urlscan.io logo urlscan.io
SecurityTrails logo

www.wxyz.com Open in urlscan Pro
18.66.112.117  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.wxyz.com/news/coronavirus/covid-19-vaccine/35-michiganders-have-died-after-getting-the-covid-vaccine-but-...
Submission: On October 19 via api from QA — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 102 IPs in 8 countries across 84 domains to perform 420 HTTP transactions. The main IP is 18.66.112.117, located in United States and belongs to AMAZON-02, US. The main domain is www.wxyz.com.
TLS certificate: Issued by Amazon on February 5th 2021. Valid for: a year.
This is the only time www.wxyz.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
5 18.66.112.117 16509 (AMAZON-02)
4 18.66.112.48 16509 (AMAZON-02)
1 143.204.101.77 16509 (AMAZON-02)
2 104.16.149.64 13335 (CLOUDFLAR...)
5 2.16.186.59 20940 (AKAMAI-ASN1)
3 172.67.214.69 13335 (CLOUDFLAR...)
7 2.18.234.190 16625 (AKAMAI-AS)
7 18.66.248.52 16509 (AMAZON-02)
1 142.250.185.168 15169 (GOOGLE)
4 18.66.242.230 16509 (AMAZON-02)
16 2.21.143.57 16625 (AKAMAI-AS)
9 52.222.210.175 16509 (AMAZON-02)
1 2.21.140.74 16625 (AKAMAI-AS)
2 4 2.19.35.65 16625 (AKAMAI-AS)
1 104.92.82.154 16625 (AKAMAI-AS)
4 185.60.216.19 32934 (FACEBOOK)
7 2.21.143.94 16625 (AKAMAI-AS)
1 18.66.100.58 16509 (AMAZON-02)
1 19 151.101.2.137 54113 (FASTLY)
2 192.229.220.181 15133 (EDGECAST)
1 52.85.112.22 16509 (AMAZON-02)
1 54.144.144.142 14618 (AMAZON-AES)
1 2 142.250.184.198 15169 (GOOGLE)
2 13.32.121.95 16509 (AMAZON-02)
3 5 91.228.74.198 16509 (AMAZON-02)
1 3 13.35.253.71 16509 (AMAZON-02)
2 3 66.155.71.25 13768 (COGECO-PEER1)
8 142.250.74.206 15169 (GOOGLE)
1 35.227.203.93 15169 (GOOGLE)
1 3.10.67.38 16509 (AMAZON-02)
1 104.76.200.23 16625 (AKAMAI-AS)
2 35.172.245.152 14618 (AMAZON-AES)
1 18.66.97.81 16509 (AMAZON-02)
1 104.18.11.207 13335 (CLOUDFLAR...)
1 69.16.175.42 20446 (HIGHWINDS3)
21 142.250.184.226 15169 (GOOGLE)
3 142.250.185.226 15169 (GOOGLE)
4 3.138.43.101 16509 (AMAZON-02)
1 34.96.74.203 15169 (GOOGLE)
6 142.250.186.74 15169 (GOOGLE)
5 64.202.112.63 22075 (AS-OUTBRAIN)
2 151.101.14.132 54113 (FASTLY)
3 185.60.216.35 32934 (FACEBOOK)
2 66.102.1.155 15169 (GOOGLE)
1 142.250.186.34 15169 (GOOGLE)
3 18.156.195.47 16509 (AMAZON-02)
4 17 165.227.252.242 14061 (DIGITALOC...)
2 69.173.144.143 26667 (RUBICONPR...)
3 9 185.33.221.50 29990 (ASN-APPNEX)
12 35.244.159.8 15169 (GOOGLE)
7 52.208.41.69 16509 (AMAZON-02)
2 3.124.87.92 16509 (AMAZON-02)
3 34.149.20.76 15169 (GOOGLE)
26 172.217.16.134 15169 (GOOGLE)
2 151.101.194.137 54113 (FASTLY)
15 18.203.131.238 16509 (AMAZON-02)
7 142.250.186.98 15169 (GOOGLE)
5 142.250.185.65 15169 (GOOGLE)
1 52.202.168.65 14618 (AMAZON-AES)
4 18.159.21.129 16509 (AMAZON-02)
8 142.250.185.162 15169 (GOOGLE)
17 142.250.184.225 15169 (GOOGLE)
1 3 142.250.185.196 15169 (GOOGLE)
3 151.101.1.194 54113 (FASTLY)
3 3.129.116.66 16509 (AMAZON-02)
1 142.250.185.202 15169 (GOOGLE)
1 142.250.184.195 15169 (GOOGLE)
2 172.217.166.3 15169 (GOOGLE)
1 1 142.250.186.174 15169 (GOOGLE)
3 74.125.104.104 15169 (GOOGLE)
6 6 185.29.134.248 30419 (MEDIAMATH...)
2 205.185.216.10 ()
4 14 76.223.111.18 16509 (AMAZON-02)
1 208.100.17.176 ()
4 151.101.65.108 54113 (FASTLY)
6 104.109.78.125 16625 (AKAMAI-AS)
3 5 185.33.220.244 29990 (ASN-APPNEX)
5 6 37.157.6.252 198622 (ADFORM)
3 8 13.248.242.197 16509 (AMAZON-02)
8 14 142.250.186.66 15169 (GOOGLE)
2 108.174.11.69 ()
3 4 212.82.100.176 34010 (YAHOO-IRD)
3 5 18.184.28.154 16509 (AMAZON-02)
2 204.79.197.200 8068 (MICROSOFT...)
2 4 209.54.177.54 ()
2 2 50.31.142.31 ()
3 3 46.228.164.11 56396 (AMOBEE)
4 4 69.173.144.165 26667 (RUBICONPR...)
1 87.248.118.23 ()
4 69.173.144.139 ()
3 3 151.101.2.49 ()
3 2.18.233.180 ()
2 2 35.186.253.211 ()
4 4 54.93.133.131 ()
3 3 18.156.0.31 ()
4 4 2.18.234.21 ()
4 4 216.52.2.39 ()
2 72.34.250.75 ()
2 104.18.99.194 ()
1 198.47.127.19 ()
2 2 213.155.156.169 ()
7 185.64.189.110 ()
1 178.250.2.151 ()
1 1 85.114.159.118 ()
11 185.64.190.80 ()
1 1 162.55.6.211 ()
3 3 213.19.147.44 ()
1 72.251.241.204 ()
1 1 188.165.137.78 ()
1 104.21.192.83 ()
1 2 104.18.12.5 ()
1 2 151.101.1.44 ()
1 169.197.150.8 ()
2 185.64.189.114 ()
1 159.253.128.188 ()
2 2 35.210.53.219 ()
1 63.215.202.137 ()
1 1 159.65.196.12 ()
1 1 34.98.107.212 ()
420 102
5    18.66.112.117 (United States)

ASN16509 (AMAZON-02, US)
www.wxyz.com
4    18.66.112.48 (United States)

ASN16509 (AMAZON-02, US)
ewscripps.brightspotcdn.com
1    143.204.101.77 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-101-77.fra50.r.cloudfront.net
d25dfknw9ghxs6.cloudfront.net
2    104.16.149.64 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.cookielaw.org
5    2.16.186.59 (Ascension Island)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-59.deploy.static.akamaitechnologies.com
use.typekit.net
3    172.67.214.69 (United States)

ASN13335 (CLOUDFLARENET, US)
use.fontawesome.com
7    2.18.234.190 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-190.deploy.static.akamaitechnologies.com
widgets.outbrain.com
widget-pixels.outbrain.com
7    18.66.248.52 (United States)

ASN16509 (AMAZON-02, US)
assets.scrippsdigital.com
1    142.250.185.168 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f8.1e100.net
www.googletagmanager.com
4    18.66.242.230 (United States)

ASN16509 (AMAZON-02, US)
d2s8wlbatk24s7.cloudfront.net
16    2.21.143.57 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a2-21-143-57.deploy.static.akamaitechnologies.com
sejs.moatads.com
px.moatads.com
z.moatads.com
9    52.222.210.175 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-210-175.fra56.r.cloudfront.net
c.amazon-adsystem.com
1    2.21.140.74 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a2-21-140-74.deploy.static.akamaitechnologies.com
hbx.media.net
4    2.19.35.65 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-35-65.deploy.static.akamaitechnologies.com
ads.rubiconproject.com
secure-assets.rubiconproject.com
1    104.92.82.154 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-92-82-154.deploy.static.akamaitechnologies.com
p.typekit.net
4    185.60.216.19 (Ireland)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-frx5.fbcdn.net
connect.facebook.net
7    2.21.143.94 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a2-21-143-94.deploy.static.akamaitechnologies.com
tcheck.outbrainimg.com
images.outbrainimg.com
1    18.66.100.58 (United States)

ASN16509 (AMAZON-02, US)
cdn.parsely.com
19    151.101.2.137 (United States)

ASN54113 (FASTLY, US)
cd.connatix.com
cds.connatix.com
img.connatix.com
vid.connatix.com
2    192.229.220.181 (United States)

ASN15133 (EDGECAST, US)
x-default-stgec.uplynk.com
1    52.85.112.22 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-112-22.hel50.r.cloudfront.net
ob.cheqzone.com
1    54.144.144.142 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-144-144-142.compute-1.amazonaws.com
p1.parsely.com
2    142.250.184.198 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f6.1e100.net
4394967.fls.doubleclick.net
2    13.32.121.95 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-95.fra60.r.cloudfront.net
api.ewscloud.com
5    91.228.74.198 (United Kingdom)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
pixel.quantserve.com
3    13.35.253.71 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-253-71.fra6.r.cloudfront.net
sb.scorecardresearch.com
3    66.155.71.25 (Southampton, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
pixel.sitescout.com
pixel-sync.sitescout.com
8    142.250.74.206 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f14.1e100.net
www.google-analytics.com
1    35.227.203.93 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 93.203.227.35.bc.googleusercontent.com
pymx5.com
1    3.10.67.38 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-10-67-38.eu-west-2.compute.amazonaws.com
mb.moatads.com
1    104.76.200.23 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-76-200-23.deploy.static.akamaitechnologies.com
hblg.media.net
2    35.172.245.152 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-172-245-152.compute-1.amazonaws.com
obs.cheqzone.com
1    18.66.97.81 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
1    104.18.11.207 (United States)

ASN13335 (CLOUDFLARENET, US)
maxcdn.bootstrapcdn.com
1    69.16.175.42 (Phoenix, United States)

ASN20446 (HIGHWINDS3, US)
PTR: hwcdn.net
code.jquery.com
21    142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net
securepubads.g.doubleclick.net
pubads.g.doubleclick.net
3    142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net
adservice.google.com
4    3.138.43.101 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-138-43-101.us-east-2.compute.amazonaws.com
capi.connatix.com
1    34.96.74.203 (United States)

ASN15169 (GOOGLE, US)
PTR: 203.74.96.34.bc.googleusercontent.com
api.pymx5.com
6    142.250.186.74 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f10.1e100.net
imasdk.googleapis.com
5    64.202.112.63 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com
log.outbrainimg.com
mcdp-nydc1.outbrain.com
2    151.101.14.132 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
odb.outbrain.com
mv.outbrain.com
3    185.60.216.35 (Ireland)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-frx5.facebook.com
www.facebook.com
2    66.102.1.155 (United States)

ASN15169 (GOOGLE, US)
PTR: wb-in-f155.1e100.net
stats.g.doubleclick.net
1    142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net
adservice.google.de
3    18.156.195.47 (United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
c2shb.ssp.yahoo.com
17    165.227.252.242 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
e.serverbid.com
sync.serverbid.com
2    69.173.144.143 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
9    185.33.221.50 (Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com
12    35.244.159.8 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
ewscripps-d.openx.net
eu-u.openx.net
us-u.openx.net
7    52.208.41.69 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-208-41-69.eu-west-1.compute.amazonaws.com
g2.gumgum.com
rtb.gumgum.com
2    3.124.87.92 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-87-92.eu-central-1.compute.amazonaws.com
tlx.3lift.com
3    34.149.20.76 (United States)

ASN15169 (GOOGLE, US)
PTR: 76.20.149.34.bc.googleusercontent.com
ssc.33across.com
26    172.217.16.134 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s06-in-f134.1e100.net
s0.2mdn.net
2    151.101.194.137 (United States)

ASN54113 (FASTLY, US)
lit.connatix.com
vid.connatix.com
15    18.203.131.238 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-203-131-238.eu-west-1.compute.amazonaws.com
s.srvsynd.com
7    142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net
adservice.google.de
googleads.g.doubleclick.net
www.googletagservices.com
5    142.250.185.65 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f1.1e100.net
404070df3b8f7600f3dcb3117e8eab48.safeframe.googlesyndication.com
1    52.202.168.65 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-202-168-65.compute-1.amazonaws.com
ads-alpha.ewscloud.com
4    18.159.21.129 (United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-159-21-129.eu-central-1.compute.amazonaws.com
prebid-a.rubiconproject.com
8    142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net
pagead2.googlesyndication.com
17    142.250.184.225 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f1.1e100.net
tpc.googlesyndication.com
3    142.250.185.196 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f4.1e100.net
www.google.com
3    151.101.1.194 (United States)

ASN54113 (FASTLY, US)
includemodal.global.ssl.fastly.net
3    3.129.116.66 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-129-116-66.us-east-2.compute.amazonaws.com
includemodal.com
1    142.250.185.202 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f10.1e100.net
fonts.googleapis.com
1    142.250.184.195 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f3.1e100.net
fonts.gstatic.com
2    172.217.166.3 (United States)

ASN15169 (GOOGLE, US)
PTR: del03s17-in-f3.1e100.net
csi.gstatic.com
1    142.250.186.174 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f14.1e100.net
redirector.gvt1.com
3    74.125.104.104 (United States)

ASN15169 (GOOGLE, US)
PTR: prg03s07-in-f8.1e100.net
r2---sn-2gb7sn7k.gvt1.com
6    185.29.134.248 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
2    205.185.216.10 (None, )

ASN- ()
serverbid-sync.nyc3.cdn.digitaloceanspaces.com
14    76.223.111.18 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
1    208.100.17.176 (None, )

ASN- ()
ssc-cms.33across.com
4    151.101.65.108 (United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
6    104.109.78.125 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-109-78-125.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
5    185.33.220.244 (Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 731.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
secure.adnxs.com
6    37.157.6.252 (Denmark)

ASN198622 (ADFORM, DK)
PTR: s1.adform.net
c1.adform.net
8    13.248.242.197 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a97adde81b00f2ca4.awsglobalaccelerator.com
match.adsrvr.org
14    142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net
cm.g.doubleclick.net
2    108.174.11.69 (None, )

ASN- ()
px.ads.linkedin.com
4    212.82.100.176 (Switzerland)

ASN34010 (YAHOO-IRD, GB)
PTR: pr-bh-ing.pbp.vip.ir2.yahoo.com
pr-bh.ybp.yahoo.com
5    18.184.28.154 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-184-28-154.eu-central-1.compute.amazonaws.com
x.bidswitch.net
2    204.79.197.200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
PTR: a-0001.a-msedge.net
c.bing.com
4    209.54.177.54 (None, )

ASN- ()
s.amazon-adsystem.com
2    50.31.142.31 (None, )

ASN- ()
b1sync.zemanta.com
3    46.228.164.11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
4    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
1    87.248.118.23 (None, )

ASN- ()
ads.yahoo.com
4    69.173.144.139 (None, )

ASN- ()
pixel.rubiconproject.com
3    151.101.2.49 (None, )

ASN- ()
sync-tm.everesttech.net
3    2.18.233.180 (None, )

ASN- ()
ads.pubmatic.com
2    35.186.253.211 (None, )

ASN- ()
rtb.openx.net
4    54.93.133.131 (None, )

ASN- ()
pixel.advertising.com
3    18.156.0.31 (None, )

ASN- ()
ups.analytics.yahoo.com
4    2.18.234.21 (None, )

ASN- ()
ssum-sec.casalemedia.com
4    216.52.2.39 (None, )

ASN- ()
ap.lijit.com
2    72.34.250.75 (None, )

ASN- ()
sync.go.sonobi.com
2    104.18.99.194 (None, )

ASN- ()
p.adsymptotic.com
1    198.47.127.19 (None, )

ASN- ()
image6.pubmatic.com
2    213.155.156.169 (None, )

ASN- ()
d5p.de17a.com
7    185.64.189.110 (None, )

ASN- ()
image2.pubmatic.com
1    178.250.2.151 (None, )

ASN- ()
dis.criteo.com
1    85.114.159.118 (None, )

ASN- ()
dsp.adfarm1.adition.com
11    185.64.190.80 (None, )

ASN- ()
simage2.pubmatic.com
1    162.55.6.211 (None, )

ASN- ()
csync.loopme.me
3    213.19.147.44 (None, )

ASN- ()
sync.1rx.io
sync.targeting.unrulymedia.com
1    72.251.241.204 (None, )

ASN- ()
cm.adgrx.com
1    188.165.137.78 (None, )

ASN- ()
green.erne.co
1    104.21.192.83 (None, )

ASN- ()
ad4m.at
2    104.18.12.5 (None, )

ASN- ()
a.tribalfusion.com
s.tribalfusion.com
2    151.101.1.44 (None, )

ASN- ()
trc.taboola.com
match.taboola.com
1    169.197.150.8 (None, )

ASN- ()
match.deepintent.com
2    185.64.189.114 (None, )

ASN- ()
image4.pubmatic.com
1    159.253.128.188 (None, )

ASN- ()
um.simpli.fi
2    35.210.53.219 (None, )

ASN- ()
pool.admedo.com
1    63.215.202.137 (None, )

ASN- ()
pubmatic-match.dotomi.com
1    159.65.196.12 (None, )

ASN- ()
match.adsby.bidtheatre.com
1    34.98.107.212 (None, )

ASN- ()
ads.playground.xyz
Apex Domain
Subdomains		 Transfer
41 doubleclick.net
4394967.fls.doubleclick.net
securepubads.g.doubleclick.net
stats.g.doubleclick.net
googleads.g.doubleclick.net
pubads.g.doubleclick.net
cm.g.doubleclick.net
228 KB
30 googlesyndication.com
404070df3b8f7600f3dcb3117e8eab48.safeframe.googlesyndication.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
236 KB
26 2mdn.net
s0.2mdn.net
422 KB
25 connatix.com
cd.connatix.com
cds.connatix.com
capi.connatix.com
lit.connatix.com
vid.connatix.com
img.connatix.com
396 KB
24 pubmatic.com
ads.pubmatic.com
image6.pubmatic.com
image2.pubmatic.com
simage2.pubmatic.com
image4.pubmatic.com
37 KB
24 rubiconproject.com
ads.rubiconproject.com
fastlane.rubiconproject.com
prebid-a.rubiconproject.com
eus.rubiconproject.com
token.rubiconproject.com
pixel.rubiconproject.com
secure-assets.rubiconproject.com
pixel-us-east.rubiconproject.com Failed
252 KB
18 adnxs.com
ib.adnxs.com
acdn.adnxs.com
secure.adnxs.com
47 KB
17 serverbid.com
e.serverbid.com
sync.serverbid.com
5 KB
17 moatads.com
sejs.moatads.com
mb.moatads.com
px.moatads.com
z.moatads.com
184 KB
16 3lift.com
tlx.3lift.com
eb2.3lift.com
6 KB
15 srvsynd.com
s.srvsynd.com
52 KB
14 openx.net
ewscripps-d.openx.net
eu-u.openx.net
us-u.openx.net
rtb.openx.net
4 KB
13 amazon-adsystem.com
c.amazon-adsystem.com
s.amazon-adsystem.com
81 KB
12 outbrain.com
widgets.outbrain.com
widget-pixels.outbrain.com
odb.outbrain.com
mcdp-nydc1.outbrain.com
mv.outbrain.com
129 KB
11 yahoo.com
c2shb.ssp.yahoo.com
pr-bh.ybp.yahoo.com
ads.yahoo.com
ups.analytics.yahoo.com
7 KB
9 outbrainimg.com
tcheck.outbrainimg.com
log.outbrainimg.com
images.outbrainimg.com
137 KB
8 adsrvr.org
match.adsrvr.org
3 KB
8 google-analytics.com
www.google-analytics.com
21 KB
7 gumgum.com
g2.gumgum.com
rtb.gumgum.com
6 KB
7 googleapis.com
imasdk.googleapis.com
fonts.googleapis.com
1005 KB
7 scrippsdigital.com
assets.scrippsdigital.com
159 KB
6 adform.net
c1.adform.net
3 KB
6 mathtag.com
sync.mathtag.com
3 KB
6 google.com
adservice.google.com
www.google.com
2 KB
6 typekit.net
use.typekit.net
p.typekit.net
69 KB
5 bidswitch.net
x.bidswitch.net
2 KB
5 quantserve.com
secure.quantserve.com
pixel.quantserve.com
10 KB
5 cloudfront.net
d25dfknw9ghxs6.cloudfront.net
d2s8wlbatk24s7.cloudfront.net
195 KB
5 wxyz.com
www.wxyz.com
302 KB
4 lijit.com
ap.lijit.com
2 KB
4 casalemedia.com
ssum-sec.casalemedia.com
3 KB
4 advertising.com
pixel.advertising.com
1 KB
4 gvt1.com
redirector.gvt1.com
r2---sn-2gb7sn7k.gvt1.com
16 KB
4 googletagservices.com
www.googletagservices.com
149 KB
4 33across.com
ssc.33across.com
ssc-cms.33across.com
604 B
4 facebook.net
connect.facebook.net
247 KB
4 brightspotcdn.com
ewscripps.brightspotcdn.com
222 KB
3 everesttech.net
sync-tm.everesttech.net
821 B
3 turn.com
ad.turn.com
1 KB
3 gstatic.com
fonts.gstatic.com
csi.gstatic.com
19 KB
3 includemodal.com
includemodal.com
397 B
3 fastly.net
includemodal.global.ssl.fastly.net
38 KB
3 facebook.com
www.facebook.com
653 B
3 sitescout.com
pixel.sitescout.com
pixel-sync.sitescout.com
1 KB
3 scorecardresearch.com
sb.scorecardresearch.com
2 KB
3 ewscloud.com
api.ewscloud.com
ads-alpha.ewscloud.com
6 KB
3 cheqzone.com
ob.cheqzone.com
obs.cheqzone.com
21 KB
3 fontawesome.com
use.fontawesome.com
132 KB
2 admedo.com
pool.admedo.com
717 B
2 taboola.com
trc.taboola.com
match.taboola.com
558 B
2 tribalfusion.com
a.tribalfusion.com
s.tribalfusion.com
1 KB
2 1rx.io
sync.1rx.io
1 KB
2 de17a.com
d5p.de17a.com
637 B
2 adsymptotic.com
p.adsymptotic.com
2 sonobi.com
sync.go.sonobi.com
821 B
2 zemanta.com
b1sync.zemanta.com
602 B
2 bing.com
c.bing.com
739 B
2 linkedin.com
px.ads.linkedin.com
610 B
2 digitaloceanspaces.com
serverbid-sync.nyc3.cdn.digitaloceanspaces.com
10 KB
2 google.de
adservice.google.de
992 B
2 pymx5.com
pymx5.com
api.pymx5.com
10 KB
2 uplynk.com
x-default-stgec.uplynk.com
63 KB
2 parsely.com
cdn.parsely.com
p1.parsely.com
24 KB
2 media.net
hbx.media.net
hblg.media.net
99 KB
2 cookielaw.org
cdn.cookielaw.org
7 KB
1 playground.xyz
ads.playground.xyz
483 B
1 bidtheatre.com
match.adsby.bidtheatre.com
550 B
1 dotomi.com
pubmatic-match.dotomi.com
104 B
1 simpli.fi
um.simpli.fi
610 B
1 deepintent.com
match.deepintent.com
44 B
1 ad4m.at
ad4m.at
915 B
1 erne.co
green.erne.co
326 B
1 adgrx.com
cm.adgrx.com
408 B
1 unrulymedia.com
sync.targeting.unrulymedia.com
535 B
1 loopme.me
csync.loopme.me
218 B
1 adition.com
dsp.adfarm1.adition.com
501 B
1 criteo.com
dis.criteo.com
334 B
1 jquery.com
code.jquery.com
33 KB
1 bootstrapcdn.com
maxcdn.bootstrapcdn.com
6 KB
1 quantcount.com
rules.quantcount.com
1 KB
1 googletagmanager.com
www.googletagmanager.com
43 KB
0 onaudience.com Failed
pixel.onaudience.com Failed
0 contextweb.com Failed
bh.contextweb.com Failed
0 id5-sync.com Failed
id5-sync.com Failed
420 84
Domain Requested by
26 s0.2mdn.net imasdk.googleapis.com
404070df3b8f7600f3dcb3117e8eab48.safeframe.googlesyndication.com
s0.2mdn.net
17 tpc.googlesyndication.com www.wxyz.com
404070df3b8f7600f3dcb3117e8eab48.safeframe.googlesyndication.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
15 s.srvsynd.com cd.connatix.com
d25dfknw9ghxs6.cloudfront.net
s.srvsynd.com
15 e.serverbid.com 2 redirects d25dfknw9ghxs6.cloudfront.net
serverbid-sync.nyc3.cdn.digitaloceanspaces.com
ads.pubmatic.com
15 securepubads.g.doubleclick.net www.wxyz.com
securepubads.g.doubleclick.net
d25dfknw9ghxs6.cloudfront.net
cd.connatix.com
404070df3b8f7600f3dcb3117e8eab48.safeframe.googlesyndication.com
www.googletagservices.com
14 cm.g.doubleclick.net 8 redirects eu-u.openx.net
eb2.3lift.com
14 eb2.3lift.com 4 redirects ads.rubiconproject.com
eb2.3lift.com
14 px.moatads.com
11 simage2.pubmatic.com ads.pubmatic.com
11 vid.connatix.com cd.connatix.com
www.wxyz.com
9 ib.adnxs.com 3 redirects d25dfknw9ghxs6.cloudfront.net
acdn.adnxs.com
9 c.amazon-adsystem.com www.wxyz.com
d25dfknw9ghxs6.cloudfront.net
assets.scrippsdigital.com
c.amazon-adsystem.com
8 match.adsrvr.org 3 redirects eu-u.openx.net
eb2.3lift.com
8 pagead2.googlesyndication.com d25dfknw9ghxs6.cloudfront.net
tpc.googlesyndication.com
www.googletagservices.com
8 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
d25dfknw9ghxs6.cloudfront.net
www.wxyz.com
7 image2.pubmatic.com ads.pubmatic.com
7 assets.scrippsdigital.com www.wxyz.com
ewscripps.brightspotcdn.com
assets.scrippsdigital.com
6 c1.adform.net 5 redirects ads.pubmatic.com
6 eus.rubiconproject.com ads.rubiconproject.com
eus.rubiconproject.com
serverbid-sync.nyc3.cdn.digitaloceanspaces.com
6 sync.mathtag.com 6 redirects
6 eu-u.openx.net ads.rubiconproject.com
eu-u.openx.net
6 pubads.g.doubleclick.net imasdk.googleapis.com
6 img.connatix.com www.wxyz.com
6 images.outbrainimg.com www.wxyz.com
6 imasdk.googleapis.com assets.scrippsdigital.com
imasdk.googleapis.com
cd.connatix.com
6 widgets.outbrain.com www.wxyz.com
widgets.outbrain.com
5 x.bidswitch.net 3 redirects eb2.3lift.com
5 secure.adnxs.com 3 redirects acdn.adnxs.com
5 404070df3b8f7600f3dcb3117e8eab48.safeframe.googlesyndication.com securepubads.g.doubleclick.net
5 use.typekit.net www.wxyz.com
use.typekit.net
5 www.wxyz.com www.wxyz.com
ewscripps.brightspotcdn.com
4 ap.lijit.com 4 redirects
4 ssum-sec.casalemedia.com 4 redirects
4 pixel.advertising.com 4 redirects
4 pixel.rubiconproject.com
4 token.rubiconproject.com 4 redirects
4 s.amazon-adsystem.com 2 redirects eb2.3lift.com
4 pr-bh.ybp.yahoo.com 3 redirects ads.pubmatic.com
4 us-u.openx.net eu-u.openx.net
4 acdn.adnxs.com ads.rubiconproject.com
serverbid-sync.nyc3.cdn.digitaloceanspaces.com
4 www.googletagservices.com 404070df3b8f7600f3dcb3117e8eab48.safeframe.googlesyndication.com
4 prebid-a.rubiconproject.com d25dfknw9ghxs6.cloudfront.net
4 g2.gumgum.com d25dfknw9ghxs6.cloudfront.net
4 capi.connatix.com cd.connatix.com
4 pixel.quantserve.com 3 redirects www.wxyz.com
4 connect.facebook.net www.wxyz.com
connect.facebook.net
4 d2s8wlbatk24s7.cloudfront.net d25dfknw9ghxs6.cloudfront.net
includemodal.global.ssl.fastly.net
4 ewscripps.brightspotcdn.com www.wxyz.com
3 ups.analytics.yahoo.com 3 redirects
3 ads.pubmatic.com serverbid-sync.nyc3.cdn.digitaloceanspaces.com
ads.pubmatic.com
3 sync-tm.everesttech.net 3 redirects
3 ad.turn.com 3 redirects
3 rtb.gumgum.com ads.rubiconproject.com
ads.pubmatic.com
3 r2---sn-2gb7sn7k.gvt1.com
3 includemodal.com 404070df3b8f7600f3dcb3117e8eab48.safeframe.googlesyndication.com
3 includemodal.global.ssl.fastly.net 404070df3b8f7600f3dcb3117e8eab48.safeframe.googlesyndication.com
3 www.google.com 1 redirects 404070df3b8f7600f3dcb3117e8eab48.safeframe.googlesyndication.com
tpc.googlesyndication.com
3 mcdp-nydc1.outbrain.com widgets.outbrain.com
3 ssc.33across.com d25dfknw9ghxs6.cloudfront.net
3 c2shb.ssp.yahoo.com d25dfknw9ghxs6.cloudfront.net
3 www.facebook.com www.wxyz.com
3 adservice.google.com 4394967.fls.doubleclick.net
securepubads.g.doubleclick.net
imasdk.googleapis.com
3 sb.scorecardresearch.com 1 redirects www.wxyz.com
3 use.fontawesome.com www.wxyz.com
use.fontawesome.com
2 pool.admedo.com 2 redirects
2 image4.pubmatic.com ads.pubmatic.com
2 sync.1rx.io 2 redirects
2 d5p.de17a.com 2 redirects
2 p.adsymptotic.com serverbid-sync.nyc3.cdn.digitaloceanspaces.com
2 sync.go.sonobi.com serverbid-sync.nyc3.cdn.digitaloceanspaces.com
2 rtb.openx.net 2 redirects
2 secure-assets.rubiconproject.com 2 redirects
2 b1sync.zemanta.com 2 redirects
2 c.bing.com eb2.3lift.com
2 px.ads.linkedin.com eb2.3lift.com
2 serverbid-sync.nyc3.cdn.digitaloceanspaces.com ads.rubiconproject.com
2 sync.serverbid.com 2 redirects
2 csi.gstatic.com imasdk.googleapis.com
2 googleads.g.doubleclick.net 404070df3b8f7600f3dcb3117e8eab48.safeframe.googlesyndication.com
2 tlx.3lift.com d25dfknw9ghxs6.cloudfront.net
2 ewscripps-d.openx.net d25dfknw9ghxs6.cloudfront.net
2 fastlane.rubiconproject.com d25dfknw9ghxs6.cloudfront.net
2 adservice.google.de adservice.google.com
securepubads.g.doubleclick.net
2 stats.g.doubleclick.net d25dfknw9ghxs6.cloudfront.net
2 log.outbrainimg.com d25dfknw9ghxs6.cloudfront.net
2 obs.cheqzone.com ob.cheqzone.com
www.wxyz.com
2 pixel.sitescout.com 1 redirects www.wxyz.com
2 api.ewscloud.com ewscripps.brightspotcdn.com
2 4394967.fls.doubleclick.net 1 redirects www.googletagmanager.com
2 x-default-stgec.uplynk.com www.wxyz.com
2 cds.connatix.com www.wxyz.com
cd.connatix.com
2 ads.rubiconproject.com www.wxyz.com
assets.scrippsdigital.com
2 cdn.cookielaw.org www.wxyz.com
d25dfknw9ghxs6.cloudfront.net
1 ads.playground.xyz 1 redirects
1 match.adsby.bidtheatre.com 1 redirects
1 pixel-sync.sitescout.com 1 redirects
1 pubmatic-match.dotomi.com ads.pubmatic.com
1 um.simpli.fi ads.pubmatic.com
1 match.deepintent.com ads.pubmatic.com
1 match.taboola.com ads.pubmatic.com
1 trc.taboola.com 1 redirects
1 s.tribalfusion.com ads.pubmatic.com
1 a.tribalfusion.com 1 redirects
1 ad4m.at ads.pubmatic.com
1 green.erne.co 1 redirects
1 cm.adgrx.com ads.pubmatic.com
1 sync.targeting.unrulymedia.com 1 redirects
1 csync.loopme.me 1 redirects
1 dsp.adfarm1.adition.com 1 redirects
1 dis.criteo.com ads.pubmatic.com
1 image6.pubmatic.com ads.pubmatic.com
1 ads.yahoo.com
1 ssc-cms.33across.com ads.rubiconproject.com
1 redirector.gvt1.com 1 redirects
1 z.moatads.com assets.scrippsdigital.com
1 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com tpc.googlesyndication.com
1 ads-alpha.ewscloud.com imasdk.googleapis.com
1 lit.connatix.com cd.connatix.com
1 mv.outbrain.com widgets.outbrain.com
1 odb.outbrain.com widgets.outbrain.com
1 api.pymx5.com pymx5.com
1 code.jquery.com assets.scrippsdigital.com
1 maxcdn.bootstrapcdn.com assets.scrippsdigital.com
1 rules.quantcount.com secure.quantserve.com
1 hblg.media.net www.wxyz.com
1 mb.moatads.com sejs.moatads.com
1 pymx5.com www.googletagmanager.com
1 secure.quantserve.com www.wxyz.com
1 p1.parsely.com www.wxyz.com
1 ob.cheqzone.com widgets.outbrain.com
1 cd.connatix.com 1 redirects
1 cdn.parsely.com www.wxyz.com
1 widget-pixels.outbrain.com www.wxyz.com
1 tcheck.outbrainimg.com d25dfknw9ghxs6.cloudfront.net
1 p.typekit.net use.typekit.net
1 hbx.media.net www.wxyz.com
1 sejs.moatads.com www.wxyz.com
1 www.googletagmanager.com www.wxyz.com
1 d25dfknw9ghxs6.cloudfront.net www.wxyz.com
0 pixel.onaudience.com Failed ads.pubmatic.com
0 bh.contextweb.com Failed ads.pubmatic.com
0 pixel-us-east.rubiconproject.com Failed eus.rubiconproject.com
0 id5-sync.com Failed
420 144
Subject Issuer Validity Valid
*.scrippsnationalnews.com
Amazon		 2021-02-05 -
2022-03-06		 a year crt.sh
ewscripps.brightspotcdn.com
Amazon		 2021-05-30 -
2022-06-28		 a year crt.sh
*.cloudfront.net
Amazon		 2021-03-19 -
2022-03-17		 a year crt.sh
cookielaw.org
Cloudflare Inc ECC CA-3		 2021-06-01 -
2022-05-31		 a year crt.sh
use.typekit.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-08-16 -
2022-08-16		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-07-07 -
2022-07-06		 a year crt.sh
*.outbrain.com
DigiCert SHA2 Secure Server CA		 2021-05-25 -
2022-06-01		 a year crt.sh
*.scrippsdigital.com
Amazon		 2021-08-08 -
2022-09-06		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
moatads.com
DigiCert SHA2 Secure Server CA		 2021-01-21 -
2022-01-25		 a year crt.sh
c.amazon-adsystem.com
Amazon		 2021-07-06 -
2022-06-27		 a year crt.sh
*.media.net
DigiCert SHA2 Secure Server CA		 2021-04-12 -
2022-04-20		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-04-01 -
2022-04-04		 a year crt.sh
*.typekit.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-07-16 -
2022-07-21		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-09-09 -
2021-12-08		 3 months crt.sh
*.outbrainimg.com
DigiCert SHA2 Secure Server CA		 2021-05-04 -
2022-05-09		 a year crt.sh
*.parsely.com
Amazon		 2021-07-05 -
2022-08-03		 a year crt.sh
*.connatix.com
Go Daddy Secure Certificate Authority - G2		 2021-08-20 -
2022-09-21		 a year crt.sh
*.uplynk.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-09 -
2021-12-10		 a year crt.sh
*.cheqzone.com
Amazon		 2021-02-21 -
2022-03-22		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-22 -
2022-09-21		 a year crt.sh
*.scorecardresearch.com
Amazon		 2021-02-28 -
2022-03-29		 a year crt.sh
*.ewscloud.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-08-19 -
2022-09-19		 a year crt.sh
*.sitescout.com
RapidSSL RSA CA 2018		 2020-01-15 -
2022-02-02		 2 years crt.sh
*.pymx5.com
Go Daddy Secure Certificate Authority - G2		 2021-09-12 -
2022-09-10		 a year crt.sh
*.moatads.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-05-25 -
2022-06-25		 a year crt.sh
obs.cheqzone.com
R3		 2021-10-06 -
2022-01-04		 3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2021-07-14 -
2022-08-14		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
*.google.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
upload.video.google.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
*.google.de
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
web.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-10-14 -
2022-04-06		 6 months crt.sh
e.serverbid.com
R3		 2021-08-30 -
2021-11-28		 3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2021-03-05 -
2022-02-19		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2021-07-08 -
2022-08-08		 a year crt.sh
*.gumgum.com
Amazon		 2021-06-05 -
2022-07-04		 a year crt.sh
*.3lift.com
Amazon		 2021-06-12 -
2022-07-11		 a year crt.sh
ssc.33across.com
GTS CA 1D4		 2021-09-28 -
2021-12-27		 3 months crt.sh
srvsynd.com
R3		 2021-10-04 -
2022-01-02		 3 months crt.sh
ads-alpha.ewscloud.com
R3		 2021-09-20 -
2021-12-19		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
www.google.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
*.freetls.fastly.net
GlobalSign Atlas R3 DV TLS CA 2020		 2021-04-27 -
2022-05-29		 a year crt.sh
includemodal.com
Amazon		 2021-10-16 -
2022-11-13		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
*.c.docs.google.com
GTS CA 1C3		 2021-10-12 -
2021-12-21		 2 months crt.sh
*.nyc3.cdn.digitaloceanspaces.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-03-30 -
2022-04-30		 a year crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA		 2021-09-23 -
2022-09-30		 a year crt.sh
cdn.adnxs.com
GlobalSign Organization Validated CA - SHA256 - G4		 2021-05-10 -
2022-06-11		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-18 -
2022-04-19		 a year crt.sh
px.ads.linkedin.com
DigiCert SHA2 Secure Server CA		 2021-09-16 -
2022-03-16		 6 months crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2020-04-23 -
2022-05-04		 2 years crt.sh
www.bing.com
Microsoft RSA TLS CA 02		 2021-09-30 -
2022-03-30		 6 months crt.sh
s.amazon-adsystem.com
Amazon		 2021-07-14 -
2022-06-27		 a year crt.sh
*.ads.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-09-27 -
2021-11-17		 2 months crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA		 2021-03-30 -
2022-04-04		 a year crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2		 2020-12-06 -
2022-01-07		 a year crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-06 -
2022-10-07		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-09-09 -
2021-12-07		 3 months crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-24 -
2022-03-26		 a year crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-25 -
2021-12-26		 a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2020-04-09 -
2022-06-08		 2 years crt.sh
*.simpli.fi
DigiCert SHA2 Secure Server CA		 2019-09-18 -
2021-12-12		 2 years crt.sh
*.pbp.bf2.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-08-18 -
2021-11-17		 3 months crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2021-08-10 -
2022-09-11		 a year crt.sh

This page contains 56 frames:

Primary Page: https://www.wxyz.com/news/coronavirus/covid-19-vaccine/35-michiganders-have-died-after-getting-the-covid-vaccine-but-this-stat-is-less-alarming-than-it-seems
Frame ID: 7730893A2AA520535D0143FE435FEBC6
Requests: 161 HTTP requests in this frame

Frame: https://cds.connatix.com/p/133566/connatix.playspace.dc.js
Frame ID: 385C72469E909D40440CB4D421D0E6CC
Requests: 9 HTTP requests in this frame

Frame: https://4394967.fls.doubleclick.net/activityi;dc_pre=COCqwJfy1fMCFQz3UQodK14JTg;src=4394967;type=wxyz;cat=pc_tt0;ord=2650410390512;gtm=2wgad0;auiddc=573424486.1634626484;u1=COVID-19%20Vaccine;u2=35%20Michiganders%20have%20died%20post%20vaccination%20%E2%80%94%C2%A0but%20this%20stat%20is%20less%20alarming%20than%20it%20seems;~oref=https%3A%2F%2Fwww.wxyz.com%2Fnews%2Fcoronavirus%2Fcovid-19-vaccine%2F35-michiganders-have-died-after-getting-the-covid-vaccine-but-this-stat-is-less-alarming-than-it-seems
Frame ID: 41D4A0461625D813D0F93A0981AC0C94
Requests: 1 HTTP requests in this frame

Frame: https://assets.scrippsdigital.com/cms/videoIframe.html?&host=www.wxyz.com&title=35%20Michiganders%20have%20died%20after%20getting%20the%20COVID%20vaccine%20%E2%80%94%C2%A0but%20this%20stat%20is%20less%20alarming%20than%20it%20seems&kw=7%20Action%20News%2CDetroit%2CWXYZ-TV%2Cmetro%20Detroit&autoplay=true&m3u8=https://content.uplynk.com/4f540a88fc44431bbf99302539b564c6.m3u8&mp4=https://x-default-stgec.uplynk.com/ausw/slices/4f5/be88c4e651db4a7dbe102614d7272948/4f540a88fc44431bbf99302539b564c6/4f540a88fc44431bbf99302539b564c6_g.mp4&purl=/news/coronavirus/covid-19-vaccine/35-michiganders-have-died-after-getting-the-covid-vaccine-but-this-stat-is-less-alarming-than-it-seems&dtrack=1&story=1&contplay=*recent&mute=1&tags=COVID-19%20Vaccine%2CInvestigations%2CCoronavirus%2CNews%2CLocal%20News%2CHomepage%20Showcase&cust_params=temp%3D%26weather%3D&s=wxyz
Frame ID: 78CC4C3C8BEF9CCFB86F5CF7E868143D
Requests: 31 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=COCqwJfy1fMCFQz3UQodK14JTg;src=4394967;type=wxyz;cat=pc_tt0;ord=2650410390512;gtm=2wgad0;auiddc=573424486.1634626484;u1=COVID-19%20Vaccine;u2=35%20Michiganders%20have%20died%20post%20vaccination%20%E2%80%94%C2%A0but%20this%20stat%20is%20less%20alarming%20than%20it%20seems;~oref=https%3A%2F%2Fwww.wxyz.com%2Fnews%2Fcoronavirus%2Fcovid-19-vaccine%2F35-michiganders-have-died-after-getting-the-covid-vaccine-but-this-stat-is-less-alarming-than-it-seems
Frame ID: A12E2CD4CAD9F43F9F95ED9F6FCC3CA3
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.de/ddm/fls/i/dc_pre=COCqwJfy1fMCFQz3UQodK14JTg;src=4394967;type=wxyz;cat=pc_tt0;ord=2650410390512;gtm=2wgad0;auiddc=573424486.1634626484;u1=COVID-19%20Vaccine;u2=35%20Michiganders%20have%20died%20post%20vaccination%20%E2%80%94%C2%A0but%20this%20stat%20is%20less%20alarming%20than%20it%20seems;~oref=https%3A%2F%2Fwww.wxyz.com%2Fnews%2Fcoronavirus%2Fcovid-19-vaccine%2F35-michiganders-have-died-after-getting-the-covid-vaccine-but-this-stat-is-less-alarming-than-it-seems
Frame ID: 10C867FCBEC70D1910C663A8D6EF95FD
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.485.1_en.html
Frame ID: DCF53459DFD3B4B9A4755D48EC66B527
Requests: 13 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: E30703B676291BC55290BA49554D57EF
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.485.1_en.html
Frame ID: 68AF8E5010B6ECCCDCD202FC258DE7DF
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.485.1_en.html
Frame ID: 7874F80FA33468D267661D9C051F787B
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.485.1_en.html
Frame ID: 11DDCA648B76C41B093A0088D49F71E6
Requests: 1 HTTP requests in this frame

Frame: https://404070df3b8f7600f3dcb3117e8eab48.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 7D8CF30284D8768F2D739EBFF5B79634
Requests: 1 HTTP requests in this frame

Frame: blob://https://www.wxyz.com/b5dda195-d8de-4803-a0b9-6b6662092f00
Frame ID: 5FAF7D2C80CEC3D3837AA0A7C228BE42
Requests: 1 HTTP requests in this frame

Frame: https://404070df3b8f7600f3dcb3117e8eab48.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: EEBACC09B2FE5F38B01159B35CF9CA86
Requests: 8 HTTP requests in this frame

Frame: https://404070df3b8f7600f3dcb3117e8eab48.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: CB72BF2C49DFFCBC07698E006B08B476
Requests: 11 HTTP requests in this frame

Frame: https://404070df3b8f7600f3dcb3117e8eab48.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: FD498E4D4BC2958473B607FECB6F73E3
Requests: 11 HTTP requests in this frame

Frame: https://404070df3b8f7600f3dcb3117e8eab48.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 84FE9577DF53A0B3FF9518118B4426C2
Requests: 12 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12502976385620377600/index.html
Frame ID: DD00132223AFF9335FD836A1FAFF2186
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 4703031B88D49EC78F9F68044C6EBAA6
Requests: 2 HTTP requests in this frame

Frame: data://truncated
Frame ID: C3D61D4913685A55B5E3A27DF0084A25
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 9483A3F10976691A2E65287721377758
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 8BD9F27C7B61FA3B0B718F2DFE2C7923
Requests: 2 HTTP requests in this frame

Frame: https://s0.2mdn.net/dfp/279981/5077633639/1633975855110/index.html
Frame ID: 9BB48B4362DC44FA8998B2FEF7467738
Requests: 7 HTTP requests in this frame

Frame: https://s0.2mdn.net/dfp/279981/5077633639/1633975873352/index.html
Frame ID: 81BAB8E204F7F4AF224479D33B3B7F5B
Requests: 7 HTTP requests in this frame

Frame: https://s0.2mdn.net/dfp/279981/5077633639/1633975835413/index.html
Frame ID: C2C027BFC93E42A6EE2A152316A1AA2E
Requests: 7 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=244d878b-1cc7-43a5-9a4f-43a0e7f860dd&gdpr=0
Frame ID: 09B5965E904FC418EDC877B09F64C41E
Requests: 7 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=mmh&i=377e616e-6bba-4b00-b205-f935f15fa8d9&gdpr=1&gdpr_consent=
Frame ID: 5882108BD7362717807BCACDE8BC7840
Requests: 1 HTTP requests in this frame

Frame: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
Frame ID: 23339EE2FBBA984EA4C8444F4F42C8CA
Requests: 8 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?&ld=1
Frame ID: 81E84CDA7FA9391D981915A143818201
Requests: 11 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=dZH_MSBymr67OuaKj0P0Le&gdpr_consent=undefined&us_privacy=undefined
Frame ID: 20AAABEFD9C5ADD96828CF7F3F682211
Requests: 1 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=244d878b-1cc7-43a5-9a4f-43a0e7f860dd&gdpr=0
Frame ID: C3AA18C48015B853B8E3F3EBD1B975C2
Requests: 7 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 62EAA97362E2FDF431EACF0ACD9400D5
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 81E512979C00F0C3CB94FA59C407E4A8
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: A3014E7BE3B65520EA23AD5A268A1A59
Requests: 10 HTTP requests in this frame

Frame: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
Frame ID: 16A1C1B080ADFEF92DAFA61EA8F5A9A6
Requests: 8 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?&ld=1
Frame ID: D0A8A41D65409CF5532B8E687B69E3F8
Requests: 11 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
Frame ID: 757E5675219F28E3716A902ACC074A4C
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Frame ID: 2A68F21E58052FA2C9805B8B7F9D768C
Requests: 23 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: 74BE512CFC9F77123680289195EB08F3
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
Frame ID: D8070C6BB06ECD7DB574C40BD00600F1
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Frame ID: FFC8D86D2056C2BAFD6D5FF05B9BEDBA
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: 386F5C3FF7DA31FD5F9C3E324893FB45
Requests: 2 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=45E188A0-160D-4B8E-A5FA-B6DFD753B9B9
Frame ID: 3F6DAB462B8EAB4A3A83146C6EFD6FB0
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5013542200496637328
Frame ID: 7D1BB4E43B08D6AEEB98AD29BC7E751A
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: D2C5906F8073E342A900158F55F561DA
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7020667320028690575
Frame ID: 2D96158F1824E9F6CD69554A5396D9E1
Requests: 1 HTTP requests in this frame

Frame: https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AABjh07C3NcAABabpIOVJw&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fuserid%3D1067587007258115791%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3
Frame ID: F7894BFE65B1A836D2A422C106F3FF12
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
Frame ID: C5EA35F75492EF8D76A2473BE5C9BE69
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-20bb3776-3df1-4790-8a6b-54126b7ee426-003
Frame ID: 47A367D06E88658F83E2C52E8CDC3C10
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: 22CA2B1DD08E0B0B03B46241FC0605CC
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=k8iYWKZeppcU4IalXiNvXq--
Frame ID: 43F052C2E7E95F62CB3BF154CADCC3AC
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
Frame ID: BF50CBC3E260C7249BC357F38DDC8D0D
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 57996E692A0F9209A17E3ED3E25674D5
Requests: 1 HTTP requests in this frame

Frame: https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=f38e2497-004a-48df-8565-dd79fe2c45f4-tuct867f13b&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Frame ID: F56B335798266E9DFC4D0B2C4647D9AC
Requests: 1 HTTP requests in this frame

Frame: https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Frame ID: 20A07C5DE01D8BE56D29195AA8EFA9CC
Requests: 1 HTTP requests in this frame

Frame: https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=4&userId=45E188A0-160D-4B8E-A5FA-B6DFD753B9B9
Frame ID: B756A058AB84F60C062CC462B9EA61F6
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

35 Michiganders have died post vaccination — but this stat is less alarming than it seems

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • moatads\.com
Overall confidence: 100%
Detected patterns
  • cdn\.cookielaw\.org
  • otSDKStub\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • widgets\.outbrain\.com/outbrain\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • <iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
  • \.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

420
Requests

97 %
HTTPS

0 %
IPv6

84
Domains

144
Subdomains

102
IPs

8
Countries

5133 kB
Transfer

24121 kB
Size

58
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 28
  • https://cd.connatix.com/connatix.playspace.js HTTP 302
  • https://cds.connatix.com/p/133566/connatix.playspace.dc.js
Request Chain 36
  • https://4394967.fls.doubleclick.net/activityi;src=4394967;type=wxyz;cat=pc_tt0;ord=2650410390512;gtm=2wgad0;auiddc=573424486.1634626484;u1=COVID-19%20Vaccine;u2=35%20Michiganders%20have%20died%20post%20vaccination%20%E2%80%94%C2%A0but%20this%20stat%20is%20less%20alarming%20than%20it%20seems;~oref=https%3A%2F%2Fwww.wxyz.com%2Fnews%2Fcoronavirus%2Fcovid-19-vaccine%2F35-michiganders-have-died-after-getting-the-covid-vaccine-but-this-stat-is-less-alarming-than-it-seems HTTP 302
  • https://4394967.fls.doubleclick.net/activityi;dc_pre=COCqwJfy1fMCFQz3UQodK14JTg;src=4394967;type=wxyz;cat=pc_tt0;ord=2650410390512;gtm=2wgad0;auiddc=573424486.1634626484;u1=COVID-19%20Vaccine;u2=35%20Michiganders%20have%20died%20post%20vaccination%20%E2%80%94%C2%A0but%20this%20stat%20is%20less%20alarming%20than%20it%20seems;~oref=https%3A%2F%2Fwww.wxyz.com%2Fnews%2Fcoronavirus%2Fcovid-19-vaccine%2F35-michiganders-have-died-after-getting-the-covid-vaccine-but-this-stat-is-less-alarming-than-it-seems
Request Chain 46
  • https://pixel.sitescout.com/iap/88f2a0fd9298a35d HTTP 302
  • https://pixel.sitescout.com/iap/88f2a0fd9298a35d?cookieQ=1
Request Chain 53
  • https://sb.scorecardresearch.com/b?c1=2&c2=6036471&ns__t=1634626484474&ns_c=UTF-8&cv=3.5&c8=35%20Michiganders%20have%20died%20post%20vaccination%20%E2%80%94%C2%A0but%20this%20stat%20is%20less%20alarming%20than%20it%20seems&c7=https%3A%2F%2Fwww.wxyz.com%2Fnews%2Fcoronavirus%2Fcovid-19-vaccine%2F35-michiganders-have-died-after-getting-the-covid-vaccine-but-this-stat-is-less-alarming-than-it-seems&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=2&c2=6036471&ns__t=1634626484474&ns_c=UTF-8&cv=3.5&c8=35%20Michiganders%20have%20died%20post%20vaccination%20%E2%80%94%C2%A0but%20this%20stat%20is%20less%20alarming%20than%20it%20seems&c7=https%3A%2F%2Fwww.wxyz.com%2Fnews%2Fcoronavirus%2Fcovid-19-vaccine%2F35-michiganders-have-died-after-getting-the-covid-vaccine-but-this-stat-is-less-alarming-than-it-seems&c9=
Request Chain 207
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 273
  • https://redirector.gvt1.com/videoplayback/id/978344da36adf92f/itag/44/source/dclk_video_ads/requiressl/yes/acao/yes/mime/video%2Fwebm/ctier/L/ip/0.0.0.0/ipbits/0/expire/1634648087/sparams/ip,ipbits,expire,id,itag,source,requiressl,acao,mime,ctier/signature/3B32A7DEAA6778AD980AF38B0D4602ECDADB7C5A.8F424152E17F10D106A5F56B217BF0D7F2A28904/key/ck2/file/file.webm HTTP 302
  • https://r2---sn-2gb7sn7k.gvt1.com/videoplayback/id/978344da36adf92f/itag/44/source/dclk_video_ads/requiressl/yes/acao/yes/mime/video%2Fwebm/ctier/L/ip/0.0.0.0/ipbits/0/expire/1634648087/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mime,mip,mm,mn,ms,mv,mvi,pl,requiressl,source/signature/0C785BC564D0F3992FC3209D2030DCBD960573E9.4C5108B7ED513C41F396180999F35B28D6C8A662/key/cms1/cms_redirect/yes/mh/Q-/mip/216.131.111.33/mm/28/mn/sn-2gb7sn7k/ms/nvh/mt/1634625618/mv/m/mvi/2/pl/24/file/file.webm
Request Chain 300
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=1&gdpr_consent=&redir=https%3a%2f%2frtb.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d HTTP 302
  • https://rtb.gumgum.com/usersync?b=mmh&i=377e616e-6bba-4b00-b205-f935f15fa8d9&gdpr=1&gdpr_consent=
Request Chain 301
  • https://sync.serverbid.com/ss/2000248.html HTTP 302
  • https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
Request Chain 302
  • https://eb2.3lift.com/sync HTTP 302
  • https://eb2.3lift.com/sync?&ld=1
Request Chain 308
  • https://sync.serverbid.com/ss/2000248.html HTTP 302
  • https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
Request Chain 309
  • https://eb2.3lift.com/sync HTTP 302
  • https://eb2.3lift.com/sync?&ld=1
Request Chain 310
  • https://secure.adnxs.com/getuid?https://rtb.gumgum.com/usersync?b=apn&i=$UID HTTP 307
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dapn%26i%3D%24UID HTTP 302
  • https://rtb.gumgum.com/usersync?b=apn&i=766210064566899255
Request Chain 311
  • https://id5-sync.com/s/441/9.gif?puid=&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/441/441/9/1.gif?puid=0&gdpr=1&gdpr_consent= HTTP 302
  • https://ice.360yield.com/match?publisher_dsp_id=313&dsp_callback=1&external_user_id=ID5-ZHMOd0mInwlTif9xcsTtQoybLaL3_-Kqywe2qDBklw&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F441%2F916%2F8%2F2.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
  • https://ice.360yield.com/ul_cb/match?publisher_dsp_id=313&dsp_callback=1&external_user_id=ID5-ZHMOd0mInwlTif9xcsTtQoybLaL3_-Kqywe2qDBklw&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F441%2F916%2F8%2F2.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/cq/441/916/8/2.gif?puid=ca59166c-e13e-4269-84f1-dd1bf9eea3e2&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent= HTTP 302
  • https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOd0mInwlTif9xcsTtQoybLaL3_-Kqywe2qDBklw&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F441%2F124%2F7%2F3.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/cq/441/124/7/3.gif?puid=ca59166c-e13e-4269-84f1-dd1bf9eea3e2&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent= HTTP 302
  • https://ads.avocet.io/getuid?url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F146%2F6%2F4.gif%3Fpuid%3D%7B%7BUUID%7D%7D%26gdpr%3D1%26gdpr_consent%3D HTTP 307
  • https://ads.avct.cloud/getuid?r=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F146%2F6%2F4.gif%3Fpuid%3D%7B%7BUUID%7D%7D%26gdpr%3D1%26gdpr_consent%3D HTTP 307
  • https://ads.avct.cloud/getuid?bounce=true&r=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F146%2F6%2F4.gif%3Fpuid%3D%7B%7BUUID%7D%7D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
  • https://id5-sync.com/c/441/146/6/4.gif?puid=e13e4942-bb5c-4748-bf70-13ca401df45c&gdpr=1&gdpr_consent= HTTP 302
  • https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=id517&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY HTTP 303
  • https://cookie-matching.mediarithmics.com/v1/get_or_create?sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&domid=1033 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domid=1033&ops=apx HTTP 302
  • https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domid=1033&ops=apx&google_gid=CAESENhfZI8DgGPrs4alzBQRINQ&google_cver=1 HTTP 303
  • https://ib.adnxs.com/getuid?https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=$UID&opid=apx&ops=&utidl=tech:goo:CAESENhfZI8DgGPrs4alzBQRINQ&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&action=GET_ID&etid=&domid=1033 HTTP 302
  • https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=766210064566899255&opid=apx&ops=&utidl=tech:goo:CAESENhfZI8DgGPrs4alzBQRINQ&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&action=GET_ID&etid=&domid=1033 HTTP 303
  • https://id5-sync.com/qp/18.gif?puid=vec%3A21661737673&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY HTTP 302
  • https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/441/19/4/6.gif?puid=${profile_id}&gdpr=1&gdpr_consent= HTTP 302
  • https://sync.crwdcntrl.net/map/ct=y/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/441/19/4/6.gif?puid=${profile_id}&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/441/19/4/6.gif?puid=720bab5f9f0b67c9e40845d57bc16fc0&gdpr=1&gdpr_consent=
Request Chain 314
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=377e616e-6bba-4b00-b205-f935f15fa8d9
Request Chain 315
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=7B7FbexNkTz3F5U96RveOeIdxj33G8Aw6hkiKVIG
Request Chain 316
  • https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=7438364641879739464
Request Chain 319
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEA4s9jdl3rVF1QpEIoRxfJg&google_cver=1
Request Chain 321
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=377e616e-6bba-4b00-b205-f935f15fa8d9
Request Chain 322
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=7B7FbexNkTz3F5U96RveOeIdxj33G8Aw6hkiKVIG
Request Chain 323
  • https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=1074225481144244828
Request Chain 326
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEA4s9jdl3rVF1QpEIoRxfJg&google_cver=1
Request Chain 328
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=1&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEG-o1uxxKSjCMHIh2ZbdH9c&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
Request Chain 329
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=1&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjczMTA3MTc5Mzg4MDI3NjM0Ng%3D%3D
Request Chain 331
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/2731071793880276346?gdpr=1&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-Nqnhpi5E2oQ6QC9O32oqolMaXAl8Jfr2.B6GE4hsQw--~A&dongle=0883
Request Chain 334
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=1&gdpr_consent=&uid=2731071793880276346 HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=2731071793880276346&dcc=t
Request Chain 335
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=1&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Request Chain 336
  • https://ad.turn.com/r/cs?pid=49&gdpr=1&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=4771&xuid=8855095619967553796&dongle=d407
Request Chain 338
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=1&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEG-o1uxxKSjCMHIh2ZbdH9c&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
Request Chain 339
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=1&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjczMTA3MTc5Mzg4MDI3NjM0Ng%3D%3D
Request Chain 341
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/2731071793880276346?gdpr=1&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-cxg7chJE2oSGi3zHON1MUxUleKNTVK16hdLsed0VdA--~A&dongle=0883
Request Chain 344
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=1&gdpr_consent=&uid=2731071793880276346 HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=2731071793880276346&dcc=t
Request Chain 345
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=1&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Request Chain 346
  • https://ad.turn.com/r/cs?pid=49&gdpr=1&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=4771&xuid=2514027344629895428&dongle=d407
Request Chain 347
  • https://token.rubiconproject.com/token?pid=26594 HTTP 302
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KUXQEK0G-17-G29I&sigv=1&esig=2~af7e54217376dc0e55e6b852c76bd0be449fb0be
Request Chain 348
  • https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=377e616e-6bba-4b00-b205-f935f15fa8d9&expires=28
Request Chain 349
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/LIfdTnv88bZtziHReFDi_cn5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=1396926976839349167
Request Chain 350
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1VYUUVLMEctMTctRzI5SQ==
Request Chain 351
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESENg0fpjajmxPlp8nN0OD-rY&google_cver=1
Request Chain 353
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&_test=YW5rugAKP0X2fwAT HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YW5rugAKP0X2fwAT&_test=YW5rugAKP0X2fwAT
Request Chain 354
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YWNkMTVhZTBjMDMwNzRhZjExMWFmMmQzN2ZkNTI5MDEwMDEwMThhNA
Request Chain 355
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17632&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
Request Chain 358
  • https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D19%26userId%3D%24%7BUID%7D HTTP 302
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=19&userId=c41b2d25-aebd-00e9-3bec-19cf1925f052
Request Chain 359
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D28%26userId%3D%24UID HTTP 302
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=28&userId=766210064566899255
Request Chain 360
  • https://pixel.advertising.com/ups/56621/occ HTTP 302
  • https://pixel.advertising.com/ups/56621/occ?verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/56621/occ?apid=UP74c5f7c9-30a9-11ec-9ab3-0699c21278c8 HTTP 302
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=29&userId=UP74c5f7c9-30a9-11ec-9ab3-0699c21278c8
Request Chain 361
  • https://ssum-sec.casalemedia.com/usermatchredir?s=185073&cb=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D&s=185073&C=1 HTTP 302
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=1&userId=YW5ruj03VO2h8Jk7chPJ.QAA%261202
Request Chain 362
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D24%26userId%3D%24UID HTTP 307
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D24%26userId%3D%24UID&sovrn_retry=true HTTP 307
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=24&userId=e7ce27eb85f16d6f8da9f819
Request Chain 364
  • https://e.serverbid.com/udb/9969/match?redir=https://p.adsymptotic.com/d/px/?_pid=15964%26_rand=0.007596149442906208%26_psign=7af0e337a8b79b30c2c8126809252942%26_puuid= HTTP 302
  • https://p.adsymptotic.com/d/px/ue1-sb1-e790698c-0f10-4f43-95ef-811df32ffb2e
Request Chain 365
  • https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D19%26userId%3D%24%7BUID%7D HTTP 302
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=19&userId=c41b2d25-aebd-00e9-3bec-19cf1925f052
Request Chain 366
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D28%26userId%3D%24UID HTTP 302
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=28&userId=766210064566899255
Request Chain 367
  • https://pixel.advertising.com/ups/56621/occ HTTP 302
  • https://pixel.advertising.com/ups/56621/occ?verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/56621/occ?apid=UP74c5f7c9-30a9-11ec-9ab3-0699c21278c8 HTTP 302
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=29&userId=UP74c5f7c9-30a9-11ec-9ab3-0699c21278c8
Request Chain 368
  • https://ssum-sec.casalemedia.com/usermatchredir?s=185073&cb=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D&s=185073&C=1 HTTP 302
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=1&userId=YW5ruj03VO2h8Jk7chPJ.QAA%261202
Request Chain 369
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D24%26userId%3D%24UID HTTP 307
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D24%26userId%3D%24UID&sovrn_retry=true HTTP 307
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=24&userId=e7ce27eb85f16d6f8da9f819
Request Chain 371
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17632&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
Request Chain 374
  • https://e.serverbid.com/udb/9969/match?redir=https://p.adsymptotic.com/d/px/?_pid=15964%26_rand=0.535913518639821%26_psign=7af0e337a8b79b30c2c8126809252942%26_puuid= HTTP 302
  • https://p.adsymptotic.com/d/px/ue1-sb1-e790698c-0f10-4f43-95ef-811df32ffb2e
Request Chain 382
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5013542200496637328
Request Chain 384
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7020667320028690575
Request Chain 385
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFCamgwN0MzTmNBQUJhYnBJT1ZKdw&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AABjh07C3NcAABabpIOVJw&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2%26userid%3DSMART_USER_ID HTTP 302
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=pp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=1067587007258115791 HTTP 303
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AABjh07C3NcAABabpIOVJw&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fuserid%3D1067587007258115791%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3
Request Chain 386
  • https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={device_id}&gdpr=0&gdpr_consent= HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
Request Chain 387
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6277014349 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/47851c73-c703-4281-a114-5a1df1bf2b5f HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-20bb3776-3df1-4790-8a6b-54126b7ee426-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%3D%26piggybackCookie%3DRX-20bb3776-3df1-4790-8a6b-54126b7ee426-003 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-20bb3776-3df1-4790-8a6b-54126b7ee426-003
Request Chain 389
  • https://green.erne.co/pubmatic/cm HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=k8iYWKZeppcU4IalXiNvXq--
Request Chain 391
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Request Chain 392
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID HTTP 302
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=f38e2497-004a-48df-8565-dd79fe2c45f4-tuct867f13b&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Request Chain 395
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=ReGIoBYNS46l-rbf11O5uQ%3D%3D HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Request Chain 396
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=377e616e-6bba-4b00-b205-f935f15fa8d9
Request Chain 397
  • https://pixel.onaudience.com/?partner=214&mapped=45E188A0-160D-4B8E-A5FA-B6DFD753B9B9 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1 HTTP 302
  • https://pixel.onaudience.com/?partner=147&mapped=47851c73-c703-4281-a114-5a1df1bf2b5f&icm HTTP 302
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D HTTP 302
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=720bab5f9f0b67c9e40845d57bc16fc0
Request Chain 398
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NDVFMTg4QTAtMTYwRC00QjhFLUE1RkEtQjZERkQ3NTNCOUI5&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 399
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEN0HbxsXsSX8hX3uxA3-AdM&google_cver=1
Request Chain 401
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=47851c73-c703-4281-a114-5a1df1bf2b5f
Request Chain 402
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=1074225481144244828
Request Chain 403
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:377e616e-6bba-4b00-b205-f935f15fa8d9&gdpr=0&gdpr_consent=
Request Chain 404
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=766210064566899255&gdpr=0&gdpr_consent=
Request Chain 405
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=wG4TcMA9RyHbZ0MgxWsIJM5tECDbaxYtxmnM2srW
Request Chain 406
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=45E188A0-160D-4B8E-A5FA-B6DFD753B9B9&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-5cxIGypE2uU0Y3WKnqGaB7kbzRUXS5s-~A&gdpr=0&gdpr_consent=
Request Chain 408
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=36f15713-a453-481f-97c8-6e47e8f544c5 HTTP 302
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=36f15713-a453-481f-97c8-6e47e8f544c5 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=a1fbb6b2-389d-4ebe-a68e-95b20c94b329&user_group=1&ssp=pubmatic&bsw_param=36f15713-a453-481f-97c8-6e47e8f544c5 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=36f15713-a453-481f-97c8-6e47e8f544c5&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 409
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YW5rugAKP0X2fwAT&gdpr=0&gdpr_consent=
Request Chain 411
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=3bc31baf-7dd9-4cff-8de8-2e23a25b1a53-616e6bb4-5553&gdpr=0&gdpr_consent=
Request Chain 412
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2514027344629895428&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 413
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:52a55946-4b50-49a3-b98e-d93d847f1728&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 414
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=766210064566899255

