuse.com/showads/adunit.php?fc=1&id=100001357&di=cf_async_431233157&subtag=&search=&artist=Kanye%20West&song=&tvt=&alb=&alb_is=false&dvid=&f=false&vpw=1600&abf=0&d=&pid=&cs=1&bl=fa...
4 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://srv.clickfuse.com/showads/adunit.php?fc=1&id=100001357&di=cf_async_431233157&subtag=&search=&artist=Kanye%20West&song=&tvt=&alb=&alb_is=false&dvid=&f=false&vpw=1600&abf=0&d=&pid=&cs=1&bl=false&ro=&uc=&uf=&position=0&ctr=&bp_abf=false&cf=&cc=&kv=&ps=1&af=&if=0&ii=0&pe=&ph=&pf=&fh=&mo=undefined&url=https%3A%2F%2Fwww.xxlmag.com%2Fkanye-west-adidas-sneakers-nike-socks%2F%3Futm_source%3Dmorning_brew&t=1625881763809
Requested by
Host: www.xxlmag.com
URL: https://www.xxlmag.com/kanye-west-adidas-sneakers-nike-socks/?utm_source=morning_brew
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.246.2.88 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-246-2-88.eu-west-1.compute.amazonaws.com
Software
Apache/2.4.46 (Amazon) /
Resource Hash
3ec29425890291318343f76b3eb2f93e91fbfdbc0b014208306224c530a2a735

Request headers

Referer
https://www.xxlmag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 10 Jul 2021 01:49:23 GMT
Cache-Control
no-cache, must-revalidate
Expires
Sat, 26 Jul 1997 05:00:00 GMT
Server
Apache/2.4.46 (Amazon)
Connection
keep-alive
Content-Length
3832
Content-Type
text/javascript;charset=UTF-8

Redirect headers

Date
Sat, 10 Jul 2021 01:49:23 GMT
Server
Apache/2.4.46 (Amazon)
P3P
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="/w3c/p3p.xml"
Location
/showads/adunit.php?fc=1&id=100001357&di=cf_async_431233157&subtag=&search=&artist=Kanye%20West&song=&tvt=&alb=&alb_is=false&dvid=&f=false&vpw=1600&abf=0&d=&pid=&cs=1&bl=false&ro=&uc=&uf=&position=0&ctr=&bp_abf=false&cf=&cc=&kv=&ps=1&af=&if=0&ii=0&pe=&ph=&pf=&fh=&mo=undefined&url=https%3A%2F%2Fwww.xxlmag.com%2Fkanye-west-adidas-sneakers-nike-socks%2F%3Futm_source%3Dmorning_brew&t=1625881763809
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Type
text/javascript;charset=UTF-8
Content-Length
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
hPKFigE5_normal.jpg
pbs.twimg.com/profile_images/1324007466145906688/ Frame D238 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/profile_images/1324007466145906688/hPKFigE5_normal.jpg
Requested by
Host: www.xxlmag.com
URL: https://www.xxlmag.com/kanye-west-adidas-sneakers-nike-socks/?utm_source=morning_brew
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6712) /
Resource Hash
31bd748eed0b2ce2a8e6f12ddf429c47a2871a2f30511a373ff968ceee89af59
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Jul 2021 01:49:23 GMT
x-content-type-options
nosniff
age
210541
x-cache
HIT
content-length
1883
x-response-time
123
surrogate-key
profile_images profile_images/bucket/0 profile_images/1324007466145906688
last-modified
Wed, 04 Nov 2020 15:13:53 GMT
server
ECS (frb/6712)
strict-transport-security
max-age=631138519
x-tw-cdn
VZ, VZ
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
fda2ac54d49be2d7057eae7f4fa739ac87ca76b9522d95aeba56b80c4d8af96f
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
E5tnvAMXEAMyMNw
pbs.twimg.com/media/ Frame D238 		60 KB
60 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/media/E5tnvAMXEAMyMNw?format=jpg&name=small
Requested by
Host: www.xxlmag.com
URL: https://www.xxlmag.com/kanye-west-adidas-sneakers-nike-socks/?utm_source=morning_brew
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/668C) /
Resource Hash
e783044b6633569f7444468ce582cad2d185e208440d8b5c28ca51b8910325e1
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Jul 2021 01:49:23 GMT
x-content-type-options
nosniff
age
200186
x-cache
HIT
content-length
61688
surrogate-key
media media/bucket/2 media/1412836965314138115
last-modified
Wed, 07 Jul 2021 18:10:36 GMT
server
ECS (frb/668C)
strict-transport-security
max-age=631138519
x-tw-cdn
VZ, VZ
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
9935a7a1d8e829a1a030cc6587e7d9f7adb0216d39c50d0ed51e82d642b85c79
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
6629892_300.jpg
img1.zergnet.com/ 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img1.zergnet.com/6629892_300.jpg
Requested by
Host: www.xxlmag.com
URL: https://www.xxlmag.com/kanye-west-adidas-sneakers-nike-socks/?utm_source=morning_brew
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.225.74.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-74-79.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2b7117da712636bd1588d8fbfff0656f73a0f24cf2f281a544d87ef1e0e5009b

Request headers

Referer
https://www.xxlmag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 09 Jul 2021 18:09:14 GMT
Via
1.1 d9bf8acc1da383db4531789bbb03ac07.cloudfront.net (CloudFront)
Age
27610
X-Cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
Connection
keep-alive
Content-Length
22757
Last-Modified
Fri, 09 Jul 2021 17:47:33 GMT
Server
AmazonS3
ETag
"d72c6ec36476b938c4ef6990e478a13c"
x-amz-version-id
Oj7BpufR6QtxhVq1OesHNgsfNqNsSNW9
Cache-Control
max-age=290304000, public
X-Amz-Cf-Pop
FRA2-C2
Accept-Ranges
bytes
Content-Type
image/jpeg
X-Amz-Cf-Id
1gNY85G2yMJVpCjzTxBVR78e-9U5ASU8at1VmFRTC8JOPsVNNLHxIw==
Expires
Sat, 09 Jul 2022 17:47:32 GMT
6539069_300.jpg
img2.zergnet.com/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img2.zergnet.com/6539069_300.jpg
Requested by
Host: www.xxlmag.com
URL: https://www.xxlmag.com/kanye-west-adidas-sneakers-nike-socks/?utm_source=morning_brew
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.225.74.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-74-79.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f071d697956d9541147ab96a77fc2bf09c6fb091f9e3fa6fc3772e8ceea34fa4

Request headers

Referer
https://www.xxlmag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 27 May 2021 23:32:49 GMT
Via
1.1 1bf129b8787cf2e96d3bce725554e4d5.cloudfront.net (CloudFront)
Age
3723394
X-Cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
Connection
keep-alive
Content-Length
14289
Last-Modified
Thu, 27 May 2021 22:19:31 GMT
Server
AmazonS3
ETag
"d06565d237f1b1959a2003f1a303ccaf"
x-amz-version-id
lgrJepSktfm2gjHOl2GSkKdX9mN5OI46
Cache-Control
max-age=290304000, public
X-Amz-Cf-Pop
FRA2-C2
Accept-Ranges
bytes
Content-Type
image/jpeg
X-Amz-Cf-Id
OPugHH-ylTYeaVkaU_a3Gv-tqDj0iN8GoUifyIdicqYJbfW6bdd0Ww==
Expires
Fri, 27 May 2022 22:19:30 GMT
6038877_300.jpg
img2.zergnet.com/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img2.zergnet.com/6038877_300.jpg
Requested by
Host: www.xxlmag.com
URL: https://www.xxlmag.com/kanye-west-adidas-sneakers-nike-socks/?utm_source=morning_brew
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.225.74.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-74-79.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c30fb1567d9ea1b5fbb71380c31ba5304bd4923445af99b31c85fd2dfe7e24cd

Request headers

Referer
https://www.xxlmag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 25 Jun 2021 22:40:43 GMT
Via
1.1 6fa33d47af6f4da7007689083cfe9b9c.cloudfront.net (CloudFront)
Age
1220921
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
16840
Last-Modified
Fri, 11 Dec 2020 15:39:51 GMT
Server
AmazonS3
ETag
"f41c4b11b0671526bd96aa055341a793"
x-amz-version-id
null
Cache-Control
max-age=290304000, public
X-Amz-Cf-Pop
FRA2-C2
Accept-Ranges
bytes
Content-Type
image/jpeg
X-Amz-Cf-Id
01EjU29L0AS7IhjeWXgKo7huxFmUyqts1YF1x59k83cMOXRztPtlfA==
Expires
Sat, 11 Dec 2021 15:39:50 GMT
6356331_300.jpg
img4.zergnet.com/ 		26 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img4.zergnet.com/6356331_300.jpg
Requested by
Host: www.xxlmag.com
URL: https://www.xxlmag.com/kanye-west-adidas-sneakers-nike-socks/?utm_source=morning_brew
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.225.74.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-74-79.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ff4be6c2c6353787988eec589cb922594604bcc52fb3e45226f7e741605d4e48

Request headers

Referer
https://www.xxlmag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 21 Jun 2021 18:41:37 GMT
Via
1.1 27f665df26bde4a7226480b4a2890ff9.cloudfront.net (CloudFront)
Age
1580867
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
27125
Last-Modified
Wed, 17 Mar 2021 18:54:58 GMT
Server
AmazonS3
ETag
"e77deef99f9dfc9b674a2ad28a1770bd"
x-amz-version-id
null
Cache-Control
max-age=290304000, public
X-Amz-Cf-Pop
FRA2-C2
Accept-Ranges
bytes
Content-Type
image/jpeg
X-Amz-Cf-Id
_JRJemqCdb2fbgnsndW48_YTc-19gAaNUohjBFpelQis74NiJhp1BA==
Expires
Thu, 17 Mar 2022 18:54:57 GMT
613172405857271
connect.facebook.net/signals/config/ 		260 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/613172405857271?v=2.9.43&r=stable
Requested by
Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
565ec882d90ff8249397521b7d93ac88000c5dc393537027240dd87e73b8eb55
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.xxlmag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
75827
x-xss-protection
0
pragma
public
x-fb-debug
7yiZrtFQ1f1eZehebUOT24XYCKYoCYWK+xc6UzRg4eUucVqITpNobLseV9CNUNsKVNJzzYPtait77xf5ud46+A==
x-fb-trip-id
917726464
x-frame-options
DENY
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coop_report"
date
Sat, 10 Jul 2021 01:49:23 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
147 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=613172405857271&ev=PageView&dl=https%3A%2F%2Fwww.xxlmag.com%2Fkanye-west-adidas-sneakers-nike-socks%2F%3Futm_source%3Dmorning_brew&rl=&if=false&ts=1625881763919&sw=1600&sh=1200&v=2.9.43&r=stable&a=tmgoogletagmanager&ec=0&o=30&fbp=fb.1.1625881763918.1138496845&it=1625881762540&coo=false&rqm=GET
Requested by
Host: www.xxlmag.com
URL: https://www.xxlmag.com/kanye-west-adidas-sneakers-nike-socks/?utm_source=morning_brew
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.xxlmag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Jul 2021 01:49:23 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Sat, 10 Jul 2021 01:49:23 GMT
imp.php
srv.clickfuse.com/showads/track/ 		42 B
281 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://srv.clickfuse.com/showads/track/imp.php?cid=70043221&aid=100001357&artist=Kanye+West&song=&search=&b=Chrome_89&cs=1&uri=https%3A%2F%2Fwww.xxlmag.com%2Fkanye-west-adidas-sneakers-nike-socks%2F%3Futm_source%3Dmorning_brew&t=1625881763&subtag=&ldmo=&adid=12910561&creative_id=500129269&caph=0&capv=0&atv=old
Requested by
Host: www.xxlmag.com
URL: https://www.xxlmag.com/kanye-west-adidas-sneakers-nike-socks/?utm_source=morning_brew
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.246.2.88 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-246-2-88.eu-west-1.compute.amazonaws.com
Software
Apache/2.4.46 (Amazon) /
Resource Hash
b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d

Request headers

Referer
https://www.xxlmag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 10 Jul 2021 01:49:23 GMT
Cache-Control
no-cache, must-revalidate
Expires
Sat, 26 Jul 1997 05:00:00 GMT
Server
Apache/2.4.46 (Amazon)
Connection
keep-alive
Content-Length
42
Content-Type
image/gif
like.php
www.facebook.com/v2.8/plugins/ Frame A561 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/v2.8/plugins/like.php?action=like&app_id=184854740153433&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df283dc54ce7c%26domain%3Dwww.xxlmag.com%26origin%3Dhttps%253A%252F%252Fwww.xxlmag.com%252Ff214ed64626afc%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.facebook.com%2Fxxlmag&layout=button&locale=en_US&sdk=joey&share=false&show_faces=false&width=47px
Requested by
Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.facebook.com
:scheme
https
:path
/v2.8/plugins/like.php?action=like&app_id=184854740153433&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df283dc54ce7c%26domain%3Dwww.xxlmag.com%26origin%3Dhttps%253A%252F%252Fwww.xxlmag.com%252Ff214ed64626afc%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.facebook.com%2Fxxlmag&layout=button&locale=en_US&sdk=joey&share=false&show_faces=false&width=47px
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.xxlmag.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.xxlmag.com/

Response headers

content-type
text/html;charset=utf-8
pragma
no-cache
cache-control
private, no-cache, no-store, must-revalidate
expires
Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
cross-origin-embedder-policy-report-only
require-corp;report-to="coop_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
x-content-type-options
nosniff
x-xss-protection
0
x-fb-debug
h4IVWN4l9saZz55zeQ8nU7uhWW+f5Nq969nO0Cq+D2KeKupoA6KcP1ggbPnTTT+1d2sOlm1/IJlXv4QvGzbOBw==
content-length
0
date
Sat, 10 Jul 2021 01:49:24 GMT
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
jot
syndication.twitter.com/i/ Frame D238 		43 B
165 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://syndication.twitter.com/i/jot?l=%7B%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1625881764033%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22tweet%22%2C%22action%22%3A%22FCP%22%2C%22component%22%3A%22performance%22%2C%22section%22%3A%22main%22%7D%2C%22context%22%3A%22horizon%22%2C%22client_version%22%3A%2282e1070%3A1619632193066%22%2C%22dnt%22%3Afalse%2C%22widget_id%22%3A%22twitter-widget-1%22%2C%22widget_origin%22%3A%22https%3A%2F%2Fwww.xxlmag.com%2Fkanye-west-adidas-sneakers-nike-socks%2F%22%2C%22widget_frame%22%3A%22false%22%2C%22widget_partner%22%3A%22%22%2C%22widget_site_screen_name%22%3A%22XXL%22%2C%22widget_site_user_id%22%3A%22%22%2C%22widget_creator_screen_name%22%3A%22%22%2C%22widget_creator_user_id%22%3A%22%22%2C%22widget_iframe_version%22%3A%228d0aa66%3A1625168834488%22%2C%22item_ids%22%3A%5B%221412836987506135046%22%5D%2C%22item_details%22%3A%7B%221412836987506135046%22%3A%7B%22item_type%22%3A0%7D%7D%2C%22duration_ms%22%3A522.7999954223633%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.42.136 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Jul 2021 01:49:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200 OK
x-twitter-response-tags
BouncerCompliant
content-length
65
x-xss-protection
0
pragma
no-cache
last-modified
Sat, 10 Jul 2021 01:49:24 GMT
server
tsa_o
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=631138519
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
0277b8b325d87427fc55eb6662ef03c8070e969269bdf2506180383ef89af21d
x-transaction
6d83d799e7d68376
expires
Tue, 31 Mar 1981 05:00:00 GMT
tag
btloader.com/ 		46 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://btloader.com/tag?o=5642230212591616&upapi=true
Requested by
Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4686 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ae8f93e7e95dcee9817424ab34f5d8c64ad35cbe0904a23bcf42ddadaa6e181e

Request headers

Referer
https://www.xxlmag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray
66c622a16ad72bce-FRA
date
Sat, 10 Jul 2021 01:49:24 GMT
via
1.1 google
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1208
etag
W/"60b128d3b054b56e5344e9123c90a449"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=QJz61%2BxRMtbniZs%2BtLnAPvQ%2FBcxmaWAojR5l41b9KEREs%2BWd%2FI1jh8B3LDkWKhKKDngRhbg5AR4kix1uWqxrANB8QFpH6HA6T%2FC1oEXLN6msqMRh%2FGXnBb%2FFWHeiDMyJ0dDRtUY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1800, must-revalidate
content-encoding
br
nsjs
action.media6degrees.com/orbserv/
Redirect Chain
  • https://action.dstillery.com/orbserv/nsjs?adv=cl1016361&ns=3141&nc=XXL&ncv=24
  • https://action.media6degrees.com/orbserv/nsjs?adv=cl1016361&ns=3141&nc=XXL&ncv=24
5 B
233 B 		Script
General
Check archive.org
Download Go to
Full URL
https://action.media6degrees.com/orbserv/nsjs?adv=cl1016361&ns=3141&nc=XXL&ncv=24
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:b4f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c370d9536d7d0d6a0f7cd7f9826692acd93e4fb05ba46f7b630b879740343d3

Request headers

Referer
https://www.xxlmag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Jul 2021 01:49:24 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
66c622a23a624e25-FRA
content-language
en-US
p3p
CP="COM NAV INT STA NID OUR IND NOI"
access-control-allow-origin
*, *
cache-control
no-cache
content-type
text/html;charset=ISO-8859-1

Redirect headers

date
Sat, 10 Jul 2021 01:49:24 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-origin
*, *
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
text/html; charset=iso-8859-1
location
https://action.media6degrees.com/orbserv/nsjs?adv=cl1016361&ns=3141&nc=XXL&ncv=24
cf-ray
66c622a199aa4e25-FRA
beacon.js
sb.scorecardresearch.com/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.74.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-74-96.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer
https://www.xxlmag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Jul 2021 01:25:52 GMT
via
1.1 c7015d60d4f8f2170aaaa75e69e40618.cloudfront.net (CloudFront)
etag
"1827f116c73f319409b97f10b8a58ade"
last-modified
Fri, 26 Feb 2021 14:35:05 GMT
server
AmazonS3
age
1412
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-length
1469
x-amz-cf-id
kZyuKfGUJgPJX7hyYHY5FmZMVTSJjjRKuOxXXLKDtTosQy4yFoU6fQ==
pubcid.min.js
townsquare.media/public/resources/js/ 		57 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://townsquare.media/public/resources/js/pubcid.min.js
Requested by
Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.181 Culver City, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67BD) / Express
Resource Hash
f557eace0ab7f5c416209ea3b01c21e6bb36e52bb87b8e1ddc762c9b4ad2f94f

Request headers

Referer
https://www.xxlmag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-abgroup
B
date
Sat, 10 Jul 2021 01:49:24 GMT
content-encoding
gzip
age
31883
x-powered-by
Express
x-cache
HIT
x-ua-device
desktop
x-device
desktop
content-length
18369
last-modified
Tue, 30 Mar 2021 01:10:30 GMT
server
ECS (frb/67BD)
etag
W/"e26f-17880ae9f25"
vary
Accept-Encoding
x-varnish
2547289812
via
1.1 varnish
cache-control
no-cache
gdpr-source
DE
accept-ranges
bytes
content-type
application/javascript
expires
Sat, 10 Jul 2021 01:49:23 GMT
/
www.facebook.com/tr/ 		0
15 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.xxlmag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundaryAVS8XWfz9YTBKv00

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
server
proxygen-bolt
date
Sat, 10 Jul 2021 01:49:24 GMT
content-type
text/plain
access-control-allow-origin
https://www.xxlmag.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-length
0
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
articles
api.solutionshindsight.net/v1/ 		2 KB
1017 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.solutionshindsight.net/v1/articles?publisher_id=5f9a1cef1d69656fa3bc95cb&article_external_id=https%3A%2F%2Fwww.xxlmag.com%2Fkanye-west-adidas-sneakers-nike-socks%2F
Requested by
Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.74.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-74-103.fra2.r.cloudfront.net
Software
/
Resource Hash
672023609a3b981262a361332c1c8d3801c1beaf544eb99eb47cc4557761c7be

Request headers

Referer
https://www.xxlmag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Jul 2021 01:49:24 GMT
content-encoding
gzip
x-amzn-remapped-content-length
1638
x-amz-cf-pop
FRA2-C2
x-amzn-requestid
0ae15a51-edf1-42b4-8574-95c1b8535895
vary
Origin
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
https://www.xxlmag.com
x-amzn-trace-id
Root=1-60e8fca4-43a2a2a94bdd36891cce73fe;Sampled=0
access-control-allow-credentials
true
x-amz-apigw-id
COxpzHMIoAMFwxA=
content-length
548
via
1.1 90cf045072373c2c671297de3161846f.cloudfront.net (CloudFront)
x-amz-cf-id
_hWhonQ8XsfFl87f0uCKPphz9IlJTX4PTImBTbIRGPp7OQqDOFrmRA==
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 92C1 		68 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.xxlmag.com
URL: https://www.xxlmag.com/kanye-west-adidas-sneakers-nike-socks/?utm_source=morning_brew
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
sffe /
Resource Hash
3df0f55dc774614d921e09908335f5f8e0efa548808159760367ff3db5936a32
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.xxlmag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Jul 2021 01:49:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"926 / 146 of 1000 / last-modified: 1625868554"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24113
x-xss-protection
0
expires
Sat, 10 Jul 2021 01:49:25 GMT
didna_config.js
storage.googleapis.com/didna_hb/hindsight/xxlmag/ Frame 92C1 		10 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://storage.googleapis.com/didna_hb/hindsight/xxlmag/didna_config.js
Requested by
Host: www.xxlmag.com
URL: https://www.xxlmag.com/kanye-west-adidas-sneakers-nike-socks/?utm_source=morning_brew
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
d17fa10f09a5341769a9ec96719afe66d1ec8f4dfebce93dd83dc35d51deb018

Request headers

Referer
https://www.xxlmag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Jul 2021 01:49:25 GMT
x-guploader-uploadid
ADPycdsv1TU2w9AeL85ffijCHojaNs0GAaMHIA9m8TVkWB0CYv1COABjav5N2j2UtmD0sjKx0_q2_AywaN7u6OJ6Eg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10432
last-modified
Thu, 24 Jun 2021 12:42:17 GMT
server
UploadServer
etag
"e5c4235b8b76294bcd80318aace5e0ab"
x-goog-hash
crc32c=K1Bg0Q==, md5=5cQjW4t2KUvNgDGKrOXgqw==
x-goog-generation
1624538537175217
cache-control
no-store
x-goog-stored-content-length
10432
accept-ranges
bytes
content-type
text/javascript
expires
Sun, 10 Jul 2022 01:49:25 GMT
attachment-travis-scott.jpg
townsquare.media/site/812/files/2021/04/ Frame 92C1 		88 KB
88 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://townsquare.media/site/812/files/2021/04/attachment-travis-scott.jpg
Requested by
Host: www.xxlmag.com
URL: https://www.xxlmag.com/kanye-west-adidas-sneakers-nike-socks/?utm_source=morning_brew
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.181 Culver City, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/668B) / Express
Resource Hash
98935a189dff5d17ee08b1c0c990c2c15e04bc6b2ad21653be11e89d342f5811

Request headers

Referer
https://www.xxlmag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-abgroup
A
date
Sat, 10 Jul 2021 01:49:25 GMT
via
1.1 varnish
age
282537
x-powered-by
Express
x-cache
HIT
x-carbon-image
compressed-gm
x-ua-device
desktop
x-device
desktop
content-length
89622
last-modified
Tue, 06 Jul 2021 14:45:20 GMT
server
ECS (frb/668B)
x-varnish
1553185794 1552886028
access-control-allow-origin
*
cache-control
no-cache
gdpr-source
DE
accept-ranges
bytes
content-type
image/jpeg
expires
Sat, 10 Jul 2021 01:49:24 GMT
kanye-west-walmart.jpg
townsquare.media/site/812/files/2021/04/ Frame 92C1 		197 KB
197 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://townsquare.media/site/812/files/2021/04/kanye-west-walmart.jpg
Requested by
Host: www.xxlmag.com
URL: https://www.xxlmag.com/kanye-west-adidas-sneakers-nike-socks/?utm_source=morning_brew
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.181 Culver City, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67C2) / Express
Resource Hash
d24cce11d515f5fedf0d2558da76570f087dfd8c3dbbde70396d9b8b4809778e

