cdn.realityrewind.com Open in urlscan Pro
94.31.29.248 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://cdn.realityrewind.com/
Submission: On December 28 via api (December 28th 2021, 12:25:33 pm UTC) from US — Scanned from GB

Summary HTTP 177 Redirects Links 60 Behaviour Indicators

Summary

This website contacted 56 IPs in 6 countries across 51 domains to perform 177 HTTP transactions. The main IP is 94.31.29.248, located in United Kingdom and belongs to HIGHWINDS2, US. The main domain is cdn.realityrewind.com.

This is the only time cdn.realityrewind.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	94.31.29.248 94.31.29.248	33438 (HIGHWINDS2) (HIGHWINDS2)
18	209.188.81.66 209.188.81.66	32244 (LIQUIDWEB) (LIQUIDWEB)
13	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6812:417	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	192.0.77.2 192.0.77.2	2635 (AUTOMATTIC) (AUTOMATTIC)
2	2a02:26f0:6c0... 2a02:26f0:6c00:2b6::1931	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	192.0.77.32 192.0.77.32	2635 (AUTOMATTIC) (AUTOMATTIC)
2	192.0.76.3 192.0.76.3	2635 (AUTOMATTIC) (AUTOMATTIC)
4	172.66.42.247 172.66.42.247	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
8	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
5 33	2606:4700::68... 2606:4700::6812:d05	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:82f::200e	15169 (GOOGLE) (GOOGLE)
2	2606:2800:234... 2606:2800:234:59:254c:406:2366:268c	15133 (EDGECAST) (EDGECAST)
2	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
2	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
1	2620:116:800d... 2620:116:800d:21:f916:5049:f87f:108e	16509 (AMAZON-02) (AMAZON-02)
1 2	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
17	172.66.41.9 172.66.41.9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	2600:9000:223... 2600:9000:223c:ec00:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
6	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
1	2a02:2638::2 2a02:2638::2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a02:2638::18 2a02:2638::18	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	104.244.42.8 104.244.42.8	13414 (TWITTER) (TWITTER)
1	67.202.105.32 67.202.105.32	32748 (STEADFAST) (STEADFAST)
3 7	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
1	51.75.86.98 51.75.86.98	16276 (OVH) (OVH)
4 4	198.47.127.18 198.47.127.18	62713 (AS-PUBMATIC) (AS-PUBMATIC)
4 4	142.250.74.194 142.250.74.194	15169 (GOOGLE) (GOOGLE)
1 1	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 2	198.47.127.20 198.47.127.20	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
4 5	37.252.173.38 37.252.173.38	29990 (ASN-APPNEX) (ASN-APPNEX)
2	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
4 4	3.126.56.137 3.126.56.137	16509 (AMAZON-02) (AMAZON-02)
3 3	213.19.147.44 213.19.147.44	3356 (LEVEL3) (LEVEL3)
2 3	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
1 1	70.42.32.255 70.42.32.255	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
1	178.162.133.149 178.162.133.149	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1	34.253.11.36 34.253.11.36	16509 (AMAZON-02) (AMAZON-02)
1	174.137.133.49 174.137.133.49	27257 (WEBAIR-IN...) (WEBAIR-INTERNET)
3 3	3.124.133.36 3.124.133.36	16509 (AMAZON-02) (AMAZON-02)
1	38.27.122.101 38.27.122.101	174 (COGENT-174) (COGENT-174)
2 2	216.52.2.48 216.52.2.48	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
1 1	193.0.160.129 193.0.160.129	54312 (ROCKETFUEL) (ROCKETFUEL)
1	67.202.105.21 67.202.105.21	32748 (STEADFAST) (STEADFAST)
7	2a02:2638:1::3 2a02:2638:1::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 2	142.250.184.230 142.250.184.230	15169 (GOOGLE) (GOOGLE)
1	178.250.0.160 178.250.0.160	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	178.250.0.162 178.250.0.162	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 2	2620:116:800d... 2620:116:800d:21:51e4:db4b:4436:b305	16509 (AMAZON-02) (AMAZON-02)
1 2	209.54.180.144 209.54.180.144	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:303... 2606:4700:3039::6815:c0a3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	52.86.199.207 52.86.199.207	14618 (AMAZON-AES) (AMAZON-AES)
1	169.197.150.7 169.197.150.7	398989 (DEEPINTENT) (DEEPINTENT)
2	2a02:26f0:6c0... 2a02:26f0:6c00:286::4469	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	151.101.64.84 151.101.64.84	54113 (FASTLY) (FASTLY)
3	213.254.244.18 213.254.244.18	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
1 1	104.111.215.191 104.111.215.191	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2606:4700::68... 2606:4700::6812:c05	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1288:80:... 2a00:1288:80:800::7001	203220 (YAHOO-DEB) (YAHOO-DEB)
2	2a00:1450:400... 2a00:1450:4001:830::2004	15169 (GOOGLE) (GOOGLE)
1	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
2 2	185.94.180.126 185.94.180.126	35220 (SPOTX-AMS) (SPOTX-AMS)
1 1	198.47.127.19 198.47.127.19	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
1 1	185.64.189.110 185.64.189.110	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 2	188.65.124.38 188.65.124.38	41690 (DAILYMOTI...) (DAILYMOTION For peering related business)
1 1	35.156.119.137 35.156.119.137	16509 (AMAZON-02) (AMAZON-02)
2 2	52.19.78.71 52.19.78.71	16509 (AMAZON-02) (AMAZON-02)
1	52.215.164.121 52.215.164.121	16509 (AMAZON-02) (AMAZON-02)
177	56