420 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 35-michiganders-have-died-after-getting-the-covid-vaccine-but-this-stat-is-less-alarming-than-it-seems
www.wxyz.com/news/coronavirus/covid-19-vaccine/ 		249 KB
66 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.wxyz.com/news/coronavirus/covid-19-vaccine/35-michiganders-have-died-after-getting-the-covid-vaccine-but-this-stat-is-less-alarming-than-it-seems
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache Tomcat / Brightspot
Resource Hash
f6bef27cfabc53410c7d0b9103945d97ee2e32eb8e2dd01681c46273f4e829c5

Request headers

Host
www.wxyz.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Content-Type
text/html;charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Cache-Control
max-age=240
Content-Encoding
gzip
Date
Tue, 19 Oct 2021 06:54:43 GMT
Server
Apache Tomcat
X-Powered-By
Brightspot
Vary
Accept-Encoding
X-Cache
Miss from cloudfront
Via
1.1 1fd323b9134f7d940dac0d007036a604.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA56-P5
X-Amz-Cf-Id
VFMgqxaAT9NTp14seCymVrmUC8AbE-IIRifaDputbIxEzj2Pt9rQSA==
All.min.eadade26209563d2ab9edc2d10eef2a9.gz.css
ewscripps.brightspotcdn.com/resource/0000017c-94dc-de1a-af7d-dffc442f0000/styleguide/ 		115 KB
22 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ewscripps.brightspotcdn.com/resource/0000017c-94dc-de1a-af7d-dffc442f0000/styleguide/All.min.eadade26209563d2ab9edc2d10eef2a9.gz.css
Requested by
Host: www.wxyz.com
URL: https://www.wxyz.com/news/coronavirus/covid-19-vaccine/35-michiganders-have-died-after-getting-the-covid-vaccine-but-this-stat-is-less-alarming-than-it-seems
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6f3fe5e8495845313f16cb7c80205210f0e063e4a9fd9daeefcc2c3b73572921

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.wxyz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Mon, 18 Oct 2021 19:23:59 GMT
Content-Encoding
gzip
Connection
keep-alive
Last-Modified
Mon, 18 Oct 2021 19:23:58 GMT
Server
AmazonS3
Age
41445
ETag
"3493cfae74ffe4b22308858b4063021c"
X-Cache
Hit from cloudfront
Content-Type
text/css
Via
1.1 55107fc1be09ed1afcf3154ed9bd93cc.cloudfront.net (CloudFront)
Cache-Control
public, max-age=31536000
X-Amz-Cf-Pop
FRA56-P5
Accept-Ranges
bytes
Content-Length
21521
X-Amz-Cf-Id
boSYNX-99IHWRnZXYgpcd9m3FtIDgJuzyzJAbOsrYThgkdhXq_PydQ==
scsp.js
d25dfknw9ghxs6.cloudfront.net/ 		134 KB
134 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d25dfknw9ghxs6.cloudfront.net/scsp.js
Requested by
Host: www.wxyz.com
URL: https://www.wxyz.com/news/coronavirus/covid-19-vaccine/35-michiganders-have-died-after-getting-the-covid-vaccine-but-this-stat-is-less-alarming-than-it-seems
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.77 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-101-77.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f94366efc6314725e16b4002b1e6903913b1f6d9f5757aec611205dcd0db3596

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.wxyz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id
D6d3wRZSpYd2caAk52T_Z3UgQuNzycNf
via
1.1 6b8ac2d6d64dc42007741d312e2d73ab.cloudfront.net (CloudFront)
last-modified
Tue, 02 Feb 2021 20:14:21 GMT
server
AmazonS3
age
24368
etag
"1315a3807c809bf51bb6f25ee163a270"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Tue, 19 Oct 2021 00:08:36 GMT
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
136817
x-amz-cf-id
zldvyvzF68L6TOvsfLvLJ566ILdw_7KxdfrAMS_Sr-DQNq6eh1yJYQ==
otSDKStub.js
cdn.cookielaw.org/scripttemplates/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Requested by
Host: www.wxyz.com
URL: https://www.wxyz.com/news/coronavirus/covid-19-vaccine/35-michiganders-have-died-after-getting-the-covid-vaccine-but-this-stat-is-less-alarming-than-it-seems
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.149.64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
11b947e74a7ba8f1d433b84ab7a719799ec0662a9035a8b4a2ab4d7d1eb2d681
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.wxyz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 19 Oct 2021 06:54:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
OPcq+YIYFFKAyM1Ar0weOg==
age
24561
vary
Accept-Encoding
content-length
6350
x-ms-lease-status
unlocked
last-modified
Thu, 14 Oct 2021 05:25:41 GMT
server
cloudflare
etag
0x8D98ED3103C1468
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
f5303d73-101e-000d-116c-c437ea000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=691200
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
6a0818c33b098749-DUS
expires
Wed, 27 Oct 2021 06:54:43 GMT
tsu4adm.css
use.typekit.net/ 		21 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/tsu4adm.css
Requested by
Host: www.wxyz.com
URL: https://www.wxyz.com/news/coronavirus/covid-19-vaccine/35-michiganders-have-died-after-getting-the-covid-vaccine-but-this-stat-is-less-alarming-than-it-seems
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.59 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-59.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
7cf89686a83932b96590f942f131f107965fde7ad08b3c7fdbba6c9af641bc22
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.wxyz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
content-encoding
gzip
server
nginx
date
Tue, 19 Oct 2021 06:54:43 GMT
vary
Accept-Encoding
content-type
text/css;charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
1725
all.css
use.fontawesome.com/releases/v5.1.0/css/ 		45 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.1.0/css/all.css
Requested by
Host: www.wxyz.com
URL: https://www.wxyz.com/news/coronavirus/covid-19-vaccine/35-michiganders-have-died-after-getting-the-covid-vaccine-but-this-stat-is-less-alarming-than-it-seems
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.214.69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce91e2144ea27f82292ef2c87c5d9e1d0b9994df63836130293865aca18fc550

Request headers

Referer
https://www.wxyz.com/
Origin
https://www.wxyz.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 06:54:43 GMT
content-encoding
br
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
8750701
access-control-allow-methods
GET
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
WQZ7NXBHQFPB6E3B
x-amz-id-2
7gNA434hwo5qlp0H8P+7YgJt7fiNReNZ5mJ5n63PiXsLfZQFLxCxvozlrDZScpA570E9Tzl3kys=
last-modified
Wed, 30 Jun 2021 15:30:31 GMT
server
cloudflare
etag
W/"826c57385f3d35cfed5478ba7b1f5c03"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pEJwoG2RclL1CqS9JdXYRDulOR5H18VaMHKgGWlzkvIligRzxaDu3SP10%2F3HVsLx5aEa%2BuKUnnbItmHPcSvFX9hWnsLLwSu3Deqqkm0EFlGVp0WoYO%2BcYhNUtpQqFThqQWt58KeA"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556926
cf-ray
6a0818c47feccf4c-IAD
/
ewscripps.brightspotcdn.com/dims4/default/1894ad8/2147483647/strip/true/crop/600x200+0+0/resize/400x133!/quality/90/ 		28 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ewscripps.brightspotcdn.com/dims4/default/1894ad8/2147483647/strip/true/crop/600x200+0+0/resize/400x133!/quality/90/?url=http%3A%2F%2Fewscripps-brightspot.s3.amazonaws.com%2Ff7%2F91%2F8b2f704945148886140bd1cccb87%2Fwxyz-geographic-locator-600x200.png
Requested by
Host: www.wxyz.com
URL: https://www.wxyz.com/news/coronavirus/covid-19-vaccine/35-michiganders-have-died-after-getting-the-covid-vaccine-but-this-stat-is-less-alarming-than-it-seems
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache /
Resource Hash
1071ed33c04a8c55a8480310ff6d41a09078305482508bf7d2ae72a952ed60db

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.wxyz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sat, 24 Jul 2021 20:40:59 GMT
Via
1.1 55107fc1be09ed1afcf3154ed9bd93cc.cloudfront.net (CloudFront)
Connection
keep-alive
Server
Apache
Age
7467224
ETag
7c931707194ecc6fe61b57360aa0b4a8
X-Cache
Hit from cloudfront
Content-Type
image/png
Edge-Control
downstream-ttl=31536000
Cache-Control
max-age=31536000, public
X-Amz-Cf-Pop
FRA56-P5
X-Robots-Tag
nofollow
Content-Length
28785
X-Amz-Cf-Id
dXGNpLv1i6ihc1PUtynC2NZRDLudTlxSAogqNSLqgGyCWLltumDJaw==
Expires
Sun, 24 Jul 2022 20:40:59 GMT
Blank.gif
www.wxyz.com/styleguide/assets/ 		57 B
475 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.wxyz.com/styleguide/assets/Blank.gif
Requested by
Host: www.wxyz.com
URL: https://www.wxyz.com/news/coronavirus/covid-19-vaccine/35-michiganders-have-died-after-getting-the-covid-vaccine-but-this-stat-is-less-alarming-than-it-seems
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
e4447831baf6690d632168390edfd95679cb7b5a09aec2c54d47b0a2343e54aa

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.wxyz.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://www.wxyz.com/news/coronavirus/covid-19-vaccine/35-michiganders-have-died-after-getting-the-covid-vaccine-but-this-stat-is-less-alarming-than-it-seems
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://www.wxyz.com/news/coronavirus/covid-19-vaccine/35-michiganders-have-died-after-getting-the-covid-vaccine-but-this-stat-is-less-alarming-than-it-seems
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sat, 30 Jan 2021 05:39:16 GMT
Via
1.1 1fd323b9134f7d940dac0d007036a604.cloudfront.net (CloudFront)
Connection
keep-alive
Server
Apache-Coyote/1.1
Age
22641326
X-Cache
Hit from cloudfront
Content-Type
image/gif;charset=UTF-8
Cache-Control
public, max-age=31536000
X-Amz-Cf-Pop
FRA56-P5
Content-Length
57
X-Amz-Cf-Id
ri84DM6VHHVqmyBzMRZMhs7rHUJ287EVmzeYXRZhDoLObIVlNLygZQ==
outbrain.js
widgets.outbrain.com/ 		188 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/outbrain.js
Requested by
Host: www.wxyz.com
URL: https://www.wxyz.com/news/coronavirus/covid-19-vaccine/35-michiganders-have-died-after-getting-the-covid-vaccine-but-this-stat-is-less-alarming-than-it-seems
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.190 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-190.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
bd408a5a042b26302422015b360c781e0a7f49de63198b53acedf20931c90b66

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.wxyz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 06:54:43 GMT
content-encoding
gzip
last-modified
Mon, 18 Oct 2021 12:36:51 GMT
etag
W/"2f1e2-IIs5eM92qw6rh9rBNZ8lWT9geoc"
vary
Accept-Encoding
edge-cache-tag
widget-cheetah
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=14400
access-control-allow-credentials
false
access-control-allow-methods
GET,POST
x-traceid
66483557420dd04af8270bc33c5c6186
timing-allow-origin
*, *
content-length
64092
expires
Tue, 19 Oct 2021 10:54:43 GMT
logo-scripps.png
assets.scrippsdigital.com/cms/images/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.scrippsdigital.com/cms/images/logo-scripps.png
Requested by
Host: www.wxyz.com
URL: https://www.wxyz.com/news/coronavirus/covid-19-vaccine/35-michiganders-have-died-after-getting-the-covid-vaccine-but-this-stat-is-less-alarming-than-it-seems
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d66c157e60a88623fc6bb87393d303096b3a2db235ad33c1cdb80ed71ee38c42

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.wxyz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id
8lNexGmb6tKD4SPVOeXslwnzBtFWYJoV
Via
1.1 5297df6326448099cefed6e96fd7b00b.cloudfront.net (CloudFront)
Last-Modified
Mon, 23 Oct 2017 14:04:11 GMT
Server
AmazonS3
Age
10328
ETag
"f46791d665054bf21da09492d448e1d2"
X-Cache
Hit from cloudfront
Content-Type
image/png
Connection
keep-alive
Date
Tue, 19 Oct 2021 04:02:36 GMT
x-amz-replication-status
COMPLETED
X-Amz-Cf-Pop
DUS51-P1
Accept-Ranges
bytes
Content-Length
3532
X-Amz-Cf-Id
FBu_5rJs4YLFrsBNJo7Jd6Dxpseg-CRlKmporBWVKnSaW9amYv-o1w==
All.min.9656e89e5a03da06d3ee6f4b6fbf717b.gz.js
ewscripps.brightspotcdn.com/resource/0000017c-94dc-de1a-af7d-dffc442f0000/styleguide/ 		427 KB
99 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ewscripps.brightspotcdn.com/resource/0000017c-94dc-de1a-af7d-dffc442f0000/styleguide/All.min.9656e89e5a03da06d3ee6f4b6fbf717b.gz.js
Requested by
Host: www.wxyz.com
URL: https://www.wxyz.com/news/coronavirus/covid-19-vaccine/35-michiganders-have-died-after-getting-the-covid-vaccine-but-this-stat-is-less-alarming-than-it-seems
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
da4a85b624e7a71b4aa3827935dae699f7e8769e172ce18dc1ec395967863fbd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.wxyz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Mon, 18 Oct 2021 19:23:59 GMT
Content-Encoding
gzip
Connection
keep-alive
Last-Modified
Mon, 18 Oct 2021 19:23:58 GMT
Server
AmazonS3
Age
41445
ETag
"e9115ed9ae76a1acab3581c3c5fe8c6a"
X-Cache
Hit from cloudfront
Content-Type
text/javascript
Via
1.1 55107fc1be09ed1afcf3154ed9bd93cc.cloudfront.net (CloudFront)
Cache-Control
public, max-age=31536000
X-Amz-Cf-Pop
FRA56-P5
Accept-Ranges
bytes
Content-Length
101117
X-Amz-Cf-Id
eLWAbpb4s1O3hfmbXNCaeluR0SVs3HHL274kKTomwwWi18vpXfes3w==
gtm.js
www.googletagmanager.com/ 		128 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-R48P
Requested by
Host: www.wxyz.com
URL: https://www.wxyz.com/news/coronavirus/covid-19-vaccine/35-michiganders-have-died-after-getting-the-covid-vaccine-but-this-stat-is-less-alarming-than-it-seems
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.168 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
cd87d2f04b6694d2bb9de04698a95bad4f9a6f03286372693a9d2e9e539e5159
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.wxyz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 06:54:44 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43931
x-xss-protection
0
last-modified
Tue, 19 Oct 2021 06:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 19 Oct 2021 06:54:44 GMT
ff983cd0-6c28-474c-9cc4-7a5281d11e05.js
d2s8wlbatk24s7.cloudfront.net/service/js/ 		46 KB
15 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://d2s8wlbatk24s7.cloudfront.net/service/js/ff983cd0-6c28-474c-9cc4-7a5281d11e05.js
Requested by
Host: d25dfknw9ghxs6.cloudfront.net
URL: https://d25dfknw9ghxs6.cloudfront.net/scsp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.242.230 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
ff821a751012337bb73c20f7d84b1129745c6cb4bc13a43d7dc60e19fca7108b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.wxyz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 03:35:01 GMT
content-encoding
br
server
nginx/1.10.3 (Ubuntu)
age
11981
vary
Accept-Encoding
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
access-control-max-age
14400
cache-control
public, max-age=14400
x-cache
Hit from cloudfront
x-amz-cf-pop
DUS51-P1
access-control-allow-headers
*
x-amz-cf-id
yDjNqxoSS-4Q_lgVzt_WTdl9w7trLycoOkh39_y7Y6RUyAGeFfaVfA==
via
1.1 63d9e08bce2adee06986125b699b4cec.cloudfront.net (CloudFront)
000000.json
cdn.cookielaw.org/consent/000000/ 		215 B
652 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/000000/000000.json
Requested by
Host: d25dfknw9ghxs6.cloudfront.net
URL: https://d25dfknw9ghxs6.cloudfront.net/scsp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.149.64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
69576fdeff69f85ccb4bb0cb19c940da43e5ac46cb4c18743964731bf7f76a0e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.wxyz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 06:54:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
100
vary
Accept-Encoding
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/xml
access-control-allow-origin
*
x-ms-request-id
25f10a07-b01e-004f-20b5-c41cfe000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2009-09-19
cf-ray
6a0818c3ba19c4db-DUS
expires
Tue, 19 Oct 2021 10:54:43 GMT
yi.js
sejs.moatads.com/crackedscrippsdfpprebidheader262014341684/ 		212 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sejs.moatads.com/crackedscrippsdfpprebidheader262014341684/yi.js
Requested by
Host: www.wxyz.com
URL: https://www.wxyz.com/news/coronavirus/covid-19-vaccine/35-michiganders-have-died-after-getting-the-covid-vaccine-but-this-stat-is-less-alarming-than-it-seems
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.21.143.57 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-143-57.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
741c60f9358e0d4e4edf5a68ada9f802dd3c1a888156e752cade0054bccac975

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.wxyz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Tue, 19 Oct 2021 06:54:44 GMT
Content-Encoding
gzip
Server
AmazonS3
x-amz-request-id
P2MPP7EGAFXJQYJJ
ETag
"07614a35c20e37449544443cb07a5348"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=48660
Transfer-Encoding
chunked
Connection
keep-alive, Transfer-Encoding
x-amz-id-2
QzpHvRWDoc5pfQJOS/ONEGxYv8lJJicb3vJSCNcQjYHQMJwN4TY9GE+fN9DZX4Z+cQArH27Uh7w=
apstag.js
c.amazon-adsystem.com/aax2/ 		133 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: www.wxyz.com
URL: https://www.wxyz.com/news/coronavirus/covid-19-vaccine/35-michiganders-have-died-after-getting-the-covid-vaccine-but-this-stat-is-less-alarming-than-it-seems
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.210.175 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-210-175.fra56.r.cloudfront.net
Software
Server /
Resource Hash
da263eff6489f28a35d328a1a5895db9adb14c22c40cd35d0afce85414cac701

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.wxyz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id
zTpXqDhrs..xkKPVKkqB8HVtw0cnTzHi
content-encoding
gzip
etag
e2b905aea413c4d7479fb2bb9cbc6c65
age
873
x-cache
Hit from cloudfront
server
Server
x-amz-rid
1SJ2AWY6MX2QRSVC3AVS
date
Tue, 19 Oct 2021 06:40:14 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 4c692717a0e85914a993c3aa5c8a2ef7.cloudfront.net (CloudFront)
cache-control
public, max-age=900
x-amz-cf-pop
FRA56-P3
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
hXHWIjXvKXy5rYuQstCjm6Olq_x3ks2UYstPk3D0mQAU22vgBhGvJQ==
bidexchange.js
hbx.media.net/ 		415 KB
99 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hbx.media.net/bidexchange.js?cid=8CU6Q6626&version=5.1&dn=www.wxyz.com
Requested by
Host: www.wxyz.com
URL: https://www.wxyz.com/news/coronavirus/covid-19-vaccine/35-michiganders-have-died-after-getting-the-covid-vaccine-but-this-stat-is-less-alarming-than-it-seems
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.140.74 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-140-74.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e849470f54355f6410555d901ba4d2380e3028b25f5e81411923940b90ab75aa
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.wxyz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=604800
content-encoding
gzip
server
Apache
date
Tue, 19 Oct 2021 06:54:44 GMT
vary
Accept-Encoding
x-mnet-h
E
content-type
text/javascript; charset=utf-8
cache-control
max-age=1800
timing-allow-origin
*
expires
Tue, 19 Oct 2021 07:24:44 GMT
5776_Scripps_Local_Stations.js
ads.rubiconproject.com/prebid/ 		543 KB
107 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Requested by
Host: www.wxyz.com
URL: https://www.wxyz.com/news/coronavirus/covid-19-vaccine/35-michiganders-have-died-after-getting-the-covid-vaccine-but-this-stat-is-less-alarming-than-it-seems
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.19.35.65 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-35-65.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
c23a9028e37473903cb24a477fdf010875553ca5a9398e90a8794ec4fb970f6d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.wxyz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Tue, 19 Oct 2021 06:54:44 GMT
Content-Encoding
gzip
Last-Modified
Thu, 09 Sep 2021 22:56:22 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3733
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
109615
Expires
Tue, 19 Oct 2021 07:56:57 GMT
p.css
p.typekit.net/ 		5 B
162 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://p.typekit.net/p.css?s=1&k=tsu4adm&ht=tk&f=137.138.139.140.169.170.171.172.175.176.141.142.143.144.147.148.151.152.153.154.155.156.157.160.161.162.165.166.167.168&a=15199297&app=typekit&e=css
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/tsu4adm.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.92.82.154 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-92-82-154.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://use.typekit.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 06:54:43 GMT
last-modified
Wed, 02 Sep 2020 00:59:11 GMT
server
nginx
etag
"5f4eee5f-5"
content-type
text/css
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
5
sdk.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: www.wxyz.com
URL: https://www.wxyz.com/news/coronavirus/covid-19-vaccine/35-michiganders-have-died-after-getting-the-covid-vaccine-but-this-stat-is-less-alarming-than-it-seems
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.60.216.19 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-frx5.fbcdn.net
Software
/
Resource Hash
04648ffd602204930109d65bcb95749b406307be543c04bf4a3646f567b34f6a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.wxyz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
oaM9Re4Xv26S7IWzogXntA==
cross-origin-resource-policy
cross-origin
expires
Tue, 19 Oct 2021 07:01:28 GMT
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
1687
x-fb-rlafr
0
x-fb-debug
LLZD2hY74duX1viAZrqA1c2i3l7m1CshPZep7nBezxt/a0LQW5XxRc+DL/s/z2LqMFcZPE5/J1FJCpQmr1R2SA==
x-fb-trip-id
917726464
x-fb-content-md5
a700a6de09a76d7ab360a2732d0ba6ca
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Tue, 19 Oct 2021 06:54:44 GMT
x-frame-options
DENY
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"3e7cd811739e1f6a11e129bbe06e37b6"
timing-allow-origin
*
priority
u=3,i
access-control-expose-headers
X-FB-Content-MD5
fa-solid-900.woff2
use.fontawesome.com/releases/v5.1.0/webfonts/ 		58 KB
59 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.1.0/webfonts/fa-solid-900.woff2
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.1.0/css/all.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.214.69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a83079124373d924ad1402fbc08d2e24d0043234d4c26565f1c368745f55f5d9

Request headers

Referer
https://use.fontawesome.com/releases/v5.1.0/css/all.css
Origin
https://www.wxyz.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 06:54:44 GMT
access-control-allow-methods
GET
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
8750522
cf-ray
6a0818c538dccf4c-IAD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
59572
x-amz-id-2
ycfcylYFA3V4tbm4ejmkk4fTNWGhkp81G0W1+KKNZsVKhQhcq+GMGOenIlPIjD94mbxh+LmZOuM=
last-modified
Wed, 30 Jun 2021 15:30:49 GMT
server
cloudflare
etag
"18d2347ab2a9f40ca2247cdb03303d84"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NdQJ1bHcKW4w7I1Yhe64N3UvmZ3AYbqtXlbClih00yzgxUuJ5vpgN0xR2n0bxqL%2F4UA%2F9Kr06%2FJL7kb0DCvEq1q%2FE8PEAKud8N1F4Rrggnt2gdtd%2F31kI3JkBqPudez4y7%2F8%2B0pi"}],"group":"cf-nel","max_age":604800}
x-amz-request-id
GZGQ4K272FFS7D7E
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
content-type
font/woff2
l
use.typekit.net/af/efe4a5/00000000000000007735e609/30/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/efe4a5/00000000000000007735e609/30/l?primer=7fa3915bdafdf03041871920a205bef951d72bf64dd4c4460fb992e3ecc3a862&fvd=n4&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/tsu4adm.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.59 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-59.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
6134c69a4499afd5f1c8aa273268c18604922248782917819d91e9cdfdf22995

Request headers

Referer
https://use.typekit.net/tsu4adm.css
Origin
https://www.wxyz.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 06:54:44 GMT
server
nginx
etag
"ef52ad3657e4d4a42c21db6c00d5c7ccc649bc94"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
16564
l
use.typekit.net/af/8738d8/00000000000000007735e611/30/ 		16 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/8738d8/00000000000000007735e611/30/l?primer=7fa3915bdafdf03041871920a205bef951d72bf64dd4c4460fb992e3ecc3a862&fvd=n8&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/tsu4adm.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.59 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-59.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
d63fa770adfd344ffffd30e315719e539d341a6f71d0d6ad6a5c312a85e95fed

Request headers

Referer
https://use.typekit.net/tsu4adm.css
Origin
https://www.wxyz.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 06:54:44 GMT
server
nginx
etag
"a5565f97e4389f39e94f7880b2c8088023e4d88a"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
16884
l
use.typekit.net/af/2555e1/00000000000000007735e603/30/ 		16 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/2555e1/00000000000000007735e603/30/l?primer=7fa3915bdafdf03041871920a205bef951d72bf64dd4c4460fb992e3ecc3a862&fvd=n7&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/tsu4adm.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.59 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-59.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
cb2f89e554453cd1e53c403748945f0fc04314a5395c72160f06367d49cb9d26

Request headers

Referer
https://use.typekit.net/tsu4adm.css
Origin
https://www.wxyz.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 06:54:44 GMT
server
nginx
etag
"96c7595dad6bb306bf9cc4c7a3b3d28654c7d636"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
16832
fa-brands-400.woff2
use.fontawesome.com/releases/v5.1.0/webfonts/ 		62 KB
62 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.1.0/webfonts/fa-brands-400.woff2
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.1.0/css/all.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.214.69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
62b5e7ae9e2ed60dcd7cb2e0823dd0884575f2176aff629f2df1e912dfae20e1

Request headers

Referer
https://use.fontawesome.com/releases/v5.1.0/css/all.css
Origin
https://www.wxyz.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 06:54:44 GMT
access-control-allow-methods
GET
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
8750522
cf-ray
6a0818c538e0cf4c-IAD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
63376
x-amz-id-2
xDFIZLfy/vg2HgnDmyeoYVInv2RVO5tqT+w25LIHrB2kNdo0CmujxChOBdRekhA7wtabp6e1W70=
last-modified
Wed, 30 Jun 2021 15:30:49 GMT
server
cloudflare
etag
"f319eac1c755f9929fd856720ce1695e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9Tf5fdsNvGxN9R1QNU2aC4lMTRe5we%2FMjr3TYxPcqsyVq1x6%2FbShmc%2FHv3N6uq%2BT%2F4Sfjqa75D0xEefzWYAMM6Fo%2B7%2FPpocmh72ryy7lR0rQhZgGj56iZdcKbJdtCfRcCSa13hou"}],"group":"cf-nel","max_age":604800}
x-amz-request-id
GZGH9E680QRHAFMW
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
content-type
font/woff2
l
use.typekit.net/af/3322cc/00000000000000007735e616/30/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/3322cc/00000000000000007735e616/30/l?primer=7fa3915bdafdf03041871920a205bef951d72bf64dd4c4460fb992e3ecc3a862&fvd=i4&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/tsu4adm.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.59 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-59.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
7ed745876681f5eb84b060ea14a057f52c6ce64cbfe5b0e43cafe1f97bf52c1c

Request headers

Referer
https://use.typekit.net/tsu4adm.css
Origin
https://www.wxyz.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 06:54:44 GMT
server
nginx
etag
"71f986ad2b4d0b6a0e5a056380e0c8c577137ae8"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
17208
d3d3Lnd4eXouY29t
tcheck.outbrainimg.com/tcheck/check/ 		15 B
461 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tcheck.outbrainimg.com/tcheck/check/d3d3Lnd4eXouY29t
Requested by
Host: d25dfknw9ghxs6.cloudfront.net
URL: https://d25dfknw9ghxs6.cloudfront.net/scsp.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.21.143.94 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-143-94.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
39d160e97e2bea07b0cf1c647259ffa4f0bd07069dba4e6c19a22d38b408510f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.wxyz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Tue, 19 Oct 2021 06:54:44 GMT
ETag
W/"f-ayLlCL3PuzXSThdu78iReSEjl6Y"
Access-Control-Max-Age
43200
Access-Control-Allow-Methods
GET,POST
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=25155
Access-Control-Allow-Credentials
false
Connection
keep-alive
X-TraceId
2e4daaac5b40524443163d54ef78efb
Content-Length
15
Expires
Tue, 19 Oct 2021 13:53:59 GMT
px.gif
widget-pixels.outbrain.com/widget/detect/ 		43 B
342 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widget-pixels.outbrain.com/widget/detect/px.gif?ch=1&rn=3.589004741923605
Requested by
Host: www.wxyz.com
URL: https://www.wxyz.com/news/coronavirus/covid-19-vaccine/35-michiganders-have-died-after-getting-the-covid-vaccine-but-this-stat-is-less-alarming-than-it-seems
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.190 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-190.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.wxyz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 06:54:44 GMT
last-modified
Wed, 30 Sep 2020 14:22:29 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1601475749.911431"
access-control-allow-methods
GET,POST
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
43
expires
Thu, 18 Nov 2021 06:54:44 GMT
p.js
cdn.parsely.com/keys/wxyz.com/ 		66 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.parsely.com/keys/wxyz.com/p.js
Requested by
Host: www.wxyz.com
URL: https://www.wxyz.com/news/coronavirus/covid-19-vaccine/35-michiganders-have-died-after-getting-the-covid-vaccine-but-this-stat-is-less-alarming-than-it-seems
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.100.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
54043aec94a8eb89b42fd11b81e743bf7153d4704578d4e614ffd43ff8dda626

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.wxyz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
public
date
Tue, 19 Oct 2021 01:05:47 GMT
content-encoding
gzip
last-modified
Tue, 02 Feb 2021 21:16:59 GMT
server
nginx
age
20937
etag
W/"6019c14b-1070d"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 666eddda46892ed48d8d771b6142ac24.cloudfront.net (CloudFront)
cache-control
max-age=86400, public
x-amz-cf-pop
FRA56-P2
x-amz-cf-id
tTBsNd6_7zzqueDtPds68SRm-3s70k1twa9VDM-vMljZmDj-xM4_qQ==
expires
Wed, 20 Oct 2021 01:05:47 GMT
connatix.playspace.dc.js
cds.connatix.com/p/133566/ Frame 385C
Redirect Chain
  • https://cd.connatix.com/connatix.playspace.js
  • https://cds.connatix.com/p/133566/connatix.playspace.dc.js
1 MB
235 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cds.connatix.com/p/133566/connatix.playspace.dc.js
Requested by
Host: www.wxyz.com
URL: https://www.wxyz.com/news/coronavirus/covid-19-vaccine/35-michiganders-have-died-after-getting-the-covid-vaccine-but-this-stat-is-less-alarming-than-it-seems
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
9d8a633f49f73344254aaf97549b037c397addbcf66cb8346406b6fc8c1ae9f9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 06:54:44 GMT
content-encoding
br
last-modified
Mon, 18 Oct 2021 16:56:24 GMT
age
50068
etag
"05bcee757271e32539795e73eced8110"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
access-control-max-age
86400
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
content-length
240651

Redirect headers

location
https://cds.connatix.com/p/133566/connatix.playspace.dc.js
date
Tue, 19 Oct 2021 06:54:44 GMT
cache-control
no-cache, no-store, must-revalidate, max-age=0
age
0
accept-ranges
bytes
content-length
0
retry-after
0
poster_f0ab693ac9ed4b15b18dbfe1f7e5523f.jpg
x-default-stgec.uplynk.com/ausw/slices/4f5/be88c4e651db4a7dbe102614d7272948/4f540a88fc44431bbf99302539b564c6/ 		63 KB
63 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x-default-stgec.uplynk.com/ausw/slices/4f5/be88c4e651db4a7dbe102614d7272948/4f540a88fc44431bbf99302539b564c6/poster_f0ab693ac9ed4b15b18dbfe1f7e5523f.jpg
Requested by
Host: www.wxyz.com
URL: https://www.wxyz.com/news/coronavirus/covid-19-vaccine/35-michiganders-have-died-after-getting-the-covid-vaccine-but-this-stat-is-less-alarming-than-it-seems
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.220.181 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8E87) /
Resource Hash
d28018b229e2723b7be8c01765701545f01fd28fb898b8609d7ec839368ca3d0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.wxyz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 06:54:44 GMT
etag
"d34cae3943d65049e7678e11516746f4"
last-modified
Fri, 26 Feb 2021 23:10:31 GMT
server
ECAcc (frc/8E87)
age
155705
x-amz-server-side-encryption
AES256
content-type
image/jpeg
access-control-allow-origin
*
x-amz-request-id
4Y55ST1WSPYGND98
accept-ranges
bytes
content-length
64402
x-amz-id-2
ulliCYrt9cu+dAWM19SdvdyAvV9uG2HAxVTRFYcQMo9UjXUyToSsfEqTStuG5mJKoqoswmQldFE=
x-ec-put2cache
1
/
ewscripps.brightspotcdn.com/dims4/default/2fbf030/2147483647/strip/true/crop/1920x1080+0+0/resize/1280x720!/quality/90/ 		73 KB
73 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ewscripps.brightspotcdn.com/dims4/default/2fbf030/2147483647/strip/true/crop/1920x1080+0+0/resize/1280x720!/quality/90/?url=http%3A%2F%2Fewscripps-brightspot.s3.amazonaws.com%2F5a%2F40%2F0b76b8b04e66aed71f426bec325b%2Fvaccine.jpg
Requested by
Host: www.wxyz.com
URL: https://www.wxyz.com/news/coronavirus/covid-19-vaccine/35-michiganders-have-died-after-getting-the-covid-vaccine-but-this-stat-is-less-alarming-than-it-seems
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache /
Resource Hash
b044bb381a7a5adfcb17c76f69bea7dcb06b1c17992806804cf13f2b7752957b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.wxyz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Fri, 29 Jan 2021 01:06:54 GMT
Via
1.1 55107fc1be09ed1afcf3154ed9bd93cc.cloudfront.net (CloudFront)
Connection
keep-alive
Server
Apache
Age
22744070
ETag
232612cc154cf911e7d93793e2881027
X-Cache
Hit from cloudfront
Content-Type
image/jpeg
Edge-Control
downstream-ttl=31536000
Cache-Control
max-age=31536000, public
X-Amz-Cf-Pop
FRA56-P5
X-Robots-Tag
nofollow
Content-Length
74270
X-Amz-Cf-Id
SOUmT7A0z2z64cLSWlhD43wwGYR5soDt1fJCKXgZWtTXc73jv1G_yg==
Expires
Sat, 29 Jan 2022 01:06:54 GMT
placement_invocation
ob.cheqzone.com/ 		50 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ob.cheqzone.com/placement_invocation?id=65349&idx=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.112.22 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-112-22.hel50.r.cloudfront.net
Software
/
Resource Hash
c76853b9b64b3fb4b4cfbd22885e4cc2e3f14918020efb69a1df8eaeeb2a3b8e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.wxyz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 21:11:19 GMT
content-encoding
gzip
cheq_headers_order
Content-Type Cache-Control Expires Etag Content-Length Content-Encoding Date Connection
age
35005
etag
"c6e6-H+PLdQz0EEd97ZlT78HNXlxTPcM"
x-cache
Hit from cloudfront
content-type
text/javascript; charset=utf-8
via
1.1 3f6ea9dc2daf7899e40c190c4d465fd1.cloudfront.net (CloudFront)
cache-control
max-age=43200
x-amz-cf-pop
HEL50-C2
content-length
19276
x-amz-cf-id
PlT6JWdrsbCJl5uG3iAfNyDCL0KjXsYyuyeLwem6KHBvIjLGSpcTzQ==
expires
Tue, 19 Oct 2021 09:11:19 GMT
sdk.js
connect.facebook.net/en_US/ 		265 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=e12a85028171506ef2bdf870b7f352a9
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
185.60.216.19 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-frx5.fbcdn.net
Software
/
Resource Hash
df63ea6310408e483620c3032fc6b758f515a838f913df7acaf503ac58a1aa0e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.wxyz.com/
Origin
https://www.wxyz.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
f4BUKOp7kwOfdaHuaL4xdg==
cross-origin-resource-policy
cross-origin
expires
Wed, 19 Oct 2022 06:41:28 GMT
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
76543
x-fb-rlafr
0
x-fb-debug
+XvV1LhTYmhn1AlTUZXLBqwU/dtmOTVbclFT6VukZwe5bud/HxVjGdK9bhtE1Lp1tmWxMhQbHIAqhYWgAbS6Rg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
65c05c60401e175cf104f4cf39f6ebe8
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 19 Oct 2021 06:54:44 GMT
x-frame-options
DENY
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"f8946225caead5af6d3e4973827849c3"
timing-allow-origin
*
priority
u=3,i
access-control-expose-headers
X-FB-Content-MD5
config
c.amazon-adsystem.com/cdn/prod/ 		0
301 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=3295&u=https%3A%2F%2Fwww.wxyz.com%2Fnews%2Fcoronavirus%2Fcovid-19-vaccine%2F35-michiganders-have-died-after-getting-the-covid-vaccine-but-this-stat-is-less-alarming-than-it-seems
Requested by
Host: d25dfknw9ghxs6.cloudfront.net
URL: https://d25dfknw9ghxs6.cloudfront.net/scsp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.210.175 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-210-175.fra56.r.cloudfront.net
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.wxyz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 06:54:44 GMT
via
1.1 4c692717a0e85914a993c3aa5c8a2ef7.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P3
x-cache
Miss from cloudfront
access-control-allow-origin
https://www.wxyz.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-id
AIDEHAiKnQ891Lcf3WA7mNjbMhHtI8_WKtDEqzahU1l7jBr8zVJTjw==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: d25dfknw9ghxs6.cloudfront.net
URL: https://d25dfknw9ghxs6.cloudfront.net/scsp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.210.175 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-210-175.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.wxyz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id
c91ZTIbLZrDqT0mloV_AD7.LNsTlhW69
content-encoding
gzip
etag
W/"a4d296427fc806b21335359e398c025c"
age
4419
x-cache
Hit from cloudfront
access-control-max-age
3000
access-control-allow-origin
*
last-modified
Thu, 07 Oct 2021 01:02:33 GMT
server
AmazonS3
date
Tue, 19 Oct 2021 05:50:22 GMT
vary
Origin
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 29f7132906866b79866659848b3a3b69.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
FRA56-P3
x-amz-cf-id
xn65Gd4kjs9tX4oQ4THAczc3a25BKzmhMQuZi8LpKIeaJUjvKa5jXQ==
/
p1.parsely.com/plogger/ 		43 B
258 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p1.parsely.com/plogger/?rand=1634626484171&plid=84659947&idsite=wxyz.com&url=https%3A%2F%2Fwww.wxyz.com%2Fnews%2Fcoronavirus%2Fcovid-19-vaccine%2F35-michiganders-have-died-after-getting-the-covid-vaccine-but-this-stat-is-less-alarming-than-it-seems&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%7D&sid=1&surl=https%3A%2F%2Fwww.wxyz.com%2Fnews%2Fcoronavirus%2Fcovid-19-vaccine%2F35-michiganders-have-died-after-getting-the-covid-vaccine-but-this-stat-is-less-alarming-than-it-seems&sref=&sts=1634626484163&slts=0&title=35+Michiganders+have+died+post+vaccination+%E2%80%94%C2%A0but+this+stat+is+less+alarming+than+it+seems&date=Tue+Oct+19+2021+06%3A54%3A44+GMT%2B0000+(GMT)&action=pageview&pvid=50101668&u=pid%3D605f46f2b0d91ece47e6bec45a1ff9ee
Requested by
Host: www.wxyz.com
URL: https://www.wxyz.com/news/coronavirus/covid-19-vaccine/35-michiganders-have-died-after-getting-the-covid-vaccine-but-this-stat-is-less-alarming-than-it-seems
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.144.144.142 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-144-144-142.compute-1.amazonaws.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.wxyz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Tue, 19 Oct 2021 06:54:44 GMT
Cache-Control
no-cache
Last-Modified
Tuesday, 19-Oct-2021 06:54:44 GMT
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
activityi;dc_pre=COCqwJfy1fMCFQz3UQodK14JTg;src=4394967;type=wxyz;cat=pc_tt0;ord=2650410390512;gtm=2wgad0;auiddc=573424486.1634626484;u1=COVID-19%20Vaccine;u2=35%20Michiganders%20have%20died%20post...
4394967.fls.doubleclick.net/ Frame 41D4
Redirect Chain
  • https://4394967.fls.doubleclick.net/activityi;src=4394967;type=wxyz;cat=pc_tt0;ord=2650410390512;gtm=2wgad0;auiddc=573424486.1634626484;u1=COVID-19%20Vaccine;u2=35%20Michiganders%20have%20died%20po...
  • https://4394967.fls.doubleclick.net/activityi;dc_pre=COCqwJfy1fMCFQz3UQodK14JTg;src=4394967;type=wxyz;cat=pc_tt0;ord=2650410390512;gtm=2wgad0;auiddc=573424486.1634626484;u1=COVID-19%20Vaccine;u2=35...
772 B
573 B 		Document
General
Check archive.org
Download Go to
Full URL
https://4394967.fls.doubleclick.net/activityi;dc_pre=COCqwJfy1fMCFQz3UQodK14JTg;src=4394967;type=wxyz;cat=pc_tt0;ord=2650410390512;gtm=2wgad0;auiddc=573424486.1634626484;u1=COVID-19%20Vaccine;u2=35%20Michiganders%20have%20died%20post%20vaccination%20%E2%80%94%C2%A0but%20this%20stat%20is%20less%20alarming%20than%20it%20seems;~oref=https%3A%2F%2Fwww.wxyz.com%2Fnews%2Fcoronavirus%2Fcovid-19-vaccine%2F35-michiganders-have-died-after-getting-the-covid-vaccine-but-this-stat-is-less-alarming-than-it-seems?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-R48P
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f6.1e100.net
Software
cafe /
Resource Hash
8ecad9c7e03993e0309593c13bc423d238cf3071a13b4ff15d7f9fc4403fe6c6
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
4394967.fls.doubleclick.net
:scheme
https
:path
/activityi;dc_pre=COCqwJfy1fMCFQz3UQodK14JTg;src=4394967;type=wxyz;cat=pc_tt0;ord=2650410390512;gtm=2wgad0;auiddc=573424486.1634626484;u1=COVID-19%20Vaccine;u2=35%20Michiganders%20have%20died%20post%20vaccination%20%E2%80%94%C2%A0but%20this%20stat%20is%20less%20alarming%20than%20it%20seems;~oref=https%3A%2F%2Fwww.wxyz.com%2Fnews%2Fcoronavirus%2Fcovid-19-vaccine%2F35-michiganders-have-died-after-getting-the-covid-vaccine-but-this-stat-is-less-alarming-than-it-seems?
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.wxyz.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
about:blank

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Tue, 19 Oct 2021 06:54:44 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
strict-transport-security
max-age=21600
content-type
text/html; charset=UTF-8
pragma
no-cache
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
548
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Tue, 19-Oct-2021 07:09:44 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Tue, 19 Oct 2021 06:54:44 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
follow-only-when-prerender-shown
1
strict-transport-security
max-age=21600
location
https://4394967.fls.doubleclick.net/activityi;dc_pre=COCqwJfy1fMCFQz3UQodK14JTg;src=4394967;type=wxyz;cat=pc_tt0;ord=2650410390512;gtm=2wgad0;auiddc=573424486.1634626484;u1=COVID-19%20Vaccine;u2=35%20Michiganders%20have%20died%20post%20vaccination%20%E2%80%94%C2%A0but%20this%20stat%20is%20less%20alarming%20than%20it%20seems;~oref=https%3A%2F%2Fwww.wxyz.com%2Fnews%2Fcoronavirus%2Fcovid-19-vaccine%2F35-michiganders-have-died-after-getting-the-covid-vaccine-but-this-stat-is-less-alarming-than-it-seems?
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
/
api.ewscloud.com/prod/scheduler/v1/com.wxyz/schedules/current/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.ewscloud.com/prod/scheduler/v1/com.wxyz/schedules/current/?type=web
Protocol
H2
Server
13.32.121.95 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-95.fra60.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
authorization
Origin
https://www.wxyz.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

content-type
application/json
content-length
0
date
Tue, 19 Oct 2021 06:54:44 GMT
x-amzn-requestid
07f80e99-cb7e-4074-a123-0ef7adf8d101
access-control-allow-origin
*
access-control-allow-headers
Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
x-amz-apigw-id
HcXEOGSBIAMF6aA=
access-control-allow-methods
GET,OPTIONS
x-amzn-trace-id
Root=1-616e6bb4-6d2cf4e37f4fa2175ae39842
x-cache
Miss from cloudfront
via
1.1 8c08c39035033b8c904aa0e3f734d6c7.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P1
x-amz-cf-id
hSI9ePWh1tcDIO5FQeBcUrkDsWiI7vLe9KNkOx0InAUh_sAgy90nBA==
quant.js
secure.quantserve.com/ 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: www.wxyz.com
URL: https://www.wxyz.com/news/coronavirus/covid-19-vaccine/35-michiganders-have-died-after-getting-the-covid-vaccine-but-this-stat-is-less-alarming-than-it-seems
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.228.74.198 , United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
2d452ca7bf499867307ebfa48373084a42e1f56ec0a26e5bb2e12f01888c3cc9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.wxyz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 06:54:44 GMT
content-encoding
gzip
etag
"XUylRaJiJNdi08iU32oNYQ=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
expires
Tue, 26 Oct 2021 06:54:44 GMT
beacon.js
sb.scorecardresearch.com/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: www.wxyz.com
URL: https://www.wxyz.com/news/coronavirus/covid-19-vaccine/35-michiganders-have-died-after-getting-the-covid-vaccine-but-this-stat-is-less-alarming-than-it-seems
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.253.71 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-253-71.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.wxyz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 02:23:43 GMT
content-encoding
gzip
etag
W/"1827f116c73f319409b97f10b8a58ade"
last-modified
Fri, 26 Feb 2021 14:35:05 GMT
server
AmazonS3
age
16269
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 df86e917220bc08caa68b0eb8ddabe91.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
x-amz-cf-id
JIYd-Qqjs6M4nGtxwouPz2Xto1quIBEI2qxtOZ1f1c-vGvSls_28iA==
fbevents.js
connect.facebook.net/en_US/ 		98 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.wxyz.com
URL: https://www.wxyz.com/news/coronavirus/covid-19-vaccine/35-michiganders-have-died-after-getting-the-covid-vaccine-but-this-stat-is-less-alarming-than-it-seems
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
185.60.216.19 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-frx5.fbcdn.net
Software
/
Resource Hash
4b5e988359c30afd1d84b7a5118296f1fc33f4527d530b096ca27aa7fbfef99a
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.wxyz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
25969
x-xss-protection
0
pragma
public
x-fb-debug
jBHlThbtOxnnJ8qLt0NklRXMghNGOxrlK9Nbtan4lDiNzZzq2o7xEUMfhgwn/NgVbDlF7v7k8ambDozKW8YGiw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Tue, 19 Oct 2021 06:54:44 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
breaking-news-alerts
www.wxyz.com/ 		74 KB
75 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.wxyz.com/breaking-news-alerts?_renderer=json
Requested by
Host: ewscripps.brightspotcdn.com
URL: https://ewscripps.brightspotcdn.com/resource/0000017c-94dc-de1a-af7d-dffc442f0000/styleguide/All.min.9656e89e5a03da06d3ee6f4b6fbf717b.gz.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache Tomcat / Brightspot
Resource Hash
a30b486ec17bfb07fca32fe953ab7da1d28fe0ee3cc58cba844d10cde8ab404c

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.wxyz.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
empty
Referer
https://www.wxyz.com/news/coronavirus/covid-19-vaccine/35-michiganders-have-died-after-getting-the-covid-vaccine-but-this-stat-is-less-alarming-than-it-seems
Cookie
_parsely_session={%22sid%22:1%2C%22surl%22:%22https://www.wxyz.com/news/coronavirus/covid-19-vaccine/35-michiganders-have-died-after-getting-the-covid-vaccine-but-this-stat-is-less-alarming-than-it-seems%22%2C%22sref%22:%22%22%2C%22sts%22:1634626484163%2C%22slts%22:0}; _parsely_visitor={%22id%22:%22pid=605f46f2b0d91ece47e6bec45a1ff9ee%22%2C%22session_count%22:1%2C%22last_session_ts%22:1634626484163}; _gcl_au=1.1.573424486.1634626484
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://www.wxyz.com/news/coronavirus/covid-19-vaccine/35-michiganders-have-died-after-getting-the-covid-vaccine-but-this-stat-is-less-alarming-than-it-seems
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Tue, 19 Oct 2021 06:54:44 GMT
Via
1.1 1fd323b9134f7d940dac0d007036a604.cloudfront.net (CloudFront)
Server
Apache Tomcat
X-Amz-Cf-Pop
FRA56-P5
X-Powered-By
Brightspot
Transfer-Encoding
chunked
X-Cache
Miss from cloudfront
Content-Type
application/json;charset=UTF-8
Cache-Control
max-age=240
Connection
keep-alive
X-Robots-Tag
nofollow
X-Amz-Cf-Id
sHt7BRM1PNa9RP0upPcP4Yz7j8tK5A0KoF64D4bMmgMLjG1zrtjyBg==
alerts
www.wxyz.com/weather/ 		80 KB
80 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.wxyz.com/weather/alerts?_renderer=json
Requested by
Host: ewscripps.brightspotcdn.com
URL: https://ewscripps.brightspotcdn.com/resource/0000017c-94dc-de1a-af7d-dffc442f0000/styleguide/All.min.9656e89e5a03da06d3ee6f4b6fbf717b.gz.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache Tomcat / Brightspot
Resource Hash
08bf86b93a8562a2e0e90791b47e2092875fa209b044e79e8fc8a1ddb98bd24e

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.wxyz.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
empty
Referer
https://www.wxyz.com/news/coronavirus/covid-19-vaccine/35-michiganders-have-died-after-getting-the-covid-vaccine-but-this-stat-is-less-alarming-than-it-seems
Cookie
_parsely_session={%22sid%22:1%2C%22surl%22:%22https://www.wxyz.com/news/coronavirus/covid-19-vaccine/35-michiganders-have-died-after-getting-the-covid-vaccine-but-this-stat-is-less-alarming-than-it-seems%22%2C%22sref%22:%22%22%2C%22sts%22:1634626484163%2C%22slts%22:0}; _parsely_visitor={%22id%22:%22pid=605f46f2b0d91ece47e6bec45a1ff9ee%22%2C%22session_count%22:1%2C%22last_session_ts%22:1634626484163}; _gcl_au=1.1.573424486.1634626484
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://www.wxyz.com/news/coronavirus/covid-19-vaccine/35-michiganders-have-died-after-getting-the-covid-vaccine-but-this-stat-is-less-alarming-than-it-seems
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Tue, 19 Oct 2021 06:53:06 GMT
Via
1.1 f7d063966b06905209f8790f5fd607e2.cloudfront.net (CloudFront)
Connection
keep-alive
Server
Apache Tomcat
Age
98
X-Powered-By
Brightspot
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Content-Type
application/json;charset=UTF-8
Cache-Control
max-age=240
X-Amz-Cf-Pop
FRA56-P5
X-Robots-Tag
nofollow
X-Amz-Cf-Id
BD2DepyfghckSkbBIw-_bkWqziq2mLHzbnDtTzVz0QJQZrkBSKD0kw==
school-closings-delays
www.wxyz.com/weather/ 		80 KB
80 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.wxyz.com/weather/school-closings-delays?_renderer=json
Requested by
Host: ewscripps.brightspotcdn.com
URL: https://ewscripps.brightspotcdn.com/resource/0000017c-94dc-de1a-af7d-dffc442f0000/styleguide/All.min.9656e89e5a03da06d3ee6f4b6fbf717b.gz.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache Tomcat / Brightspot
Resource Hash
f5e07d300f60d45848a84ddcdb2ec5d9ced667a63b962ad5bf0d7265c77ca784

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.wxyz.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
empty
Referer
https://www.wxyz.com/news/coronavirus/covid-19-vaccine/35-michiganders-have-died-after-getting-the-covid-vaccine-but-this-stat-is-less-alarming-than-it-seems
Cookie
_parsely_session={%22sid%22:1%2C%22surl%22:%22https://www.wxyz.com/news/coronavirus/covid-19-vaccine/35-michiganders-have-died-after-getting-the-covid-vaccine-but-this-stat-is-less-alarming-than-it-seems%22%2C%22sref%22:%22%22%2C%22sts%22:1634626484163%2C%22slts%22:0}; _parsely_visitor={%22id%22:%22pid=605f46f2b0d91ece47e6bec45a1ff9ee%22%2C%22session_count%22:1%2C%22last_session_ts%22:1634626484163}; _gcl_au=1.1.573424486.1634626484
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://www.wxyz.com/news/coronavirus/covid-19-vaccine/35-michiganders-have-died-after-getting-the-covid-vaccine-but-this-stat-is-less-alarming-than-it-seems
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Tue, 19 Oct 2021 06:51:35 GMT
Via
1.1 d4744f6f4cb683596fb4a26e59b2aba8.cloudfront.net (CloudFront)
Connection
keep-alive
Server
Apache Tomcat
Age
189
X-Powered-By
Brightspot
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Content-Type
application/json;charset=UTF-8
Cache-Control
max-age=240
X-Amz-Cf-Pop
FRA56-P5
X-Robots-Tag
nofollow
X-Amz-Cf-Id
-nDz-y5GXW40N9HJn_jjpZIQPFf415DsfA1MbsIi36wcfPsiCg9UCw==
/
api.ewscloud.com/prod/scheduler/v1/com.wxyz/schedules/current/ 		4 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.ewscloud.com/prod/scheduler/v1/com.wxyz/schedules/current/?type=web
Requested by
Host: ewscripps.brightspotcdn.com
URL: https://ewscripps.brightspotcdn.com/resource/0000017c-94dc-de1a-af7d-dffc442f0000/styleguide/All.min.9656e89e5a03da06d3ee6f4b6fbf717b.gz.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.95 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-95.fra60.r.cloudfront.net
Software
/
Resource Hash
29bd414f4a6424b4dc5455510eb135cd6b41fe054d6089452cc970e47bbdea91

Request headers

Authorization
Token bc22df1e0efb4dcb53f2438a4b71da118f05788c
Referer
https://www.wxyz.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 06:54:44 GMT
via
1.1 8c08c39035033b8c904aa0e3f734d6c7.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P1
x-amzn-requestid
08b8d605-dec7-4bc5-8b38-347e77eb26f5
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
x-amzn-trace-id
Root=1-616e6bb4-2c50270b67ffb78009f2dae0
x-amz-apigw-id
HcXERGJboAMF3Uw=
content-length
4009
x-amz-cf-id
dKDNGZbnoZDrYS2Mk2nNWV5qKRxd2tbc3Vk2r-SrPYmqQxWMEpZuYQ==
videoIframe.html
assets.scrippsdigital.com/cms/ Frame 78CC 		8 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://assets.scrippsdigital.com/cms/videoIframe.html?&host=www.wxyz.com&title=35%20Michiganders%20have%20died%20after%20getting%20the%20COVID%20vaccine%20%E2%80%94%C2%A0but%20this%20stat%20is%20less%20alarming%20than%20it%20seems&kw=7%20Action%20News%2CDetroit%2CWXYZ-TV%2Cmetro%20Detroit&autoplay=true&m3u8=https://content.uplynk.com/4f540a88fc44431bbf99302539b564c6.m3u8&mp4=https://x-default-stgec.uplynk.com/ausw/slices/4f5/be88c4e651db4a7dbe102614d7272948/4f540a88fc44431bbf99302539b564c6/4f540a88fc44431bbf99302539b564c6_g.mp4&purl=/news/coronavirus/covid-19-vaccine/35-michiganders-have-died-after-getting-the-covid-vaccine-but-this-stat-is-less-alarming-than-it-seems&dtrack=1&story=1&contplay=*recent&mute=1&tags=COVID-19%20Vaccine%2CInvestigations%2CCoronavirus%2CNews%2CLocal%20News%2CHomepage%20Showcase&cust_params=temp%3D%26weather%3D&s=wxyz
Requested by
Host: ewscripps.brightspotcdn.com
URL: https://ewscripps.brightspotcdn.com/resource/0000017c-94dc-de1a-af7d-dffc442f0000/styleguide/All.min.9656e89e5a03da06d3ee6f4b6fbf717b.gz.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d16341f40188e86603672051578640a02e5560a0e908ec42c8e57d59e842933d

Request headers

Host
assets.scrippsdigital.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.wxyz.com/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.wxyz.com/

Response headers

Content-Type
text/html
Content-Length
7773
Connection
keep-alive
x-amz-replication-status
COMPLETED
Last-Modified
Wed, 26 May 2021 23:12:51 GMT
x-amz-version-id
gOMWdh_8VAPRuKhRa_b3Xzv6qPEw6cKM
Accept-Ranges
bytes
Server
AmazonS3
Date
Tue, 19 Oct 2021 03:19:51 GMT
ETag
"aa6786ea9cdb8e44426d29758703150f"
X-Cache
Hit from cloudfront
Via
1.1 5297df6326448099cefed6e96fd7b00b.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
DUS51-P1
X-Amz-Cf-Id
mLRsbaqbmlHbXf1d3Xk0Wd-8u6pIo0Fqj7P1LNnSU0M5bRB-XbCKYw==
Age
12894
88f2a0fd9298a35d
pixel.sitescout.com/iap/
Redirect Chain
  • https://pixel.sitescout.com/iap/88f2a0fd9298a35d
  • https://pixel.sitescout.com/iap/88f2a0fd9298a35d?cookieQ=1
0
341 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.sitescout.com/iap/88f2a0fd9298a35d?cookieQ=1
Requested by
Host: www.wxyz.com
URL: https://www.wxyz.com/news/coronavirus/covid-19-vaccine/35-michiganders-have-died-after-getting-the-covid-vaccine-but-this-stat-is-less-alarming-than-it-seems
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
66.155.71.25 Southampton, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
AC1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.wxyz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Oct 2021 06:54:44 GMT
cache-control
max-age=0,no-cache,no-store
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
expires
Tue, 11 Oct 1977 12:34:56 GMT

Redirect headers

location
https://pixel.sitescout.com/iap/88f2a0fd9298a35d?cookieQ=1
date
Tue, 19 Oct 2021 06:54:44 GMT
server
AC1.1
content-length
0
analytics.js
www.google-analytics.com/ 		48 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-R48P
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.wxyz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Oct 2021 16:38:54 GMT
server
Golfe2
age
3218
date
Tue, 19 Oct 2021 06:01:06 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19747
expires
Tue, 19 Oct 2021 08:01:06 GMT
load_tags.js
pymx5.com/scripts/ 		9 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pymx5.com/scripts/load_tags.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-R48P
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.203.93 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
93.203.227.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
492f490d3a8cae053f8ab9f525210cfcd792987a02d65783aa81ce4edf926fa2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.wxyz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 06:24:10 GMT
age
1834
x-guploader-uploadid
ADPycdvK0fh7WfGusbD2nfYQzcvVSlxLLD4IE9bAS0uQTd6P_ngSEfw1B9D_xB6KQARiAx9HWruzo9pQM3pobBueCyU
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
clear
content-length
8946
last-modified
Tue, 12 Oct 2021 11:44:47 GMT
server
UploadServer
etag
"f6b06694767e707999eecbe9538b403a"
x-goog-hash
crc32c=xz4nKQ==, md5=9rBmlHZ+cHmZ7svpU4tAOg==
x-goog-generation
1606731190093338
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=3600
x-goog-stored-content-length
8946
accept-ranges
bytes
content-type
application/javascript
expires
Tue, 19 Oct 2021 07:24:10 GMT
v2
mb.moatads.com/yi/ 		401 B
576 B 		Script
General
Check archive.org
Download Go to
Full URL
https://mb.moatads.com/yi/v2?ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BZ.jrG%3DzIR*E%24sRK%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-qzQ31%2B7Cex1YkaWe08ceLJHXkgPshLKyuz%2F4uhjkxPYPVB8OEV7WXRwEOC0dEk1CVCWz&rs=1-SScRKbOpzNBk3A%3D%3D&sc=1&os=1-6A%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=%3BUH2%2Bp%3CGbF&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&url=https%3A%2F%2Fwww.wxyz.com%2Fnews%2Fcoronavirus%2Fcovid-19-vaccine%2F35-michiganders-have-died-after-getting-the-covid-vaccine-but-this-stat-is-less-alarming-than-it-seems&pcode=crackedscrippsdfpprebidheader262014341684&callback=MoatNadoAllJsonpRequest_27320065
Requested by
Host: sejs.moatads.com
URL: https://sejs.moatads.com/crackedscrippsdfpprebidheader262014341684/yi.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.10.67.38 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-10-67-38.eu-west-2.compute.amazonaws.com
Software
TornadoServer/4.5.3 /
Resource Hash
a52e42f81931179ef623fa2bcc772ffba12007552b0ed0f0ca9dfbc1c5eeaa99