Request headers

Referer
https://www.xxlmag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-abgroup
A
date
Sat, 10 Jul 2021 01:49:25 GMT
via
1.1 varnish
age
6196913
x-powered-by
Express
x-cache
HIT
x-carbon-image
compressed-gm
x-ua-device
desktop
x-device
desktop
content-length
201381
last-modified
Wed, 28 Apr 2021 21:56:42 GMT
server
ECS (frb/67C2)
x-varnish
1849629384
access-control-allow-origin
*
cache-control
no-cache
gdpr-source
DE
accept-ranges
bytes
content-type
image/jpeg
expires
Sat, 10 Jul 2021 01:49:24 GMT
kanye-west-yeezy-blue-jacket.jpg
townsquare.media/site/812/files/2021/06/ Frame 92C1 		172 KB
172 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://townsquare.media/site/812/files/2021/06/kanye-west-yeezy-blue-jacket.jpg
Requested by
Host: www.xxlmag.com
URL: https://www.xxlmag.com/kanye-west-adidas-sneakers-nike-socks/?utm_source=morning_brew
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.181 Culver City, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6713) / Express
Resource Hash
9ce5da126d34ac055e3afeb3fca767aac19ddcf30e191977540c9fa26440a9fb

Request headers

Referer
https://www.xxlmag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-abgroup
B
date
Sat, 10 Jul 2021 01:49:25 GMT
via
1.1 varnish
age
2711172
x-powered-by
Express
x-cache
HIT
x-carbon-image
compressed-gm
x-ua-device
desktop
x-device
desktop
content-length
175999
last-modified
Tue, 08 Jun 2021 15:52:24 GMT
server
ECS (frb/6713)
x-varnish
3492363544 3492281324
access-control-allow-origin
*
cache-control
no-cache
gdpr-source
DE
accept-ranges
bytes
content-type
image/jpeg
expires
Sat, 10 Jul 2021 01:49:24 GMT
_bulk
api.solutionshindsight.net/v2/events/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.solutionshindsight.net/v2/events/_bulk
Requested by
Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.74.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-74-103.fra2.r.cloudfront.net
Software
/
Resource Hash

Request headers

Referer
https://www.xxlmag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 10 Jul 2021 01:49:25 GMT
via
1.1 90cf045072373c2c671297de3161846f.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
x-amzn-requestid
55b0f5ef-a7d0-4b3c-b281-87a1a13de35c
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
x-amzn-trace-id
Root=1-60e8fca5-1097f2ff4b6fe8b52222264a
x-amz-apigw-id
COxp1EmLoAMF6dg=
content-length
0
x-amz-cf-id
h7h8QUPwjqhdhDijKGfm-s_ktwwBlx0pH72T57MoVI0-TusXLpfYrQ==
_bulk
api.solutionshindsight.net/v2/events/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.solutionshindsight.net/v2/events/_bulk
Protocol
H2
Server
13.225.74.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-74-103.fra2.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.xxlmag.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

content-type
application/json
content-length
0
date
Sat, 10 Jul 2021 01:49:25 GMT
x-amzn-requestid
539e2d7b-f6b8-48f0-914b-ae33fa2f84ab
access-control-allow-origin
*
access-control-allow-headers
Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
x-amz-apigw-id
COxp0EMhoAMFaXQ=
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
x-cache
Miss from cloudfront
via
1.1 90cf045072373c2c671297de3161846f.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
CTWfuJe5Q9SioyvjMC8TYEOyQ7u7z2mt0PS4FPBQ0w3tMVnFTY8dmg==
pubads_impl_2021070101.js
securepubads.g.doubleclick.net/gpt/ Frame 92C1 		329 KB
114 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021070101.js?31061756
Requested by
Host: www.xxlmag.com
URL: https://www.xxlmag.com/kanye-west-adidas-sneakers-nike-socks/?utm_source=morning_brew
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
sffe /
Resource Hash
0e4f0cc2a47e98ed56d5416afb1177b7337b7dc7cf561d9297854f527a9796d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.xxlmag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Jul 2021 01:49:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 01 Jul 2021 08:37:23 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
117092
x-xss-protection
0
expires
Sat, 10 Jul 2021 01:49:25 GMT
config.js
confiant-integrations.global.ssl.fastly.net/MbZTQS496EB4Sd27ILU4rbHXnJ8/gpt_and_prebid/ Frame 92C1 		141 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://confiant-integrations.global.ssl.fastly.net/MbZTQS496EB4Sd27ILU4rbHXnJ8/gpt_and_prebid/config.js
Requested by
Host: www.xxlmag.com
URL: https://www.xxlmag.com/kanye-west-adidas-sneakers-nike-socks/?utm_source=morning_brew
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.13.194 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b2356aed5938ce28ef3b446c3567c5cb836fdb2188e0cd0019ce0269ec351665

Request headers

Referer
https://www.xxlmag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 10 Jul 2021 01:49:25 GMT
Content-Encoding
gzip
Age
29
X-Cache
HIT
Connection
keep-alive
Content-Length
27970
x-amz-id-2
7Vj+Y0weBFtVDk6uIhO/JSLnUf1ScV19M1lM/9srePqNNPbea5yB+0hXawoVNl9NpqNv31lRguY=
X-Served-By
cache-fra19130-FRA
Last-Modified
Sat, 10 Jul 2021 01:04:25 GMT
Server
AmazonS3
X-Timer
S1625881765.191942,VS0,VE1
ETag
"88d6f55cd0b74915d668dce6a924f948"
x-amz-request-id
RMV1YM1XW10BDHM6
Via
1.1 varnish
Cache-Control
public, max-age=900, stale-while-revalidate=3600
Accept-Ranges
bytes
Content-Type
text/javascript
X-Cache-Hits
1
ddc1cf73-fcab-4123-937b-943c74514427
https://www.xxlmag.com/ Frame 92C1 		564 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.xxlmag.com/ddc1cf73-fcab-4123-937b-943c74514427
Requested by
Host: www.xxlmag.com
URL: https://www.xxlmag.com/kanye-west-adidas-sneakers-nike-socks/?utm_source=morning_brew
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
815ee379589e2686af0a423df3987810358aaa03ea11a46250de270ad307a383

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length
564
Content-Type
text/javascript
ixmatch.html
js-sec.indexww.com/um/ Frame 6642 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Host
js-sec.indexww.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.xxlmag.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.xxlmag.com/

Response headers

Server
Apache
Last-Modified
Thu, 11 Feb 2021 16:12:45 GMT
ETag
"e20015-90b-5bb11ca420f07"
Accept-Ranges
bytes
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
1151
Date
Sat, 10 Jul 2021 01:49:26 GMT
Connection
keep-alive
checksync.php
contextual.media.net/ Frame A108 		21 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUMP71D3&prvid=77&purpose1=1&gdprconsent=0&gdpr=1&usp_status=0&usp_consent=1&itype=PREBID
Requested by
Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
178171f30377b443b6ededda85d26c0b34d9b464b121624f76a5e6614f012c81
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

:method
GET
:authority
contextual.media.net
:scheme
https
:path
/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUMP71D3&prvid=77&purpose1=1&gdprconsent=0&gdpr=1&usp_status=0&usp_consent=1&itype=PREBID
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.xxlmag.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.xxlmag.com/

Response headers

server
Apache
content-type
text/html; charset=UTF-8
set-cookie
gdpr_status=1; Expires=Tue, 11 Jan 2022 01:49:26 GMT; domain=.media.net; Path=/; sameSite=none; secure=true
x-mnet-hl2
E
strict-transport-security
max-age=604800
vary
Accept-Encoding
content-encoding
gzip
cache-control
max-age=123398
expires
Sun, 11 Jul 2021 12:06:04 GMT
date
Sat, 10 Jul 2021 01:49:26 GMT
content-length
7780
2000775.html
serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/ Frame 5256
Redirect Chain
  • https://sync.serverbid.com/ss/2000775.html
  • https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000775.html
5 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000775.html
Requested by
Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.42 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
fa18546f5b5a6667698d38979f6142d1342535e5e2a382348f9d4dca5d7d6965
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Host
serverbid-sync.nyc3.cdn.digitaloceanspaces.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.xxlmag.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.xxlmag.com/

Response headers

Date
Sat, 10 Jul 2021 01:49:26 GMT
Connection
Keep-Alive
Cache-Control
max-age=54353
Content-Length
4811
Content-Type
text/html
Last-Modified
Tue, 08 Dec 2020 16:33:02 GMT
Accept-Ranges
bytes
etag
"d7f9e977559b1f622a29df6af2acb392"
x-amz-request-id
tx000000000000000d57568-0060e87f77-5362c52-nyc3a
strict-transport-security
max-age=15552000; includeSubDomains; preload
age
0
Vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin
X-HW
1625881766.dop206.fr8.t,1625881766.cds264.fr8.shn,1625881766.cds264.fr8.c

Redirect headers

content-length
0
location
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000775.html
cache-control
no-cache
showad.js
ads.pubmatic.com/AdServer/js/ Frame D55F 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
9005ef18fcfb3897cd13c7ec73f90d2b0da0cc7d6153be58cdbe90ad5e2741c8

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/showad.js
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.xxlmag.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.xxlmag.com/

Response headers

last-modified
Tue, 15 Jun 2021 06:07:52 GMT
etag
"13006b6-974e-5c4c7cb53d8cb"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
13946
content-type
text/html; charset=UTF-8
cache-control
public, max-age=66818
expires
Sat, 10 Jul 2021 20:23:04 GMT
date
Sat, 10 Jul 2021 01:49:26 GMT
vary
Accept-Encoding
sync
eb2.3lift.com/ Frame 1491
Redirect Chain
  • https://eb2.3lift.com/sync?
  • https://eb2.3lift.com/sync?&ld=1
1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?&ld=1
Requested by
Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.65.212.7 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
5c6710ddd5aae0af9576f28990d0541e6cbf75bc7b48c91d05828906d41816ad

Request headers

:method
GET
:authority
eb2.3lift.com
:scheme
https
:path
/sync?&ld=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.xxlmag.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
tluid=4461285738990275870
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.xxlmag.com/

Response headers

date
Sat, 10 Jul 2021 01:49:26 GMT
content-type
text/html; charset=utf-8
content-length
479
set-cookie
sync=CgoIgQIQ39Pr8KgvCgoIkQIQ39Pr8KgvCgoI4gEQ39Pr8KgvCgoIkgIQ39Pr8KgvCgoI5gEQ39Pr8KgvCgoIhwIQ39Pr8KgvCgkIOhDf0-vwqC8KCQgLEN_T6_CoLwoJCF8Q39Pr8KgvCgkIHxDf0-vwqC8=; Max-Age=7776000; Expires=Fri, 08 Oct 2021 01:49:26 GMT; Path=/sync; Domain=.3lift.com; SameSite=None; Secure tluid=4461285738990275870; Max-Age=7776000; Expires=Fri, 08 Oct 2021 01:49:26 GMT; Path=/; Domain=.3lift.com; SameSite=None; Secure
content-encoding
gzip
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
cache-control
no-cache, no-store, must-revalidate

Redirect headers

date
Sat, 10 Jul 2021 01:49:26 GMT
content-length
0
set-cookie
tluid=115318879266390240; Max-Age=7776000; Expires=Fri, 08 Oct 2021 01:49:26 GMT; Path=/; Domain=.3lift.com; SameSite=None; Secure
location
/sync?&ld=1
cache-control
no-cache, no-store, must-revalidate
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
pd
eu-u.openx.net/w/1.0/ Frame 7AAE
Redirect Chain
  • https://eu-u.openx.net/w/1.0/pd?plm=10&ph=eceef17b-3677-408c-87cd-98b37bb51f08&gdpr=1
  • https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=eceef17b-3677-408c-87cd-98b37bb51f08&gdpr=1
1006 B
861 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=eceef17b-3677-408c-87cd-98b37bb51f08&gdpr=1
Requested by
Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.210.0 /
Resource Hash
63a67ea2c5f13a03914a7ef0d0d19f57b070126599aab48493500e1f4a98aa90

Request headers

:method
GET
:authority
eu-u.openx.net
:scheme
https
:path
/w/1.0/pd?cc=1&plm=10&ph=eceef17b-3677-408c-87cd-98b37bb51f08&gdpr=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.xxlmag.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
i=c04be4dd-2a16-08f7-09f2-4189b900dd77|1625881766
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.xxlmag.com/

Response headers

vary
Accept, Accept-Encoding
set-cookie
i=c04be4dd-2a16-08f7-09f2-4189b900dd77|1625881766; Version=1; Expires=Sun, 10-Jul-2022 01:49:26 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1625881766|mOgeginskin0vNomiygu; Version=1; Expires=Sun, 25-Jul-2021 01:49:26 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server
OXGW/16.210.0
p3p
CP="CUR ADM OUR NOR STA NID"
date
Sat, 10 Jul 2021 01:49:26 GMT
content-type
text/html
content-length
543
content-encoding
gzip
via
1.1 google
alt-svc
clear

Redirect headers

set-cookie
i=fe9755e8-d6c9-07dc-2ec3-014a55e1b627|1625881766; Version=1; Expires=Sun, 10-Jul-2022 01:49:26 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None
server
OXGW/16.210.0
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=eceef17b-3677-408c-87cd-98b37bb51f08&gdpr=1
date
Sat, 10 Jul 2021 01:49:26 GMT
content-length
0
via
1.1 google
alt-svc
clear
2000775.html
serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/ Frame 43F5
Redirect Chain
  • https://sync.serverbid.com/ss/2000775.html
  • https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000775.html
5 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000775.html
Requested by
Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.42 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
fa18546f5b5a6667698d38979f6142d1342535e5e2a382348f9d4dca5d7d6965
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Host
serverbid-sync.nyc3.cdn.digitaloceanspaces.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.xxlmag.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.xxlmag.com/

Response headers

Date
Sat, 10 Jul 2021 01:49:26 GMT
Connection
Keep-Alive
Cache-Control
max-age=67058
Content-Length
4811
Content-Type
text/html
Last-Modified
Tue, 08 Dec 2020 16:33:02 GMT
Accept-Ranges
bytes
etag
"d7f9e977559b1f622a29df6af2acb392"
x-amz-request-id
tx000000000000000f44c07-0060e8b118-536268f-nyc3a
age
124
strict-transport-security
max-age=15552000; includeSubDomains; preload
Vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin
X-HW
1625881766.dop132.fr8.t,1625881766.cds107.fr8.shn,1625881766.dop132.fr8.t,1625881766.cds227.fr8.c

Redirect headers

content-length
0
location
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000775.html
cache-control
no-cache
pd
eu-u.openx.net/w/1.0/ Frame 12EA
Redirect Chain
  • https://eu-u.openx.net/w/1.0/pd?plm=10&ph=eceef17b-3677-408c-87cd-98b37bb51f08&gdpr=1
  • https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=eceef17b-3677-408c-87cd-98b37bb51f08&gdpr=1
1006 B
849 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=eceef17b-3677-408c-87cd-98b37bb51f08&gdpr=1
Requested by
Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.210.0 /
Resource Hash
63a67ea2c5f13a03914a7ef0d0d19f57b070126599aab48493500e1f4a98aa90

Request headers

:method
GET
:authority
eu-u.openx.net
:scheme
https
:path
/w/1.0/pd?cc=1&plm=10&ph=eceef17b-3677-408c-87cd-98b37bb51f08&gdpr=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.xxlmag.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
i=c04be4dd-2a16-08f7-09f2-4189b900dd77|1625881766
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.xxlmag.com/

Response headers

vary
Accept, Accept-Encoding
set-cookie
i=c04be4dd-2a16-08f7-09f2-4189b900dd77|1625881766; Version=1; Expires=Sun, 10-Jul-2022 01:49:26 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1625881766|mOgeginskin0vNomiygu; Version=1; Expires=Sun, 25-Jul-2021 01:49:26 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server
OXGW/16.210.0
p3p
CP="CUR ADM OUR NOR STA NID"
date
Sat, 10 Jul 2021 01:49:26 GMT
content-type
text/html
content-length
543
content-encoding
gzip
via
1.1 google
alt-svc
clear

Redirect headers

set-cookie
i=c04be4dd-2a16-08f7-09f2-4189b900dd77|1625881766; Version=1; Expires=Sun, 10-Jul-2022 01:49:26 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None
server
OXGW/16.210.0
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=eceef17b-3677-408c-87cd-98b37bb51f08&gdpr=1
date
Sat, 10 Jul 2021 01:49:26 GMT
content-length
0
via
1.1 google
alt-svc
clear
usersync.html
cdn.undertone.com/js/ Frame CB2A 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.undertone.com/js/usersync.html
Requested by
Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:d200:1f:2473:9080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f0c6c17bbefb440a7e7ee03a4363aeba33a7c57345af065c670848e8fd40a4b5

Request headers

:method
GET
:authority
cdn.undertone.com
:scheme
https
:path
/js/usersync.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.xxlmag.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.xxlmag.com/

Response headers

content-type
text/html
x-amz-replication-status
COMPLETED
last-modified
Thu, 08 Jul 2021 07:16:59 GMT
x-amz-version-id
6994YJvhVK.G.S8wNruUeW.ksGihHjjx
server
AmazonS3
content-encoding
gzip
date
Fri, 09 Jul 2021 07:24:17 GMT
etag
W/"71d386aa3a4939b04d8b4f9c237f4eaf"
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 a32f966fc5896281eb3de44fd8f57d40.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
E6hiRNQlrFCzCii5tGt_sL4-CO2f9oPtRppdGLL-lhWbb9gRItYi-w==
age
66310
usersync.html
cdn.undertone.com/js/ Frame 529B 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.undertone.com/js/usersync.html
Requested by
Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:d200:1f:2473:9080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f0c6c17bbefb440a7e7ee03a4363aeba33a7c57345af065c670848e8fd40a4b5

Request headers

:method
GET
:authority
cdn.undertone.com
:scheme
https
:path
/js/usersync.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.xxlmag.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.xxlmag.com/

Response headers

content-type
text/html
x-amz-replication-status
COMPLETED
last-modified
Thu, 08 Jul 2021 07:16:59 GMT
x-amz-version-id
6994YJvhVK.G.S8wNruUeW.ksGihHjjx
server
AmazonS3
content-encoding
gzip
date
Fri, 09 Jul 2021 07:24:17 GMT
etag
W/"71d386aa3a4939b04d8b4f9c237f4eaf"
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 a32f966fc5896281eb3de44fd8f57d40.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
TolLvmG-zenAByVNgt-UVaRKZpFLtXDfK2zSWir7ZoljOCMl3OYRHw==
age
66310
third-party-iframes.html
video.unrulymedia.com/iframes/ Frame 703B 		466 B
873 B 		Document
General
Check archive.org
Download Go to
Full URL
https://video.unrulymedia.com/iframes/third-party-iframes.html
Requested by
Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.192.221 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-192-221.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b4a67181746e8ea24691e5b7e7c34d99575e66402f5287374bb79788e19523ab

Request headers

:method
GET
:authority
video.unrulymedia.com
:scheme
https
:path
/iframes/third-party-iframes.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.xxlmag.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.xxlmag.com/

Response headers

content-type
text/html
content-length
466
last-modified
Wed, 07 Jul 2021 12:50:48 GMT
x-amz-expiration
expiry-date="Thu, 06 Jul 2028 00:00:00 GMT", rule-id="Delete after 7 years"
accept-ranges
bytes
server
AmazonS3
date
Sat, 10 Jul 2021 01:48:38 GMT
cache-control
max-age=600
etag
"a62fa4bfd417a1d1726ee0df3f7595c5"
x-cache
Hit from cloudfront
via
1.1 c2a926ef1bafe1ab239d4761594a8099.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
DXDO_IJ_TYb_TNU1jEjxQJEl1MmqATxLvY-5IIQsZjGZERD_5OSIoQ==
age
49
checksync.php
contextual.media.net/ Frame DA88 		21 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUMP71D3&prvid=77&purpose1=1&gdprconsent=0&gdpr=1&usp_status=0&usp_consent=1&itype=PREBID
Requested by
Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
178171f30377b443b6ededda85d26c0b34d9b464b121624f76a5e6614f012c81
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

:method
GET
:authority
contextual.media.net
:scheme
https
:path
/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUMP71D3&prvid=77&purpose1=1&gdprconsent=0&gdpr=1&usp_status=0&usp_consent=1&itype=PREBID
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.xxlmag.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.xxlmag.com/

Response headers

server
Apache
content-type
text/html; charset=UTF-8
set-cookie
gdpr_status=1; Expires=Tue, 11 Jan 2022 01:49:26 GMT; domain=.media.net; Path=/; sameSite=none; secure=true
x-mnet-hl2
E
strict-transport-security
max-age=604800
vary
Accept-Encoding
content-encoding
gzip
cache-control
max-age=123398
expires
Sun, 11 Jul 2021 12:06:04 GMT
date
Sat, 10 Jul 2021 01:49:26 GMT
content-length
7780
showad.js
ads.pubmatic.com/AdServer/js/ Frame 29A9 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
9005ef18fcfb3897cd13c7ec73f90d2b0da0cc7d6153be58cdbe90ad5e2741c8

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/showad.js
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.xxlmag.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.xxlmag.com/

Response headers

last-modified
Tue, 15 Jun 2021 06:07:52 GMT
etag
"13006b6-974e-5c4c7cb53d8cb"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
13946
content-type
text/html; charset=UTF-8
cache-control
public, max-age=66818
expires
Sat, 10 Jul 2021 20:23:04 GMT
date
Sat, 10 Jul 2021 01:49:26 GMT
vary
Accept-Encoding
ixmatch.html
js-sec.indexww.com/um/ Frame E1E0 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Host
js-sec.indexww.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.xxlmag.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.xxlmag.com/

Response headers

Server
Apache
Last-Modified
Thu, 11 Feb 2021 16:12:45 GMT
ETag
"e20015-90b-5bb11ca420f07"
Accept-Ranges
bytes
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
1151
Date
Sat, 10 Jul 2021 01:49:26 GMT
Connection
keep-alive
sync
eb2.3lift.com/ Frame 97A2
Redirect Chain
  • https://eb2.3lift.com/sync?
  • https://eb2.3lift.com/sync?&ld=1
1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?&ld=1
Requested by
Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.65.212.7 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
5c6710ddd5aae0af9576f28990d0541e6cbf75bc7b48c91d05828906d41816ad

Request headers

:method
GET
:authority
eb2.3lift.com
:scheme
https
:path
/sync?&ld=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.xxlmag.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
tluid=4461285738990275870
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.xxlmag.com/

Response headers

date
Sat, 10 Jul 2021 01:49:26 GMT
content-type
text/html; charset=utf-8
content-length
479
set-cookie
sync=CgoIgQIQ39Pr8KgvCgoIkQIQ39Pr8KgvCgoI4gEQ39Pr8KgvCgoIkgIQ39Pr8KgvCgoI5gEQ39Pr8KgvCgoIhwIQ39Pr8KgvCgkIOhDf0-vwqC8KCQgLEN_T6_CoLwoJCF8Q39Pr8KgvCgkIHxDf0-vwqC8=; Max-Age=7776000; Expires=Fri, 08 Oct 2021 01:49:26 GMT; Path=/sync; Domain=.3lift.com; SameSite=None; Secure tluid=4461285738990275870; Max-Age=7776000; Expires=Fri, 08 Oct 2021 01:49:26 GMT; Path=/; Domain=.3lift.com; SameSite=None; Secure
content-encoding
gzip
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
cache-control
no-cache, no-store, must-revalidate