1 94.31.29.248 (United Kingdom)

ASN33438 (HIGHWINDS2, US)
PTR: 94.31.29.248.IPYX-077437-ZYO.above.net

cdn.realityrewind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 209.188.81.66 (United States)

ASN32244 (LIQUIDWEB, US)
PTR: host.gtprods.org

realityrewind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:417 (United States)

ASN13335 (CLOUDFLARENET, US)

tags.expo9.exponential.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 192.0.77.2 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: i1.wp.com

i1.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
i2.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
i0.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:6c00:2b6::1931 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

assets.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.77.32 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: wordpress.com

s0.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

stats.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.66.42.247 (United States)

ASN13335 (CLOUDFLARENET, US)

resources.infolinks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

33 2606:4700::6812:d05 (United States) 5 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:f916:5049:f87f:108e (United States)

ASN16509 (AMAZON-02, US)

edge.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany) 1 redirects

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 172.66.41.9 (United States)

ASN13335 (CLOUDFLARENET, US)

router.infolinks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
rt3042.infolinks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
resources.infolinks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:223c:ec00:6:44e3:f8c0:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.fr.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638::18 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.8 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.202.105.32 (United States)

ASN32748 (STEADFAST, US)
PTR: ip32.67-202-105.static.steadfastdns.net

de.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2.18.234.21 (Frankfurt am Main, Germany) 3 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.75.86.98 (France)

ASN16276 (OVH, FR)
PTR: ip98.ip-51-75-86.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 198.47.127.18 (United States) 4 redirects

ASN62713 (AS-PUBMATIC, US)

image8.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.74.194 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.80 (United Kingdom) 1 redirects

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 198.47.127.20 (United States) 2 redirects

ASN3257 (GTT-BACKBONE GTT, US)

image4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 37.252.173.38 (Frankfurt am Main, Germany) 4 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.126.56.137 (Frankfurt am Main, Germany) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 213.19.147.44 (United Kingdom) 3 redirects

ASN3356 (LEVEL3, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.71.131.137 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 70.42.32.255 (United States) 1 redirects

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

b1sync.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.162.133.149 (Rotterdam, Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-sync.go.sonobi.com

sync.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.253.11.36 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-253-11-36.eu-west-1.compute.amazonaws.com

s.cpx.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 174.137.133.49 (United States)

ASN27257 (WEBAIR-INTERNET, US)

dsp.adkernel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.124.133.36 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-133-36.eu-central-1.compute.amazonaws.com

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 38.27.122.101 (United States)

ASN174 (COGENT-174, US)

match.bnmla.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.52.2.48 (United States) 2 redirects

ASN29791 (VOXEL-DOT-NET, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.0.160.129 (United States) 1 redirects

ASN54312 (ROCKETFUEL, US)

p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.202.105.21 (United States)

ASN32748 (STEADFAST, US)
PTR: ip21.67-202-105.static.steadfastdns.net

ssc-cms.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.184.230 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.160 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.fr.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.0.162 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:51e4:db4b:4436:b305 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 209.54.180.144 (Ashburn, United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3039::6815:c0a3 (United States)

ASN13335 (CLOUDFLARENET, US)

ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.86.199.207 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-86-199-207.compute-1.amazonaws.com

nep.advangelists.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 169.197.150.7 (United States)