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.wxyz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 06:54:44 GMT
cache-control
max-age=900
server
TornadoServer/4.5.3
timing-allow-origin
*
etag
"d5b65794a9a6f8b53e3c1706e01c3f0f88a30228"
content-length
401
content-type
text/html; charset=UTF-8
log
hblg.media.net/ 		35 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hblg.media.net/log?logid=kfk&evtid=flog&itype=HB&adt=desktop&cid=8CU6Q6626&ct=FRANKFURT&cc=DE&ugd=4&app=0&pht=1200&pid=8PRL4E7N3&dn=wxyz.com&servname=ssp-serving-7778d45b97-mtl6m&svr=101410_297_101111_267_ssp&sc=HE&version=4&vh=1200&vw=1600&vsid=&vid=00001634626484339036324922882978&sspAbBucket=CONTROL&lw=1&dapp=green&itypeid=1&sd=1&adbd=0&npa=0&gdpr_enf=1&csex=0&gdfstr=Y-N&gdpr=1&csstr=&tcf_cmp=&tcf_status=&tcf_prp=&suc=0&usp_enf=1&usp_status=0&usp_ldf=&usp_string=&ufca=-1&coppa_status=&coppa_applied=&id_details=&abte=SSP_CLIENT&rtype=&lbr=0&mnkv=&pabte=&pc=&ccat=&floc_id=&floc_ver=&gfundl=700&gtd=&inid=&ngfundl=1000&rdl=700&a=0&r=209&lper=1&requrl=https%3A%2F%2Fwww.wxyz.com%2Fnews%2Fcoronavirus%2Fcovid-19-vaccine%2F35-michiganders-have-died-after-getting-the-covid-vaccine-but-this-stat-is-less-alarming-than-it-seems&kwrf=
Requested by
Host: www.wxyz.com
URL: https://www.wxyz.com/news/coronavirus/covid-19-vaccine/35-michiganders-have-died-after-getting-the-covid-vaccine-but-this-stat-is-less-alarming-than-it-seems
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.76.200.23 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-76-200-23.deploy.static.akamaitechnologies.com
Software
Jetty(9.4.35.v20201120) /
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.wxyz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Oct 2021 06:54:44 GMT
server
Jetty(9.4.35.v20201120)
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Tue, 19 Oct 2021 06:54:44 GMT
show_pla
obs.cheqzone.com/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://obs.cheqzone.com/show_pla?id=65349&url=https%3A%2F%2Fwww.wxyz.com%2Fnews%2Fcoronavirus%2Fcovid-19-vaccine%2F35-michiganders-have-died-after-getting-the-covid-vaccine-but-this-stat-is-less-alarming-than-it-seems&sf=0&k=&idx=0&ch=&ext=&np=linux%20x86_64&nv=google%20inc.&rand=24055880291672159280800922271218848281460512016395599768226884019196&nc=0&tsf=0&tsfmi=&pv=0&cb=1634626484452&ref=&pit=1&hl=2&op=0&fs=1600x1200&ss=1600x1200&pre=0&jsonp=OBR.extern.onCheqResponse&mr=&ag=220482090&at=&bid=e30%3D&di=W1siZWYiLDEyNDRdLFsxMiwie1wiY3R4XCI6XCJ3ZWJnbDJcIixcInZcIjpcImludGVsIGluYy5c%0D%0AIixcInJcIjpcImludGVsIGlyaXMgb3BlbmdsIGVuZ2luZVwiLFwic2x2XCI6XCJ3ZWJnbCBnbHNs%0D%0AIGVzIDMuMDAgKG9wZW5nbCBlcyBnbHNsIGVzIDMuMCBjaHJvbWl1bSlcIixcImd2ZXJcIjpcIndl%0D%0AYmdsIDIuMCAob3BlbmdsIGVzIDMuMCBjaHJvbWl1bSlcIixcImd2ZW5cIjpcIndlYmtpdFwiLFwi%0D%0AYmVuXCI6NSxcIndnbFwiOjEsXCJncmVuXCI6XCJ3ZWJraXQgd2ViZ2xcIixcInNlZlwiOjExMTM2%0D%0AMTUxMixcInNlY1wiOlwiXCJ9Il0sWzM3LCJbMzMxNjIyNDA0OSxmdW5jdGlvbihuZXdWYWx1ZSkg%0D%0Ae1xuICAgICAgICAgICAgICBhZGRDb250ZW50V2luZG93UHJveHkodGhpcylcbiAgICAgICAgICAg%0D%0AICAgLy8gUmVzZXQgcHJvcGVydHksIHRoZSBob29rIGlzIG9ubHkgbmVlZGVkIG9uY2VcbiAgICAg%0D%0AICAgICAgICAgT2JqZWN0LmRlZmluZVByb3BlcnR5KGlmcmFtZSwgJ3NyY2RvYycsIHtcbiAgICAg%0D%0AICAgICAgICAgICBjb25maWd1cmFibGU6IGZhbHNlLFxuICAgICAgICAgICAgICAgIHdyaXRhYmxl%0D%0AOiBmYWxzZSxcbiAgICAgICAgICAgICAgICB2YWx1ZTogX3NyY2RvY1xuICAgICAgICAgICAgICB9%0D%0AKVxuICAgICAgICAgICAgICBfaWZyYW1lLnNyY2RvYyA9IG5ld1ZhbHVlXG4gICAgICAgICAgICB9%0D%0AXSJdLFstMSwiLSJdLFstMiwiMTAsZVlYVlgxUHJ4Mk8rZTJhWm5NcEJkSUFSS0tWRUVRSWdLQ2RK%0D%0AWGVCQkVRUklxaUlDMThxRFJGa041Q0M0clNmaUpTcEFvSVJPbVFRaEpTU005TVpqSnp5eWw3NzdX%0D%0AL1o1MTd6OCJdLFstMywiW1wiaW50ZXJuYWwtcGRmLXZpZXdlclwiLFwibWhqZmJtZGdjZmpiYnBh%0D%0AZW9qb2ZvaG9lZmdpZWhqYWlcIixcImludGVybmFsLW5hY2wtcGx1Z2luXCJdIl0sWy00LCItIl0s%0D%0AWy01LCItIl0sWy02LCItIl0sWy03LCItIl0sWy04LCItIl0sWy05LCIrIl0sWy0xMCwiLSJdLFst%0D%0AMTEsIntcInRcIjpcIlwiLFwibVwiOltcImRlc2NyaXB0aW9uXCIsXCJrZXl3b3Jkc1wiLFwib2c6%0D%0AdGl0bGVcIixcIm9nOmRlc2NyaXB0aW9uXCIsXCJ0d2l0dGVyOmRlc2NyaXB0aW9uXCIsXCJ0d2l0%0D%0AdGVyOnRpdGxlXCIsXCJvZzpkZXNjcmlwdGlvblwiLFwiZGVzY3JpcHRpb25cIixcInBhcnNlbHkt%0D%0AdGl0bGVcIl19Il0sWy0xMiwibnVsbCJdLFstMTMsIi0iXSxbLTE0LCJ7XCJvXCI6MC4wMDQ1NjYy%0D%0AMTAwNDU2NjIxfSJdLFstMTUsIi0iXSxbLTE2LCIwIl0sWy0xNywiNCJdLFstMTgsIlswLDAsMCwx%0D%0AXSJdLFstMTksIlswLDAsMCwwLDAsMCwxLDI0LDI0LFwiLVwiLDE2MDAsMTIwMCwxNjAwLDEyMDAs%0D%0AMTYwMCwxMjAwLDE2MDAsMTIwMCwwLDAsMCwwLFwiLVwiLFwiLVwiXSJdLFstMjAsIi0iXSxbLTIx%0D%0ALCIycjIzbmJ0SyJdLFstMjIsIltcIm5cIixcIm5cIl0iXSxbLTIzLCIrIl0sWy0yNCwiW10iXSxb%0D%0ALTI1LCItIl0sWy0yNiwie1widGpoc1wiOjE5MzAwMDAwLFwidWpoc1wiOjE3MTAwMDAwLFwiamhz%0D%0AbFwiOjM3NjAwMDAwMDB9Il0sWy0yNywiWzAsOS42LDAsXCI0Z1wiLG51bGxdIl0sWy0yOCwiZW4t%0D%0AVVMsZW4iXSxbLTI5LCJ7XCJ2XCI6WzIsMiwyLDIsMCwwLDAsMiwwLDIsMCwyLDAsMCwyLDIsMiwy%0D%0ALDBdfSJdLFstMzAsIltcInZcIiwwXSJdLFstMzEsImZhbHNlIl0sWy0zMiwiLSJdLFstMzMsIi0i%0D%0AXSxbLTM0LCItIl0sWy0zNSwiWzE2MzQ2MjY0ODQzOTQsMF0iXSxbLTM2LCJbXCI0LzNcIixcIjQv%0D%0AM1wiXSJdLFstMzcsIi0xNDQtNjYtMTgwLSJdLFstMzgsImksLTEsLTEsMCwwLDEsMCw1NCwxNiwy%0D%0ANDAsMzc3LDAsNjgzLDY4MywxMDM0LDEwMzQiXSxbLTM5LCJbXCIyMDAzMDEwN1wiLDQsXCJHZWNr%0D%0Ab1wiLFwiTmV0c2NhcGVcIixcIk1vemlsbGFcIixudWxsLG51bGwsdHJ1ZSw4LGZhbHNlLG51bGws%0D%0AM10iXSxbLTQwLCIzMyJdLFstNDEsIi0iXSxbLTQyLCIxNzI0Mjk3NjUzIl0sWy00MywiMDAwMDAw%0D%0AMDEwMTAwMDAwMTAwMTExMDExMDAiXSxbLTQ0LCIwLDAsMCw1Il0sWy00NSwiNjIwLDY3OCwwLDAs%0D%0AMCw1NjEsMCwwLDY0OCwwLDAsMCwwLDAsMCwwLDAsMCwwLDY4NCwwLDAsMCwwLDAsMCwwLDAsMCww%0D%0ALDAsMCJdLFstNDYsIjAiXSxbLTQ3LCJFdGMvVW5rbm93bixlbi1VUyxsYXRuLGdyZWdvcnkiXSxb%0D%0ALTQ4LCIwLDAiXSxbLTQ5LCItIl0sWyJibmNoIiw5Ml1d&tsfu=&fst=1600x1200&dep=0&cpos=%5B%7B%22x%22%3A325%2C%22y%22%3A3094%2C%22w%22%3A610%2C%22h%22%3A0%7D%2C%7B%22w%22%3A1600%2C%22h%22%3A1200%7D%5D&ver=41&cri=Mc7ATq0gFv&sdd=%7B%7D&pto=1094
Requested by
Host: ob.cheqzone.com
URL: https://ob.cheqzone.com/placement_invocation?id=65349&idx=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.172.245.152 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-245-152.compute-1.amazonaws.com
Software
/
Resource Hash
8aa0dbe93ae6630453c94f73f9950eeb1a0e47f1cb6b8ea873a1e704f6f657b1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.wxyz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Oct 2021 06:54:44 GMT
content-encoding
gzip
content-type
text/javascript
cache-control
no-cache, no-store, must-revalidate
cheq_headers_order
Set-Cookie Content-Type Cache-Control Pragma Expires Content-Length Content-Encoding Date Connection
content-length
1658
expires
Fri, 01 Jan 1990 00:00:00 GMT
rules-p-cfh7-Kj7hw4Cs.js
rules.quantcount.com/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-cfh7-Kj7hw4Cs.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f2dcd9cd8327f9a74903074baf5a2af793df8d8a706c220e2ab4516e775596eb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.wxyz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 06:51:45 GMT
content-encoding
gzip
age
210
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
last-modified
Wed, 30 Aug 2017 16:19:22 GMT
server
AmazonS3
etag
W/"021b7e04f30cea21812673c831b1b679"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 b9d2ce196c8a711fb15d92175d58476e.cloudfront.net (CloudFront)
cache-control
max-age=3600
x-amz-cf-pop
FRA56-P2
x-amz-cf-id
xyUa8FwWI9Bl1tC_SdRaYHaISeigP0SANORqz6x6ykLg9GhtFc30Jw==
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=2&c2=6036471&ns__t=1634626484474&ns_c=UTF-8&cv=3.5&c8=35%20Michiganders%20have%20died%20post%20vaccination%20%E2%80%94%C2%A0but%20this%20stat%20is%20less%20ala...
  • https://sb.scorecardresearch.com/b2?c1=2&c2=6036471&ns__t=1634626484474&ns_c=UTF-8&cv=3.5&c8=35%20Michiganders%20have%20died%20post%20vaccination%20%E2%80%94%C2%A0but%20this%20stat%20is%20less%20al...
64 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=2&c2=6036471&ns__t=1634626484474&ns_c=UTF-8&cv=3.5&c8=35%20Michiganders%20have%20died%20post%20vaccination%20%E2%80%94%C2%A0but%20this%20stat%20is%20less%20alarming%20than%20it%20seems&c7=https%3A%2F%2Fwww.wxyz.com%2Fnews%2Fcoronavirus%2Fcovid-19-vaccine%2F35-michiganders-have-died-after-getting-the-covid-vaccine-but-this-stat-is-less-alarming-than-it-seems&c9=
Requested by
Host: www.wxyz.com
URL: https://www.wxyz.com/news/coronavirus/covid-19-vaccine/35-michiganders-have-died-after-getting-the-covid-vaccine-but-this-stat-is-less-alarming-than-it-seems
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.253.71 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-253-71.fra6.r.cloudfront.net
Software
/
Resource Hash
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.wxyz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 06:54:44 GMT
via
1.1 df86e917220bc08caa68b0eb8ddabe91.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
etag
W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache
Miss from cloudfront
content-type
image/gif; charset=utf-8
content-length
64
x-amz-cf-id
N502RFH2PG2jfHRCwlfb5EX5q7vezfixAEAOSW0JGZlZcv5T-LBM6A==

Redirect headers

date
Tue, 19 Oct 2021 06:54:44 GMT
via
1.1 df86e917220bc08caa68b0eb8ddabe91.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
vary
Accept
x-cache
Miss from cloudfront
content-type
text/plain; charset=utf-8
location
https://sb.scorecardresearch.com/b2?c1=2&c2=6036471&ns__t=1634626484474&ns_c=UTF-8&cv=3.5&c8=35%20Michiganders%20have%20died%20post%20vaccination%20%E2%80%94%C2%A0but%20this%20stat%20is%20less%20alarming%20than%20it%20seems&c7=https%3A%2F%2Fwww.wxyz.com%2Fnews%2Fcoronavirus%2Fcovid-19-vaccine%2F35-michiganders-have-died-after-getting-the-covid-vaccine-but-this-stat-is-less-alarming-than-it-seems&c9=
content-length
424
x-amz-cf-id
YL9RQ-rDL4GsDfrO_dz1yzCaQ0WjSwdYroxgnvmaDV2XYMrYIMUizQ==
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/ Frame 78CC 		23 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/font-awesome.min.css
Requested by
Host: assets.scrippsdigital.com
URL: https://assets.scrippsdigital.com/cms/videoIframe.html?&host=www.wxyz.com&title=35%20Michiganders%20have%20died%20after%20getting%20the%20COVID%20vaccine%20%E2%80%94%C2%A0but%20this%20stat%20is%20less%20alarming%20than%20it%20seems&kw=7%20Action%20News%2CDetroit%2CWXYZ-TV%2Cmetro%20Detroit&autoplay=true&m3u8=https://content.uplynk.com/4f540a88fc44431bbf99302539b564c6.m3u8&mp4=https://x-default-stgec.uplynk.com/ausw/slices/4f5/be88c4e651db4a7dbe102614d7272948/4f540a88fc44431bbf99302539b564c6/4f540a88fc44431bbf99302539b564c6_g.mp4&purl=/news/coronavirus/covid-19-vaccine/35-michiganders-have-died-after-getting-the-covid-vaccine-but-this-stat-is-less-alarming-than-it-seems&dtrack=1&story=1&contplay=*recent&mute=1&tags=COVID-19%20Vaccine%2CInvestigations%2CCoronavirus%2CNews%2CLocal%20News%2CHomepage%20Showcase&cust_params=temp%3D%26weather%3D&s=wxyz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.11.207 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://assets.scrippsdigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 06:54:44 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
723, 617, 617
age
15499023
cdn-cachedat
2021-03-10 20:26:28
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:54 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
dbc1afb9a84d639148de495f557e96e6
cf-ray
6a0818c82bdc21b1-DUS
cdn-requestcountrycode
DE
cdn-requestpullsuccess
True
5776_Scripps_Local_Stations.js
ads.rubiconproject.com/prebid/ Frame 78CC 		543 KB
107 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Requested by
Host: assets.scrippsdigital.com
URL: https://assets.scrippsdigital.com/cms/videoIframe.html?&host=www.wxyz.com&title=35%20Michiganders%20have%20died%20after%20getting%20the%20COVID%20vaccine%20%E2%80%94%C2%A0but%20this%20stat%20is%20less%20alarming%20than%20it%20seems&kw=7%20Action%20News%2CDetroit%2CWXYZ-TV%2Cmetro%20Detroit&autoplay=true&m3u8=https://content.uplynk.com/4f540a88fc44431bbf99302539b564c6.m3u8&mp4=https://x-default-stgec.uplynk.com/ausw/slices/4f5/be88c4e651db4a7dbe102614d7272948/4f540a88fc44431bbf99302539b564c6/4f540a88fc44431bbf99302539b564c6_g.mp4&purl=/news/coronavirus/covid-19-vaccine/35-michiganders-have-died-after-getting-the-covid-vaccine-but-this-stat-is-less-alarming-than-it-seems&dtrack=1&story=1&contplay=*recent&mute=1&tags=COVID-19%20Vaccine%2CInvestigations%2CCoronavirus%2CNews%2CLocal%20News%2CHomepage%20Showcase&cust_params=temp%3D%26weather%3D&s=wxyz
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.19.35.65 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-35-65.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
f38aa246573dddbe8fc73d24015f452828ee28bdda5c5dad82173c7bcd2e54ff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://assets.scrippsdigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Tue, 19 Oct 2021 06:54:44 GMT
Content-Encoding
gzip
Last-Modified
Thu, 09 Sep 2021 22:56:22 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3733
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
109615
Expires
Tue, 19 Oct 2021 07:56:57 GMT
jquery-1.12.1.min.js
code.jquery.com/ Frame 78CC 		95 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-1.12.1.min.js
Requested by
Host: assets.scrippsdigital.com
URL: https://assets.scrippsdigital.com/cms/videoIframe.html?&host=www.wxyz.com&title=35%20Michiganders%20have%20died%20after%20getting%20the%20COVID%20vaccine%20%E2%80%94%C2%A0but%20this%20stat%20is%20less%20alarming%20than%20it%20seems&kw=7%20Action%20News%2CDetroit%2CWXYZ-TV%2Cmetro%20Detroit&autoplay=true&m3u8=https://content.uplynk.com/4f540a88fc44431bbf99302539b564c6.m3u8&mp4=https://x-default-stgec.uplynk.com/ausw/slices/4f5/be88c4e651db4a7dbe102614d7272948/4f540a88fc44431bbf99302539b564c6/4f540a88fc44431bbf99302539b564c6_g.mp4&purl=/news/coronavirus/covid-19-vaccine/35-michiganders-have-died-after-getting-the-covid-vaccine-but-this-stat-is-less-alarming-than-it-seems&dtrack=1&story=1&contplay=*recent&mute=1&tags=COVID-19%20Vaccine%2CInvestigations%2CCoronavirus%2CNews%2CLocal%20News%2CHomepage%20Showcase&cust_params=temp%3D%26weather%3D&s=wxyz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.42 Phoenix, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
hwcdn.net
Software
nginx /
Resource Hash
2359d383bf2d4ab65ebf7923bdf74ce40e4093f6e58251b395a64034b3c39772

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://assets.scrippsdigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 06:54:44 GMT
content-encoding
gzip
last-modified
Mon, 22 Feb 2016 19:07:54 GMT
server
nginx
etag
W/"56cb5c8a-17c7b"
vary
Accept-Encoding
x-hw
1634626484.dop245.am5.t,1634626484.cds230.am5.hn,1634626484.cds284.am5.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
33838
ScrippsEmbeddedVideoIframe.js
assets.scrippsdigital.com/cms/js/ Frame 78CC 		69 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.scrippsdigital.com/cms/js/ScrippsEmbeddedVideoIframe.js?v=05252021
Requested by
Host: assets.scrippsdigital.com
URL: https://assets.scrippsdigital.com/cms/videoIframe.html?&host=www.wxyz.com&title=35%20Michiganders%20have%20died%20after%20getting%20the%20COVID%20vaccine%20%E2%80%94%C2%A0but%20this%20stat%20is%20less%20alarming%20than%20it%20seems&kw=7%20Action%20News%2CDetroit%2CWXYZ-TV%2Cmetro%20Detroit&autoplay=true&m3u8=https://content.uplynk.com/4f540a88fc44431bbf99302539b564c6.m3u8&mp4=https://x-default-stgec.uplynk.com/ausw/slices/4f5/be88c4e651db4a7dbe102614d7272948/4f540a88fc44431bbf99302539b564c6/4f540a88fc44431bbf99302539b564c6_g.mp4&purl=/news/coronavirus/covid-19-vaccine/35-michiganders-have-died-after-getting-the-covid-vaccine-but-this-stat-is-less-alarming-than-it-seems&dtrack=1&story=1&contplay=*recent&mute=1&tags=COVID-19%20Vaccine%2CInvestigations%2CCoronavirus%2CNews%2CLocal%20News%2CHomepage%20Showcase&cust_params=temp%3D%26weather%3D&s=wxyz
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
620e46ad8b172c01c1200732c5550d3697b9e116b77d1ef224b52533bb3f2e4c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://assets.scrippsdigital.com/cms/videoIframe.html?&host=www.wxyz.com&title=35%20Michiganders%20have%20died%20after%20getting%20the%20COVID%20vaccine%20%E2%80%94%C2%A0but%20this%20stat%20is%20less%20alarming%20than%20it%20seems&kw=7%20Action%20News%2CDetroit%2CWXYZ-TV%2Cmetro%20Detroit&autoplay=true&m3u8=https://content.uplynk.com/4f540a88fc44431bbf99302539b564c6.m3u8&mp4=https://x-default-stgec.uplynk.com/ausw/slices/4f5/be88c4e651db4a7dbe102614d7272948/4f540a88fc44431bbf99302539b564c6/4f540a88fc44431bbf99302539b564c6_g.mp4&purl=/news/coronavirus/covid-19-vaccine/35-michiganders-have-died-after-getting-the-covid-vaccine-but-this-stat-is-less-alarming-than-it-seems&dtrack=1&story=1&contplay=*recent&mute=1&tags=COVID-19%20Vaccine%2CInvestigations%2CCoronavirus%2CNews%2CLocal%20News%2CHomepage%20Showcase&cust_params=temp%3D%26weather%3D&s=wxyz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id
8Sbugj8n_eumvHMuSkH0mqflFdmJxmQs
Content-Encoding
gzip
ETag
W/"98a139931b9feb65e489f49e9dd7c8bf"
Age
9276
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
Connection
keep-alive
Last-Modified
Tue, 28 Sep 2021 18:31:32 GMT
Server
AmazonS3
Date
Tue, 19 Oct 2021 04:20:09 GMT
Vary
Accept-Encoding
Content-Type
text/javascript
Via
1.1 5297df6326448099cefed6e96fd7b00b.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
DUS51-P1
X-Amz-Cf-Id
JNTuOCTPzyNEHIynI_slaWKEemPUwIEB0WmVvJyoUV_F4WCpXr7IGQ==
292820581178899
connect.facebook.net/signals/config/ 		491 KB
144 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/292820581178899?v=2.9.47&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
185.60.216.19 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-frx5.fbcdn.net
Software
/
Resource Hash
8ab6926ae83dcfbd1225077ac5c68213c6bd9b99c50ca3ee3f7ee93e059d62f6
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.wxyz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
147501
x-xss-protection
0
pragma
public
x-fb-debug
WaAhmiKVKC5l6ryIBivm1wcHsoSEobdjCSuXKBviEZGXk9nhZUHjb8gBfUUNddsqpOeZhFgLMN3hYCAbJCOtCQ==
x-frame-options
DENY
date
Tue, 19 Oct 2021 06:54:44 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
connatix.playspace.css
cds.connatix.com/p/133566/ 		95 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cds.connatix.com/p/133566/connatix.playspace.css
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
5268ac15e7bd3c204ac9475d6a17721a3e3a63b024f1a4fa163efaaa993b7453

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.wxyz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 06:54:44 GMT
content-encoding
br
last-modified
Mon, 18 Oct 2021 16:56:24 GMT
age
50070
etag
"3d2d8f43a7d12106855b4531546d8678"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
access-control-max-age
86400
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
content-length
13314
linkid.js
www.google-analytics.com/plugins/ua/ 		2 KB
884 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/linkid.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f14.1e100.net
Software
sffe /
Resource Hash
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.wxyz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 06:28:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1580
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
859
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Tue, 19 Oct 2021 07:28:24 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		79 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.wxyz.com
URL: https://www.wxyz.com/news/coronavirus/covid-19-vaccine/35-michiganders-have-died-after-getting-the-covid-vaccine-but-this-stat-is-less-alarming-than-it-seems
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
sffe /
Resource Hash
e3a721b932b0f0dd2b806104fbdf5728949f1b281cea9e5af71c285eed9fafe5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.wxyz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 06:54:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1018 / 251 of 1000 / last-modified: 1634597506"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27088
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 19 Oct 2021 06:54:44 GMT
apstag.js
c.amazon-adsystem.com/aax2/ Frame 78CC 		133 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: assets.scrippsdigital.com
URL: https://assets.scrippsdigital.com/cms/videoIframe.html?&host=www.wxyz.com&title=35%20Michiganders%20have%20died%20after%20getting%20the%20COVID%20vaccine%20%E2%80%94%C2%A0but%20this%20stat%20is%20less%20alarming%20than%20it%20seems&kw=7%20Action%20News%2CDetroit%2CWXYZ-TV%2Cmetro%20Detroit&autoplay=true&m3u8=https://content.uplynk.com/4f540a88fc44431bbf99302539b564c6.m3u8&mp4=https://x-default-stgec.uplynk.com/ausw/slices/4f5/be88c4e651db4a7dbe102614d7272948/4f540a88fc44431bbf99302539b564c6/4f540a88fc44431bbf99302539b564c6_g.mp4&purl=/news/coronavirus/covid-19-vaccine/35-michiganders-have-died-after-getting-the-covid-vaccine-but-this-stat-is-less-alarming-than-it-seems&dtrack=1&story=1&contplay=*recent&mute=1&tags=COVID-19%20Vaccine%2CInvestigations%2CCoronavirus%2CNews%2CLocal%20News%2CHomepage%20Showcase&cust_params=temp%3D%26weather%3D&s=wxyz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.210.175 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-210-175.fra56.r.cloudfront.net
Software
Server /
Resource Hash
da263eff6489f28a35d328a1a5895db9adb14c22c40cd35d0afce85414cac701

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://assets.scrippsdigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id
zTpXqDhrs..xkKPVKkqB8HVtw0cnTzHi
content-encoding
gzip
etag
e2b905aea413c4d7479fb2bb9cbc6c65
age
873
x-cache
Hit from cloudfront
server
Server
x-amz-rid
1XP3D407822EKKJ1M672
date
Tue, 19 Oct 2021 06:40:11 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 4c692717a0e85914a993c3aa5c8a2ef7.cloudfront.net (CloudFront)
cache-control
public, max-age=900
x-amz-cf-pop
FRA56-P3
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
4AFw_9yZLDJzaUXsvvlbSw-ltCdEnq7wJr3EiWNYondmBGkyT-_Arg==
dc_pre=COCqwJfy1fMCFQz3UQodK14JTg;src=4394967;type=wxyz;cat=pc_tt0;ord=2650410390512;gtm=2wgad0;auiddc=573424486.1634626484;u1=COVID-19%20Vaccine;u2=35%20Michiganders%20have%20died%20post%20vaccina...
adservice.google.com/ddm/fls/i/ Frame A12E 		771 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/ddm/fls/i/dc_pre=COCqwJfy1fMCFQz3UQodK14JTg;src=4394967;type=wxyz;cat=pc_tt0;ord=2650410390512;gtm=2wgad0;auiddc=573424486.1634626484;u1=COVID-19%20Vaccine;u2=35%20Michiganders%20have%20died%20post%20vaccination%20%E2%80%94%C2%A0but%20this%20stat%20is%20less%20alarming%20than%20it%20seems;~oref=https%3A%2F%2Fwww.wxyz.com%2Fnews%2Fcoronavirus%2Fcovid-19-vaccine%2F35-michiganders-have-died-after-getting-the-covid-vaccine-but-this-stat-is-less-alarming-than-it-seems
Requested by
Host: 4394967.fls.doubleclick.net
URL: https://4394967.fls.doubleclick.net/activityi;dc_pre=COCqwJfy1fMCFQz3UQodK14JTg;src=4394967;type=wxyz;cat=pc_tt0;ord=2650410390512;gtm=2wgad0;auiddc=573424486.1634626484;u1=COVID-19%20Vaccine;u2=35%20Michiganders%20have%20died%20post%20vaccination%20%E2%80%94%C2%A0but%20this%20stat%20is%20less%20alarming%20than%20it%20seems;~oref=https%3A%2F%2Fwww.wxyz.com%2Fnews%2Fcoronavirus%2Fcovid-19-vaccine%2F35-michiganders-have-died-after-getting-the-covid-vaccine-but-this-stat-is-less-alarming-than-it-seems?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
d771e2f1aaa0fc824d7c4cf94360c24e1e2438ccd78f5c15f961b40ab7313658
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
adservice.google.com
:scheme
https
:path
/ddm/fls/i/dc_pre=COCqwJfy1fMCFQz3UQodK14JTg;src=4394967;type=wxyz;cat=pc_tt0;ord=2650410390512;gtm=2wgad0;auiddc=573424486.1634626484;u1=COVID-19%20Vaccine;u2=35%20Michiganders%20have%20died%20post%20vaccination%20%E2%80%94%C2%A0but%20this%20stat%20is%20less%20alarming%20than%20it%20seems;~oref=https%3A%2F%2Fwww.wxyz.com%2Fnews%2Fcoronavirus%2Fcovid-19-vaccine%2F35-michiganders-have-died-after-getting-the-covid-vaccine-but-this-stat-is-less-alarming-than-it-seems
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://4394967.fls.doubleclick.net/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://4394967.fls.doubleclick.net/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Tue, 19 Oct 2021 06:54:44 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
content-type
text/html; charset=UTF-8
pragma
no-cache
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
548
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
pixel;r=1636088199;labels=Cracked.Article%20Title.No%20%2035%20Michiganders%20didn't%20die%20from%20the%20COVID%20Vaccine;rf=0;a=p-cfh7-Kj7hw4Cs;url=https%3A%2F%2Fwww.wxyz.com%2Fnews%2Fcoronavirus%...
pixel.quantserve.com/ 		35 B
372 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=1636088199;labels=Cracked.Article%20Title.No%20%2035%20Michiganders%20didn't%20die%20from%20the%20COVID%20Vaccine;rf=0;a=p-cfh7-Kj7hw4Cs;url=https%3A%2F%2Fwww.wxyz.com%2Fnews%2Fcoronavirus%2Fcovid-19-vaccine%2F35-michiganders-have-died-after-getting-the-covid-vaccine-but-this-stat-is-less-alarming-than-it-seems;uht=2;fpan=1;fpa=P0-45798667-1634626484577;pbc=;ns=0;ce=1;qjs=1;qv=00a3769c-20210929173447;cm=;gdpr=0;ref=;d=wxyz.com;je=0;sr=1600x1200x24;dst=0;et=1634626484577;tzo=0;ogl=title.No%252C%2035%20Michiganders%20didn't%20die%20from%20the%20COVID%20Vaccine%20%2Curl.https%3A%2F%2Fwww%252Ewxyz%252Ecom%2Fnews%2Fcoronavirus%2Fcovid-19-vaccine%2F35-michiganders-have-died%2Cimage.https%3A%2F%2Fewscripps%252Ebrightspotcdn%252Ecom%2Fdims4%2Fdefault%2F76263e4%2F2147483647%2Fstrip%2Ftrue%2F%2Cimage%3Aurl.https%3A%2F%2Fewscripps%252Ebrightspotcdn%252Ecom%2Fdims4%2Fdefault%2F76263e4%2F2147483647%2Fstrip%2Ftrue%2F%2Cimage%3Asecure_url.https%3A%2F%2Fewscripps%252Ebrightspotcdn%252Ecom%2Fdims4%2Fdefault%2F76263e4%2F2147483647%2Fstrip%2Ftrue%2F%2Cimage%3Awidth.1200%2Cimage%3Aheight.630%2Cimage%3Atype.image%2Fpng%2Cimage%3Aalt.vaccine%2Cdescription.The%20data%20behind%20bad%20reactions%20to%20the%20vaccine%20is%20more%20comforting%20than%20you'd%20expec%2Csite_name.WXYZ%2Ctype.article%2Cdescription.The%20data%20behind%20bad%20reactions%20to%20the%20vaccine%20is%20more%20comforting%20than%20you'd%20expec
Requested by
Host: www.wxyz.com
URL: https://www.wxyz.com/news/coronavirus/covid-19-vaccine/35-michiganders-have-died-after-getting-the-covid-vaccine-but-this-stat-is-less-alarming-than-it-seems
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.228.74.198 , United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.wxyz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Oct 2021 06:54:44 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
story
capi.connatix.com/core/ Frame 385C 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/core/story?v=133566
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.138.43.101 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-138-43-101.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
989702326c6fbb029c0ffd99578a699f7792ed79c258850b814473f822311993

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
multipart/form-data

Response headers

Date
Tue, 19 Oct 2021 06:54:44 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
multipart/form-data
Access-Control-Allow-Origin
https://www.wxyz.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1366
load_optional_tags
api.pymx5.com/v1/sites/ 		0
712 B 		Script
General
Check archive.org
Download Go to
Full URL
https://api.pymx5.com/v1/sites/load_optional_tags
Requested by
Host: pymx5.com
URL: https://pymx5.com/scripts/load_tags.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.74.203 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
203.74.96.34.bc.googleusercontent.com
Software
nginx/1.13.7 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.wxyz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 06:54:44 GMT
via
1.1 google
server
nginx/1.13.7
x-frame-options
SAMEORIGIN
allow
GET, HEAD, OPTIONS
content-type
text/html; charset=utf-8
alt-svc
clear
content-length
0
video-js.min.css
assets.scrippsdigital.com/cms/videojs/ Frame 78CC 		39 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assets.scrippsdigital.com/cms/videojs/video-js.min.css
Requested by
Host: assets.scrippsdigital.com
URL: https://assets.scrippsdigital.com/cms/js/ScrippsEmbeddedVideoIframe.js?v=05252021
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
39b576e0da6026221c6efaeb013bc44a49c917700427deb40e0d924c2a388492

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://assets.scrippsdigital.com/cms/videoIframe.html?&host=www.wxyz.com&title=35%20Michiganders%20have%20died%20after%20getting%20the%20COVID%20vaccine%20%E2%80%94%C2%A0but%20this%20stat%20is%20less%20alarming%20than%20it%20seems&kw=7%20Action%20News%2CDetroit%2CWXYZ-TV%2Cmetro%20Detroit&autoplay=true&m3u8=https://content.uplynk.com/4f540a88fc44431bbf99302539b564c6.m3u8&mp4=https://x-default-stgec.uplynk.com/ausw/slices/4f5/be88c4e651db4a7dbe102614d7272948/4f540a88fc44431bbf99302539b564c6/4f540a88fc44431bbf99302539b564c6_g.mp4&purl=/news/coronavirus/covid-19-vaccine/35-michiganders-have-died-after-getting-the-covid-vaccine-but-this-stat-is-less-alarming-than-it-seems&dtrack=1&story=1&contplay=*recent&mute=1&tags=COVID-19%20Vaccine%2CInvestigations%2CCoronavirus%2CNews%2CLocal%20News%2CHomepage%20Showcase&cust_params=temp%3D%26weather%3D&s=wxyz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Wed, 13 Oct 2021 11:58:00 GMT
Content-Encoding
gzip
Age
500205
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
Connection
keep-alive
Last-Modified
Wed, 11 Jul 2018 18:03:46 GMT
Server
AmazonS3
ETag
W/"c0b21543872a45887225ba59f9e1169d"
Vary
Accept-Encoding
x-amz-version-id
9MDxrCj_cZfQ3o33D8McbYD_U3i1Ldsb
Via
1.1 5297df6326448099cefed6e96fd7b00b.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
DUS51-P1
Content-Type
text/css
X-Amz-Cf-Id
xtdxQTA54dIQcfFUW-QbwRQQazCUaJpUiMYiSa2kFwxHQlW8eOSRmg==
videojs.ads.ima.min.css
assets.scrippsdigital.com/cms/videojs/ Frame 78CC 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assets.scrippsdigital.com/cms/videojs/videojs.ads.ima.min.css
Requested by
Host: assets.scrippsdigital.com
URL: https://assets.scrippsdigital.com/cms/js/ScrippsEmbeddedVideoIframe.js?v=05252021
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9fcd0153277b6a8867e92dd6860d2e2ca51642f521c5c9d83f37bb6df2e27907

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://assets.scrippsdigital.com/cms/videoIframe.html?&host=www.wxyz.com&title=35%20Michiganders%20have%20died%20after%20getting%20the%20COVID%20vaccine%20%E2%80%94%C2%A0but%20this%20stat%20is%20less%20alarming%20than%20it%20seems&kw=7%20Action%20News%2CDetroit%2CWXYZ-TV%2Cmetro%20Detroit&autoplay=true&m3u8=https://content.uplynk.com/4f540a88fc44431bbf99302539b564c6.m3u8&mp4=https://x-default-stgec.uplynk.com/ausw/slices/4f5/be88c4e651db4a7dbe102614d7272948/4f540a88fc44431bbf99302539b564c6/4f540a88fc44431bbf99302539b564c6_g.mp4&purl=/news/coronavirus/covid-19-vaccine/35-michiganders-have-died-after-getting-the-covid-vaccine-but-this-stat-is-less-alarming-than-it-seems&dtrack=1&story=1&contplay=*recent&mute=1&tags=COVID-19%20Vaccine%2CInvestigations%2CCoronavirus%2CNews%2CLocal%20News%2CHomepage%20Showcase&cust_params=temp%3D%26weather%3D&s=wxyz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Tue, 12 Oct 2021 18:12:55 GMT
Content-Encoding
gzip
Age
564110
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
Connection
keep-alive
Last-Modified
Wed, 10 May 2017 18:04:10 GMT
Server
AmazonS3
ETag
W/"5923635524b18f4a96f5ef2ab3e490b7"
Vary
Accept-Encoding
x-amz-version-id
rrbghb1dXLQoExo3zxyqgHARjFx4uCW5
Via
1.1 5297df6326448099cefed6e96fd7b00b.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
DUS51-P1
Content-Type
text/css
X-Amz-Cf-Id
YVN46BXcxjnFYMt5vpCXgJEm_JUetoHyhga7Ep-seLzLRTaFv8fbQA==
videojs-combine.js
assets.scrippsdigital.com/cms/videojs/ Frame 78CC 		429 KB
102 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.scrippsdigital.com/cms/videojs/videojs-combine.js
Requested by
Host: assets.scrippsdigital.com
URL: https://assets.scrippsdigital.com/cms/js/ScrippsEmbeddedVideoIframe.js?v=05252021
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7dc95e5b1831ab2871016d3e7119b0c8a1d4176e046e75b77ecc77c61d93dc83

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://assets.scrippsdigital.com/cms/videoIframe.html?&host=www.wxyz.com&title=35%20Michiganders%20have%20died%20after%20getting%20the%20COVID%20vaccine%20%E2%80%94%C2%A0but%20this%20stat%20is%20less%20alarming%20than%20it%20seems&kw=7%20Action%20News%2CDetroit%2CWXYZ-TV%2Cmetro%20Detroit&autoplay=true&m3u8=https://content.uplynk.com/4f540a88fc44431bbf99302539b564c6.m3u8&mp4=https://x-default-stgec.uplynk.com/ausw/slices/4f5/be88c4e651db4a7dbe102614d7272948/4f540a88fc44431bbf99302539b564c6/4f540a88fc44431bbf99302539b564c6_g.mp4&purl=/news/coronavirus/covid-19-vaccine/35-michiganders-have-died-after-getting-the-covid-vaccine-but-this-stat-is-less-alarming-than-it-seems&dtrack=1&story=1&contplay=*recent&mute=1&tags=COVID-19%20Vaccine%2CInvestigations%2CCoronavirus%2CNews%2CLocal%20News%2CHomepage%20Showcase&cust_params=temp%3D%26weather%3D&s=wxyz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id
KhqY1IhzWPhnRAYmwk.AUZTrSg435ayo
Content-Encoding
gzip
ETag
W/"6024c953b699bb3914e376bc24c97d1e"
Age
299070
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
Connection
keep-alive
Last-Modified
Fri, 07 Jul 2017 18:39:22 GMT
Server
AmazonS3
Date
Fri, 15 Oct 2021 19:50:15 GMT
Vary
Accept-Encoding
Content-Type
text/javascript
Via
1.1 5297df6326448099cefed6e96fd7b00b.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
DUS51-P1
X-Amz-Cf-Id
-Y1jutZTcnoVN5OKfMZg9VKKEuTexa61FW3qzTqSHPBf_rHcUKwTww==
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 78CC 		369 KB
123 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: assets.scrippsdigital.com
URL: https://assets.scrippsdigital.com/cms/js/ScrippsEmbeddedVideoIframe.js?v=05252021
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.74 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f10.1e100.net
Software
sffe /
Resource Hash
8c2c3fee87756e3b9ec4d7e70bda112774ba857c5004b4a41a50fac001948c30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://assets.scrippsdigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 06:54:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
125411
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-instream-static"
expires
Tue, 19 Oct 2021 06:54:44 GMT
videojs.ads.ima.min.js
assets.scrippsdigital.com/cms/videojs/ Frame 78CC 		35 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.scrippsdigital.com/cms/videojs/videojs.ads.ima.min.js
Requested by
Host: assets.scrippsdigital.com
URL: https://assets.scrippsdigital.com/cms/js/ScrippsEmbeddedVideoIframe.js?v=05252021
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f0240bee9e6bcfd0f100b50ac6b0be53b78c24d37c33778565e5c3aeac8cdf7c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://assets.scrippsdigital.com/cms/videoIframe.html?&host=www.wxyz.com&title=35%20Michiganders%20have%20died%20after%20getting%20the%20COVID%20vaccine%20%E2%80%94%C2%A0but%20this%20stat%20is%20less%20alarming%20than%20it%20seems&kw=7%20Action%20News%2CDetroit%2CWXYZ-TV%2Cmetro%20Detroit&autoplay=true&m3u8=https://content.uplynk.com/4f540a88fc44431bbf99302539b564c6.m3u8&mp4=https://x-default-stgec.uplynk.com/ausw/slices/4f5/be88c4e651db4a7dbe102614d7272948/4f540a88fc44431bbf99302539b564c6/4f540a88fc44431bbf99302539b564c6_g.mp4&purl=/news/coronavirus/covid-19-vaccine/35-michiganders-have-died-after-getting-the-covid-vaccine-but-this-stat-is-less-alarming-than-it-seems&dtrack=1&story=1&contplay=*recent&mute=1&tags=COVID-19%20Vaccine%2CInvestigations%2CCoronavirus%2CNews%2CLocal%20News%2CHomepage%20Showcase&cust_params=temp%3D%26weather%3D&s=wxyz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id
jQfzn06.koBAEnYP4aqwoCwOxd5Soy4z
Content-Encoding
gzip
ETag
W/"0b683ccb87d7179c7ae2f381ac303fe5"
Age
136325
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
Connection
keep-alive
Last-Modified
Sat, 10 Mar 2018 19:08:19 GMT
Server
AmazonS3
Date
Sun, 17 Oct 2021 17:02:40 GMT
Vary
Accept-Encoding
Content-Type
text/javascript
Via
1.1 27a205ba0937fb032aa2efb66ec66a80.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
DUS51-P1
X-Amz-Cf-Id
wwMgiQCUVqOaJkk4XoiS0H_UP21noWkqczFuHPcsoRb3tUBet7yRWw==
dwce_cheq_events
log.outbrainimg.com/loggerServices/ 		4 B
325 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://log.outbrainimg.com/loggerServices/dwce_cheq_events?timestamp=1634626484627&sessionId=362d6238-a96d-b80a-d1b2-da32a46f2228&url=www.wxyz.com&cheqSource=1&cheqEvent=0&exitReason=3
Requested by
Host: d25dfknw9ghxs6.cloudfront.net
URL: https://d25dfknw9ghxs6.cloudfront.net/scsp.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.63 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.wxyz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 19 Oct 2021 06:54:44 GMT
Access-Control-Allow-Methods
GET,POST
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
X-TraceId
39e71ba95128240d98a1deb7f2c4d6ef
Content-Length
4
Expires
0
get
odb.outbrain.com/utils/ 		28 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://odb.outbrain.com/utils/get?url=https%3A%2F%2Fwww.wxyz.com%2Fnews%2Fcoronavirus%2Fcovid-19-vaccine%2F35-michiganders-have-died-after-getting-the-covid-vaccine-but-this-stat-is-less-alarming-than-it-seems&idx=0&rand=69852&key=NANOWDGT01&widgetJSId=AR_11&va=true&et=true&format=html&pdobuid=-1&adblck=false&abwl=false&clid=362d6238-a96d-b80a-d1b2-da32a46f2228&fdu=www.wxyz.com&px=325&py=3094&vpd=1894&cw=610&settings=true&recs=true&version=2000476&sig=2r23nbtK&apv=false&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpaStat=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.14.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
af494fcc630cb8748512897821be4c8673a0cfc2ddb3b2ad644e26e7e350e01b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.wxyz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 06:54:44 GMT
via
1.1 varnish, 1.1 varnish
traffic-path
NYDC1, LGA, FRA, Europe1
x-cache
MISS, MISS
p3p
policyref="http://www.outbrain.com/w3c/p3p.xml",CP="NOI NID CURa DEVa TAIa PSAa PSDa OUR IND UNI"
backend-ip
157.52.117.80
x-cache-hits
0, 0
x-traceid
3efae58aefd6a5f5619f350e1412f011
content-encoding
gzip
content-length
6829
x-served-by
cache-lga21980-LGA, cache-fra19169-FRA
x-timer
S1634626485.676855,VS0,VE233
vary
Accept-Encoding, User-Agent
content-type
text/javascript; charset=UTF-8
accept-ranges
bytes
expires
Thu, 01 Jan 1970 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=292820581178899&ev=PageView&dl=https%3A%2F%2Fwww.wxyz.com%2Fnews%2Fcoronavirus%2Fcovid-19-vaccine%2F35-michiganders-have-died-after-getting-the-covid-vaccine-but-this-stat-is-less-alarming-than-it-seems&rl=&if=false&ts=1634626484660&sw=1600&sh=1200&v=2.9.47&r=stable&ec=0&o=30&fbp=fb.1.1634626484659.354115163&it=1634626484487&coo=false&rqm=GET
Requested by
Host: www.wxyz.com
URL: https://www.wxyz.com/news/coronavirus/covid-19-vaccine/35-michiganders-have-died-after-getting-the-covid-vaccine-but-this-stat-is-less-alarming-than-it-seems
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.60.216.35 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-frx5.facebook.com
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.wxyz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 06:54:44 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Tue, 19 Oct 2021 06:54:44 GMT
/
www.facebook.com/tr/ 		44 B
212 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=292820581178899&ev=ViewContent&dl=https%3A%2F%2Fwww.wxyz.com%2Fnews%2Fcoronavirus%2Fcovid-19-vaccine%2F35-michiganders-have-died-after-getting-the-covid-vaccine-but-this-stat-is-less-alarming-than-it-seems&rl=&if=false&ts=1634626484664&sw=1600&sh=1200&v=2.9.47&r=stable&ec=1&o=30&fbp=fb.1.1634626484659.354115163&it=1634626484487&coo=false&rqm=GET
Requested by
Host: www.wxyz.com
URL: https://www.wxyz.com/news/coronavirus/covid-19-vaccine/35-michiganders-have-died-after-getting-the-covid-vaccine-but-this-stat-is-less-alarming-than-it-seems
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.60.216.35 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-frx5.facebook.com
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.wxyz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 06:54:44 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Tue, 19 Oct 2021 06:54:44 GMT
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j93&a=495639019&t=pageview&_s=1&dl=https%3A%2F%2Fwww.wxyz.com%2Fnews%2Fcoronavirus%2Fcovid-19-vaccine%2F35-michiganders-have-died-after-getting-the-covid-vaccine-but-this-stat-is-less-alarming-than-it-seems&ul=en-us&de=UTF-8&dt=35%20Michiganders%20have%20died%20post%20vaccination%20%E2%80%94%C2%A0but%20this%20stat%20is%20less%20alarming%20than%20it%20seems&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAAEAjAAAAAC~&jid=1983711966&gjid=445154803&cid=1117996465.1634626485&tid=UA-40066851-1&_gid=716266629.1634626485&_r=1&gtm=2wgad0R48P&cd20=2048&cd21=&cd22=&cd23=COVID-19%20Vaccine&cd24=COVID-19%20Vaccine%2CInvestigations%2CCoronavirus%2CNews%2CLocal%20News%2CHomepage%20Showcase&cd25=false&cd26=&cd31=true&cd33=true&cd34=false&z=2117897913
Requested by
Host: d25dfknw9ghxs6.cloudfront.net
URL: https://d25dfknw9ghxs6.cloudfront.net/scsp.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.wxyz.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 19 Oct 2021 06:54:44 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.wxyz.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
459 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-40537246-1&cid=1117996465.1634626485&jid=1726198817&gjid=1233333223&_gid=716266629.1634626485&_u=aGDAiEAjBAAAAG~&z=218560325
Requested by
Host: d25dfknw9ghxs6.cloudfront.net
URL: https://d25dfknw9ghxs6.cloudfront.net/scsp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
66.102.1.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wb-in-f155.1e100.net
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.wxyz.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Tue, 19 Oct 2021 06:54:44 GMT
content-type
text/plain
access-control-allow-origin
https://www.wxyz.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j93&a=495639019&t=pageview&_s=1&dl=https%3A%2F%2Fwww.wxyz.com%2Fnews%2Fcoronavirus%2Fcovid-19-vaccine%2F35-michiganders-have-died-after-getting-the-covid-vaccine-but-this-stat-is-less-alarming-than-it-seems&ul=en-us&de=UTF-8&dt=35%20Michiganders%20have%20died%20post%20vaccination%20%E2%80%94%C2%A0but%20this%20stat%20is%20less%20alarming%20than%20it%20seems&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAiEAjBAAAAC~&jid=1726198817&gjid=1233333223&cid=1117996465.1634626485&tid=UA-40537246-1&_gid=716266629.1634626485&cd20=2048&cd21=&cd22=&cd23=COVID-19%20Vaccine&cd24=COVID-19%20Vaccine%2CInvestigations%2CCoronavirus%2CNews%2CLocal%20News%2CHomepage%20Showcase&cd25=false&cd26=&cd31=true&cd33=true&cd34=false&z=51438386
Requested by
Host: www.wxyz.com
URL: https://www.wxyz.com/news/coronavirus/covid-19-vaccine/35-michiganders-have-died-after-getting-the-covid-vaccine-but-this-stat-is-less-alarming-than-it-seems
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.wxyz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Oct 2021 11:56:29 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
68295
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
config
c.amazon-adsystem.com/cdn/prod/ Frame 78CC 		0
315 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=3295&u=https%3A%2F%2Fwww.wxyz.com%2F
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.210.175 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-210-175.fra56.r.cloudfront.net
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://assets.scrippsdigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 05:27:56 GMT
via
1.1 4c692717a0e85914a993c3aa5c8a2ef7.cloudfront.net (CloudFront)
server
Server
age
5207
x-cache
Hit from cloudfront
access-control-allow-origin
https://assets.scrippsdigital.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-pop
FRA56-P3
x-amz-cf-id
9Gil2PvoKC6smh0fcRhGXf6jjeyTz1fPzqGRkdJ9h3dNBgVbWb2Fug==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 78CC 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.210.175 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-210-175.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://assets.scrippsdigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id
c91ZTIbLZrDqT0mloV_AD7.LNsTlhW69
content-encoding
gzip
etag
W/"a4d296427fc806b21335359e398c025c"
age
43346
x-cache
Hit from cloudfront
access-control-max-age
3000
access-control-allow-origin
*
last-modified
Thu, 07 Oct 2021 01:02:33 GMT
server
AmazonS3
date
Mon, 18 Oct 2021 23:54:13 GMT
vary
Origin
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 29f7132906866b79866659848b3a3b69.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
FRA56-P3
x-amz-cf-id
6PhFPSBROAO9l74M2F-3Uqr417VrJeHRQ5Q90zHr_WZXaiMnpQ26oQ==
pubads_impl_2021101201.js
securepubads.g.doubleclick.net/gpt/ 		361 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101201.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
sffe /
Resource Hash
3739f7e3f233afefaaf897a2c109cd3dcce3799125f58957b4a622b610511a63
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.wxyz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 06:54:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
124532
x-xss-protection
0
last-modified
Tue, 12 Oct 2021 08:35:04 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 19 Oct 2021 06:54:44 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		120 B
120 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.wxyz.com
Requested by
Host: d25dfknw9ghxs6.cloudfront.net
URL: https://d25dfknw9ghxs6.cloudfront.net/scsp.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
f56463307de891d0ed4ecbbf2d11a85e8f3ec736bd46e6741f49434f9f4934f0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.wxyz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 19 Oct 2021 06:54:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
95
x-xss-protection
0
expires
Tue, 19 Oct 2021 06:54:44 GMT
dc_pre=COCqwJfy1fMCFQz3UQodK14JTg;src=4394967;type=wxyz;cat=pc_tt0;ord=2650410390512;gtm=2wgad0;auiddc=573424486.1634626484;u1=COVID-19%20Vaccine;u2=35%20Michiganders%20have%20died%20post%20vaccina...
adservice.google.de/ddm/fls/i/ Frame 10C8 		194 B
870 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/ddm/fls/i/dc_pre=COCqwJfy1fMCFQz3UQodK14JTg;src=4394967;type=wxyz;cat=pc_tt0;ord=2650410390512;gtm=2wgad0;auiddc=573424486.1634626484;u1=COVID-19%20Vaccine;u2=35%20Michiganders%20have%20died%20post%20vaccination%20%E2%80%94%C2%A0but%20this%20stat%20is%20less%20alarming%20than%20it%20seems;~oref=https%3A%2F%2Fwww.wxyz.com%2Fnews%2Fcoronavirus%2Fcovid-19-vaccine%2F35-michiganders-have-died-after-getting-the-covid-vaccine-but-this-stat-is-less-alarming-than-it-seems
Requested by
Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=COCqwJfy1fMCFQz3UQodK14JTg;src=4394967;type=wxyz;cat=pc_tt0;ord=2650410390512;gtm=2wgad0;auiddc=573424486.1634626484;u1=COVID-19%20Vaccine;u2=35%20Michiganders%20have%20died%20post%20vaccination%20%E2%80%94%C2%A0but%20this%20stat%20is%20less%20alarming%20than%20it%20seems;~oref=https%3A%2F%2Fwww.wxyz.com%2Fnews%2Fcoronavirus%2Fcovid-19-vaccine%2F35-michiganders-have-died-after-getting-the-covid-vaccine-but-this-stat-is-less-alarming-than-it-seems
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
adservice.google.de
:scheme
https
:path
/ddm/fls/i/dc_pre=COCqwJfy1fMCFQz3UQodK14JTg;src=4394967;type=wxyz;cat=pc_tt0;ord=2650410390512;gtm=2wgad0;auiddc=573424486.1634626484;u1=COVID-19%20Vaccine;u2=35%20Michiganders%20have%20died%20post%20vaccination%20%E2%80%94%C2%A0but%20this%20stat%20is%20less%20alarming%20than%20it%20seems;~oref=https%3A%2F%2Fwww.wxyz.com%2Fnews%2Fcoronavirus%2Fcovid-19-vaccine%2F35-michiganders-have-died-after-getting-the-covid-vaccine-but-this-stat-is-less-alarming-than-it-seems
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://adservice.google.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://adservice.google.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Tue, 19 Oct 2021 06:54:44 GMT
expires
Tue, 19 Oct 2021 06:54:44 GMT
cache-control
private, max-age=0
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
177
x-xss-protection
0
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
dwce_cheq_events
log.outbrainimg.com/loggerServices/ 		4 B
325 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://log.outbrainimg.com/loggerServices/dwce_cheq_events?timestamp=1634626484792&sessionId=362d6238-a96d-b80a-d1b2-da32a46f2228&url=www.wxyz.com&cheqSource=1&cheqEvent=2&responseTime=679
Requested by
Host: d25dfknw9ghxs6.cloudfront.net
URL: https://d25dfknw9ghxs6.cloudfront.net/scsp.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.63 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.wxyz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 19 Oct 2021 06:54:45 GMT
Access-Control-Allow-Methods
GET,POST
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
X-TraceId
1bc3aee50b114710b0a9d5c2112ce352
Content-Length
4
Expires
0
imp.gif
obs.cheqzone.com/tracker/ 		43 B
135 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://obs.cheqzone.com/tracker/imp.gif?e=37dfbd8ee84e001369eac137ec4382999225c24f567d51c5c30f41b0254384cfa532ff1a285aa40e98d022e0b44dc87ea4a36fde4c1b8c682309094d0ba0bfea9475489e91da563e351aff717718956a8b70cd0130003f8101424d3f065cc3bf775d36fa26e877cb55e2cc7ce2586fb01f6f3903d053f054abd1c5d52fe87547ed62d2f1157f84163342775a98d5037af473aef8d5e05f53af0ccce27bb9768f3580428f175df1675ca548171b29d5493ebeb8e5aa33b03aae16a277e34f716db9dc271e62245f816e99d51ff41d2589d3f17e181d7784fd776494855f193447771713dcf6481d011bb4a61022d9bb827bc3bb046b0d5ff3e4fac9cd68b7dec05af552995f397ccbeb8ad6a762c19ebb74923009cffacf3e0404b5342eba9a0631bb8aae778e06ac15b6d14d931ec3c72dc26a31c59a24d86cc1d5b9f68ce7eb0b36e46af3e2ae3b5b26bb813594e511e1444403de550e8482d5cc90ae83339c7dd09fb6df2ebb7c2960c4366b83849f0e7f90fd66be4df289568e3bae704d0658cb23ae40ddcabe72b4842ccc0cf09e91da6a9a524222ae055b477d487fcca064f9148383882fa4946ef89320dc85f9ef3285b3f358297883ee580bd8b31f5d12bbe9e522e063c4bd41abb87baf2fff77cc07c95286fb6f9e4472f9fcd722227b385a69161f53fba59135911feb100d0034a9e81e9dc54152a9a59be2ed32dfb4a0e1c5adfaac085d20e913d3a4536f9f51274e8620022f7efc7ab3645b9ef9cb088b7cd4278db72fceb1119a7e073d23037f0f81c6e4da2066539a1c5988d0dfbbacd755059cdda16fc5dd7969aca700207bab83d3573da562d44d951eff2dd847998e46bac96da7c5cc8bc61070e5a47926d76ab4cef0b91c9c21&cb=1634626484792&cri=Mc7ATq0gFv
Requested by
Host: www.wxyz.com
URL: https://www.wxyz.com/news/coronavirus/covid-19-vaccine/35-michiganders-have-died-after-getting-the-covid-vaccine-but-this-stat-is-less-alarming-than-it-seems
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.172.245.152 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-245-152.compute-1.amazonaws.com
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.wxyz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Oct 2021 06:54:44 GMT
cache-control
no-cache, no-store, must-revalidate
cheq_headers_order
Cache-Control Pragma Expires Content-Type Date Connection Content-Length
content-type
image/gif
content-length
43
expires
Fri, 01 Jan 1990 00:00:00 GMT
bid
c.amazon-adsystem.com/e/dtb/ Frame 78CC 		64 B
539 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=3295&u=https%3A%2F%2Fwww.wxyz.com%2F&pr=https%3A%2F%2Fwww.wxyz.com%2F&pid=60sYEa3e6AeqI&cb=0&ws=610x343&v=7.69.01&t=2000&slots=%5B%7B%22id%22%3A%22preroll%22%2C%22mt%22%3A%22v%22%7D%5D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.210.175 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-210-175.fra56.r.cloudfront.net
Software
Server /
Resource Hash
d278491b1de51ad826d16be5ab27b1746999c02d45200f107218427e34eed798
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://assets.scrippsdigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 06:54:44 GMT
via
1.1 4c692717a0e85914a993c3aa5c8a2ef7.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P3
x-amz-rid
2JVK1TGSNZ8Z67HXZYBN
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://assets.scrippsdigital.com
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
64
x-amz-cf-id
kr2LEcbuq6_4zZnammndn1cQMNOladIRoRz1-j0ZDIFADEwTuhidEw==
bid
c.amazon-adsystem.com/e/dtb/ 		64 B
531 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=3295&u=https%3A%2F%2Fwww.wxyz.com%2Fnews%2Fcoronavirus%2Fcovid-19-vaccine%2F35-michiganders-have-died-after-getting-the-covid-vaccine-but-this-stat-is-less-alarming-than-it-seems&pid=7sFLnJxLa58Qc&cb=0&ws=1600x1200&v=7.69.01&t=1500&slots=%5B%7B%22sd%22%3A%22MAD_INVIEW%22%2C%22s%22%3A%5B%22728x90%22%5D%7D%2C%7B%22sd%22%3A%22MAD_RIGHT_RAIL%22%2C%22s%22%3A%5B%22300x600%22%2C%22300x250%22%5D%7D%5D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: d25dfknw9ghxs6.cloudfront.net
URL: https://d25dfknw9ghxs6.cloudfront.net/scsp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.210.175 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-210-175.fra56.r.cloudfront.net
Software
Server /
Resource Hash
d278491b1de51ad826d16be5ab27b1746999c02d45200f107218427e34eed798
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.wxyz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 06:54:44 GMT
via
1.1 4c692717a0e85914a993c3aa5c8a2ef7.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P3
x-amz-rid
CJ7HJXNNS218Q9V149YN
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.wxyz.com
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
64
x-amz-cf-id
42Iw1iYHF-uQRSP5uF6VJwrjDnYIswVE1AuPBJyxpLqbTid9yWfN0A==
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
472 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969c0301797961d75b6287b0650050&pos=8a969c0301797961d75b629240bd00ac&cmd=bid&secure=1
Requested by
Host: d25dfknw9ghxs6.cloudfront.net
URL: https://d25dfknw9ghxs6.cloudfront.net/scsp.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/7.1.2.138 /
Resource Hash
4cf31d82a40b28cc791cf8c436d38630b540ce90430d56c4a140babf3d5154f1

Request headers

Referer
https://www.wxyz.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 19 Oct 2021 06:54:44 GMT
Server
ATS/7.1.2.138
Age
0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST,GET,HEAD,OPTIONS
Content-Type
application/json;charset=utf-8
Access-Control-Allow-Origin
https://www.wxyz.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
472 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969c0301797961d75b6287b0650050&pos=8a96941601797961e0d7629241c900af&cmd=bid&secure=1
Requested by
Host: d25dfknw9ghxs6.cloudfront.net
URL: https://d25dfknw9ghxs6.cloudfront.net/scsp.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/7.1.2.138 /
Resource Hash
3313ad52b1bc6a546badc153af5070e3eb772940511fd1305354989fea370971

Request headers

Referer
https://www.wxyz.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 19 Oct 2021 06:54:44 GMT
Server
ATS/7.1.2.138
Age
0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST,GET,HEAD,OPTIONS
Content-Type
application/json;charset=utf-8
Access-Control-Allow-Origin
https://www.wxyz.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
62
v2
e.serverbid.com/api/ 		711 B
982 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://e.serverbid.com/api/v2
Requested by
Host: d25dfknw9ghxs6.cloudfront.net
URL: https://d25dfknw9ghxs6.cloudfront.net/scsp.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
165.227.252.242 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
1385a4f55db1166435032cd0c1d542629ccc77f520fb0d3702e1d2da2f514a24

Request headers

Referer
https://www.wxyz.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.wxyz.com
date
Tue, 19 Oct 2021 06:54:45 GMT
access-control-allow-credentials
true
content-length
711
vary
Origin
content-type
application/json
fastlane.json
fastlane.rubiconproject.com/a/api/ 		482 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=5776&site_id=361740&zone_id=1953918%3B1953916&size_id=2%3B15&alt_size_ids=%3B10&rf=https%3A%2F%2Fwww.wxyz.com%2Fnews%2Fcoronavirus%2Fcovid-19-vaccine%2F35-michiganders-have-died-after-getting-the-covid-vaccine-but-this-stat-is-less-alarming-than-it-seems&tg_i.aupname=%2F6088%2Fssp.wxyz%26mad_inview%3B%2F6088%2Fssp.wxyz%26mad_right_rail&tg_i.dfp_ad_unit_code=6088%2Fssp.wxyz%2Finview-bottom%3B6088%2Fssp.wxyz%2Fnews%2Fcoronavirus%2Fcovid_19_vaccine%2Fdetail&tg_i.pbadslot=6088%2Fssp.wxyz%2Finview-bottom%3B6088%2Fssp.wxyz%2Fnews%2Fcoronavirus%2Fcovid_19_vaccine%2Fdetail&tk_flint=dmpbjs_v5.11.0&x_source.tid=2c4ac643-51fa-4bc7-bac8-cc3dd1b3d0ec%3Bbbc50a26-cb08-4a53-ac87-40c8e3dbd4c0&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=2&rand=0.7545812056846775
Requested by
Host: d25dfknw9ghxs6.cloudfront.net
URL: https://d25dfknw9ghxs6.cloudfront.net/scsp.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.143 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
41737915860fe7d29d9d4d93bf40dd8058ddc19f62182a8442a188a41d3827ba