Redirect headers

date
Sat, 10 Jul 2021 01:49:26 GMT
content-length
0
set-cookie
tluid=4461285738990275870; Max-Age=7776000; Expires=Fri, 08 Oct 2021 01:49:26 GMT; Path=/; Domain=.3lift.com; SameSite=None; Secure
location
/sync?&ld=1
cache-control
no-cache, no-store, must-revalidate
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
usync.html
eus.rubiconproject.com/ Frame 4604 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.xxlmag.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.xxlmag.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 23 Feb 2021 20:47:52 GMT
ETag
"402b0-119-5bc0708346e00"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sat, 10 Jul 2021 01:49:26 GMT
Connection
keep-alive
Vary
Accept-Encoding
push
pixel.tapad.com/idsync/ex/
Redirect Chain
  • https://id5-sync.com/s/441/9.gif?puid=e_c1940b83-3087-4c61-9bec-76c291d4219d&gdpr=1&gdpr_consent=
  • https://id5-sync.com/c/441/441/9/1.gif?puid=e_c1940b83-3087-4c61-9bec-76c291d4219d&gdpr=1&gdpr_consent=
  • https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMO5SiV3F_0hStwWsobKUTJGIfiCmkRQXJsHj1HvQ&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F441%2F124%2F8%2F2.gif%3Fpuid%3D...
  • https://ice.360yield.com/ul_cb/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMO5SiV3F_0hStwWsobKUTJGIfiCmkRQXJsHj1HvQ&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F441%2F124%2F8%2F2.gif%3Fp...
  • https://id5-sync.com/cq/441/124/8/2.gif?puid=68a5ebc7-c7c2-4fe3-b452-f187b0748f25&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent=
  • https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=id517&sd=Y2FzY2FkZXNSZW1haW5pbmc9NyZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY
  • https://cookie-matching.mediarithmics.com/v1/get_or_create?sd=Y2FzY2FkZXNSZW1haW5pbmc9NyZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&domid=1033
  • https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NyZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domi...
  • https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NyZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domid=103...
  • https://ib.adnxs.com/getuid?https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=$UID&opid=apx&ops=&utidl=tech:goo:CAESEOaC_at4j-H6QfdkiV0tGP8&sd=Y2FzY2FkZXNSZW1haW5pbmc9NyZjYXNjYWRlc0Rv...
  • https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=2238049204240508785&opid=apx&ops=&utidl=tech:goo:CAESEOaC_at4j-H6QfdkiV0tGP8&sd=Y2FzY2FkZXNSZW1haW5pbmc9NyZjYXNjYWRlc0RvbmU9MyZpbml0a...
  • https://id5-sync.com/qp/18.gif?puid=vec%3A18845874255&sd=Y2FzY2FkZXNSZW1haW5pbmc9NyZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY
  • https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/441/19/6/4.gif?puid=${profile_id}&gdpr=1&gdpr_consent=
  • https://sync.crwdcntrl.net/map/ct=y/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/441/19/6/4.gif?puid=${profile_id}&gdpr=1&gdpr_consent=
  • https://id5-sync.com/c/441/19/6/4.gif?puid=259f313db5fefb73630e998da9b45299&gdpr=1&gdpr_consent=
  • https://ads.creative-serving.com/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F101%2F5%2F5.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D
  • https://id5-sync.com/c/441/101/5/5.gif?puid=c5063de4-2eff-4090-9771-2348bc5610df&gdpr=1&gdpr_consent=
  • https://loadus.exelator.com/load/?p=1082&g=204&j=r&gdpr=1&gdpr_consent=&ru=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F103%2F4%2F6.gif%3Fpuid%3D%25%25UID%25%25%26gdpr%3D1%26gdpr_consent%3D
  • https://loadus.exelator.com/load/?p=1082&g=204&j=r&gdpr=1&gdpr_consent=&ru=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F103%2F4%2F6.gif%3Fpuid%3D%25%25UID%25%25%26gdpr%3D1%26gdpr_consent%3D&xl8blockcheck=1
  • https://id5-sync.com/c/441/103/4/6.gif?puid=ffc8e05ed58f0229a7f63ea96147431b&gdpr=1&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F108%2F3%2F7.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_con...
0
0
6.gif
id5-sync.com/c/441/108/4/
Redirect Chain
  • https://id5-sync.com/s/441/9.gif?puid=e_ea8da931-6179-4eb9-9c68-47170d4eefb7&gdpr=1&gdpr_consent=
  • https://id5-sync.com/c/441/441/9/1.gif?puid=e_ea8da931-6179-4eb9-9c68-47170d4eefb7&gdpr=1&gdpr_consent=
  • https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMO5SiV3F_0hStwWsobKUTJGIfiCmkRQXJsHj1HvQ&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F441%2F124%2F8%2F2.gif%3Fpuid%3D...
  • https://ice.360yield.com/ul_cb/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMO5SiV3F_0hStwWsobKUTJGIfiCmkRQXJsHj1HvQ&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F441%2F124%2F8%2F2.gif%3Fp...
  • https://id5-sync.com/cq/441/124/8/2.gif?puid=68a5ebc7-c7c2-4fe3-b452-f187b0748f25&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent=
  • https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=id517&sd=Y2FzY2FkZXNSZW1haW5pbmc9NyZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY
  • https://cookie-matching.mediarithmics.com/v1/get_or_create?sd=Y2FzY2FkZXNSZW1haW5pbmc9NyZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&domid=1033
  • https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NyZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domi...
  • https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NyZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domid=103...
  • https://ib.adnxs.com/getuid?https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=$UID&opid=apx&ops=&utidl=tech:goo:CAESEOaC_at4j-H6QfdkiV0tGP8&sd=Y2FzY2FkZXNSZW1haW5pbmc9NyZjYXNjYWRlc0Rv...
  • https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=2238049204240508785&opid=apx&ops=&utidl=tech:goo:CAESEOaC_at4j-H6QfdkiV0tGP8&sd=Y2FzY2FkZXNSZW1haW5pbmc9NyZjYXNjYWRlc0RvbmU9MyZpbml0a...
  • https://id5-sync.com/qp/18.gif?puid=vec%3A18846877099&sd=Y2FzY2FkZXNSZW1haW5pbmc9NyZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY
  • https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/441/19/6/4.gif?puid=${profile_id}&gdpr=1&gdpr_consent=
  • https://sync.crwdcntrl.net/map/ct=y/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/441/19/6/4.gif?puid=${profile_id}&gdpr=1&gdpr_consent=
  • https://id5-sync.com/c/441/19/6/4.gif?puid=259f313db5fefb73630e998da9b45299&gdpr=1&gdpr_consent=
  • https://loadus.exelator.com/load/?p=1082&g=204&j=r&gdpr=1&gdpr_consent=&ru=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F103%2F5%2F5.gif%3Fpuid%3D%25%25UID%25%25%26gdpr%3D1%26gdpr_consent%3D
  • https://loadus.exelator.com/load/?p=1082&g=204&j=r&gdpr=1&gdpr_consent=&ru=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F103%2F5%2F5.gif%3Fpuid%3D%25%25UID%25%25%26gdpr%3D1%26gdpr_consent%3D&xl8blockcheck=1
  • https://id5-sync.com/c/441/103/5/5.gif?puid=ffc8e05ed58f0229a7f63ea96147431b&gdpr=1&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F108%2F4%2F6.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_con...
  • https://pixel.tapad.com/idsync/ex/push/check?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F108%2F4%2F6.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gd...
  • https://id5-sync.com/c/441/108/4/6.gif?puid=119907c5-7656-4f8f-8890-2e90e0e08cf5&gdpr=1&gdpr_consent=
0
0
push
pixel.tapad.com/idsync/ex/
Redirect Chain
  • https://id5-sync.com/s/441/9.gif?puid=e_b5f71157-8f86-4a19-ac25-a31c4e471285&gdpr=1&gdpr_consent=
  • https://id5-sync.com/c/441/441/9/1.gif?puid=e_b5f71157-8f86-4a19-ac25-a31c4e471285&gdpr=1&gdpr_consent=
  • https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMO5SiV3F_0hStwWsobKUTJGIfiCmkRQXJsHj1HvQ&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F441%2F124%2F8%2F2.gif%3Fpuid%3D...
  • https://ice.360yield.com/ul_cb/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMO5SiV3F_0hStwWsobKUTJGIfiCmkRQXJsHj1HvQ&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F441%2F124%2F8%2F2.gif%3Fp...
  • https://id5-sync.com/cq/441/124/8/2.gif?puid=68a5ebc7-c7c2-4fe3-b452-f187b0748f25&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent=
  • https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=id517&sd=Y2FzY2FkZXNSZW1haW5pbmc9NyZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY
  • https://cookie-matching.mediarithmics.com/v1/get_or_create?sd=Y2FzY2FkZXNSZW1haW5pbmc9NyZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&domid=1033
  • https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NyZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domi...
  • https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NyZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domid=103...
  • https://ib.adnxs.com/getuid?https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=$UID&opid=apx&ops=&utidl=tech:goo:CAESEOaC_at4j-H6QfdkiV0tGP8&sd=Y2FzY2FkZXNSZW1haW5pbmc9NyZjYXNjYWRlc0Rv...
  • https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=2238049204240508785&opid=apx&ops=&utidl=tech:goo:CAESEOaC_at4j-H6QfdkiV0tGP8&sd=Y2FzY2FkZXNSZW1haW5pbmc9NyZjYXNjYWRlc0RvbmU9MyZpbml0a...
  • https://id5-sync.com/qp/18.gif?puid=vec%3A18845410837&sd=Y2FzY2FkZXNSZW1haW5pbmc9NyZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY
  • https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/441/19/6/4.gif?puid=${profile_id}&gdpr=1&gdpr_consent=
  • https://sync.crwdcntrl.net/map/ct=y/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/441/19/6/4.gif?puid=${profile_id}&gdpr=1&gdpr_consent=
  • https://id5-sync.com/c/441/19/6/4.gif?puid=259f313db5fefb73630e998da9b45299&gdpr=1&gdpr_consent=
  • https://ads.creative-serving.com/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F101%2F5%2F5.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D
  • https://id5-sync.com/c/441/101/5/5.gif?puid=c5063de4-2eff-4090-9771-2348bc5610df&gdpr=1&gdpr_consent=
  • https://loadus.exelator.com/load/?p=1082&g=204&j=r&gdpr=1&gdpr_consent=&ru=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F103%2F4%2F6.gif%3Fpuid%3D%25%25UID%25%25%26gdpr%3D1%26gdpr_consent%3D
  • https://loadus.exelator.com/load/?p=1082&g=204&j=r&gdpr=1&gdpr_consent=&ru=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F103%2F4%2F6.gif%3Fpuid%3D%25%25UID%25%25%26gdpr%3D1%26gdpr_consent%3D&xl8blockcheck=1
  • https://id5-sync.com/c/441/103/4/6.gif?puid=ffc8e05ed58f0229a7f63ea96147431b&gdpr=1&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F108%2F3%2F7.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_con...
0
0
6.gif
id5-sync.com/c/441/108/4/
Redirect Chain
  • https://id5-sync.com/s/441/9.gif?puid=e_dfe7b94a-362c-4698-be6a-c165e14612fe&gdpr=1&gdpr_consent=
  • https://id5-sync.com/c/441/441/9/1.gif?puid=e_dfe7b94a-362c-4698-be6a-c165e14612fe&gdpr=1&gdpr_consent=
  • https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMO5SiV3F_0hStwWsobKUTJGIfiCmkRQXJsHj1HvQ&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F441%2F124%2F8%2F2.gif%3Fpuid%3D...
  • https://ice.360yield.com/ul_cb/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMO5SiV3F_0hStwWsobKUTJGIfiCmkRQXJsHj1HvQ&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F441%2F124%2F8%2F2.gif%3Fp...
  • https://id5-sync.com/cq/441/124/8/2.gif?puid=68a5ebc7-c7c2-4fe3-b452-f187b0748f25&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent=
  • https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=id517&sd=Y2FzY2FkZXNSZW1haW5pbmc9NyZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY
  • https://cookie-matching.mediarithmics.com/v1/get_or_create?sd=Y2FzY2FkZXNSZW1haW5pbmc9NyZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&domid=1033
  • https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NyZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domi...
  • https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NyZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domid=103...
  • https://ib.adnxs.com/getuid?https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=$UID&opid=apx&ops=&utidl=tech:goo:CAESEOaC_at4j-H6QfdkiV0tGP8&sd=Y2FzY2FkZXNSZW1haW5pbmc9NyZjYXNjYWRlc0Rv...
  • https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=2238049204240508785&opid=apx&ops=&utidl=tech:goo:CAESEOaC_at4j-H6QfdkiV0tGP8&sd=Y2FzY2FkZXNSZW1haW5pbmc9NyZjYXNjYWRlc0RvbmU9MyZpbml0a...
  • https://id5-sync.com/qp/18.gif?puid=vec%3A18846877099&sd=Y2FzY2FkZXNSZW1haW5pbmc9NyZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY
  • https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/441/19/6/4.gif?puid=${profile_id}&gdpr=1&gdpr_consent=
  • https://sync.crwdcntrl.net/map/ct=y/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/441/19/6/4.gif?puid=${profile_id}&gdpr=1&gdpr_consent=
  • https://id5-sync.com/c/441/19/6/4.gif?puid=259f313db5fefb73630e998da9b45299&gdpr=1&gdpr_consent=
  • https://loadus.exelator.com/load/?p=1082&g=204&j=r&gdpr=1&gdpr_consent=&ru=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F103%2F5%2F5.gif%3Fpuid%3D%25%25UID%25%25%26gdpr%3D1%26gdpr_consent%3D
  • https://loadus.exelator.com/load/?p=1082&g=204&j=r&gdpr=1&gdpr_consent=&ru=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F103%2F5%2F5.gif%3Fpuid%3D%25%25UID%25%25%26gdpr%3D1%26gdpr_consent%3D&xl8blockcheck=1
  • https://id5-sync.com/c/441/103/5/5.gif?puid=ffc8e05ed58f0229a7f63ea96147431b&gdpr=1&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F108%2F4%2F6.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_con...
  • https://pixel.tapad.com/idsync/ex/push/check?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F108%2F4%2F6.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gd...
  • https://id5-sync.com/c/441/108/4/6.gif?puid=119907c5-7656-4f8f-8890-2e90e0e08cf5&gdpr=1&gdpr_consent=
0
0
usermatch
ssum-sec.casalemedia.com/ Frame AD65 		54 B
326 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=CPJGd5iPJGd5iAXADAENBiCgAAAAAH_AAAAAAAAQEAJMNS-AC7EscGTaNKoUQIwrCQ6AUAFFAMLRNYQMDgp2VgEeoIWACE1ARgRAgxBRiwCAAQCAJCIgJADwQCIAiAQAAgBUgIQAETAILACwMAgAFANCxAigCECQgyOCo5TAgIkWignsrAEou9jTCEMosAKBR_RUYCJQggWBkJCwcxwBIAAA.YAAAAAAAAAAA&d=https://www.xxlmag.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
863b0e04b9e8af02d763cb98563ca8d9f80c6b99a3ec2eb6395db229bc3f8ba9

Request headers

Host
ssum-sec.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://js-sec.indexww.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://js-sec.indexww.com/

Response headers

Server
Apache
Content-Type
text/html
Vary
Is-Traffic-Usersync
Content-Length
54
Expires
Sat, 10 Jul 2021 01:49:26 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Sat, 10 Jul 2021 01:49:26 GMT
Connection
keep-alive
usermatch
ssum-sec.casalemedia.com/ Frame 761C 		54 B
326 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=CPJGd5iPJGd5iAXADAENBiCgAAAAAH_AAAAAAAAQEAJMNS-AC7EscGTaNKoUQIwrCQ6AUAFFAMLRNYQMDgp2VgEeoIWACE1ARgRAgxBRiwCAAQCAJCIgJADwQCIAiAQAAgBUgIQAETAILACwMAgAFANCxAigCECQgyOCo5TAgIkWignsrAEou9jTCEMosAKBR_RUYCJQggWBkJCwcxwBIAAA.YAAAAAAAAAAA&d=https://www.xxlmag.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
863b0e04b9e8af02d763cb98563ca8d9f80c6b99a3ec2eb6395db229bc3f8ba9

Request headers

Host
ssum-sec.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://js-sec.indexww.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://js-sec.indexww.com/

Response headers

Server
Apache
Content-Type
text/html
Vary
Is-Traffic-Usersync
Content-Length
54
Expires
Sat, 10 Jul 2021 01:49:26 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Sat, 10 Jul 2021 01:49:26 GMT
Connection
keep-alive
PugMaster
image6.pubmatic.com/AdServer/ Frame D55F 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=29103772&p=156725&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
3073e183f9d1b901ff9a95374c77381ffc5a33cfdd4bc72299e1963a0bbecc23

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Jul 2021 01:49:25 GMT
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
et_v1.0.1712-0-ga0736b7.js
video.unrulymedia.com/native/ Frame 703B 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://video.unrulymedia.com/native/et_v1.0.1712-0-ga0736b7.js
Requested by
Host: video.unrulymedia.com
URL: https://video.unrulymedia.com/iframes/third-party-iframes.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.192.221 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-192-221.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d7029dd4d968b866f214b82030dc230c2b1cd6909195ad48f87559eb8187f4d7

Request headers

Origin
https://video.unrulymedia.com
Referer
https://video.unrulymedia.com/iframes/third-party-iframes.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 07 Jul 2021 12:50:49 GMT
content-encoding
gzip
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age
219518
x-cache
Hit from cloudfront
access-control-allow-origin
https://video.unrulymedia.com
x-amz-expiration
expiry-date="Thu, 06 Jul 2028 00:00:00 GMT", rule-id="Delete after 7 years"
last-modified
Wed, 07 Jul 2021 12:50:37 GMT
server
AmazonS3
etag
W/"88d2557d34ef5518c0e4c0d90c814074"
access-control-max-age
3000
access-control-allow-methods
HEAD, GET
content-type
application/javascript
via
1.1 c2a926ef1bafe1ab239d4761594a8099.cloudfront.net (CloudFront)
cache-control
max-age=63072000
access-control-allow-credentials
true
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
1aqy7gOTKIybK2cOqeFHzcREgOtno4-5ZdK7ksCTxwTJkhgFJ1QCtg==
third-party-iframes-b2835172ca9c26a5c07c.js
video.unrulymedia.com/native/third-party-iframes/ Frame 703B 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://video.unrulymedia.com/native/third-party-iframes/third-party-iframes-b2835172ca9c26a5c07c.js
Requested by
Host: video.unrulymedia.com
URL: https://video.unrulymedia.com/iframes/third-party-iframes.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.192.221 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-192-221.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f5a817a0e872fa93e9fb1c4464b70edb1479403d1dc0b70d9db31d5f14b62e65