ASN398989 (DEEPINTENT, US)
PTR: g.deepintent.com

match.deepintent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:6c00:286::4469 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

cdn.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.64.84 (United States)

ASN54113 (FASTLY, US)

log.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 213.254.244.18 (United States)

ASN3257 (GTT-BACKBONE GTT, US)

rtb0.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tps20516.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.215.191 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-215-191.deploy.static.akamaitechnologies.com

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:c05 (United States)

ASN13335 (CLOUDFLARENET, US)

cdnx.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:80:800::7001 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)

ads.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.94.180.126 (Amsterdam, Netherlands) 2 redirects

ASN35220 (SPOTX-AMS, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.47.127.19 (United States) 1 redirects

ASN3257 (GTT-BACKBONE GTT, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.110 (United Kingdom) 1 redirects

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 188.65.124.38 (France) 1 redirects

ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR)
PTR: icscale-01-pub-ix7.vip.dailymotion.com

public-prod-dspcookiematching.dmxleo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.156.119.137 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-119-137.eu-central-1.compute.amazonaws.com

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.19.78.71 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-19-78-71.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.215.164.121 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-215-164-121.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
35	tribalfusion.com 5 redirects a.tribalfusion.com s.tribalfusion.com cdnx.tribalfusion.com	105 KB
21	infolinks.com resources.infolinks.com router.infolinks.com rt3042.infolinks.com	129 KB
19	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	376 KB
19	realityrewind.com cdn.realityrewind.com realityrewind.com	394 KB
13	doubleclick.net 5 redirects googleads.g.doubleclick.net cm.g.doubleclick.net ad.doubleclick.net	21 KB
12	wp.com i1.wp.com i2.wp.com i0.wp.com s0.wp.com stats.wp.com pixel.wp.com	145 KB
9	criteo.net static.criteo.net csm.eu.criteo.net	15 KB
9	pubmatic.com 9 redirects image8.pubmatic.com image2.pubmatic.com image4.pubmatic.com image6.pubmatic.com simage2.pubmatic.com	3 KB
7	casalemedia.com 3 redirects ssum-sec.casalemedia.com dsum-sec.casalemedia.com	8 KB
7	google.com apis.google.com adservice.google.com www.google.com	94 KB
5	doubleverify.com cdn.doubleverify.com rtb0.doubleverify.com tps20516.doubleverify.com	23 KB
5	yahoo.com 4 redirects ups.analytics.yahoo.com ads.yahoo.com	3 KB
5	adnxs.com 4 redirects ib.adnxs.com	4 KB
3	advertising.com 3 redirects pixel.advertising.com	1 KB
3	adsrvr.org 2 redirects match.adsrvr.org	1 KB
3	criteo.com rtb.fr.eu.criteo.com ads.eu.criteo.com cat.fr.eu.criteo.com	18 KB
3	quantserve.com 1 redirects edge.quantserve.com pixel.quantserve.com	11 KB
3	twitter.com platform.twitter.com syndication.twitter.com	133 KB
3	pinterest.com assets.pinterest.com log.pinterest.com	19 KB
2	demdex.net 2 redirects dpm.demdex.net	2 KB
2	dmxleo.com 1 redirects public-prod-dspcookiematching.dmxleo.com	438 B
2	spotxchange.com 2 redirects sync.search.spotxchange.com	1 KB
2	amazon-adsystem.com 1 redirects s.amazon-adsystem.com	1 KB
2	lijit.com 2 redirects ap.lijit.com	1 KB
2	1rx.io 2 redirects sync.1rx.io	1 KB
2	openx.net u.openx.net us-u.openx.net	425 B
2	quantcount.com 1 redirects rules.quantcount.com	866 B
2	facebook.com 1 redirects www.facebook.com	3 KB
2	google.co.uk adservice.google.co.uk	914 B
2	googleadservices.com partner.googleadservices.com	701 B
2	google-analytics.com www.google-analytics.com	17 KB
2	facebook.net connect.facebook.net	84 KB
2	exponential.com tags.expo9.exponential.com	17 KB
1	krxd.net beacon.krxd.net	338 B
1	agkn.com 1 redirects aa.agkn.com	328 B
1	rubiconproject.com pixel.rubiconproject.com	239 B
1	bluekai.com 1 redirects tags.bluekai.com	677 B
1	deepintent.com match.deepintent.com	44 B
1	advangelists.com 1 redirects nep.advangelists.com	232 B
1	ad4m.at ad4m.at
1	33across.com ssc-cms.33across.com	72 B
1	rfihub.com 1 redirects p.rfihub.com	759 B
1	bnmla.com match.bnmla.com	114 B
1	adkernel.com dsp.adkernel.com	233 B
1	cpx.to s.cpx.to	945 B
1	sonobi.com sync.go.sonobi.com	474 B
1	zemanta.com 1 redirects b1sync.zemanta.com	288 B
1	unrulymedia.com 1 redirects sync.targeting.unrulymedia.com	475 B
1	onetag-sys.com onetag-sys.com	814 B
1	tynt.com de.tynt.com	289 B
1	googletagservices.com www.googletagservices.com	37 KB
177	51