Request headers

Referer
https://www.wxyz.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 19 Oct 2021 06:54:45 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.wxyz.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
482
Expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
ib.adnxs.com/ut/v3/ 		250 B
928 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: d25dfknw9ghxs6.cloudfront.net
URL: https://d25dfknw9ghxs6.cloudfront.net/scsp.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.50 , Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
d397b88960a45e7fbd88d6cdeacad8aba62e05f989c5d586dcd9a6858b254744
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.wxyz.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 19 Oct 2021 06:54:44 GMT
X-Proxy-Origin
216.131.111.33; 216.131.111.33; 728.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
a99172c9-5f74-430a-b35d-4b9db7faf0ae
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.wxyz.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
250
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
arj
ewscripps-d.openx.net/w/1.0/ 		172 B
557 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ewscripps-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.wxyz.com%2Fnews%2Fcoronavirus%2Fcovid-19-vaccine%2F35-michiganders-have-died-after-getting-the-covid-vaccine-but-this-stat-is-less-alarming-than-it-seems&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=2c4ac643-51fa-4bc7-bac8-cc3dd1b3d0ec%2Cbbc50a26-cb08-4a53-ac87-40c8e3dbd4c0&nocache=1634626484887&aus=728x90%7C300x600%2C300x250&divids=MAD_INVIEW%2CMAD_RIGHT_RAIL&aucs=%252F6088%252Fssp.wxyz%252Finview-bottom%2C%252F6088%252Fssp.wxyz%252Fnews%252Fcoronavirus%252Fcovid_19_vaccine%252Fdetail&auid=544041453%2C544041451
Requested by
Host: d25dfknw9ghxs6.cloudfront.net
URL: https://d25dfknw9ghxs6.cloudfront.net/scsp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.217.0 /
Resource Hash
7b5b8ab882d53272ee88bd6dda94fd59eebe5e5c4e22093c998e905352e47506

Request headers

Referer
https://www.wxyz.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 19 Oct 2021 06:54:44 GMT
content-encoding
gzip
server
OXGW/16.217.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.wxyz.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
163
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
imp
g2.gumgum.com/hbid/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?t=eqcei5f6&pi=3&maxw=728&maxh=90&si=112965&bf=728x90&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.wxyz.com%2Fnews%2Fcoronavirus%2Fcovid-19-vaccine%2F35-michiganders-have-died-after-getting-the-covid-vaccine-but-this-stat-is-less-alarming-than-it-seems&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%225.11.0%22%7D&ogu=https%3A%2F%2Fwww.wxyz.com%2Fnews%2Fcoronavirus%2Fcovid-19-vaccine%2F35-michiganders-have-died-after-getting-the-covid-vaccine-but-this-stat-is-less-alarming-than-it-seems&ns=9830&gpid=%2F6088%2Fssp.wxyz%2Finview-bottom
Requested by
Host: d25dfknw9ghxs6.cloudfront.net
URL: https://d25dfknw9ghxs6.cloudfront.net/scsp.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.208.41.69 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-41-69.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
36b4f48db5bd434d1563a91f77cf731a4a04f41e528736d2ee892fe5f3ae29a1

Request headers

Referer
https://www.wxyz.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 19 Oct 2021 06:54:44 GMT
content-encoding
gzip
server
nginx
timing-allow-origin
*
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://www.wxyz.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-type
application/json;charset=UTF-8
expires
0
imp
g2.gumgum.com/hbid/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?t=eqcei5f6&pi=3&maxw=300&maxh=600&si=112964&bf=300x600%2C300x250&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.wxyz.com%2Fnews%2Fcoronavirus%2Fcovid-19-vaccine%2F35-michiganders-have-died-after-getting-the-covid-vaccine-but-this-stat-is-less-alarming-than-it-seems&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%225.11.0%22%7D&ogu=https%3A%2F%2Fwww.wxyz.com%2Fnews%2Fcoronavirus%2Fcovid-19-vaccine%2F35-michiganders-have-died-after-getting-the-covid-vaccine-but-this-stat-is-less-alarming-than-it-seems&ns=9830&gpid=%2F6088%2Fssp.wxyz%2Fnews%2Fcoronavirus%2Fcovid_19_vaccine%2Fdetail
Requested by
Host: d25dfknw9ghxs6.cloudfront.net
URL: https://d25dfknw9ghxs6.cloudfront.net/scsp.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.208.41.69 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-41-69.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
d10093911e241c26595b0f62f3cbef850021a1f04c4891120b51803e8d6ab50d

Request headers

Referer
https://www.wxyz.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 19 Oct 2021 06:54:44 GMT
content-encoding
gzip
server
nginx
timing-allow-origin
*
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://www.wxyz.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-type
application/json;charset=UTF-8
expires
0
auction
tlx.3lift.com/header/ 		19 B
263 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=5.11.0&referrer=https%3A%2F%2Fwww.wxyz.com%2Fnews%2Fcoronavirus%2Fcovid-19-vaccine%2F35-michiganders-have-died-after-getting-the-covid-vaccine-but-this-stat-is-less-alarming-than-it-seems&tmax=2000
Requested by
Host: d25dfknw9ghxs6.cloudfront.net
URL: https://d25dfknw9ghxs6.cloudfront.net/scsp.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.124.87.92 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-87-92.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.wxyz.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 19 Oct 2021 06:54:44 GMT
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.wxyz.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
hb
ssc.33across.com/api/v1/ 		66 B
158 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=d9YbK4Bymr67OuaKj0P0Le
Requested by
Host: d25dfknw9ghxs6.cloudfront.net
URL: https://d25dfknw9ghxs6.cloudfront.net/scsp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
40deabde2594c461c0f8f32ae423447afb4fd56a2ed1d844ff7eb95c928f2bb5

Request headers

Referer
https://www.wxyz.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 19 Oct 2021 06:54:44 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.wxyz.com
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
hb
ssc.33across.com/api/v1/ 		66 B
297 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=d6EtcQBymr67OuaKj0P0Le
Requested by
Host: d25dfknw9ghxs6.cloudfront.net
URL: https://d25dfknw9ghxs6.cloudfront.net/scsp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
de3cdb1f6a7bf23c7917655035d955dc5e7ce47af7bbb2def8a8197fdbe8acf0

Request headers

Referer
https://www.wxyz.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 19 Oct 2021 06:54:44 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.wxyz.com
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
bid
c.amazon-adsystem.com/e/dtb/ 		64 B
532 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=3295&u=https%3A%2F%2Fwww.wxyz.com%2Fnews%2Fcoronavirus%2Fcovid-19-vaccine%2F35-michiganders-have-died-after-getting-the-covid-vaccine-but-this-stat-is-less-alarming-than-it-seems&pid=7sFLnJxLa58Qc&cb=1&ws=1600x1200&v=7.69.01&t=1500&slots=%5B%7B%22sd%22%3A%22MAD_INLINE%22%2C%22s%22%3A%5B%22300x250%22%5D%7D%2C%7B%22sd%22%3A%22MAD_HEADER%22%2C%22s%22%3A%5B%22970x250%22%2C%22728x90%22%2C%22970x90%22%2C%22994x30%22%2C%2210x1%22%5D%7D%5D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: d25dfknw9ghxs6.cloudfront.net
URL: https://d25dfknw9ghxs6.cloudfront.net/scsp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.210.175 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-210-175.fra56.r.cloudfront.net
Software
Server /
Resource Hash
8db22950b3f47f686f4bad6b6d21386f03a4b0b24320c6715436424e41dcda09
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.wxyz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 06:54:44 GMT
via
1.1 4c692717a0e85914a993c3aa5c8a2ef7.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P3
x-amz-rid
JP782NV4HFQMHJ8NG4A2
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.wxyz.com
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
64
x-amz-cf-id
Nv99NfHwGxiR9kyymZLeDR_EHakMmS7j4jE-ynM5RE9pSweTutCi7A==
arj
ewscripps-d.openx.net/w/1.0/ 		174 B
360 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ewscripps-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.wxyz.com%2Fnews%2Fcoronavirus%2Fcovid-19-vaccine%2F35-michiganders-have-died-after-getting-the-covid-vaccine-but-this-stat-is-less-alarming-than-it-seems&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=42cfc313-e9c3-4bc0-b116-98b17d1bbf96&nocache=1634626484914&aus=970x250%2C728x90%2C970x90&divids=MAD_HEADER&aucs=%252F6088%252Fssp.wxyz%252Fnews%252Fcoronavirus%252Fcovid_19_vaccine%252Fdetail&auid=544041445
Requested by
Host: d25dfknw9ghxs6.cloudfront.net
URL: https://d25dfknw9ghxs6.cloudfront.net/scsp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.217.0 /
Resource Hash
a706f1d2302d94554ff1e0d3c35237ced262059459fbebd816335c10f8b89ae2

Request headers

Referer
https://www.wxyz.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 19 Oct 2021 06:54:45 GMT
content-encoding
gzip
server
OXGW/16.217.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.wxyz.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
164
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
auction
tlx.3lift.com/header/ 		19 B
262 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=5.11.0&referrer=https%3A%2F%2Fwww.wxyz.com%2Fnews%2Fcoronavirus%2Fcovid-19-vaccine%2F35-michiganders-have-died-after-getting-the-covid-vaccine-but-this-stat-is-less-alarming-than-it-seems&tmax=2000
Requested by
Host: d25dfknw9ghxs6.cloudfront.net
URL: https://d25dfknw9ghxs6.cloudfront.net/scsp.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.124.87.92 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-87-92.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.wxyz.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 19 Oct 2021 06:54:44 GMT
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.wxyz.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		542 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=5776&site_id=361740&zone_id=2090262%3B1953912&size_id=15%3B2&alt_size_ids=%3B55%2C57&rf=https%3A%2F%2Fwww.wxyz.com%2Fnews%2Fcoronavirus%2Fcovid-19-vaccine%2F35-michiganders-have-died-after-getting-the-covid-vaccine-but-this-stat-is-less-alarming-than-it-seems&tg_i.aupname=%2F6088%2Fssp.wxyz%26mad_inline%3B%2F6088%2Fssp.wxyz%26mad_header&tg_i.dfp_ad_unit_code=6088%2Fssp.wxyz%2Fnews%2Fcoronavirus%2Fcovid_19_vaccine%2Fdetail&tg_i.pbadslot=6088%2Fssp.wxyz%2Fnews%2Fcoronavirus%2Fcovid_19_vaccine%2Fdetail&tk_flint=dmpbjs_v5.11.0&x_source.tid=670d9f5c-b9e8-44b9-8215-4b10af9b09d2%3B42cfc313-e9c3-4bc0-b116-98b17d1bbf96&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=2&rand=0.7229058053491122
Requested by
Host: d25dfknw9ghxs6.cloudfront.net
URL: https://d25dfknw9ghxs6.cloudfront.net/scsp.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.143 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
4ada71870425ae766a4a46117d190f346ce911730952d869e2eab7195c7aecb8

Request headers

Referer
https://www.wxyz.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 19 Oct 2021 06:54:45 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.wxyz.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
542
Expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
ib.adnxs.com/ut/v3/ 		139 B
817 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: d25dfknw9ghxs6.cloudfront.net
URL: https://d25dfknw9ghxs6.cloudfront.net/scsp.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.50 , Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
43a58715cddcea61d6e85f3b9e34a99326489f1fdac5c8c292d9e0702c419a07
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.wxyz.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 19 Oct 2021 06:54:44 GMT
X-Proxy-Origin
216.131.111.33; 216.131.111.33; 728.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
89a2e59b-dd42-4396-86c1-be21bba90656
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.wxyz.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
139
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
v2
e.serverbid.com/api/ 		711 B
982 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://e.serverbid.com/api/v2
Requested by
Host: d25dfknw9ghxs6.cloudfront.net
URL: https://d25dfknw9ghxs6.cloudfront.net/scsp.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
165.227.252.242 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
1385a4f55db1166435032cd0c1d542629ccc77f520fb0d3702e1d2da2f514a24

Request headers

Referer
https://www.wxyz.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.wxyz.com
date
Tue, 19 Oct 2021 06:54:45 GMT
access-control-allow-credentials
true
content-length
711
vary
Origin
content-type
application/json
hb
ssc.33across.com/api/v1/ 		66 B
149 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=dZH_MSBymr67OuaKj0P0Le
Requested by
Host: d25dfknw9ghxs6.cloudfront.net
URL: https://d25dfknw9ghxs6.cloudfront.net/scsp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
19cbad638e821949cc54e51a5a4ac84d98f66e6785b0af3bb2fb50c378e544a8

Request headers

Referer
https://www.wxyz.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 19 Oct 2021 06:54:44 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.wxyz.com
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
472 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969c0301797961d75b6287b0650050&pos=8a9691c501797961dc1a62923fce00a3&cmd=bid&secure=1
Requested by
Host: d25dfknw9ghxs6.cloudfront.net
URL: https://d25dfknw9ghxs6.cloudfront.net/scsp.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/7.1.2.138 /
Resource Hash
4cc37741acb0d1eede5da7609c7c11b2557c4fb02b70d3ff41018dff00d11632

Request headers

Referer
https://www.wxyz.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 19 Oct 2021 06:54:44 GMT
Server
ATS/7.1.2.138
Age
0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST,GET,HEAD,OPTIONS
Content-Type
application/json;charset=utf-8
Access-Control-Allow-Origin
https://www.wxyz.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
62
imp
g2.gumgum.com/hbid/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?pubId=13797&pi=3&maxw=300&maxh=250&si=217097&bf=300x250&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.wxyz.com%2Fnews%2Fcoronavirus%2Fcovid-19-vaccine%2F35-michiganders-have-died-after-getting-the-covid-vaccine-but-this-stat-is-less-alarming-than-it-seems&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%225.11.0%22%7D&ogu=https%3A%2F%2Fwww.wxyz.com%2Fnews%2Fcoronavirus%2Fcovid-19-vaccine%2F35-michiganders-have-died-after-getting-the-covid-vaccine-but-this-stat-is-less-alarming-than-it-seems&ns=9830&gpid=%2F6088%2Fssp.wxyz%2Fnews%2Fcoronavirus%2Fcovid_19_vaccine%2Fdetail
Requested by
Host: d25dfknw9ghxs6.cloudfront.net
URL: https://d25dfknw9ghxs6.cloudfront.net/scsp.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.208.41.69 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-41-69.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
4e2886b8e76fc79bd2d8f93a1c3da8299893112e885db2e894d07a6f7306a073

Request headers

Referer
https://www.wxyz.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 19 Oct 2021 06:54:44 GMT
content-encoding
gzip
server
nginx
timing-allow-origin
*
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://www.wxyz.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-type
application/json;charset=UTF-8
expires
0
imp
g2.gumgum.com/hbid/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?t=eqcei5f6&pi=3&maxw=970&maxh=250&si=112962&bf=970x250%2C728x90%2C970x90&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.wxyz.com%2Fnews%2Fcoronavirus%2Fcovid-19-vaccine%2F35-michiganders-have-died-after-getting-the-covid-vaccine-but-this-stat-is-less-alarming-than-it-seems&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%225.11.0%22%7D&ogu=https%3A%2F%2Fwww.wxyz.com%2Fnews%2Fcoronavirus%2Fcovid-19-vaccine%2F35-michiganders-have-died-after-getting-the-covid-vaccine-but-this-stat-is-less-alarming-than-it-seems&ns=9830&gpid=%2F6088%2Fssp.wxyz%2Fnews%2Fcoronavirus%2Fcovid_19_vaccine%2Fdetail
Requested by
Host: d25dfknw9ghxs6.cloudfront.net
URL: https://d25dfknw9ghxs6.cloudfront.net/scsp.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.208.41.69 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-41-69.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
0b9a33921b51dacbe0dbc713ddd391943b847b60c547c13132ccc444c201c42a

Request headers

Referer
https://www.wxyz.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 19 Oct 2021 06:54:44 GMT
content-encoding
gzip
server
nginx
timing-allow-origin
*
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://www.wxyz.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-type
application/json;charset=UTF-8
expires
0
truncated
/ Frame 78CC 		4 KB
4 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a39d9acefe24437ed2d4031241c6a1e19751f7e2010681b9320dd2264d27ef54

Request headers

Referer
Origin
https://assets.scrippsdigital.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
application/font-woff;charset=utf-8
bridge3.485.1_en.html
imasdk.googleapis.com/js/core/ Frame DCF5 		577 KB
189 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.485.1_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.74 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f10.1e100.net
Software
sffe /
Resource Hash
95031080831fd62b0946bfb827edf9279ddf3afa0711940b8d27e627f62046ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
imasdk.googleapis.com
:scheme
https
:path
/js/core/bridge3.485.1_en.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://assets.scrippsdigital.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://assets.scrippsdigital.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-instream-static"
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length
193945
date
Mon, 18 Oct 2021 05:09:54 GMT
expires
Tue, 18 Oct 2022 05:09:54 GMT
last-modified
Mon, 11 Oct 2021 16:34:41 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
92691
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
client.js
s0.2mdn.net/instream/video/ Frame 78CC 		44 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.134 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f134.1e100.net
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://assets.scrippsdigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 06:54:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 19 Oct 2021 06:54:45 GMT
4f540a88fc44431bbf99302539b564c6_g.mp4
x-default-stgec.uplynk.com/ausw/slices/4f5/be88c4e651db4a7dbe102614d7272948/4f540a88fc44431bbf99302539b564c6/ Frame 78CC 		5 MB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://x-default-stgec.uplynk.com/ausw/slices/4f5/be88c4e651db4a7dbe102614d7272948/4f540a88fc44431bbf99302539b564c6/4f540a88fc44431bbf99302539b564c6_g.mp4
Requested by
Host: www.wxyz.com
URL: https://www.wxyz.com/news/coronavirus/covid-19-vaccine/35-michiganders-have-died-after-getting-the-covid-vaccine-but-this-stat-is-less-alarming-than-it-seems
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.220.181 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://assets.scrippsdigital.com/
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Range
bytes=0-

Response headers

date
Tue, 19 Oct 2021 06:54:46 GMT
etag
"3f2d48e1044225ae041c1f74e0834e7c"
last-modified
Fri, 26 Feb 2021 23:11:39 GMT
server
AmazonS3
x-amz-request-id
H08BXXTZ4QFV2NGH
x-amz-server-side-encryption
AES256
content-type
application/binary
Content-Range
bytes 0-72005220/72005221
accept-ranges
bytes
access-control-allow-origin
*
Content-Length
72005221
x-amz-id-2
u2PQ+TL7IrsAMuw+c5YXjY5jNHa8VEu8C1egw+EGm0wvaRKdRxyVWRhOej8VZTKqaRR6aSSrWXc=
x-ec-put2cache
1
ob_smartFeedLogo.min.svg
widgets.outbrain.com/images/widgetIcons/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.outbrain.com/images/widgetIcons/ob_smartFeedLogo.min.svg
Requested by
Host: www.wxyz.com
URL: https://www.wxyz.com/news/coronavirus/covid-19-vaccine/35-michiganders-have-died-after-getting-the-covid-vaccine-but-this-stat-is-less-alarming-than-it-seems
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.190 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-190.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
8050f05c230d74be333b63cef230e786094e9100f55fa19c6c0831e95870768d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.wxyz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 06:54:45 GMT
last-modified
Wed, 29 Sep 2021 12:08:44 GMT
server
AkamaiNetStorage
etag
"f370d19306add072a726e7f4ade8dc57:1632925441.341222"
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
7090
expires
Thu, 18 Nov 2021 06:54:45 GMT
achoice.svg
widgets.outbrain.com/images/widgetIcons/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.outbrain.com/images/widgetIcons/achoice.svg
Requested by
Host: www.wxyz.com
URL: https://www.wxyz.com/news/coronavirus/covid-19-vaccine/35-michiganders-have-died-after-getting-the-covid-vaccine-but-this-stat-is-less-alarming-than-it-seems
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.190 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-190.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.wxyz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 06:54:45 GMT
last-modified
Wed, 29 Sep 2021 12:08:44 GMT
server
AkamaiNetStorage
etag
"9d26fa4e7238ed94f1d0d92afb453b3e:1632925421.842018"
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
2735
expires
Thu, 18 Nov 2021 06:54:45 GMT
l
mcdp-nydc1.outbrain.com/ 		2 B
292 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mcdp-nydc1.outbrain.com/l?token=cf85d6230a96cabb166ff8f79590a170_4112_1634626484861&tm=960&eT=0&widgetWidth=610&widgetHeight=196&widgetX=325&widgetY=3193&wRV=2000476&pVis=1&lsd=-1&eIdx=&cnsnt=no_consent&cheq=2&rtt=369&oo=true&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.63 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.wxyz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin
*
Date
Tue, 19 Oct 2021 06:54:45 GMT
content-encoding
gzip
X-TraceId
de5dd150ec471c0621e738af44ffd9dd
Content-Type
text/plain; charset=UTF-8
Content-Length
28
access-control-expose-headers
content-range
streamFeed.js
widgets.outbrain.com/nanoWidget/2000476/module/ 		56 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/nanoWidget/2000476/module/streamFeed.js?e=1
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.190 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-190.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
27b09941b35ac66529f0911975b1b47b9ef34ae76193f5228c5f20d113665c74

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.wxyz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 06:54:45 GMT
content-encoding
gzip
last-modified
Mon, 18 Oct 2021 12:36:07 GMT
server
AkamaiNetStorage
etag
"585a1a6f540076b0f8ad940a34477d0d:1634563726.093117"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=345600
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
18521
eyJpdSI6ImIzZTFmNzhhZTMxZTZlOTk3NWI2Nzc0NmE1NTYzNGUzYjFkZWMzNGIzMTdmOGY3MWM4NDI5MTgyMzAzNzVjNzgiLCJ3IjoyNDAsImgiOjEzNSwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6ImIzZTFmNzhhZTMxZTZlOTk3NWI2Nzc0NmE1NTYzNGUzYjFkZWMzNGIzMTdmOGY3MWM4NDI5MTgyMzAzNzVjNzgiLCJ3IjoyNDAsImgiOjEzNSwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by
Host: www.wxyz.com
URL: https://www.wxyz.com/news/coronavirus/covid-19-vaccine/35-michiganders-have-died-after-getting-the-covid-vaccine-but-this-stat-is-less-alarming-than-it-seems
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.143.94 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-143-94.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
1721ae9e650286980e1799232e7f85213135c5f55e39b4a6faa4ff969561c2b5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.wxyz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 06:54:45 GMT
cache-control
max-age=388312
last-modified
Sat, 17 Jul 2021 22:02:25 GMT
x-traceid
23973de7d5c45b025b594ce218382384
timing-allow-origin
*
content-length
16024
content-type
image/webp
get
mv.outbrain.com/Multivac/api/ 		61 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mv.outbrain.com/Multivac/api/get?url=https%3A%2F%2Fwww.wxyz.com%2Fnews%2Fcoronavirus%2Fcovid-19-vaccine%2F35-michiganders-have-died-after-getting-the-covid-vaccine-but-this-stat-is-less-alarming-than-it-seems&settings=true&recs=true&widgetJSId=AR_11&key=NANOWDGT01&version=2000476&apv=true&sig=2r23nbtK&format=html&rand=44361&pdobuid=-1&osLang=en-US&va=true&et=true&cmpStat=0&ccpaStat=0&scrW=1600&scrH=1200&t=Y2Y4NWQ2MjMwYTk2Y2FiYjE2NmZmOGY3OTU5MGExNzA=&winW=1600&winH=1200&adblck=false&abwl=false&secured=true&feedIdx=0&lastIdx=0&lastCardIdx=0&fAB=11523-77045&layeredTestInfo=11523-77045-&clss=bi77tLBrXrCXuBnu%2BPxNOaC2g0HurPMwcNwgyzfCUjtOEdzhMlu9cxPqZ%2BVV%2BGdYmIGEa8%2BRH0CDdzOx&pcer=p%3DJdxYlrMkPguCBJe-mhNlNHAsHsJ87goNtkwiRLUNa2o%26c%3D7de08b8f%26v%3D3&dpr=1&cw=610
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/2000476/module/streamFeed.js?e=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.14.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d296fa81596343c329166b4d8d9873b1b4a0e86efb4c7eceb57c83c5178910e0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.wxyz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 06:54:45 GMT
via
1.1 varnish, 1.1 varnish
traffic-path
NYDC1, LGA, FRA, Europe1
x-cache
MISS, MISS
p3p
policyref="http://www.outbrain.com/w3c/p3p.xml",CP="NOI NID CURa DEVa TAIa PSAa PSDa OUR IND UNI"
backend-ip
157.52.117.25
x-cache-hits
0, 0
x-traceid
f2cce61f83d41faefa5ca7499d990750
content-encoding
gzip
content-length
20074
x-served-by
cache-lga21925-LGA, cache-fra19169-FRA
x-timer
S1634626485.047921,VS0,VE412
vary
Accept-Encoding, User-Agent
content-type
text/javascript; charset=UTF-8
accept-ranges
bytes
expires
Thu, 01 Jan 1970 00:00:00 GMT
blockedDomains_3.bin
lit.connatix.com/08d73d33-9bb5-9b21-f035-1721d593115a/ Frame 385C 		54 B
300 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lit.connatix.com/08d73d33-9bb5-9b21-f035-1721d593115a/blockedDomains_3.bin
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e87e082f0cd8c67e281641290266747af1638390bb86573db02e43ee9faae667

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 06:54:45 GMT
content-encoding
gzip
last-modified
Mon, 21 Jun 2021 21:16:16 GMT
age
2751655
etag
"5248073488c33d1429a8387fe5bf6cda"
vary
Accept-Encoding
content-type
application/octet-stream
access-control-allow-origin
*
access-control-max-age
86400
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
content-length
63
sr
capi.connatix.com/tr/ Frame 385C 		0
293 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/tr/sr?v=133566
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.138.43.101 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-138-43-101.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
multipart/form-data

Response headers

Date
Tue, 19 Oct 2021 06:54:45 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
multipart/form-data
Access-Control-Allow-Origin
https://www.wxyz.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
20
analytics.js
s.srvsynd.com/2/234175/ 		7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.srvsynd.com/2/234175/analytics.js?dt=2341751597675869250012&di=www.wxyz.com&ui=00000000-0000-0000-0000-000000000000&md=2&ap=undefined&sr=connatix.com&pp=102506&ti=x1096992544050543755095165698048&de=2&to=3&pv=a2db4630-b2c5-49c0-ad3a-47b3c42f3186
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.203.131.238 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-131-238.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ee26cdb03e9f97384ba67d1aa164564304db6acb7be12b3b339e09ccc7874f1e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.wxyz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 19 Oct 2021 06:54:44 GMT
Content-Encoding
gzip
Accept-Ch
Viewport-Width, Width, DPR, RTT, ECT, Device-Memory, Downlink, Save-Data
Vary
*
Content-Type
application/javascript
Cache-Control
no-cache, no-store, must-revalidate, no-transform, private, max-age=0
Strict-Transport-Security
max-age=31536000; includeSubDomains
Timing-Allow-Origin
*
Content-Length
3153
Expires
0
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		79 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
sffe /
Resource Hash
e3a721b932b0f0dd2b806104fbdf5728949f1b281cea9e5af71c285eed9fafe5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.wxyz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 06:54:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1018 / 84 of 1000 / last-modified: 1634597506"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27088
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 19 Oct 2021 06:54:45 GMT
5e652c0c-36ed-4ef7-a57c-a4d321139464.bin
vid.connatix.com/9216c465-c0f2-4280-8564-419793282e21/ Frame 385C 		7 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.connatix.com/9216c465-c0f2-4280-8564-419793282e21/5e652c0c-36ed-4ef7-a57c-a4d321139464.bin
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
aff0932ba70bf0faf8a483ae65a8737906607547789b866ebaf65b9ae8405d68

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 06:54:45 GMT
content-encoding
gzip
last-modified
Mon, 18 Oct 2021 16:23:38 GMT
age
4770
etag
"ed3b5e63067cbe6cb4055c0ba0f4e3c0"
vary
Accept-Encoding
content-type
application/octet-stream
access-control-allow-origin
*
access-control-max-age
86400
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
content-length
1414
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 385C 		369 KB
123 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.74 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f10.1e100.net
Software
sffe /
Resource Hash
8c2c3fee87756e3b9ec4d7e70bda112774ba857c5004b4a41a50fac001948c30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 06:54:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
125411
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-instream-static"
expires
Tue, 19 Oct 2021 06:54:45 GMT
ao
capi.connatix.com/tr/ Frame 385C 		0
293 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/tr/ao?v=133566
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.138.43.101 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-138-43-101.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
multipart/form-data

Response headers

Date
Tue, 19 Oct 2021 06:54:45 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
multipart/form-data
Access-Control-Allow-Origin
https://www.wxyz.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
20
ps
capi.connatix.com/tr/ Frame 385C 		0
293 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/tr/ps?v=133566
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.138.43.101 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-138-43-101.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
multipart/form-data

Response headers

Date
Tue, 19 Oct 2021 06:54:45 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
multipart/form-data
Access-Control-Allow-Origin
https://www.wxyz.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
20
24194a52-b448-4c9c-b69a-60abf6bbc5a5.jpg
img.connatix.com/9216c465-c0f2-4280-8564-419793282e21/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.connatix.com/9216c465-c0f2-4280-8564-419793282e21/24194a52-b448-4c9c-b69a-60abf6bbc5a5.jpg?crop=600:338,smart&width=600&height=338&format=jpeg&quality=60&fit=crop
Requested by
Host: www.wxyz.com
URL: https://www.wxyz.com/news/coronavirus/covid-19-vaccine/35-michiganders-have-died-after-getting-the-covid-vaccine-but-this-stat-is-less-alarming-than-it-seems
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
1deecdd57957187a13078d71113cbd62f1c9b798ff67730c7f8426c12261cecf

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.wxyz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 06:54:45 GMT
content-encoding
br
age
52180
etag
"jLbRmylOLOUMel6eayWCf7tLZ+CzF40yrTdsdbYtszA"
access-control-max-age
86400
fastly-io-info
ifsz=76433 idim=1280x720 ifmt=jpeg ofsz=28117 odim=600x338 ofmt=jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, public
fastly-stats
io=1
accept-ranges
bytes
content-type
image/jpeg
content-length
27761
881af95d-0422-46eb-9343-ffab3531c8ff.jpg
img.connatix.com/9216c465-c0f2-4280-8564-419793282e21/ 		19 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.connatix.com/9216c465-c0f2-4280-8564-419793282e21/881af95d-0422-46eb-9343-ffab3531c8ff.jpg?crop=600:338,smart&width=600&height=338&format=jpeg&quality=60&fit=crop
Requested by
Host: www.wxyz.com
URL: https://www.wxyz.com/news/coronavirus/covid-19-vaccine/35-michiganders-have-died-after-getting-the-covid-vaccine-but-this-stat-is-less-alarming-than-it-seems
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
57876ceb594cd215556fc9da166a1121fc51d892c0f7e5cb5fb544384b6f70f6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.wxyz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 06:54:45 GMT
content-encoding
br
age
52179
etag
"aVunZH3/r4vJLyzNmuiDQXCG+8VSaRSku3Rfn3F0nQg"
access-control-max-age
86400
fastly-io-info
ifsz=1705702 idim=1434x828 ifmt=png ofsz=19091 odim=600x338 ofmt=jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, public
fastly-stats
io=1
accept-ranges
bytes
content-type
image/jpeg
content-length
18719
2aa8989a-dfb0-431a-b13e-72f93784fb6c.jpg
img.connatix.com/9216c465-c0f2-4280-8564-419793282e21/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.connatix.com/9216c465-c0f2-4280-8564-419793282e21/2aa8989a-dfb0-431a-b13e-72f93784fb6c.jpg?crop=600:338,smart&width=600&height=338&format=jpeg&quality=60&fit=crop
Requested by
Host: www.wxyz.com
URL: https://www.wxyz.com/news/coronavirus/covid-19-vaccine/35-michiganders-have-died-after-getting-the-covid-vaccine-but-this-stat-is-less-alarming-than-it-seems
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
fe2bd5f89efd1756d03758e07294606d7b754082027b4437f4e6863d0064d0d4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.wxyz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 06:54:45 GMT
content-encoding
br
age
52179
etag
"XuHDFNQLgmYcr3/8pWaTXX5SyS0MFni/OUIPJ0l+g50"
access-control-max-age
86400
fastly-io-info
ifsz=50001 idim=1280x720 ifmt=jpeg ofsz=18893 odim=600x338 ofmt=jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, public
fastly-stats
io=1
accept-ranges
bytes
content-type
image/jpeg
content-length
18039
cba9bb3d-e13d-4ebd-8fcd-be31a85f793b.jpg
img.connatix.com/9216c465-c0f2-4280-8564-419793282e21/ 		31 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.connatix.com/9216c465-c0f2-4280-8564-419793282e21/cba9bb3d-e13d-4ebd-8fcd-be31a85f793b.jpg?crop=600:338,smart&width=600&height=338&format=jpeg&quality=60&fit=crop
Requested by
Host: www.wxyz.com
URL: https://www.wxyz.com/news/coronavirus/covid-19-vaccine/35-michiganders-have-died-after-getting-the-covid-vaccine-but-this-stat-is-less-alarming-than-it-seems
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c2b2215fdfb6d3151ab6fb40f072c62a7aa03b11dd856e0b34b81b37fca98a93

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.wxyz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 06:54:45 GMT
content-encoding
br
age
52180
etag
"Ow+v7b23cuWBsLjs7UqcQCcigvi6OGAup+GpMsEu7mY"
access-control-max-age
86400
fastly-io-info
ifsz=84294 idim=1280x720 ifmt=jpeg ofsz=31239 odim=600x338 ofmt=jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, public
fastly-stats
io=1
accept-ranges
bytes
content-type
image/jpeg
content-length
30860
7c006445-a100-4249-b8be-15f18c3f0783.jpg
img.connatix.com/9216c465-c0f2-4280-8564-419793282e21/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.connatix.com/9216c465-c0f2-4280-8564-419793282e21/7c006445-a100-4249-b8be-15f18c3f0783.jpg?crop=600:338,smart&width=600&height=338&format=jpeg&quality=60&fit=crop
Requested by
Host: www.wxyz.com
URL: https://www.wxyz.com/news/coronavirus/covid-19-vaccine/35-michiganders-have-died-after-getting-the-covid-vaccine-but-this-stat-is-less-alarming-than-it-seems
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d1d4ae04a3f4a43c51badd0882b7bae3ff821601bb96bcd0dff27eaa2bfcc4d8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.wxyz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 06:54:45 GMT
content-encoding
br
age
52179
etag
"qGMHgoUkiP34W2H09VrRCHy4LMtcsUeC/fGKwYUQ4t4"
access-control-max-age
86400
fastly-io-info
ifsz=54933 idim=1280x720 ifmt=jpeg ofsz=19405 odim=600x338 ofmt=jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, public
fastly-stats
io=1
accept-ranges
bytes
content-type
image/jpeg
content-length
18986
24194a52-b448-4c9c-b69a-60abf6bbc5a5.jpg
img.connatix.com/9216c465-c0f2-4280-8564-419793282e21/ 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.connatix.com/9216c465-c0f2-4280-8564-419793282e21/24194a52-b448-4c9c-b69a-60abf6bbc5a5.jpg?crop=600:410,smart&width=600&height=410&format=jpeg&quality=60&fit=crop
Requested by
Host: www.wxyz.com
URL: https://www.wxyz.com/news/coronavirus/covid-19-vaccine/35-michiganders-have-died-after-getting-the-covid-vaccine-but-this-stat-is-less-alarming-than-it-seems
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d03cc69852d9a49f58141a05cec000a8f1ff5016ac546a553c8e6b13cbc66049

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.wxyz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 06:54:45 GMT
content-encoding
br
age
52179
etag
"x8/c4EZbtIwkjAaH2uQPZyYf0qyEhgxNohkecr0Ff6k"
access-control-max-age
86400
fastly-io-info
ifsz=76433 idim=1280x720 ifmt=jpeg ofsz=32196 odim=600x410 ofmt=jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, public
fastly-stats
io=1
accept-ranges
bytes
content-type
image/jpeg
content-length
31820
e8ca194a-2f17-4b59-ac68-a8b08b55c9bc_360_h264.mp4
vid.connatix.com/9216c465-c0f2-4280-8564-419793282e21/ 		64 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://vid.connatix.com/9216c465-c0f2-4280-8564-419793282e21/e8ca194a-2f17-4b59-ac68-a8b08b55c9bc_360_h264.mp4
Requested by
Host: www.wxyz.com
URL: https://www.wxyz.com/news/coronavirus/covid-19-vaccine/35-michiganders-have-died-after-getting-the-covid-vaccine-but-this-stat-is-less-alarming-than-it-seems
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.wxyz.com/
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Range
bytes=0-

Response headers

date
Tue, 19 Oct 2021 06:54:45 GMT
last-modified
Mon, 18 Oct 2021 16:22:00 GMT
age
52179
etag
"d944b01f9439e58c8051b64cf32d3808"
access-control-max-age
86400
content-type
video/mp4
Content-Range
bytes 0-868502/868503
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
access-control-allow-origin
*
Content-Length
868503
a4e8c17e-1e06-4ab0-91f2-08d4f987894d_360_h264.mp4
vid.connatix.com/9216c465-c0f2-4280-8564-419793282e21/ 		64 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://vid.connatix.com/9216c465-c0f2-4280-8564-419793282e21/a4e8c17e-1e06-4ab0-91f2-08d4f987894d_360_h264.mp4
Requested by
Host: www.wxyz.com
URL: https://www.wxyz.com/news/coronavirus/covid-19-vaccine/35-michiganders-have-died-after-getting-the-covid-vaccine-but-this-stat-is-less-alarming-than-it-seems
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.wxyz.com/
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Range
bytes=0-

Response headers

date
Tue, 19 Oct 2021 06:54:45 GMT
last-modified
Mon, 18 Oct 2021 16:23:05 GMT
age
52179
etag
"848aab147ab0070f808ccd4b8afac50a"
access-control-max-age
86400
content-type
video/mp4
Content-Range
bytes 0-1014264/1014265
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
access-control-allow-origin
*
Content-Length
1014265
b7477cbd-720e-4372-8b9c-ddf25470563e_360_h264.mp4
vid.connatix.com/9216c465-c0f2-4280-8564-419793282e21/ 		64 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://vid.connatix.com/9216c465-c0f2-4280-8564-419793282e21/b7477cbd-720e-4372-8b9c-ddf25470563e_360_h264.mp4
Requested by
Host: www.wxyz.com
URL: https://www.wxyz.com/news/coronavirus/covid-19-vaccine/35-michiganders-have-died-after-getting-the-covid-vaccine-but-this-stat-is-less-alarming-than-it-seems
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.wxyz.com/
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Range
bytes=0-

Response headers

date
Tue, 19 Oct 2021 06:54:45 GMT
last-modified
Mon, 18 Oct 2021 16:21:23 GMT
age
52179
etag
"f23a5147848805583994d61cba43f6f5"
access-control-max-age
86400
content-type
video/mp4
Content-Range
bytes 0-846584/846585
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
access-control-allow-origin
*
Content-Length
846585
d7428f90-063e-4114-8d4f-e5d84a65455b_360_h264.mp4
vid.connatix.com/9216c465-c0f2-4280-8564-419793282e21/ 		64 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://vid.connatix.com/9216c465-c0f2-4280-8564-419793282e21/d7428f90-063e-4114-8d4f-e5d84a65455b_360_h264.mp4
Requested by
Host: www.wxyz.com
URL: https://www.wxyz.com/news/coronavirus/covid-19-vaccine/35-michiganders-have-died-after-getting-the-covid-vaccine-but-this-stat-is-less-alarming-than-it-seems
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.wxyz.com/
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Range
bytes=0-

Response headers

date
Tue, 19 Oct 2021 06:54:45 GMT
last-modified
Mon, 18 Oct 2021 16:21:52 GMT
age
52179
etag
"e01036c39745752753ea92d68222405d"
access-control-max-age
86400
content-type
video/mp4
Content-Range
bytes 0-852045/852046
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
access-control-allow-origin
*
Content-Length
852046
ff4f1255-20cf-41a9-8675-9264c11d6b26_360_h264.mp4
vid.connatix.com/9216c465-c0f2-4280-8564-419793282e21/ 		64 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://vid.connatix.com/9216c465-c0f2-4280-8564-419793282e21/ff4f1255-20cf-41a9-8675-9264c11d6b26_360_h264.mp4
Requested by
Host: www.wxyz.com
URL: https://www.wxyz.com/news/coronavirus/covid-19-vaccine/35-michiganders-have-died-after-getting-the-covid-vaccine-but-this-stat-is-less-alarming-than-it-seems
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.wxyz.com/
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Range
bytes=0-

Response headers

date
Tue, 19 Oct 2021 06:54:45 GMT
last-modified
Mon, 18 Oct 2021 16:21:46 GMT
age
52179
etag
"5d9ce1748110d9cad9b0031ac73bdad2"
access-control-max-age
86400
content-type
video/mp4
Content-Range
bytes 0-929893/929894
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
access-control-allow-origin
*
Content-Length
929894
/
www.facebook.com/tr/ Frame E307 		0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: www.wxyz.com
URL: https://www.wxyz.com/news/coronavirus/covid-19-vaccine/35-michiganders-have-died-after-getting-the-covid-vaccine-but-this-stat-is-less-alarming-than-it-seems
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
185.60.216.35 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-frx5.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

:method
POST
:authority
www.facebook.com
:scheme
https
:path
/tr/
content-length
6199
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
origin
https://www.wxyz.com
content-type
application/x-www-form-urlencoded
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.wxyz.com/
accept-encoding
gzip, deflate, br
cookie
fr=03Q5G7HVwbF8udmWf..Bhbmu0...1.0.Bhbmu0.
Upgrade-Insecure-Requests
1
Origin
https://www.wxyz.com
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.wxyz.com/

Response headers

content-type
text/plain
access-control-allow-origin
https://www.wxyz.com
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
content-length
0
server
proxygen-bolt
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
date
Tue, 19 Oct 2021 06:54:45 GMT
bridge3.485.1_en.html
imasdk.googleapis.com/js/core/ Frame 68AF 		577 KB
189 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.485.1_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.74 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f10.1e100.net
Software
sffe /
Resource Hash
95031080831fd62b0946bfb827edf9279ddf3afa0711940b8d27e627f62046ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
imasdk.googleapis.com
:scheme
https
:path
/js/core/bridge3.485.1_en.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.wxyz.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.wxyz.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-instream-static"
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length
193945
date
Mon, 18 Oct 2021 05:09:54 GMT
expires
Tue, 18 Oct 2022 05:09:54 GMT
last-modified
Mon, 11 Oct 2021 16:34:41 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
92691
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
client.js
s0.2mdn.net/instream/video/ Frame 385C 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.134 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f134.1e100.net
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 06:54:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 19 Oct 2021 06:54:45 GMT
bridge3.485.1_en.html
imasdk.googleapis.com/js/core/ Frame 7874 		577 KB
189 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.485.1_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.74 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f10.1e100.net
Software
sffe /
Resource Hash
95031080831fd62b0946bfb827edf9279ddf3afa0711940b8d27e627f62046ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
imasdk.googleapis.com
:scheme
https
:path
/js/core/bridge3.485.1_en.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.wxyz.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.wxyz.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-instream-static"
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length
193945
date
Mon, 18 Oct 2021 05:09:54 GMT
expires
Tue, 18 Oct 2022 05:09:54 GMT
last-modified
Mon, 11 Oct 2021 16:34:41 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
92691
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
bridge3.485.1_en.html
imasdk.googleapis.com/js/core/ Frame 11DD 		577 KB
189 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.485.1_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.74 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f10.1e100.net
Software
sffe /
Resource Hash
95031080831fd62b0946bfb827edf9279ddf3afa0711940b8d27e627f62046ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
imasdk.googleapis.com
:scheme
https
:path
/js/core/bridge3.485.1_en.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.wxyz.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.wxyz.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-instream-static"
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length
193945
date
Mon, 18 Oct 2021 05:09:54 GMT
expires
Tue, 18 Oct 2022 05:09:54 GMT
last-modified
Mon, 11 Oct 2021 16:34:41 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
92691
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
postback
s.srvsynd.com/2/2.33.0/234175/ANj05scOEANFVF0O/ 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.srvsynd.com/2/2.33.0/234175/ANj05scOEANFVF0O/postback?oz_pl=1&sr=connatix.com&to=3&ui=00000000-0000-0000-0000-000000000000&md=2&ap=undefined&pp=102506&ti=x1096992544050543755095165698048&de=2&pv=a2db4630-b2c5-49c0-ad3a-47b3c42f3186&ci=234175&dt=2341751597675869250012&di=www.wxyz.com&_x=1
Requested by
Host: d25dfknw9ghxs6.cloudfront.net
URL: https://d25dfknw9ghxs6.cloudfront.net/scsp.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.203.131.238 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-131-238.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.wxyz.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 19 Oct 2021 06:54:44 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
main.js
s.srvsynd.com/2/2.33.0/ 		152 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.srvsynd.com/2/2.33.0/main.js
Requested by
Host: s.srvsynd.com
URL: https://s.srvsynd.com/2/234175/analytics.js?dt=2341751597675869250012&di=www.wxyz.com&ui=00000000-0000-0000-0000-000000000000&md=2&ap=undefined&sr=connatix.com&pp=102506&ti=x1096992544050543755095165698048&de=2&to=3&pv=a2db4630-b2c5-49c0-ad3a-47b3c42f3186
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.203.131.238 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-131-238.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
7a3b4c985dc5de60264f6a19da2b094563d3dfc6b1fc1bd33645cae3e0db6cc3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.wxyz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Tue, 19 Oct 2021 06:54:44 GMT
Content-Encoding
br
Accept-Ch
Viewport-Width, Width, DPR, RTT, ECT, Device-Memory, Downlink, Save-Data
Vary
Origin, Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, no-transform, immutable, max-age=999999999
Strict-Transport-Security
max-age=31536000; includeSubDomains
Timing-Allow-Origin
*
Content-Length
47424
Expires
Fri, 27 Jun 2053 06:29:40 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.wxyz.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101201.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.wxyz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 19 Oct 2021 06:54:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.wxyz.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101201.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.wxyz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 19 Oct 2021 06:54:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		46 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=927070668138408&correlator=1282110922614344&output=ldjh&impl=fifs&eid=31061814%2C31063214%2C31062464&vrg=2021101201&ptt=17&sc=1&sfv=1-0-38&ecs=20211019&iu_parts=6088%2Cssp.wxyz%2Cnews%2Ccoronavirus%2Ccovid_19_vaccine%2Cdetail&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5%2C%2F0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=300x250%2C970x250%7C728x90%7C970x90%7C994x30%7C10x1&prev_scp=kw%3D7%2520Action%2520News%252CDetroit%252CWXYZ-TV%252Cmetro%2520Detroit%26categories%3Dcovid-19%2520vaccine%2520investigations%2520coronavirus%2520news%2520local%2520news%2520homepage%2520showcase%26pt%3Ddetail%252Ctrue%26fname%3D35-michiganders-have-died-after-getting-the-covid-vaccine-but-this-stat-is-less-alarming-than-it-seems%26site%3Dprod%26device%3Ddesktop%26pos%3Dabove%252C2%26au%3Dnews%252Fcoronavirus%252Fcovid_19_vaccine%252Fdetail%26refresh%3D0%26m_mv%3DslotNoSlotData%26m_gv%3DslotNoSlotData%26amznbid%3D2%26amznp%3D2%7Ckw%3D7%2520Action%2520News%252CDetroit%252CWXYZ-TV%252Cmetro%2520Detroit%26categories%3Dcovid-19%2520vaccine%2520investigations%2520coronavirus%2520news%2520local%2520news%2520homepage%2520showcase%26pt%3Ddetail%252Ctrue%26fname%3D35-michiganders-have-died-after-getting-the-covid-vaccine-but-this-stat-is-less-alarming-than-it-seems%26site%3Dprod%26device%3Ddesktop%26pos%3Dabove%252C2%26au%3Dnews%252Fcoronavirus%252Fcovid_19_vaccine%252Fdetail%26refresh%3D0%26m_mv%3DslotNoSlotData%26m_gv%3DslotNoSlotData%26amznbid%3D2%26amznp%3D2&eri=1&cust_params=m_data%3D1%26m_safety%3Dunsafe%26m_categories%3Dgv_death_injury%252Cmoat_unsafe%26m_mv%3DdataAvailable%26m_gv%3DdataAvailable&cookie_enabled=1&bc=31&abxe=1&lmt=1634626485&dt=1634626485431&dlt=1634626483668&idt=1184&frm=20&biw=1600&bih=1200&oid=2&adxs=325%2C-12245933&adys=2048%2C-12245933&adks=3201991636%2C574374887&ucis=1%7C2&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.wxyz.com%2Fnews%2Fcoronavirus%2Fcovid-19-vaccine%2F35-michiganders-have-died-after-getting-the-covid-vaccine-but-this-stat-is-less-alarming-than-it-seems&vis=1&dmc=8&scr_x=0&scr_y=0&psz=610x30%7C1500x0&msz=610x30%7C970x0&ga_vid=1117996465.1634626485&ga_sid=1634626485&ga_hid=495639019&ga_fc=true&fws=4%2C132&ohw=1070%2C1600&btvi=1%7C-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: d25dfknw9ghxs6.cloudfront.net
URL: https://d25dfknw9ghxs6.cloudfront.net/scsp.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
12711a40f013e25dca5d22e041f12fdd414270002115151e5b46c8ff02e64e0d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.wxyz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 06:54:45 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10282
x-xss-protection
0
google-lineitem-id
5809540498,5809540498
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138367465411,138367465225
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.wxyz.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
404070df3b8f7600f3dcb3117e8eab48.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 7D8C 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://404070df3b8f7600f3dcb3117e8eab48.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f1.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
404070df3b8f7600f3dcb3117e8eab48.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.wxyz.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.wxyz.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Tue, 19 Oct 2021 06:54:45 GMT
expires
Wed, 19 Oct 2022 06:54:45 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
a4e8c17e-1e06-4ab0-91f2-08d4f987894d_360_h264.mp4
vid.connatix.com/9216c465-c0f2-4280-8564-419793282e21/ 		192 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://vid.connatix.com/9216c465-c0f2-4280-8564-419793282e21/a4e8c17e-1e06-4ab0-91f2-08d4f987894d_360_h264.mp4
Requested by
Host: www.wxyz.com
URL: https://www.wxyz.com/news/coronavirus/covid-19-vaccine/35-michiganders-have-died-after-getting-the-covid-vaccine-but-this-stat-is-less-alarming-than-it-seems
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.wxyz.com/
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Range
bytes=65536-

Response headers

date
Tue, 19 Oct 2021 06:54:45 GMT
last-modified
Mon, 18 Oct 2021 16:23:05 GMT
age
52179
etag
"848aab147ab0070f808ccd4b8afac50a"
access-control-max-age
86400
content-type
video/mp4
Content-Range
bytes 65536-1014264/1014265
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
access-control-allow-origin
*
Content-Length
948729
e8ca194a-2f17-4b59-ac68-a8b08b55c9bc_360_h264.mp4
vid.connatix.com/9216c465-c0f2-4280-8564-419793282e21/ 		192 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://vid.connatix.com/9216c465-c0f2-4280-8564-419793282e21/e8ca194a-2f17-4b59-ac68-a8b08b55c9bc_360_h264.mp4
Requested by
Host: www.wxyz.com
URL: https://www.wxyz.com/news/coronavirus/covid-19-vaccine/35-michiganders-have-died-after-getting-the-covid-vaccine-but-this-stat-is-less-alarming-than-it-seems
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.wxyz.com/
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Range
bytes=65536-

Response headers

date
Tue, 19 Oct 2021 06:54:45 GMT
last-modified
Mon, 18 Oct 2021 16:22:00 GMT
age
52179
etag
"d944b01f9439e58c8051b64cf32d3808"
access-control-max-age
86400
content-type
video/mp4
Content-Range
bytes 65536-868502/868503
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
access-control-allow-origin
*
Content-Length
802967
ads
securepubads.g.doubleclick.net/gampad/ 		97 KB
33 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=927070668138408&correlator=3878360281523725&output=ldjh&impl=fifs&eid=31061814%2C31063214%2C31062464&vrg=2021101201&ptt=17&sc=1&sfv=1-0-38&ecs=20211019&iu_parts=6088%2Cssp.wxyz%2Cinview-bottom%2Cnews%2Ccoronavirus%2Ccovid_19_vaccine%2Cdetail&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F3%2F4%2F5%2F6&prev_iu_szs=728x90%2C300x600%7C300x250&prev_scp=kw%3D7%2520Action%2520News%252CDetroit%252CWXYZ-TV%252Cmetro%2520Detroit%26categories%3Dcovid-19%2520vaccine%2520investigations%2520coronavirus%2520news%2520local%2520news%2520homepage%2520showcase%26pt%3Ddetail%252Ctrue%26fname%3D35-michiganders-have-died-after-getting-the-covid-vaccine-but-this-stat-is-less-alarming-than-it-seems%26site%3Dprod%26device%3Ddesktop%26pos%3Dabove%252C1%26au%3Dnews%252Fcoronavirus%252Fcovid_19_vaccine%252Fdetail%26refresh%3D0%26m_mv%3DslotNoSlotData%26m_gv%3DslotNoSlotData%26amznbid%3D2%26amznp%3D2%7Ckw%3D7%2520Action%2520News%252CDetroit%252CWXYZ-TV%252Cmetro%2520Detroit%26categories%3Dcovid-19%2520vaccine%2520investigations%2520coronavirus%2520news%2520local%2520news%2520homepage%2520showcase%26pt%3Ddetail%252Ctrue%26fname%3D35-michiganders-have-died-after-getting-the-covid-vaccine-but-this-stat-is-less-alarming-than-it-seems%26site%3Dprod%26device%3Ddesktop%26pos%3Dabove%252C1%26au%3Dnews%252Fcoronavirus%252Fcovid_19_vaccine%252Fdetail%26refresh%3D0%26m_mv%3DslotNoSlotData%26m_gv%3DslotNoSlotData%26amznbid%3D2%26amznp%3D2&eri=1&cust_params=m_data%3D1%26m_safety%3Dunsafe%26m_categories%3Dgv_death_injury%252Cmoat_unsafe%26m_mv%3DdataAvailable%26m_gv%3DdataAvailable&cookie_enabled=1&bc=31&abxe=1&lmt=1634626485&dt=1634626485463&dlt=1634626483668&idt=1184&frm=20&biw=1600&bih=1200&oid=2&adxs=-12245933%2C975&adys=-12245933%2C898&adks=421683115%2C571733854&ucis=3%7C4&ifi=3&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.wxyz.com%2Fnews%2Fcoronavirus%2Fcovid-19-vaccine%2F35-michiganders-have-died-after-getting-the-covid-vaccine-but-this-stat-is-less-alarming-than-it-seems&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x0%7C300x30&msz=1600x-1%7C300x30&ga_vid=1117996465.1634626485&ga_sid=1634626485&ga_hid=495639019&ga_fc=true&fws=644%2C4&ohw=1600%2C1070&btvi=-1%7C0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: d25dfknw9ghxs6.cloudfront.net
URL: https://d25dfknw9ghxs6.cloudfront.net/scsp.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
87ca13416176ac0c3a2fda8aedc4a55260f766adbc801c155dd029ce5486f00a
Security Headers
Name Value
Content-Security-Policy child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12502976385620377600/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12502976385620377600/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CMCeipjy1fMCFYYIiwodB4YECQ&gqi=&layout=/sadbundle/%24csp%253Der3%24/12502976385620377600/index.html
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.wxyz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12502976385620377600/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12502976385620377600/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CMCeipjy1fMCFYYIiwodB4YECQ&gqi=&layout=/sadbundle/%24csp%253Der3%24/12502976385620377600/index.html
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
google-creative-id
-1,138367465342
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34106
x-xss-protection
0
google-lineitem-id
-1,5809540498
pragma
no-cache
server
cafe
google-mediationtag-id
-2
date
Tue, 19 Oct 2021 06:54:45 GMT
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.wxyz.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
b7477cbd-720e-4372-8b9c-ddf25470563e_360_h264.mp4
vid.connatix.com/9216c465-c0f2-4280-8564-419793282e21/ 		192 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://vid.connatix.com/9216c465-c0f2-4280-8564-419793282e21/b7477cbd-720e-4372-8b9c-ddf25470563e_360_h264.mp4
Requested by
Host: www.wxyz.com
URL: https://www.wxyz.com/news/coronavirus/covid-19-vaccine/35-michiganders-have-died-after-getting-the-covid-vaccine-but-this-stat-is-less-alarming-than-it-seems
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.wxyz.com/
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Range
bytes=65536-

Response headers

date
Tue, 19 Oct 2021 06:54:45 GMT
last-modified
Mon, 18 Oct 2021 16:21:23 GMT
age
52179
etag
"f23a5147848805583994d61cba43f6f5"
access-control-max-age
86400
content-type
video/mp4
Content-Range
bytes 65536-846584/846585
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
access-control-allow-origin
*
Content-Length
781049
ff4f1255-20cf-41a9-8675-9264c11d6b26_360_h264.mp4
vid.connatix.com/9216c465-c0f2-4280-8564-419793282e21/ 		192 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://vid.connatix.com/9216c465-c0f2-4280-8564-419793282e21/ff4f1255-20cf-41a9-8675-9264c11d6b26_360_h264.mp4
Requested by
Host: www.wxyz.com
URL: https://www.wxyz.com/news/coronavirus/covid-19-vaccine/35-michiganders-have-died-after-getting-the-covid-vaccine-but-this-stat-is-less-alarming-than-it-seems
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.wxyz.com/
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Range
bytes=65536-

Response headers

date
Tue, 19 Oct 2021 06:54:45 GMT
last-modified
Mon, 18 Oct 2021 16:21:46 GMT
age
52179
etag
"5d9ce1748110d9cad9b0031ac73bdad2"
access-control-max-age
86400
content-type
video/mp4
Content-Range
bytes 65536-929893/929894
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
access-control-allow-origin
*
Content-Length
864358
postback
s.srvsynd.com/2/2.33.0/234175/ANj05scOEANFVF0O/ 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.srvsynd.com/2/2.33.0/234175/ANj05scOEANFVF0O/postback?oz_pl=1&sr=connatix.com&to=3&ui=00000000-0000-0000-0000-000000000000&md=2&ap=undefined&pp=102506&ti=x1096992544050543755095165698048&de=2&pv=a2db4630-b2c5-49c0-ad3a-47b3c42f3186&ci=234175&dt=2341751597675869250012&di=www.wxyz.com&_x=1
Requested by
Host: d25dfknw9ghxs6.cloudfront.net
URL: https://d25dfknw9ghxs6.cloudfront.net/scsp.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.203.131.238 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-131-238.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.wxyz.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 19 Oct 2021 06:54:45 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
d7428f90-063e-4114-8d4f-e5d84a65455b_360_h264.mp4
vid.connatix.com/9216c465-c0f2-4280-8564-419793282e21/ 		192 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://vid.connatix.com/9216c465-c0f2-4280-8564-419793282e21/d7428f90-063e-4114-8d4f-e5d84a65455b_360_h264.mp4
Requested by
Host: www.wxyz.com
URL: https://www.wxyz.com/news/coronavirus/covid-19-vaccine/35-michiganders-have-died-after-getting-the-covid-vaccine-but-this-stat-is-less-alarming-than-it-seems
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.wxyz.com/
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Range
bytes=65536-

Response headers

date
Tue, 19 Oct 2021 06:54:45 GMT
last-modified
Mon, 18 Oct 2021 16:21:52 GMT
age
52179
etag
"e01036c39745752753ea92d68222405d"
access-control-max-age
86400
content-type
video/mp4
Content-Range
bytes 65536-852045/852046
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
access-control-allow-origin
*
Content-Length
786510
integrator.js
adservice.google.com/adsid/ Frame 78CC 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=assets.scrippsdigital.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://assets.scrippsdigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 19 Oct 2021 06:54:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
singleAnimationOnFeed.js
widgets.outbrain.com/nanoWidget/2000476/module/ 		550 B
833 B 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/nanoWidget/2000476/module/singleAnimationOnFeed.js?e=1
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.190 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-190.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
403cea8095f7c63dbad7fa344ee0077ff3ab8af037ea6c8ff9bebff740662015

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.wxyz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 06:54:45 GMT
last-modified
Mon, 18 Oct 2021 12:36:07 GMT
server
AkamaiNetStorage
etag
"bf1dc0a082dfc25e069328057fe013c4:1634563721.837991"
access-control-allow-methods
GET,POST
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=345600
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
550
l
mcdp-nydc1.outbrain.com/ 		2 B
292 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mcdp-nydc1.outbrain.com/l?token=f200dca37ca855fb692e310d9630bcdc_4112_1634626485403&tm=1509&eT=0&widgetWidth=610&widgetHeight=347&widgetX=325&widgetY=3660&wRV=2000476&pVis=1&lsd=-1&eIdx=&cnsnt=no_consent&rtt=508&oo=true&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.63 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.wxyz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin
*
Date
Tue, 19 Oct 2021 06:54:45 GMT
content-encoding
gzip
X-TraceId
2239fb2c17ee4c67dc15b4a1281a2936
Content-Type
text/plain; charset=UTF-8
Content-Length
28
access-control-expose-headers
content-range
reel.js
widgets.outbrain.com/nanoWidget/2000476/module/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/nanoWidget/2000476/module/reel.js?e=1
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.190 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-190.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
577da670a02284064ebc2fa92c3a7c2f7f9773833de15d7434935c4e924a0bb2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.wxyz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 06:54:45 GMT
content-encoding
gzip
last-modified
Mon, 18 Oct 2021 12:36:07 GMT
server
AkamaiNetStorage
etag
"f9321a53b3ba49fac9a7d5eabcf58f4c:1634563718.898149"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=345600
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
7559
l
mcdp-nydc1.outbrain.com/ 		2 B
292 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mcdp-nydc1.outbrain.com/l?token=7fb2e0ae966f4223e9587268e71cd1a2_4112_1634626485253&tm=1512&eT=0&widgetWidth=610&widgetHeight=367&widgetX=325&widgetY=4027&wRV=2000476&pVis=1&lsd=-1&eIdx=&cnsnt=no_consent&rtt=508&oo=true&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.63 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.wxyz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin
*
Date
Tue, 19 Oct 2021 06:54:45 GMT
content-encoding
gzip
X-TraceId
2856452e4c827a04c7a964088dfa9f15
Content-Type
text/plain; charset=UTF-8
Content-Length
28
access-control-expose-headers
content-range
eyJpdSI6IjdlOGIwOTc2YjQxMjJlMDQ4ZWFiM2FiODg3ZTkwNzQ4MzI1MmExZjU3NWRjMzRkYmJkZDAxMzQzNGFjODRjZTEiLCJ3IjoyNDAsImgiOjEzNSwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6IjdlOGIwOTc2YjQxMjJlMDQ4ZWFiM2FiODg3ZTkwNzQ4MzI1MmExZjU3NWRjMzRkYmJkZDAxMzQzNGFjODRjZTEiLCJ3IjoyNDAsImgiOjEzNSwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by
Host: www.wxyz.com
URL: https://www.wxyz.com/news/coronavirus/covid-19-vaccine/35-michiganders-have-died-after-getting-the-covid-vaccine-but-this-stat-is-less-alarming-than-it-seems
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.143.94 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-143-94.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
7ae2fbc1a3ae7c2cc94bef9a4b3df7baa97211f53b9e443ed67612324df7603c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.wxyz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 06:54:45 GMT
cache-control
max-age=650930
last-modified
Sat, 28 Aug 2021 09:16:08 GMT
x-traceid
134a536029ade1f0de44ce6b024bc930
timing-allow-origin
*
content-length
9536
content-type
image/webp
eyJpdSI6ImNjNmFmMWZmNjE2MjE4ZWFkN2RhNmFiYTljNTIwZmY0NWUwMWMxYjRkYmMyNjFkNzExZmJhMTA2NTZmMTgzMmUiLCJ3IjoyNDAsImgiOjEzNSwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6ImNjNmFmMWZmNjE2MjE4ZWFkN2RhNmFiYTljNTIwZmY0NWUwMWMxYjRkYmMyNjFkNzExZmJhMTA2NTZmMTgzMmUiLCJ3IjoyNDAsImgiOjEzNSwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by
Host: www.wxyz.com
URL: https://www.wxyz.com/news/coronavirus/covid-19-vaccine/35-michiganders-have-died-after-getting-the-covid-vaccine-but-this-stat-is-less-alarming-than-it-seems
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.143.94 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-143-94.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2ae19407083395c5e6a81404a472a7dc448b358f3a4830231cb87314ab4ffa20