Request headers

Origin
https://video.unrulymedia.com
Referer
https://video.unrulymedia.com/iframes/third-party-iframes.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 07 Jul 2021 12:50:49 GMT
content-encoding
gzip
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age
219518
x-cache
Hit from cloudfront
access-control-allow-origin
https://video.unrulymedia.com
x-amz-expiration
expiry-date="Thu, 06 Jul 2028 00:00:00 GMT", rule-id="Delete after 7 years"
last-modified
Wed, 07 Jul 2021 12:50:47 GMT
server
AmazonS3
etag
W/"4e45309e0a6771b3a7158d217709f7ec"
access-control-max-age
3000
access-control-allow-methods
HEAD, GET
content-type
application/javascript
via
1.1 c2a926ef1bafe1ab239d4761594a8099.cloudfront.net (CloudFront)
cache-control
max-age=63072000
access-control-allow-credentials
true
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
RhLMKPDRpipq9VMBAjAcLfSbAJbGTbm693TuZ-8TCvXcLuAHqbJkow==
sd
eu-u.openx.net/w/1.0/ Frame 7AAE
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
  • https://eu-u.openx.net/w/1.0/sd?id=537072979&val=aqsw2XJt1M227s5
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537072979&val=aqsw2XJt1M227s5
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=eceef17b-3677-408c-87cd-98b37bb51f08&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.210.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Jul 2021 01:49:26 GMT
via
1.1 google
server
OXGW/16.210.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 10 Jul 2021 01:49:26 GMT
Server
PingMatch/v2.0.30-661-ga8ef792#rel-ec2-master i-01574fb08bde3815a@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security
max-age=604800; includeSubDomains
P3P
policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Location
https://eu-u.openx.net/w/1.0/sd?id=537072979&val=aqsw2XJt1M227s5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 7AAE
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=openx
  • https://x.bidswitch.net/ul_cb/sync?ssp=openx
  • https://cm.smadex.com/sync?sm_did=bds&bds_ssp_id=openx&bds_param=d83c9bcd-b4ec-499e-98d8-4eecd3e78d25
  • https://x.bidswitch.net/sync?dsp_id=340&user_id=edd74b0a-5701-4422-b7cf-6b0fec9f5d7c&expires=10&ssp=openx&bsw_param=d83c9bcd-b4ec-499e-98d8-4eecd3e78d25
  • https://us-u.openx.net/w/1.0/sd?id=537072968&val=d83c9bcd-b4ec-499e-98d8-4eecd3e78d25
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072968&val=d83c9bcd-b4ec-499e-98d8-4eecd3e78d25
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=eceef17b-3677-408c-87cd-98b37bb51f08&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.210.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Jul 2021 01:49:26 GMT
via
1.1 google
server
OXGW/16.210.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
//us-u.openx.net/w/1.0/sd?id=537072968&val=d83c9bcd-b4ec-499e-98d8-4eecd3e78d25
date
Sat, 10 Jul 2021 01:49:26 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
sd
eu-u.openx.net/w/1.0/ Frame 7AAE
Redirect Chain
  • https://ib.adnxs.com/getuid?https://eu-u.openx.net/w/1.0/sd?id=537072399&val=$UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072399%26val%3D%24UID
  • https://eu-u.openx.net/w/1.0/sd?id=537072399&val=4122171323174047318
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537072399&val=4122171323174047318
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=eceef17b-3677-408c-87cd-98b37bb51f08&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.210.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Jul 2021 01:49:26 GMT
via
1.1 google
server
OXGW/16.210.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 10 Jul 2021 01:49:26 GMT
X-Proxy-Origin
144.76.109.30; 144.76.109.30; 535.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
55b007b0-8086-484d-ad3e-6fbdb8bb062d
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://eu-u.openx.net/w/1.0/sd?id=537072399&val=4122171323174047318
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
adx
match.prod.bidr.io/cookie-sync/ Frame 7AAE
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ox
  • https://match.prod.bidr.io/cookie-sync/ox?_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFCUVZFN0IwZmtBQURlNG1GdVNkZw&bee_sync_partners=pm%2Cpp%2Csas%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&b...
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Cpp%2Csas%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1
43 B
430 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Cpp%2Csas%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=eceef17b-3677-408c-87cd-98b37bb51f08&gdpr=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.209.246.140 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
Date
Sat, 10 Jul 2021 01:49:26 GMT
Server
nginx
strict-transport-security
max-age=2592000; includeSubDomains
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control
no-cache, must-revalidate
Connection
keep-alive
content-type
image/gif
Content-Length
43
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 10 Jul 2021 01:49:26 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Cpp%2Csas%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
360
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame 7AAE
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=424c60e8-fca6-4b00-b2f0-f22187eff141
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=424c60e8-fca6-4b00-b2f0-f22187eff141
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=eceef17b-3677-408c-87cd-98b37bb51f08&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.210.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Jul 2021 01:49:26 GMT
via
1.1 google
server
OXGW/16.210.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Sat, 10 Jul 2021 01:51:21 GMT
Server
MT3 3799 851f7e8 master cdg-pixel-x29
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=424c60e8-fca6-4b00-b2f0-f22187eff141
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Sat, 10 Jul 2021 01:51:20 GMT
sd
us-u.openx.net/w/1.0/ Frame 7AAE
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=INmIoXCKjK870digJNrAqyLQ36s70N2vcN-acDWA
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=INmIoXCKjK870digJNrAqyLQ36s70N2vcN-acDWA
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=eceef17b-3677-408c-87cd-98b37bb51f08&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.210.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Jul 2021 01:49:26 GMT
via
1.1 google
server
OXGW/16.210.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 10 Jul 2021 01:49:26 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=INmIoXCKjK870digJNrAqyLQ36s70N2vcN-acDWA
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame 7AAE
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=22
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=7002490424558948009
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=7002490424558948009
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=eceef17b-3677-408c-87cd-98b37bb51f08&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.210.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Jul 2021 01:49:26 GMT
via
1.1 google
server
OXGW/16.210.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 10 Jul 2021 01:49:26 GMT
server
nginx
location
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=7002490424558948009
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
openx
match.adsrvr.org/track/cmf/ Frame 7AAE 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/openx?oxid=13e7db84-8391-3700-5324-8961dd27ee8a&gdpr=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=eceef17b-3677-408c-87cd-98b37bb51f08&gdpr=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Jul 2021 01:49:26 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 7AAE
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=M2Y4ODA4NGUtNGFlNi02OWE0LTQ2YzQtZDNkODE3YzUyMGVh
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=M2Y4ODA4NGUtNGFlNi02OWE0LTQ2YzQtZDNkODE3YzUyMGVh&google_tc=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=M2Y4ODA4NGUtNGFlNi02OWE0LTQ2YzQtZDNkODE3YzUyMGVh&google_tc=
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=eceef17b-3677-408c-87cd-98b37bb51f08&gdpr=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Jul 2021 01:49:26 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 10 Jul 2021 01:49:26 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=M2Y4ODA4NGUtNGFlNi02OWE0LTQ2YzQtZDNkODE3YzUyMGVh&google_tc=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 7AAE
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&google_tc=
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELYh2WuTxCFmr_dnTi-B4cI&google_cver=1
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELYh2WuTxCFmr_dnTi-B4cI&google_cver=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=eceef17b-3677-408c-87cd-98b37bb51f08&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.210.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Jul 2021 01:49:26 GMT
via
1.1 google
server
OXGW/16.210.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 10 Jul 2021 01:49:26 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELYh2WuTxCFmr_dnTi-B4cI&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame 12EA
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
  • https://eu-u.openx.net/w/1.0/sd?id=537072979&val=aqsw2XJt1M227s5
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537072979&val=aqsw2XJt1M227s5
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=eceef17b-3677-408c-87cd-98b37bb51f08&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.210.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Jul 2021 01:49:26 GMT
via
1.1 google
server
OXGW/16.210.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 10 Jul 2021 01:49:26 GMT
Server
PingMatch/v2.0.30-661-ga8ef792#rel-ec2-master i-0b5388877fe362141@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security
max-age=604800; includeSubDomains
P3P
policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Location
https://eu-u.openx.net/w/1.0/sd?id=537072979&val=aqsw2XJt1M227s5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 12EA
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=openx
  • https://x.bidswitch.net/ul_cb/sync?ssp=openx
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=openx&bsw_custom_parameter=d83c9bcd-b4ec-499e-98d8-4eecd3e78d25
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=openx&bsw_custom_parameter=d83c9bcd-b4ec-499e-98d8-4eecd3e78d25
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=c5063de4-2eff-4090-9771-2348bc5610df&ssp=openx&expires=30&user_group=5&bsw_param=d83c9bcd-b4ec-499e-98d8-4eecd3e78d25
  • https://us-u.openx.net/w/1.0/sd?id=537072968&val=d83c9bcd-b4ec-499e-98d8-4eecd3e78d25
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072968&val=d83c9bcd-b4ec-499e-98d8-4eecd3e78d25
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=eceef17b-3677-408c-87cd-98b37bb51f08&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.210.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Jul 2021 01:49:26 GMT
via
1.1 google
server
OXGW/16.210.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
//us-u.openx.net/w/1.0/sd?id=537072968&val=d83c9bcd-b4ec-499e-98d8-4eecd3e78d25
date
Sat, 10 Jul 2021 01:49:26 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
sd
eu-u.openx.net/w/1.0/ Frame 12EA
Redirect Chain
  • https://ib.adnxs.com/getuid?https://eu-u.openx.net/w/1.0/sd?id=537072399&val=$UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072399%26val%3D%24UID
  • https://eu-u.openx.net/w/1.0/sd?id=537072399&val=2238049204240508785
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537072399&val=2238049204240508785
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=eceef17b-3677-408c-87cd-98b37bb51f08&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.210.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Jul 2021 01:49:26 GMT
via
1.1 google
server
OXGW/16.210.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 10 Jul 2021 01:49:26 GMT
X-Proxy-Origin
144.76.109.30; 144.76.109.30; 535.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
7ae77e7a-4332-4121-9b72-05f6deb2ecd3
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://eu-u.openx.net/w/1.0/sd?id=537072399&val=2238049204240508785
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cookie-sync
match.prod.bidr.io/ Frame 12EA
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ox
  • https://match.prod.bidr.io/cookie-sync/ox?_bee_ppp=1
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAAoe07B0fkAADghfHUO9Q&r=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3...
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=pp%2Csas%2Cox&bee_sync_current_partner=pm&bee_sync_initiator=ox&bee_sync_hop_count=1
43 B
430 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.prod.bidr.io/cookie-sync?bee_sync_partners=pp%2Csas%2Cox&bee_sync_current_partner=pm&bee_sync_initiator=ox&bee_sync_hop_count=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=eceef17b-3677-408c-87cd-98b37bb51f08&gdpr=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.209.246.140 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
Date
Sat, 10 Jul 2021 01:49:26 GMT
Server
nginx
strict-transport-security
max-age=2592000; includeSubDomains
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control
no-cache, must-revalidate
Connection
keep-alive
content-type
image/gif
Content-Length
43
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://match.prod.bidr.io/cookie-sync?bee_sync_partners=pp%2Csas%2Cox&bee_sync_current_partner=pm&bee_sync_initiator=ox&bee_sync_hop_count=1
date
Sat, 10 Jul 2021 01:49:25 GMT
cache-control
no-store, no-cache, private
x-lat
amspug019:0:404
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
sd
eu-u.openx.net/w/1.0/ Frame 12EA
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=e6e160e8-fca6-4b00-9acb-a599ff0ba2fe
43 B
114 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=e6e160e8-fca6-4b00-9acb-a599ff0ba2fe
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=eceef17b-3677-408c-87cd-98b37bb51f08&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.210.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Jul 2021 01:49:26 GMT
via
1.1 google
server
OXGW/16.210.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Sat, 10 Jul 2021 01:51:21 GMT
Server
MT3 3799 851f7e8 master cdg-pixel-x31
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=e6e160e8-fca6-4b00-9acb-a599ff0ba2fe
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Sat, 10 Jul 2021 01:51:20 GMT
sd
us-u.openx.net/w/1.0/ Frame 12EA
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=wcG2y5GSssXayebLzpP-lZOU6srakubLx8ZEqCDV
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=wcG2y5GSssXayebLzpP-lZOU6srakubLx8ZEqCDV
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=eceef17b-3677-408c-87cd-98b37bb51f08&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.210.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Jul 2021 01:49:26 GMT
via
1.1 google
server
OXGW/16.210.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 10 Jul 2021 01:49:26 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=wcG2y5GSssXayebLzpP-lZOU6srakubLx8ZEqCDV
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame 12EA
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=22
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=7913871185167847792
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=7913871185167847792
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=eceef17b-3677-408c-87cd-98b37bb51f08&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.210.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Jul 2021 01:49:26 GMT
via
1.1 google
server
OXGW/16.210.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 10 Jul 2021 01:49:26 GMT
server
nginx
location
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=7913871185167847792
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
openx
match.adsrvr.org/track/cmf/ Frame 12EA 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/openx?oxid=13e7db84-8391-3700-5324-8961dd27ee8a&gdpr=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=eceef17b-3677-408c-87cd-98b37bb51f08&gdpr=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Jul 2021 01:49:26 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 12EA
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=M2Y4ODA4NGUtNGFlNi02OWE0LTQ2YzQtZDNkODE3YzUyMGVh
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=M2Y4ODA4NGUtNGFlNi02OWE0LTQ2YzQtZDNkODE3YzUyMGVh&google_tc=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=M2Y4ODA4NGUtNGFlNi02OWE0LTQ2YzQtZDNkODE3YzUyMGVh&google_tc=
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=eceef17b-3677-408c-87cd-98b37bb51f08&gdpr=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Jul 2021 01:49:26 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 10 Jul 2021 01:49:26 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=M2Y4ODA4NGUtNGFlNi02OWE0LTQ2YzQtZDNkODE3YzUyMGVh&google_tc=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 12EA
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&google_tc=
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDUSm-koje4ZVz6r8JLyhCE&google_cver=1
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDUSm-koje4ZVz6r8JLyhCE&google_cver=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=eceef17b-3677-408c-87cd-98b37bb51f08&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.210.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Jul 2021 01:49:26 GMT
via
1.1 google
server
OXGW/16.210.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 10 Jul 2021 01:49:26 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDUSm-koje4ZVz6r8JLyhCE&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame 4604 		31 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
1f7964a9eed46177442b02f011b5c78893bf4cc3b5f4c0023cabdcd2c33009cc

Request headers

Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 10 Jul 2021 01:49:26 GMT
Content-Encoding
gzip
Last-Modified
Mon, 14 Jun 2021 16:13:39 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=13886
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9276
Expires
Sat, 10 Jul 2021 05:40:52 GMT
usync.html
eus.rubiconproject.com/ Frame 4E7E
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=12776
  • https://eus.rubiconproject.com/usync.html?p=12776
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=12776
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://cdn.undertone.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://cdn.undertone.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 23 Feb 2021 20:47:52 GMT
ETag
"402b0-119-5bc0708346e00"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sat, 10 Jul 2021 01:49:26 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

Server
AkamaiGHost
Content-Length
0
Location
https://eus.rubiconproject.com/usync.html?p=12776
Date
Sat, 10 Jul 2021 01:49:26 GMT
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
getuidnb
ib.adnxs.com/ Frame CB2A 		43 B
677 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/getuidnb?https://usr.undertone.com/userPixel/sync?partner=appnexus&uid=$UID
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.62 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 10 Jul 2021 01:49:26 GMT
X-Proxy-Origin
144.76.109.30; 144.76.109.30; 535.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
b845b4eb-b65f-463f-b463-2350d262fc73
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
usr.undertone.com/userPixel/ Frame CB2A
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=fba3d144-1026-4d31-a758-943b9545e305&r=https://usr.undertone.com/userPixel/sync?partnerId=39&uid=
  • https://usr.undertone.com/userPixel/sync?partnerId=39&uid=588abca3-833e-0b63-39a1-96a62a8bced8
0
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partnerId=39&uid=588abca3-833e-0b63-39a1-96a62a8bced8
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.21.58.76 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-21-58-76.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Jul 2021 01:49:26 GMT
x-envoy-upstream-service-time
1
server
istio-envoy
Connection
keep-alive
Content-Length
0

Redirect headers

date
Sat, 10 Jul 2021 01:49:26 GMT
content-encoding
gzip
server
OXGW/16.210.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://usr.undertone.com/userPixel/sync?partnerId=39&uid=588abca3-833e-0b63-39a1-96a62a8bced8
content-type
image/gif
alt-svc
clear
content-length
0
via
1.1 google
sync
usr.undertone.com/userPixel/ Frame CB2A
Redirect Chain
  • https://pixel.advertising.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true
  • https://pixel.advertising.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true&verify=true
  • https://ups.analytics.yahoo.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP0eecea80-e121-11eb-aea8-0218f49b87b6
  • https://ups.analytics.yahoo.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP0eecea80-e121-11eb-aea8-0218f49b87b6&verify=true
  • https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-kZ_65l1E2uGliVD1KUsnhLlgvFsHJAxr~A~UP0eecea80-e121-11eb-aea8-0218f49b87b6
0
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-kZ_65l1E2uGliVD1KUsnhLlgvFsHJAxr~A~UP0eecea80-e121-11eb-aea8-0218f49b87b6
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.21.58.76 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-21-58-76.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Jul 2021 01:49:26 GMT
x-envoy-upstream-service-time
1
server
istio-envoy
Connection
keep-alive
Content-Length
0

Redirect headers

Date
Sat, 10 Jul 2021 01:49:26 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-kZ_65l1E2uGliVD1KUsnhLlgvFsHJAxr~A~UP0eecea80-e121-11eb-aea8-0218f49b87b6
Connection
keep-alive
Content-Length
0
sync
usr.undertone.com/userPixel/ Frame CB2A
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sirnsvg&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=sirnsvg&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://usr.undertone.com/userPixel/sync?partner=ttd&uid=403bdaff-89eb-4834-95e1-28dbb88d3754&ttl=1628473766
0
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partner=ttd&uid=403bdaff-89eb-4834-95e1-28dbb88d3754&ttl=1628473766
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.21.58.76 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-21-58-76.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Jul 2021 01:49:26 GMT
x-envoy-upstream-service-time
0
server
istio-envoy
Connection
keep-alive
Content-Length
0

Redirect headers

pragma
no-cache
date
Sat, 10 Jul 2021 01:49:26 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://usr.undertone.com/userPixel/sync?partner=ttd&uid=403bdaff-89eb-4834-95e1-28dbb88d3754&ttl=1628473766
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
247
sync.php
pixel.rubiconproject.com/exchange/ Frame CB2A 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=12776
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
3bafef7aa4e37890defcd73f0a080481
Content-Type
image/gif
sync
usr.undertone.com/userPixel/ Frame CB2A
Redirect Chain
  • https://cs.admanmedia.com/sync/undertone?url=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3Fpartner%3Dacuityads%26uid%3D%24UID
  • https://usr.undertone.com/userPixel/sync?partner=acuityads&uid=083ceb0090f51f9a863a6a73b1125531c01aac12
0
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partner=acuityads&uid=083ceb0090f51f9a863a6a73b1125531c01aac12
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.21.58.76 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-21-58-76.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Jul 2021 01:49:26 GMT
x-envoy-upstream-service-time
1
server
istio-envoy
Connection
keep-alive
Content-Length
0

Redirect headers

Location
https://usr.undertone.com/userPixel/sync?partner=acuityads&uid=083ceb0090f51f9a863a6a73b1125531c01aac12
Date
Sat, 10 Jul 2021 01:49:26 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
current
pubmatic-match.dotomi.com/match/bounce/ Frame CB2A
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160318&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160318%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fusr.undertone...
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160318&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160318%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fusr.undertone...
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=6BAACCB9-48E3-49D2-BFE9-D4BC33D3906D&gdpr=0&gdpr_consent=
0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=6BAACCB9-48E3-49D2-BFE9-D4BC33D3906D&gdpr=0&gdpr_consent=
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:13::1400 , United States, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Jul 2021 01:49:26 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0

Redirect headers

location
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=6BAACCB9-48E3-49D2-BFE9-D4BC33D3906D&gdpr=0&gdpr_consent=
date
Sat, 10 Jul 2021 01:49:25 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
182
content-type
text/html; charset=utf-8
sync
usr.undertone.com/userPixel/ Frame 529B
Redirect Chain
  • https://ib.adnxs.com/getuidnb?https://usr.undertone.com/userPixel/sync?partner=appnexus&uid=$UID
  • https://usr.undertone.com/userPixel/sync?partner=appnexus&uid=2238049204240508785
0
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partner=appnexus&uid=2238049204240508785
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.21.58.76 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-21-58-76.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Jul 2021 01:49:26 GMT
x-envoy-upstream-service-time
1
server
istio-envoy
Connection
keep-alive
Content-Length
0

Redirect headers

Pragma
no-cache
Date
Sat, 10 Jul 2021 01:49:26 GMT
X-Proxy-Origin
144.76.109.30; 144.76.109.30; 535.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
30e79bd1-33d8-44ff-8f9a-7133374293fd
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://usr.undertone.com/userPixel/sync?partner=appnexus&uid=2238049204240508785
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
usr.undertone.com/userPixel/ Frame 529B
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=fba3d144-1026-4d31-a758-943b9545e305&r=https://usr.undertone.com/userPixel/sync?partnerId=39&uid=
  • https://usr.undertone.com/userPixel/sync?partnerId=39&uid=588abca3-833e-0b63-39a1-96a62a8bced8
0
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partnerId=39&uid=588abca3-833e-0b63-39a1-96a62a8bced8
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.21.58.76 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-21-58-76.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Jul 2021 01:49:26 GMT
x-envoy-upstream-service-time
0
server
istio-envoy
Connection
keep-alive
Content-Length
0

Redirect headers

date
Sat, 10 Jul 2021 01:49:26 GMT
content-encoding
gzip
server
OXGW/16.210.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://usr.undertone.com/userPixel/sync?partnerId=39&uid=588abca3-833e-0b63-39a1-96a62a8bced8
content-type
image/gif
alt-svc
clear
content-length
0
via
1.1 google
sync
usr.undertone.com/userPixel/ Frame 529B
Redirect Chain
  • https://pixel.advertising.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true
  • https://pixel.advertising.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true&verify=true
  • https://ups.analytics.yahoo.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP0eecea80-e121-11eb-aea8-0218f49b87b6
  • https://ups.analytics.yahoo.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP0eecea80-e121-11eb-aea8-0218f49b87b6&verify=true
  • https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-kZ_65l1E2uGliVD1KUsnhLlgvFsHJAxr~A~UP0eecea80-e121-11eb-aea8-0218f49b87b6
0
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-kZ_65l1E2uGliVD1KUsnhLlgvFsHJAxr~A~UP0eecea80-e121-11eb-aea8-0218f49b87b6
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.21.58.76 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-21-58-76.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Jul 2021 01:49:26 GMT
x-envoy-upstream-service-time
1
server
istio-envoy
Connection
keep-alive
Content-Length
0

Redirect headers

Date
Sat, 10 Jul 2021 01:49:26 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-kZ_65l1E2uGliVD1KUsnhLlgvFsHJAxr~A~UP0eecea80-e121-11eb-aea8-0218f49b87b6
Connection
keep-alive
Content-Length
0
sync
usr.undertone.com/userPixel/ Frame 529B
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sirnsvg&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=sirnsvg&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://usr.undertone.com/userPixel/sync?partner=ttd&uid=403bdaff-89eb-4834-95e1-28dbb88d3754&ttl=1628473766
0
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partner=ttd&uid=403bdaff-89eb-4834-95e1-28dbb88d3754&ttl=1628473766
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.21.58.76 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-21-58-76.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Jul 2021 01:49:26 GMT
x-envoy-upstream-service-time
1
server
istio-envoy
Connection
keep-alive
Content-Length
0

Redirect headers

pragma
no-cache
date
Sat, 10 Jul 2021 01:49:26 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://usr.undertone.com/userPixel/sync?partner=ttd&uid=403bdaff-89eb-4834-95e1-28dbb88d3754&ttl=1628473766
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
247
sync.php
pixel.rubiconproject.com/exchange/ Frame 529B 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=12776
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
3bafef7aa4e37890defcd73f0a080481
Content-Type
image/gif
sync
usr.undertone.com/userPixel/ Frame 529B
Redirect Chain
  • https://cs.admanmedia.com/sync/undertone?url=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3Fpartner%3Dacuityads%26uid%3D%24UID
  • https://usr.undertone.com/userPixel/sync?partner=acuityads&uid=083ceb0090f51f9a863a6a73b1125531c01aac12
0
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partner=acuityads&uid=083ceb0090f51f9a863a6a73b1125531c01aac12
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.21.58.76 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-21-58-76.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Jul 2021 01:49:26 GMT
x-envoy-upstream-service-time
1
server
istio-envoy
Connection
keep-alive
Content-Length
0

Redirect headers

Location
https://usr.undertone.com/userPixel/sync?partner=acuityads&uid=083ceb0090f51f9a863a6a73b1125531c01aac12
Date
Sat, 10 Jul 2021 01:49:26 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
current
pubmatic-match.dotomi.com/match/bounce/ Frame 529B
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160318&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160318%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fusr.undertone...
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160318&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160318%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fusr.undertone...
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=6BAACCB9-48E3-49D2-BFE9-D4BC33D3906D&gdpr=0&gdpr_consent=
0
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=6BAACCB9-48E3-49D2-BFE9-D4BC33D3906D&gdpr=0&gdpr_consent=
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:13::1400 , United States, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Jul 2021 01:49:26 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0

Redirect headers

location
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=6BAACCB9-48E3-49D2-BFE9-D4BC33D3906D&gdpr=0&gdpr_consent=
date
Sat, 10 Jul 2021 01:49:25 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
182
content-type
text/html; charset=utf-8
usync.html
eus.rubiconproject.com/ Frame A6F9
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=12776
  • https://eus.rubiconproject.com/usync.html?p=12776
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=12776
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://cdn.undertone.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://cdn.undertone.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 23 Feb 2021 20:47:52 GMT
ETag
"402b0-119-5bc0708346e00"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sat, 10 Jul 2021 01:49:26 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

Server
AkamaiGHost
Content-Length
0
Location
https://eus.rubiconproject.com/usync.html?p=12776
Date
Sat, 10 Jul 2021 01:49:26 GMT
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
generic
match.adsrvr.org/track/cmf/ Frame 97A2 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=1&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Jul 2021 01:49:26 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
xuid
eb2.3lift.com/ Frame 97A2
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=1&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm=&google_sc=&gdpr=1&gdpr_consent=&google_tc=
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESENgqEzkfy8gbtp8APMx0zo4&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
37 B
352 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESENgqEzkfy8gbtp8APMx0zo4&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.65.212.7 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Jul 2021 01:49:26 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Sat, 10 Jul 2021 01:49:26 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESENgqEzkfy8gbtp8APMx0zo4&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
332
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 97A2
Redirect Chain
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=1&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDQ2MTI4NTczODk5MDI3NTg3MA%3D%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDQ2MTI4NTczODk5MDI3NTg3MA%3D%3D&google_tc=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDQ2MTI4NTczODk5MDI3NTg3MA%3D%3D&google_tc=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Jul 2021 01:49:26 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 10 Jul 2021 01:49:26 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDQ2MTI4NTczODk5MDI3NTg3MA%3D%3D&google_tc=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
360
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
c.gif
c.bing.com/ Frame 97A2 		42 B
467 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bing.com/c.gif?xid=4461285738990275870&Red3=TLMS_pd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Jul 2021 01:49:25 GMT
etag
"9d284f105d6fd71:0"
last-modified
Fri, 02 Jul 2021 16:12:32 GMT
x-msedge-ref
Ref A: F4CA91F625E84CC1B21BBFB961C97998 Ref B: FRAEDGE1515 Ref C: 2021-07-10T01:49:26Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-type
image/gif
content-length
42
xuid
eb2.3lift.com/ Frame 97A2
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/4461285738990275870?gdpr=1&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-j7m3PplE2oRvSIdGUbVaZnx.O23.ErWuY5PV5d1cIg--~A&dongle=0883
37 B
352 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2662&xuid=y-j7m3PplE2oRvSIdGUbVaZnx.O23.ErWuY5PV5d1cIg--~A&dongle=0883
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.65.212.7 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Jul 2021 01:49:26 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Sat, 10 Jul 2021 01:49:26 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://eb2.3lift.com/xuid?mid=2662&xuid=y-j7m3PplE2oRvSIdGUbVaZnx.O23.ErWuY5PV5d1cIg--~A&dongle=0883
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
xuid
eb2.3lift.com/ Frame 97A2
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=1%26gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3335&xuid=2238049204240508785&dongle=4d58&gdpr=1&gdpr_consent=
37 B
352 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3335&xuid=2238049204240508785&dongle=4d58&gdpr=1&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.65.212.7 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Jul 2021 01:49:26 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Pragma
no-cache
Date
Sat, 10 Jul 2021 01:49:26 GMT
X-Proxy-Origin
144.76.109.30; 144.76.109.30; 535.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
3c5e9e5e-a296-4e3f-9642-2fef609cfc40
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://eb2.3lift.com/xuid?mid=3335&xuid=2238049204240508785&dongle=4d58&gdpr=1&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
iu3
s.amazon-adsystem.com/ Frame 97A2
Redirect Chain
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=1&gdpr_consent=&uid=4461285738990275870
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=4461285738990275870&dcc=t
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=4461285738990275870&dcc=t
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.13 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

Pragma
no-cache
Date
Sat, 10 Jul 2021 01:49:26 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=4461285738990275870&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
xuid
eb2.3lift.com/ Frame 97A2
Redirect Chain
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=1&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.65.212.7 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Jul 2021 01:49:26 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