	Domain	Requested by
31	a.tribalfusion.com	5 redirects tags.expo9.exponential.com a.tribalfusion.com cdn.realityrewind.com
18	realityrewind.com	cdn.realityrewind.com realityrewind.com
14	router.infolinks.com	resources.infolinks.com router.infolinks.com ssum-sec.casalemedia.com
13	pagead2.googlesyndication.com	cdn.realityrewind.com pagead2.googlesyndication.com a.tribalfusion.com www.googletagservices.com tpc.googlesyndication.com
7	static.criteo.net	ads.eu.criteo.com
7	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
6	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
6	resources.infolinks.com	cdn.realityrewind.com resources.infolinks.com
5	ib.adnxs.com	4 redirects ssum-sec.casalemedia.com
4	dsum-sec.casalemedia.com	2 redirects ssum-sec.casalemedia.com
4	ups.analytics.yahoo.com	4 redirects
4	cm.g.doubleclick.net	4 redirects
4	image8.pubmatic.com	4 redirects
4	i2.wp.com	cdn.realityrewind.com
4	i1.wp.com	cdn.realityrewind.com
3	pixel.advertising.com	3 redirects
3	match.adsrvr.org	2 redirects ssum-sec.casalemedia.com
3	ssum-sec.casalemedia.com	1 redirects router.infolinks.com ssum-sec.casalemedia.com
3	apis.google.com	cdn.realityrewind.com apis.google.com
2	dpm.demdex.net	2 redirects
2	public-prod-dspcookiematching.dmxleo.com	1 redirects a.tribalfusion.com
2	sync.search.spotxchange.com	2 redirects
2	www.google.com	tpc.googlesyndication.com
2	tps20516.doubleverify.com	cdn.doubleverify.com
2	cdnx.tribalfusion.com	a.tribalfusion.com cdn.realityrewind.com
2	s.tribalfusion.com	a.tribalfusion.com
2	cdn.doubleverify.com	a.tribalfusion.com cdn.doubleverify.com
2	s.amazon-adsystem.com	1 redirects ssum-sec.casalemedia.com
2	pixel.quantserve.com	1 redirects cdn.realityrewind.com
2	csm.eu.criteo.net	ads.eu.criteo.com
2	ad.doubleclick.net	1 redirects ads.eu.criteo.com
2	ap.lijit.com	2 redirects
2	sync.1rx.io	2 redirects
2	image4.pubmatic.com	2 redirects
2	rules.quantcount.com	1 redirects cdn.realityrewind.com
2	www.facebook.com	1 redirects connect.facebook.net
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.co.uk	pagead2.googlesyndication.com
2	partner.googleadservices.com	pagead2.googlesyndication.com
2	www.google-analytics.com	cdn.realityrewind.com
2	platform.twitter.com	cdn.realityrewind.com platform.twitter.com
2	connect.facebook.net	cdn.realityrewind.com connect.facebook.net
2	assets.pinterest.com	cdn.realityrewind.com assets.pinterest.com
2	tags.expo9.exponential.com	cdn.realityrewind.com cdn.doubleverify.com
1	beacon.krxd.net	a.tribalfusion.com
1	aa.agkn.com	1 redirects
1	simage2.pubmatic.com	1 redirects
1	image6.pubmatic.com	1 redirects
1	pixel.rubiconproject.com	a.tribalfusion.com
1	ads.yahoo.com	a.tribalfusion.com
1	tags.bluekai.com	1 redirects
1	rtb0.doubleverify.com	cdn.doubleverify.com
1	us-u.openx.net	a.tribalfusion.com
1	log.pinterest.com	cdn.realityrewind.com
1	rt3042.infolinks.com	resources.infolinks.com
1	match.deepintent.com	ssum-sec.casalemedia.com
1	nep.advangelists.com	1 redirects
1	ad4m.at	ssum-sec.casalemedia.com
1	cat.fr.eu.criteo.com	ads.eu.criteo.com
1	ssc-cms.33across.com	router.infolinks.com
1	p.rfihub.com	1 redirects
1	match.bnmla.com	router.infolinks.com
1	dsp.adkernel.com	router.infolinks.com
1	s.cpx.to	router.infolinks.com
1	sync.go.sonobi.com	router.infolinks.com
1	b1sync.zemanta.com	1 redirects
1	sync.targeting.unrulymedia.com	1 redirects
1	u.openx.net	router.infolinks.com
1	image2.pubmatic.com	1 redirects
1	onetag-sys.com	router.infolinks.com
1	de.tynt.com	router.infolinks.com
1	syndication.twitter.com	platform.twitter.com
1	ads.eu.criteo.com	googleads.g.doubleclick.net
1	rtb.fr.eu.criteo.com	googleads.g.doubleclick.net
1	www.googletagservices.com	googleads.g.doubleclick.net
1	edge.quantserve.com	cdn.realityrewind.com
1	pixel.wp.com	cdn.realityrewind.com
1	stats.wp.com	cdn.realityrewind.com
1	s0.wp.com	cdn.realityrewind.com
1	i0.wp.com	cdn.realityrewind.com
1	cdn.realityrewind.com
177	81