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.wxyz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 06:54:45 GMT
cache-control
max-age=395011
last-modified
Mon, 05 Apr 2021 15:55:12 GMT
x-traceid
be7e10b05c8d0e0b17cb39eba4771276
timing-allow-origin
*
content-length
33382
content-type
image/webp
eyJpdSI6Ijg5YWM3YmZlNDJkY2VkODBiZTZkZWQ4YTU3YzQyOGUzNzQ0MzJkZTBkMWRjYzlhOGVjNzAyNDE0NTgyZWM1ZDIiLCJ3Ijo0MDAsImgiOjIyNSwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 		42 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6Ijg5YWM3YmZlNDJkY2VkODBiZTZkZWQ4YTU3YzQyOGUzNzQ0MzJkZTBkMWRjYzlhOGVjNzAyNDE0NTgyZWM1ZDIiLCJ3Ijo0MDAsImgiOjIyNSwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by
Host: www.wxyz.com
URL: https://www.wxyz.com/news/coronavirus/covid-19-vaccine/35-michiganders-have-died-after-getting-the-covid-vaccine-but-this-stat-is-less-alarming-than-it-seems
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.143.94 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-143-94.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
ae7f42b2588333d62bd98d9f9dbe752ecd990f74f19627e1aaf504b24269d39c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.wxyz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 06:54:45 GMT
cache-control
max-age=1427459
last-modified
Sun, 26 Sep 2021 08:35:41 GMT
x-traceid
e5b53f158790fe89ad177d347b6ff969
timing-allow-origin
*
content-length
43218
content-type
image/webp
eyJpdSI6ImYxMTBiNDVmZjZhNzg4YzI3NmQ4Y2ExNjdhMmI2MmM3MDUxNjlkYWM0NDhkMWVmN2VhODgyMWM1NDJjNGM4YzEiLCJ3Ijo0MDAsImgiOjIyNSwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6ImYxMTBiNDVmZjZhNzg4YzI3NmQ4Y2ExNjdhMmI2MmM3MDUxNjlkYWM0NDhkMWVmN2VhODgyMWM1NDJjNGM4YzEiLCJ3Ijo0MDAsImgiOjIyNSwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by
Host: www.wxyz.com
URL: https://www.wxyz.com/news/coronavirus/covid-19-vaccine/35-michiganders-have-died-after-getting-the-covid-vaccine-but-this-stat-is-less-alarming-than-it-seems
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.143.94 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-143-94.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
05c5dc793d4f01834d165cb437c22c058e69ec6f7510e4caf92b3f8cd3c0e7c9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.wxyz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 06:54:45 GMT
cache-control
max-age=934524
last-modified
Thu, 23 Sep 2021 17:57:54 GMT
x-traceid
914772fb85450c298b179e8132f23c3b
timing-allow-origin
*
content-length
14344
content-type
image/webp
postback
s.srvsynd.com/2/2.33.0/234175/ANj05scOEANFVF0O/ 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.srvsynd.com/2/2.33.0/234175/ANj05scOEANFVF0O/postback?sr=connatix.com&to=3&ui=00000000-0000-0000-0000-000000000000&md=2&ap=undefined&pp=102506&ti=x1096992544050543755095165698048&de=2&pv=a2db4630-b2c5-49c0-ad3a-47b3c42f3186&ci=234175&dt=2341751597675869250012&di=www.wxyz.com&sid=ANj05scOEANFVF0O&oz_sc=ad5fd7e102b18e30e74f3e6a&oz_df=1634626485528&oz_l=262&cv=3
Requested by
Host: d25dfknw9ghxs6.cloudfront.net
URL: https://d25dfknw9ghxs6.cloudfront.net/scsp.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.203.131.238 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-131-238.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.wxyz.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 19 Oct 2021 06:54:45 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
collect
stats.g.doubleclick.net/j/ 		1 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-40537246-1&cid=1117996465.1634626485&jid=1619489730&gjid=440115770&_gid=716266629.1634626485&_u=aGDAiEAjBAAAAG~&z=1071611452
Requested by
Host: d25dfknw9ghxs6.cloudfront.net
URL: https://d25dfknw9ghxs6.cloudfront.net/scsp.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
66.102.1.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wb-in-f155.1e100.net
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.wxyz.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Tue, 19 Oct 2021 06:54:45 GMT
content-type
text/plain
access-control-allow-origin
https://www.wxyz.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j93&a=495639019&t=event&ni=0&_s=2&dl=https%3A%2F%2Fwww.wxyz.com%2Fnews%2Fcoronavirus%2Fcovid-19-vaccine%2F35-michiganders-have-died-after-getting-the-covid-vaccine-but-this-stat-is-less-alarming-than-it-seems&ul=en-us&de=UTF-8&dt=35%20Michiganders%20have%20died%20post%20vaccination%20%E2%80%94%C2%A0but%20this%20stat%20is%20less%20alarming%20than%20it%20seems&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Videos&ea=Video%20Start&el=35%20Michiganders%20have%20died%20after%20getting%20the%20COVID%20vaccine%20%E2%80%94%C2%A0but%20this%20stat%20is%20less%20alarming%20than%20it%20seems&ev=0&_u=aGDACEAjBAAAAG~&jid=&gjid=&cid=1117996465.1634626485&tid=UA-40066851-1&_gid=716266629.1634626485&gtm=2wgad0R48P&cd12=1117996465.1634626485&cd20=2048&cd21=&cd22=&cd23=COVID-19%20Vaccine&cd24=COVID-19%20Vaccine%2CInvestigations%2CCoronavirus%2CNews%2CLocal%20News%2CHomepage%20Showcase&cd25=false&cd26=&cd31=true&cd33=true&cd34=false&z=1451297184
Requested by
Host: www.wxyz.com
URL: https://www.wxyz.com/news/coronavirus/covid-19-vaccine/35-michiganders-have-died-after-getting-the-covid-vaccine-but-this-stat-is-less-alarming-than-it-seems
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.wxyz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Oct 2021 11:56:29 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
68296
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j93&a=495639019&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.wxyz.com%2Fnews%2Fcoronavirus%2Fcovid-19-vaccine%2F35-michiganders-have-died-after-getting-the-covid-vaccine-but-this-stat-is-less-alarming-than-it-seems&ul=en-us&de=UTF-8&dt=35%20Michiganders%20have%20died%20post%20vaccination%20%E2%80%94%C2%A0but%20this%20stat%20is%20less%20alarming%20than%20it%20seems&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Videos&ea=Video%20Start&el=35%20Michiganders%20have%20died%20after%20getting%20the%20COVID%20vaccine%20%E2%80%94%C2%A0but%20this%20stat%20is%20less%20alarming%20than%20it%20seems&ev=0&_u=aGDAiEAjBAAAAG~&jid=1619489730&gjid=440115770&cid=1117996465.1634626485&tid=UA-40537246-1&_gid=716266629.1634626485&gtm=2wgad0R48P&cd12=1117996465.1634626485&z=1375417962
Requested by
Host: www.wxyz.com
URL: https://www.wxyz.com/news/coronavirus/covid-19-vaccine/35-michiganders-have-died-after-getting-the-covid-vaccine-but-this-stat-is-less-alarming-than-it-seems
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.wxyz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Oct 2021 11:56:29 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
68296
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
eyJpdSI6ImY2MjA3NTdhNTliYmQwOTI0ZmE1ZmQ0MGJjMzFiZGI0NWVmNTFlZjJiNTA0NjM1YjVhOTQxZWE4MmEyYWZjYzciLCJ3Ijo0MDAsImgiOjIyNSwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6ImY2MjA3NTdhNTliYmQwOTI0ZmE1ZmQ0MGJjMzFiZGI0NWVmNTFlZjJiNTA0NjM1YjVhOTQxZWE4MmEyYWZjYzciLCJ3Ijo0MDAsImgiOjIyNSwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by
Host: www.wxyz.com
URL: https://www.wxyz.com/news/coronavirus/covid-19-vaccine/35-michiganders-have-died-after-getting-the-covid-vaccine-but-this-stat-is-less-alarming-than-it-seems
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.143.94 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-143-94.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
5ad9a7394e37798f3468db66604178e84c51e687d3ca2146eb11c5f71fafc163

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.wxyz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 06:54:45 GMT
cache-control
max-age=1956040
last-modified
Thu, 16 Sep 2021 10:52:49 GMT
x-traceid
f6df13b807c74f48b94843daa68c4b96
timing-allow-origin
*
content-length
21162
content-type
image/webp
b5dda195-d8de-4803-a0b9-6b6662092f00
https://www.wxyz.com/ Frame 5FAF 		185 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.wxyz.com/b5dda195-d8de-4803-a0b9-6b6662092f00
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
848fe19ed492948709b881f504ce2eb6274baa694606ca88eb9b2990a2460caf

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Length
185
Content-Type
application/javascript
ads
ads-alpha.ewscloud.com/ Frame DCF5 		945 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads-alpha.ewscloud.com/ads?sz=1x1000&iu=/6088/ssp.wxyz/news/coronavirus/covid_19_vaccine/detail&ciu_szs=300x250&impl=s&gdfp_req=1&env=vp&output=xml_vast3&unviewed_position_start=1&ad_rule=1&url=[referrer_url]&description_url=https%3A%2F%2Fwww.wxyz.com%2F&correlator=[timestamp]&cust_params=fname%3D35-michiganders-have-died-after-getting-the-covid-vaccine-but-this-stat-is-less-alarming-than-it-seems%26categories%3Dcovid-19-vaccine%2Cinvestigations%2Ccoronavirus%2Cnews%2Clocal-news%2Chomepage-showcase%26refdomain%3Dwxyz.com%26iframed%3D0%26kw%3D7%20Action%20News%2CDetroit%2CWXYZ-TV%2Cmetro%20Detroit%26pxconfig%3Dweb-vod%26bidders%3Dpublica&ord=474399794052937860
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.485.1_en.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.202.168.65 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-202-168-65.compute-1.amazonaws.com
Software
cafe /
Resource Hash
4edc0b021f4548a787153ebeb179323fba65d6d9754b86dc84d36eb1ecab5476
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Tue, 19 Oct 2021 06:54:45 GMT
Content-Encoding
br
X-Content-Type-Options
nosniff
Access-Control-Allow-Origin
https://imasdk.googleapis.com
P3p
policyref="http://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Content-Length
602
X-Xss-Protection
0
Google-Lineitem-Id
0
Pragma
no-cache
Server
cafe
Google-Creative-Id
0
Content-Type
text/xml; charset=UTF-8
Via
1.1 vegur
Cache-Control
no-cache, must-revalidate
Access-Control-Allow-Credentials
true
Timing-Allow-Origin
*
Expires
Fri, 01 Jan 1990 00:00:00 GMT
postback
s.srvsynd.com/2/2.33.0/234175/ANj05scOEANFVF0O/ 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.srvsynd.com/2/2.33.0/234175/ANj05scOEANFVF0O/postback?sr=connatix.com&to=3&ui=00000000-0000-0000-0000-000000000000&md=2&ap=undefined&pp=102506&ti=x1096992544050543755095165698048&de=2&pv=a2db4630-b2c5-49c0-ad3a-47b3c42f3186&ci=234175&dt=2341751597675869250012&di=www.wxyz.com&sid=ANj05scOEANFVF0O&oz_sc=ad5fd7e102b18e30e74f3e6a&oz_df=1634626485791&oz_l=6697&cv=3
Requested by
Host: d25dfknw9ghxs6.cloudfront.net
URL: https://d25dfknw9ghxs6.cloudfront.net/scsp.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.203.131.238 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-131-238.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.wxyz.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 19 Oct 2021 06:54:45 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
container.html
404070df3b8f7600f3dcb3117e8eab48.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame EEBA 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://404070df3b8f7600f3dcb3117e8eab48.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101201.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f1.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
404070df3b8f7600f3dcb3117e8eab48.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.wxyz.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.wxyz.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Tue, 19 Oct 2021 06:54:45 GMT
expires
Wed, 19 Oct 2022 06:54:45 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
container.html
404070df3b8f7600f3dcb3117e8eab48.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame CB72 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://404070df3b8f7600f3dcb3117e8eab48.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101201.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f1.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
404070df3b8f7600f3dcb3117e8eab48.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.wxyz.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.wxyz.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Tue, 19 Oct 2021 06:54:45 GMT
expires
Wed, 19 Oct 2022 06:54:45 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
event
prebid-a.rubiconproject.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://prebid-a.rubiconproject.com/event
Protocol
H2
Server
18.159.21.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-159-21-129.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.wxyz.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Tue, 19 Oct 2021 06:54:45 GMT
content-length
0
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
access-control-allow-origin
*
access-control-allow-methods
POST
access-control-allow-headers
content-type
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
pixel.gif
px.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=17&i=CRACKED_SCRIPPS_DFP_PREBID_HEADER1&hp=1&zMoatAdUnit1=ssp.wxyz&zMoatAdUnit2=inview-bottom&wf=1&ra=3&pxm=3&sgs=3&vb=5&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=11&f=0&j=&t=1634626484230&de=511958499751&rx=479417967148&m=0&ar=fb6a7277fce-clean&iw=ffbb8c2&q=1&cb=0&cu=1634626484230&ll=2&lm=0&ln=0&em=0&en=0&d=16839141%3A237842901%3A5250393788%3A138298488418&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.wxyz.com%2Fnews%2Fcoronavirus%2Fcovid-19-vaccine%2F35-michiganders-have-died-after-getting-the-covid-vaccine-but-this-stat-is-less-alarming-than-it-seems&id=1&ii=4&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&gw=crackedscrippsdfpprebidheader262014341684&fd=1&ac=1&it=500&zMoatpage=-&zMoatpos=above%2C1&zMoatpt=detail%2Ctrue&pe=1%3A683%3A683%3A2424%3A687&fs=194999&na=1220547779&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.143.57 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-143-57.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.wxyz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Oct 2021 06:54:45 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Tue, 19 Oct 2021 06:54:45 GMT
event
prebid-a.rubiconproject.com/ 		61 B
236 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-a.rubiconproject.com/event
Requested by
Host: d25dfknw9ghxs6.cloudfront.net
URL: https://d25dfknw9ghxs6.cloudfront.net/scsp.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.159.21.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-159-21-129.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
edda75d7dc3a6104c5af0f926c5ae645ae25eb8c4f8a601c6d5293378e858a5c

Request headers

Referer
https://www.wxyz.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Tue, 19 Oct 2021 06:54:45 GMT
content-length
61
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
application/json;charset=UTF-8
sodar
pagead2.googlesyndication.com/getconfig/ 		11 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021101201&st=env
Requested by
Host: d25dfknw9ghxs6.cloudfront.net
URL: https://d25dfknw9ghxs6.cloudfront.net/scsp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
4f6ab05f0e5d9bd214252e0ca8773de653de74b4009efc781461686111f6941a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.wxyz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 19 Oct 2021 06:54:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8501
x-xss-protection
0
container.html
404070df3b8f7600f3dcb3117e8eab48.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame FD49 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://404070df3b8f7600f3dcb3117e8eab48.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101201.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f1.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
404070df3b8f7600f3dcb3117e8eab48.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.wxyz.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.wxyz.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Tue, 19 Oct 2021 06:54:45 GMT
expires
Wed, 19 Oct 2022 06:54:45 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
container.html
404070df3b8f7600f3dcb3117e8eab48.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 84FE 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://404070df3b8f7600f3dcb3117e8eab48.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101201.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f1.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
404070df3b8f7600f3dcb3117e8eab48.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.wxyz.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.wxyz.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Tue, 19 Oct 2021 06:54:45 GMT
expires
Wed, 19 Oct 2022 06:54:45 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
event
prebid-a.rubiconproject.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://prebid-a.rubiconproject.com/event
Protocol
H2
Server
18.159.21.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-159-21-129.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.wxyz.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Tue, 19 Oct 2021 06:54:45 GMT
content-length
0
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
access-control-allow-origin
*
access-control-allow-methods
POST
access-control-allow-headers
content-type
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
event
prebid-a.rubiconproject.com/ 		61 B
236 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-a.rubiconproject.com/event
Requested by
Host: d25dfknw9ghxs6.cloudfront.net
URL: https://d25dfknw9ghxs6.cloudfront.net/scsp.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.159.21.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-159-21-129.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
edda75d7dc3a6104c5af0f926c5ae645ae25eb8c4f8a601c6d5293378e858a5c

Request headers

Referer
https://www.wxyz.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Tue, 19 Oct 2021 06:54:45 GMT
content-length
61
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
application/json;charset=UTF-8
index.html
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12502976385620377600/ Frame DD00 		369 KB
35 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12502976385620377600/index.html
Requested by
Host: www.wxyz.com
URL: https://www.wxyz.com/news/coronavirus/covid-19-vaccine/35-michiganders-have-died-after-getting-the-covid-vaccine-but-this-stat-is-less-alarming-than-it-seems
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f1.1e100.net
Software
sffe /
Resource Hash
d1b1ae274b98b536cad52a99915d4fc0670fb156a0404ad097c4e873c7422f5b
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sadbundle/$csp%3Der3$/12502976385620377600/index.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://404070df3b8f7600f3dcb3117e8eab48.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://404070df3b8f7600f3dcb3117e8eab48.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
date
Mon, 18 Oct 2021 22:08:32 GMT
expires
Tue, 18 Oct 2022 22:08:32 GMT
last-modified
Fri, 23 Apr 2021 11:57:52 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
content-encoding
gzip
server
sffe
x-xss-protection
0
content-length
34639
age
31574
cache-control
public, max-age=31536000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
adview
securepubads.g.doubleclick.net/pagead/ Frame EEBA 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CBzL4tWtuYYDwH4aRrASHjJJIia2L6GWE6crBtQ2Wgs2FiBYQASDmlIUYYJXikIKgB6AB1NDQlwPIAQmpAnva8bvfirM-4AIAqAMByAMCqgSSA0_QDrffDSk9gscSlHGAm_1de7GSAYb4spN6plARcjzwMGZ5V9CS4mcInZXwCukt2WwByzNR_UeX0RI-C92HkgiD9-JHqnxsZiMpJzplLyCB-vgUsfl1JgxqBaOcwpkfshMRxj7KmtJ1yNHRDKS9E1O3kTHomDdIgUpT0sHDAvvM5xYoni6zsM607vFL0Il_fH_xB-NX37-zTYCNeeiACeQEGFc7wA-3ooJq_Qx1Lzhf35vULXTnMAlgRxHpwyjWa4KiDjy7NltWyHUyd9MGHss15cPCz6rQYfOG-XnXkDMSVkreV3Q5BAjKCIvzXkMjX1xG2h_cfYlqCcCkFUlQcpXLlv9sfFlSFr1szNayrE_0OoE_sAs9ecVzPqdPWhmzyz9TzVB4NuXHnreDKqHeNB6DaK979j6R5sauUdW7Ev7MbS7KFpnJ-H0LbWpe97LbP-W2L-arBvpDWbyGtAUupKIWroXiOeszIUqpuPVoY2tzgO_EvI9KOgWuaEIXAE9CN0WjOsSkttYypQ6V3AtdneU3XcAEpo3z278D4AQBkgUECAQYAZIFBAgFGASgBl2AB8v_3GyoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB9XJG6gHpr4b2AcB8gcEEK76ENIICQiA4YAQEAEYHYAKA8gLAdgTDdAVAYAXAbIXHgocCAASFHB1Yi04NDE0NjI3MjgwMDU0NTkzGK2LEQ&sigh=zeF9YekAWmc
Requested by
Host: www.wxyz.com
URL: https://www.wxyz.com/news/coronavirus/covid-19-vaccine/35-michiganders-have-died-after-getting-the-covid-vaccine-but-this-stat-is-less-alarming-than-it-seems
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://404070df3b8f7600f3dcb3117e8eab48.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers
s
googleads.g.doubleclick.net/pagead/drt/ Frame 4703 		143 B
447 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: 404070df3b8f7600f3dcb3117e8eab48.safeframe.googlesyndication.com
URL: https://404070df3b8f7600f3dcb3117e8eab48.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
safe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/s?v=r20120211
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://404070df3b8f7600f3dcb3117e8eab48.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
cookie
IDE=AHWqTUkgFnuvkOFW9CdG3CzwP7SlF1LN4FnTILSyVxenFccj83Ier9Zw_ETPmgVIkA8
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://404070df3b8f7600f3dcb3117e8eab48.safeframe.googlesyndication.com/

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Tue, 19 Oct 2021 06:00:15 GMT
server
safe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
3271
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211013/r20110914/client/ Frame EEBA 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211013/r20110914/client/window_focus_fy2019.js
Requested by
Host: 404070df3b8f7600f3dcb3117e8eab48.safeframe.googlesyndication.com
URL: https://404070df3b8f7600f3dcb3117e8eab48.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f1.1e100.net
Software
cafe /
Resource Hash
0bb775e23934c5478dab7517dbf8a614834c96e926c4498b734399eb8a2e640d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://404070df3b8f7600f3dcb3117e8eab48.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 06:46:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
495
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1426
x-xss-protection
0
server
cafe
etag
18061233391346882222
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 02 Nov 2021 06:46:31 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame EEBA 		123 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 404070df3b8f7600f3dcb3117e8eab48.safeframe.googlesyndication.com
URL: https://404070df3b8f7600f3dcb3117e8eab48.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
sffe /
Resource Hash
41d9de265e720a301cbd9c525fa7089a677e0b099b422579a401516212b5add3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://404070df3b8f7600f3dcb3117e8eab48.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 06:54:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37919
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1634125446224599"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 19 Oct 2021 06:54:46 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211013/r20110914/client/ Frame EEBA 		14 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211013/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 404070df3b8f7600f3dcb3117e8eab48.safeframe.googlesyndication.com
URL: https://404070df3b8f7600f3dcb3117e8eab48.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f1.1e100.net
Software
cafe /
Resource Hash
f4726d988effd5253298f2a2738ca92d780d4105af0ce67eb7e7d1c748fb6909
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://404070df3b8f7600f3dcb3117e8eab48.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 06:53:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
49
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6281
x-xss-protection
0
server
cafe
etag
18349783599053866072
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 02 Nov 2021 06:53:57 GMT
l
www.google.com/ads/measurement/ Frame EEBA 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTTRzQNl8LjBrvBUugiwJpMGyMSHV0wd82V4a1YbATnObwhGKdmYurf95ubooaEuZiV-txji4eCdqfcIm9_SI1EFOBvOg
Requested by
Host: 404070df3b8f7600f3dcb3117e8eab48.safeframe.googlesyndication.com
URL: https://404070df3b8f7600f3dcb3117e8eab48.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.196 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f4.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://404070df3b8f7600f3dcb3117e8eab48.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers
pw.js
includemodal.global.ssl.fastly.net/ Frame CB72 		42 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://includemodal.global.ssl.fastly.net/pw.js
Requested by
Host: 404070df3b8f7600f3dcb3117e8eab48.safeframe.googlesyndication.com
URL: https://404070df3b8f7600f3dcb3117e8eab48.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bf5ce06047e22884c9e26601c0cafd3f5719583a61b9cf151a4adda5bc633e4e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://404070df3b8f7600f3dcb3117e8eab48.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id
68vsyWlzLUYIQAa74JXuIH_TfJ_DACgZ
Content-Encoding
gzip
ETag
"6d14a3450392fd1ef383f69d3a23fa8a"
Age
1553
X-Cache
HIT
Connection
keep-alive
Content-Length
12267
x-amz-id-2
GttCk+wl9cyVVCpupsmMh4ffjtFOiyrZtRGDSyGI2FrA1TBrhReLcHsbNWSGNSZe/8p5MTj/UJs=
X-Served-By
cache-hhn4069-HHN
Last-Modified
Thu, 23 Sep 2021 21:12:03 GMT
Server
AmazonS3
X-Timer
S1634626486.175051,VS0,VE0
Date
Tue, 19 Oct 2021 06:54:46 GMT
Vary
Accept-Encoding
x-amz-request-id
TG6Y4QX3PSVCMNQ1
Via
1.1 varnish
Accept-Ranges
bytes
Content-Type
application/javascript
X-Cache-Hits
31
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211013/r20110914/ Frame CB72 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211013/r20110914/abg_lite_fy2019.js
Requested by
Host: 404070df3b8f7600f3dcb3117e8eab48.safeframe.googlesyndication.com
URL: https://404070df3b8f7600f3dcb3117e8eab48.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f1.1e100.net
Software
cafe /
Resource Hash
b2ec3db0c3ffe01385ebd2fa36b83708e505fada5609f9859a8e04a9cbdcaefd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://404070df3b8f7600f3dcb3117e8eab48.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 06:53:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
85
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7691
x-xss-protection
0
server
cafe
etag
14402072889669646931
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 02 Nov 2021 06:53:21 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame CB72 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: 404070df3b8f7600f3dcb3117e8eab48.safeframe.googlesyndication.com
URL: https://404070df3b8f7600f3dcb3117e8eab48.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f1.1e100.net
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://404070df3b8f7600f3dcb3117e8eab48.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 09:47:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
335237
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 15 Oct 2022 09:47:29 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame CB72 		123 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 404070df3b8f7600f3dcb3117e8eab48.safeframe.googlesyndication.com
URL: https://404070df3b8f7600f3dcb3117e8eab48.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
sffe /
Resource Hash
41d9de265e720a301cbd9c525fa7089a677e0b099b422579a401516212b5add3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://404070df3b8f7600f3dcb3117e8eab48.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 06:54:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37919
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1634125446224599"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 19 Oct 2021 06:54:46 GMT
pw.js
includemodal.global.ssl.fastly.net/ Frame FD49 		42 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://includemodal.global.ssl.fastly.net/pw.js
Requested by
Host: 404070df3b8f7600f3dcb3117e8eab48.safeframe.googlesyndication.com
URL: https://404070df3b8f7600f3dcb3117e8eab48.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bf5ce06047e22884c9e26601c0cafd3f5719583a61b9cf151a4adda5bc633e4e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://404070df3b8f7600f3dcb3117e8eab48.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id
68vsyWlzLUYIQAa74JXuIH_TfJ_DACgZ
Content-Encoding
gzip
ETag
"6d14a3450392fd1ef383f69d3a23fa8a"
Age
1553
X-Cache
HIT
Connection
keep-alive
Content-Length
12267
x-amz-id-2
GttCk+wl9cyVVCpupsmMh4ffjtFOiyrZtRGDSyGI2FrA1TBrhReLcHsbNWSGNSZe/8p5MTj/UJs=
X-Served-By
cache-hhn4061-HHN
Last-Modified
Thu, 23 Sep 2021 21:12:03 GMT
Server
AmazonS3
X-Timer
S1634626486.175479,VS0,VE0
Date
Tue, 19 Oct 2021 06:54:46 GMT
Vary
Accept-Encoding
x-amz-request-id
TG6Y4QX3PSVCMNQ1
Via
1.1 varnish
Accept-Ranges
bytes
Content-Type
application/javascript
X-Cache-Hits
41
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211013/r20110914/ Frame FD49 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211013/r20110914/abg_lite_fy2019.js
Requested by
Host: 404070df3b8f7600f3dcb3117e8eab48.safeframe.googlesyndication.com
URL: https://404070df3b8f7600f3dcb3117e8eab48.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f1.1e100.net
Software
cafe /
Resource Hash
b2ec3db0c3ffe01385ebd2fa36b83708e505fada5609f9859a8e04a9cbdcaefd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://404070df3b8f7600f3dcb3117e8eab48.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 06:53:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
85
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7691
x-xss-protection
0
server
cafe
etag
14402072889669646931
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 02 Nov 2021 06:53:21 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame FD49 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: 404070df3b8f7600f3dcb3117e8eab48.safeframe.googlesyndication.com
URL: https://404070df3b8f7600f3dcb3117e8eab48.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f1.1e100.net
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://404070df3b8f7600f3dcb3117e8eab48.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 09:47:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
335237
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 15 Oct 2022 09:47:29 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame FD49 		123 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 404070df3b8f7600f3dcb3117e8eab48.safeframe.googlesyndication.com
URL: https://404070df3b8f7600f3dcb3117e8eab48.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
sffe /
Resource Hash
41d9de265e720a301cbd9c525fa7089a677e0b099b422579a401516212b5add3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://404070df3b8f7600f3dcb3117e8eab48.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 06:54:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37919
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1634125446224599"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 19 Oct 2021 06:54:46 GMT
pw.js
includemodal.global.ssl.fastly.net/ Frame 84FE 		42 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://includemodal.global.ssl.fastly.net/pw.js
Requested by
Host: 404070df3b8f7600f3dcb3117e8eab48.safeframe.googlesyndication.com
URL: https://404070df3b8f7600f3dcb3117e8eab48.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bf5ce06047e22884c9e26601c0cafd3f5719583a61b9cf151a4adda5bc633e4e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://404070df3b8f7600f3dcb3117e8eab48.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id
68vsyWlzLUYIQAa74JXuIH_TfJ_DACgZ
Content-Encoding
gzip
ETag
"6d14a3450392fd1ef383f69d3a23fa8a"
Age
1553
X-Cache
HIT
Connection
keep-alive
Content-Length
12267
x-amz-id-2
GttCk+wl9cyVVCpupsmMh4ffjtFOiyrZtRGDSyGI2FrA1TBrhReLcHsbNWSGNSZe/8p5MTj/UJs=
X-Served-By
cache-hhn4031-HHN
Last-Modified
Thu, 23 Sep 2021 21:12:03 GMT
Server
AmazonS3
X-Timer
S1634626486.175173,VS0,VE0
Date
Tue, 19 Oct 2021 06:54:46 GMT
Vary
Accept-Encoding
x-amz-request-id
TG6Y4QX3PSVCMNQ1
Via
1.1 varnish
Accept-Ranges
bytes
Content-Type
application/javascript
X-Cache-Hits
34
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211013/r20110914/ Frame 84FE 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211013/r20110914/abg_lite_fy2019.js
Requested by
Host: 404070df3b8f7600f3dcb3117e8eab48.safeframe.googlesyndication.com
URL: https://404070df3b8f7600f3dcb3117e8eab48.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f1.1e100.net
Software
cafe /
Resource Hash
b2ec3db0c3ffe01385ebd2fa36b83708e505fada5609f9859a8e04a9cbdcaefd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://404070df3b8f7600f3dcb3117e8eab48.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 06:53:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
85
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7691
x-xss-protection
0
server
cafe
etag
14402072889669646931
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 02 Nov 2021 06:53:21 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 84FE 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: 404070df3b8f7600f3dcb3117e8eab48.safeframe.googlesyndication.com
URL: https://404070df3b8f7600f3dcb3117e8eab48.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f1.1e100.net
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://404070df3b8f7600f3dcb3117e8eab48.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 09:47:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
335237
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 15 Oct 2022 09:47:29 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 84FE 		123 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 404070df3b8f7600f3dcb3117e8eab48.safeframe.googlesyndication.com
URL: https://404070df3b8f7600f3dcb3117e8eab48.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
sffe /
Resource Hash
41d9de265e720a301cbd9c525fa7089a677e0b099b422579a401516212b5add3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://404070df3b8f7600f3dcb3117e8eab48.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 06:54:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37919
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1634125446224599"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 19 Oct 2021 06:54:46 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f1.1e100.net
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.wxyz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 06:54:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Tue, 19 Oct 2021 06:54:46 GMT
postback
s.srvsynd.com/2/2.33.0/234175/ANj05scOEANFVF0O/ 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.srvsynd.com/2/2.33.0/234175/ANj05scOEANFVF0O/postback?sr=connatix.com&to=3&ui=00000000-0000-0000-0000-000000000000&md=2&ap=undefined&pp=102506&ti=x1096992544050543755095165698048&de=2&pv=a2db4630-b2c5-49c0-ad3a-47b3c42f3186&ci=234175&dt=2341751597675869250012&di=www.wxyz.com&sid=ANj05scOEANFVF0O&oz_sc=ad5fd7e102b18e30e74f3e6a&oz_df=1634626485975&oz_l=621&cv=3
Requested by
Host: d25dfknw9ghxs6.cloudfront.net
URL: https://d25dfknw9ghxs6.cloudfront.net/scsp.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.203.131.238 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-131-238.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.wxyz.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 19 Oct 2021 06:54:45 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
truncated
/ Frame C3D6 		13 B
13 B 		Document
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b633a587c652d02386c4f16f8c6f6aab7352d97f16367c3c40576214372dd628

Request headers

Upgrade-Insecure-Requests
1
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
text/html;charset=utf-8
postback
s.srvsynd.com/2/2.33.0/234175/ANj05scOEANFVF0O/ 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.srvsynd.com/2/2.33.0/234175/ANj05scOEANFVF0O/postback?sr=connatix.com&to=3&ui=00000000-0000-0000-0000-000000000000&md=2&ap=undefined&pp=102506&ti=x1096992544050543755095165698048&de=2&pv=a2db4630-b2c5-49c0-ad3a-47b3c42f3186&ci=234175&dt=2341751597675869250012&di=www.wxyz.com&sid=ANj05scOEANFVF0O&oz_sc=ad5fd7e102b18e30e74f3e6a&oz_df=1634626486174&oz_l=11982&cv=3
Requested by
Host: d25dfknw9ghxs6.cloudfront.net
URL: https://d25dfknw9ghxs6.cloudfront.net/scsp.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.203.131.238 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-131-238.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.wxyz.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 19 Oct 2021 06:54:45 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
si
googleads.g.doubleclick.net/pagead/drt/ Frame 4703
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: 404070df3b8f7600f3dcb3117e8eab48.safeframe.googlesyndication.com
URL: https://404070df3b8f7600f3dcb3117e8eab48.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
safe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/si?st=NO_DATA
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
cookie
IDE=AHWqTUkgFnuvkOFW9CdG3CzwP7SlF1LN4FnTILSyVxenFccj83Ier9Zw_ETPmgVIkA8
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Tue, 19 Oct 2021 06:54:46 GMT
server
safe
content-length
0
x-xss-protection
0
set-cookie
DSID=NO_DATA; expires=Tue, 19-Oct-2021 07:54:46 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Tue, 19 Oct 2021 06:54:46 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Tue, 19 Oct 2021 06:54:46 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
dfa7banner_html_inpage_rendering_lib_200_268.js
s0.2mdn.net/879366/ Frame CB72 		109 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/dfa7banner_html_inpage_rendering_lib_200_268.js
Requested by
Host: 404070df3b8f7600f3dcb3117e8eab48.safeframe.googlesyndication.com
URL: https://404070df3b8f7600f3dcb3117e8eab48.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.134 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f134.1e100.net
Software
sffe /
Resource Hash
6d28830ef0fdeba41bc402b8b12341e929c6c66db8fe512deb2b1baa9611745b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://404070df3b8f7600f3dcb3117e8eab48.safeframe.googlesyndication.com/
Origin
https://404070df3b8f7600f3dcb3117e8eab48.safeframe.googlesyndication.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 10:31:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
73400
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38568
x-xss-protection
0
last-modified
Tue, 14 Jan 2020 17:35:50 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 19 Oct 2021 10:31:26 GMT
dfa7banner_html_inpage_rendering_lib_200_268.js
s0.2mdn.net/879366/ Frame FD49 		109 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/dfa7banner_html_inpage_rendering_lib_200_268.js
Requested by
Host: 404070df3b8f7600f3dcb3117e8eab48.safeframe.googlesyndication.com
URL: https://404070df3b8f7600f3dcb3117e8eab48.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.134 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f134.1e100.net
Software
sffe /
Resource Hash
6d28830ef0fdeba41bc402b8b12341e929c6c66db8fe512deb2b1baa9611745b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://404070df3b8f7600f3dcb3117e8eab48.safeframe.googlesyndication.com/
Origin
https://404070df3b8f7600f3dcb3117e8eab48.safeframe.googlesyndication.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 10:31:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
73400
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38568
x-xss-protection
0
last-modified
Tue, 14 Jan 2020 17:35:50 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 19 Oct 2021 10:31:26 GMT
dfa7banner_html_inpage_rendering_lib_200_268.js
s0.2mdn.net/879366/ Frame 84FE 		109 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/dfa7banner_html_inpage_rendering_lib_200_268.js
Requested by
Host: 404070df3b8f7600f3dcb3117e8eab48.safeframe.googlesyndication.com
URL: https://404070df3b8f7600f3dcb3117e8eab48.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.134 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f134.1e100.net
Software
sffe /
Resource Hash
6d28830ef0fdeba41bc402b8b12341e929c6c66db8fe512deb2b1baa9611745b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://404070df3b8f7600f3dcb3117e8eab48.safeframe.googlesyndication.com/
Origin
https://404070df3b8f7600f3dcb3117e8eab48.safeframe.googlesyndication.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 10:31:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
73400
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38568
x-xss-protection
0
last-modified
Tue, 14 Jan 2020 17:35:50 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 19 Oct 2021 10:31:26 GMT
truncated
/ Frame EEBA 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
745a73b1d488669d1a0c4e620175eeade5537f132d8b3cd13503d305169a5ab6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
ff983cd0-6c28-474c-9cc4-7a5281d11e05.js
d2s8wlbatk24s7.cloudfront.net/service/js/ Frame FD49 		46 KB
15 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://d2s8wlbatk24s7.cloudfront.net/service/js/ff983cd0-6c28-474c-9cc4-7a5281d11e05.js
Requested by
Host: includemodal.global.ssl.fastly.net
URL: https://includemodal.global.ssl.fastly.net/pw.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.242.230 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
ff821a751012337bb73c20f7d84b1129745c6cb4bc13a43d7dc60e19fca7108b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://404070df3b8f7600f3dcb3117e8eab48.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 03:35:01 GMT
content-encoding
br
server
nginx/1.10.3 (Ubuntu)
age
11984
vary
Accept-Encoding
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
access-control-max-age
14400
cache-control
public, max-age=14400
x-cache
Hit from cloudfront
x-amz-cf-pop
DUS51-P1
access-control-allow-headers
*
x-amz-cf-id
Xa4w2czYGz9_zD47fDI1PG4tPW-HdYC06E7SH0HHBbpcG52g4ElI8w==
via
1.1 63d9e08bce2adee06986125b699b4cec.cloudfront.net (CloudFront)
/
includemodal.com/service/imp/ff983cd0-6c28-474c-9cc4-7a5281d11e05/ Frame FD49 		42 B
132 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://includemodal.com/service/imp/ff983cd0-6c28-474c-9cc4-7a5281d11e05/?rand=408676&referer=https://www.wxyz.com/
Requested by
Host: 404070df3b8f7600f3dcb3117e8eab48.safeframe.googlesyndication.com
URL: https://404070df3b8f7600f3dcb3117e8eab48.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.129.116.66 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-129-116-66.us-east-2.compute.amazonaws.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://404070df3b8f7600f3dcb3117e8eab48.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 06:54:46 GMT
server
nginx/1.10.3 (Ubuntu)
content-length
42
content-type
image/gif
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 9483 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f1.1e100.net
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/224/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.wxyz.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.wxyz.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5029
date
Tue, 19 Oct 2021 00:48:43 GMT
expires
Wed, 19 Oct 2022 00:48:43 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
21963
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 8BD9 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.196 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f4.1e100.net
Software
GSE /
Resource Hash
79ee9f7da12b0ff275ce9f1843664305bf379a4cc3a445079f6b4646348010c0
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-qq4+a0S602mfV+myxUkEMQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.wxyz.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.wxyz.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy-report-only
require-corp; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Tue, 19 Oct 2021 06:54:46 GMT
date
Tue, 19 Oct 2021 06:54:46 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-qq4+a0S602mfV+myxUkEMQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
513
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ff983cd0-6c28-474c-9cc4-7a5281d11e05.js
d2s8wlbatk24s7.cloudfront.net/service/js/ Frame CB72 		46 KB
15 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://d2s8wlbatk24s7.cloudfront.net/service/js/ff983cd0-6c28-474c-9cc4-7a5281d11e05.js
Requested by
Host: includemodal.global.ssl.fastly.net
URL: https://includemodal.global.ssl.fastly.net/pw.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.242.230 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
ff821a751012337bb73c20f7d84b1129745c6cb4bc13a43d7dc60e19fca7108b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://404070df3b8f7600f3dcb3117e8eab48.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 03:35:01 GMT
content-encoding
br
server
nginx/1.10.3 (Ubuntu)
age
11984
vary
Accept-Encoding
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
access-control-max-age
14400
cache-control
public, max-age=14400
x-cache
Hit from cloudfront
x-amz-cf-pop
DUS51-P1
access-control-allow-headers
*
x-amz-cf-id
K8rRdx3lLB6_FC5AxRkuwI3Q5FlPxFIxpdu_3za7lINL0ASTJUVHOw==
via
1.1 63d9e08bce2adee06986125b699b4cec.cloudfront.net (CloudFront)
/
includemodal.com/service/imp/ff983cd0-6c28-474c-9cc4-7a5281d11e05/ Frame CB72 		42 B
132 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://includemodal.com/service/imp/ff983cd0-6c28-474c-9cc4-7a5281d11e05/?rand=990800&referer=https://www.wxyz.com/
Requested by
Host: 404070df3b8f7600f3dcb3117e8eab48.safeframe.googlesyndication.com
URL: https://404070df3b8f7600f3dcb3117e8eab48.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.129.116.66 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-129-116-66.us-east-2.compute.amazonaws.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://404070df3b8f7600f3dcb3117e8eab48.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 06:54:46 GMT
server
nginx/1.10.3 (Ubuntu)
content-length
42
content-type
image/gif
ff983cd0-6c28-474c-9cc4-7a5281d11e05.js
d2s8wlbatk24s7.cloudfront.net/service/js/ Frame 84FE 		46 KB
15 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://d2s8wlbatk24s7.cloudfront.net/service/js/ff983cd0-6c28-474c-9cc4-7a5281d11e05.js
Requested by
Host: includemodal.global.ssl.fastly.net
URL: https://includemodal.global.ssl.fastly.net/pw.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.242.230 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
ff821a751012337bb73c20f7d84b1129745c6cb4bc13a43d7dc60e19fca7108b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://404070df3b8f7600f3dcb3117e8eab48.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 03:35:01 GMT
content-encoding
br
server
nginx/1.10.3 (Ubuntu)
age
11984
vary
Accept-Encoding
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
access-control-max-age
14400
cache-control
public, max-age=14400
x-cache
Hit from cloudfront
x-amz-cf-pop
DUS51-P1
access-control-allow-headers
*
x-amz-cf-id
nZgO4cQ0eCGxI9Txpia9axBeBR21f0bOp7kb0PsiSxagG8KoLEzYUw==
via
1.1 63d9e08bce2adee06986125b699b4cec.cloudfront.net (CloudFront)
/
includemodal.com/service/imp/ff983cd0-6c28-474c-9cc4-7a5281d11e05/ Frame 84FE 		42 B
133 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://includemodal.com/service/imp/ff983cd0-6c28-474c-9cc4-7a5281d11e05/?rand=615411&referer=https://www.wxyz.com/
Requested by
Host: 404070df3b8f7600f3dcb3117e8eab48.safeframe.googlesyndication.com
URL: https://404070df3b8f7600f3dcb3117e8eab48.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.129.116.66 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-129-116-66.us-east-2.compute.amazonaws.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://404070df3b8f7600f3dcb3117e8eab48.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 06:54:46 GMT
server
nginx/1.10.3 (Ubuntu)
content-length
42
content-type
image/gif
7a2cb157-b587-447f-a89a-77a3c9e9fece
https://404070df3b8f7600f3dcb3117e8eab48.safeframe.googlesyndication.com/ Frame FD49 		2 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://404070df3b8f7600f3dcb3117e8eab48.safeframe.googlesyndication.com/7a2cb157-b587-447f-a89a-77a3c9e9fece
Requested by
Host: 404070df3b8f7600f3dcb3117e8eab48.safeframe.googlesyndication.com
URL: https://404070df3b8f7600f3dcb3117e8eab48.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1b985b833fe5443b89d4f969d7c3ce1111521d270a4776019c4098b9a3b6d516

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Length
1576
Content-Type
application/javascript
59c6e974-b385-4c48-ba14-14fd9910b777
https://404070df3b8f7600f3dcb3117e8eab48.safeframe.googlesyndication.com/ Frame CB72 		2 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://404070df3b8f7600f3dcb3117e8eab48.safeframe.googlesyndication.com/59c6e974-b385-4c48-ba14-14fd9910b777
Requested by
Host: 404070df3b8f7600f3dcb3117e8eab48.safeframe.googlesyndication.com
URL: https://404070df3b8f7600f3dcb3117e8eab48.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1b985b833fe5443b89d4f969d7c3ce1111521d270a4776019c4098b9a3b6d516

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Length
1576
Content-Type
application/javascript
index.html
s0.2mdn.net/dfp/279981/5077633639/1633975855110/ Frame 9BB4 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/dfp/279981/5077633639/1633975855110/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/dfa7banner_html_inpage_rendering_lib_200_268.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.134 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f134.1e100.net
Software
sffe /
Resource Hash
d5a8b1072de2466e1686b7729118388b20d818b2a3e784f21dfa1da7c9bfeb5b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
s0.2mdn.net
:scheme
https
:path
/dfp/279981/5077633639/1633975855110/index.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://404070df3b8f7600f3dcb3117e8eab48.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://404070df3b8f7600f3dcb3117e8eab48.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-length
2210
date
Tue, 19 Oct 2021 06:54:46 GMT
expires
Wed, 20 Oct 2021 06:54:46 GMT
cache-control
public, max-age=86400
last-modified
Mon, 11 Oct 2021 18:10:55 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
securepubads.g.doubleclick.net/pcs/ Frame CB72 		0
23 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsskTuTmJnMqSucMogC6ndEus7tRI9lxuB98O8gRLp0BiMuSVe-d_K9hDk_OJUh4xJCjoZp9xgKdZ5EwuGpkaBiSfF458xVl5Mo7kjB0XGu80yp5AAOY8eL-ByBRTkW7XrOSWpjpMDUPefKXpXepXOIg9gLhF-7nJNDhFoT-6WT_rQ7U5llRGctgPbL_3aiZo9_4_bE7BPnqyznoMT5BCGvPSCV0EmTxPg4zkHLRCnYmHW-1W_0DDeUpFONcW8Zpkq_pu0HsIdaZDQJOA2OQbarAjtqntHV2MaBBuvo8WRrFil0nojOU-qgog5v8YiHd4ep2UZ2XDX-64sEOi8GOlS2Vr0vrfqtG&sig=Cg0ArKJSzA7bZqbcXGzwEAE&urlfix=1&adurl=
Requested by
Host: 404070df3b8f7600f3dcb3117e8eab48.safeframe.googlesyndication.com
URL: https://404070df3b8f7600f3dcb3117e8eab48.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://404070df3b8f7600f3dcb3117e8eab48.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 19 Oct 2021 06:54:46 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
561c25ce-6fc0-44ff-8ff9-4d4d80b4b2b5
https://404070df3b8f7600f3dcb3117e8eab48.safeframe.googlesyndication.com/ Frame 84FE 		2 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://404070df3b8f7600f3dcb3117e8eab48.safeframe.googlesyndication.com/561c25ce-6fc0-44ff-8ff9-4d4d80b4b2b5
Requested by
Host: 404070df3b8f7600f3dcb3117e8eab48.safeframe.googlesyndication.com
URL: https://404070df3b8f7600f3dcb3117e8eab48.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1b985b833fe5443b89d4f969d7c3ce1111521d270a4776019c4098b9a3b6d516

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Length
1576
Content-Type
application/javascript
index.html
s0.2mdn.net/dfp/279981/5077633639/1633975873352/ Frame 81BA 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/dfp/279981/5077633639/1633975873352/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/dfa7banner_html_inpage_rendering_lib_200_268.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.134 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f134.1e100.net
Software
sffe /
Resource Hash
76a1cc0945b6eb4fdc228e1bb9a56228ecf1b2fc8375b067157eb6d0ea71dc28
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
s0.2mdn.net
:scheme
https
:path
/dfp/279981/5077633639/1633975873352/index.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://404070df3b8f7600f3dcb3117e8eab48.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://404070df3b8f7600f3dcb3117e8eab48.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-length
2210
date
Mon, 18 Oct 2021 19:48:03 GMT
expires
Tue, 19 Oct 2021 19:48:03 GMT
last-modified
Mon, 11 Oct 2021 18:11:14 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
age
40003
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
securepubads.g.doubleclick.net/pcs/ Frame FD49 		0
23 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssy7mhMXcnSi07BmEOgpRYDmibyrjmCTFvgKoqKVm4EpGtP0WS53SinfxWiq8P6JxYhxoD0ckT_dwdTDiHtND_JTPbUAQSWqaUHAph3yDx6iihA0tXgclPQeDLRyp5z7w-uMIexPtSXBzmj3khiRClxFuGDIkklkFhhRW8lmCz5wKBYtg5OBhWb5paaGzjDD5bk9tHu8JGrWSseN0A36adn3Cug0IFypKXpwrG6ZyUG5Vpx0xa4ZvK4QGhcyfXam7kdJUSLXOD8ss-4WgqefTMKSSzFNg0wZ4XrhyULc6CE98QWjzPE0x4dtP6GJY7m3OYwAtZT5CpBrNTqvf1ms3JfSA8PeFHD&sig=Cg0ArKJSzNkXx7BTGaa8EAE&urlfix=1&adurl=
Requested by
Host: 404070df3b8f7600f3dcb3117e8eab48.safeframe.googlesyndication.com
URL: https://404070df3b8f7600f3dcb3117e8eab48.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://404070df3b8f7600f3dcb3117e8eab48.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 19 Oct 2021 06:54:46 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
index.html
s0.2mdn.net/dfp/279981/5077633639/1633975835413/ Frame C2C0 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/dfp/279981/5077633639/1633975835413/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/dfa7banner_html_inpage_rendering_lib_200_268.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.134 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f134.1e100.net
Software
sffe /
Resource Hash
59d064c353d3cbb5e4e7c7b6edfb157e8cd2f1e532974f4ef7ba5c29906d2860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
s0.2mdn.net
:scheme
https
:path
/dfp/279981/5077633639/1633975835413/index.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://404070df3b8f7600f3dcb3117e8eab48.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://404070df3b8f7600f3dcb3117e8eab48.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-length
2210
date
Tue, 19 Oct 2021 06:54:46 GMT
expires
Wed, 20 Oct 2021 06:54:46 GMT
last-modified
Mon, 11 Oct 2021 18:10:35 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=86400
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
securepubads.g.doubleclick.net/pcs/ Frame 84FE 		0
23 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv-IWruoS1kkGmnK4xUJQkJ7Xc8O8a_MYlr9b4ni8lthPCbrTGX-TTTeHE5T5StfNS_YPFnvZfM9TOBKStFWy9GDR7BBanb0v2Wn6b6vyLf2SzzPdW6WUfApIQEM4AwpzHHnFxPocmpDhYZ5gAb3p1W4-CpsoFUmAcICDPWyin_ajVCgYRT1ChGclMmVvbRCr6m_p5BqpvPZkTZUgrFOrWEoKOwNTMz3ng3zw5PBcii-zQXQXfyGq3qmGipUb0YFVEctpv-XczsbZLBnoM9GaQDDWwQ0GEEtw6TDUPWsFztOGJCvYfcoWgoVUvsrmByeleDtVZMA0zzd5pKSMAfEvtgyesDIOKC&sig=Cg0ArKJSzMDjtmCsdqZ_EAE&urlfix=1&adurl=
Requested by
Host: 404070df3b8f7600f3dcb3117e8eab48.safeframe.googlesyndication.com
URL: https://404070df3b8f7600f3dcb3117e8eab48.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://404070df3b8f7600f3dcb3117e8eab48.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 19 Oct 2021 06:54:46 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
postback
s.srvsynd.com/2/2.33.0/234175/ANj05scOEANFVF0O/ 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.srvsynd.com/2/2.33.0/234175/ANj05scOEANFVF0O/postback?sr=connatix.com&to=3&ui=00000000-0000-0000-0000-000000000000&md=2&ap=undefined&pp=102506&ti=x1096992544050543755095165698048&de=2&pv=a2db4630-b2c5-49c0-ad3a-47b3c42f3186&ci=234175&dt=2341751597675869250012&di=www.wxyz.com&sid=ANj05scOEANFVF0O&oz_sc=ad5fd7e102b18e30e74f3e6a&oz_df=1634626486372&oz_l=117&cv=3
Requested by
Host: d25dfknw9ghxs6.cloudfront.net
URL: https://d25dfknw9ghxs6.cloudfront.net/scsp.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.203.131.238 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-131-238.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.wxyz.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 19 Oct 2021 06:54:45 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
pixel.gif
px.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&zMoatAdUnit1=ssp.wxyz&zMoatAdUnit2=inview-bottom&wf=1&ra=3&pxm=3&sgs=3&vb=5&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=https%3A%2F%2F404070df3b8f7600f3dcb3117e8eab48.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&i=CRACKED_SCRIPPS_DFP_PREBID_HEADER1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BZ.jrG%3DzIR*E%24sRK%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-qzQ31%2B7Cex1YkaWe08ceLJHXkgPshLKyuz%2F4uhjkxPYPVB8OEV7WXRwEOC0dEk1CVCWz&rs=1-SScRKbOpzNBk3A%3D%3D&sc=1&os=1-6A%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=%3BUH2%2Bp%3CGbF&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&url=https%3A%2F%2Fwww.wxyz.com%2Fnews%2Fcoronavirus%2Fcovid-19-vaccine%2F35-michiganders-have-died-after-getting-the-covid-vaccine-but-this-stat-is-less-alarming-than-it-seems&pcode=crackedscrippsdfpprebidheader262014341684&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=11&zMoatpage=-&zMoatpos=above%2C1&zMoatpt=detail%2Ctrue&g=0&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=90&w=728&rm=1&fy=436&gp=1106&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.wxyz.com%2Fnews%2Fcoronavirus%2Fcovid-19-vaccine%2F35-michiganders-have-died-after-getting-the-covid-vaccine-but-this-stat-is-less-alarming-than-it-seems&id=1&ii=4&f=0&j=&t=1634626484230&de=511958499751&rx=479417967148&cu=1634626484230&m=2229&ar=fb6a7277fce-clean&iw=ffbb8c2&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A871043678126&td=1&lk=1106&lb=5669&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A683%3A683%3A2424%3A687&as=0&ag=37&an=0&gf=37&gg=0&ix=37&ic=37&ez=1&aj=1&pg=100&pf=0&ib=1&cc=0&bw=37&bx=0&dj=1&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=74&cd=0&ah=74&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=16839141%3A237842901%3A5250393788%3A138298488418&gw=crackedscrippsdfpprebidheader262014341684&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&hv=findIframeAds&ab=2&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&tc=0&fs=194999&na=1491329321&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.143.57 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-143-57.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.wxyz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Oct 2021 06:54:46 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Tue, 19 Oct 2021 06:54:46 GMT
css
fonts.googleapis.com/ Frame DD00 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Inter:800
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12502976385620377600/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.202 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f10.1e100.net
Software
ESF /
Resource Hash
517ee8a1d0e3438c13fe609412789c12bf6e3dbffd461694e6b7596378d40f75
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 19 Oct 2021 06:17:06 GMT
server
ESF
date
Tue, 19 Oct 2021 06:54:46 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires
Tue, 19 Oct 2021 06:54:46 GMT
Enabler.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame DD00 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12502976385620377600/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f1.1e100.net
Software
cafe /
Resource Hash
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 03:54:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
10796
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5866
x-xss-protection
0
server
cafe
etag
544157900006238945
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Wed, 20 Oct 2021 03:54:50 GMT
addata.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame DD00 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12502976385620377600/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f1.1e100.net
Software
cafe /
Resource Hash
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 23:30:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
26656
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10382
x-xss-protection
0
server
cafe
etag
12806417668659483808
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Tue, 19 Oct 2021 23:30:30 GMT
createjs-2015.11.26.min.js
s0.2mdn.net/dfp/279981/5077633639/1633975855110/libs/ Frame 9BB4 		186 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/dfp/279981/5077633639/1633975855110/libs/createjs-2015.11.26.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/279981/5077633639/1633975855110/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.134 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f134.1e100.net
Software
sffe /
Resource Hash
60f05d358e0777fa5948d114025fac40231d57ee6e877d44c3629518927a5091
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/dfp/279981/5077633639/1633975855110/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 06:54:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49363
x-xss-protection
0
last-modified
Mon, 11 Oct 2021 18:10:55 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 20 Oct 2021 06:54:46 GMT
index.js
s0.2mdn.net/dfp/279981/5077633639/1633975855110/ Frame 9BB4 		67 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/dfp/279981/5077633639/1633975855110/index.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/279981/5077633639/1633975855110/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.134 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f134.1e100.net
Software
sffe /
Resource Hash
a93aac1a41105dc8b715a7d14c2a81940c109abeb786039b95dc51415114ee48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/dfp/279981/5077633639/1633975855110/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 06:54:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12123
x-xss-protection
0
last-modified
Mon, 11 Oct 2021 18:10:55 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 20 Oct 2021 06:54:46 GMT
_preloader.gif
s0.2mdn.net/dfp/279981/5077633639/1633975855110/images/ Frame 9BB4 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dfp/279981/5077633639/1633975855110/images/_preloader.gif
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/279981/5077633639/1633975855110/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.134 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f134.1e100.net
Software
sffe /
Resource Hash
5deaa131a20b30a1c35ad82221ce0547d301c54c4702a9e61d4498e4f7bf4a8f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/dfp/279981/5077633639/1633975855110/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 06:54:46 GMT
x-content-type-options
nosniff
last-modified
Mon, 11 Oct 2021 18:10:55 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1949
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 20 Oct 2021 06:54:46 GMT
createjs-2015.11.26.min.js
s0.2mdn.net/dfp/279981/5077633639/1633975873352/libs/ Frame 81BA 		186 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/dfp/279981/5077633639/1633975873352/libs/createjs-2015.11.26.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/279981/5077633639/1633975873352/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.134 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f134.1e100.net
Software
sffe /
Resource Hash
60f05d358e0777fa5948d114025fac40231d57ee6e877d44c3629518927a5091
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/dfp/279981/5077633639/1633975873352/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 19:48:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
40003
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49363
x-xss-protection
0
last-modified
Mon, 11 Oct 2021 18:11:14 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 19 Oct 2021 19:48:03 GMT
index.js
s0.2mdn.net/dfp/279981/5077633639/1633975873352/ Frame 81BA 		67 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/dfp/279981/5077633639/1633975873352/index.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/279981/5077633639/1633975873352/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.134 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f134.1e100.net
Software
sffe /
Resource Hash
1370aa391210232dedbf89f9a6a0c39a523623599af9bae40a3f4c9f8b3f4619
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/dfp/279981/5077633639/1633975873352/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 19:48:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
40003
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12209
x-xss-protection
0
last-modified
Mon, 11 Oct 2021 18:11:13 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 19 Oct 2021 19:48:03 GMT
_preloader.gif
s0.2mdn.net/dfp/279981/5077633639/1633975873352/images/ Frame 81BA 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dfp/279981/5077633639/1633975873352/images/_preloader.gif
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/279981/5077633639/1633975873352/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.134 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f134.1e100.net
Software
sffe /
Resource Hash
5deaa131a20b30a1c35ad82221ce0547d301c54c4702a9e61d4498e4f7bf4a8f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/dfp/279981/5077633639/1633975873352/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 13:49:14 GMT
x-content-type-options
nosniff
age
61532
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1949
x-xss-protection
0
last-modified
Mon, 11 Oct 2021 18:11:13 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 19 Oct 2021 13:49:14 GMT
createjs-2015.11.26.min.js
s0.2mdn.net/dfp/279981/5077633639/1633975835413/libs/ Frame C2C0 		186 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/dfp/279981/5077633639/1633975835413/libs/createjs-2015.11.26.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/279981/5077633639/1633975835413/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.134 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f134.1e100.net
Software
sffe /
Resource Hash
60f05d358e0777fa5948d114025fac40231d57ee6e877d44c3629518927a5091
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/dfp/279981/5077633639/1633975835413/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 06:54:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49363
x-xss-protection
0
last-modified
Mon, 11 Oct 2021 18:10:35 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 20 Oct 2021 06:54:46 GMT
index.js
s0.2mdn.net/dfp/279981/5077633639/1633975835413/ Frame C2C0 		67 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/dfp/279981/5077633639/1633975835413/index.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/279981/5077633639/1633975835413/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.134 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f134.1e100.net
Software
sffe /
Resource Hash
c56802bfedab8a43bcd535d76ae99fa184d5e083a32125e1cc4b259c95cc9c8e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/dfp/279981/5077633639/1633975835413/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 06:54:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12126
x-xss-protection
0
last-modified
Mon, 11 Oct 2021 18:10:35 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 20 Oct 2021 06:54:46 GMT
_preloader.gif
s0.2mdn.net/dfp/279981/5077633639/1633975835413/images/ Frame C2C0 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dfp/279981/5077633639/1633975835413/images/_preloader.gif
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/279981/5077633639/1633975835413/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.134 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f134.1e100.net
Software
sffe /
Resource Hash
5deaa131a20b30a1c35ad82221ce0547d301c54c4702a9e61d4498e4f7bf4a8f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/dfp/279981/5077633639/1633975835413/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 06:54:46 GMT
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1949
x-xss-protection
0
last-modified
Mon, 11 Oct 2021 18:10:35 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 20 Oct 2021 06:54:46 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 8BD9 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gpt_2021101201&jk=927070668138408&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers
6ezQI-oG7_JBlIQWa0q_6kDxCwRKhGyZnEhX1xufIgc.js
pagead2.googlesyndication.com/bg/ Frame 9483 		34 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/6ezQI-oG7_JBlIQWa0q_6kDxCwRKhGyZnEhX1xufIgc.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
sffe /
Resource Hash
e9ecd023ea06eff2419484166b4abfea40f10b044a846c999c4857d71b9f2207
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 00:48:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
21962
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13172
x-xss-protection
0
last-modified
Mon, 11 Oct 2021 11:08:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Wed, 19 Oct 2022 00:48:44 GMT
postback
s.srvsynd.com/2/2.33.0/234175/ANj05scOEANFVF0O/ 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.srvsynd.com/2/2.33.0/234175/ANj05scOEANFVF0O/postback?sr=connatix.com&to=3&ui=00000000-0000-0000-0000-000000000000&md=2&ap=undefined&pp=102506&ti=x1096992544050543755095165698048&de=2&pv=a2db4630-b2c5-49c0-ad3a-47b3c42f3186&ci=234175&dt=2341751597675869250012&di=www.wxyz.com&sid=ANj05scOEANFVF0O&oz_sc=ad5fd7e102b18e30e74f3e6a&oz_df=1634626486544&oz_l=219&cv=3
Requested by
Host: d25dfknw9ghxs6.cloudfront.net
URL: https://d25dfknw9ghxs6.cloudfront.net/scsp.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.203.131.238 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-131-238.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.wxyz.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 19 Oct 2021 06:54:46 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
BG_300x250.jpg
s0.2mdn.net/dfp/279981/5077633639/1633975873352/images/ Frame 81BA 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dfp/279981/5077633639/1633975873352/images/BG_300x250.jpg
Requested by
Host: 404070df3b8f7600f3dcb3117e8eab48.safeframe.googlesyndication.com
URL: https://404070df3b8f7600f3dcb3117e8eab48.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.134 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f134.1e100.net
Software
sffe /
Resource Hash
4ee5c21290b8cabccc825aef58d019477bbcb001c156e5c437704e66f842820a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/dfp/279981/5077633639/1633975873352/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 13:49:14 GMT
x-content-type-options
nosniff
age
61532
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13589
x-xss-protection
0
last-modified
Mon, 11 Oct 2021 18:11:13 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 19 Oct 2021 13:49:14 GMT
UcCO3FwrK3iLTeHuS_fvQtMwCp50KnMw2boKoduKmMEVuDyYAZ9hiA.woff2
fonts.gstatic.com/s/inter/v3/ Frame DD00 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/inter/v3/UcCO3FwrK3iLTeHuS_fvQtMwCp50KnMw2boKoduKmMEVuDyYAZ9hiA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Inter:800
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f3.1e100.net
Software
sffe /
Resource Hash
3bc9d28f4e64c676c58b31ad6578ca7f3f383cca647bf363916d4ee8982c3b08
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
null
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 17 Oct 2021 14:15:35 GMT
x-content-type-options
nosniff
age
146351
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18116
x-xss-protection
0
last-modified
Thu, 28 Jan 2021 22:31:27 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 17 Oct 2022 14:15:35 GMT
logo_01.png
s0.2mdn.net/dfp/279981/5077633639/1633975873352/images/ Frame 81BA 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dfp/279981/5077633639/1633975873352/images/logo_01.png
Requested by
Host: 404070df3b8f7600f3dcb3117e8eab48.safeframe.googlesyndication.com
URL: https://404070df3b8f7600f3dcb3117e8eab48.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.134 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f134.1e100.net
Software
sffe /
Resource Hash
bdaa2b8335dedda6c1ae94ce3850b459583d55992b13d611a772ac6adf7ef19e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/dfp/279981/5077633639/1633975873352/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 13:49:14 GMT
x-content-type-options
nosniff
age
61532
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4586
x-xss-protection
0
last-modified
Mon, 11 Oct 2021 18:11:14 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 19 Oct 2021 13:49:14 GMT
bg_300x600.jpg
s0.2mdn.net/dfp/279981/5077633639/1633975855110/images/ Frame 9BB4 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dfp/279981/5077633639/1633975855110/images/bg_300x600.jpg
Requested by
Host: 404070df3b8f7600f3dcb3117e8eab48.safeframe.googlesyndication.com
URL: https://404070df3b8f7600f3dcb3117e8eab48.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.134 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f134.1e100.net
Software
sffe /
Resource Hash
1fff22b2bf209855855013e7f81a45a004784ea1dd9b8c47ac927ba447e11038
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/dfp/279981/5077633639/1633975855110/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 06:54:46 GMT
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23113
x-xss-protection
0
last-modified
Mon, 11 Oct 2021 18:10:55 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 20 Oct 2021 06:54:46 GMT
bg_728x90.jpg
s0.2mdn.net/dfp/279981/5077633639/1633975835413/images/ Frame C2C0 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dfp/279981/5077633639/1633975835413/images/bg_728x90.jpg
Requested by
Host: 404070df3b8f7600f3dcb3117e8eab48.safeframe.googlesyndication.com
URL: https://404070df3b8f7600f3dcb3117e8eab48.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.134 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f134.1e100.net
Software
sffe /
Resource Hash
4ed7169b29b864a9d52a6528f7e1feea1ca94b81b875773b1587ba5aa56b22bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/dfp/279981/5077633639/1633975835413/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 06:54:46 GMT
x-content-type-options
nosniff
last-modified
Mon, 11 Oct 2021 18:10:35 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14673
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 20 Oct 2021 06:54:46 GMT
logo_300x250_01.png
s0.2mdn.net/dfp/279981/5077633639/1633975873352/images/ Frame 81BA 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dfp/279981/5077633639/1633975873352/images/logo_300x250_01.png
Requested by
Host: 404070df3b8f7600f3dcb3117e8eab48.safeframe.googlesyndication.com
URL: https://404070df3b8f7600f3dcb3117e8eab48.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.134 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f134.1e100.net
Software
sffe /
Resource Hash
cb736684a56de757e3d0e5550752f489a309135bbf16c9b6fcfca4a4a21b7b46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/dfp/279981/5077633639/1633975873352/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 13:49:14 GMT
x-content-type-options
nosniff
age
61532
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6976
x-xss-protection
0
last-modified
Mon, 11 Oct 2021 18:11:14 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 19 Oct 2021 13:49:14 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 84FE 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsubinWAnoxyKJ8DoE6mHk0ngmoqeEvR4mvv7EJ84xkR_mKzw_3OnRE4M47vkald6-9Rj5hpTZb74xRsa-zuU7tBUMA9_72lGXjApnBjyIwG5AOGo19uhRysrPJBirLVKFQhMAvQVg4S2DlsJywuoGxUNOh9fmALj_wB9YqAIyW4j6BlUHOULddpcZw33fO2j-X-xOGK8OGVM4KZm_Qn0QIy5sOb0hf4DauuRC7sMmOzIipgorspUhPiXjwpvp1-RiwIs-gVTzm_rKBaN1h87-VUMfHgZ0dMi1Cz9mH3BbpO4kYqAcfU50pXmTjsmMOsQaai30ppQnGPW9nhSKjIbN6cWeaRugfdxAw&sig=Cg0ArKJSzFuWYvZjbgwiEAE&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://404070df3b8f7600f3dcb3117e8eab48.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 19 Oct 2021 06:54:46 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Tue, 19 Oct 2021 06:54:46 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame CB72 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssUb_qCFsyry9Bk_cpw9AenOSbRdBVgIwpXUpPXe1cfKIl9NZ0GYXRg-lo0NvL2IetzuumwTWdJkw1cI_EBLpU-rTn6khsPb_RoIlLe78nmbDlDi5VpaM55GIjriHQ8kEiVGh4dGqlc2yC1ACW0jJxzc2xtLf1dvuwAbuCMmHq-JuJ5zBnI5KaZi2BVCVptR0Vr7ktTuWbvINfTexuSAteRF33nU5sCFlOBJjUO0KJ9NocROh9IeX--PvW2b3QJ7wAzZ4PlFOz6G5H7uX3yuoil9-PwUWSCPG58JmVTMdAMe7STr6pKyZ6jDCNnuAP7D6AcHk5DkkKgo2cX5_vxuY8iF2oLtuHKxOw&sig=Cg0ArKJSzOuoyQGSSAXrEAE&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://404070df3b8f7600f3dcb3117e8eab48.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 19 Oct 2021 06:54:46 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Tue, 19 Oct 2021 06:54:46 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame FD49 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssgUAT-Vy4Ri-_qVLBQAjBIY8Z5YfxIw3C1J611NZvuZnnntWlQ-Hajb-WePsy9QOGVLCkrM6sXGa2f4h4eM2c6Y_V8r3aSOQuGpm0QEFXcXb3yqEai8mvBtgPfp6qB6LMpHZim3MEaQQF3kd_xCfd247hmGQ5ff2aHmkMgF6ScGLRSiDox-ueXdD-YIVJZ_0GwAZjaSf1QGRV2XiJqYhyvbWqpMbtDQbkV1n3_imlQU4Q5nT6RVJBct24FX2obC_4ei_2UuTbo9QQ7Yc12vR6KHdhGyYUMKX0PLyFFSOVlDzKyZu1rCnsiPpLH_YbR3Pdcfa3JHlF-2Ii3JUD0WXiu14is3xA_j0M&sig=Cg0ArKJSzARreT99C8M8EAE&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://404070df3b8f7600f3dcb3117e8eab48.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 19 Oct 2021 06:54:46 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Tue, 19 Oct 2021 06:54:46 GMT
logo_300x250_01.png
s0.2mdn.net/dfp/279981/5077633639/1633975855110/images/ Frame 9BB4 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dfp/279981/5077633639/1633975855110/images/logo_300x250_01.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.134 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f134.1e100.net
Software
sffe /
Resource Hash
cb736684a56de757e3d0e5550752f489a309135bbf16c9b6fcfca4a4a21b7b46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/dfp/279981/5077633639/1633975855110/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 06:54:46 GMT
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6976
x-xss-protection
0
last-modified
Mon, 11 Oct 2021 18:10:55 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 20 Oct 2021 06:54:46 GMT
logo_300x250_01.png
s0.2mdn.net/dfp/279981/5077633639/1633975835413/images/ Frame C2C0 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dfp/279981/5077633639/1633975835413/images/logo_300x250_01.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.134 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f134.1e100.net
Software
sffe /
Resource Hash
cb736684a56de757e3d0e5550752f489a309135bbf16c9b6fcfca4a4a21b7b46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/dfp/279981/5077633639/1633975835413/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 16:41:43 GMT
x-content-type-options
nosniff
age
51183
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6976
x-xss-protection
0
last-modified
Mon, 11 Oct 2021 18:10:35 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 19 Oct 2021 16:41:43 GMT
6a9b77c4-82ad-44ad-b730-d0edaa251e8b
https://www.wxyz.com/ 		795 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.wxyz.com/6a9b77c4-82ad-44ad-b730-d0edaa251e8b
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
49bf438349cbba11f359c77a0d1c179c8be4804a283cd594bc450b6ec9d5b0fd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Length
795
Grover_Logo_Claim-top-White.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12502976385620377600/ Frame DD00 		8 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12502976385620377600/Grover_Logo_Claim-top-White.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f1.1e100.net
Software
sffe /
Resource Hash
805dc2ef7778678ace99530207d0bcda25f70b3c2ae08bca8259c079454eb0a4
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
age
117682
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2144
x-xss-protection
0
last-modified
Fri, 23 Apr 2021 11:57:52 GMT
server
sffe
date
Sun, 17 Oct 2021 22:13:24 GMT
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Mon, 17 Oct 2022 22:13:24 GMT
sim.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12502976385620377600/ Frame DD00 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12502976385620377600/sim.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f1.1e100.net
Software
sffe /
Resource Hash
98ba2e1fef17c14f30d59cd311adb42f9393ba132e6689fb5784e092a5638606
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
30472
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7832
x-xss-protection
0
last-modified
Fri, 23 Apr 2021 11:57:52 GMT
server
sffe
date
Mon, 18 Oct 2021 22:26:54 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 18 Oct 2022 22:26:54 GMT
phones_2.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12502976385620377600/ Frame DD00 		48 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12502976385620377600/phones_2.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f1.1e100.net
Software
sffe /
Resource Hash
b026d5118326e37e2324456275ac6971462e1c6a8a90213c55bb4a098aa3b4f4
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
31846
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48894
x-xss-protection
0
last-modified
Fri, 23 Apr 2021 11:57:52 GMT
server
sffe
date
Mon, 18 Oct 2021 22:04:00 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 18 Oct 2022 22:04:00 GMT
1phones.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12502976385620377600/ Frame DD00 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12502976385620377600/1phones.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f1.1e100.net
Software
sffe /
Resource Hash
f8deed8d38bdd3b2902629c02ad1eb000b082b2519fb73d31a63d37181cf77fc
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
117682
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26884
x-xss-protection
0
last-modified
Fri, 23 Apr 2021 11:57:52 GMT
server
sffe
date
Sun, 17 Oct 2021 22:13:24 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 17 Oct 2022 22:13:24 GMT
logo_728.png
s0.2mdn.net/dfp/279981/5077633639/1633975835413/images/ Frame C2C0 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dfp/279981/5077633639/1633975835413/images/logo_728.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.134 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f134.1e100.net
Software
sffe /
Resource Hash
c771a917d3286c9c1e094d2d1ab65280472dc3609988cc5917f52479ed18bd94
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/dfp/279981/5077633639/1633975835413/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 16:41:43 GMT
x-content-type-options
nosniff
age
51183
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4439
x-xss-protection
0
last-modified
Mon, 11 Oct 2021 18:10:35 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 19 Oct 2021 16:41:43 GMT
logo_300x600_01.jpg
s0.2mdn.net/dfp/279981/5077633639/1633975855110/images/ Frame 9BB4 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dfp/279981/5077633639/1633975855110/images/logo_300x600_01.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.134 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f134.1e100.net
Software
sffe /
Resource Hash
a56f0d981ef60e9526e9f069f74ce005014ba375dcb8d947396b21294a8ce669
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/dfp/279981/5077633639/1633975855110/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 06:54:46 GMT
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3196
x-xss-protection
0
last-modified
Mon, 11 Oct 2021 18:10:55 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 20 Oct 2021 06:54:46 GMT
postback
s.srvsynd.com/2/2.33.0/234175/ANj05scOEANFVF0O/ 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.srvsynd.com/2/2.33.0/234175/ANj05scOEANFVF0O/postback?sr=connatix.com&to=3&ui=00000000-0000-0000-0000-000000000000&md=2&ap=undefined&pp=102506&ti=x1096992544050543755095165698048&de=2&pv=a2db4630-b2c5-49c0-ad3a-47b3c42f3186&ci=234175&dt=2341751597675869250012&di=www.wxyz.com&sid=ANj05scOEANFVF0O&oz_sc=ad5fd7e102b18e30e74f3e6a&oz_df=1634626486775&oz_l=19485&cv=3
Requested by
Host: d25dfknw9ghxs6.cloudfront.net
URL: https://d25dfknw9ghxs6.cloudfront.net/scsp.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.203.131.238 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-131-238.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.wxyz.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 19 Oct 2021 06:54:46 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021101201&jk=927070668138408&bg=!ammlaS3NAAao6lBpqOo7ACkAdvg8WpNBSlPMGiZjA8-LAEJJSJIgK5gMpNPkcAyOdNSHmIgpxZlylAIAAACsUgAAACNoAQeZAr5fMStNZyLvtHp9QBdfLGnI6aGvS7eTp9On6S9h9KFBeCW1bB3P8G-bS_8pDM5XtQssvHZv4ZF-bLO1AIdggHa9sBs86IWrl_RcvI6t0wqvlggT6V8E8oZ1fITsC9A3E0AeOoCFxtsMzSUIszx-R_JwJdUBDPqNqBXQg8E-N2WixqFBKYwpIiL0e9wgpbVF0_qosIblnnr9rdHiETUj7_c6YUhPwhzO-4348puA5shjiPPaX87lryaeLoYn7I72YUrbtuIMa9iOFxABy4HAYDx_hVCENjJCI2IMVXms6Vyfo_kHQOF9SZN_taGVudA_wdHSD9IXYtsZzrfZ2fDTuf6VJFoJyKyB6ku6cKqCbiTCmT8kEgamoAi95nDTnBBWHqrkEbludhn7aF4PND8Hc7Yjc9alqTm9uO63tyAYZz-8yPIKtgif2-9DlN2bpeKfnXE0yPhnnsSw-SnUrpZvHlSIrfuiMXeK-Wy_rF1uJNwY6r4TLlVAg9GQzEWFclixlmOkGVf6FxN2URH6ivT7mhPXhT5WwoguO9tWjrBu52oEl0ujQHngENHHWO2fsaVi4EQ6dcsLdyRG7USkqoOmC2QzKvyym-GualdYv-yn4DtmDMnPUMU6XudAeAXKFbMP_f3F9kV9Wx49cGs9TcZJc-r9cK_wLMdqb12a-1k4XRgOX6XZPaoZw0RVexvcYxx7Uifjs-mZFptY1rlZT57xpcPeGW8-onDDfKkveaYcOQn-4vYpTyJWv5pcOI1Ob-5so3qkPxic39zZA1mUecCbEX6r-Cbf5_BGGX-8ShqNUApb6S5q4Eeg2oxYQuOa0bCp2vd-vrvd7l4UPAhMgG0inzDc0uiuhzF9RhhelpfiiznIZJ2XxObFCs0-TOYa7LCYuryjOM2oX3ulaAfxa_At7MYYYO1_RHu34vfn7tbEa14
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.wxyz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Oct 2021 06:54:46 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
moatvideo.js
z.moatads.com/scrippsjsimavideo263172958560/ Frame 78CC 		315 KB
106 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/scrippsjsimavideo263172958560/moatvideo.js
Requested by
Host: assets.scrippsdigital.com
URL: https://assets.scrippsdigital.com/cms/js/ScrippsEmbeddedVideoIframe.js?v=05252021
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.143.57 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-143-57.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
bbbf1e82c81503d12b1eb12df97b59ca6b17a8e1a70d3a13d01f8e3a01659843