Location
https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Pragma
no-cache
Date
Sat, 10 Jul 2021 01:49:26 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Content-Length
95
Content-Type
text/html; charset=utf-8
setuid
ib.adnxs.com/prebid/ Frame 97A2 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=triplelift_native&gdpr=1&gdpr_consent=&uid=4461285738990275870
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.62 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
setuid
ib.adnxs.com/prebid/ Frame 97A2 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=triplelift&gdpr=1&gdpr_consent=&uid=4461285738990275870
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.62 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
generic
match.adsrvr.org/track/cmf/ Frame 1491 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=1&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Jul 2021 01:49:26 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
xuid
eb2.3lift.com/ Frame 1491
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=1&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm=&google_sc=&gdpr=1&gdpr_consent=&google_tc=
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEJNZ5BlxKRsVxB_ErlR4BQo&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
37 B
352 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEJNZ5BlxKRsVxB_ErlR4BQo&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.65.212.7 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Jul 2021 01:49:26 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Sat, 10 Jul 2021 01:49:26 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEJNZ5BlxKRsVxB_ErlR4BQo&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
332
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 1491
Redirect Chain
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=1&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDQ2MTI4NTczODk5MDI3NTg3MA%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDQ2MTI4NTczODk5MDI3NTg3MA%3D%3D
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Jul 2021 01:49:26 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDQ2MTI4NTczODk5MDI3NTg3MA%3D%3D
date
Sat, 10 Jul 2021 01:49:26 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
c.gif
c.bing.com/ Frame 1491 		42 B
247 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bing.com/c.gif?xid=4461285738990275870&Red3=TLMS_pd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Jul 2021 01:49:25 GMT
etag
"9d284f105d6fd71:0"
last-modified
Fri, 02 Jul 2021 16:12:32 GMT
x-msedge-ref
Ref A: 271C9719727D4E31A7CDB1F657E14E34 Ref B: FRAEDGE1515 Ref C: 2021-07-10T01:49:26Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-type
image/gif
content-length
42
xuid
eb2.3lift.com/ Frame 1491
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/4461285738990275870?gdpr=1&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-iCYF1C9E2oQwHZD.2wLdFN2znvHKZpypKuzeEUjUcw--~A&dongle=0883
37 B
352 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2662&xuid=y-iCYF1C9E2oQwHZD.2wLdFN2znvHKZpypKuzeEUjUcw--~A&dongle=0883
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.65.212.7 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Jul 2021 01:49:26 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Sat, 10 Jul 2021 01:49:26 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://eb2.3lift.com/xuid?mid=2662&xuid=y-iCYF1C9E2oQwHZD.2wLdFN2znvHKZpypKuzeEUjUcw--~A&dongle=0883
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
xuid
eb2.3lift.com/ Frame 1491
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=1%26gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3335&xuid=4122171323174047318&dongle=4d58&gdpr=1&gdpr_consent=
37 B
352 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3335&xuid=4122171323174047318&dongle=4d58&gdpr=1&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.65.212.7 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Jul 2021 01:49:26 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Pragma
no-cache
Date
Sat, 10 Jul 2021 01:49:26 GMT
X-Proxy-Origin
144.76.109.30; 144.76.109.30; 535.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
5b41143e-7bd8-41d9-a6f0-c0c583389e57
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://eb2.3lift.com/xuid?mid=3335&xuid=4122171323174047318&dongle=4d58&gdpr=1&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
iu3
s.amazon-adsystem.com/ Frame 1491
Redirect Chain
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=1&gdpr_consent=&uid=4461285738990275870
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=4461285738990275870&dcc=t
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=4461285738990275870&dcc=t
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.13 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

Pragma
no-cache
Date
Sat, 10 Jul 2021 01:49:26 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=4461285738990275870&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
xuid
eb2.3lift.com/ Frame 1491
Redirect Chain
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=1&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.65.212.7 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Jul 2021 01:49:26 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

Location
https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Pragma
no-cache
Date
Sat, 10 Jul 2021 01:49:26 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Content-Length
95
Content-Type
text/html; charset=utf-8
setuid
ib.adnxs.com/prebid/ Frame 1491 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=triplelift_native&gdpr=1&gdpr_consent=&uid=4461285738990275870
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.62 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
setuid
ib.adnxs.com/prebid/ Frame 1491 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=triplelift&gdpr=1&gdpr_consent=&uid=4461285738990275870
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.62 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
checkp
usermatch.targeting.unrulymedia.com/usermatch/all/ Frame 703B 		589 B
679 B 		Script
General
Check archive.org
Download Go to
Full URL
https://usermatch.targeting.unrulymedia.com/usermatch/all/checkp?callback=checkpCallback
Requested by
Host: video.unrulymedia.com
URL: https://video.unrulymedia.com/native/third-party-iframes/third-party-iframes-b2835172ca9c26a5c07c.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.44 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
ec6cb1ecb7a1a6b2fc9d46770a569eb42dfbbee2f4e845c7d9436229041e94d3

Request headers

Referer
https://video.unrulymedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Jul 2021 01:49:26 GMT
server
Tengine
content-length
589
content-type
text/javascript
match
c1.adform.net/serving/cookie/ Frame 3105 		35 B
467 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?party=14&cid=6BAACCB9-48E3-49D2-BFE9-D4BC33D3906D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.237 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

:method
GET
:authority
c1.adform.net
:scheme
https
:path
/serving/cookie/match?party=14&cid=6BAACCB9-48E3-49D2-BFE9-D4BC33D3906D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
C=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Sat, 10 Jul 2021 01:49:26 GMT
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, no-transform
pragma
no-cache
expires
-1
set-cookie
uid=2054020238362579116; expires=Wed, 08 Sep 2021 01:49:26 GMT; domain=adform.net; path=/; secure; samesite=none
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
strict-transport-security
max-age=31536000; includeSubDomains
adx
match.prod.bidr.io/cookie-sync/ Frame 9E03
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFBb2UwN0IwZmtBQURnaGZIVU85UQ&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sy...
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
43 B
430 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.209.246.140 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Host
match.prod.bidr.io
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
bitoIsSecure=ok; bito=AABQVE7B0fkAADe4mFuSdg
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

cache-control
no-cache, must-revalidate
content-type
image/gif
Date
Sat, 10 Jul 2021 01:49:26 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
pragma
no-cache
Server
nginx
strict-transport-security
max-age=2592000; includeSubDomains
Content-Length
43
Connection
keep-alive

Redirect headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
date
Sat, 10 Jul 2021 01:49:26 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
server
HTTP server (unknown)
content-length
355
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
usersync.aspx
dis.criteo.com/dis/ Frame CD19 		43 B
338 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

:method
GET
:authority
dis.criteo.com
:scheme
https
:path
/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

cache-control
no-cache
pragma
no-cache
content-type
image/gif
expires
Sat, 10 Jul 2021 00:00:00 GMT
server
Microsoft-IIS/10.0
x-errorlevel
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1162
date
Sat, 10 Jul 2021 01:49:26 GMT
content-length
43
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame D55F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=a6rMuUjjSdK_6dS8M9OQbQ%3D%3D
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Jul 2021 01:49:26 GMT
content-encoding
gzip
last-modified
Tue, 15 Jun 2021 06:08:03 GMT
server
Apache/2.2.15 (CentOS)
etag
"1300708-3945-5c4c7cc02bd56"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=83853
accept-ranges
bytes
content-type
text/html; charset=UTF-8
content-length
5054
expires
Sun, 11 Jul 2021 01:06:59 GMT

Redirect headers

pragma
no-cache
date
Sat, 10 Jul 2021 01:49:26 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
272
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
420486.gif
idsync.rlcdn.com/ Frame D55F 		0
66 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/420486.gif?partner_uid=6BAACCB9-48E3-49D2-BFE9-D4BC33D3906D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Jul 2021 01:49:26 GMT
via
1.1 google
alt-svc
clear
content-length
0
SPug
image4.pubmatic.com/AdServer/ Frame D55F
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=e6e160e8-fca6-4b00-9acb-a599ff0ba2fe
0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=e6e160e8-fca6-4b00-9acb-a599ff0ba2fe
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Jul 2021 01:49:25 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Sat, 10 Jul 2021 01:51:21 GMT
Server
MT3 3799 851f7e8 master cdg-pixel-x3
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=e6e160e8-fca6-4b00-9acb-a599ff0ba2fe
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Sat, 10 Jul 2021 01:51:20 GMT
CookieSyncPubMatic&gdpr=0&gdpr_consent=
rtb.adentifi.com/ Frame D55F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NkJBQUNDQjktNDhFMy00OUQyLUJGRTktRDRCQzMzRDM5MDZE&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://rtb.adentifi.com/CookieSyncPubMatic&gdpr=0&gdpr_consent=
0
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieSyncPubMatic&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.3.173.52 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Connection
keep-alive
Content-Length
0
Content-Type
text/plain

Redirect headers

location
https://rtb.adentifi.com/CookieSyncPubMatic&gdpr=0&gdpr_consent=
date
Sat, 10 Jul 2021 01:49:26 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
95
content-type
text/html; charset=utf-8
CookieSyncPubMatic&gdpr=0&gdpr_consent=
rtb.adentifi.com/ Frame D55F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEJ9RdaWtZ5utC71-QkDi_8Q&google_cver=1
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://rtb.adentifi.com/CookieSyncPubMatic&gdpr=0&gdpr_consent=
0
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieSyncPubMatic&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.3.173.52 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Connection
keep-alive
Content-Length
0
Content-Type
text/plain

Redirect headers

location
https://rtb.adentifi.com/CookieSyncPubMatic&gdpr=0&gdpr_consent=
date
Sat, 10 Jul 2021 01:49:26 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
95
content-type
text/html; charset=utf-8
pubmatic
um.simpli.fi/ Frame D55F 		43 B
609 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.253.128.188 Amsterdam, Netherlands, ASN36351 (SOFTLAYER, US),
Reverse DNS
bc.80.fd9f.ip4.static.sl-reverse.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Jul 2021 01:49:26 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Fri, 09 Jul 2021 01:49:26 GMT
CookieSyncPubMatic&gdpr=0&gdpr_consent=
rtb.adentifi.com/ Frame D55F
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2317974087860146848&gdpr=0&gdpr_consent=&us_privacy=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://rtb.adentifi.com/CookieSyncPubMatic&gdpr=0&gdpr_consent=
0
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieSyncPubMatic&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.3.173.52 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Connection
keep-alive
Content-Length
0
Content-Type
text/plain

Redirect headers

location
https://rtb.adentifi.com/CookieSyncPubMatic&gdpr=0&gdpr_consent=
date
Sat, 10 Jul 2021 01:49:25 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
95
content-type
text/html; charset=utf-8
CookieSyncPubMatic&gdpr=0&gdpr_consent=
rtb.adentifi.com/ Frame D55F
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=403bdaff-89eb-4834-95e1-28dbb88d3754
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://rtb.adentifi.com/CookieSyncPubMatic&gdpr=0&gdpr_consent=
0
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieSyncPubMatic&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.3.173.52 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Connection
keep-alive
Content-Length
0
Content-Type
text/plain

Redirect headers

location
https://rtb.adentifi.com/CookieSyncPubMatic&gdpr=0&gdpr_consent=
date
Sat, 10 Jul 2021 01:49:25 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
95
content-type
text/html; charset=utf-8
sync
usr.undertone.com/userPixel/ Frame D55F
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YOj8pgACs35VQQA4&gdpr=0&gdpr_consent=&_test=YOj8pgACs35VQQA4
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?p=160318&pmc=1&pr=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D53%26uid%3D6BAACCB9-48E3-49D2-BFE9-D4BC33D3906D
  • https://usr.undertone.com/userPixel/sync?partnerId=53&uid=6BAACCB9-48E3-49D2-BFE9-D4BC33D3906D
0
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partnerId=53&uid=6BAACCB9-48E3-49D2-BFE9-D4BC33D3906D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.21.58.76 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-21-58-76.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Jul 2021 01:49:26 GMT
x-envoy-upstream-service-time
1
server
istio-envoy
Connection
keep-alive
Content-Length
0

Redirect headers

location
https://usr.undertone.com/userPixel/sync?partnerId=53&uid=6BAACCB9-48E3-49D2-BFE9-D4BC33D3906D
date
Fri, 09 Jul 2021 21:54:00 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
CookieSyncPubMatic&gdpr=0&gdpr_consent=
rtb.adentifi.com/ Frame D55F
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:e6e160e8-fca6-4b00-9acb-a599ff0ba2fe&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://rtb.adentifi.com/CookieSyncPubMatic&gdpr=0&gdpr_consent=
0
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieSyncPubMatic&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.3.173.52 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Connection
keep-alive
Content-Length
0
Content-Type
text/plain

Redirect headers

location
https://rtb.adentifi.com/CookieSyncPubMatic&gdpr=0&gdpr_consent=
date
Sat, 10 Jul 2021 01:49:25 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
95
content-type
text/html; charset=utf-8
6BAACCB9-48E3-49D2-BFE9-D4BC33D3906D
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame D55F 		43 B
565 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/6BAACCB9-48E3-49D2-BFE9-D4BC33D3906D?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1288:110:c305::8000 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Jul 2021 01:49:26 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame D55F
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=6BAACCB9-48E3-49D2-BFE9-D4BC33D3906D&redir=true&gdpr=0&gdpr_consent=
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=6BAACCB9-48E3-49D2-BFE9-D4BC33D3906D&redir=true&gdpr=0&gdpr_consent=&verify=true
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-jUbjsR5E2uXBiTh.7JPS2hahylk8mrc-~A&gdpr=0&gdpr_consent=
0
128 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-jUbjsR5E2uXBiTh.7JPS2hahylk8mrc-~A&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Jul 2021 21:54:26 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Sat, 10 Jul 2021 01:49:26 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-jUbjsR5E2uXBiTh.7JPS2hahylk8mrc-~A&gdpr=0&gdpr_consent=
Connection
keep-alive
Content-Length
0
CookieSyncPubMatic&gdpr=0&gdpr_consent=
rtb.adentifi.com/ Frame D55F
Redirect Chain
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2238049204240508785&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://rtb.adentifi.com/CookieSyncPubMatic&gdpr=0&gdpr_consent=
0
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieSyncPubMatic&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.3.173.52 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Connection
keep-alive
Content-Length
0
Content-Type
text/plain

Redirect headers

location
https://rtb.adentifi.com/CookieSyncPubMatic&gdpr=0&gdpr_consent=
date
Sat, 10 Jul 2021 01:49:26 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
95
content-type
text/html; charset=utf-8
usync.js
eus.rubiconproject.com/ Frame 4E7E 		31 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=12776
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
1f7964a9eed46177442b02f011b5c78893bf4cc3b5f4c0023cabdcd2c33009cc

Request headers

Referer
https://eus.rubiconproject.com/usync.html?p=12776
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 10 Jul 2021 01:49:26 GMT
Content-Encoding
gzip
Last-Modified
Mon, 14 Jun 2021 16:13:39 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=13886
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9276
Expires
Sat, 10 Jul 2021 05:40:52 GMT
usync.js
eus.rubiconproject.com/ Frame A6F9 		31 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=12776
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
1f7964a9eed46177442b02f011b5c78893bf4cc3b5f4c0023cabdcd2c33009cc

Request headers

Referer
https://eus.rubiconproject.com/usync.html?p=12776
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 10 Jul 2021 01:49:26 GMT
Content-Encoding
gzip
Last-Modified
Mon, 14 Jun 2021 16:13:39 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=13886
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9276
Expires
Sat, 10 Jul 2021 05:40:52 GMT
RX-a399cdfd-f431-4a18-9179-44ff40a40442-003
sync.targeting.unrulymedia.com/csync/ Frame 200B
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=unrulyx
  • https://pm.w55c.net/ping_match.gif?st=bidswitch&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D79%26user_id%3D_wfivefivec_%26expires%3D30%26ssp%3Dunrulyx%26bsw_param%3Dd83c9bcd-b4ec-499e-98d8-4eecd3e...
  • https://x.bidswitch.net/sync?dsp_id=79&user_id=aqsw2XJt1M227s5&expires=30&ssp=unrulyx&bsw_param=d83c9bcd-b4ec-499e-98d8-4eecd3e78d25
  • https://usermatch.targeting.unrulymedia.com/usermatch/iponweb/d83c9bcd-b4ec-499e-98d8-4eecd3e78d25?gdpr=&gdpr_consent=
  • https://sync.1rx.io/usersync/bidswitch/d83c9bcd-b4ec-499e-98d8-4eecd3e78d25?gdpr=&gdpr_consent=
  • https://sync.1rx.io/usersync/bidswitch/d83c9bcd-b4ec-499e-98d8-4eecd3e78d25?zcc=1&dspret=0&cb=1625881766704
  • https://sync.targeting.unrulymedia.com/csync/RX-a399cdfd-f431-4a18-9179-44ff40a40442-003
43 B
395 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.targeting.unrulymedia.com/csync/RX-a399cdfd-f431-4a18-9179-44ff40a40442-003
Requested by
Host: video.unrulymedia.com
URL: https://video.unrulymedia.com/native/third-party-iframes/third-party-iframes-b2835172ca9c26a5c07c.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.44 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

:method
GET
:authority
sync.targeting.unrulymedia.com
:scheme
https
:path
/csync/RX-a399cdfd-f431-4a18-9179-44ff40a40442-003
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://video.unrulymedia.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://video.unrulymedia.com/

Response headers

server
Tengine
date
Sat, 10 Jul 2021 01:49:26 GMT
content-length
43
set-cookie
_rxuuid=%7B%22rx_uuid%22%3A%22RX-a399cdfd-f431-4a18-9179-44ff40a40442-003%22%7D; path=/; expires=Sun, 10 Jul 2022 01:49:26 GMT; domain=.targeting.unrulymedia.com; samesite=none; secure; httponly
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

Redirect headers

server
Tengine
date
Sat, 10 Jul 2021 01:49:26 GMT
content-type
text/html
cache-control
no-store, no-cache, must-revalidate
expires
0
pragma
no-cache
location
https://sync.targeting.unrulymedia.com/csync/RX-a399cdfd-f431-4a18-9179-44ff40a40442-003
RX-a399cdfd-f431-4a18-9179-44ff40a40442-003
sync.targeting.unrulymedia.com/csync/ Frame 6009
Redirect Chain
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fusermatch.targeting.unrulymedia.com%2Fusermatch%2Floopme%2F%7Bdevice_id%7D
  • https://usermatch.targeting.unrulymedia.com/usermatch/loopme/ad8f8fc1-5d8a-499b-87c0-89c93e1d2b16
  • https://sync.1rx.io/usersync/loopme/ad8f8fc1-5d8a-499b-87c0-89c93e1d2b16
  • https://sync.1rx.io/usersync/loopme/ad8f8fc1-5d8a-499b-87c0-89c93e1d2b16?zcc=1&dspret=0&cb=1625881766704
  • https://sync.targeting.unrulymedia.com/csync/RX-a399cdfd-f431-4a18-9179-44ff40a40442-003
43 B
395 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.targeting.unrulymedia.com/csync/RX-a399cdfd-f431-4a18-9179-44ff40a40442-003
Requested by
Host: video.unrulymedia.com
URL: https://video.unrulymedia.com/native/third-party-iframes/third-party-iframes-b2835172ca9c26a5c07c.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.44 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

:method
GET
:authority
sync.targeting.unrulymedia.com
:scheme
https
:path
/csync/RX-a399cdfd-f431-4a18-9179-44ff40a40442-003
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://video.unrulymedia.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://video.unrulymedia.com/

Response headers

server
Tengine
date
Sat, 10 Jul 2021 01:49:26 GMT
content-length
43
set-cookie
_rxuuid=%7B%22rx_uuid%22%3A%22RX-a399cdfd-f431-4a18-9179-44ff40a40442-003%22%7D; path=/; expires=Sun, 10 Jul 2022 01:49:26 GMT; domain=.targeting.unrulymedia.com; samesite=none; secure; httponly
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

Redirect headers

server
Tengine
date
Sat, 10 Jul 2021 01:49:26 GMT
content-type
text/html
cache-control
no-store, no-cache, must-revalidate
expires
0
pragma
no-cache
location
https://sync.targeting.unrulymedia.com/csync/RX-a399cdfd-f431-4a18-9179-44ff40a40442-003
RX-a399cdfd-f431-4a18-9179-44ff40a40442-003
sync.targeting.unrulymedia.com/csync/ Frame B3BA
Redirect Chain
  • https://cm.ctnsnet.com/int/cm?exc=23&redir=https%3A%2F%2Fusermatch.targeting.unrulymedia.com%2Fusermatch%2Fcrimtan%2F%5Buser_id%5D
  • https://usermatch.targeting.unrulymedia.com/usermatch/crimtan/9b71536f8a7847f4bb8127ef3557bbf7
  • https://sync.1rx.io/usersync/crimtan/9b71536f8a7847f4bb8127ef3557bbf7
  • https://sync.1rx.io/usersync/crimtan/9b71536f8a7847f4bb8127ef3557bbf7?zcc=1&dspret=0&cb=1625881766704
  • https://sync.targeting.unrulymedia.com/csync/RX-a399cdfd-f431-4a18-9179-44ff40a40442-003
43 B
395 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.targeting.unrulymedia.com/csync/RX-a399cdfd-f431-4a18-9179-44ff40a40442-003
Requested by
Host: video.unrulymedia.com
URL: https://video.unrulymedia.com/native/third-party-iframes/third-party-iframes-b2835172ca9c26a5c07c.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.44 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

:method
GET
:authority
sync.targeting.unrulymedia.com
:scheme
https
:path
/csync/RX-a399cdfd-f431-4a18-9179-44ff40a40442-003
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://video.unrulymedia.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://video.unrulymedia.com/

Response headers

server
Tengine
date
Sat, 10 Jul 2021 01:49:26 GMT
content-length
43
set-cookie
_rxuuid=%7B%22rx_uuid%22%3A%22RX-a399cdfd-f431-4a18-9179-44ff40a40442-003%22%7D; path=/; expires=Sun, 10 Jul 2022 01:49:26 GMT; domain=.targeting.unrulymedia.com; samesite=none; secure; httponly
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

Redirect headers

server
Tengine
date
Sat, 10 Jul 2021 01:49:26 GMT
content-type
text/html
cache-control
no-store, no-cache, must-revalidate
expires
0
pragma
no-cache
location
https://sync.targeting.unrulymedia.com/csync/RX-a399cdfd-f431-4a18-9179-44ff40a40442-003
RX-a399cdfd-f431-4a18-9179-44ff40a40442-003
sync.targeting.unrulymedia.com/csync/ Frame 54DF
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fusermatch.targeting.unrulymedia.com%2Fusermatch%2Fappnexus%2F%24UID
  • https://usermatch.targeting.unrulymedia.com/usermatch/appnexus/2238049204240508785
  • https://sync.1rx.io/usersync/appnexus/2238049204240508785
  • https://sync.1rx.io/usersync/appnexus/2238049204240508785?zcc=1&dspret=0&cb=1625881766704
  • https://sync.targeting.unrulymedia.com/csync/RX-a399cdfd-f431-4a18-9179-44ff40a40442-003
43 B
395 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.targeting.unrulymedia.com/csync/RX-a399cdfd-f431-4a18-9179-44ff40a40442-003
Requested by
Host: video.unrulymedia.com
URL: https://video.unrulymedia.com/native/third-party-iframes/third-party-iframes-b2835172ca9c26a5c07c.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.44 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

:method
GET
:authority
sync.targeting.unrulymedia.com
:scheme
https
:path
/csync/RX-a399cdfd-f431-4a18-9179-44ff40a40442-003
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://video.unrulymedia.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://video.unrulymedia.com/

Response headers

server
Tengine
date
Sat, 10 Jul 2021 01:49:26 GMT
content-length
43
set-cookie
_rxuuid=%7B%22rx_uuid%22%3A%22RX-a399cdfd-f431-4a18-9179-44ff40a40442-003%22%7D; path=/; expires=Sun, 10 Jul 2022 01:49:26 GMT; domain=.targeting.unrulymedia.com; samesite=none; secure; httponly
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

Redirect headers

server
Tengine
date
Sat, 10 Jul 2021 01:49:26 GMT
content-type
text/html
cache-control
no-store, no-cache, must-revalidate
expires
0
pragma
no-cache
location
https://sync.targeting.unrulymedia.com/csync/RX-a399cdfd-f431-4a18-9179-44ff40a40442-003
RX-a399cdfd-f431-4a18-9179-44ff40a40442-003
sync.targeting.unrulymedia.com/csync/ Frame 1242
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=74&redir=https%3A%2F%2Fusermatch.targeting.unrulymedia.com%2Fusermatch%2Fmediamath%2F%5BMM_UUID%5D
  • https://usermatch.targeting.unrulymedia.com/usermatch/mediamath/e6e160e8-fca6-4b00-9acb-a599ff0ba2fe
  • https://sync.1rx.io/usersync/mediamathtest/e6e160e8-fca6-4b00-9acb-a599ff0ba2fe
  • https://sync.1rx.io/usersync/mediamathtest/e6e160e8-fca6-4b00-9acb-a599ff0ba2fe?zcc=1&dspret=0&cb=1625881766704
  • https://sync.targeting.unrulymedia.com/csync/RX-a399cdfd-f431-4a18-9179-44ff40a40442-003
43 B
395 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.targeting.unrulymedia.com/csync/RX-a399cdfd-f431-4a18-9179-44ff40a40442-003
Requested by
Host: video.unrulymedia.com
URL: https://video.unrulymedia.com/native/third-party-iframes/third-party-iframes-b2835172ca9c26a5c07c.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.44 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