This site contains links to these domains. Also see Links.

Domain
realityrewind.com
www.facebook.com
twitter.com
feeds.feedburner.com
feedburner.google.com
www.gravytrainproductions.com

Subject Issuer	Validity	Valid
*.wp.com Sectigo RSA Domain Validation Secure Server CA	`2020-04-02` - `2022-07-05`	2 years	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-10-06` - `2022-01-04`	3 months	crt.sh
*.apis.google.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2021-10-20` - `2022-10-19`	a year	crt.sh
*.pinterest.com DigiCert TLS RSA SHA256 2020 CA1	`2021-07-26` - `2022-08-05`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.google.co.uk GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-15` - `2022-07-14`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.fr.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-11-03` - `2022-01-31`	3 months	crt.sh
*.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-11-03` - `2022-01-31`	3 months	crt.sh
syndication.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-10-31` - `2022-10-30`	a year	crt.sh
*.tynt.com Sectigo RSA Domain Validation Secure Server CA	`2021-09-23` - `2022-09-30`	a year	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-12-12` - `2022-12-13`	a year	crt.sh
onetag-sys.com R3	`2021-11-02` - `2022-01-31`	3 months	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh
*.go.sonobi.com Go Daddy Secure Certificate Authority - G2	`2020-12-06` - `2022-01-07`	a year	crt.sh
*.adkernel.com Sectigo RSA Domain Validation Secure Server CA	`2020-12-22` - `2022-01-05`	a year	crt.sh
*.bnmla.com Go Daddy Secure Certificate Authority - G2	`2021-01-06` - `2022-02-07`	a year	crt.sh
*.33across.com Sectigo RSA Domain Validation Secure Server CA	`2021-09-23` - `2022-09-30`	a year	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-12-01` - `2022-02-24`	3 months	crt.sh
*.eu.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-12-01` - `2022-02-25`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
*.deepintent.com Go Daddy Secure Certificate Authority - G2	`2020-04-09` - `2022-06-08`	2 years	crt.sh
*.doubleverify.com DigiCert SHA2 Secure Server CA	`2021-12-23` - `2022-12-23`	a year	crt.sh
exponential.com Cloudflare Inc ECC CA-3	`2021-04-21` - `2022-04-20`	a year	crt.sh
ui.aps.ads.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-12-06` - `2022-01-26`	2 months	crt.sh
www.google.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh

This page contains 33 frames:

Primary Page: http://cdn.realityrewind.com/
Frame ID: 86329A7B9725F041055F9793F6391E89
Requests: 63 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20190131/zrt_lookup.html
Frame ID: 17EDB6DEE56FCEC250D4AD1EE1C1A376
Requests: 1 HTTP requests in this frame

Frame: http://a.tribalfusion.com/real/tags/AmericanIdolNetcom/realityrewind/tags.js
Frame ID: 396A62AFE5214702DA4003A01C343085
Requests: 11 HTTP requests in this frame