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://assets.scrippsdigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 06:54:46 GMT
content-encoding
gzip
last-modified
Tue, 12 Oct 2021 15:29:16 GMT
server
AmazonS3
x-amz-request-id
SW4NDQJ1TR2SZFQM
etag
"187d15f44c195141dbd4de7afd1102c1"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=6336
accept-ranges
bytes
content-length
107852
x-amz-id-2
KH+VncDU479z8BuwG+YHR3nNVsLVAjHiHezlerSgHqqtUNbaOldfnbgufXOiGg0DzaCHUhjFLfA=
ads
pubads.g.doubleclick.net/gampad/ Frame DCF5 		20 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?slotname=%2F6088%2Fssp.wxyz%2Fnews%2Fcoronavirus%2Fcovid_19_vaccine%2Fdetail&sz=1x1000&ciu_szs=300x250&cust_params=haship%3Db9204845d25844a5360d80edad1a568d%26fname%3D35-michiganders-have-died-after-getting-the-covid-vaccine-but-this-stat-is-less-alarming-than-it-seems%26categories%3Dcovid-19-vaccine%2Cinvestigations%2Ccoronavirus%2Cnews%2Clocal-news%2Chomepage-showcase%26refdomain%3Dwxyz.com%26iframed%3D0%26kw%3D7%20Action%20News%2CDetroit%2CWXYZ-TV%2Cmetro%20Detroit%26pxconfig%3Dweb-vod%26bidders%3Dpublica&url=https%3A%2F%2Fwww.wxyz.com%2F&unviewed_position_start=1&env=vp&gdfp_req=1&ad_rule=0&output=xml_vast4&video_url_to_fetch=https%3A%2F%2Fwww.wxyz.com%2F&vad_type=linear&vpos=preroll&pod=1&vrid=621&min_ad_duration=0&max_ad_duration=60000&ppos=1&lip=true&ppid=1255186912&correlator=3580358266316388&ord=474399794052937860&kfa=0&tfcd=0&vpa=click&sdkv=h.3.485.1&osd=2&frm=2&vis=1&sdr=1&hl=en&afvsz=450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&u_so=l&ctv=0&mpt=videojs-ima&mpv=0.2.0&sdki=44d&adk=1381633685&sdk_apis=2%2C8&media_url=https%3A%2F%2Fx-default-stgec.uplynk.com%2Fausw%2Fslices%2F4f5%2Fbe88c4e651db4a7dbe102614d7272948%2F4f540a88fc44431bbf99302539b564c6%2F4f540a88fc44431bbf99302539b564c6_g.mp4&sid=10203841-98FF-45A2-8AD1-619AE4851E50&eid=44750820&ref=https%3A%2F%2Fwww.wxyz.com%2F&dlt=1634626484293&idt=1117&dt=1634626486929&scor=2026162144832089&ged=ve4_td3_tt2_pd3_la3000_er0.0.343.610_vi0.0.343.610_vp100_ts1_eb24427
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.485.1_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
ae0c447bcad4fffcae29885007732fe7774439c189d32f5d8d8244cbd8b75112
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 06:54:47 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3913
x-xss-protection
0
google-lineitem-id
5803094604
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138363760459
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
postback
s.srvsynd.com/2/2.33.0/234175/ANj05scOEANFVF0O/ 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.srvsynd.com/2/2.33.0/234175/ANj05scOEANFVF0O/postback?sr=connatix.com&to=3&ui=00000000-0000-0000-0000-000000000000&md=2&ap=undefined&pp=102506&ti=x1096992544050543755095165698048&de=2&pv=a2db4630-b2c5-49c0-ad3a-47b3c42f3186&ci=234175&dt=2341751597675869250012&di=www.wxyz.com&sid=ANj05scOEANFVF0O&oz_sc=ad5fd7e102b18e30e74f3e6a&oz_df=1634626487020&oz_l=6190&cv=3
Requested by
Host: d25dfknw9ghxs6.cloudfront.net
URL: https://d25dfknw9ghxs6.cloudfront.net/scsp.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.203.131.238 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-131-238.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.wxyz.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 19 Oct 2021 06:54:46 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
csi
csi.gstatic.com/ Frame DCF5 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~kuxqekd7&c=4237781750670&slotId=2118890875335&qqid=COOA4pjy1fMCFRyH_QcdzFcC9A&gqid=tmtuYZHlOaqJlQf614nIDw&fb=ima_html5-lima&sdkv=h.3.485.1&ppt=videojs-ima&ppv=0.2.0&mrd=4&aab=1&itv=1&eee=missing-element&bi=missing-id&vmfc=9&vhc=0&ghmsh_eids=44750820
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.485.1_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.166.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
del03s17-in-f3.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://imasdk.googleapis.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 19 Oct 2021 06:54:48 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame DCF5 		0
23 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstmwIGOal74PBY7jGs4yjaQ2Kjk52298j6hclz7XLgU6jNQ1u3cl2nHF2KYNsSkdFk0nyKdvOd72xD8UdmZHkY8MHuckfKSz8ErpvlxRXNCf5sf8fIv81kX7uBEe4oScpLDMYH6DtFuXn6uPSEcANgV8cwuSmTAuqNkZZ6LFH9ZFWFTANPMx0QHlMmQSUzszuVckqJeJuNohJWIc6XCFmKDyVfcRNvrLQu9tF0THZZqA6aYZogbR-jA4P1rI_rnAMQN5NGXCl_Rnmu31EKslK2WIq0eDfnqmi1-qHzfGBNPWbFWOZYKdee4s6VnEYTTGXLie-2QM40c4KPXt5pRtzuDQTj0TBbvaGo29-LT&sig=Cg0ArKJSzAbTzOA5pPukEAE&sdkv=h.3.485.1&vci=CmsIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgRHREZQIAQqCjU4MDMwOTQ2MDQyDDEzODM2Mzc2MDQ1OUD6AVIoCNAFEBIlAADwQSgBOgt1cXc0alRmUzNLd0ILZ29vZ2xldmlkZW9QABgB&adurl=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 19 Oct 2021 06:54:47 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
pixel.gif
px.moatads.com/ Frame 78CC 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=17&i=SCRIPPSJSIMAINT1&hp=1&ra=2&pxm=7&vz=-&zp=4&sgs=2&vb=-1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=8&f=1&nh=1&j=https%3A%2F%2Fwww.wxyz.com&lp=https%3A%2F%2Fwww.wxyz.com&t=1634626486951&de=774364448311&m=0&ar=fb6a7277fce-clean&iw=5afa789&q=1&cb=0&ym=0&cu=1634626486951&ll=2&lm=1&ln=1&r=0&em=0&en=0&d=-%3A-%3A5803094604%3A138363760459&zGSRC=1&gu=https%3A%2F%2Fwww.wxyz.com%2F&id=0&ii=3&dfp=0%2C1&la=5803094604&zMoatPL=wxyz.com&zMoatPL2=wxyz.com&bo=wxyz.com&bd=wxyz.com&zMoatOrigSlicer1=__SLICER1__&zMoatOrigSlicer2=__SLICER2__&gw=scrippsjsimavideo263172958560&fd=1&ac=1&it=500&ti=0&ih=1&pe=0%3A624%3A624%3A610%3A607&fs=194999&na=634546287&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.143.57 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-143-57.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://assets.scrippsdigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Oct 2021 06:54:47 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Tue, 19 Oct 2021 06:54:47 GMT
csi
csi.gstatic.com/ Frame 78CC 		0
348 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~kuxqejwe&c=4237781750670&slotId=2118890875335&eee=missing-element&bi=missing-id
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.166.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
del03s17-in-f3.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://assets.scrippsdigital.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 19 Oct 2021 06:54:48 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
file.webm
r2---sn-2gb7sn7k.gvt1.com/videoplayback/id/978344da36adf92f/itag/44/source/dclk_video_ads/requiressl/yes/acao/yes/mime/video%2Fwebm/ctier/L/ip/0.0.0.0/ipbits/0/expire/1634648087/sparams/acao,ctier,... Frame 78CC
Redirect Chain
  • https://redirector.gvt1.com/videoplayback/id/978344da36adf92f/itag/44/source/dclk_video_ads/requiressl/yes/acao/yes/mime/video%2Fwebm/ctier/L/ip/0.0.0.0/ipbits/0/expire/1634648087/sparams/ip,ipbits...
  • https://r2---sn-2gb7sn7k.gvt1.com/videoplayback/id/978344da36adf92f/itag/44/source/dclk_video_ads/requiressl/yes/acao/yes/mime/video%2Fwebm/ctier/L/ip/0.0.0.0/ipbits/0/expire/1634648087/sparams/aca...
67 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://r2---sn-2gb7sn7k.gvt1.com/videoplayback/id/978344da36adf92f/itag/44/source/dclk_video_ads/requiressl/yes/acao/yes/mime/video%2Fwebm/ctier/L/ip/0.0.0.0/ipbits/0/expire/1634648087/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mime,mip,mm,mn,ms,mv,mvi,pl,requiressl,source/signature/0C785BC564D0F3992FC3209D2030DCBD960573E9.4C5108B7ED513C41F396180999F35B28D6C8A662/key/cms1/cms_redirect/yes/mh/Q-/mip/216.131.111.33/mm/28/mn/sn-2gb7sn7k/ms/nvh/mt/1634625618/mv/m/mvi/2/pl/24/file/file.webm
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.104.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
prg03s07-in-f8.1e100.net
Software
gvs 1.0 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://assets.scrippsdigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 06:54:47 GMT
x-content-type-options
nosniff
last-modified
Wed, 15 Sep 2021 14:53:24 GMT
server
gvs 1.0
vary
Origin
content-type
video/webm
Content-Range
bytes 0-3718257/3718258
client-protocol
quic
cache-control
private, max-age=21300
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length
3718258
expires
Tue, 19 Oct 2021 06:54:47 GMT

Redirect headers

pragma
no-cache
date
Tue, 19 Oct 2021 06:54:47 GMT
x-content-type-options
nosniff
server
ClientMapServer
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
location
https://r2---sn-2gb7sn7k.gvt1.com/videoplayback/id/978344da36adf92f/itag/44/source/dclk_video_ads/requiressl/yes/acao/yes/mime/video%2Fwebm/ctier/L/ip/0.0.0.0/ipbits/0/expire/1634648087/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mime,mip,mm,mn,ms,mv,mvi,pl,requiressl,source/signature/0C785BC564D0F3992FC3209D2030DCBD960573E9.4C5108B7ED513C41F396180999F35B28D6C8A662/key/cms1/cms_redirect/yes/mh/Q-/mip/216.131.111.33/mm/28/mn/sn-2gb7sn7k/ms/nvh/mt/1634625618/mv/m/mvi/2/pl/24/file/file.webm
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
692
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
postback
s.srvsynd.com/2/2.33.0/234175/ANj05scOEANFVF0O/ 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.srvsynd.com/2/2.33.0/234175/ANj05scOEANFVF0O/postback?sr=connatix.com&to=3&ui=00000000-0000-0000-0000-000000000000&md=2&ap=undefined&pp=102506&ti=x1096992544050543755095165698048&de=2&pv=a2db4630-b2c5-49c0-ad3a-47b3c42f3186&ci=234175&dt=2341751597675869250012&di=www.wxyz.com&sid=ANj05scOEANFVF0O&oz_sc=ad5fd7e102b18e30e74f3e6a&oz_df=1634626487243&oz_l=4346&cv=3
Requested by
Host: d25dfknw9ghxs6.cloudfront.net
URL: https://d25dfknw9ghxs6.cloudfront.net/scsp.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.203.131.238 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-131-238.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.wxyz.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 19 Oct 2021 06:54:46 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
activeview
pagead2.googlesyndication.com/pcs/ Frame EEBA 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstAxwuxf24q0L0PSr6H5xMQ7D6yKzrrwV2np9C0OmnmsjKVFNNTrAjOPDm07lGYzHrOYZ7cPTFsNZDm4theiJSqKCw7IQKz3aO0rvopaj86EwcYhscoow&sai=AMfl-YRAd6nUvf_oKMvcvCY2N6ttCD5PU6nvegNiMcggO6VDkMCyoKzniMChHd1b7kACPZDARMVXaDZ9RTJLVW65IckQwiv9wMbUKEf1VHgQHVwEMQVsILsycS97TzY&sig=Cg0ArKJSzBkQVl0aiSNHEAE&cid=CAASF-RoGRg6ZBi74YRIfIBZy0qFycyCEj8O&id=lidar2&mcvt=1000&p=0,0,90,728&asp=1106,436,1196,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20211013&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=2&adk=421683115&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1634626485877&rpt=398&isd=0&lsd=0&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://404070df3b8f7600f3dcb3117e8eab48.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Oct 2021 06:54:47 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel.gif
px.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=37&q=0&hp=1&zMoatAdUnit1=ssp.wxyz&zMoatAdUnit2=inview-bottom&wf=1&ra=3&pxm=3&sgs=3&vb=5&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=CRACKED_SCRIPPS_DFP_PREBID_HEADER1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BZ.jrG%3DzIR*E%24sRK%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-qzQ31%2B7Cex1YkaWe08ceLJHXkgPshLKyuz%2F4uhjkxPYPVB8OEV7WXRwEOC0dEk1CVCWz&rs=1-SScRKbOpzNBk3A%3D%3D&sc=1&os=1-6A%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=%3BUH2%2Bp%3CGbF&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&url=https%3A%2F%2Fwww.wxyz.com%2Fnews%2Fcoronavirus%2Fcovid-19-vaccine%2F35-michiganders-have-died-after-getting-the-covid-vaccine-but-this-stat-is-less-alarming-than-it-seems&pcode=crackedscrippsdfpprebidheader262014341684&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=11&zMoatpage=-&zMoatpos=above%2C1&zMoatpt=detail%2Ctrue&g=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=90&w=728&rm=1&fy=436&gp=1106&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.wxyz.com%2Fnews%2Fcoronavirus%2Fcovid-19-vaccine%2F35-michiganders-have-died-after-getting-the-covid-vaccine-but-this-stat-is-less-alarming-than-it-seems&id=1&ii=4&f=0&j=&t=1634626484230&de=511958499751&rx=479417967148&cu=1634626484230&m=3211&ar=fb6a7277fce-clean&iw=ffbb8c2&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A871043678126&td=1&lk=1106&lb=5669&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A683%3A683%3A2424%3A687&as=1&ag=1021&an=37&gi=1&gf=1021&gg=37&ix=1021&ic=1021&ez=1&ck=1021&kw=855&aj=1&pg=100&pf=100&ib=1&cc=1&bw=1021&bx=37&ci=1021&jz=855&dj=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=855&cd=74&ah=855&am=74&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=16839141%3A237842901%3A5250393788%3A138298488418&gw=crackedscrippsdfpprebidheader262014341684&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&hv=findIframeAds&ab=2&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&tc=0&fs=194999&na=365045209&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.143.57 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-143-57.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.wxyz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Oct 2021 06:54:47 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Tue, 19 Oct 2021 06:54:47 GMT
pixel.gif
px.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=5&q=0&hp=1&zMoatAdUnit1=ssp.wxyz&zMoatAdUnit2=inview-bottom&wf=1&ra=3&pxm=3&sgs=3&vb=5&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=CRACKED_SCRIPPS_DFP_PREBID_HEADER1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BZ.jrG%3DzIR*E%24sRK%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-qzQ31%2B7Cex1YkaWe08ceLJHXkgPshLKyuz%2F4uhjkxPYPVB8OEV7WXRwEOC0dEk1CVCWz&rs=1-SScRKbOpzNBk3A%3D%3D&sc=1&os=1-6A%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=%3BUH2%2Bp%3CGbF&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&url=https%3A%2F%2Fwww.wxyz.com%2Fnews%2Fcoronavirus%2Fcovid-19-vaccine%2F35-michiganders-have-died-after-getting-the-covid-vaccine-but-this-stat-is-less-alarming-than-it-seems&pcode=crackedscrippsdfpprebidheader262014341684&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=11&zMoatpage=-&zMoatpos=above%2C1&zMoatpt=detail%2Ctrue&g=2&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=90&w=728&rm=1&fy=436&gp=1106&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.wxyz.com%2Fnews%2Fcoronavirus%2Fcovid-19-vaccine%2F35-michiganders-have-died-after-getting-the-covid-vaccine-but-this-stat-is-less-alarming-than-it-seems&id=1&ii=4&f=0&j=&t=1634626484230&de=511958499751&rx=479417967148&cu=1634626484230&m=3212&ar=fb6a7277fce-clean&iw=ffbb8c2&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A871043678126&td=1&lk=1106&lb=5669&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A683%3A683%3A2424%3A687&as=1&ag=1021&an=1021&gi=1&gf=1021&gg=1021&ix=1021&ic=1021&ez=1&ck=1021&kw=855&aj=1&pg=100&pf=100&ib=1&cc=1&bw=1021&bx=1021&ci=1021&jz=855&dj=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=855&cd=855&ah=855&am=855&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=16839141%3A237842901%3A5250393788%3A138298488418&gw=crackedscrippsdfpprebidheader262014341684&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&hv=findIframeAds&ab=2&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&tc=0&fs=194999&na=320493036&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.143.57 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-143-57.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.wxyz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Oct 2021 06:54:47 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Tue, 19 Oct 2021 06:54:47 GMT
pixel.gif
px.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=37&q=1&hp=1&zMoatAdUnit1=ssp.wxyz&zMoatAdUnit2=inview-bottom&wf=1&ra=3&pxm=3&sgs=3&vb=5&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=CRACKED_SCRIPPS_DFP_PREBID_HEADER1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BZ.jrG%3DzIR*E%24sRK%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-qzQ31%2B7Cex1YkaWe08ceLJHXkgPshLKyuz%2F4uhjkxPYPVB8OEV7WXRwEOC0dEk1CVCWz&rs=1-SScRKbOpzNBk3A%3D%3D&sc=1&os=1-6A%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=%3BUH2%2Bp%3CGbF&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&url=https%3A%2F%2Fwww.wxyz.com%2Fnews%2Fcoronavirus%2Fcovid-19-vaccine%2F35-michiganders-have-died-after-getting-the-covid-vaccine-but-this-stat-is-less-alarming-than-it-seems&pcode=crackedscrippsdfpprebidheader262014341684&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=11&zMoatpage=-&zMoatpos=above%2C1&zMoatpt=detail%2Ctrue&g=3&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=90&w=728&rm=1&fy=436&gp=1106&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.wxyz.com%2Fnews%2Fcoronavirus%2Fcovid-19-vaccine%2F35-michiganders-have-died-after-getting-the-covid-vaccine-but-this-stat-is-less-alarming-than-it-seems&id=1&ii=4&f=0&j=&t=1634626484230&de=511958499751&rx=479417967148&cu=1634626484230&m=3214&ar=fb6a7277fce-clean&iw=ffbb8c2&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A871043678126&td=1&lk=1106&lb=5669&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A683%3A683%3A2424%3A687&as=1&ag=1021&an=1021&gi=1&gf=1021&gg=1021&ix=1021&ic=1021&ez=1&ck=1021&kw=855&aj=1&pg=100&pf=100&ib=1&cc=1&bw=1021&bx=1021&ci=1021&jz=855&dj=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=855&cd=855&ah=855&am=855&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=16839141%3A237842901%3A5250393788%3A138298488418&gw=crackedscrippsdfpprebidheader262014341684&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&hv=findIframeAds&ab=2&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&tc=0&fs=194999&na=1032957743&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.143.57 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-143-57.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.wxyz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Oct 2021 06:54:47 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Tue, 19 Oct 2021 06:54:47 GMT
file.webm
r2---sn-2gb7sn7k.gvt1.com/videoplayback/id/978344da36adf92f/itag/44/source/dclk_video_ads/requiressl/yes/acao/yes/mime/video%2Fwebm/ctier/L/ip/0.0.0.0/ipbits/0/expire/1634648087/sparams/acao,ctier,... Frame 78CC 		15 KB
15 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://r2---sn-2gb7sn7k.gvt1.com/videoplayback/id/978344da36adf92f/itag/44/source/dclk_video_ads/requiressl/yes/acao/yes/mime/video%2Fwebm/ctier/L/ip/0.0.0.0/ipbits/0/expire/1634648087/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mime,mip,mm,mn,ms,mv,mvi,pl,requiressl,source/signature/0C785BC564D0F3992FC3209D2030DCBD960573E9.4C5108B7ED513C41F396180999F35B28D6C8A662/key/cms1/cms_redirect/yes/mh/Q-/mip/216.131.111.33/mm/28/mn/sn-2gb7sn7k/ms/nvh/mt/1634625618/mv/m/mvi/2/pl/24/file/file.webm
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.104.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
prg03s07-in-f8.1e100.net
Software
gvs 1.0 /
Resource Hash
d3370d6feb2ecd009714ea3aee88e7ff4469ea5922dbb18342f7b91015d4c27b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://assets.scrippsdigital.com/
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Range
bytes=3702784-

Response headers

date
Tue, 19 Oct 2021 06:54:47 GMT
x-content-type-options
nosniff
last-modified
Wed, 15 Sep 2021 14:53:24 GMT
server
gvs 1.0
vary
Origin
content-type
video/webm
Content-Range
bytes 3702784-3718257/3718258
client-protocol
quic
cache-control
private, max-age=21300
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length
15474
expires
Tue, 19 Oct 2021 06:54:47 GMT
/
pubads.g.doubleclick.net/pagead/interaction/ Frame DCF5 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubads.g.doubleclick.net/pagead/interaction/?ai=B65JytmtuYePNOpyO9u8PzK-JoA_mzIeKRgAAABABIL2i3h84AVjL3v24gwRgleKQgqAHsgEMd3d3Lnd4eXouY29tugEKMzIweDUwX3htbMgBBdoBFWh0dHBzOi8vd3d3Lnd4eXouY29tL5gCkE7AAgLgAgDqAjcvNjA4OC9zc3Aud3h5ei9uZXdzL2Nvcm9uYXZpcnVzL2NvdmlkXzE5X3ZhY2NpbmUvZGV0YWls-AL00R6QA8gGmAPgA6gDAeAEAdIFBhDM5JDPFZAGAaAGI6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwHgBw_SCAkIgOGAEBABGB3YCAKACgWYCwHQFQGAFwE&sigh=f1Cuif4LjrY&label=video_ad_loaded&acvw=&sdkv=h.3.485.1&vci=CmsIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgRHREZQIAQqCjU4MDMwOTQ2MDQyDDEzODM2Mzc2MDQ1OUD6AVIoCNAFEBIlAADwQSgBOgt1cXc0alRmUzNLd0ILZ29vZ2xldmlkZW9QABgB
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Oct 2021 06:54:47 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame DCF5 		0
23 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstkJ6UQnf0yMnT8YaZV2ZSFVmf6m1IJ_6vRxdgz8NrW10a_kMLVkAYLZSUqDj153NfJOsGf7cpQx_dUPOy4icNAPxqxi5bw5aM0by6OVmbVyGIFH_iVhe-HnhcUXfJA5nDjQMvJfD6trwefn0vhhMJtbhs60RyRFdCGm9vy_mMEtxeaOYO3DV6jpTyWpT7GVS6nH-hL38gSlJNkrNHnnV6oUv59R1-YAp_pTCIwNTcnkqAe3zt2cD-nr7wsqR8ebiQUhL9cN8GtncKUoO7jpVPtNTt4XyBgA-4Jls9j4qhB2HeZVZXCDPo6Z035DI6f23hW3Y5L7z-KjgL5fkQiQ43TdbsRcaEDnj4dgA&sig=Cg0ArKJSzDs24KmUeW-lEAE&sdkv=h.3.485.1&adurl=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 19 Oct 2021 06:54:47 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
/
pubads.g.doubleclick.net/pagead/interaction/ Frame DCF5 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubads.g.doubleclick.net/pagead/interaction/?ai=B65JytmtuYePNOpyO9u8PzK-JoA_mzIeKRgAAABABIL2i3h84AVjL3v24gwRgleKQgqAHsgEMd3d3Lnd4eXouY29tugEKMzIweDUwX3htbMgBBdoBFWh0dHBzOi8vd3d3Lnd4eXouY29tL5gCkE7AAgLgAgDqAjcvNjA4OC9zc3Aud3h5ei9uZXdzL2Nvcm9uYXZpcnVzL2NvdmlkXzE5X3ZhY2NpbmUvZGV0YWls-AL00R6QA8gGmAPgA6gDAeAEAdIFBhDM5JDPFZAGAaAGI6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwHgBw_SCAkIgOGAEBABGB3YCAKACgWYCwHQFQGAFwE&sigh=f1Cuif4LjrY&label=vast_creativeview&ad_mt=0&acvw=sv%3D903%26cb%3Dima%26e%3D19%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,343,610%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D30057%26vmtime%3D-1%26is%3D275%26cs%3D274%26c%3D0.99%26mc%3D0.99%26nc%3D0.99%26mv%3D0%26nv%3D0%26lte%3D0.99%26ces%26femt%3D1835%26femvt%3D0%26emc%3D2%26emuc%3D0%26emb%3D0,1,0,0,0%26avms%3Dexc%26qi%3D514052041%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D0%26psa%3D0%26ptlt%3D1634626487502%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0.1%26t%3D1634626487236&sdkv=h.3.485.1&vci=Cm4IARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgRHREZQIAQqCjU4MDMwOTQ2MDQyDDEzODM2Mzc2MDQ1OUD6AVIrCNAFEBIlAADwQSgBOgt1cXc0alRmUzNLd0ILZ29vZ2xldmlkZW9IqQJQABgB
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Oct 2021 06:54:47 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
pubads.g.doubleclick.net/pagead/interaction/ Frame DCF5 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubads.g.doubleclick.net/pagead/interaction/?ai=B65JytmtuYePNOpyO9u8PzK-JoA_mzIeKRgAAABABIL2i3h84AVjL3v24gwRgleKQgqAHsgEMd3d3Lnd4eXouY29tugEKMzIweDUwX3htbMgBBdoBFWh0dHBzOi8vd3d3Lnd4eXouY29tL5gCkE7AAgLgAgDqAjcvNjA4OC9zc3Aud3h5ei9uZXdzL2Nvcm9uYXZpcnVzL2NvdmlkXzE5X3ZhY2NpbmUvZGV0YWls-AL00R6QA8gGmAPgA6gDAeAEAdIFBhDM5JDPFZAGAaAGI6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwHgBw_SCAkIgOGAEBABGB3YCAKACgWYCwHQFQGAFwE&sigh=f1Cuif4LjrY&label=videoclickedtoplay&ad_mt=0&acvw=sv%3D903%26cb%3Dima%26e%3D19%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,343,610%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D30057%26vmtime%3D-1%26is%3D275%26cs%3D274%26c%3D0.99%26mc%3D0.99%26nc%3D0.99%26mv%3D0%26nv%3D0%26lte%3D0.99%26ces%26femt%3D1835%26femvt%3D0%26emc%3D2%26emuc%3D0%26emb%3D0,1,0,0,0%26avms%3Dexc%26qi%3D514052041%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D0%26psa%3D0%26ptlt%3D1634626487502%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0.1%26t%3D1634626487236&sdkv=h.3.485.1&vci=Cm4IARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgRHREZQIAQqCjU4MDMwOTQ2MDQyDDEzODM2Mzc2MDQ1OUD6AVIrCNAFEBIlAADwQSgBOgt1cXc0alRmUzNLd0ILZ29vZ2xldmlkZW9IqQJQABgB
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Oct 2021 06:54:47 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame DCF5 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsukYi9uxQ6UEdU_zJV-Gz8zftaxgyN_eLaWTYmp8FuVkrp2Ih1x5W6ZBVeAQ9q-5SL_snqfJJUUx7pDghUlOeNFoD4QYJfgGHARB4i8Z90l5a0hBd-K&sig=Cg0ArKJSzMlj2VLLMjebEAE&id=lidarv&acvw=sv%3D903%26cb%3Dima%26e%3D15%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,343,610%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D30057%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D275%26ic%3D274%26cs%3D274%26c%3D0.99%26mc%3D0.99%26nc%3D0.99%26mv%3D0%26nv%3D0%26lte%3D0.99%26ces%26femt%3D1835%26femvt%3D0%26emc%3D2%26emuc%3D0%26emb%3D0,1,0,0,0%26avms%3Dexc%26qi%3D514052041%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D0%26psa%3D0%26ptlt%3D1634626487504%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.1%26t%3D1634626487236&avm=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Oct 2021 06:54:47 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
pubads.g.doubleclick.net/pagead/interaction/ Frame DCF5 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubads.g.doubleclick.net/pagead/interaction/?ai=B65JytmtuYePNOpyO9u8PzK-JoA_mzIeKRgAAABABIL2i3h84AVjL3v24gwRgleKQgqAHsgEMd3d3Lnd4eXouY29tugEKMzIweDUwX3htbMgBBdoBFWh0dHBzOi8vd3d3Lnd4eXouY29tL5gCkE7AAgLgAgDqAjcvNjA4OC9zc3Aud3h5ei9uZXdzL2Nvcm9uYXZpcnVzL2NvdmlkXzE5X3ZhY2NpbmUvZGV0YWls-AL00R6QA8gGmAPgA6gDAeAEAdIFBhDM5JDPFZAGAaAGI6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwHgBw_SCAkIgOGAEBABGB3YCAKACgWYCwHQFQGAFwE&sigh=f1Cuif4LjrY&label=part2viewed&ad_mt=0&acvw=sv%3D903%26cb%3Dima%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,343,610%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D30057%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D275%26i0%3D275%26ic%3D0%26cs%3D274%26c%3D0.99%26mc%3D0.99%26nc%3D0.99%26mv%3D0%26nv%3D0%26lte%3D0.99%26ces%26femt%3D1835%26femvt%3D0%26emc%3D2%26emuc%3D0%26emb%3D0,1,0,0,0%26avms%3Dexc%26qi%3D514052041%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D0%26psa%3D0%26ptlt%3D1634626487506%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.1%26t%3D1634626487236&sdkv=h.3.485.1&vci=Cm4IARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgRHREZQIAQqCjU4MDMwOTQ2MDQyDDEzODM2Mzc2MDQ1OUD6AVIrCNAFEBIlAADwQSgBOgt1cXc0alRmUzNLd0ILZ29vZ2xldmlkZW9IqQJQABgB
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Oct 2021 06:54:47 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
pubads.g.doubleclick.net/pagead/interaction/ Frame DCF5 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubads.g.doubleclick.net/pagead/interaction/?ai=B65JytmtuYePNOpyO9u8PzK-JoA_mzIeKRgAAABABIL2i3h84AVjL3v24gwRgleKQgqAHsgEMd3d3Lnd4eXouY29tugEKMzIweDUwX3htbMgBBdoBFWh0dHBzOi8vd3d3Lnd4eXouY29tL5gCkE7AAgLgAgDqAjcvNjA4OC9zc3Aud3h5ei9uZXdzL2Nvcm9uYXZpcnVzL2NvdmlkXzE5X3ZhY2NpbmUvZGV0YWls-AL00R6QA8gGmAPgA6gDAeAEAdIFBhDM5JDPFZAGAaAGI6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwHgBw_SCAkIgOGAEBABGB3YCAKACgWYCwHQFQGAFwE&sigh=f1Cuif4LjrY&label=admute&ad_mt=0&acvw=sv%3D903%26cb%3Dima%26e%3D10%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,343,610%26tos%3D0,11,0,0,0%26mtos%3D0,11,11,11,11%26amtos%3D0,0,0,0,0%26mcvt%3D11%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D11%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D11%26pst%3D-1%26dur%3D30057%26vmtime%3D-1%26dvs%3D11%26dfvs%3D0%26dvpt%3D11%26is%3D275%26i0%3D275%26ic%3D4096%26cs%3D4370%26c%3D0.99%26mc%3D0.99%26nc%3D0.99%26mv%3D0%26nv%3D0%26lte%3D0.99%26ces%26femt%3D1835%26femvt%3D0%26emc%3D2%26emuc%3D0%26emb%3D0,1,0,0,0%26avms%3Dexc%26qi%3D514052041%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D0%26psa%3D0%26ptlt%3D1634626487508%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,11,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.1%26t%3D1634626487236&sdkv=h.3.485.1&vci=Cm4IARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgRHREZQIAQqCjU4MDMwOTQ2MDQyDDEzODM2Mzc2MDQ1OUD6AVIrCNAFEBIlAADwQSgBOgt1cXc0alRmUzNLd0ILZ29vZ2xldmlkZW9IqQJQABgB
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Oct 2021 06:54:47 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel.gif
px.moatads.com/ Frame 78CC 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&ra=2&pxm=7&vz=-&zp=4&sgs=2&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=https%3A%2F%2Fassets.scrippsdigital.com%2F%2Fcms%2F-&i=SCRIPPSJSIMAINT1&ol=2157186587&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BZ.jrG%3DzIR*E%24sRK%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-m3HM1%2B7Cex1YkaWe08ceLJHXkgPshLKyuz%2F4uhjkxPYPVB8OEV7WXRwEOC0dEk1CVCWz&rs=1-WYivBihjElCFgA%3D%3D&sc=1&os=1-qQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=610&qe=343&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=8&g=0&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=343&w=610&zGSRC=1&gu=https%3A%2F%2Fwww.wxyz.com%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwww.wxyz.com&lp=https%3A%2F%2Fwww.wxyz.com&t=1634626486951&de=774364448311&cu=1634626486951&m=570&ar=fb6a7277fce-clean&iw=5afa789&cb=0&ym=0&ll=2&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=343&le=1&gm=1&io=1&vv=3&vw=0%3A3%3A0&vp=-&vx=-%3A-%3A-&pe=0%3A624%3A624%3A610%3A607&aa=0&ad=0&cn=0&gk=0&gl=0&hj=0&pv=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=553&cd=0&ah=553&am=0&dq=156&dr=0&ds=156&dt=0&xd=00&zx=0&vu=0&tb=0&te=0&nj=0&vm=0&vl=0&vt=0&vd=0&zMoatSRE=0&zMoatVSD=0&hc=0&er=0&es=0&gs=0&gt=0&eu=0&ev=0&et=1&dz=1&rf=0&re=1&cl=0&at=0&d=-%3A-%3A5803094604%3A138363760459&dfp=0%2C1&la=5803094604&zMoatPL=wxyz.com&zMoatPL2=wxyz.com&bo=wxyz.com&bd=wxyz.com&gw=scrippsjsimavideo263172958560&zMoatOrigSlicer1=__SLICER1__&zMoatOrigSlicer2=__SLICER2__&ab=3&ac=1&fd=1&kt=sframe&it=500&fz=1&or=0&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=194999&na=1462569951&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.143.57 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-143-57.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://assets.scrippsdigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Oct 2021 06:54:47 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Tue, 19 Oct 2021 06:54:47 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j93&a=495639019&t=event&ni=0&_s=3&dl=https%3A%2F%2Fwww.wxyz.com%2Fnews%2Fcoronavirus%2Fcovid-19-vaccine%2F35-michiganders-have-died-after-getting-the-covid-vaccine-but-this-stat-is-less-alarming-than-it-seems&ul=en-us&de=UTF-8&dt=35%20Michiganders%20have%20died%20post%20vaccination%20%E2%80%94%C2%A0but%20this%20stat%20is%20less%20alarming%20than%20it%20seems&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Videos&ea=Video%20Ad%20Start&el=35%20Michiganders%20have%20died%20after%20getting%20the%20COVID%20vaccine%20%E2%80%94%C2%A0but%20this%20stat%20is%20less%20alarming%20than%20it%20seems&ev=0&_u=aGDACEAjBAAAAG~&jid=&gjid=&cid=1117996465.1634626485&tid=UA-40066851-1&_gid=716266629.1634626485&gtm=2wgad0R48P&cd12=1117996465.1634626485&cd20=2048&cd21=&cd22=&cd23=COVID-19%20Vaccine&cd24=COVID-19%20Vaccine%2CInvestigations%2CCoronavirus%2CNews%2CLocal%20News%2CHomepage%20Showcase&cd25=false&cd26=&cd31=true&cd33=true&cd34=false&z=1760269804
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.wxyz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Oct 2021 11:56:29 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
68298
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j93&a=495639019&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.wxyz.com%2Fnews%2Fcoronavirus%2Fcovid-19-vaccine%2F35-michiganders-have-died-after-getting-the-covid-vaccine-but-this-stat-is-less-alarming-than-it-seems&ul=en-us&de=UTF-8&dt=35%20Michiganders%20have%20died%20post%20vaccination%20%E2%80%94%C2%A0but%20this%20stat%20is%20less%20alarming%20than%20it%20seems&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Videos&ea=Video%20Ad%20Start&el=35%20Michiganders%20have%20died%20after%20getting%20the%20COVID%20vaccine%20%E2%80%94%C2%A0but%20this%20stat%20is%20less%20alarming%20than%20it%20seems&ev=0&_u=aGDAiEAjBAAAAG~&jid=&gjid=&cid=1117996465.1634626485&tid=UA-40537246-1&_gid=716266629.1634626485&gtm=2wgad0R48P&cd12=1117996465.1634626485&z=1959097528
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.wxyz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Oct 2021 11:56:29 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
68298
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
file.webm
r2---sn-2gb7sn7k.gvt1.com/videoplayback/id/978344da36adf92f/itag/44/source/dclk_video_ads/requiressl/yes/acao/yes/mime/video%2Fwebm/ctier/L/ip/0.0.0.0/ipbits/0/expire/1634648087/sparams/acao,ctier,... Frame 78CC 		3 MB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://r2---sn-2gb7sn7k.gvt1.com/videoplayback/id/978344da36adf92f/itag/44/source/dclk_video_ads/requiressl/yes/acao/yes/mime/video%2Fwebm/ctier/L/ip/0.0.0.0/ipbits/0/expire/1634648087/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mime,mip,mm,mn,ms,mv,mvi,pl,requiressl,source/signature/0C785BC564D0F3992FC3209D2030DCBD960573E9.4C5108B7ED513C41F396180999F35B28D6C8A662/key/cms1/cms_redirect/yes/mh/Q-/mip/216.131.111.33/mm/28/mn/sn-2gb7sn7k/ms/nvh/mt/1634625618/mv/m/mvi/2/pl/24/file/file.webm
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.104.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
prg03s07-in-f8.1e100.net
Software
gvs 1.0 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://assets.scrippsdigital.com/
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Range
bytes=32768-

Response headers

date
Tue, 19 Oct 2021 06:54:47 GMT
x-content-type-options
nosniff
last-modified
Wed, 15 Sep 2021 14:53:24 GMT
server
gvs 1.0
vary
Origin
content-type
video/webm
Content-Range
bytes 32768-3718257/3718258
client-protocol
quic
cache-control
private, max-age=21300
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length
3685490
expires
Tue, 19 Oct 2021 06:54:47 GMT
pixel.gif
px.moatads.com/ Frame 78CC 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=29&q=0&hp=1&ra=2&pxm=7&vz=-&zp=4&sgs=2&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=SCRIPPSJSIMAINT1&ol=2157186587&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BZ.jrG%3DzIR*E%24sRK%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-m3HM1%2B7Cex1YkaWe08ceLJHXkgPshLKyuz%2F4uhjkxPYPVB8OEV7WXRwEOC0dEk1CVCWz&rs=1-WYivBihjElCFgA%3D%3D&sc=1&os=1-qQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=610&qe=343&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=8&g=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=343&w=610&zGSRC=1&gu=https%3A%2F%2Fwww.wxyz.com%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwww.wxyz.com&lp=https%3A%2F%2Fwww.wxyz.com&t=1634626486951&de=774364448311&cu=1634626486951&m=572&ar=fb6a7277fce-clean&iw=5afa789&cb=0&ym=0&ll=2&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=343&le=1&gm=1&io=1&vv=3&vw=0%3A3%3A0&vp=-&vx=-%3A-%3A-&pe=0%3A624%3A624%3A610%3A607&aa=0&ad=0&cn=0&gk=0&gl=0&hj=0&pv=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=553&cd=553&ah=553&am=553&dq=156&dr=156&ds=156&dt=156&xd=00&zx=0&vu=0&tb=0&te=0&nj=0&vm=0&vl=0&vt=0&vd=0&zMoatSRE=0&zMoatVSD=0&hc=0&er=0&es=0&gs=0&gt=0&eu=0&ev=0&et=1&dz=1&ef=0&rf=0&re=1&cl=0&at=0&d=-%3A-%3A5803094604%3A138363760459&dfp=0%2C1&la=5803094604&zMoatPL=wxyz.com&zMoatPL2=wxyz.com&bo=wxyz.com&bd=wxyz.com&gw=scrippsjsimavideo263172958560&zMoatOrigSlicer1=__SLICER1__&zMoatOrigSlicer2=__SLICER2__&ab=3&ac=1&fd=1&kt=sframe&it=500&fz=1&or=0&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=194999&na=1445537815&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.143.57 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-143-57.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://assets.scrippsdigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Oct 2021 06:54:47 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Tue, 19 Oct 2021 06:54:47 GMT
pixel.gif
px.moatads.com/ Frame 78CC 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=37&q=0&hp=1&ra=2&pxm=7&vz=-&zp=4&sgs=2&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=SCRIPPSJSIMAINT1&ol=2157186587&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BZ.jrG%3DzIR*E%24sRK%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-m3HM1%2B7Cex1YkaWe08ceLJHXkgPshLKyuz%2F4uhjkxPYPVB8OEV7WXRwEOC0dEk1CVCWz&rs=1-WYivBihjElCFgA%3D%3D&sc=1&os=1-qQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=610&qe=343&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=8&g=2&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=343&w=610&zGSRC=1&gu=https%3A%2F%2Fwww.wxyz.com%2Fnews%2Fcoronavirus%2Fcovid-19-vaccine%2F35-michiganders-have-died-after-getting-the-covid-vaccine-but-this-stat-is-less-alarming-than-it-seems&id=1&ii=1&f=1&j=https%3A%2F%2Fwww.wxyz.com&lp=https%3A%2F%2Fwww.wxyz.com&t=1634626486951&de=774364448311&cu=1634626486951&m=608&ar=fb6a7277fce-clean&iw=5afa789&cb=0&ym=0&ll=2&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=343&le=1&gm=1&io=1&fa=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A624%3A624%3A610%3A607&aa=0&ad=22&cn=0&gk=22&gl=0&ez=1&cq=1&hj=0&pv=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=553&cd=553&ah=553&am=553&dq=156&dr=156&ds=156&dt=156&xd=00&zx=0&vu=0&tb=0&te=0&nj=0&fc=1&fk=1&vm=0&vl=0&vt=0&vd=0&zMoatSRE=0&zMoatVSD=0&hc=0&er=0&es=0&gs=0&gt=0&eu=0&ev=0&et=1&dz=1&ef=0&rf=0&re=1&cl=0&at=0&d=-%3A-%3A5803094604%3A138363760459&dfp=0%2C1&la=5803094604&zMoatPL=wxyz.com&zMoatPL2=wxyz.com&bo=wxyz.com&bd=wxyz.com&gw=scrippsjsimavideo263172958560&zMoatOrigSlicer1=__SLICER1__&zMoatOrigSlicer2=__SLICER2__&ab=3&ac=1&fd=1&kt=sframe&it=500&fz=1&or=0&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=194999&na=950369343&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.143.57 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-143-57.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://assets.scrippsdigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Oct 2021 06:54:47 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Tue, 19 Oct 2021 06:54:47 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 84FE 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss0kQ_YBf9zm5RpL6tqMRzqlw3RbwVoWGnQ3Ccycb1xntOnw02euMLlvjGTs2dPt1UbPpIQCvFMF4esSz9RxNDcfyqZIlz9Eb8TQWOAzg2qsd-C1H2E&sig=Cg0ArKJSzI-fCy-fMGwqEAE&id=lidar2&mcvt=1000&p=0,0,90,728&asp=161,436,251,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20211013&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=30&adk=574374887&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1634626485923&rpt=751&isd=0&lsd=0&met=ie&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://404070df3b8f7600f3dcb3117e8eab48.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Oct 2021 06:54:47 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel.gif
px.moatads.com/ Frame 78CC 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=5&q=0&hp=1&ra=2&pxm=7&vz=-&zp=4&sgs=2&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=SCRIPPSJSIMAINT1&ol=2157186587&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BZ.jrG%3DzIR*E%24sRK%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-m3HM1%2B7Cex1YkaWe08ceLJHXkgPshLKyuz%2F4uhjkxPYPVB8OEV7WXRwEOC0dEk1CVCWz&rs=1-WYivBihjElCFgA%3D%3D&sc=1&os=1-qQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=610&qe=343&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=8&g=3&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=343&w=610&zGSRC=1&gu=https%3A%2F%2Fwww.wxyz.com%2Fnews%2Fcoronavirus%2Fcovid-19-vaccine%2F35-michiganders-have-died-after-getting-the-covid-vaccine-but-this-stat-is-less-alarming-than-it-seems&id=1&ii=1&f=1&j=https%3A%2F%2Fwww.wxyz.com&lp=https%3A%2F%2Fwww.wxyz.com&t=1634626486951&de=774364448311&cu=1634626486951&m=1613&ar=fb6a7277fce-clean&iw=5afa789&cb=0&ym=0&ll=2&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=343&le=1&gm=1&io=1&fa=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A624%3A624%3A610%3A607&aa=1&ad=1028&cn=22&gn=1&gk=1028&gl=22&ez=1&cp=1402&cq=1&cr=1&hj=0&pv=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1402&cd=553&ah=1402&am=553&dq=1005&dr=156&ds=1005&dt=156&xd=00&zx=0&vu=0&tb=0&te=0&nj=0&fc=1&fk=1&vm=1&vl=0&vt=51&vd=0&zMoatSRE=0.10897395833333333&zMoatVSD=15&hc=0&er=0&es=0&gs=0&gt=0&eu=0&ev=0&et=1&dz=1&ef=0&rf=0&re=1&cl=0&at=0&d=-%3A-%3A5803094604%3A138363760459&dfp=0%2C1&la=5803094604&zMoatPL=wxyz.com&zMoatPL2=wxyz.com&bo=wxyz.com&bd=wxyz.com&gw=scrippsjsimavideo263172958560&zMoatOrigSlicer1=__SLICER1__&zMoatOrigSlicer2=__SLICER2__&ab=3&ac=1&fd=1&kt=sframe&it=500&fz=1&or=0&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=194999&na=2032228998&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.143.57 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-143-57.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://assets.scrippsdigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Oct 2021 06:54:48 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Tue, 19 Oct 2021 06:54:48 GMT
pixel.gif
px.moatads.com/ Frame 78CC 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=37&q=1&hp=1&ra=2&pxm=7&vz=-&zp=4&sgs=2&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=SCRIPPSJSIMAINT1&ol=2157186587&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BZ.jrG%3DzIR*E%24sRK%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-m3HM1%2B7Cex1YkaWe08ceLJHXkgPshLKyuz%2F4uhjkxPYPVB8OEV7WXRwEOC0dEk1CVCWz&rs=1-WYivBihjElCFgA%3D%3D&sc=1&os=1-qQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=610&qe=343&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=8&g=4&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=343&w=610&zGSRC=1&gu=https%3A%2F%2Fwww.wxyz.com%2Fnews%2Fcoronavirus%2Fcovid-19-vaccine%2F35-michiganders-have-died-after-getting-the-covid-vaccine-but-this-stat-is-less-alarming-than-it-seems&id=1&ii=1&f=1&j=https%3A%2F%2Fwww.wxyz.com&lp=https%3A%2F%2Fwww.wxyz.com&t=1634626486951&de=774364448311&cu=1634626486951&m=1615&ar=fb6a7277fce-clean&iw=5afa789&cb=0&ym=0&ll=2&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=343&le=1&gm=1&io=1&fa=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A624%3A624%3A610%3A607&aa=1&ad=1028&cn=1028&gn=1&gk=1028&gl=1028&ez=1&cp=1402&cq=1&cr=1&hj=0&pv=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1402&cd=1402&ah=1402&am=1402&dq=1005&dr=1005&ds=1005&dt=1005&xd=00&zx=0&vu=0&tb=0&te=0&nj=0&fc=1&fk=1&vm=1&vl=51&vt=51&vd=0&zMoatSRE=0.10897395833333333&zMoatVSD=15&hc=0&er=0&es=0&gs=0&gt=0&eu=0&ev=0&et=1&dz=1&ef=0&rf=0&re=1&cl=0&at=0&d=-%3A-%3A5803094604%3A138363760459&dfp=0%2C1&la=5803094604&zMoatPL=wxyz.com&zMoatPL2=wxyz.com&bo=wxyz.com&bd=wxyz.com&gw=scrippsjsimavideo263172958560&zMoatOrigSlicer1=__SLICER1__&zMoatOrigSlicer2=__SLICER2__&ab=3&ac=1&fd=1&kt=sframe&it=500&fz=1&or=0&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=194999&na=845200717&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.143.57 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-143-57.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://assets.scrippsdigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Oct 2021 06:54:48 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Tue, 19 Oct 2021 06:54:48 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame DCF5 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsukYi9uxQ6UEdU_zJV-Gz8zftaxgyN_eLaWTYmp8FuVkrp2Ih1x5W6ZBVeAQ9q-5SL_snqfJJUUx7pDghUlOeNFoD4QYJfgGHARB4i8Z90l5a0hBd-K&sig=Cg0ArKJSzMlj2VLLMjebEAE&id=lidarv&acvw=sv%3D903%26cb%3Dima%26e%3D9%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,343,610%26tos%3D0,2020,0,0,0%26mtos%3D0,2020,2020,2020,2020%26amtos%3D0,0,0,0,0%26mcvt%3D2020%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2020%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D462%26pst%3D414%26dur%3D30057%26vmtime%3D1898%26dtos%3D2020%26dtoss%3D1%26dvs%3D2009%26dfvs%3D0%26dvpt%3D2009%26is%3D275%26i0%3D275%26ic%3D1%26cs%3D4371%26c%3D0.99%26mc%3D0.99%26nc%3D0.99%26mv%3D0%26nv%3D0%26lte%3D0.99%26ces%26femt%3D1835%26femvt%3D0%26emc%3D12%26emuc%3D0%26emb%3D0,11,0,0,0%26avms%3Dexc%26qi%3D514052041%26psm%3D-2147483645%26psv%3D-2147483645%26psfv%3D0%26psa%3D0%26ptlt%3D1634626489517%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,2020,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.1%26t%3D1634626487236
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Oct 2021 06:54:49 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel.gif
px.moatads.com/ Frame 78CC 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=37&q=2&hp=1&ra=2&pxm=7&vz=-&zp=4&sgs=2&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=SCRIPPSJSIMAINT1&ol=2157186587&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BZ.jrG%3DzIR*E%24sRK%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-m3HM1%2B7Cex1YkaWe08ceLJHXkgPshLKyuz%2F4uhjkxPYPVB8OEV7WXRwEOC0dEk1CVCWz&rs=1-WYivBihjElCFgA%3D%3D&sc=1&os=1-qQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=610&qe=343&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=8&g=5&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=343&w=610&zGSRC=1&gu=https%3A%2F%2Fwww.wxyz.com%2Fnews%2Fcoronavirus%2Fcovid-19-vaccine%2F35-michiganders-have-died-after-getting-the-covid-vaccine-but-this-stat-is-less-alarming-than-it-seems&id=1&ii=1&f=1&j=https%3A%2F%2Fwww.wxyz.com&lp=https%3A%2F%2Fwww.wxyz.com&t=1634626486951&de=774364448311&cu=1634626486951&m=2622&ar=fb6a7277fce-clean&iw=5afa789&cb=0&ym=0&ll=2&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=343&le=1&gm=1&io=1&fa=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A624%3A624%3A610%3A607&aa=1&ad=2037&cn=1028&gn=1&gk=2037&gl=1028&ez=1&co=2037&cp=1402&cq=1&cr=1&ew=1&ex=1&hj=0&pv=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=2410&cd=1402&ah=2410&am=1402&dq=2013&dr=1005&ds=2013&dt=1005&xd=00&zx=0&vu=0&tb=0&te=0&nj=0&fc=1&fk=1&vm=1&vl=51&vt=101&vd=0&zMoatSRE=0.10897395833333333&zMoatVSD=15&hc=0&er=0&es=0&gs=0&gt=0&eu=0&ev=0&et=1&dz=1&ef=0&rf=0&re=1&cl=0&at=0&d=-%3A-%3A5803094604%3A138363760459&dfp=0%2C1&la=5803094604&zMoatPL=wxyz.com&zMoatPL2=wxyz.com&bo=wxyz.com&bd=wxyz.com&gw=scrippsjsimavideo263172958560&zMoatOrigSlicer1=__SLICER1__&zMoatOrigSlicer2=__SLICER2__&ab=3&ac=1&fd=1&kt=sframe&it=500&fz=1&or=0&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=194999&na=872257195&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.143.57 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-143-57.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://assets.scrippsdigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Oct 2021 06:54:49 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Tue, 19 Oct 2021 06:54:49 GMT
pixel.gif
px.moatads.com/ Frame 78CC 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=5&q=1&hp=1&ra=2&pxm=7&vz=-&zp=4&sgs=2&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=SCRIPPSJSIMAINT1&ol=2157186587&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BZ.jrG%3DzIR*E%24sRK%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-m3HM1%2B7Cex1YkaWe08ceLJHXkgPshLKyuz%2F4uhjkxPYPVB8OEV7WXRwEOC0dEk1CVCWz&rs=1-WYivBihjElCFgA%3D%3D&sc=1&os=1-qQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=610&qe=343&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=8&g=6&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=343&w=610&zGSRC=1&gu=https%3A%2F%2Fwww.wxyz.com%2Fnews%2Fcoronavirus%2Fcovid-19-vaccine%2F35-michiganders-have-died-after-getting-the-covid-vaccine-but-this-stat-is-less-alarming-than-it-seems&id=1&ii=1&f=1&j=https%3A%2F%2Fwww.wxyz.com&lp=https%3A%2F%2Fwww.wxyz.com&t=1634626486951&de=774364448311&cu=1634626486951&m=2623&ar=fb6a7277fce-clean&iw=5afa789&cb=0&ym=0&ll=2&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=343&le=1&gm=1&io=1&fa=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A624%3A624%3A610%3A607&aa=1&ad=2037&cn=2037&gn=1&gk=2037&gl=2037&ez=1&co=2037&cp=1402&cq=1&cr=1&ew=1&ex=1&hj=0&pv=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=2410&cd=2410&ah=2410&am=2410&dq=2013&dr=2013&ds=2013&dt=2013&xd=00&zx=0&vu=0&tb=0&te=0&nj=0&fc=1&fk=1&vm=1&vl=101&vt=101&vd=0&zMoatSRE=0.10897395833333333&zMoatVSD=15&hc=0&er=0&es=0&gs=0&gt=0&eu=0&ev=0&et=1&dz=1&ef=0&rf=0&re=1&cl=0&at=0&d=-%3A-%3A5803094604%3A138363760459&dfp=0%2C1&la=5803094604&zMoatPL=wxyz.com&zMoatPL2=wxyz.com&bo=wxyz.com&bd=wxyz.com&gw=scrippsjsimavideo263172958560&zMoatOrigSlicer1=__SLICER1__&zMoatOrigSlicer2=__SLICER2__&ab=3&ac=1&fd=1&kt=sframe&it=500&fz=1&or=0&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=194999&na=1138066477&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.143.57 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-143-57.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://assets.scrippsdigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Oct 2021 06:54:49 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Tue, 19 Oct 2021 06:54:49 GMT
pd
eu-u.openx.net/w/1.0/ Frame 09B5 		668 B
731 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eu-u.openx.net/w/1.0/pd?plm=6&ph=244d878b-1cc7-43a5-9a4f-43a0e7f860dd&gdpr=0
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.217.0 /
Resource Hash
3d82d44a795284b8f9b01b6989d3d38c12e03b772e97228490a07119f834859c