:method
GET
:authority
sync.targeting.unrulymedia.com
:scheme
https
:path
/csync/RX-a399cdfd-f431-4a18-9179-44ff40a40442-003
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://video.unrulymedia.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://video.unrulymedia.com/

Response headers

server
Tengine
date
Sat, 10 Jul 2021 01:49:26 GMT
content-length
43
set-cookie
_rxuuid=%7B%22rx_uuid%22%3A%22RX-a399cdfd-f431-4a18-9179-44ff40a40442-003%22%7D; path=/; expires=Sun, 10 Jul 2022 01:49:26 GMT; domain=.targeting.unrulymedia.com; samesite=none; secure; httponly
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

Redirect headers

server
Tengine
date
Sat, 10 Jul 2021 01:49:26 GMT
content-type
text/html
cache-control
no-store, no-cache, must-revalidate
expires
0
pragma
no-cache
location
https://sync.targeting.unrulymedia.com/csync/RX-a399cdfd-f431-4a18-9179-44ff40a40442-003
RX-a399cdfd-f431-4a18-9179-44ff40a40442-003
sync.targeting.unrulymedia.com/csync/ Frame 6D56
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/1cMuUcwh?redir=https%3A%2F%2Fusermatch.targeting.unrulymedia.com%2Fusermatch%2Fadobe%2F%24%7BTM_USER_ID%7D%3F
  • https://sync-tm.everesttech.net/ct/upi/pid/1cMuUcwh?redir=https%3A%2F%2Fusermatch.targeting.unrulymedia.com%2Fusermatch%2Fadobe%2F%24%7BTM_USER_ID%7D%3F&_test=YOj8pgACmZKXbwAC
  • https://usermatch.targeting.unrulymedia.com/usermatch/adobe/YOj8pgACmZKXbwAC?&_test=YOj8pgACmZKXbwAC
  • https://sync.1rx.io/usersync/adobe/YOj8pgACmZKXbwAC?&_test=YOj8pgACmZKXbwAC
  • https://sync.targeting.unrulymedia.com/csync/RX-a399cdfd-f431-4a18-9179-44ff40a40442-003
43 B
395 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.targeting.unrulymedia.com/csync/RX-a399cdfd-f431-4a18-9179-44ff40a40442-003
Requested by
Host: video.unrulymedia.com
URL: https://video.unrulymedia.com/native/third-party-iframes/third-party-iframes-b2835172ca9c26a5c07c.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.44 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

:method
GET
:authority
sync.targeting.unrulymedia.com
:scheme
https
:path
/csync/RX-a399cdfd-f431-4a18-9179-44ff40a40442-003
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://video.unrulymedia.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
_rxuuid=%7B%22rx_uuid%22%3A%22RX-a399cdfd-f431-4a18-9179-44ff40a40442-003%22%7D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://video.unrulymedia.com/

Response headers

server
Tengine
date
Sat, 10 Jul 2021 01:49:26 GMT
content-length
43
set-cookie
_rxuuid=%7B%22rx_uuid%22%3A%22RX-a399cdfd-f431-4a18-9179-44ff40a40442-003%22%7D; path=/; expires=Sun, 10 Jul 2022 01:49:26 GMT; domain=.targeting.unrulymedia.com; samesite=none; secure; httponly
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

Redirect headers

server
Tengine
date
Sat, 10 Jul 2021 01:49:26 GMT
content-type
text/html
cache-control
no-store, no-cache, must-revalidate
expires
0
pragma
no-cache
location
https://sync.targeting.unrulymedia.com/csync/RX-a399cdfd-f431-4a18-9179-44ff40a40442-003
RX-a399cdfd-f431-4a18-9179-44ff40a40442-003
sync.targeting.unrulymedia.com/csync/ Frame CB72
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=unruly&ttd_tpi=1
  • https://usermatch.targeting.unrulymedia.com/usermatch/tradedesk/403bdaff-89eb-4834-95e1-28dbb88d3754
  • https://sync.1rx.io/usersync/tradedesk/403bdaff-89eb-4834-95e1-28dbb88d3754
  • https://sync.targeting.unrulymedia.com/csync/RX-a399cdfd-f431-4a18-9179-44ff40a40442-003
43 B
395 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.targeting.unrulymedia.com/csync/RX-a399cdfd-f431-4a18-9179-44ff40a40442-003
Requested by
Host: video.unrulymedia.com
URL: https://video.unrulymedia.com/native/third-party-iframes/third-party-iframes-b2835172ca9c26a5c07c.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.44 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

:method
GET
:authority
sync.targeting.unrulymedia.com
:scheme
https
:path
/csync/RX-a399cdfd-f431-4a18-9179-44ff40a40442-003
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://video.unrulymedia.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://video.unrulymedia.com/

Response headers

server
Tengine
date
Sat, 10 Jul 2021 01:49:26 GMT
content-length
43
set-cookie
_rxuuid=%7B%22rx_uuid%22%3A%22RX-a399cdfd-f431-4a18-9179-44ff40a40442-003%22%7D; path=/; expires=Sun, 10 Jul 2022 01:49:26 GMT; domain=.targeting.unrulymedia.com; samesite=none; secure; httponly
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

Redirect headers

server
Tengine
date
Sat, 10 Jul 2021 01:49:26 GMT
content-type
text/html
cache-control
no-store, no-cache, must-revalidate
expires
0
pragma
no-cache
location
https://sync.targeting.unrulymedia.com/csync/RX-a399cdfd-f431-4a18-9179-44ff40a40442-003
usync.html
eus.rubiconproject.com/ Frame F95B
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=unruly&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=unruly&endpoint=us-east
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=unruly&endpoint=us-east
Requested by
Host: video.unrulymedia.com
URL: https://video.unrulymedia.com/native/third-party-iframes/third-party-iframes-b2835172ca9c26a5c07c.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://video.unrulymedia.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://video.unrulymedia.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 23 Feb 2021 20:47:52 GMT
ETag
"402b0-119-5bc0708346e00"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sat, 10 Jul 2021 01:49:26 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

Server
AkamaiGHost
Content-Length
0
Location
https://eus.rubiconproject.com/usync.html?p=unruly&endpoint=us-east
Date
Sat, 10 Jul 2021 01:49:26 GMT
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
RX-a399cdfd-f431-4a18-9179-44ff40a40442-003
sync.targeting.unrulymedia.com/csync/ Frame AF5B
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=41
  • https://usermatch.targeting.unrulymedia.com/usermatch/stackadapt/3kkQnbILQdpgYcGmLU_sfZBMbR4
  • https://sync.1rx.io/usersync/stackadapt/3kkQnbILQdpgYcGmLU_sfZBMbR4
  • https://sync.targeting.unrulymedia.com/csync/RX-a399cdfd-f431-4a18-9179-44ff40a40442-003
43 B
395 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.targeting.unrulymedia.com/csync/RX-a399cdfd-f431-4a18-9179-44ff40a40442-003
Requested by
Host: video.unrulymedia.com
URL: https://video.unrulymedia.com/native/third-party-iframes/third-party-iframes-b2835172ca9c26a5c07c.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.44 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

:method
GET
:authority
sync.targeting.unrulymedia.com
:scheme
https
:path
/csync/RX-a399cdfd-f431-4a18-9179-44ff40a40442-003
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://video.unrulymedia.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
_rxuuid=%7B%22rx_uuid%22%3A%22RX-a399cdfd-f431-4a18-9179-44ff40a40442-003%22%7D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://video.unrulymedia.com/

Response headers

server
Tengine
date
Sat, 10 Jul 2021 01:49:27 GMT
content-length
43
set-cookie
_rxuuid=%7B%22rx_uuid%22%3A%22RX-a399cdfd-f431-4a18-9179-44ff40a40442-003%22%7D; path=/; expires=Sun, 10 Jul 2022 01:49:27 GMT; domain=.targeting.unrulymedia.com; samesite=none; secure; httponly
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

Redirect headers

server
Tengine
date
Sat, 10 Jul 2021 01:49:27 GMT
content-type
text/html
cache-control
no-store, no-cache, must-revalidate
expires
0
pragma
no-cache
location
https://sync.targeting.unrulymedia.com/csync/RX-a399cdfd-f431-4a18-9179-44ff40a40442-003
RX-a399cdfd-f431-4a18-9179-44ff40a40442-003
sync.targeting.unrulymedia.com/csync/ Frame 97C7
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/unruly/
  • https://usermatch.targeting.unrulymedia.com/usermatch/oath/y-dDBu6RVE2oV8EMQ4ZvTzUaMOmdcEG3gGHZyN~A
  • https://sync.1rx.io/usersync/verizon/y-dDBu6RVE2oV8EMQ4ZvTzUaMOmdcEG3gGHZyN~A
  • https://sync.targeting.unrulymedia.com/csync/RX-a399cdfd-f431-4a18-9179-44ff40a40442-003
43 B
395 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.targeting.unrulymedia.com/csync/RX-a399cdfd-f431-4a18-9179-44ff40a40442-003
Requested by
Host: video.unrulymedia.com
URL: https://video.unrulymedia.com/native/third-party-iframes/third-party-iframes-b2835172ca9c26a5c07c.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.44 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

:method
GET
:authority
sync.targeting.unrulymedia.com
:scheme
https
:path
/csync/RX-a399cdfd-f431-4a18-9179-44ff40a40442-003
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://video.unrulymedia.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://video.unrulymedia.com/

Response headers

server
Tengine
date
Sat, 10 Jul 2021 01:49:26 GMT
content-length
43
set-cookie
_rxuuid=%7B%22rx_uuid%22%3A%22RX-a399cdfd-f431-4a18-9179-44ff40a40442-003%22%7D; path=/; expires=Sun, 10 Jul 2022 01:49:26 GMT; domain=.targeting.unrulymedia.com; samesite=none; secure; httponly
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

Redirect headers

server
Tengine
date
Sat, 10 Jul 2021 01:49:26 GMT
content-type
text/html
cache-control
no-store, no-cache, must-revalidate
expires
0
pragma
no-cache
location
https://sync.targeting.unrulymedia.com/csync/RX-a399cdfd-f431-4a18-9179-44ff40a40442-003
RX-a399cdfd-f431-4a18-9179-44ff40a40442-003
sync.targeting.unrulymedia.com/csync/ Frame 9105
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=560138&ev=1&daaqp=1&rurl=https%3A%2F%2Fusermatch.targeting.unrulymedia.com%2Fusermatch%2Fpulsepoint%2F%25%25VGUID%25%25
  • https://usermatch.targeting.unrulymedia.com/usermatch/pulsepoint/A6Q9qrKcnVTw
  • https://sync.1rx.io/usersync/pulse/A6Q9qrKcnVTw
  • https://sync.targeting.unrulymedia.com/csync/RX-a399cdfd-f431-4a18-9179-44ff40a40442-003
43 B
395 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.targeting.unrulymedia.com/csync/RX-a399cdfd-f431-4a18-9179-44ff40a40442-003
Requested by
Host: video.unrulymedia.com
URL: https://video.unrulymedia.com/native/third-party-iframes/third-party-iframes-b2835172ca9c26a5c07c.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.44 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

:method
GET
:authority
sync.targeting.unrulymedia.com
:scheme
https
:path
/csync/RX-a399cdfd-f431-4a18-9179-44ff40a40442-003
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://video.unrulymedia.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
_rxuuid=%7B%22rx_uuid%22%3A%22RX-a399cdfd-f431-4a18-9179-44ff40a40442-003%22%7D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://video.unrulymedia.com/

Response headers

server
Tengine
date
Sat, 10 Jul 2021 01:49:26 GMT
content-length
43
set-cookie
_rxuuid=%7B%22rx_uuid%22%3A%22RX-a399cdfd-f431-4a18-9179-44ff40a40442-003%22%7D; path=/; expires=Sun, 10 Jul 2022 01:49:26 GMT; domain=.targeting.unrulymedia.com; samesite=none; secure; httponly
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

Redirect headers

server
Tengine
date
Sat, 10 Jul 2021 01:49:26 GMT
content-type
text/html
cache-control
no-store, no-cache, must-revalidate
expires
0
pragma
no-cache
location
https://sync.targeting.unrulymedia.com/csync/RX-a399cdfd-f431-4a18-9179-44ff40a40442-003
Cookie set usermatch
ssum-sec.casalemedia.com/ Frame BD63
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?s=182257&cb=https%3A%2F%2Fusermatch.targeting.unrulymedia.com%2Fusermatch%2Fcasale%2F
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusermatch.targeting.unrulymedia.com%2Fusermatch%2Fcasale%2F&s=182257&C=1
2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusermatch.targeting.unrulymedia.com%2Fusermatch%2Fcasale%2F&s=182257&C=1
Requested by
Host: video.unrulymedia.com
URL: https://video.unrulymedia.com/native/third-party-iframes/third-party-iframes-b2835172ca9c26a5c07c.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7d49f88b90f553cdef1d578c9217e5951d1b3095ec5616ef31ac395207bab918

Request headers

Host
ssum-sec.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://video.unrulymedia.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
CMID=YOj8pu882BbQRl1VrXga2wAA; CMPS=3226
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://video.unrulymedia.com/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
241|230|39|45|65|51|41|40
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1708
Expires
Sat, 10 Jul 2021 01:49:26 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Sat, 10 Jul 2021 01:49:26 GMT
Connection
keep-alive
Set-Cookie
CMID=YOj8pu882BbQRl1VrXga2wAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 10 Jul 2022 01:49:26 GMT CMPS=3226;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 08 Oct 2021 01:49:26 GMT CMPRO=1182;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 08 Oct 2021 01:49:26 GMT CMST=YOj8pmDo-KYA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 11 Jul 2021 01:49:26 GMT CMRUM3=3360e8fca605a0&2960e8fca605a0&4160e8fca605a0&2760e8fca60b40&e660e8fca62760&f160e8fca605a0&2860e8fca605a00&2d60e8fca605a0;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 10 Jul 2022 01:49:26 GMT

Redirect headers

Server
Apache
Content-Length
324
Content-Type
text/html; charset=iso-8859-1
Location
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusermatch.targeting.unrulymedia.com%2Fusermatch%2Fcasale%2F&s=182257&C=1
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires
Sat, 10 Jul 2021 01:49:26 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Sat, 10 Jul 2021 01:49:26 GMT
Connection
keep-alive
Set-Cookie
CMID=YOj8pu882BbQRl1VrXga2wAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 10 Jul 2022 01:49:26 GMT CMPS=3226;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 08 Oct 2021 01:49:26 GMT
unr
match.prod.bidr.io/cookie-sync/ Frame 3B33
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/unr
  • https://match.prod.bidr.io/cookie-sync/unr?_bee_ppp=1
20 B
233 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.prod.bidr.io/cookie-sync/unr?_bee_ppp=1
Requested by
Host: video.unrulymedia.com
URL: https://video.unrulymedia.com/native/third-party-iframes/third-party-iframes-b2835172ca9c26a5c07c.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.209.246.140 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
64efdf33ff487ad815c53fe5f819454efd9364a0382e5f410972cfaa918fb66a
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Host
match.prod.bidr.io
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://video.unrulymedia.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
bito=AAAoe07B0fkAADghfHUO9Q; bitoIsSecure=ok
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://video.unrulymedia.com/

Response headers

content-type
text/plain
Date
Sat, 10 Jul 2021 01:49:26 GMT
Server
nginx
strict-transport-security
max-age=2592000; includeSubDomains
Content-Length
20
Connection
keep-alive

Redirect headers

Date
Sat, 10 Jul 2021 01:49:26 GMT
location
https://match.prod.bidr.io/cookie-sync/unr?_bee_ppp=1
Server
nginx
set-cookie
checkForPermission=ok; Domain=bidr.io; expires=Sat, 10 Jul 2021 01:59:26 GMT; Path=/; SameSite=None; Secure
strict-transport-security
max-age=2592000; includeSubDomains
Content-Length
0
Connection
keep-alive
OProy2ip7MUj8rjLN6iglWqvtMojqbjLPv0sK9Vj
sync.1rx.io/usersync/quantcast/ Frame 703B
Redirect Chain
  • https://cms.quantserve.com/pixel/p-QcHdy7VcGLKJK.gif?idmatch=0
  • https://sync.1rx.io/usersync/quantcast/OProy2ip7MUj8rjLN6iglWqvtMojqbjLPv0sK9Vj?gdpr=1
0
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.1rx.io/usersync/quantcast/OProy2ip7MUj8rjLN6iglWqvtMojqbjLPv0sK9Vj?gdpr=1
Requested by
Host: video.unrulymedia.com
URL: https://video.unrulymedia.com/iframes/third-party-iframes.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.44 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://video.unrulymedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Jul 2021 01:49:26 GMT
cache-control
no-store, no-cache, must-revalidate
server
Tengine
expires
0

Redirect headers

pragma
no-cache
date
Sat, 10 Jul 2021 01:49:26 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://sync.1rx.io/usersync/quantcast/OProy2ip7MUj8rjLN6iglWqvtMojqbjLPv0sK9Vj?gdpr=1
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
RX-a399cdfd-f431-4a18-9179-44ff40a40442-003
sync.targeting.unrulymedia.com/csync/ Frame 703B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=unruly_dbm&google_cm&google_sc
  • https://usermatch.targeting.unrulymedia.com/usermatch/google/CAESEI611eIUsYfXwd_aUBy8yT4?google_cver=1
  • https://sync.1rx.io/usersync/google/CAESEI611eIUsYfXwd_aUBy8yT4?google_cver=1
  • https://sync.targeting.unrulymedia.com/csync/RX-a399cdfd-f431-4a18-9179-44ff40a40442-003
43 B
395 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.targeting.unrulymedia.com/csync/RX-a399cdfd-f431-4a18-9179-44ff40a40442-003
Requested by
Host: video.unrulymedia.com
URL: https://video.unrulymedia.com/iframes/third-party-iframes.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.44 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer
https://video.unrulymedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Jul 2021 01:49:26 GMT
server
Tengine
content-length
43
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

Redirect headers

location
https://sync.targeting.unrulymedia.com/csync/RX-a399cdfd-f431-4a18-9179-44ff40a40442-003
pragma
no-cache
date
Sat, 10 Jul 2021 01:49:26 GMT
cache-control
no-store, no-cache, must-revalidate
server
Tengine
content-type
text/html
expires
0
um
cs.emxdgt.com/ Frame B0E2 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cs.emxdgt.com/um?ssp=pbs&redirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D44%26userId%3D%24UID
Requested by
Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000775.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.155.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash

Request headers

:method
GET
:authority
cs.emxdgt.com
:scheme
https
:path
/um?ssp=pbs&redirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D44%26userId%3D%24UID
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/

Response headers

content-type
text/html
date
Sat, 10 Jul 2021 01:49:26 GMT
content-length
0
usync.html
eus.rubiconproject.com/ Frame AD68
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17632&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
Requested by
Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000775.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 23 Feb 2021 20:47:52 GMT
ETag
"402b0-119-5bc0708346e00"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sat, 10 Jul 2021 01:49:26 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

Server
AkamaiGHost
Content-Length
0
Location
https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
Date
Sat, 10 Jul 2021 01:49:26 GMT
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cookie set uc.html
go.sonobi.com/ Frame EC3B 		43 B
577 B 		Document
General
Check archive.org
Download Go to
Full URL
https://go.sonobi.com/uc.html?pubid=e55fb5d7c2
Requested by
Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000775.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.148 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
sonobi-go /
Resource Hash
bcdf010ba3dc61605c33de9b33e7e76dbc3bb4326dcec49f33970345e517fb25
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Host
go.sonobi.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/

Response headers

Date
Sat, 10 Jul 2021 01:49:26 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Expires
Sat, 26 Jul 1997 05:00:00 GMT
Cache-Control
no-cache, no-store, private
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Pragma
no-cache
Tcn
Choice
Vary
negotiate,Accept-Encoding
X-Go-Server
go-ams-1-7-128
X-Xss-Protection
0
Content-Encoding
gzip
Server
sonobi-go
Set-Cookie
HAPLB5G=s57128|YOj8q; path=/; domain=.go.sonobi.com; SameSite=None; secure
usersync.html
ad-cdn.technoratimedia.com/html/ Frame 0E5D 		17 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad-cdn.technoratimedia.com/html/usersync.html
Requested by
Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000775.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.22.191 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frd/E2F8) /
Resource Hash
ff8efe03e36fae8294a9f7448f03cd707e09935b213ea2d445efcbcab7370790

Request headers

:method
GET
:authority
ad-cdn.technoratimedia.com
:scheme
https
:path
/html/usersync.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/

Response headers

content-encoding
gzip
accept-ranges
bytes
access-control-allow-origin
*
age
431
cache-control
max-age=900
content-type
text/html; charset=UTF-8
date
Sat, 10 Jul 2021 01:49:26 GMT
etag
"42b7-5c2afe6a21300"
expires
Sat, 10 Jul 2021 02:04:25 GMT
last-modified
Wed, 19 May 2021 14:47:08 GMT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
server
ECAcc (frd/E2F8)
vary
Accept-Encoding
via
1.1 varnish
x-cache
HIT
x-varnish
686616074 686616054
content-length
5429
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 2882 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&userIdMacro=PM_UID&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3DPM_UID
Requested by
Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000775.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/user_sync.html?p=156319&userIdMacro=PM_UID&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3DPM_UID
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KCCH=YES; KADUSERCOOKIE=6BAACCB9-48E3-49D2-BFE9-D4BC33D3906D; DPSync3=1627084800%3A201_197%7C1626480000%3A164%7C1625961600%3A174; KTPCACOOKIE=YES; ipc=160318^https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160318%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fusr.undertone.com%252FuserPixel%252Fsync%253FpartnerId%253D53%2526uid%253D%2523PMUID^2^0; chkChromeAb67Sec=2; SyncRTB3=1627084800%3A3_13_7_71_166_220_21_54_22%7C1626480000%3A223_2_15%7C1627171200%3A35
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=83853
expires
Sun, 11 Jul 2021 01:06:59 GMT
date
Sat, 10 Jul 2021 01:49:26 GMT
vary
Accept-Encoding
i.gif
e.serverbid.com/udb/9969/sync/ Frame 5256
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D28%26userId%3D%24UID
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=28&userId=2238049204240508785
0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=28&userId=2238049204240508785
Requested by
Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000775.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
134.209.131.220 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Jul 2021 01:49:26 GMT
content-length
0

Redirect headers

Pragma
no-cache
Date
Sat, 10 Jul 2021 01:49:26 GMT
X-Proxy-Origin
144.76.109.30; 144.76.109.30; 535.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
cf887702-5b8f-4aea-bac4-c61d4d8eb5e7
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=28&userId=2238049204240508785
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
services
sync.technoratimedia.com/ Frame 5256 		0
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.technoratimedia.com/services?srv=cs&pid=70&cb=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D51%26userId%3D%5BUSER_ID%5D
Requested by
Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000775.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
193.122.174.27 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Jul 2021 01:49:26 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
221579692
access-control-allow-origin
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
access-control-allow-credentials
true
i.gif
e.serverbid.com/udb/9969/sync/ Frame 5256
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=185073&cb=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=1&userId=YOj8pu882BbQRl1VrXga2wAA%261182
0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=1&userId=YOj8pu882BbQRl1VrXga2wAA%261182
Requested by
Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000775.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
134.209.131.220 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Jul 2021 01:49:26 GMT
content-length
0