Frame: http://a.tribalfusion.com/real/tags/AmericanIdolNetcom/realityrewind/tags.js
Frame ID: EE76AA588F174B9784183F2BF4B8F1D8
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4715266245720387&output=html&adk=1812271804&adf=3025194257&lmt=1640694318&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fcdn.realityrewind.com%2F&ea=0&flash=0&pra=5&wgl=1&dt=1640694318157&bpp=4&bdt=1427&idt=239&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1756506614525&frm=20&pv=2&ga_vid=955479509.1640694318&ga_sid=1640694318&ga_hid=2022544045&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063858&oid=2&pvsid=3430653642811118&pem=880&tmod=837&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=252
Frame ID: FDEBDCA48A28266E608F1DB444DAF240
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4715266245720387&output=html&h=250&slotname=0765996815&adk=410649583&adf=3209260708&pi=t.ma~as.0765996815&w=300&lmt=1640694318&psa=0&format=300x250&url=http%3A%2F%2Fcdn.realityrewind.com%2F&flash=0&wgl=1&dt=1640694318263&bpp=1&bdt=1532&idt=148&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1756506614525&frm=20&pv=1&ga_vid=955479509.1640694318&ga_sid=1640694318&ga_hid=2022544045&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=955&ady=763&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063858&oid=2&pvsid=3430653642811118&pem=880&tmod=837&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&cms=2&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=GMVqGFuQ0D&p=http%3A//cdn.realityrewind.com&dtd=152
Frame ID: 2E6A2C12DE4B993BD88BD8C56DE0723A
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4715266245720387&output=html&h=600&slotname=1614245493&adk=1893923518&adf=4205648974&pi=t.ma~as.1614245493&w=300&lmt=1640694318&psa=0&format=300x600&url=http%3A%2F%2Fcdn.realityrewind.com%2F&flash=0&wgl=1&dt=1640694318265&bpp=1&bdt=1534&idt=156&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250&nras=1&correlator=1756506614525&frm=20&pv=1&ga_vid=955479509.1640694318&ga_sid=1640694318&ga_hid=2022544045&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=955&ady=1082&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063858&oid=2&pvsid=3430653642811118&pem=880&tmod=837&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&fsb=1&xpc=FDWYfFsoJI&p=http%3A//cdn.realityrewind.com&dtd=159
Frame ID: 7C7D603F6E50F58F7D8D072CECF0DB79
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4715266245720387&output=html&h=600&slotname=1753846299&adk=4032795514&adf=1760133856&pi=t.ma~as.1753846299&w=300&lmt=1640694318&psa=0&format=300x600&url=http%3A%2F%2Fcdn.realityrewind.com%2F&flash=0&wgl=1&dt=1640694318265&bpp=1&bdt=1534&idt=162&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C300x600&nras=1&correlator=1756506614525&frm=20&pv=1&ga_vid=955479509.1640694318&ga_sid=1640694318&ga_hid=2022544045&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=955&ady=1707&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063858&oid=2&pvsid=3430653642811118&pem=880&tmod=837&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=G5AzpuTa6l&p=http%3A//cdn.realityrewind.com&dtd=165
Frame ID: 6FDF27C6B3ACBEBBF56314623AEFF32D
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D191429144239396%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df3fd1059187cc6c%2526domain%253Dcdn.realityrewind.com%2526is_canvas%253Dfalse%2526origin%253Dhttp%25253A%25252F%25252Fcdn.realityrewind.com%25252Ff262995fc0e746c%2526relation%253Dparent.parent%26container_width%3D300%26height%3D300%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Frealityrewind%252F%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dfalse%26tabs%3Dtimeline%26width%3D300
Frame ID: F4C4AED160C7D27DAA419F5F49800232
Requests: 1 HTTP requests in this frame