Request headers

:method
GET
:authority
eu-u.openx.net
:scheme
https
:path
/w/1.0/pd?plm=6&ph=244d878b-1cc7-43a5-9a4f-43a0e7f860dd&gdpr=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.wxyz.com/
accept-encoding
gzip, deflate, br
cookie
i=2e699db3-bea5-0cf7-0ab6-1132fc590122|1634626484
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.wxyz.com/

Response headers

vary
Accept, Accept-Encoding
set-cookie
i=2e699db3-bea5-0cf7-0ab6-1132fc590122|1634626484; Version=1; Expires=Wed, 19-Oct-2022 06:54:50 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1634626490|gekin0vNiygu; Version=1; Expires=Wed, 03-Nov-2021 06:54:50 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server
OXGW/16.217.0
p3p
CP="CUR ADM OUR NOR STA NID"
date
Tue, 19 Oct 2021 06:54:50 GMT
content-type
text/html
content-length
419
content-encoding
gzip
via
1.1 google
alt-svc
clear
usersync
rtb.gumgum.com/ Frame 5882
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=1&gdpr_consent=&redir=https%3a%2f%2frtb.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d
  • https://rtb.gumgum.com/usersync?b=mmh&i=377e616e-6bba-4b00-b205-f935f15fa8d9&gdpr=1&gdpr_consent=
35 B
237 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=mmh&i=377e616e-6bba-4b00-b205-f935f15fa8d9&gdpr=1&gdpr_consent=
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.208.41.69 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-41-69.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method
GET
:authority
rtb.gumgum.com
:scheme
https
:path
/usersync?b=mmh&i=377e616e-6bba-4b00-b205-f935f15fa8d9&gdpr=1&gdpr_consent=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.wxyz.com/
accept-encoding
gzip, deflate, br
cookie
cs=true; loc=SfolTs1ZIlPB8MVKEK8IyKSvg4rUpAiO8hszRu6MQdzACEQ3JcDkYSa8DRCNeggGFXoqrKYmvNRYbDiv5cjMZA; vst=e_4ff7fbad-81b4-4efd-99d2-be74ab956582
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.wxyz.com/

Response headers

date
Tue, 19 Oct 2021 06:54:50 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

Date
Tue, 19 Oct 2021 06:54:50 GMT
Content-Type
image/gif
Content-Length
0
Connection
keep-alive
Keep-Alive
timeout=360
Server
MT3 3984 0e3af3b master cdg-pixel-x2 config:1.0.0
Cache-Control
no-cache
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
set-cookie
uuid=377e616e-6bba-4b00-b205-f935f15fa8d9; domain=.mathtag.com; path=/; expires=Wed, 16-Nov-2022 06:54:50 GMT; SameSite=None; Secure
location
https://rtb.gumgum.com/usersync?b=mmh&i=377e616e-6bba-4b00-b205-f935f15fa8d9&gdpr=1&gdpr_consent=
Expires
Tue, 19 Oct 2021 06:54:49 GMT
2000248.html
serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/ Frame 2333
Redirect Chain
  • https://sync.serverbid.com/ss/2000248.html
  • https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
4 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
d47b0a558d4b3c185baeca529965752d946921f4a10cb7c442b9bbee6985c4a5
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Host
serverbid-sync.nyc3.cdn.digitaloceanspaces.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.wxyz.com/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.wxyz.com/

Response headers

Date
Tue, 19 Oct 2021 06:54:50 GMT
Connection
Keep-Alive
Cache-Control
max-age=25067
Content-Length
4376
Content-Type
text/html
Last-Modified
Thu, 31 Jan 2019 14:12:06 GMT
Accept-Ranges
bytes
etag
"8ca299ba400101b6642362a2bceff771"
x-amz-request-id
tx00000000000001856a900-00616c2a65-67e7768-nyc3a
strict-transport-security
max-age=15552000; includeSubDomains; preload
age
0
x-rgw-object-type
Normal
Vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin
X-HW
1634626490.dop223.am5.t,1634626490.cds216.am5.shn,1634626490.dop223.am5.t,1634626490.cds252.am5.c

Redirect headers

content-length
0
location
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
cache-control
no-cache
sync
eb2.3lift.com/ Frame 81E8
Redirect Chain
  • https://eb2.3lift.com/sync?
  • https://eb2.3lift.com/sync?&ld=1
1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?&ld=1
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.18 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
2e667d2c6130c2a93fa09cfeaba841c273800eed9dd1206fa0575227e2fe3d40

Request headers

:method
GET
:authority
eb2.3lift.com
:scheme
https
:path
/sync?&ld=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.wxyz.com/
accept-encoding
gzip, deflate, br
cookie
tluid=2731071793880276346
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.wxyz.com/

Response headers

date
Tue, 19 Oct 2021 06:54:50 GMT
content-type
text/html; charset=utf-8
content-length
462
set-cookie
sync=CgoIgQIQ4KDTuskvCgoI4gEQ4KDTuskvCgoI5gEQ4KDTuskvCgoIhwIQ4KDTuskvCgkICRDgoNO6yS8KCQg6EOCg07rJLwoJCAsQ4KDTuskvCgoIjAIQ4KDTuskvCgoIzgEQ4KDTuskvCgkIXxDgoNO6yS8=; Max-Age=7776000; Expires=Mon, 17 Jan 2022 06:54:50 GMT; Path=/sync; Domain=.3lift.com; SameSite=None; Secure tluid=2731071793880276346; Max-Age=7776000; Expires=Mon, 17 Jan 2022 06:54:50 GMT; Path=/; Domain=.3lift.com; SameSite=None; Secure
content-encoding
gzip
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
cache-control
no-cache, no-store, must-revalidate

Redirect headers

date
Tue, 19 Oct 2021 06:54:50 GMT
content-length
0
set-cookie
tluid=10934309602776934314; Max-Age=7776000; Expires=Mon, 17 Jan 2022 06:54:50 GMT; Path=/; Domain=.3lift.com; SameSite=None; Secure
location
/sync?&ld=1
cache-control
no-cache, no-store, must-revalidate
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
ssc-cms.33across.com/ps/ Frame 20AA 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=dZH_MSBymr67OuaKj0P0Le&gdpr_consent=undefined&us_privacy=undefined
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.100.17.176 -, , ASN (),
Reverse DNS
Software
33XP003 /
Resource Hash

Request headers

:method
GET
:authority
ssc-cms.33across.com
:scheme
https
:path
/ps/?m=xch&rt=html&ru=deb&id=dZH_MSBymr67OuaKj0P0Le&gdpr_consent=undefined&us_privacy=undefined
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.wxyz.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.wxyz.com/

Response headers

x-33x-status
2000208
server
33XP003
date
Tue, 19 Oct 2021 06:54:50 GMT
pd
eu-u.openx.net/w/1.0/ Frame C3AA 		668 B
719 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eu-u.openx.net/w/1.0/pd?plm=6&ph=244d878b-1cc7-43a5-9a4f-43a0e7f860dd&gdpr=0
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.217.0 /
Resource Hash
3d82d44a795284b8f9b01b6989d3d38c12e03b772e97228490a07119f834859c

Request headers

:method
GET
:authority
eu-u.openx.net
:scheme
https
:path
/w/1.0/pd?plm=6&ph=244d878b-1cc7-43a5-9a4f-43a0e7f860dd&gdpr=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.wxyz.com/
accept-encoding
gzip, deflate, br
cookie
i=2e699db3-bea5-0cf7-0ab6-1132fc590122|1634626484
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.wxyz.com/

Response headers

vary
Accept, Accept-Encoding
set-cookie
i=2e699db3-bea5-0cf7-0ab6-1132fc590122|1634626484; Version=1; Expires=Wed, 19-Oct-2022 06:54:50 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1634626490|gekin0vNiygu; Version=1; Expires=Wed, 03-Nov-2021 06:54:50 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server
OXGW/16.217.0
p3p
CP="CUR ADM OUR NOR STA NID"
date
Tue, 19 Oct 2021 06:54:50 GMT
content-type
text/html
content-length
419
content-encoding
gzip
via
1.1 google
alt-svc
clear
async_usersync.html
acdn.adnxs.com/dmp/ Frame 62EA 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.wxyz.com/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.wxyz.com/

Response headers

Connection
keep-alive
Content-Length
17053
Server
nginx/1.18.0 (Ubuntu)
Content-Type
text/html
Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
W/"5fc7ff8f-cf34"
Expires
Fri, 01 Oct 2021 05:08:47 GMT
Cache-Control
max-age=86402
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Accept-Ranges
bytes
Date
Tue, 19 Oct 2021 06:54:50 GMT
Age
6480
X-Served-By
cache-lga21949-LGA, cache-hhn4044-HHN
X-Cache
HIT, HIT
X-Cache-Hits
1, 123917
X-Timer
S1634626490.447634,VS0,VE0
Vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 81E5 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.wxyz.com/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.wxyz.com/

Response headers

Connection
keep-alive
Content-Length
17053
Server
nginx/1.18.0 (Ubuntu)
Content-Type
text/html
Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
W/"5fc7ff8f-cf34"
Expires
Fri, 01 Oct 2021 05:08:47 GMT
Cache-Control
max-age=86402
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Accept-Ranges
bytes
Date
Tue, 19 Oct 2021 06:54:50 GMT
Age
6480
X-Served-By
cache-lga21949-LGA, cache-hhn4023-HHN
X-Cache
HIT, HIT
X-Cache-Hits
1, 128200
X-Timer
S1634626490.452916,VS0,VE0
Vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame A301 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.wxyz.com/
Accept-Encoding
gzip, deflate, br
Cookie
rsid=1|HsGqLFsFr/vVSy6g0MQzNQWiuYBcZJvAvCF6IsCkVVYgwYaQOmrhQqqdY7qJ5+fKRB+v2jLGFGeoFyjBXEn+RTT+pWw62G0J5h4qb83eS0hKp2u2D6IxNbX7Tc/cWQrERdSf+hE=; khaos=KUXQEK0G-17-G29I; audit=1|hLZGFuTafB3FdwZKST0fb3OObL5xDgxP5Vc/8oh3YVB3ygqHm8h0Ik4UNrslxZpRaNgdOVL2Yy93sD/dBAXvNNAPlTu0R9RN
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.wxyz.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Thu, 30 Sep 2021 18:24:26 GMT
ETag
"403b8-119-5cd3a8e7e6a80"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 19 Oct 2021 06:54:50 GMT
Connection
keep-alive
Vary
Accept-Encoding
2000248.html
serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/ Frame 16A1
Redirect Chain
  • https://sync.serverbid.com/ss/2000248.html
  • https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
4 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
d47b0a558d4b3c185baeca529965752d946921f4a10cb7c442b9bbee6985c4a5
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Host
serverbid-sync.nyc3.cdn.digitaloceanspaces.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.wxyz.com/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.wxyz.com/

Response headers

Date
Tue, 19 Oct 2021 06:54:50 GMT
Connection
Keep-Alive
Cache-Control
max-age=25067
Content-Length
4376
Content-Type
text/html
Last-Modified
Thu, 31 Jan 2019 14:12:06 GMT
Accept-Ranges
bytes
etag
"8ca299ba400101b6642362a2bceff771"
x-amz-request-id
tx00000000000001856a900-00616c2a65-67e7768-nyc3a
strict-transport-security
max-age=15552000; includeSubDomains; preload
age
0
x-rgw-object-type
Normal
Vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin
X-HW
1634626490.dop245.am5.t,1634626490.cds254.am5.shn,1634626490.dop245.am5.t,1634626490.cds252.am5.c

Redirect headers

content-length
0
location
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
cache-control
no-cache
sync
eb2.3lift.com/ Frame D0A8
Redirect Chain
  • https://eb2.3lift.com/sync?
  • https://eb2.3lift.com/sync?&ld=1
1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?&ld=1
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.18 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
2e667d2c6130c2a93fa09cfeaba841c273800eed9dd1206fa0575227e2fe3d40

Request headers

:method
GET
:authority
eb2.3lift.com
:scheme
https
:path
/sync?&ld=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.wxyz.com/
accept-encoding
gzip, deflate, br
cookie
tluid=2731071793880276346
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.wxyz.com/

Response headers

date
Tue, 19 Oct 2021 06:54:50 GMT
content-type
text/html; charset=utf-8
content-length
462
set-cookie
sync=CgoIgQIQ4qDTuskvCgoI4gEQ4qDTuskvCgoI5gEQ4qDTuskvCgoIhwIQ4qDTuskvCgkICRDioNO6yS8KCQg6EOKg07rJLwoJCAsQ4qDTuskvCgoIjAIQ4qDTuskvCgoIzgEQ4qDTuskvCgkIXxDioNO6yS8=; Max-Age=7776000; Expires=Mon, 17 Jan 2022 06:54:50 GMT; Path=/sync; Domain=.3lift.com; SameSite=None; Secure tluid=2731071793880276346; Max-Age=7776000; Expires=Mon, 17 Jan 2022 06:54:50 GMT; Path=/; Domain=.3lift.com; SameSite=None; Secure
content-encoding
gzip
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
cache-control
no-cache, no-store, must-revalidate

Redirect headers

date
Tue, 19 Oct 2021 06:54:50 GMT
content-length
0
set-cookie
tluid=2731071793880276346; Max-Age=7776000; Expires=Mon, 17 Jan 2022 06:54:50 GMT; Path=/; Domain=.3lift.com; SameSite=None; Secure
location
/sync?&ld=1
cache-control
no-cache, no-store, must-revalidate
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
usersync
rtb.gumgum.com/
Redirect Chain
  • https://secure.adnxs.com/getuid?https://rtb.gumgum.com/usersync?b=apn&i=$UID
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dapn%26i%3D%24UID
  • https://rtb.gumgum.com/usersync?b=apn&i=766210064566899255
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=apn&i=766210064566899255
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.208.41.69 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-41-69.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.wxyz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Oct 2021 06:54:50 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Pragma
no-cache
Date
Tue, 19 Oct 2021 06:54:50 GMT
X-Proxy-Origin
216.131.111.33; 216.131.111.33; 731.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
edac0381-2163-4fc4-bf67-33997c2b6e06
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://rtb.gumgum.com/usersync?b=apn&i=766210064566899255
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
6.gif
id5-sync.com/c/441/19/4/
Redirect Chain
  • https://id5-sync.com/s/441/9.gif?puid=&gdpr=1&gdpr_consent=
  • https://id5-sync.com/c/441/441/9/1.gif?puid=0&gdpr=1&gdpr_consent=
  • https://ice.360yield.com/match?publisher_dsp_id=313&dsp_callback=1&external_user_id=ID5-ZHMOd0mInwlTif9xcsTtQoybLaL3_-Kqywe2qDBklw&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F441%2F916%2F8%2F2.gif%3Fpuid%3...
  • https://ice.360yield.com/ul_cb/match?publisher_dsp_id=313&dsp_callback=1&external_user_id=ID5-ZHMOd0mInwlTif9xcsTtQoybLaL3_-Kqywe2qDBklw&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F441%2F916%2F8%2F2.gif%3F...
  • https://id5-sync.com/cq/441/916/8/2.gif?puid=ca59166c-e13e-4269-84f1-dd1bf9eea3e2&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent=
  • https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOd0mInwlTif9xcsTtQoybLaL3_-Kqywe2qDBklw&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F441%2F124%2F7%2F3.gif%3Fpuid%3D...
  • https://id5-sync.com/cq/441/124/7/3.gif?puid=ca59166c-e13e-4269-84f1-dd1bf9eea3e2&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent=
  • https://ads.avocet.io/getuid?url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F146%2F6%2F4.gif%3Fpuid%3D%7B%7BUUID%7D%7D%26gdpr%3D1%26gdpr_consent%3D
  • https://ads.avct.cloud/getuid?r=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F146%2F6%2F4.gif%3Fpuid%3D%7B%7BUUID%7D%7D%26gdpr%3D1%26gdpr_consent%3D
  • https://ads.avct.cloud/getuid?bounce=true&r=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F146%2F6%2F4.gif%3Fpuid%3D%7B%7BUUID%7D%7D%26gdpr%3D1%26gdpr_consent%3D
  • https://id5-sync.com/c/441/146/6/4.gif?puid=e13e4942-bb5c-4748-bf70-13ca401df45c&gdpr=1&gdpr_consent=
  • https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=id517&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY
  • https://cookie-matching.mediarithmics.com/v1/get_or_create?sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&domid=1033
  • https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domi...
  • https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domid=103...
  • https://ib.adnxs.com/getuid?https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=$UID&opid=apx&ops=&utidl=tech:goo:CAESENhfZI8DgGPrs4alzBQRINQ&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0Rv...
  • https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=766210064566899255&opid=apx&ops=&utidl=tech:goo:CAESENhfZI8DgGPrs4alzBQRINQ&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aW...
  • https://id5-sync.com/qp/18.gif?puid=vec%3A21661737673&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY
  • https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/441/19/4/6.gif?puid=${profile_id}&gdpr=1&gdpr_consent=
  • https://sync.crwdcntrl.net/map/ct=y/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/441/19/4/6.gif?puid=${profile_id}&gdpr=1&gdpr_consent=
  • https://id5-sync.com/c/441/19/4/6.gif?puid=720bab5f9f0b67c9e40845d57bc16fc0&gdpr=1&gdpr_consent=
0
0
async_usersync
ib.adnxs.com/ Frame 62EA 		0
578 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.50 , Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 19 Oct 2021 06:54:50 GMT
X-Proxy-Origin
216.131.111.33; 216.131.111.33; 728.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
b04bf215-70c5-48d3-beec-a4534488eea9
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 81E5 		0
578 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.50 , Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 19 Oct 2021 06:54:50 GMT
X-Proxy-Origin
216.131.111.33; 216.131.111.33; 728.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
a70df4fe-3e1f-4d98-81c6-f352388e797e
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame 09B5
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=377e616e-6bba-4b00-b205-f935f15fa8d9
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=377e616e-6bba-4b00-b205-f935f15fa8d9
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=244d878b-1cc7-43a5-9a4f-43a0e7f860dd&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.217.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Oct 2021 06:54:50 GMT
via
1.1 google
server
OXGW/16.217.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Tue, 19 Oct 2021 06:54:50 GMT
Server
MT3 3984 0e3af3b master cdg-pixel-x6 config:1.0.1
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=377e616e-6bba-4b00-b205-f935f15fa8d9
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Tue, 19 Oct 2021 06:54:49 GMT
sd
us-u.openx.net/w/1.0/ Frame 09B5
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=7B7FbexNkTz3F5U96RveOeIdxj33G8Aw6hkiKVIG
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=7B7FbexNkTz3F5U96RveOeIdxj33G8Aw6hkiKVIG
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=244d878b-1cc7-43a5-9a4f-43a0e7f860dd&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.217.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Oct 2021 06:54:50 GMT
via
1.1 google
server
OXGW/16.217.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 19 Oct 2021 06:54:50 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=7B7FbexNkTz3F5U96RveOeIdxj33G8Aw6hkiKVIG
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame 09B5
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=22
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=7438364641879739464
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=7438364641879739464
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=244d878b-1cc7-43a5-9a4f-43a0e7f860dd&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.217.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Oct 2021 06:54:50 GMT
via
1.1 google
server
OXGW/16.217.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 19 Oct 2021 06:54:50 GMT
server
nginx
location
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=7438364641879739464
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
openx
match.adsrvr.org/track/cmf/ Frame 09B5 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/openx?oxid=fdc5a2ea-1722-3300-5060-d9da987e32df&gdpr=0
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=244d878b-1cc7-43a5-9a4f-43a0e7f860dd&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.242.197 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Oct 2021 06:54:50 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 09B5 		170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZDFhYTcxMjAtZGU1NS02ZGE0LTQ1ODAtODM2MzUyOWNmY2Jm
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=244d878b-1cc7-43a5-9a4f-43a0e7f860dd&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Oct 2021 06:54:50 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 09B5
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEA4s9jdl3rVF1QpEIoRxfJg&google_cver=1
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEA4s9jdl3rVF1QpEIoRxfJg&google_cver=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=244d878b-1cc7-43a5-9a4f-43a0e7f860dd&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.217.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Oct 2021 06:54:50 GMT
via
1.1 google
server
OXGW/16.217.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 19 Oct 2021 06:54:50 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEA4s9jdl3rVF1QpEIoRxfJg&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame A301 		31 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
6eac4f1bf5bf8976cc74f9d784adc40029ac907cf2ba54cc3c5a50c8e38cd122

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Tue, 19 Oct 2021 06:54:50 GMT
Content-Encoding
gzip
Last-Modified
Thu, 30 Sep 2021 18:24:26 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=37567
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9275
Expires
Tue, 19 Oct 2021 17:20:57 GMT
sd
eu-u.openx.net/w/1.0/ Frame C3AA
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=377e616e-6bba-4b00-b205-f935f15fa8d9
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=377e616e-6bba-4b00-b205-f935f15fa8d9
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=244d878b-1cc7-43a5-9a4f-43a0e7f860dd&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.217.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Oct 2021 06:54:50 GMT
via
1.1 google
server
OXGW/16.217.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Tue, 19 Oct 2021 06:54:50 GMT
Server
MT3 3984 0e3af3b master cdg-pixel-x15 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=377e616e-6bba-4b00-b205-f935f15fa8d9
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Tue, 19 Oct 2021 06:54:49 GMT
sd
us-u.openx.net/w/1.0/ Frame C3AA
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=7B7FbexNkTz3F5U96RveOeIdxj33G8Aw6hkiKVIG
43 B
122 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=7B7FbexNkTz3F5U96RveOeIdxj33G8Aw6hkiKVIG
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=244d878b-1cc7-43a5-9a4f-43a0e7f860dd&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.217.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Oct 2021 06:54:50 GMT
via
1.1 google
server
OXGW/16.217.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 19 Oct 2021 06:54:50 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=7B7FbexNkTz3F5U96RveOeIdxj33G8Aw6hkiKVIG
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame C3AA
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=22
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=1074225481144244828
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=1074225481144244828
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=244d878b-1cc7-43a5-9a4f-43a0e7f860dd&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.217.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Oct 2021 06:54:50 GMT
via
1.1 google
server
OXGW/16.217.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 19 Oct 2021 06:54:50 GMT
server
nginx
location
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=1074225481144244828
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
openx
match.adsrvr.org/track/cmf/ Frame C3AA 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/openx?oxid=fdc5a2ea-1722-3300-5060-d9da987e32df&gdpr=0
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=244d878b-1cc7-43a5-9a4f-43a0e7f860dd&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.242.197 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Oct 2021 06:54:50 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame C3AA 		170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZDFhYTcxMjAtZGU1NS02ZGE0LTQ1ODAtODM2MzUyOWNmY2Jm
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=244d878b-1cc7-43a5-9a4f-43a0e7f860dd&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Oct 2021 06:54:50 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame C3AA
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEA4s9jdl3rVF1QpEIoRxfJg&google_cver=1
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEA4s9jdl3rVF1QpEIoRxfJg&google_cver=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=244d878b-1cc7-43a5-9a4f-43a0e7f860dd&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.217.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Oct 2021 06:54:50 GMT
via
1.1 google
server
OXGW/16.217.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 19 Oct 2021 06:54:50 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEA4s9jdl3rVF1QpEIoRxfJg&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
generic
match.adsrvr.org/track/cmf/ Frame 81E8 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=1&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.242.197 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Oct 2021 06:54:50 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
xuid
eb2.3lift.com/ Frame 81E8
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=1&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEG-o1uxxKSjCMHIh2ZbdH9c&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
37 B
352 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEG-o1uxxKSjCMHIh2ZbdH9c&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.18 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 06:54:50 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Tue, 19 Oct 2021 06:54:50 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEG-o1uxxKSjCMHIh2ZbdH9c&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
332
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 81E8
Redirect Chain
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=1&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjczMTA3MTc5Mzg4MDI3NjM0Ng%3D%3D
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjczMTA3MTc5Mzg4MDI3NjM0Ng%3D%3D
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Oct 2021 06:54:50 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjczMTA3MTc5Mzg4MDI3NjM0Ng%3D%3D
date
Tue, 19 Oct 2021 06:54:50 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
setuid
px.ads.linkedin.com/ Frame 81E8 		0
462 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=2731071793880276346&dbredirect=true&gdpr=1&consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.174.11.69 -, , ASN (),
Reverse DNS
Software
Play /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 06:54:50 GMT
server
Play
linkedin-action
1
x-li-fabric
prod-ltx1
x-li-proto
http/2
x-li-pop
prod-eda6
content-length
0
x-li-uuid
nU5n/yFcrxagj23f6SoAAA==
xuid
eb2.3lift.com/ Frame 81E8
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/2731071793880276346?gdpr=1&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-Nqnhpi5E2oQ6QC9O32oqolMaXAl8Jfr2.B6GE4hsQw--~A&dongle=0883
37 B
352 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2662&xuid=y-Nqnhpi5E2oQ6QC9O32oqolMaXAl8Jfr2.B6GE4hsQw--~A&dongle=0883
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.18 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 06:54:50 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Tue, 19 Oct 2021 06:54:50 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://eb2.3lift.com/xuid?mid=2662&xuid=y-Nqnhpi5E2oQ6QC9O32oqolMaXAl8Jfr2.B6GE4hsQw--~A&dongle=0883
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
sync
x.bidswitch.net/ Frame 81E8 		43 B
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=triplelift&user_id=2731071793880276346&gdpr=1&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.184.28.154 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-184-28-154.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Tue, 19 Oct 2021 06:54:50 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
c.gif
c.bing.com/ Frame 81E8 		42 B
261 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bing.com/c.gif?xid=2731071793880276346&Red3=TLMS_pd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.79.197.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
a-0001.a-msedge.net
Software
/ ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Oct 2021 06:54:50 GMT
etag
"af5a8b34ac1d71:0"
last-modified
Thu, 14 Oct 2021 22:27:41 GMT
x-msedge-ref
Ref A: BF8B8F15E144445989D5FD4DBC6CAADF Ref B: FRA31EDGE0720 Ref C: 2021-10-19T06:54:50Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-type
image/gif
content-length
42
iu3
s.amazon-adsystem.com/ Frame 81E8
Redirect Chain
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=1&gdpr_consent=&uid=2731071793880276346
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=2731071793880276346&dcc=t
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=2731071793880276346&dcc=t
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.177.54 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Redirect headers

Pragma
no-cache
Date
Tue, 19 Oct 2021 06:54:50 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
KGG6WHGRE178ZREJVM9D
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=2731071793880276346&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
xuid
eb2.3lift.com/ Frame 81E8
Redirect Chain
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=1&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.18 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 06:54:51 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

Location
https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Pragma
no-cache
Date
Tue, 19 Oct 2021 06:54:50 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Content-Length
95
Content-Type
text/html; charset=utf-8
xuid
eb2.3lift.com/ Frame 81E8
Redirect Chain
  • https://ad.turn.com/r/cs?pid=49&gdpr=1&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=4771&xuid=8855095619967553796&dongle=d407
37 B
352 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=4771&xuid=8855095619967553796&dongle=d407
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.18 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 06:54:50 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://eb2.3lift.com/xuid?mid=4771&xuid=8855095619967553796&dongle=d407
pragma
no-cache
date
Tue, 19 Oct 2021 06:54:50 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
generic
match.adsrvr.org/track/cmf/ Frame D0A8 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=1&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.242.197 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Oct 2021 06:54:50 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
xuid
eb2.3lift.com/ Frame D0A8
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=1&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEG-o1uxxKSjCMHIh2ZbdH9c&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
37 B
352 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEG-o1uxxKSjCMHIh2ZbdH9c&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.18 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 06:54:50 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Tue, 19 Oct 2021 06:54:50 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEG-o1uxxKSjCMHIh2ZbdH9c&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
332
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame D0A8
Redirect Chain
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=1&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjczMTA3MTc5Mzg4MDI3NjM0Ng%3D%3D
170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjczMTA3MTc5Mzg4MDI3NjM0Ng%3D%3D
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Oct 2021 06:54:50 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjczMTA3MTc5Mzg4MDI3NjM0Ng%3D%3D
date
Tue, 19 Oct 2021 06:54:50 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
setuid
px.ads.linkedin.com/ Frame D0A8 		0
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=2731071793880276346&dbredirect=true&gdpr=1&consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.174.11.69 -, , ASN (),
Reverse DNS
Software
Play /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 06:54:50 GMT
server
Play
linkedin-action
1
x-li-fabric
prod-ltx1
x-li-proto
http/2
x-li-pop
prod-eda6
content-length
0
x-li-uuid
V7OF/yFcrxbQ4ngs6CoAAA==
xuid
eb2.3lift.com/ Frame D0A8
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/2731071793880276346?gdpr=1&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-cxg7chJE2oSGi3zHON1MUxUleKNTVK16hdLsed0VdA--~A&dongle=0883
37 B
352 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2662&xuid=y-cxg7chJE2oSGi3zHON1MUxUleKNTVK16hdLsed0VdA--~A&dongle=0883
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.18 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 06:54:50 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Tue, 19 Oct 2021 06:54:50 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://eb2.3lift.com/xuid?mid=2662&xuid=y-cxg7chJE2oSGi3zHON1MUxUleKNTVK16hdLsed0VdA--~A&dongle=0883
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
sync
x.bidswitch.net/ Frame D0A8 		43 B
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=triplelift&user_id=2731071793880276346&gdpr=1&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.184.28.154 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-184-28-154.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Tue, 19 Oct 2021 06:54:50 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
c.gif
c.bing.com/ Frame D0A8 		42 B
478 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bing.com/c.gif?xid=2731071793880276346&Red3=TLMS_pd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.79.197.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
a-0001.a-msedge.net
Software
/ ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Oct 2021 06:54:50 GMT
etag
"af5a8b34ac1d71:0"
last-modified
Thu, 14 Oct 2021 22:27:41 GMT
x-msedge-ref
Ref A: 832EE495C58B4588BEBB80BF38754296 Ref B: FRA31EDGE0720 Ref C: 2021-10-19T06:54:50Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-type
image/gif
content-length
42
iu3
s.amazon-adsystem.com/ Frame D0A8
Redirect Chain
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=1&gdpr_consent=&uid=2731071793880276346
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=2731071793880276346&dcc=t
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=2731071793880276346&dcc=t
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.177.54 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Redirect headers

Pragma
no-cache
Date
Tue, 19 Oct 2021 06:54:50 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
NRXVGNHCK1KNAYTDH5R3
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=2731071793880276346&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
xuid
eb2.3lift.com/ Frame D0A8
Redirect Chain
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=1&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.18 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 06:54:51 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

Location
https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Pragma
no-cache
Date
Tue, 19 Oct 2021 06:54:50 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Content-Length
95
Content-Type
text/html; charset=utf-8
xuid
eb2.3lift.com/ Frame D0A8
Redirect Chain
  • https://ad.turn.com/r/cs?pid=49&gdpr=1&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=4771&xuid=2514027344629895428&dongle=d407
37 B
352 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=4771&xuid=2514027344629895428&dongle=d407
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.18 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 06:54:50 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://eb2.3lift.com/xuid?mid=4771&xuid=2514027344629895428&dongle=d407
pragma
no-cache
date
Tue, 19 Oct 2021 06:54:50 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
v1
ads.yahoo.com/cms/ Frame A301
Redirect Chain
  • https://token.rubiconproject.com/token?pid=26594
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KUXQEK0G-17-G29I&sigv=1&esig=2~af7e54217376dc0e55e6b852c76bd0be449fb0be
0
446 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KUXQEK0G-17-G29I&sigv=1&esig=2~af7e54217376dc0e55e6b852c76bd0be449fb0be
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
87.248.118.23 -, , ASN (),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 06:54:50 GMT
cache-control
no-store
x-content-type-options
nosniff
server
ATS
strict-transport-security
max-age=15552000
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection
1; mode=block

Redirect headers

Location
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KUXQEK0G-17-G29I&sigv=1&esig=2~af7e54217376dc0e55e6b852c76bd0be449fb0be
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
3bafef7aa4e37890defcd73f0a080481
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame A301
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D
  • https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=377e616e-6bba-4b00-b205-f935f15fa8d9&expires=28
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=377e616e-6bba-4b00-b205-f935f15fa8d9&expires=28
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
611afce88997db6fdd35eb213e662871
Content-Type
image/gif

Redirect headers

Date
Tue, 19 Oct 2021 06:54:50 GMT
Server
MT3 3984 0e3af3b master cdg-pixel-x4 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=377e616e-6bba-4b00-b205-f935f15fa8d9&expires=28
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Tue, 19 Oct 2021 06:54:49 GMT
tap.php
pixel.rubiconproject.com/ Frame A301
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/LIfdTnv88bZtziHReFDi_cn5EUdSAgOZEtemQ7w0kco?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=1396926976839349167
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=1396926976839349167
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
611afce88997db6fdd35eb213e662871
Content-Type
image/gif

Redirect headers

date
Tue, 19 Oct 2021 06:54:50 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=1396926976839349167
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame A301
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1VYUUVLMEctMTctRzI5SQ==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1VYUUVLMEctMTctRzI5SQ==
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Oct 2021 06:54:50 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1VYUUVLMEctMTctRzI5SQ==
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
3bafef7aa4e37890defcd73f0a080481
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame A301
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESENg0fpjajmxPlp8nN0OD-rY&google_cver=1
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESENg0fpjajmxPlp8nN0OD-rY&google_cver=1
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
611afce88997db6fdd35eb213e662871
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Tue, 19 Oct 2021 06:54:50 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESENg0fpjajmxPlp8nN0OD-rY&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rubicon
match.adsrvr.org/track/cmf/ Frame A301 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.242.197 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Oct 2021 06:54:50 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
tap.php
pixel.rubiconproject.com/ Frame A301
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D
  • https://sync-tm.everesttech.net/ct/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&_test=YW5rugAKP0X2fwAT
  • https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YW5rugAKP0X2fwAT&_test=YW5rugAKP0X2fwAT
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YW5rugAKP0X2fwAT&_test=YW5rugAKP0X2fwAT
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
611afce88997db6fdd35eb213e662871
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Tue, 19 Oct 2021 06:54:50 GMT
via
1.1 varnish
server
Varnish
x-timer
S1634626491.792818,VS0,VE0
x-served-by
cache-hhn4029-HHN
x-cache
HIT
location
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YW5rugAKP0X2fwAT&_test=YW5rugAKP0X2fwAT
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
pixel
cm.g.doubleclick.net/ Frame A301
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YWNkMTVhZTBjMDMwNzRhZjExMWFmMmQzN2ZkNTI5MDEwMDEwMThhNA
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YWNkMTVhZTBjMDMwNzRhZjExMWFmMmQzN2ZkNTI5MDEwMDEwMThhNA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Oct 2021 06:54:50 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YWNkMTVhZTBjMDMwNzRhZjExMWFmMmQzN2ZkNTI5MDEwMDEwMThhNA
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
3bafef7aa4e37890defcd73f0a080481
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
usync.html
eus.rubiconproject.com/ Frame 757E
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17632&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
Requested by
Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
Accept-Encoding
gzip, deflate, br
Cookie
rsid=1|HsGqLFsFr/vVSy6g0MQzNQWiuYBcZJvAvCF6IsCkVVYgwYaQOmrhQqqdY7qJ5+fKRB+v2jLGFGeoFyjBXEn+RTT+pWw62G0J5h4qb83eS0hKp2u2D6IxNbX7Tc/cWQrERdSf+hE=; khaos=KUXQEK0G-17-G29I; audit=1|hLZGFuTafB3FdwZKST0fb3OObL5xDgxP5Vc/8oh3YVB3ygqHm8h0Ik4UNrslxZpRaNgdOVL2Yy93sD/dBAXvNNAPlTu0R9RN; pux=1512%3D103422%262249%3D103422%262307%3D103422%262974%3D103422%263778%3D103422%26brx%3D103422%26goog%3D103422%262249-DV360-Hosted%3D103422%26
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Thu, 30 Sep 2021 18:24:26 GMT
ETag
"403b8-119-5cd3a8e7e6a80"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 19 Oct 2021 06:54:50 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

Server
AkamaiGHost
Content-Length
0
Location
https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
Date
Tue, 19 Oct 2021 06:54:50 GMT
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 2A68 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Requested by
Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 -, , ASN (),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=30127
expires
Tue, 19 Oct 2021 15:16:57 GMT
date
Tue, 19 Oct 2021 06:54:50 GMT
vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/ib/static/usersync/v3/ Frame 74BE 		995 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by
Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.13.10 /
Resource Hash
8730c26defc411dd8a51f1da47e5ae3804fab6868f7914a26b09d8e0791bbe39

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
Accept-Encoding
gzip, deflate, br
Cookie
uuid2=766210064566899255
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/

Response headers

Connection
keep-alive
Content-Length
506
Server
nginx/1.13.10
Content-Type
text/html
Last-Modified
Fri, 20 May 2016 02:07:09 GMT
ETag
W/"573e714d-3e3"
Expires
Thu, 06 May 2021 05:24:22 GMT
Cache-Control
max-age=31536000
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Accept-Ranges
bytes
Date
Tue, 19 Oct 2021 06:54:50 GMT
Age
14347826
X-Served-By
cache-lga21980-LGA, cache-hhn4023-HHN
X-Cache
HIT, HIT
X-Cache-Hits
194520, 325182
X-Timer
S1634626491.802772,VS0,VE0
Vary
Accept-Encoding
i.gif
e.serverbid.com/udb/9969/sync/ Frame 16A1
Redirect Chain
  • https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D19%26userId%3D%24%7BUID%7D
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=19&userId=c41b2d25-aebd-00e9-3bec-19cf1925f052
43 B
294 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=19&userId=c41b2d25-aebd-00e9-3bec-19cf1925f052
Requested by
Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
165.227.252.242 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Oct 2021 06:54:50 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 19 Oct 2021 06:54:50 GMT
via
1.1 google
server
Cowboy
access-control-allow-origin
null
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=19&userId=c41b2d25-aebd-00e9-3bec-19cf1925f052
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
content-length
0
x-request-id
ugiuli3kobugsqnupa6mqslqbndgahvg
i.gif
e.serverbid.com/udb/9969/sync/ Frame 16A1
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D28%26userId%3D%24UID
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=28&userId=766210064566899255
43 B
294 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=28&userId=766210064566899255
Requested by
Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
165.227.252.242 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Oct 2021 06:54:51 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
43
expires
0

Redirect headers

Pragma
no-cache
Date
Tue, 19 Oct 2021 06:54:50 GMT
X-Proxy-Origin
216.131.111.33; 216.131.111.33; 728.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
694e0f5c-51a3-4d7c-988c-2bd4b6963c9b
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=28&userId=766210064566899255
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
i.gif
e.serverbid.com/udb/9969/sync/ Frame 16A1
Redirect Chain
  • https://pixel.advertising.com/ups/56621/occ
  • https://pixel.advertising.com/ups/56621/occ?verify=true
  • https://ups.analytics.yahoo.com/ups/56621/occ?apid=UP74c5f7c9-30a9-11ec-9ab3-0699c21278c8
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=29&userId=UP74c5f7c9-30a9-11ec-9ab3-0699c21278c8
43 B
294 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=29&userId=UP74c5f7c9-30a9-11ec-9ab3-0699c21278c8
Requested by
Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
165.227.252.242 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Oct 2021 06:54:51 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
43
expires
0

Redirect headers

Date
Tue, 19 Oct 2021 06:54:51 GMT
Server
ATS/7.1.2.138
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=29&userId=UP74c5f7c9-30a9-11ec-9ab3-0699c21278c8
Connection
keep-alive
Content-Length
0
i.gif
e.serverbid.com/udb/9969/sync/ Frame 16A1
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=185073&cb=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D&s=185073&C=1
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=1&userId=YW5ruj03VO2h8Jk7chPJ.QAA%261202
43 B
294 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=1&userId=YW5ruj03VO2h8Jk7chPJ.QAA%261202
Requested by
Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
165.227.252.242 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Oct 2021 06:54:50 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
43
expires
0

Redirect headers

Pragma
no-cache
Date
Tue, 19 Oct 2021 06:54:50 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=1&userId=YW5ruj03VO2h8Jk7chPJ.QAA%261202
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
282
Expires
Tue, 19 Oct 2021 06:54:50 GMT
i.gif
e.serverbid.com/udb/9969/sync/ Frame 16A1
Redirect Chain
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D24%26userId%3D%24UID
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D24%26userId%3D%24UID&sovrn_retry=true
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=24&userId=e7ce27eb85f16d6f8da9f819
43 B
294 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=24&userId=e7ce27eb85f16d6f8da9f819
Requested by
Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
165.227.252.242 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Oct 2021 06:54:51 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
43
expires
0

Redirect headers

Date
Tue, 19 Oct 2021 06:54:50 GMT
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=24&userId=e7ce27eb85f16d6f8da9f819
Access-Control-Allow-Credentials
true
Connection
close
X-Sovrn-Pod
ad_ap7ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
usa
sync.go.sonobi.com/ Frame 16A1 		0
410 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/usa?https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=38&userId=
Requested by
Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.34.250.75 -, , ASN (),
Reverse DNS
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 19 Oct 2021 06:54:51 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-lax-1-5-8
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
text/plain; charset=utf8
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
ue1-sb1-e790698c-0f10-4f43-95ef-811df32ffb2e
p.adsymptotic.com/d/px/ Frame 16A1
Redirect Chain
  • https://e.serverbid.com/udb/9969/match?redir=https://p.adsymptotic.com/d/px/?_pid=15964%26_rand=0.007596149442906208%26_psign=7af0e337a8b79b30c2c8126809252942%26_puuid=
  • https://p.adsymptotic.com/d/px/ue1-sb1-e790698c-0f10-4f43-95ef-811df32ffb2e
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.adsymptotic.com/d/px/ue1-sb1-e790698c-0f10-4f43-95ef-811df32ffb2e
Requested by
Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.99.194 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Redirect headers

location
https://p.adsymptotic.com/d/px/ue1-sb1-e790698c-0f10-4f43-95ef-811df32ffb2e
cache-control
no-cache
content-length
0
i.gif
e.serverbid.com/udb/9969/sync/ Frame 2333
Redirect Chain
  • https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D19%26userId%3D%24%7BUID%7D
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=19&userId=c41b2d25-aebd-00e9-3bec-19cf1925f052
43 B
294 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=19&userId=c41b2d25-aebd-00e9-3bec-19cf1925f052
Requested by
Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
165.227.252.242 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Oct 2021 06:54:50 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 19 Oct 2021 06:54:49 GMT
via
1.1 google
server
Cowboy
access-control-allow-origin
null
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=19&userId=c41b2d25-aebd-00e9-3bec-19cf1925f052
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
content-length
0
x-request-id
hfp5rt6tchlkaj76bqhrtl3u74nj8dbk
i.gif
e.serverbid.com/udb/9969/sync/ Frame 2333
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D28%26userId%3D%24UID
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=28&userId=766210064566899255
43 B
294 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=28&userId=766210064566899255
Requested by
Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
165.227.252.242 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Oct 2021 06:54:50 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
43
expires
0

Redirect headers

Pragma
no-cache
Date
Tue, 19 Oct 2021 06:54:50 GMT
X-Proxy-Origin
216.131.111.33; 216.131.111.33; 728.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
8c857ad9-5216-46b5-876c-fa18a2b868f0
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=28&userId=766210064566899255
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
i.gif
e.serverbid.com/udb/9969/sync/ Frame 2333
Redirect Chain
  • https://pixel.advertising.com/ups/56621/occ
  • https://pixel.advertising.com/ups/56621/occ?verify=true
  • https://ups.analytics.yahoo.com/ups/56621/occ?apid=UP74c5f7c9-30a9-11ec-9ab3-0699c21278c8
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=29&userId=UP74c5f7c9-30a9-11ec-9ab3-0699c21278c8
43 B
294 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=29&userId=UP74c5f7c9-30a9-11ec-9ab3-0699c21278c8
Requested by
Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
165.227.252.242 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Oct 2021 06:54:50 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
43
expires
0

Redirect headers

Date
Tue, 19 Oct 2021 06:54:51 GMT
Server
ATS/7.1.2.138
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=29&userId=UP74c5f7c9-30a9-11ec-9ab3-0699c21278c8
Connection
keep-alive
Content-Length
0
i.gif
e.serverbid.com/udb/9969/sync/ Frame 2333
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=185073&cb=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D&s=185073&C=1
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=1&userId=YW5ruj03VO2h8Jk7chPJ.QAA%261202
43 B
294 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=1&userId=YW5ruj03VO2h8Jk7chPJ.QAA%261202
Requested by
Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
165.227.252.242 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Oct 2021 06:54:50 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
43
expires
0

Redirect headers

Pragma
no-cache
Date
Tue, 19 Oct 2021 06:54:50 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=1&userId=YW5ruj03VO2h8Jk7chPJ.QAA%261202
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
282
Expires
Tue, 19 Oct 2021 06:54:50 GMT
i.gif
e.serverbid.com/udb/9969/sync/ Frame 2333
Redirect Chain
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D24%26userId%3D%24UID
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D24%26userId%3D%24UID&sovrn_retry=true
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=24&userId=e7ce27eb85f16d6f8da9f819
43 B
294 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=24&userId=e7ce27eb85f16d6f8da9f819
Requested by
Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
165.227.252.242 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Oct 2021 06:54:51 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
43
expires
0

Redirect headers

Date
Tue, 19 Oct 2021 06:54:50 GMT
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=24&userId=e7ce27eb85f16d6f8da9f819
Access-Control-Allow-Credentials
true
Connection
close
X-Sovrn-Pod
ad_ap7ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
usa
sync.go.sonobi.com/ Frame 2333 		0
411 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/usa?https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=38&userId=
Requested by
Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.34.250.75 -, , ASN (),
Reverse DNS
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 19 Oct 2021 06:54:51 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-lax-2-5-44
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
text/plain; charset=utf8
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
usync.html
eus.rubiconproject.com/ Frame D807
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17632&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
Requested by
Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
Accept-Encoding
gzip, deflate, br
Cookie
rsid=1|HsGqLFsFr/vVSy6g0MQzNQWiuYBcZJvAvCF6IsCkVVYgwYaQOmrhQqqdY7qJ5+fKRB+v2jLGFGeoFyjBXEn+RTT+pWw62G0J5h4qb83eS0hKp2u2D6IxNbX7Tc/cWQrERdSf+hE=; khaos=KUXQEK0G-17-G29I; audit=1|hLZGFuTafB3FdwZKST0fb3OObL5xDgxP5Vc/8oh3YVB3ygqHm8h0Ik4UNrslxZpRaNgdOVL2Yy93sD/dBAXvNNAPlTu0R9RN; pux=1512%3D103422%262249%3D103422%262307%3D103422%262974%3D103422%263778%3D103422%26brx%3D103422%26goog%3D103422%262249-DV360-Hosted%3D103422%26
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Thu, 30 Sep 2021 18:24:26 GMT
ETag
"403b8-119-5cd3a8e7e6a80"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 19 Oct 2021 06:54:50 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

Server
AkamaiGHost
Content-Length
0
Location
https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
Date
Tue, 19 Oct 2021 06:54:50 GMT
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame FFC8 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Requested by
Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 -, , ASN (),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=30127
expires
Tue, 19 Oct 2021 15:16:57 GMT
date
Tue, 19 Oct 2021 06:54:50 GMT
vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/ib/static/usersync/v3/ Frame 386F 		995 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by
Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.13.10 /
Resource Hash
8730c26defc411dd8a51f1da47e5ae3804fab6868f7914a26b09d8e0791bbe39

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
Accept-Encoding
gzip, deflate, br
Cookie
uuid2=766210064566899255
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/

Response headers

Connection
keep-alive
Content-Length
506
Server
nginx/1.13.10
Content-Type
text/html
Last-Modified
Fri, 20 May 2016 02:07:09 GMT
ETag
W/"573e714d-3e3"
Expires
Thu, 06 May 2021 05:24:22 GMT
Cache-Control
max-age=31536000
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Accept-Ranges
bytes
Date
Tue, 19 Oct 2021 06:54:50 GMT
Age
14347827
X-Served-By
cache-lga21980-LGA, cache-hhn4044-HHN
X-Cache
HIT, HIT
X-Cache-Hits
194520, 265427
X-Timer
S1634626491.808583,VS0,VE0
Vary
Accept-Encoding
ue1-sb1-e790698c-0f10-4f43-95ef-811df32ffb2e
p.adsymptotic.com/d/px/ Frame 2333
Redirect Chain
  • https://e.serverbid.com/udb/9969/match?redir=https://p.adsymptotic.com/d/px/?_pid=15964%26_rand=0.535913518639821%26_psign=7af0e337a8b79b30c2c8126809252942%26_puuid=
  • https://p.adsymptotic.com/d/px/ue1-sb1-e790698c-0f10-4f43-95ef-811df32ffb2e
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.adsymptotic.com/d/px/ue1-sb1-e790698c-0f10-4f43-95ef-811df32ffb2e
Requested by
Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.99.194 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Redirect headers

location
https://p.adsymptotic.com/d/px/ue1-sb1-e790698c-0f10-4f43-95ef-811df32ffb2e
cache-control
no-cache
content-length
0
PugMaster
image6.pubmatic.com/AdServer/ Frame 2A68 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=95676660&p=156319&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.19 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
57c5539d3b41c2eeae7da9e0570e21a70a5cedfcd114c8cdc1273ae71723bbf3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 06:54:50 GMT
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
usync.js
eus.rubiconproject.com/ Frame 757E 		31 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
6eac4f1bf5bf8976cc74f9d784adc40029ac907cf2ba54cc3c5a50c8e38cd122

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Tue, 19 Oct 2021 06:54:50 GMT
Content-Encoding
gzip
Last-Modified
Thu, 30 Sep 2021 18:24:26 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=37567
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9275
Expires
Tue, 19 Oct 2021 17:20:57 GMT
async_usersync
secure.adnxs.com/ Frame 74BE 		0
578 B 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.adnxs.com/async_usersync?cbfn=AN_async_load
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.244 , Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
731.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 19 Oct 2021 06:54:50 GMT
X-Proxy-Origin
216.131.111.33; 216.131.111.33; 731.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
642b2552-761c-4bad-b644-e228fc32fe4e
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame D807 		31 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
6eac4f1bf5bf8976cc74f9d784adc40029ac907cf2ba54cc3c5a50c8e38cd122

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Tue, 19 Oct 2021 06:54:50 GMT
Content-Encoding
gzip
Last-Modified
Thu, 30 Sep 2021 18:24:26 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=37567
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9275
Expires
Tue, 19 Oct 2021 17:20:57 GMT
async_usersync
secure.adnxs.com/ Frame 386F 		0
578 B 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.adnxs.com/async_usersync?cbfn=AN_async_load
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.244 , Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
731.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 19 Oct 2021 06:54:50 GMT
X-Proxy-Origin
216.131.111.33; 216.131.111.33; 731.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
0cd2d99a-3680-4278-a4f5-8af0963c692f
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync.php
pixel-us-east.rubiconproject.com/exchange/ Frame 757E 		0
0
match
c1.adform.net/serving/cookie/ Frame 3F6D 		35 B
467 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?party=14&cid=45E188A0-160D-4B8E-A5FA-B6DFD753B9B9
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.252 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
s1.adform.net
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

:method
GET
:authority
c1.adform.net
:scheme
https
:path
/serving/cookie/match?party=14&cid=45E188A0-160D-4B8E-A5FA-B6DFD753B9B9
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
cookie
C=1; uid=1074225481144244828
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Tue, 19 Oct 2021 06:54:51 GMT
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, no-transform
pragma
no-cache
expires
-1
set-cookie
uid=1074225481144244828; expires=Sat, 18 Dec 2021 06:54:51 GMT; domain=adform.net; path=/; secure; samesite=none
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
strict-transport-security
max-age=31536000; includeSubDomains
Pug
image2.pubmatic.com/AdServer/ Frame 7D1B
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5013542200496637328
42 B
210 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5013542200496637328
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method
GET
:authority
image2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5013542200496637328
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
cookie
KADUSERCOOKIE=45E188A0-160D-4B8E-A5FA-B6DFD753B9B9; chkChromeAb67Sec=1; DPSync3=1635811200%3A201_197_219%7C1634688000%3A174; SyncRTB3=1635465600%3A63%7C1637193600%3A203%7C1635897600%3A35%7C1635811200%3A166_234_81_71_55_165_189_99_231_204_230_56_3_176_220_8_22_88_7_222_21_13_54_161%7C1635206400%3A223_15_2; SPugT=1634626489; KRTBCOOKIE_57=22776-766210064566899255; PUBMDCID=3; KRTBCOOKIE_153=19420-wG4TcMA9RyHbZ0MgxWsIJM5tECDbaxYtxmnM2srW&KRTB&22979-wG4TcMA9RyHbZ0MgxWsIJM5tECDbaxYtxmnM2srW; KRTBCOOKIE_80=22987-CAESEN0HbxsXsSX8hX3uxA3-AdM&KRTB&16514-CAESEN0HbxsXsSX8hX3uxA3-AdM&KRTB&23025-CAESEN0HbxsXsSX8hX3uxA3-AdM; KRTBCOOKIE_409=22966-k8iYWKZeppcU4IalXiNvXq--; KRTBCOOKIE_218=22978-YW5rugAKP0X2fwAT&KRTB&23194-YW5rugAKP0X2fwAT&KRTB&23209-YW5rugAKP0X2fwAT&KRTB&23244-YW5rugAKP0X2fwAT; KRTBCOOKIE_27=16735-uid:377e616e-6bba-4b00-b205-f935f15fa8d9&KRTB&16736-uid:377e616e-6bba-4b00-b205-f935f15fa8d9&KRTB&23019-uid:377e616e-6bba-4b00-b205-f935f15fa8d9&KRTB&23114-uid:377e616e-6bba-4b00-b205-f935f15fa8d9; KRTBCOOKIE_22=14911-2514027344629895428; KRTBCOOKIE_391=22924-1074225481144244828&KRTB&23263-1074225481144244828; KRTBCOOKIE_377=6810-47851c73-c703-4281-a114-5a1df1bf2b5f&KRTB&22918-47851c73-c703-4281-a114-5a1df1bf2b5f&KRTB&23031-47851c73-c703-4281-a114-5a1df1bf2b5f; KRTBCOOKIE_188=3189-3bc31baf-7dd9-4cff-8de8-2e23a25b1a53-616e6bb4-5553; PugT=1634626490
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Tue, 19 Oct 2021 06:54:50 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
KRTBCOOKIE_336=5844-5013542200496637328; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 18-Nov-2021 06:54:50 GMT; path=/ PugT=1634626490; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 18-Nov-2021 06:54:50 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Mon, 17-Jan-2022 06:54:50 GMT; path=/
x-lat
amspug015:0:441
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5013542200496637328
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
usersync.aspx
dis.criteo.com/dis/ Frame D2C5 		43 B
334 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.151 -, , ASN (),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

:method
GET
:authority
dis.criteo.com
:scheme
https
:path
/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

date
Tue, 19 Oct 2021 06:54:50 GMT
content-type
image/gif
server
Kestrel
cache-control
no-cache
pragma
no-cache
expires
Tue, 19 Oct 2021 00:00:00 GMT
x-errorlevel
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
573483
Pug
simage2.pubmatic.com/AdServer/ Frame 2D96
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7020667320028690575
42 B
312 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7020667320028690575
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method
GET
:authority
simage2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7020667320028690575
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
cookie
KADUSERCOOKIE=45E188A0-160D-4B8E-A5FA-B6DFD753B9B9; chkChromeAb67Sec=1; DPSync3=1635811200%3A201_197_219%7C1634688000%3A174; SyncRTB3=1635465600%3A63%7C1637193600%3A203%7C1635897600%3A35%7C1635811200%3A166_234_81_71_55_165_189_99_231_204_230_56_3_176_220_8_22_88_7_222_21_13_54_161%7C1635206400%3A223_15_2; SPugT=1634626489; KRTBCOOKIE_57=22776-766210064566899255; PUBMDCID=3; KRTBCOOKIE_153=19420-wG4TcMA9RyHbZ0MgxWsIJM5tECDbaxYtxmnM2srW&KRTB&22979-wG4TcMA9RyHbZ0MgxWsIJM5tECDbaxYtxmnM2srW; KRTBCOOKIE_80=22987-CAESEN0HbxsXsSX8hX3uxA3-AdM&KRTB&16514-CAESEN0HbxsXsSX8hX3uxA3-AdM&KRTB&23025-CAESEN0HbxsXsSX8hX3uxA3-AdM; KRTBCOOKIE_409=22966-k8iYWKZeppcU4IalXiNvXq--; KRTBCOOKIE_218=22978-YW5rugAKP0X2fwAT&KRTB&23194-YW5rugAKP0X2fwAT&KRTB&23209-YW5rugAKP0X2fwAT&KRTB&23244-YW5rugAKP0X2fwAT; KRTBCOOKIE_27=16735-uid:377e616e-6bba-4b00-b205-f935f15fa8d9&KRTB&16736-uid:377e616e-6bba-4b00-b205-f935f15fa8d9&KRTB&23019-uid:377e616e-6bba-4b00-b205-f935f15fa8d9&KRTB&23114-uid:377e616e-6bba-4b00-b205-f935f15fa8d9; KRTBCOOKIE_22=14911-2514027344629895428; KRTBCOOKIE_391=22924-1074225481144244828&KRTB&23263-1074225481144244828; KRTBCOOKIE_377=6810-47851c73-c703-4281-a114-5a1df1bf2b5f&KRTB&22918-47851c73-c703-4281-a114-5a1df1bf2b5f&KRTB&23031-47851c73-c703-4281-a114-5a1df1bf2b5f; KRTBCOOKIE_188=3189-3bc31baf-7dd9-4cff-8de8-2e23a25b1a53-616e6bb4-5553; KRTBCOOKIE_336=5844-5013542200496637328; KRTBCOOKIE_594=17107-RX-20bb3776-3df1-4790-8a6b-54126b7ee426-003; PugT=1634626491; KRTBCOOKIE_466=16530-36f15713-a453-481f-97c8-6e47e8f544c5
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Tue, 19 Oct 2021 06:54:51 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
KRTBCOOKIE_1101=23040-7020667320028690575; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 18-Nov-2021 06:54:51 GMT; path=/ PugT=1634626491; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 18-Nov-2021 06:54:51 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Mon, 17-Jan-2022 06:54:51 GMT; path=/
x-lat
lhrpug018:0:548
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Server
nginx
Date
Tue, 19 Oct 2021 06:54:51 GMT
Transfer-Encoding
chunked
Connection
keep-alive
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Set-Cookie
UserID1=7020667320028690575; Max-Age=7776000; domain=.adfarm1.adition.com; Path=/; SameSite=None; Secure
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7020667320028690575
rtset
bh.contextweb.com/bh/ Frame F789
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFCamgwN0MzTmNBQUJhYnBJT1ZKdw&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sy...
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AABjh07C3NcAABabpIOVJw&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Cpm%26bee_sync_curre...
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=pp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=1067587007258115791
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AABjh07C3NcAABabpIOVJw&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fuserid%3D1067587007258115791%26bee_sync_partners%3Dpm%26bee_sync...
0
0
Pug
simage2.pubmatic.com/AdServer/ Frame C5EA
Redirect Chain
  • https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={device_id}&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
0
243 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
simage2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
cookie
KADUSERCOOKIE=45E188A0-160D-4B8E-A5FA-B6DFD753B9B9; chkChromeAb67Sec=1; DPSync3=1635811200%3A201_197_219%7C1634688000%3A174; SyncRTB3=1635465600%3A63%7C1637193600%3A203%7C1635897600%3A35%7C1635811200%3A166_234_81_71_55_165_189_99_231_204_230_56_3_176_220_8_22_88_7_222_21_13_54_161%7C1635206400%3A223_15_2
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Tue, 19 Oct 2021 06:54:51 GMT
content-type
text/html; charset=utf-8
x-lat
lhrpug018:2:290
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private
content-encoding
gzip