Redirect headers

Pragma
no-cache
Date
Sat, 10 Jul 2021 01:49:26 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=1&userId=YOj8pu882BbQRl1VrXga2wAA%261182
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
282
Expires
Sat, 10 Jul 2021 01:49:26 GMT
i.gif
e.serverbid.com/udb/9969/sync/ Frame 5256
Redirect Chain
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D24%26userId%3D%24UID
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D24%26userId%3D%24UID&sovrn_retry=true
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=24&userId=22c2f92a89a131114ea2f2fb
0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=24&userId=22c2f92a89a131114ea2f2fb
Requested by
Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000775.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
134.209.131.220 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Jul 2021 01:49:26 GMT
content-length
0

Redirect headers

Date
Sat, 10 Jul 2021 01:49:26 GMT
Server
nginx
Location
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=24&userId=22c2f92a89a131114ea2f2fb
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap5ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
usa
sync.go.sonobi.com/ Frame 5256 		0
478 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/usa?https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=38&userId=
Requested by
Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000775.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 10 Jul 2021 01:49:26 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-129
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
text/plain; charset=utf8
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
i.gif
e.serverbid.com/udb/9969/sync/ Frame 5256
Redirect Chain
  • https://pixel.advertising.com/ups/56621/occ
  • https://ups.analytics.yahoo.com/ups/56621/occ?apid=UP0eecea80-e121-11eb-aea8-0218f49b87b6
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=29&userId=UP0eecea80-e121-11eb-aea8-0218f49b87b6
0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=29&userId=UP0eecea80-e121-11eb-aea8-0218f49b87b6
Requested by
Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000775.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
134.209.131.220 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Jul 2021 01:49:26 GMT
content-length
0

Redirect headers

Date
Sat, 10 Jul 2021 01:49:26 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=29&userId=UP0eecea80-e121-11eb-aea8-0218f49b87b6
Connection
keep-alive
Content-Length
0
i.gif
e.serverbid.com/udb/9969/sync/ Frame 5256
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=consumable
  • https://ads.betweendigital.com/match?bidder_id=43092&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dconsumable%26expires%3D30%26user_group%3D%...
  • https://ads.betweendigital.com/match?bidder_id=43092&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dconsumable%26expires%3D30%26user_group%3D%...
  • https://x.bidswitch.net/sync?dsp_id=429&user_id=8add5728-7228-52bf-857f-5debe597a14d&ssp=consumable&expires=30&user_group=1
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=52&userId=d83c9bcd-b4ec-499e-98d8-4eecd3e78d25
0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=52&userId=d83c9bcd-b4ec-499e-98d8-4eecd3e78d25
Requested by
Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000775.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
134.209.131.220 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Jul 2021 01:49:26 GMT
content-length
0

Redirect headers

location
//e.serverbid.com/udb/9969/sync/i.gif?partnerId=52&userId=d83c9bcd-b4ec-499e-98d8-4eecd3e78d25
date
Sat, 10 Jul 2021 01:49:26 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
i.gif
e.serverbid.com/udb/9969/sync/ Frame 43F5
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D28%26userId%3D%24UID
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=28&userId=2238049204240508785
0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=28&userId=2238049204240508785
Requested by
Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000775.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
134.209.131.220 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Jul 2021 01:49:26 GMT
content-length
0

Redirect headers

Pragma
no-cache
Date
Sat, 10 Jul 2021 01:49:26 GMT
X-Proxy-Origin
144.76.109.30; 144.76.109.30; 535.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
15ed5e3c-799a-400b-b5ac-cd6349852d29
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=28&userId=2238049204240508785
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
services
sync.technoratimedia.com/ Frame 43F5 		0
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.technoratimedia.com/services?srv=cs&pid=70&cb=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D51%26userId%3D%5BUSER_ID%5D
Requested by
Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000775.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
193.122.174.27 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Jul 2021 01:49:26 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
95694010
access-control-allow-origin
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
access-control-allow-credentials
true
i.gif
e.serverbid.com/udb/9969/sync/ Frame 43F5
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=185073&cb=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=1&userId=YOj8pu882BbQRl1VrXga2wAA%261182
0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=1&userId=YOj8pu882BbQRl1VrXga2wAA%261182
Requested by
Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000775.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
134.209.131.220 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Jul 2021 01:49:26 GMT
content-length
0

Redirect headers

Pragma
no-cache
Date
Sat, 10 Jul 2021 01:49:26 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=1&userId=YOj8pu882BbQRl1VrXga2wAA%261182
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
282
Expires
Sat, 10 Jul 2021 01:49:26 GMT
i.gif
e.serverbid.com/udb/9969/sync/ Frame 43F5
Redirect Chain
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D24%26userId%3D%24UID
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D24%26userId%3D%24UID&sovrn_retry=true
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=24&userId=22c2f92a89a131114ea2f2fb
0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=24&userId=22c2f92a89a131114ea2f2fb
Requested by
Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000775.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
134.209.131.220 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Jul 2021 01:49:26 GMT
content-length
0

Redirect headers

Date
Sat, 10 Jul 2021 01:49:26 GMT
Server
nginx
Location
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=24&userId=22c2f92a89a131114ea2f2fb
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap5ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
usa
sync.go.sonobi.com/ Frame 43F5 		0
478 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/usa?https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=38&userId=
Requested by
Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000775.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 10 Jul 2021 01:49:26 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-129
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
text/plain; charset=utf8
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
i.gif
e.serverbid.com/udb/9969/sync/ Frame 43F5
Redirect Chain
  • https://pixel.advertising.com/ups/56621/occ
  • https://ups.analytics.yahoo.com/ups/56621/occ?apid=UP0eecea80-e121-11eb-aea8-0218f49b87b6
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=29&userId=UP0eecea80-e121-11eb-aea8-0218f49b87b6
0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=29&userId=UP0eecea80-e121-11eb-aea8-0218f49b87b6
Requested by
Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000775.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
134.209.131.220 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Jul 2021 01:49:26 GMT
content-length
0

Redirect headers

Date
Sat, 10 Jul 2021 01:49:26 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=29&userId=UP0eecea80-e121-11eb-aea8-0218f49b87b6
Connection
keep-alive
Content-Length
0
sync
odr.mookie1.com/t/v2/ Frame 43F5
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=consumable
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=d83c9bcd-b4ec-499e-98d8-4eecd3e78d25&ssp=consumable&gdpr=&gdpr_consent=
43 B
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=d83c9bcd-b4ec-499e-98d8-4eecd3e78d25&ssp=consumable&gdpr=&gdpr_consent=
Requested by
Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000775.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
61.67.98.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Jul 2021 01:49:26 GMT
via
1.1 google
server
Apache
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif;charset=UTF-8
alt-svc
clear
content-length
43
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
//odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=d83c9bcd-b4ec-499e-98d8-4eecd3e78d25&ssp=consumable&gdpr=&gdpr_consent=
date
Sat, 10 Jul 2021 01:49:26 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
um
cs.emxdgt.com/ Frame 2E62 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cs.emxdgt.com/um?ssp=pbs&redirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D44%26userId%3D%24UID
Requested by
Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000775.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.155.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash

Request headers

:method
GET
:authority
cs.emxdgt.com
:scheme
https
:path
/um?ssp=pbs&redirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D44%26userId%3D%24UID
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/

Response headers

content-type
text/html
date
Sat, 10 Jul 2021 01:49:26 GMT
content-length
0
usync.html
eus.rubiconproject.com/ Frame 6F22
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17632&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
Requested by
Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000775.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 23 Feb 2021 20:47:52 GMT
ETag
"402b0-119-5bc0708346e00"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sat, 10 Jul 2021 01:49:26 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

Server
AkamaiGHost
Content-Length
0
Location
https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
Date
Sat, 10 Jul 2021 01:49:26 GMT
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cookie set uc.html
go.sonobi.com/ Frame D9B8 		43 B
577 B 		Document
General
Check archive.org
Download Go to
Full URL
https://go.sonobi.com/uc.html?pubid=e55fb5d7c2
Requested by
Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000775.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.148 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
sonobi-go /
Resource Hash
bcdf010ba3dc61605c33de9b33e7e76dbc3bb4326dcec49f33970345e517fb25
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Host
go.sonobi.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/

Response headers

Date
Sat, 10 Jul 2021 01:49:26 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Expires
Sat, 26 Jul 1997 05:00:00 GMT
Cache-Control
no-cache, no-store, private
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Pragma
no-cache
Tcn
Choice
Vary
negotiate,Accept-Encoding
X-Go-Server
go-ams-1-7-128
X-Xss-Protection
0
Content-Encoding
gzip
Server
sonobi-go
Set-Cookie
HAPLB5G=s57128|YOj8q; path=/; domain=.go.sonobi.com; SameSite=None; secure
usersync.html
ad-cdn.technoratimedia.com/html/ Frame 2C07 		17 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad-cdn.technoratimedia.com/html/usersync.html
Requested by
Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000775.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.22.191 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frd/E2F8) /
Resource Hash
ff8efe03e36fae8294a9f7448f03cd707e09935b213ea2d445efcbcab7370790

Request headers

:method
GET
:authority
ad-cdn.technoratimedia.com
:scheme
https
:path
/html/usersync.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/

Response headers

content-encoding
gzip
accept-ranges
bytes
access-control-allow-origin
*
age
431
cache-control
max-age=900
content-type
text/html; charset=UTF-8
date
Sat, 10 Jul 2021 01:49:26 GMT
etag
"42b7-5c2afe6a21300"
expires
Sat, 10 Jul 2021 02:04:25 GMT
last-modified
Wed, 19 May 2021 14:47:08 GMT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
server
ECAcc (frd/E2F8)
vary
Accept-Encoding
via
1.1 varnish
x-cache
HIT
x-varnish
686616074 686616054
content-length
5429
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 46CD 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&userIdMacro=PM_UID&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3DPM_UID
Requested by
Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000775.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/user_sync.html?p=156319&userIdMacro=PM_UID&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3DPM_UID
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KCCH=YES; KADUSERCOOKIE=6BAACCB9-48E3-49D2-BFE9-D4BC33D3906D; DPSync3=1627084800%3A201_197%7C1626480000%3A164%7C1625961600%3A174; KTPCACOOKIE=YES; ipc=160318^https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160318%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fusr.undertone.com%252FuserPixel%252Fsync%253FpartnerId%253D53%2526uid%253D%2523PMUID^2^0; chkChromeAb67Sec=2; SyncRTB3=1627084800%3A3_13_7_71_166_220_21_54_22%7C1626480000%3A223_2_15%7C1627171200%3A35; PUBMDCID=3; KRTBCOOKIE_80=22987-CAESEJ9RdaWtZ5utC71-QkDi_8Q&KRTB&16514-CAESEJ9RdaWtZ5utC71-QkDi_8Q&KRTB&23025-CAESEJ9RdaWtZ5utC71-QkDi_8Q; PugT=1625881765; KRTBCOOKIE_57=22776-2238049204240508785
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=83853
expires
Sun, 11 Jul 2021 01:06:59 GMT
date
Sat, 10 Jul 2021 01:49:26 GMT
vary
Accept-Encoding
usync.js
eus.rubiconproject.com/ Frame F95B 		31 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=unruly&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
1f7964a9eed46177442b02f011b5c78893bf4cc3b5f4c0023cabdcd2c33009cc

Request headers

Referer
https://eus.rubiconproject.com/usync.html?p=unruly&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 10 Jul 2021 01:49:26 GMT
Content-Encoding
gzip
Last-Modified
Mon, 14 Jun 2021 16:13:39 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=13886
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9276
Expires
Sat, 10 Jul 2021 05:40:52 GMT
dcm
s.amazon-adsystem.com/ Frame BD63
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YOj8pu882BbQRl1VrXga2wAABJ4AAAAB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YOj8pu882BbQRl1VrXga2wAABJ4AAAAB&dcc=t
43 B
433 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YOj8pu882BbQRl1VrXga2wAABJ4AAAAB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusermatch.targeting.unrulymedia.com%2Fusermatch%2Fcasale%2F&s=182257&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.13 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 10 Jul 2021 01:49:26 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 10 Jul 2021 01:49:26 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YOj8pu882BbQRl1VrXga2wAABJ4AAAAB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame BD63
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YOj8pu882BbQRl1VrXga2wAABJ4AAAAB&gdpr_consent=&us_privacy=&gdpr=1
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESENyfD9bhOKf2oU7Btsdi-qY&google_cver=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESENyfD9bhOKf2oU7Btsdi-qY&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusermatch.targeting.unrulymedia.com%2Fusermatch%2Fcasale%2F&s=182257&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 10 Jul 2021 01:49:26 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Sat, 10 Jul 2021 01:49:26 GMT

Redirect headers

pragma
no-cache
date
Sat, 10 Jul 2021 01:49:26 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESENyfD9bhOKf2oU7Btsdi-qY&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
343
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame BD63 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_dsp_id=39&cm_user_id=YOj8pu882BbQRl1VrXga2wAA&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusermatch.targeting.unrulymedia.com%2Fusermatch%2Fcasale%2F&s=182257&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Jul 2021 01:49:26 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
crum
dsum-sec.casalemedia.com/ Frame BD63
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YOj8pu882BbQRl1VrXga2wAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEByxUS8Oo-rFQuZl886PNEE&google_cver=1&gdpr=1
43 B
1000 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEByxUS8Oo-rFQuZl886PNEE&google_cver=1&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusermatch.targeting.unrulymedia.com%2Fusermatch%2Fcasale%2F&s=182257&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 10 Jul 2021 01:49:26 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 10 Jul 2021 01:49:26 GMT

Redirect headers

pragma
no-cache
date
Sat, 10 Jul 2021 01:49:26 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEByxUS8Oo-rFQuZl886PNEE&google_cver=1&gdpr=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
325
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum.casalemedia.com/ Frame BD63
Redirect Chain
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1&gdpr=1
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1625968166&gdpr=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1625968166&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusermatch.targeting.unrulymedia.com%2Fusermatch%2Fcasale%2F&s=182257&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 10 Jul 2021 01:49:26 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Sat, 10 Jul 2021 01:49:26 GMT

Redirect headers

location
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1625968166&gdpr=1
pragma
no-cache
date
Sat, 10 Jul 2021 01:49:26 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
content-length
0
expires
0
sync
x.bidswitch.net/ Frame BD63 		43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=index&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusermatch.targeting.unrulymedia.com%2Fusermatch%2Fcasale%2F&s=182257&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.28.82.26 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Jul 2021 01:49:26 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
bridge
cm.adgrx.com/ Frame BD63 		43 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusermatch.targeting.unrulymedia.com%2Fusermatch%2Fcasale%2F&s=182257&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.251.241.204 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 10 Jul 2021 01:49:26 GMT
server
Cowboy
P3P
CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate, proxy-revalidate
Connection
keep-alive
Content-Type
image/gif
X-RealServer-NX
ams-delivery-6
Content-Length
43
Expires
Thu, 23 Sep 2004 17:42:04 GMT
RX-a399cdfd-f431-4a18-9179-44ff40a40442-003
sync.targeting.unrulymedia.com/csync/ Frame BD63
Redirect Chain
  • https://usermatch.targeting.unrulymedia.com/usermatch/casale/YOj8pu882BbQRl1VrXga2wAA%261182
  • https://sync.1rx.io/usersync/index/YOj8pu882BbQRl1VrXga2wAA&1182
  • https://sync.targeting.unrulymedia.com/csync/RX-a399cdfd-f431-4a18-9179-44ff40a40442-003
43 B
395 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.targeting.unrulymedia.com/csync/RX-a399cdfd-f431-4a18-9179-44ff40a40442-003
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusermatch.targeting.unrulymedia.com%2Fusermatch%2Fcasale%2F&s=182257&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.44 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Jul 2021 01:49:26 GMT
server
Tengine
content-length
43
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

Redirect headers

location
https://sync.targeting.unrulymedia.com/csync/RX-a399cdfd-f431-4a18-9179-44ff40a40442-003
pragma
no-cache
date
Sat, 10 Jul 2021 01:49:26 GMT
cache-control
no-store, no-cache, must-revalidate
server
Tengine
content-type
text/html
expires
0
cs&eq_cc=1
um2.eqads.com/um/ Frame FF42
Redirect Chain
  • https://um2.eqads.com/um/cs
  • https://um2.eqads.com/um/cs&eq_cc=1
186 B
370 B 		Document
General
Check archive.org
Download Go to
Full URL
https://um2.eqads.com/um/cs&eq_cc=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusermatch.targeting.unrulymedia.com%2Fusermatch%2Fcasale%2F&s=182257&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.170.231.210 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-170-231-210.compute-1.amazonaws.com
Software
/
Resource Hash
b0fab36d5959a43b669695c697271b26226496ae7e712562523671233122b76b

Request headers

:method
GET
:authority
um2.eqads.com
:scheme
https
:path
/um/cs&eq_cc=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ssum-sec.casalemedia.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
EQUser=UID=6ddcd206-585a-4478-b348-4ca1aba803a4
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ssum-sec.casalemedia.com/

Response headers

date
Sat, 10 Jul 2021 01:49:27 GMT
content-type
text/html; charset=utf-8
content-length
186
cache-control
no-cache, must-revalidate
expires
Sat, 6 May 1995 12:00:00 GMT
last-modified
Sat, 10 Jul 2021 01:49:27 GMT
pragma
no-cache

Redirect headers

date
Sat, 10 Jul 2021 01:49:26 GMT
content-type
text/html; charset=utf-8
content-length
41
location
/um/cs&eq_cc=1
set-cookie
EQUser=UID=6ddcd206-585a-4478-b348-4ca1aba803a4; Path=/; Domain=eqads.com; Expires=Sun, 10 Oct 2021 01:49:26 GMT; Secure; SameSite=None
usync.js
eus.rubiconproject.com/ Frame AD68 		31 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
1f7964a9eed46177442b02f011b5c78893bf4cc3b5f4c0023cabdcd2c33009cc

Request headers

Referer
https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 10 Jul 2021 01:49:26 GMT
Content-Encoding
gzip
Last-Modified
Mon, 14 Jun 2021 16:13:39 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=13886
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9276
Expires
Sat, 10 Jul 2021 05:40:52 GMT
usync.js
eus.rubiconproject.com/ Frame 6F22 		31 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
1f7964a9eed46177442b02f011b5c78893bf4cc3b5f4c0023cabdcd2c33009cc

Request headers

Referer
https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 10 Jul 2021 01:49:26 GMT
Content-Encoding
gzip
Last-Modified
Mon, 14 Jun 2021 16:13:39 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=13886
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9276
Expires
Sat, 10 Jul 2021 05:40:52 GMT
khaos.jpg
token.rubiconproject.com/ Frame 4604 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
3bafef7aa4e37890defcd73f0a080481
Content-Type
image/jpg
crum
dsum-sec.casalemedia.com/ Frame FF42 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=40&external_user_id=6ddcd206-585a-4478-b348-4ca1aba803a4&expiration=1633830567
Requested by
Host: um2.eqads.com
URL: https://um2.eqads.com/um/cs&eq_cc=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://um2.eqads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 10 Jul 2021 01:49:27 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 10 Jul 2021 01:49:27 GMT
khaos.jpg
token.rubiconproject.com/ Frame 4E7E 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
3bafef7aa4e37890defcd73f0a080481
Content-Type
image/jpg
khaos.jpg
token.rubiconproject.com/ Frame A6F9 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
3bafef7aa4e37890defcd73f0a080481
Content-Type
image/jpg
khaos.jpg
token.rubiconproject.com/ Frame F95B 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
3bafef7aa4e37890defcd73f0a080481
Content-Type
image/jpg
khaos.jpg
token.rubiconproject.com/ Frame AD68 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
3bafef7aa4e37890defcd73f0a080481
Content-Type
image/jpg
khaos.jpg
token.rubiconproject.com/ Frame 6F22 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
3bafef7aa4e37890defcd73f0a080481
Content-Type
image/jpg
chunk-3.a5567a56807692dc8b54.1625854580238.js
www.xxlmag.com/public/dist/desktop/ 		29 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.xxlmag.com/public/dist/desktop/chunk-3.a5567a56807692dc8b54.1625854580238.js
Requested by
Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.172 Culver City, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (lcy/1D6C) / Express
Resource Hash
63f697c640196cb7a53fc9d031a551b8a171a59f9e810d3eadb6570395fdb598

Request headers

:path
/public/dist/desktop/chunk-3.a5567a56807692dc8b54.1625854580238.js
pragma
no-cache
cookie
_fbp=fb.1.1625881763918.1138496845
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.xxlmag.com
referer
https://www.xxlmag.com/kanye-west-adidas-sneakers-nike-socks/?utm_source=morning_brew
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.xxlmag.com/kanye-west-adidas-sneakers-nike-socks/?utm_source=morning_brew
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-abgroup
B
date
Sat, 10 Jul 2021 01:49:27 GMT
content-encoding
gzip
age
24803
x-powered-by
Express
x-cache
HIT
x-ua-device
desktop
x-device
desktop
content-length
7504
last-modified
Fri, 09 Jul 2021 18:54:10 GMT
server
ECS (lcy/1D6C)
etag
W/"7323-17a8c9eba07"
vary
Accept-Encoding
x-varnish
1597680384 1597654166
via
1.1 varnish
cache-control
no-cache
gdpr-source
DE
set-cookie
gdpr-source=DE
accept-ranges
bytes
content-type
application/javascript
expires
Sat, 10 Jul 2021 01:49:26 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame D55F 		0
260 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156725&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Jul 2021 01:49:27 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
PugMaster
image6.pubmatic.com/AdServer/ Frame 29A9 		0
39 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=58675674&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Jul 2021 01:49:28 GMT
content-length
0
attachment-yungeen-ace-toosii-rico-nasty.jpg
townsquare.media/site/812/files/2021/07/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://townsquare.media/site/812/files/2021/07/attachment-yungeen-ace-toosii-rico-nasty.jpg?w=300&q=75
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.181 Culver City, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/674C) / Express
Resource Hash
d9fe239258e5c68ffc915ae0119bad5e80e940a3769e8ffaf1828d83a9d55a78

Request headers

Referer
https://www.xxlmag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-abgroup
A
date
Sat, 10 Jul 2021 01:49:33 GMT
via
1.1 varnish
age
630761
x-powered-by
Express
x-cache
HIT
x-carbon-image
compressed-gm
x-ua-device
desktop
x-device
desktop
content-length
18579
last-modified
Fri, 02 Jul 2021 18:36:32 GMT
server
ECS (frb/674C)
x-varnish
2449684571
access-control-allow-origin
*
cache-control
no-cache
gdpr-source
DE
accept-ranges
bytes
content-type
image/jpeg
expires
Sat, 10 Jul 2021 01:49:32 GMT
attachment-yungeen-ace-toosii-rico-nasty.jpg
townsquare.media/site/812/files/2021/07/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://townsquare.media/site/812/files/2021/07/attachment-yungeen-ace-toosii-rico-nasty.jpg?w=300&q=75
Requested by
Host: www.xxlmag.com
URL: https://www.xxlmag.com/kanye-west-adidas-sneakers-nike-socks/?utm_source=morning_brew
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.181 Culver City, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/674C) / Express
Resource Hash
d9fe239258e5c68ffc915ae0119bad5e80e940a3769e8ffaf1828d83a9d55a78

Request headers

Referer
https://www.xxlmag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-abgroup
A
date
Sat, 10 Jul 2021 01:49:33 GMT
via
1.1 varnish
age
630761
x-powered-by
Express
x-cache
HIT
x-carbon-image
compressed-gm
x-ua-device
desktop
x-device
desktop
content-length
18579
last-modified
Fri, 02 Jul 2021 18:36:32 GMT
server
ECS (frb/674C)
x-varnish
2449684571
access-control-allow-origin
*
cache-control
no-cache
gdpr-source
DE
accept-ranges
bytes
content-type
image/jpeg
expires
Sat, 10 Jul 2021 01:49:32 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
pixel.tapad.com
URL
https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F108%2F3%2F7.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent=
Domain
id5-sync.com
URL
https://id5-sync.com/c/441/108/4/6.gif?puid=119907c5-7656-4f8f-8890-2e90e0e08cf5&gdpr=1&gdpr_consent=
Domain
pixel.tapad.com
URL
https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F108%2F3%2F7.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent=
Domain
id5-sync.com
URL
https://id5-sync.com/c/441/108/4/6.gif?puid=119907c5-7656-4f8f-8890-2e90e0e08cf5&gdpr=1&gdpr_consent=