Frame: https://router.infolinks.com/usync/manage?pid=9126&wsid=8&pdom=cdn.realityrewind.com&purl=http%3A%2F%2Fcdn.realityrewind.com%2F
Frame ID: 41FC136C3BC751335E5643CAF9D7D8C2
Requests: 17 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.21f942bb866c2823339b839747a0c50c.html?origin=http%3A%2F%2Fcdn.realityrewind.com
Frame ID: 3E3E3B7DFAFE3E3DBF583C445E97042A
Requests: 2 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=YcsCLgAHsg4K1dRVAAlLdqk_TTQMKZW9M8tIww&u=%7CJZz6DaVSH6IlZ9Ydty2XWH4QFmIwZiJLKiC68AZ%2BKxQ%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD0z6RaFAlAQ6ciC3rnAoG72_3BFDfZ8qj0n6FwJ08Cvv_7xsebT9t6W_-wyZF9WzRgbf9WC3ilLIAiVUjl9n1Hke-MjT5zVU5302dZ_43d521FSmhiDEWS0i55WdPUbqyjxRPHfo5Lyvxd3vqwtSOhRQOZsRNXkACVJPZUzQfq84UqxNWlPWceqK0Cy1PZ0RN6LqJPXIMHfl90iZvS1TZcIpNMx7jNHealJZ3DKsMfUieBuyG-Shr-BiUyAdup2zxEveSsdG6m7_cit7xeG4cZxjj0JidtG7gdDwNw6oMDiMZMN2jFdwiTROp9ZnT5_BytAA524KaS9_8qzy2FCzJ-FYap8zRfpEiioZihKapatXOXz5PhdBqLPdA1cwBdHyz5TUwDfMPYuOG4Gv3j96oK8u8tos648Xn1QpBfJHorUcFfV33Q5Y0PEOCeoG58F7awZ0GghbUiQqlY5YsUEeIf4_BLyQiCzIN-4oRfdHBSxMXQRAD32sSbQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCwn4ULgLLYY7kHtWo1wb2lqWIAuSP0rFcp5LhiIgBwI23ARABIABgu4aAgNAKggEXY2EtcHViLTQ3MTUyNjYyNDU3MjAzODegAb3UiOsDyAEJqQLA6TwMQYu2PqgDAaoEzgFP0Pj--d1wIE1nDs9kpcf3ITbi11ZeCbb6qCpW7pt5zxmD-XkDS3lUuUj29yJabgzZime9EdZgXfYcSabMH2dgzcY5ZZzjQNFUZTL-hsSpGsnGKQRzexX5FGjTtIxxX4KNPJ6VgkCHAaYnx0kOCLKv2AbW8bDkN6oCgVBnZcIojUwzKO1BpV9Drhxk4ApM7HqPSnxbQP_PTdB7_6hxsYnz9ZL4U4rl_v-AaDMwB-C6soNeo-AM379CtrhqvLw51Bv0pNUB5L_Z8zfGNpdD9oAG-e-5mPbDqtBDoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1Sdg0-lFANh1WOPLJlQ_DApVPS7g%26client%3Dca-pub-4715266245720387%26adurl%3D
Frame ID: 71FF9E787C000BC8D106E7D2240B3816
Requests: 12 HTTP requests in this frame

Frame: https://de.tynt.com/deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV
Frame ID: 4D0E2AAF71DDF85555720F386E80392A
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Frame ID: D0D50088BE814FA5D2BF621BABBA33E3
Requests: 10 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=598ce3ddaee8c90
Frame ID: 7EB608177FD97717AE03CEC7F1BEBC81
Requests: 1 HTTP requests in this frame

Frame: http://a.tribalfusion.com/p.media?clickID=aymT09oAnKpGvnoHnK5qve5tZas56JEmr3EXVrP1sQ3XGfNmTjW3FFPWrJZbWmj5REnSSsUtQtUyYdnoVmrp2cMVXrvZcUP2u5AZbgQPMF4WvnXWYAndIy3mYT4Gj7VcUjWcFlPAFyWtvRUUM15bItVTnwWE3lPEQZdScBZcQUqtPHviWGbU2FyxnHqmXEPN2djCSG7Za5ABZbodTsUH39Yb3i1UY9XaqMRTjGYc3emqesxG&mediaDataID=4056396&mediaName=frame.html
Frame ID: 6BD9C16DFEB43F05A65B216F095181EE
Requests: 2 HTTP requests in this frame

Frame: http://a.tribalfusion.com/p.media?clickID=aNmT092PU9R6bB4HYpXHZbJpdeO3mYT4sUgTsUdUsffPPUMTdQTUbM22UaxWE7pTT3jSEYZdSVQLRbmpRWniWGY24bTsnHEMYTen3WbASGBC2mQHpWEsUHbfYUfb1UF90aZamPrJDWFM2VWJ2orFqQrfMXTQy4EFk4Tn4nqnG1rZbfUWMRoArBmc7tpWUE2TFi5taN4mnZanrfZcYVbRXcnTXGvnpTv43a7W0sjrp1FFxv&mediaDataID=6546596&mediaName=frame.html
Frame ID: B85234E1DBD508DEAC3F6F7B8DB30CBB
Requests: 2 HTTP requests in this frame