Redirect headers

set-cookie
viewer_token=33fa91e8-3644-475b-9956-490b9b769f7b; path=/; domain=csync.loopme.me; Expires=Fri, 19-Nov-2021 06:54:51 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
content-length
0
date
Tue, 19 Oct 2021 06:54:51 GMT
server
_
Pug
simage2.pubmatic.com/AdServer/ Frame 47A3
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6277014349
  • https://sync.1rx.io/usersync/tradedesk/47851c73-c703-4281-a114-5a1df1bf2b5f
  • https://sync.targeting.unrulymedia.com/csync/RX-20bb3776-3df1-4790-8a6b-54126b7ee426-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-20bb3776-3df1-4790-8a6b-54126b7ee426-003
42 B
329 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-20bb3776-3df1-4790-8a6b-54126b7ee426-003
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method
GET
:authority
simage2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-20bb3776-3df1-4790-8a6b-54126b7ee426-003
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
cookie
KADUSERCOOKIE=45E188A0-160D-4B8E-A5FA-B6DFD753B9B9; chkChromeAb67Sec=1; DPSync3=1635811200%3A201_197_219%7C1634688000%3A174; SyncRTB3=1635465600%3A63%7C1637193600%3A203%7C1635897600%3A35%7C1635811200%3A166_234_81_71_55_165_189_99_231_204_230_56_3_176_220_8_22_88_7_222_21_13_54_161%7C1635206400%3A223_15_2; SPugT=1634626489; KRTBCOOKIE_57=22776-766210064566899255; PUBMDCID=3; KRTBCOOKIE_153=19420-wG4TcMA9RyHbZ0MgxWsIJM5tECDbaxYtxmnM2srW&KRTB&22979-wG4TcMA9RyHbZ0MgxWsIJM5tECDbaxYtxmnM2srW; KRTBCOOKIE_80=22987-CAESEN0HbxsXsSX8hX3uxA3-AdM&KRTB&16514-CAESEN0HbxsXsSX8hX3uxA3-AdM&KRTB&23025-CAESEN0HbxsXsSX8hX3uxA3-AdM; KRTBCOOKIE_409=22966-k8iYWKZeppcU4IalXiNvXq--; KRTBCOOKIE_218=22978-YW5rugAKP0X2fwAT&KRTB&23194-YW5rugAKP0X2fwAT&KRTB&23209-YW5rugAKP0X2fwAT&KRTB&23244-YW5rugAKP0X2fwAT; KRTBCOOKIE_27=16735-uid:377e616e-6bba-4b00-b205-f935f15fa8d9&KRTB&16736-uid:377e616e-6bba-4b00-b205-f935f15fa8d9&KRTB&23019-uid:377e616e-6bba-4b00-b205-f935f15fa8d9&KRTB&23114-uid:377e616e-6bba-4b00-b205-f935f15fa8d9; KRTBCOOKIE_22=14911-2514027344629895428; KRTBCOOKIE_391=22924-1074225481144244828&KRTB&23263-1074225481144244828; KRTBCOOKIE_377=6810-47851c73-c703-4281-a114-5a1df1bf2b5f&KRTB&22918-47851c73-c703-4281-a114-5a1df1bf2b5f&KRTB&23031-47851c73-c703-4281-a114-5a1df1bf2b5f; KRTBCOOKIE_188=3189-3bc31baf-7dd9-4cff-8de8-2e23a25b1a53-616e6bb4-5553; PugT=1634626490; KRTBCOOKIE_336=5844-5013542200496637328
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Tue, 19 Oct 2021 06:54:51 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
KRTBCOOKIE_594=17107-RX-20bb3776-3df1-4790-8a6b-54126b7ee426-003; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 18-Nov-2021 06:54:51 GMT; path=/ PugT=1634626491; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 18-Nov-2021 06:54:51 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Mon, 17-Jan-2022 06:54:51 GMT; path=/
x-lat
lhrpug006:0:559
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

server
Tengine
date
Tue, 19 Oct 2021 06:54:51 GMT
content-type
text/html
set-cookie
_rxuuid=%7B%22rx_uuid%22%3A%22RX-20bb3776-3df1-4790-8a6b-54126b7ee426-003%22%7D; path=/; expires=Wed, 19 Oct 2022 06:54:51 GMT; domain=.targeting.unrulymedia.com; samesite=none; secure; httponly
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-20bb3776-3df1-4790-8a6b-54126b7ee426-003
etag
RX20bb37763df147908a6b54126b7ee426003
bridge
cm.adgrx.com/ Frame 22CA 		43 B
408 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.251.241.204 -, , ASN (),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Host
cm.adgrx.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

Date
Tue, 19 Oct 2021 06:54:51 GMT
Content-Type
image/gif
Content-Length
43
Connection
keep-alive
server
Cowboy
X-RealServer-NX
ams-delivery-6
Cache-Control
no-cache, no-store, must-revalidate, proxy-revalidate
Pragma
no-cache
Expires
Thu, 23 Sep 2004 17:42:04 GMT
P3P
CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin
*
Pug
image2.pubmatic.com/AdServer/ Frame 43F0
Redirect Chain
  • https://green.erne.co/pubmatic/cm?
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=k8iYWKZeppcU4IalXiNvXq--
42 B
216 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=k8iYWKZeppcU4IalXiNvXq--
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method
GET
:authority
image2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=k8iYWKZeppcU4IalXiNvXq--
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
cookie
KADUSERCOOKIE=45E188A0-160D-4B8E-A5FA-B6DFD753B9B9; chkChromeAb67Sec=1; DPSync3=1635811200%3A201_197_219%7C1634688000%3A174; SyncRTB3=1635465600%3A63%7C1637193600%3A203%7C1635897600%3A35%7C1635811200%3A166_234_81_71_55_165_189_99_231_204_230_56_3_176_220_8_22_88_7_222_21_13_54_161%7C1635206400%3A223_15_2
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Tue, 19 Oct 2021 06:54:50 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
KRTBCOOKIE_409=22966-k8iYWKZeppcU4IalXiNvXq--; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 18-Nov-2021 06:54:50 GMT; path=/ PugT=1634626490; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 18-Nov-2021 06:54:50 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Mon, 17-Jan-2022 06:54:50 GMT; path=/
x-lat
amspug013:0:422
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

server
openresty
date
Tue, 19 Oct 2021 06:54:51 GMT
content-length
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
set-cookie
u=k8iYWKZeppcU4IalXiNvXq--; Max-Age=31536000; Domain=.erne.co; Path=/; Secure; SameSite=None
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=k8iYWKZeppcU4IalXiNvXq--
strict-transport-security
max-age=0; includeSubDomains;
dpe
ad4m.at/ad/ Frame BF50 		15 B
915 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.192.83 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
c6420ab9ec6ebff1cd61333dade6ba9ac879d3617a59334148672dee6af12fec
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox

Request headers

:method
GET
:authority
ad4m.at
:scheme
https
:path
/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

date
Tue, 19 Oct 2021 06:54:51 GMT
content-type
text/plain; charset=utf-8
content-length
15
report-to
{"endpoints":[{"url":"https://as.ad4m.at/ad/vre"}],"group":"report-endpoint","max_age":86400}
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0"}
expires
0
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
content-security-policy
block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
referrer-policy
same-origin
pragma
no-cache
surrogate-control
no-store
via
1.1 google
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6a0818f22d8fff30-MAD
i.match
s.tribalfusion.com/z/ Frame 5799
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...
43 B
421 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.12.5 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

:method
GET
:authority
s.tribalfusion.com
:scheme
https
:path
/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
cookie
ANON_ID=aqnoeUmMZaEpDXqwsOQLvMMGdE2PTuY4FkLtwALTd
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

date
Tue, 19 Oct 2021 06:54:51 GMT
content-type
image/gif; charset=utf-8
content-length
43
p3p
CP="NOI DEVo TAIa OUR BUS"
x-function
302
cache-control
no-cache private
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
set-cookie
ANON_ID=aTnseFNj6WkCyhURALhZcgLMjb3wSTFiiYZa5Dh7JU5k48FDTPB55HdPGPrhkEKljxtYZdyZai4wdnYC3aDSZbox5; path=/; domain=.tribalfusion.com; expires=Mon, 17-Jan-2022 06:54:51 GMT; SameSite=None; Secure; ANON_ID_old=aTnseFNj6WkCyhURALhZcgLMjb3wSTFiiYZa5Dh7JU5k48FDTPB55HdPGPrhkEKljxtYZdyZai4wdnYC3aDSZbox5; path=/; domain=.tribalfusion.com; expires=Mon, 17-Jan-2022 06:54:51 GMT;
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6a0818f2d84efad4-DUS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

date
Tue, 19 Oct 2021 06:54:51 GMT
content-type
text/html
p3p
CP="NOI DEVo TAIa OUR BUS"
x-function
206
x-reuse-index
37
cache-control
no-cache private
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
set-cookie
ANON_ID=aqnoeUmMZaEpDXqwsOQLvMMGdE2PTuY4FkLtwALTd; path=/; domain=.tribalfusion.com; expires=Mon, 17-Jan-2022 06:54:51 GMT; SameSite=None; Secure; ANON_ID_old=aqnoeUmMZaEpDXqwsOQLvMMGdE2PTuY4FkLtwALTd; path=/; domain=.tribalfusion.com; expires=Mon, 17-Jan-2022 06:54:51 GMT;
location
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6a0818f1cf3bfad4-DUS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
rtb-h
match.taboola.com/sg/pubmatic-ssp-network/1/ Frame F56B
Redirect Chain
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=f38e2497-004a-48df-8565-dd79fe2c45f4-tuct867f13b&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdSe...
0
53 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=f38e2497-004a-48df-8565-dd79fe2c45f4-tuct867f13b&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
match.taboola.com
:scheme
https
:path
/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=f38e2497-004a-48df-8565-dd79fe2c45f4-tuct867f13b&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
cookie
t_gid=f38e2497-004a-48df-8565-dd79fe2c45f4-tuct867f13b
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
accept-ranges
bytes
date
Tue, 19 Oct 2021 06:54:51 GMT
via
1.1 varnish
x-served-by
cache-hhn4041-HHN
x-cache
MISS
x-cache-hits
0
x-timer
S1634626491.182852,VS0,VE8
content-length
0

Redirect headers

server
nginx
set-cookie
t_gid=f38e2497-004a-48df-8565-dd79fe2c45f4-tuct867f13b;Version=1;Path=/;Domain=.taboola.com;Expires=Wed, 19-Oct-2022 06:54:51 GMT;Max-Age=31536000;Secure;SameSite=None
location
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=f38e2497-004a-48df-8565-dd79fe2c45f4-tuct867f13b&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
accept-ranges
bytes
date
Tue, 19 Oct 2021 06:54:51 GMT
via
1.1 varnish
x-served-by
cache-hhn4041-HHN
x-cache
MISS
x-cache-hits
0
x-timer
S1634626491.145353,VS0,VE9
x-vcl-time-ms
9
content-length
0
141
match.deepintent.com/usersync/ Frame 20A0 		0
44 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.8 -, , ASN (),
Reverse DNS
Software
b /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
match.deepintent.com
:scheme
https
:path
/usersync/141?gdpr=0&gdpr_consent=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

content-length
0
date
Tue, 19 Oct 2021 06:54:50 GMT
server
b
i.gif
e.serverbid.com/udb/9969/sync/ Frame B756 		43 B
294 B 		Document
General
Check archive.org
Download Go to
Full URL
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=4&userId=45E188A0-160D-4B8E-A5FA-B6DFD753B9B9
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
165.227.252.242 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

:method
GET
:authority
e.serverbid.com
:scheme
https
:path
/udb/9969/sync/i.gif?partnerId=4&userId=45E188A0-160D-4B8E-A5FA-B6DFD753B9B9
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
cookie
azk=ue1-sb1-e790698c-0f10-4f43-95ef-811df32ffb2e
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

content-length
43
cache-control
no-cache, no-store, must-revalidate
expires
0
content-type
image/gif
pragma
no-cache
set-cookie
azk=ue1-sb1-e790698c-0f10-4f43-95ef-811df32ffb2e; SameSite=None; Secure; Path=/; Expires=Wed, 19 Oct 2022 06:54:51 GMT
date
Tue, 19 Oct 2021 06:54:51 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 2A68
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=ReGIoBYNS46l-rbf11O5uQ%3D%3D
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 -, , ASN (),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 06:54:51 GMT
content-encoding
gzip
last-modified
Tue, 15 Jun 2021 06:08:03 GMT
server
Apache/2.2.15 (CentOS)
etag
"1300708-3945-5c4c7cc02bd56"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=30126
accept-ranges
bytes
content-type
text/html; charset=UTF-8
content-length
5054
expires
Tue, 19 Oct 2021 15:16:57 GMT

Redirect headers

pragma
no-cache
date
Tue, 19 Oct 2021 06:54:51 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
272
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame 2A68
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=377e616e-6bba-4b00-b205-f935f15fa8d9
0
129 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=377e616e-6bba-4b00-b205-f935f15fa8d9
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.114 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 06:54:49 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Tue, 19 Oct 2021 06:54:51 GMT
Server
MT3 3984 0e3af3b master cdg-pixel-x2 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=377e616e-6bba-4b00-b205-f935f15fa8d9
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Tue, 19 Oct 2021 06:54:50 GMT
/
pixel.onaudience.com/ Frame 2A68
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=45E188A0-160D-4B8E-A5FA-B6DFD753B9B9
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1
  • https://pixel.onaudience.com/?partner=147&mapped=47851c73-c703-4281-a114-5a1df1bf2b5f&icm
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=720bab5f9f0b67c9e40845d57bc16fc0
0
0
Pug
image2.pubmatic.com/AdServer/ Frame 2A68
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NDVFMTg4QTAtMTYwRC00QjhFLUE1RkEtQjZERkQ3NTNCOUI5&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 06:54:50 GMT
cache-control
no-store, no-cache, private
x-lat
amspug009:0:420
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 19 Oct 2021 06:54:51 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 2A68
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEN0HbxsXsSX8hX3uxA3-AdM&google_cver=1
42 B
282 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEN0HbxsXsSX8hX3uxA3-AdM&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 06:54:50 GMT
cache-control
no-store, no-cache, private
x-lat
amspug008:0:627
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 19 Oct 2021 06:54:51 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEN0HbxsXsSX8hX3uxA3-AdM&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame 2A68 		43 B
610 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.253.128.188 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 06:54:51 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Mon, 18 Oct 2021 06:54:51 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 2A68
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=47851c73-c703-4281-a114-5a1df1bf2b5f
42 B
393 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=47851c73-c703-4281-a114-5a1df1bf2b5f
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 06:54:51 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug001:0:854
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 19 Oct 2021 06:54:51 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=47851c73-c703-4281-a114-5a1df1bf2b5f
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
313
Pug
simage2.pubmatic.com/AdServer/ Frame 2A68
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=1074225481144244828
42 B
333 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=1074225481144244828
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 06:54:51 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug016:0:419
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 19 Oct 2021 06:54:51 GMT
server
nginx
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=1074225481144244828
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
Pug
simage2.pubmatic.com/AdServer/ Frame 2A68
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:377e616e-6bba-4b00-b205-f935f15fa8d9&gdpr=0&gdpr_consent=
42 B
460 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:377e616e-6bba-4b00-b205-f935f15fa8d9&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 06:54:51 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug017:0:399
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Tue, 19 Oct 2021 06:54:51 GMT
Server
MT3 3984 0e3af3b master cdg-pixel-x29 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:377e616e-6bba-4b00-b205-f935f15fa8d9&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Tue, 19 Oct 2021 06:54:50 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 2A68
Redirect Chain
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=766210064566899255&gdpr=0&gdpr_consent=
42 B
520 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=766210064566899255&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 06:54:50 GMT
cache-control
no-store, no-cache, private
x-lat
amspug002:0:317
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Tue, 19 Oct 2021 06:54:51 GMT
X-Proxy-Origin
216.131.111.33; 216.131.111.33; 728.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
e3b023b9-01ab-4b19-a17d-4de2c572b2b0
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=766210064566899255&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 2A68
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=wG4TcMA9RyHbZ0MgxWsIJM5tECDbaxYtxmnM2srW
42 B
271 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=wG4TcMA9RyHbZ0MgxWsIJM5tECDbaxYtxmnM2srW
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 06:54:50 GMT
cache-control
no-store, no-cache, private
x-lat
amspug001:0:391
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 19 Oct 2021 06:54:51 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=wG4TcMA9RyHbZ0MgxWsIJM5tECDbaxYtxmnM2srW
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame 2A68
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=45E188A0-160D-4B8E-A5FA-B6DFD753B9B9&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-5cxIGypE2uU0Y3WKnqGaB7kbzRUXS5s-~A&gdpr=0&gdpr_consent=
0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-5cxIGypE2uU0Y3WKnqGaB7kbzRUXS5s-~A&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.114 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 06:54:50 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Tue, 19 Oct 2021 06:54:51 GMT
Server
ATS/7.1.2.138
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-5cxIGypE2uU0Y3WKnqGaB7kbzRUXS5s-~A&gdpr=0&gdpr_consent=
Connection
keep-alive
Content-Length
0
45E188A0-160D-4B8E-A5FA-B6DFD753B9B9
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 2A68 		43 B
663 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/45E188A0-160D-4B8E-A5FA-B6DFD753B9B9?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.82.100.176 , Switzerland, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
pr-bh-ing.pbp.vip.ir2.yahoo.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 06:54:51 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 2A68
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=36f15713-a453-481f-97c8-6e47e8f544c5
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=36f15713-a453-481f-97c8-6e47e8f544c5
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=a1fbb6b2-389d-4ebe-a68e-95b20c94b329&user_group=1&ssp=pubmatic&bsw_param=36f15713-a453-481f-97c8-6e47e8f544c5
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=36f15713-a453-481f-97c8-6e47e8f544c5&gdpr=&gdpr_consent=&gdpr_pd=
1 B
281 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=36f15713-a453-481f-97c8-6e47e8f544c5&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 06:54:51 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug006:0:610
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=36f15713-a453-481f-97c8-6e47e8f544c5&gdpr=&gdpr_consent=&gdpr_pd=
Date
Tue, 19 Oct 2021 06:54:51 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Pug
simage2.pubmatic.com/AdServer/ Frame 2A68
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YW5rugAKP0X2fwAT&gdpr=0&gdpr_consent=
1 B
494 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YW5rugAKP0X2fwAT&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 06:54:51 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug014:0:363
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 19 Oct 2021 06:54:51 GMT
via
1.1 varnish
server
Varnish
x-timer
S1634626491.125571,VS0,VE0
x-served-by
cache-hhn4029-HHN
x-cache
HIT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YW5rugAKP0X2fwAT&gdpr=0&gdpr_consent=
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
current
pubmatic-match.dotomi.com/match/bounce/ Frame 2A68 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=45E188A0-160D-4B8E-A5FA-B6DFD753B9B9&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
63.215.202.137 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Oct 2021 06:54:51 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
Pug
image2.pubmatic.com/AdServer/ Frame 2A68
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=3bc31baf-7dd9-4cff-8de8-2e23a25b1a53-616e6bb4-5553&gdpr=0&gdpr_consent=
42 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=3bc31baf-7dd9-4cff-8de8-2e23a25b1a53-616e6bb4-5553&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 06:54:50 GMT
cache-control
no-store, no-cache, private
x-lat
amspug008:0:436
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 19 Oct 2021 06:54:50 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=3bc31baf-7dd9-4cff-8de8-2e23a25b1a53-616e6bb4-5553&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 2A68
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2514027344629895428&gdpr=0&gdpr_consent=&us_privacy=
1 B
268 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2514027344629895428&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 06:54:51 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug005:0:460
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2514027344629895428&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Tue, 19 Oct 2021 06:54:51 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Pug
simage2.pubmatic.com/AdServer/ Frame 2A68
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:52a55946-4b50-49a3-b98e-d93d847f1728&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
210 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:52a55946-4b50-49a3-b98e-d93d847f1728&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 06:54:51 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug013:0:519
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:52a55946-4b50-49a3-b98e-d93d847f1728&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Tue, 19 Oct 2021 06:54:51 GMT
Server
Apache/2.4.41 (Ubuntu)
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
Pug
simage2.pubmatic.com/AdServer/ Frame 2A68
Redirect Chain
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=766210064566899255
42 B
211 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=766210064566899255
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 06:54:51 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug015:0:343
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Tue, 19 Oct 2021 06:54:51 GMT
X-Proxy-Origin
216.131.111.33; 216.131.111.33; 731.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
652207dd-503a-4277-8994-55caf8485ab7
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=766210064566899255
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
d1ba4609
rtb.gumgum.com/getuid/ Frame 2A68 		35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.208.41.69 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-41-69.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Oct 2021 06:54:51 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0
postback
s.srvsynd.com/2/2.33.0/234175/ANj05scOEANFVF0O/ 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.srvsynd.com/2/2.33.0/234175/ANj05scOEANFVF0O/postback?sr=connatix.com&to=3&ui=00000000-0000-0000-0000-000000000000&md=2&ap=undefined&pp=102506&ti=x1096992544050543755095165698048&de=2&pv=a2db4630-b2c5-49c0-ad3a-47b3c42f3186&ci=234175&dt=2341751597675869250012&di=www.wxyz.com&sid=ANj05scOEANFVF0O&oz_sc=ad5fd7e102b18e30e74f3e6a&oz_df=1634626491125&oz_l=2638&cv=3
Requested by
Host: d25dfknw9ghxs6.cloudfront.net
URL: https://d25dfknw9ghxs6.cloudfront.net/scsp.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.203.131.238 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-131-238.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.wxyz.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 19 Oct 2021 06:54:50 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
postback
s.srvsynd.com/2/2.33.0/234175/ANj05scOEANFVF0O/ 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.srvsynd.com/2/2.33.0/234175/ANj05scOEANFVF0O/postback?sr=connatix.com&to=3&ui=00000000-0000-0000-0000-000000000000&md=2&ap=undefined&pp=102506&ti=x1096992544050543755095165698048&de=2&pv=a2db4630-b2c5-49c0-ad3a-47b3c42f3186&ci=234175&dt=2341751597675869250012&di=www.wxyz.com&sid=ANj05scOEANFVF0O&oz_sc=ad5fd7e102b18e30e74f3e6a&oz_df=1634626491317&oz_l=2415&cv=3
Requested by
Host: d25dfknw9ghxs6.cloudfront.net
URL: https://d25dfknw9ghxs6.cloudfront.net/scsp.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.203.131.238 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-131-238.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.wxyz.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 19 Oct 2021 06:54:50 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
async_usersync
ib.adnxs.com/ Frame 62EA 		0
578 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.50 , Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 19 Oct 2021 06:54:51 GMT
X-Proxy-Origin
216.131.111.33; 216.131.111.33; 728.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
77eb091f-b141-40bd-ad4c-b61cb6bef48b
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 81E5 		0
578 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.50 , Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 19 Oct 2021 06:54:51 GMT
X-Proxy-Origin
216.131.111.33; 216.131.111.33; 728.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
f06f34e7-b72f-4d34-8a25-b4a941806bef
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel.gif
px.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&zMoatAdUnit1=ssp.wxyz&zMoatAdUnit2=inview-bottom&wf=1&ra=3&pxm=3&sgs=3&vb=5&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=CRACKED_SCRIPPS_DFP_PREBID_HEADER1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BZ.jrG%3DzIR*E%24sRK%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-qzQ31%2B7Cex1YkaWe08ceLJHXkgPshLKyuz%2F4uhjkxPYPVB8OEV7WXRwEOC0dEk1CVCWz&rs=1-SScRKbOpzNBk3A%3D%3D&sc=1&os=1-6A%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=%3BUH2%2Bp%3CGbF&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&url=https%3A%2F%2Fwww.wxyz.com%2Fnews%2Fcoronavirus%2Fcovid-19-vaccine%2F35-michiganders-have-died-after-getting-the-covid-vaccine-but-this-stat-is-less-alarming-than-it-seems&pcode=crackedscrippsdfpprebidheader262014341684&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=11&zMoatpage=-&zMoatpos=above%2C1&zMoatpt=detail%2Ctrue&g=4&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=90&w=728&rm=1&fy=436&gp=1105&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.wxyz.com%2Fnews%2Fcoronavirus%2Fcovid-19-vaccine%2F35-michiganders-have-died-after-getting-the-covid-vaccine-but-this-stat-is-less-alarming-than-it-seems&id=1&ii=4&f=0&j=&t=1634626484230&de=511958499751&rx=479417967148&cu=1634626484230&m=7306&ar=fb6a7277fce-clean&iw=ffbb8c2&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A871043678126&td=1&lk=1105&lb=5669&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A683%3A683%3A2424%3A687&as=1&ag=5117&an=1021&gi=1&gf=5117&gg=1021&ix=5117&ic=5117&ez=1&ck=1021&kw=855&aj=1&pg=100&pf=100&ib=1&cc=1&bw=5117&bx=1021&ci=1021&jz=855&dj=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=4953&cd=855&ah=4953&am=855&xd=00&rf=0&re=0&wb=2&cl=0&at=0&d=16839141%3A237842901%3A5250393788%3A138298488418&gw=crackedscrippsdfpprebidheader262014341684&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&hv=findIframeAds&ab=2&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&tc=0&fs=194999&na=1414454111&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.143.57 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-143-57.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.wxyz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Oct 2021 06:54:51 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Tue, 19 Oct 2021 06:54:51 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
id5-sync.com
URL
https://id5-sync.com/c/441/19/4/6.gif?puid=720bab5f9f0b67c9e40845d57bc16fc0&gdpr=1&gdpr_consent=
Domain
pixel-us-east.rubiconproject.com
URL
https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=17632
Domain
bh.contextweb.com
URL
https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AABjh07C3NcAABabpIOVJw&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fuserid%3D1067587007258115791%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3
Domain
pixel.onaudience.com
URL
https://pixel.onaudience.com/?partner=104&icm&cver&mapped=720bab5f9f0b67c9e40845d57bc16fc0

Verdicts & Comments Add Verdict or Comment

193 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 object| 26 object| 27 object| 28 object| 29 object| 30 object| onbeforexrselect boolean| originAgentCluster object| core object| __core-js_shared__ object| global object| System function| asap function| Observable function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill function| ScrippsAdLib string| daysSincePublished number| datePublished object| publishedTime object| modifiedTime function| getCookie object| gtmObj string| callLetters string| jsTags string| jsPublishDate string| jsUpdateDate string| jsIsBreaking string| jsIsAlert string| jsAuthors string| jsHasVideo string| jsSection string| jsPageType string| jsDisablePrerollAds string| jsDisableDisplayAds string| jsDisableInlineVideoAds string| jsFname object| dataLayer boolean| __xshjryhdhjkuehd function| onReady object| OneTrustStub string| OnetrustActiveGroups string| OptanonActiveGroups function| OptanonWrapper object| ddls object| adsOnPage boolean| IS_CMS object| AdDebugger object| ScrippsUtils object| StickyRightRail object| sUserHub object| AdTargetingParams object| DynamicTargetingParams object| ScrippsOutstreamPlayer object| ScrippsAdsLib object| ImageLazyLoad object| googletag function| moatYieldReady object| apstag object| advBidxc object| pbjs object| ScrippsAdUtils function| _getCurrentAdInfo object| _ff983cd0-6c28-474c-9cc4-7a5281d11e05 function| fbAsyncInit function| ready function| loadChartbeat object| OBR string| OB_releaseVer function| OBR$ object| OB_PROXY object| outbrain object| outbrain_rater function| cnxps string| contentType undefined| define function| ReconnectingWebSocket object| ScrippsUserHub object| FB boolean| apstagLOADED function| pbjsChunk object| _pbjsGlobals object| google_tag_manager function| _typeof object| PARSELY object| google_tag_data object| _qevents object| _comscore string| ssaUrl function| fbq function| _fbq object| HeaderSM string| GoogleAnalyticsObject function| ga object| optimizely function| ia undefined| ct undefined| et undefined| hourElapsed undefined| msg undefined| pixelDomain undefined| isDomless undefined| documentReferrer undefined| isBeta undefined| viewHash undefined| tagType undefined| pxSrc undefined| moat_px object| Moat#G26 object| MoatSuperV26 object| MoatNadoAllJsonpRequest_27320065 object| Moat#PML#26#1.2 boolean| Moat#EVA object| moatPrebidApi object| __ctcg_65349_0_exec function| quantserve function| __qc object| ezt object| _qoptions function| qtrack function| udm_ object| ns_p object| COMSCORE object| cnx_usr_storage object| gaplugins object| gaGlobal object| gaData object| _0x5193 function| _0x27fd object| eventsUUIDGen function| uuidGenv4 function| uuidGenerator object| weightedFilter function| getOGTags object| loadTags object| JSON3 object| ggeac object| google_js_reporting_queue function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter undefined| google_measure_js_timing object| _ScrippsAdLib string| jsInitialBreakpoint object| cnxEnfStorage function| cnxsetTimeout function| cnxsetInterval object| cnxPlugins number| google_global_correlator boolean| ozoki_sv object| $$$ object| closure_lm_436397 object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id string| saved_tc string| saved_sc object| pieces string| cid string| ________ok object| ampInaboxIframes object| ampInaboxPendingMessages object| GoogleGcLKhOms function| miCallback object| google_image_requests function| cnxAddEventListener

58 Cookies

Domain/Path Name / Value
www.wxyz.com/news/coronavirus/covid-19-vaccine Name:
Value: test
.3lift.com/sync Name: sync
Value: CgoIgQIQ4qDTuskvCgoI4gEQ4qDTuskvCgoI5gEQ4qDTuskvCgoIhwIQ4qDTuskvCgkICRDioNO6yS8KCQg6EOKg07rJLwoJCAsQ4qDTuskvCgoIjAIQ4qDTuskvCgoIzgEQ4qDTuskvCgkIXxDioNO6yS8=
.wxyz.com/ Name: _parsely_session
Value: {%22sid%22:1%2C%22surl%22:%22https://www.wxyz.com/news/coronavirus/covid-19-vaccine/35-michiganders-have-died-after-getting-the-covid-vaccine-but-this-stat-is-less-alarming-than-it-seems%22%2C%22sref%22:%22%22%2C%22sts%22:1634626484163%2C%22slts%22:0}
.media.net/ Name: gdpr_status
Value: 1
.wxyz.com/ Name: _parsely_visitor
Value: {%22id%22:%22pid=605f46f2b0d91ece47e6bec45a1ff9ee%22%2C%22session_count%22:1%2C%22last_session_ts%22:1634626484163}
.wxyz.com/ Name: _gcl_au
Value: 1.1.573424486.1634626484
.sitescout.com/ Name: ssi
Value: 3bc31baf-7dd9-4cff-8de8-2e23a25b1a53#1634626484283
www.wxyz.com/ Name: mnet_session_depth
Value: 1%7C1634626484339
.scorecardresearch.com/ Name: UID
Value: 1YL9RQRDL4GSDFRODZ1YZCg1634626484
.wxyz.com/ Name: _ga
Value: GA1.2.1117996465.1634626485
.wxyz.com/ Name: _gid
Value: GA1.2.716266629.1634626485
.quantserve.com/ Name: mc
Value: 616e6bb4-8f534-18255-43806
.wxyz.com/ Name: _fbp
Value: fb.1.1634626484659.354115163
.wxyz.com/ Name: __qca
Value: P0-45798667-1634626484577
.wxyz.com/ Name: _gat_ScrippsEnterprise
Value: 1
.wxyz.com/ Name: _gat
Value: 1
.facebook.com/ Name: fr
Value: 03Q5G7HVwbF8udmWf..Bhbmu0...1.0.Bhbmu0.
obs.cheqzone.com/ Name: cg_uuid
Value: 7bf4acb12298d1b4f30da65bca547b06
.pymx5.com/ Name: _ia_uid
Value: eyJhbGciOiJBMjU2S1ciLCJlbmMiOiJBMjU2R0NNIn0.gkrw94w2Jj-I-AHHI2M4rtip_l995wcmfo8C_TtESPGx9uEuqmkM0Q.QYrbXl-hz2s-WzmE.L2Tlnu1Y1y6PUGr8c4F17BSmlLrfePcwwKKrVcvhhZpM1ku3aSW0WOi2cUKJa6xWv3A83D1C4iENAWXO2Wfh6xVfYvX8qnweXbbE255uftAY69KM6JBke0TcdngVLD4bM7oBAfhN77ncti-qFrjQadMZjJR86lDsXvcVj_lFzxxSmV2NSA6MR3eMmuI6lmk7dEpBcPcSD2xusosXcETn0XK8HUITDs4hmpoApvedxMnC7D_qwBrcGtnf8fW5299_Wb-LUWR10fsv_ONCOvEq5XNo1877EVC1mu3jheuZyrVhmz1Ukj3ecIt0ni75Ik2qWDMi4NPfBTr8jMl5mdT-vhoS9DCTDO9EpSp6AEocwDI.GXWd6hJHPrUZnjyAU3xahg
.pymx5.com/ Name: _ia_version
Value: 2
.gumgum.com/ Name: cs
Value: true
.gumgum.com/ Name: loc
Value: SfolTs1ZIlPB8MVKEK8IyKSvg4rUpAiO8hszRu6MQdzACEQ3JcDkYSa8DRCNeggGFXoqrKYmvNRYbDiv5cjMZA
.gumgum.com/ Name: vst
Value: e_4ff7fbad-81b4-4efd-99d2-be74ab956582
.openx.net/ Name: i
Value: 2e699db3-bea5-0cf7-0ab6-1132fc590122|1634626484
.rubiconproject.com/ Name: rsid
Value: 1|HsGqLFsFr/vVSy6g0MQzNQWiuYBcZJvAvCF6IsCkVVYgwYaQOmrhQqqdY7qJ5+fKRB+v2jLGFGeoFyjBXEn+RTT+pWw62G0J5h4qb83eS0hKp2u2D6IxNbX7Tc/cWQrERdSf+hE=
.rubiconproject.com/ Name: khaos
Value: KUXQEK0G-17-G29I
.rubiconproject.com/ Name: audit
Value: 1|hLZGFuTafB3FdwZKST0fb3OObL5xDgxP5Vc/8oh3YVB3ygqHm8h0Ik4UNrslxZpRaNgdOVL2Yy93sD/dBAXvNNAPlTu0R9RN
e.serverbid.com/ Name: azk
Value: ue1-sb1-e790698c-0f10-4f43-95ef-811df32ffb2e
.wxyz.com/ Name: _dc_gtm_UA-40537246-1
Value: 1
.doubleclick.net/ Name: IDE
Value: AHWqTUkgFnuvkOFW9CdG3CzwP7SlF1LN4FnTILSyVxenFccj83Ier9Zw_ETPmgVIkA8
.wxyz.com/ Name: __gads
Value: ID=6790bee96bdcfb43:T=1634626485:S=ALNI_MY5zEdpsqZDMnON-IVIzYoWwapF6A
.doubleclick.net/ Name: DSID
Value: NO_DATA
.3lift.com/ Name: tluid
Value: 2731071793880276346
.openx.net/ Name: pd
Value: v2|1634626490|gekin0vNiygu
.id5-sync.com/ Name: cf
Value:
.id5-sync.com/ Name: cip
Value:
.id5-sync.com/ Name: cnac
Value:
.id5-sync.com/ Name: car
Value:
.id5-sync.com/ Name: gdpr
Value:
.id5-sync.com/ Name: id5
Value: b0aeef63-0aa5-41ad-af94-bcf3bbf8f9ef#1634626490457#1
.id5-sync.com/ Name: callback
Value:
.adnxs.com/ Name: uuid2
Value: 766210064566899255
.mathtag.com/ Name: uuid
Value: 377e616e-6bba-4b00-b205-f935f15fa8d9
.quantserve.com/ Name: d
Value: EOwBDAHCJIqsMA
.360yield.com/ Name: tuuid
Value: ca59166c-e13e-4269-84f1-dd1bf9eea3e2
.360yield.com/ Name: tuuid_lu
Value: 1634626490
eus.rubiconproject.com/ Name: pux
Value: 1512%3D103422%262249%3D103422%262307%3D103422%262974%3D103422%263778%3D103422%26brx%3D103422%26goog%3D103422%262249-DV360-Hosted%3D103422%26
.turn.com/ Name: uid
Value: 2514027344629895428
.360yield.com/ Name: um
Value: !79,kvx0Fnic4P3XRx4kw2vEvDoAUOySDfQdGu2G3fw1nJZG28J-U-2pKUKT5TyP3oy5A11.SKVLgxHZf03g,1642402490!313,kvx0Fj4R36jYPoG4MaP-CiFh.Mv9O-lwK.P7AuLIEpGyHvYcAeLfokUIXz2vpRqZi6s9IJ-AxfnfJUcj,1642402490
.360yield.com/ Name: umeh
Value: !79,0,1696834490,-1!313,0,1696834490,-1
.adform.net/ Name: C
Value: 1
.bing.com/ Name: MUID
Value: 2A1B2E0A74CA6F700AB23EDF75666E86
.adform.net/ Name: uid
Value: 1074225481144244828
.mathtag.com/ Name: mt_mop
Value: 9:1634626490
ads.avct.cloud/ Name: uuid
Value: e13e4942-bb5c-4748-bf70-13ca401df45c
.yahoo.com/ Name: A3
Value: d=AQABBLprbmECEEjfDONVMJFsUOqv4s8qAJwFEgEBAQG9b2F4YQAAAAAA_eMAAA&S=AQAAAlX4kNWKhfcFgOVQ-jMLmFc
.id5-sync.com/ Name: 3pi
Value: 146#1634626490769#-615809944|916#1634626490569#1100937683|441#1634626490499#48|124#1634626490590#1100937683
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~YW5rugAKP0X2fwAT

37 Console Messages

Source Level URL
Text
network error URL: https://cdn.cookielaw.org/consent/000000/000000.json
Message:
Failed to load resource: the server responded with a status of 404 ()
other warning URL: https://ewscripps.brightspotcdn.com/resource/0000017c-94dc-de1a-af7d-dffc442f0000/styleguide/All.min.9656e89e5a03da06d3ee6f4b6fbf717b.gz.js(Line 6)
Message:
Allow attribute will take precedence over 'allowfullscreen'.
other warning URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 76)
Message:
Origin trial controlled feature not enabled: 'trust-token-redemption'.
other warning URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 76)
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.
worker error URL: blob:https://www.wxyz.com/b5dda195-d8de-4803-a0b9-6b6662092f00
Message:
Mixed Content: The page at 'blob:https://www.wxyz.com/b5dda195-d8de-4803-a0b9-6b6662092f00' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'chrome-extension://eppiocemhmnlbhjplcgkofciiegomcon/content/safecheck-notification/notification-iframe/index.html'. This request has been blocked; the content must be served over HTTPS.
worker error URL: blob:https://www.wxyz.com/b5dda195-d8de-4803-a0b9-6b6662092f00
Message:
Mixed Content: The page at 'blob:https://www.wxyz.com/b5dda195-d8de-4803-a0b9-6b6662092f00' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'chrome-extension://cplklnmnlbnpmjogncfgfijoopmnlemp/skin/logo24.png'. This request has been blocked; the content must be served over HTTPS.
security error URL: https://404070df3b8f7600f3dcb3117e8eab48.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html(Line 11)
Message:
Refused to frame 'https://pagead2.googlesyndication.com/' because it violates the following Content Security Policy directive: "frame-src cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp=er3$/12502976385620377600/index.html".
javascript warning URL: https://z.moatads.com/scrippsjsimavideo263172958560/moatvideo.js(Line 141)
Message:
The deviceorientation events are blocked by permissions policy. See https://github.com/w3c/webappsec-permissions-policy/blob/master/features.md#sensor-features
other warning URL: https://imasdk.googleapis.com/js/core/bridge3.485.1_en.html(Line 347)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://imasdk.googleapis.com/js/core/bridge3.485.1_en.html(Line 347)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://imasdk.googleapis.com/js/core/bridge3.485.1_en.html(Line 347)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://imasdk.googleapis.com/js/core/bridge3.485.1_en.html(Line 347)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://imasdk.googleapis.com/js/core/bridge3.485.1_en.html(Line 347)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://imasdk.googleapis.com/js/core/bridge3.485.1_en.html(Line 347)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://imasdk.googleapis.com/js/core/bridge3.485.1_en.html(Line 347)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://imasdk.googleapis.com/js/core/bridge3.485.1_en.html(Line 347)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://imasdk.googleapis.com/js/core/bridge3.485.1_en.html(Line 347)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://imasdk.googleapis.com/js/core/bridge3.485.1_en.html(Line 347)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://imasdk.googleapis.com/js/core/bridge3.485.1_en.html(Line 347)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://imasdk.googleapis.com/js/core/bridge3.485.1_en.html(Line 347)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://imasdk.googleapis.com/js/core/bridge3.485.1_en.html(Line 347)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://imasdk.googleapis.com/js/core/bridge3.485.1_en.html(Line 347)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://imasdk.googleapis.com/js/core/bridge3.485.1_en.html(Line 347)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://imasdk.googleapis.com/js/core/bridge3.485.1_en.html(Line 347)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://imasdk.googleapis.com/js/core/bridge3.485.1_en.html(Line 347)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://imasdk.googleapis.com/js/core/bridge3.485.1_en.html(Line 347)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://imasdk.googleapis.com/js/core/bridge3.485.1_en.html(Line 347)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://imasdk.googleapis.com/js/core/bridge3.485.1_en.html(Line 347)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://imasdk.googleapis.com/js/core/bridge3.485.1_en.html(Line 347)
Message:
Unrecognized feature: 'attribution-reporting'.
network error URL: https://p.adsymptotic.com/d/px/ue1-sb1-e790698c-0f10-4f43-95ef-811df32ffb2e
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://p.adsymptotic.com/d/px/ue1-sb1-e790698c-0f10-4f43-95ef-811df32ffb2e
Message:
Failed to load resource: the server responded with a status of 403 ()
other warning URL: https://imasdk.googleapis.com/js/core/bridge3.485.1_en.html(Line 347)
Message:
Unrecognized feature: 'attribution-reporting'.
network error URL: https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
Message:
Failed to load resource: the server responded with a status of 404 ()
other warning URL: https://imasdk.googleapis.com/js/core/bridge3.485.1_en.html(Line 347)
Message:
Unrecognized feature: 'attribution-reporting'.
network error URL: https://id5-sync.com/c/441/19/4/6.gif?puid=720bab5f9f0b67c9e40845d57bc16fc0&gdpr=1&gdpr_consent=
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
other warning URL: https://imasdk.googleapis.com/js/core/bridge3.485.1_en.html(Line 347)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://imasdk.googleapis.com/js/core/bridge3.485.1_en.html(Line 347)
Message:
Unrecognized feature: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

404070df3b8f7600f3dcb3117e8eab48.safeframe.googlesyndication.com
4394967.fls.doubleclick.net
a.tribalfusion.com
acdn.adnxs.com
ad.turn.com
ad4m.at
ads-alpha.ewscloud.com
ads.playground.xyz
ads.pubmatic.com
ads.rubiconproject.com
ads.yahoo.com
adservice.google.com
adservice.google.de
ap.lijit.com
api.ewscloud.com
api.pymx5.com
assets.scrippsdigital.com
b1sync.zemanta.com
bh.contextweb.com
c.amazon-adsystem.com
c.bing.com
c1.adform.net
c2shb.ssp.yahoo.com
capi.connatix.com
cd.connatix.com
cdn.cookielaw.org
cdn.parsely.com
cds.connatix.com
cm.adgrx.com
cm.g.doubleclick.net
code.jquery.com
connect.facebook.net
csi.gstatic.com
csync.loopme.me
d25dfknw9ghxs6.cloudfront.net
d2s8wlbatk24s7.cloudfront.net
d5p.de17a.com
dis.criteo.com
dsp.adfarm1.adition.com
e.serverbid.com
eb2.3lift.com
eu-u.openx.net
eus.rubiconproject.com
ewscripps-d.openx.net
ewscripps.brightspotcdn.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
g2.gumgum.com
googleads.g.doubleclick.net
green.erne.co
hblg.media.net
hbx.media.net
ib.adnxs.com
id5-sync.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
images.outbrainimg.com
imasdk.googleapis.com
img.connatix.com
includemodal.com
includemodal.global.ssl.fastly.net
lit.connatix.com
log.outbrainimg.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.deepintent.com
match.taboola.com
maxcdn.bootstrapcdn.com
mb.moatads.com
mcdp-nydc1.outbrain.com
mv.outbrain.com
ob.cheqzone.com
obs.cheqzone.com
odb.outbrain.com
p.adsymptotic.com
p.typekit.net
p1.parsely.com
pagead2.googlesyndication.com
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel.advertising.com
pixel.onaudience.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.sitescout.com
pool.admedo.com
pr-bh.ybp.yahoo.com
prebid-a.rubiconproject.com
pubads.g.doubleclick.net
pubmatic-match.dotomi.com
px.ads.linkedin.com
px.moatads.com
pymx5.com
r2---sn-2gb7sn7k.gvt1.com
redirector.gvt1.com
rtb.gumgum.com
rtb.openx.net
rules.quantcount.com
s.amazon-adsystem.com
s.srvsynd.com
s.tribalfusion.com
s0.2mdn.net
sb.scorecardresearch.com
secure-assets.rubiconproject.com
secure.adnxs.com
secure.quantserve.com
securepubads.g.doubleclick.net
sejs.moatads.com
serverbid-sync.nyc3.cdn.digitaloceanspaces.com
simage2.pubmatic.com
ssc-cms.33across.com
ssc.33across.com
ssum-sec.casalemedia.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.go.sonobi.com
sync.mathtag.com
sync.serverbid.com
sync.targeting.unrulymedia.com
tcheck.outbrainimg.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
trc.taboola.com
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
use.fontawesome.com
use.typekit.net
vid.connatix.com
widget-pixels.outbrain.com
widgets.outbrain.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.wxyz.com
x-default-stgec.uplynk.com
x.bidswitch.net
z.moatads.com
bh.contextweb.com
id5-sync.com
pixel-us-east.rubiconproject.com
pixel.onaudience.com
104.109.78.125
104.16.149.64
104.18.11.207
104.18.12.5
104.18.99.194
104.21.192.83
104.76.200.23
104.92.82.154
108.174.11.69
13.248.242.197
13.32.121.95
13.35.253.71
142.250.184.195
142.250.184.198
142.250.184.225
142.250.184.226
142.250.185.162
142.250.185.168
142.250.185.196
142.250.185.202
142.250.185.226
142.250.185.65
142.250.186.174
142.250.186.34
142.250.186.66
142.250.186.74
142.250.186.98
142.250.74.206
143.204.101.77
151.101.1.194
151.101.1.44
151.101.14.132
151.101.194.137
151.101.2.137
151.101.2.49
151.101.65.108
159.253.128.188
159.65.196.12
162.55.6.211
165.227.252.242
169.197.150.8
172.217.16.134
172.217.166.3
172.67.214.69
178.250.2.151
18.156.0.31
18.156.195.47
18.159.21.129
18.184.28.154
18.203.131.238
18.66.100.58
18.66.112.117
18.66.112.48
18.66.242.230
18.66.248.52
18.66.97.81
185.29.134.248
185.33.220.244
185.33.221.50
185.60.216.19
185.60.216.35
185.64.189.110
185.64.189.114
185.64.190.80
188.165.137.78
192.229.220.181
198.47.127.19
2.16.186.59
2.18.233.180
2.18.234.190
2.18.234.21
2.19.35.65
2.21.140.74
2.21.143.57
2.21.143.94
204.79.197.200
205.185.216.10
208.100.17.176
209.54.177.54
212.82.100.176
213.155.156.169
213.19.147.44
216.52.2.39
3.10.67.38
3.124.87.92
3.129.116.66
3.138.43.101
34.149.20.76
34.96.74.203
34.98.107.212
35.172.245.152
35.186.253.211
35.210.53.219
35.227.203.93
35.244.159.8
37.157.6.252
46.228.164.11
50.31.142.31
52.202.168.65
52.208.41.69
52.222.210.175
52.85.112.22
54.144.144.142
54.93.133.131
63.215.202.137
64.202.112.63
66.102.1.155
66.155.71.25
69.16.175.42
69.173.144.139
69.173.144.143
69.173.144.165
72.251.241.204
72.34.250.75
74.125.104.104
76.223.111.18
85.114.159.118
87.248.118.23
91.228.74.198
04648ffd602204930109d65bcb95749b406307be543c04bf4a3646f567b34f6a
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
05c5dc793d4f01834d165cb437c22c058e69ec6f7510e4caf92b3f8cd3c0e7c9
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
08bf86b93a8562a2e0e90791b47e2092875fa209b044e79e8fc8a1ddb98bd24e
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0b9a33921b51dacbe0dbc713ddd391943b847b60c547c13132ccc444c201c42a
0bb775e23934c5478dab7517dbf8a614834c96e926c4498b734399eb8a2e640d
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
1071ed33c04a8c55a8480310ff6d41a09078305482508bf7d2ae72a952ed60db
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
11b947e74a7ba8f1d433b84ab7a719799ec0662a9035a8b4a2ab4d7d1eb2d681
12711a40f013e25dca5d22e041f12fdd414270002115151e5b46c8ff02e64e0d
1370aa391210232dedbf89f9a6a0c39a523623599af9bae40a3f4c9f8b3f4619
1385a4f55db1166435032cd0c1d542629ccc77f520fb0d3702e1d2da2f514a24
1721ae9e650286980e1799232e7f85213135c5f55e39b4a6faa4ff969561c2b5
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
19cbad638e821949cc54e51a5a4ac84d98f66e6785b0af3bb2fb50c378e544a8
1b985b833fe5443b89d4f969d7c3ce1111521d270a4776019c4098b9a3b6d516
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1deecdd57957187a13078d71113cbd62f1c9b798ff67730c7f8426c12261cecf
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4
1fff22b2bf209855855013e7f81a45a004784ea1dd9b8c47ac927ba447e11038
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba
2359d383bf2d4ab65ebf7923bdf74ce40e4093f6e58251b395a64034b3c39772
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
27b09941b35ac66529f0911975b1b47b9ef34ae76193f5228c5f20d113665c74
29bd414f4a6424b4dc5455510eb135cd6b41fe054d6089452cc970e47bbdea91
2ae19407083395c5e6a81404a472a7dc448b358f3a4830231cb87314ab4ffa20
2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04
2d452ca7bf499867307ebfa48373084a42e1f56ec0a26e5bb2e12f01888c3cc9
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e667d2c6130c2a93fa09cfeaba841c273800eed9dd1206fa0575227e2fe3d40
3313ad52b1bc6a546badc153af5070e3eb772940511fd1305354989fea370971
36b4f48db5bd434d1563a91f77cf731a4a04f41e528736d2ee892fe5f3ae29a1
3739f7e3f233afefaaf897a2c109cd3dcce3799125f58957b4a622b610511a63
39b576e0da6026221c6efaeb013bc44a49c917700427deb40e0d924c2a388492
39d160e97e2bea07b0cf1c647259ffa4f0bd07069dba4e6c19a22d38b408510f
3bc9d28f4e64c676c58b31ad6578ca7f3f383cca647bf363916d4ee8982c3b08
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3d82d44a795284b8f9b01b6989d3d38c12e03b772e97228490a07119f834859c
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
403cea8095f7c63dbad7fa344ee0077ff3ab8af037ea6c8ff9bebff740662015
40deabde2594c461c0f8f32ae423447afb4fd56a2ed1d844ff7eb95c928f2bb5
41737915860fe7d29d9d4d93bf40dd8058ddc19f62182a8442a188a41d3827ba
41d9de265e720a301cbd9c525fa7089a677e0b099b422579a401516212b5add3
43a58715cddcea61d6e85f3b9e34a99326489f1fdac5c8c292d9e0702c419a07
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
492f490d3a8cae053f8ab9f525210cfcd792987a02d65783aa81ce4edf926fa2
49bf438349cbba11f359c77a0d1c179c8be4804a283cd594bc450b6ec9d5b0fd
4ada71870425ae766a4a46117d190f346ce911730952d869e2eab7195c7aecb8
4b5e988359c30afd1d84b7a5118296f1fc33f4527d530b096ca27aa7fbfef99a
4cc37741acb0d1eede5da7609c7c11b2557c4fb02b70d3ff41018dff00d11632
4cf31d82a40b28cc791cf8c436d38630b540ce90430d56c4a140babf3d5154f1
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e2886b8e76fc79bd2d8f93a1c3da8299893112e885db2e894d07a6f7306a073
4ed7169b29b864a9d52a6528f7e1feea1ca94b81b875773b1587ba5aa56b22bc
4edc0b021f4548a787153ebeb179323fba65d6d9754b86dc84d36eb1ecab5476
4ee5c21290b8cabccc825aef58d019477bbcb001c156e5c437704e66f842820a
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
4f6ab05f0e5d9bd214252e0ca8773de653de74b4009efc781461686111f6941a
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
517ee8a1d0e3438c13fe609412789c12bf6e3dbffd461694e6b7596378d40f75
5268ac15e7bd3c204ac9475d6a17721a3e3a63b024f1a4fa163efaaa993b7453
54043aec94a8eb89b42fd11b81e743bf7153d4704578d4e614ffd43ff8dda626
541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
577da670a02284064ebc2fa92c3a7c2f7f9773833de15d7434935c4e924a0bb2
57876ceb594cd215556fc9da166a1121fc51d892c0f7e5cb5fb544384b6f70f6
57c5539d3b41c2eeae7da9e0570e21a70a5cedfcd114c8cdc1273ae71723bbf3
59d064c353d3cbb5e4e7c7b6edfb157e8cd2f1e532974f4ef7ba5c29906d2860
5ad9a7394e37798f3468db66604178e84c51e687d3ca2146eb11c5f71fafc163
5deaa131a20b30a1c35ad82221ce0547d301c54c4702a9e61d4498e4f7bf4a8f
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
60f05d358e0777fa5948d114025fac40231d57ee6e877d44c3629518927a5091
6134c69a4499afd5f1c8aa273268c18604922248782917819d91e9cdfdf22995
620e46ad8b172c01c1200732c5550d3697b9e116b77d1ef224b52533bb3f2e4c
62b5e7ae9e2ed60dcd7cb2e0823dd0884575f2176aff629f2df1e912dfae20e1
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
69576fdeff69f85ccb4bb0cb19c940da43e5ac46cb4c18743964731bf7f76a0e
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d28830ef0fdeba41bc402b8b12341e929c6c66db8fe512deb2b1baa9611745b
6eac4f1bf5bf8976cc74f9d784adc40029ac907cf2ba54cc3c5a50c8e38cd122
6f3fe5e8495845313f16cb7c80205210f0e063e4a9fd9daeefcc2c3b73572921
741c60f9358e0d4e4edf5a68ada9f802dd3c1a888156e752cade0054bccac975
745a73b1d488669d1a0c4e620175eeade5537f132d8b3cd13503d305169a5ab6
76a1cc0945b6eb4fdc228e1bb9a56228ecf1b2fc8375b067157eb6d0ea71dc28
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
79ee9f7da12b0ff275ce9f1843664305bf379a4cc3a445079f6b4646348010c0
7a3b4c985dc5de60264f6a19da2b094563d3dfc6b1fc1bd33645cae3e0db6cc3
7ae2fbc1a3ae7c2cc94bef9a4b3df7baa97211f53b9e443ed67612324df7603c
7b5b8ab882d53272ee88bd6dda94fd59eebe5e5c4e22093c998e905352e47506
7cf89686a83932b96590f942f131f107965fde7ad08b3c7fdbba6c9af641bc22
7dc95e5b1831ab2871016d3e7119b0c8a1d4176e046e75b77ecc77c61d93dc83
7ed745876681f5eb84b060ea14a057f52c6ce64cbfe5b0e43cafe1f97bf52c1c
8050f05c230d74be333b63cef230e786094e9100f55fa19c6c0831e95870768d
805dc2ef7778678ace99530207d0bcda25f70b3c2ae08bca8259c079454eb0a4
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
848fe19ed492948709b881f504ce2eb6274baa694606ca88eb9b2990a2460caf
8730c26defc411dd8a51f1da47e5ae3804fab6868f7914a26b09d8e0791bbe39
87ca13416176ac0c3a2fda8aedc4a55260f766adbc801c155dd029ce5486f00a
8aa0dbe93ae6630453c94f73f9950eeb1a0e47f1cb6b8ea873a1e704f6f657b1
8ab6926ae83dcfbd1225077ac5c68213c6bd9b99c50ca3ee3f7ee93e059d62f6
8c2c3fee87756e3b9ec4d7e70bda112774ba857c5004b4a41a50fac001948c30
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8db22950b3f47f686f4bad6b6d21386f03a4b0b24320c6715436424e41dcda09
8ecad9c7e03993e0309593c13bc423d238cf3071a13b4ff15d7f9fc4403fe6c6
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
95031080831fd62b0946bfb827edf9279ddf3afa0711940b8d27e627f62046ea
989702326c6fbb029c0ffd99578a699f7792ed79c258850b814473f822311993
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
98ba2e1fef17c14f30d59cd311adb42f9393ba132e6689fb5784e092a5638606
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9d8a633f49f73344254aaf97549b037c397addbcf66cb8346406b6fc8c1ae9f9
9fcd0153277b6a8867e92dd6860d2e2ca51642f521c5c9d83f37bb6df2e27907
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a30b486ec17bfb07fca32fe953ab7da1d28fe0ee3cc58cba844d10cde8ab404c
a39d9acefe24437ed2d4031241c6a1e19751f7e2010681b9320dd2264d27ef54
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a52e42f81931179ef623fa2bcc772ffba12007552b0ed0f0ca9dfbc1c5eeaa99
a56f0d981ef60e9526e9f069f74ce005014ba375dcb8d947396b21294a8ce669
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a706f1d2302d94554ff1e0d3c35237ced262059459fbebd816335c10f8b89ae2
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a83079124373d924ad1402fbc08d2e24d0043234d4c26565f1c368745f55f5d9
a93aac1a41105dc8b715a7d14c2a81940c109abeb786039b95dc51415114ee48
ae0c447bcad4fffcae29885007732fe7774439c189d32f5d8d8244cbd8b75112
ae7f42b2588333d62bd98d9f9dbe752ecd990f74f19627e1aaf504b24269d39c
af494fcc630cb8748512897821be4c8673a0cfc2ddb3b2ad644e26e7e350e01b
aff0932ba70bf0faf8a483ae65a8737906607547789b866ebaf65b9ae8405d68
b026d5118326e37e2324456275ac6971462e1c6a8a90213c55bb4a098aa3b4f4
b044bb381a7a5adfcb17c76f69bea7dcb06b1c17992806804cf13f2b7752957b
b2ec3db0c3ffe01385ebd2fa36b83708e505fada5609f9859a8e04a9cbdcaefd
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
b633a587c652d02386c4f16f8c6f6aab7352d97f16367c3c40576214372dd628
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bbbf1e82c81503d12b1eb12df97b59ca6b17a8e1a70d3a13d01f8e3a01659843
bd408a5a042b26302422015b360c781e0a7f49de63198b53acedf20931c90b66
bdaa2b8335dedda6c1ae94ce3850b459583d55992b13d611a772ac6adf7ef19e
bf5ce06047e22884c9e26601c0cafd3f5719583a61b9cf151a4adda5bc633e4e
c23a9028e37473903cb24a477fdf010875553ca5a9398e90a8794ec4fb970f6d
c2b2215fdfb6d3151ab6fb40f072c62a7aa03b11dd856e0b34b81b37fca98a93
c56802bfedab8a43bcd535d76ae99fa184d5e083a32125e1cc4b259c95cc9c8e
c6420ab9ec6ebff1cd61333dade6ba9ac879d3617a59334148672dee6af12fec
c76853b9b64b3fb4b4cfbd22885e4cc2e3f14918020efb69a1df8eaeeb2a3b8e
c771a917d3286c9c1e094d2d1ab65280472dc3609988cc5917f52479ed18bd94
cb2f89e554453cd1e53c403748945f0fc04314a5395c72160f06367d49cb9d26
cb736684a56de757e3d0e5550752f489a309135bbf16c9b6fcfca4a4a21b7b46
cd87d2f04b6694d2bb9de04698a95bad4f9a6f03286372693a9d2e9e539e5159
ce91e2144ea27f82292ef2c87c5d9e1d0b9994df63836130293865aca18fc550
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d03cc69852d9a49f58141a05cec000a8f1ff5016ac546a553c8e6b13cbc66049
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d10093911e241c26595b0f62f3cbef850021a1f04c4891120b51803e8d6ab50d
d16341f40188e86603672051578640a02e5560a0e908ec42c8e57d59e842933d
d1b1ae274b98b536cad52a99915d4fc0670fb156a0404ad097c4e873c7422f5b
d1d4ae04a3f4a43c51badd0882b7bae3ff821601bb96bcd0dff27eaa2bfcc4d8
d278491b1de51ad826d16be5ab27b1746999c02d45200f107218427e34eed798
d28018b229e2723b7be8c01765701545f01fd28fb898b8609d7ec839368ca3d0
d296fa81596343c329166b4d8d9873b1b4a0e86efb4c7eceb57c83c5178910e0
d3370d6feb2ecd009714ea3aee88e7ff4469ea5922dbb18342f7b91015d4c27b
d397b88960a45e7fbd88d6cdeacad8aba62e05f989c5d586dcd9a6858b254744
d47b0a558d4b3c185baeca529965752d946921f4a10cb7c442b9bbee6985c4a5
d5a8b1072de2466e1686b7729118388b20d818b2a3e784f21dfa1da7c9bfeb5b
d63fa770adfd344ffffd30e315719e539d341a6f71d0d6ad6a5c312a85e95fed
d66c157e60a88623fc6bb87393d303096b3a2db235ad33c1cdb80ed71ee38c42
d771e2f1aaa0fc824d7c4cf94360c24e1e2438ccd78f5c15f961b40ab7313658
da263eff6489f28a35d328a1a5895db9adb14c22c40cd35d0afce85414cac701
da4a85b624e7a71b4aa3827935dae699f7e8769e172ce18dc1ec395967863fbd
de3cdb1f6a7bf23c7917655035d955dc5e7ce47af7bbb2def8a8197fdbe8acf0
df63ea6310408e483620c3032fc6b758f515a838f913df7acaf503ac58a1aa0e
e3a721b932b0f0dd2b806104fbdf5728949f1b281cea9e5af71c285eed9fafe5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4447831baf6690d632168390edfd95679cb7b5a09aec2c54d47b0a2343e54aa
e849470f54355f6410555d901ba4d2380e3028b25f5e81411923940b90ab75aa
e87e082f0cd8c67e281641290266747af1638390bb86573db02e43ee9faae667
e9ecd023ea06eff2419484166b4abfea40f10b044a846c999c4857d71b9f2207
edda75d7dc3a6104c5af0f926c5ae645ae25eb8c4f8a601c6d5293378e858a5c
ee26cdb03e9f97384ba67d1aa164564304db6acb7be12b3b339e09ccc7874f1e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0240bee9e6bcfd0f100b50ac6b0be53b78c24d37c33778565e5c3aeac8cdf7c
f2dcd9cd8327f9a74903074baf5a2af793df8d8a706c220e2ab4516e775596eb
f38aa246573dddbe8fc73d24015f452828ee28bdda5c5dad82173c7bcd2e54ff
f4726d988effd5253298f2a2738ca92d780d4105af0ce67eb7e7d1c748fb6909
f56463307de891d0ed4ecbbf2d11a85e8f3ec736bd46e6741f49434f9f4934f0
f5e07d300f60d45848a84ddcdb2ec5d9ced667a63b962ad5bf0d7265c77ca784
f6bef27cfabc53410c7d0b9103945d97ee2e32eb8e2dd01681c46273f4e829c5
f8deed8d38bdd3b2902629c02ad1eb000b082b2519fb73d31a63d37181cf77fc
f94366efc6314725e16b4002b1e6903913b1f6d9f5757aec611205dcd0db3596
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
fe2bd5f89efd1756d03758e07294606d7b754082027b4437f4e6863d0064d0d4
ff821a751012337bb73c20f7d84b1129745c6cb4bc13a43d7dc60e19fca7108b