Verdicts & Comments Add Verdict or Comment

133 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| TSM object| taskQ function| ga object| globalDimensionData object| dataLayer function| __tcfapi function| cmpFactory function| __cmp function| __uspapi object| cnvr_launcher_options object| googletag object| pbjs number| PREBID_TIMEOUT boolean| REQUEST_BIDS_ON_PAGE_LOAD boolean| SHOW_ADS_ON_PAGE_LOAD function| pbjsChunk object| _pbjsGlobals object| mnet object| pbjsBidderSettings object| apstag object| twttr function| fbq function| _fbq object| ZERG object| __INITIAL_STATE__ object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| gaDevIds object| core object| conversant object| FB object| headertag object| __twttrll object| __twttr object| ggeac object| google_js_reporting_queue boolean| apstagLOADED object| webpackChunkexpressblog object| regeneratorRuntime object| bidLog function| initCarbon function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter undefined| google_measure_js_timing object| cmpConfig function| fbAsyncInit function| onYtEvent object| google_reactive_ads_global_state object| __s object| instgrm function| setImmediate function| clearImmediate object| __$$GLOBAL_REWIRE_REGISTRY__ function| __rewire_reset_all__ object| AirTV function| startAirTVManager function| atvTwoView number| __$$GLOBAL_REWIRE_NEXT_MODULE_ID__ object| ATVBackupClientData object| hindsight boolean| cf_async function| gtag object| scriptUrl object| ttPolicy object| YT object| YTConfig function| onYTReady boolean| hindsight_loaded object| google_tag_manager object| yt function| ytDomDomGetNextId object| ytEventsEventsListeners object| ytEventsEventsCounter object| ytPubsubPubsubInstance object| ytPubsubPubsubTopicToKeys object| ytPubsubPubsubIsSynchronous object| ytPubsubPubsubSubscribedKeys object| ytLoggingTransportGELQueue_ object| ytLoggingTransportTokensToCttTargetIds_ object| ytLoggingGelSequenceIdObj_ object| ytglobal object| ytPubsub2Pubsub2Instance object| ytPubsub2Pubsub2SubscribedKeys object| ytPubsub2Pubsub2TopicToKeys object| ytPubsub2Pubsub2IsAsync object| ytPubsub2Pubsub2SkipSubKey object| cf function| getArticleEntities object| json2097824 object| __bt_tag_d object| __bt_intrnl boolean| __bt_already_invoked function| udm_ object| _comscore object| COMSCORE object| PublisherCommonId

2 Cookies

Domain/Path Name / Value
.xxlmag.com/ Name: _fbp
Value: fb.1.1625881763918.1138496845
www.xxlmag.com/kanye-west-adidas-sneakers-nike-socks Name:
Value: test

1 Console Messages

Source Level URL
Text
console-api warning URL: https://confiant-integrations.global.ssl.fastly.net/MbZTQS496EB4Sd27ILU4rbHXnJ8/gpt_and_prebid/config.js(Line 116)
Message:
Confiant Current configuration is set not to monitor, please contact support@confiant.com

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5352434.fls.doubleclick.net
a.teads.tv
abs-0.twimg.com
action.dstillery.com
action.media6degrees.com
ad-cdn.technoratimedia.com
ad.turn.com
ads.betweendigital.com
ads.creative-serving.com
ads.pubmatic.com
adservice.google.com
adservice.google.de
ap.lijit.com
apex.go.sonobi.com
api.conversant.mgr.consensu.org
api.rlcdn.com
api.solutionshindsight.net
apis.google.com
as-sec.casalemedia.com
b1sync.zemanta.com
bh.contextweb.com
btloader.com
c.amazon-adsystem.com
c.bing.com
c1.adform.net
casale-match.dotomi.com
cdn-sp-s3.air.tv
cdn.conversant.mgr.consensu.org
cdn.production.townsquareblogs.com
cdn.syndication.twimg.com
cdn.undertone.com
cm.adgrx.com
cm.ctnsnet.com
cm.g.doubleclick.net
cm.smadex.com
cms.quantserve.com
confiant-integrations.global.ssl.fastly.net
connect.facebook.net
contextual.media.net
counts.air.tv
cs.admanmedia.com
cs.emxdgt.com
csync.loopme.me
dis.criteo.com
doi3unldljdx6.cloudfront.net.
dsum-sec.casalemedia.com
dsum.casalemedia.com
e.serverbid.com
eb2.3lift.com
embed.air.tv
eu-u.openx.net
eus.rubiconproject.com
events.air.tv
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
g2.gumgum.com
go.sonobi.com
hb.undertone.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
i.clean.gg
ib.adnxs.com
id5-sync.com
idsync.rlcdn.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
image8.pubmatic.com
img1.zergnet.com
img2.zergnet.com
img4.zergnet.com
js-sec.indexww.com
krk.kargo.com
link.morningbrew.com
match.adsrvr.org
match.prod.bidr.io
odr.mookie1.com
pagead2.googlesyndication.com
pbs.twimg.com
pixel.advertising.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.tapad.com
platform.instagram.com
platform.twitter.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prebid.media.net
proc.ad.cpe.dotomi.com
pubmatic-match.dotomi.com
rtb.adentifi.com
s.amazon-adsystem.com
sb.scorecardresearch.com
secure-assets.rubiconproject.com
secure.adnxs.com
secure.cdn.fastclick.net
securepubads.g.doubleclick.net
serverbid-sync.nyc3.cdn.digitaloceanspaces.com
simage2.pubmatic.com
simage4.pubmatic.com
srv.clickfuse.com
ssum-sec.casalemedia.com
static.solutionshindsight.net
stats.g.doubleclick.net
storage.googleapis.com
sync-tm.everesttech.net
sync.1rx.io
sync.go.sonobi.com
sync.mathtag.com
sync.serverbid.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync.technoratimedia.com
syndication.twitter.com
targeting.unrulymedia.com
tlx.3lift.com
token.rubiconproject.com
townsquare.media
townsquaremedia-d.openx.net
um.simpli.fi
um2.eqads.com
ups.analytics.yahoo.com
us-u.openx.net
usermatch.targeting.unrulymedia.com
usr.undertone.com
video.unrulymedia.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.instagram.com
www.xxlmag.com
www.youtube.com
www.zergnet.com
x.bidswitch.net
id5-sync.com
pixel.tapad.com
104.109.78.125
104.111.219.144
104.111.247.126
104.244.42.136
104.244.43.131
107.21.58.76
13.224.192.221
13.224.192.34
13.224.193.35
13.224.193.72
13.225.74.103
13.225.74.18
13.225.74.79
13.225.74.96
134.209.131.220
142.250.181.226
142.250.184.194
142.250.185.134
151.101.114.49
151.101.13.194
151.139.128.11
152.199.22.191
159.253.128.188
162.55.6.211
167.172.1.14
178.162.133.148
178.162.133.149
178.162.133.150
178.250.0.163
18.158.84.255
18.195.155.181
18.195.223.2
185.29.135.227
185.64.189.110
185.64.189.112
185.64.189.114
185.64.190.78
185.64.190.79
185.64.190.80
185.64.190.81
188.42.196.115
192.229.233.172
192.229.233.181
192.229.233.218
193.122.174.27
198.148.27.139
2.18.232.7
2.18.233.180
2.18.234.21
2.18.235.93
2.19.35.65
2.21.111.28
2001:678:cb4:bbbb::11
205.185.216.42
213.19.147.43
213.19.147.44
213.19.162.61
216.52.2.48
2600:9000:20eb:e400:7:7419:8e80:21
2600:9000:21f3:d200:1f:2473:9080:93a1
2606:2800:134:1a0d:1429:742:782:b6
2606:2800:134:fa2:1627:1fe:edb:1665
2606:2800:234:59:254c:406:2366:268c
2606:4700:20::ac43:4686
2606:4700::6812:b4f
2620:116:800d:21:51e4:db4b:4436:b305
2620:1ec:c11::200
2a00:1288:110:c305::8000
2a00:1450:4001:803::2003
2a00:1450:4001:803::200e
2a00:1450:4001:808::2002
2a00:1450:4001:810::2008
2a00:1450:4001:812::2002
2a00:1450:4001:813::200e
2a00:1450:4001:827::2003
2a00:1450:4001:828::2010
2a00:1450:4001:829::200e
2a00:1450:4001:82f::200a
2a00:1450:4001:830::2002
2a00:1450:4001:831::2002
2a00:1450:4001:831::2004
2a00:1450:400c:c08::9c
2a02:fa8:8806:13::1400
2a02:fa8:8806:13::1460
2a02:fa8:8806:20::2010
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f12d:181:face:b00c:0:25de
2a03:2880:f22d:1c2:face:b00c:0:43fe
2a03:2880:f22d:1e6:face:b00c:0:4420
3.120.83.159
3.126.56.137
3.226.166.212
3.230.83.122
3.65.212.7
3.66.135.160
34.107.148.139
34.120.133.55
34.195.13.237
34.203.157.179
34.233.22.207
34.95.69.49
34.98.67.61
35.170.231.210
35.186.193.173
35.244.159.8
35.244.174.68
37.157.2.237
37.252.173.62
52.209.246.140
52.28.82.26
52.3.173.52
52.46.130.13
52.59.28.101
54.175.198.118
54.246.2.88
54.77.19.59
69.173.144.138
70.42.32.95
72.251.241.204
76.223.111.131
88.214.206.247
00358559572e7ad470632eec7b315c5088d58b5636f2d0cbaaf9750c0854fef0
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
056ccd5e8ec88538c0b43f5e14b16b184841b4e8dc0f6539e3c66177bc78f277
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
069a30f19020243cb38546e37d2bdfbd9e07c048fcf9dab8a7bad2c637267448
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0ad8c1cad151121c0384d90b19299fa487a4ee2fd1a6df3ae9785a0bb8d751b3
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0cc47319b82a519bfb4538712056d891530b44750cee29e544614d447dae46a5
0d04e71ee75511c9ff59731721f7050a7b4545a398ec0f143a12c4bcac1272ac
0d17b8a38d3dce6f7357bbc8da105d92c21b6cf1c4b92351ce2b1861b065f2c5
0d8d1736e7e99fdc0ec83890bcfc98ab317bfc86c662ac7d323f2672aa7bd8fb
0e4f0cc2a47e98ed56d5416afb1177b7337b7dc7cf561d9297854f527a9796d2
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
0f4b08d07ecca9f8fcaf108ea78bb163fc98cfc19a844bd0f87412ab34a41873
0f9e1044ba4d3673a42486e3b9582e3abce2aab922ce013964928d9dc4331ee0
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1239cded17181826afb25a505191b6e0951b6dedc4548aedfcb6f05e04eab1cf
160a189978d8d578dbaf912cefefd4125c5569a5d2a7167056fe4afbb6415a34
178171f30377b443b6ededda85d26c0b34d9b464b121624f76a5e6614f012c81
17c048bfb0138677a5774ee0301b7858b6d3fa8620fcaf62b6b81a0b5a37996a
1f7964a9eed46177442b02f011b5c78893bf4cc3b5f4c0023cabdcd2c33009cc
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba
263627ec362c25037d69022de008fad33cf85ec7267604a5ae5c8e6fe4ad9e38
2647ed1a2695a9787bc1248239c8c67fd19c39bf87c6e7230894029ce048f8b7
2aad1dea74398906714d858498fcf050795f15a08fac55ce829a107393b5cfa6
2b7117da712636bd1588d8fbfff0656f73a0f24cf2f281a544d87ef1e0e5009b
2d4b82db5678f0d8db66c3f3de0fc55ff36e549cbe8f2ddb7674a06983acf668
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
3073e183f9d1b901ff9a95374c77381ffc5a33cfdd4bc72299e1963a0bbecc23
31bd748eed0b2ce2a8e6f12ddf429c47a2871a2f30511a373ff968ceee89af59
33e35e9cfc120a2f7a56d46bd1abb9e882362d11f5c89fc521b5f204ac423d71
3400c27c9329fc2805aa324d61c60db41f90c338450da456b31cde72fd83122c
34cad758a4aebd79ec581e62ae41580624eca853b967b61a454392ac04c3da70
35d8fab4de39fe80bb0c6c7a52d2b956d466e634b247f25d1bc757821b436356
3647e350b3326ddc80e0d95a654cdd57e08d8b129a74afd29a18a14aa06e9a6a
3815663ad1cbdd3b18afdb004ee6517f0ac84ca8ba61097d273a8c7e1f96c4ae
38557bb8483434b6ad5e1d1a5e3b24ef800f7c63845322e8d67c8f7d041dde25
38e1e6c680ef39235e64726496ece6b39355e5fb5d2ff9f94881393427ef9d67
3970c3c3d7b0d73d57a25b99e124c1e7c7c942b9a40548cbf25b80b97bb09d75
3df0f55dc774614d921e09908335f5f8e0efa548808159760367ff3db5936a32
3ec29425890291318343f76b3eb2f93e91fbfdbc0b014208306224c530a2a735
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
404c99a291c53119a6bc17d791918a0c258daa0b2ff5740d8387da180085cc35
426d4db7bb4ca89f374e8c1b85807741e44b26a8d1691517f670256125624134
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
458d574a06157b29babfa4cde96fd9acd377e6902d8c1554eafef56abb010074
46375ee9192c1e0f6eabe4d32b2a48b996b93037f7b4beb970df5b87359548fd
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b811923f5f695a9e5bf95b923a0797cd12b60f0117ffebdfe67e928d7fe065a
4d41f53df2e8dcc2797bf83287d8f9a570ef9fb5f0fa5cfe4949e6f050e088f2
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
53b907326f7c21a04f6d39cc32ff471aafec57d887feabfabb53394f378c659f
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54e66b560fe6ce3453ba832987b3462fb2bd248de6edc3d3b6e74eacb672e4d8
55e4952be9599ffd0c411a904a954ac984ed919d612ac2c044545a373aebd1f8
565ec882d90ff8249397521b7d93ac88000c5dc393537027240dd87e73b8eb55
5c6710ddd5aae0af9576f28990d0541e6cbf75bc7b48c91d05828906d41816ad
5d4dfa89c461f6df0531fc1e2035a40da01b3454b3815d3743a1416ffa183111
5f789ea36ae4671282524bda454709578d63b915b782c1e041132a7e726ff1c3
60c5dd72d42ad2497a5da20b22ee48321f030d9195af3dc80edb611a2e53df50
6134c3420e217cd48d264fd5e1f53b07ee65494eb2ad3605c10e5778c8a6bb8c
626a8fa9f58eb3fc3f5f9584963872182f66e5239d1f400286c5edeff1e155f7
62ce7500ebcaf2cee5e868e3351b6f00fb7a1594c05b2ad392e6aef5a21e2333
63a67ea2c5f13a03914a7ef0d0d19f57b070126599aab48493500e1f4a98aa90
63f697c640196cb7a53fc9d031a551b8a171a59f9e810d3eadb6570395fdb598
64483cca08c29e2cab76ff3335a70509b92b2e3f0286bf5e9c8f9e3a69342e3a
64d2653d551fc8075979181b1d93b46f8a0f58dbc0b7b47480304a12b011c65e
64efdf33ff487ad815c53fe5f819454efd9364a0382e5f410972cfaa918fb66a
672023609a3b981262a361332c1c8d3801c1beaf544eb99eb47cc4557761c7be
679cf9eb13939003252c7f3eeae69f3bd141de69f5057b49e9412e5f8bfc63ce
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6b2b5b05933a00a9e1beb6e53fba22bf77feaa3c203e361d637985750fec4bab
709bf6bebe72962aa04f730f56811e7e520362994ae3fa8383139ac14c97e62e
73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89
73f78905a0f9875ea0aad23633e3a6a81c164a0521c73de26224fde6e759b0df
770171b650e81b66f2c23eece155ff06cc78a5deadc3e457402b4968772a1aa2
77ea2d2ab130dbeb2f5143593d6ad16e57c5f51e5610405a07ade4c6b408da7c
79c239516e5e88e406844b029dd7e94214c5990880e6646ac9d64e6ce05c4b07
7a933c4fef2fedf2a2176cff6375dab356cdd4f22ecbb7586e707bd696370ee1
7b612ff529725ae692fe908ca7abab4d85d2cf65d40a0490185df84bc1bf5654
7c370d9536d7d0d6a0f7cd7f9826692acd93e4fb05ba46f7b630b879740343d3
7d49f88b90f553cdef1d578c9217e5951d1b3095ec5616ef31ac395207bab918
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c
7f500782cb117cf91e9efdb60a0f9dcc445cdcf735f4399690d7d8079f346d68
802f98225351115f877da6651f3d564131d75d97b9806227fcebcde25e910f72
815ee379589e2686af0a423df3987810358aaa03ea11a46250de270ad307a383
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
86018f7ff582c389667998ea4eea5c36253abc3e54e7b97d1f2312a038609bba
863b0e04b9e8af02d763cb98563ca8d9f80c6b99a3ec2eb6395db229bc3f8ba9
893ceb2ff84c4dc7e5519c40d57efe2d6b6cd4969cef99794212dcaf823448be
89ac2bb731bfe1627906d7de38175948399c2ec491351f424479ce1007ee5166
8b048afbd55fc3c471847a4345d630cb1fb88c66fc96a0d7505d56259f54c30c
8d382d8744e1c760c0b4f3c9b4bab898ef226983a3d57a2c3bd1393a9fe7b3c6
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
9005ef18fcfb3897cd13c7ec73f90d2b0da0cc7d6153be58cdbe90ad5e2741c8
903eb8f1cc364e01930ba03579f049a72794aa91d1a5842a2edb6365e436bb7c
93166d31b9fcb0ed058eaff3a9c4cf225964d2eae33ab8f0a15ad82f730fe7e4
98935a189dff5d17ee08b1c0c990c2c15e04bc6b2ad21653be11e89d342f5811
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9ce5da126d34ac055e3afeb3fca767aac19ddcf30e191977540c9fa26440a9fb
9da46ce79c8b8974cb54bb29150e433a4c6ea6fbd3721c9d7e7fc402cd9202ca
9fe8e056e719eda00a080764b82240552e04ca6b449c5cb5ef36d5554e3bce9f
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a09bc7a911d1369719b974f3a9c6d24c909d74f669b690a59300f92857db0f59
a12b87855b6403c6f73092396d80541a6984aae03097a637769291d9cad15d19
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a2699cc909bdef9af6474579102a1114f4f81ad3b7319b0e89f09be85a57664f
a71138bec5eca04da7fc6e41b176c80ab023e76f1149ced24ff0a04af4c478f9
aa12675594ab44d98466d28aeb35917cf7a50687af4591f06ef0d5e537c923b5
aa35aece945b1b1e3e8f5b33ad501c801e625ae22c3cc37231e38b0503c2451a
aa7d92941b9efd02d014d965ab109ad48bf19a56d6de058a5a66634a9a1e6501
ab106619cd53cba1c09e1b3aedcf87dc90958fef3b886f9107a0ae94f5dd7733
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ae8f93e7e95dcee9817424ab34f5d8c64ad35cbe0904a23bcf42ddadaa6e181e
b0fab36d5959a43b669695c697271b26226496ae7e712562523671233122b76b
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2356aed5938ce28ef3b446c3567c5cb836fdb2188e0cd0019ce0269ec351665
b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d
b3e3972688b431bcf21224f57c1258952dc5faa80b92f1cd7123c9e417b0fe0b
b4a67181746e8ea24691e5b7e7c34d99575e66402f5287374bb79788e19523ab
b63a946a54c90afbbbdac017375920c04e9d60bd57bf49ed27500db26ac2e78e
b920759f5ba868ff7a8fa71208a7746bfd37babe29c116ba245522f8cc492b82
ba09e780460eda7e29db596aa2588dd79d50a3cb26e2260a9d85842e07d4e813
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bcce16468496437c5089ea25ac4a21df4b96043deb2220bda588d72283991fff
bcdf010ba3dc61605c33de9b33e7e76dbc3bb4326dcec49f33970345e517fb25
bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4
bef0b3b88c21ef2445ef94eff8cceb4215f6689193782121cee06c7eaa6e81a1
c12860c7047a35a8ed64bd38e76381000922a3066b12d62ecd45d24d3c8b04db
c1f87b6ebedfe2a978cb946c520baf745f8e3a4b47c690f9c7b353a84f7b53ca
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c264f0f7b928a1d43e7de3f662d9212e5652c1bc05d35e240aaa10800e71cd20
c30fb1567d9ea1b5fbb71380c31ba5304bd4923445af99b31c85fd2dfe7e24cd
c37bf160d88f9d8bdc34b0b12b5bd574129146493466d6398afcf953b2bae9fb
c491e6b83c202765a61599c43681a189388c95c08906016ebfc0b15a4fb50f1a
c4949740bfe0c034bf2ed6876e670a8259f07cba2a05fda32d96f2356a0057d2
c84737ed98fba5d40474804773fa4a889faad2a9f5a7f049c1d850494e9b5f39
c867104326e3c4b658209d8e5bcea0900aaf7fbc2bbc181ca01c482cac2810f3
c9815821ab1442501b9e9bae3d4bc5730315d6a513c8b40141b2d47b76da1916
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cd2557c29dc89ce0c38c463796e56b035ccce3e135badad39b0597c3a0048407
ce2c83aa57d73b90ff0266ebe6d8631a0a090a0406e1108a36056a28b7128a61
ce9f02cb93d28eea66a9173abfa43c724815d54664e4dc0cace6cc3cde1dc360
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d10b167ace3ba921bc305dc762610e7f7510700e9e32896d7b982c676f8b3474
d17fa10f09a5341769a9ec96719afe66d1ec8f4dfebce93dd83dc35d51deb018
d24cce11d515f5fedf0d2558da76570f087dfd8c3dbbde70396d9b8b4809778e
d317b24dfaefebb2b238c856123fb07cf5e74c0a0db2140f47a637e1c7f7c65a
d3f7bd016c6b1728f467dd32befabe05b7d286e708250e37bf75090025a2c2ae
d7029dd4d968b866f214b82030dc230c2b1cd6909195ad48f87559eb8187f4d7
d7397d75317e2a7a0ee6589027e161572424e4208f5f380685f9dbfcec5a832a
d7cd09b590143e055a2a0bbfa2b87359e72b419db9f29ecdf3e946fc08c74a56
d9fe239258e5c68ffc915ae0119bad5e80e940a3769e8ffaf1828d83a9d55a78
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dd8ed08918b5a70cf9632627e0146160d5d89606102baf9b90b06a62c0fe6992
de6bfdf9ff0a2da5cf6e7f959ff0298d69a2eba4d4fafc5a457dd9513e2147b6
dfb9e7b02c57ff3ecb7ff5a75e4b8248f13ad2b8470923768c66b872f17f75b1
e05edf2ae58e3a9f1d2a84d32a8b216fd0aece46f527b58dcbce75255989ea88
e09ea960e63f26275ad9579ab9f3b0ca692a7efdb07512121c490aaf54ef2e73
e234846850c3079c7c9cc4d85b130b7d68a3508194e6748da30e6a52b59df697
e2abfacd7e7b062fc91f795e9f8595dd8f50487981c5e031a57771cde107d082
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e783044b6633569f7444468ce582cad2d185e208440d8b5c28ca51b8910325e1
e88202b7d4aa0af217e4e1a913095f30ed7e4f29777632db674cb740f3e052f7
ec6cb1ecb7a1a6b2fc9d46770a569eb42dfbbee2f4e845c7d9436229041e94d3
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f071d697956d9541147ab96a77fc2bf09c6fb091f9e3fa6fc3772e8ceea34fa4
f0c6c17bbefb440a7e7ee03a4363aeba33a7c57345af065c670848e8fd40a4b5
f557eace0ab7f5c416209ea3b01c21e6bb36e52bb87b8e1ddc762c9b4ad2f94f
f55fdfabe595363032c7909158714a72825276b03affb5781386d4f7d1c73d0a
f5a817a0e872fa93e9fb1c4464b70edb1479403d1dc0b70d9db31d5f14b62e65
f8dbd66c17987bc2cfd86e4e23bad4ab3b72f6f3abe4a48d9c65051d8895844c
fa18546f5b5a6667698d38979f6142d1342535e5e2a382348f9d4dca5d7d6965
fd140742c354c506c7bb90f383e236b9b6886581b286fa810ebdd27540181846
ff4be6c2c6353787988eec589cb922594604bcc52fb3e45226f7e741605d4e48
ff8efe03e36fae8294a9f7448f03cd707e09935b213ea2d445efcbcab7370790