Frame: http://a.tribalfusion.com/p.media?clickID=aPmT090qmu4dMFQcBZc5PBZcmdItUdbd0UQkYFFfXq6sPbYCTUU0VdJ1nFfuPbvr1EQN3EZbk4a71oErCYbFfUWB1m63ZamcQupHfL2qZbk5tEm3A7GnUrZbXcnSXVF3XGbnnTBS5FFRTUZbBW675REn4PGQNPdBr0dfoVPrO3VZb10UUDT6im2PQeQAMD3WUt1WQZbpdIo4PJS5s76UsFbVcJ6PPFoWdF3UEY1QVADonKey2&mediaDataID=2713736&mediaName=frame.html
Frame ID: C5C88D95BF733A7F23BB339A424FD84E
Requests: 2 HTTP requests in this frame

Frame: http://a.tribalfusion.com/p.media?clickID=aRmT09mHnC5EUh3Hyy5AnZdpr3LXsrV1VMV0VbxpEjU5UUSWFbHWP7XQq3RQVBsStBtYd7oV6bw4cJ5XF3DT6Pv4mvbQAZbI4dZbM1dBZdpdey36YY5sYdTGBbVVMfPPYoUdMPWbM45r6tWTjoTT36Pq3GRGFCQbepRtn6VsfQ2Fuxmtqr0qqp3HbBQcfA4mQKmdZayUdY7XbbaXFUh1aAOPbJZbWUBSVGj2yGZbAoE9eVT&mediaDataID=5207316&mediaName=frame.html
Frame ID: FD95AD4C8439DE901028F6147DCB81D5
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4715266245720387&output=html&h=90&slotname=4438370377&adk=2132491200&adf=3965729263&pi=t.ma~as.4438370377&w=728&lmt=1640694319&psa=1&format=728x90&url=http%3A%2F%2Fcdn.realityrewind.com%2F&ea=0&flash=0&wgl=1&dt=1640694319219&bpp=2&bdt=1010&idt=203&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&cookie=ID%3D23790c1a2053fc64-2290b90711cd00e6%3AT%3D1640694318%3ART%3D1640694318%3AS%3DALNI_MbRnG3-Bgw65-U6Dw40PD_sf-pFYA&correlator=1756506614525&frm=23&ife=1&pv=1&ga_vid=955479509.1640694318&ga_sid=1640694318&ga_hid=879468772&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=436&ady=95&biw=1600&bih=1200&isw=728&ish=90&ifk=949669466&scr_x=0&scr_y=0&eid=31062422&oid=2&pvsid=3561234589336304&pem=880&tmod=442&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&cms=2&fu=4&bc=23&ifi=1&uci=1.n4a3jejak2ga&fsb=1&dtd=208
Frame ID: A6FC1958CCB3AF827AFF4135A6DBAC42
Requests: 1 HTTP requests in this frame

Frame: http://a.tribalfusion.com/p.media?clickID=aBmT09TtQ2orJpQrjn1TQr3T3j5TQ0nTFIYbJ9WWfSoAvZcmGrpoWfF2qr83Hyr3AjEpbMZcXGfS1sZb20VfnnEF33rnQWbBZbVP7VQqb4ScvpStZbr0HFxVAnm3GB40UQDTmTt2AZbcRmBF2tZbqXWUZdmHAn4mUY4cM6TVY7VGniPP3oUtFWWr7P2F2wWaQwTa38STUFRcYIPrqpSWjaVVQ32F6xodqOXFZauPTvqnBZd1EV&mediaDataID=9148826&mediaName=frame.html
Frame ID: 65528F793B0EE35483846AA922369A9C
Requests: 2 HTTP requests in this frame

Frame: http://a.tribalfusion.com/p.media?clickID=aDmT09UAv5REMYQcrmPdYyYtBrVmrw3cvUXFQJV6un2P3dQ6fD2HZbp1dvDnWPv36U13cr6TcJaUsreRAUoUtv4UUJ32FixVTjxWaJ6STrLQVJCPrImSdvcVcbT2FyxmdZao0aeM4tYAQcrH2m3IpHEOUHFhYrvaYbJl1EupPbQZbUFBYTtUWnUQrQbbpXqQn3TBa5TfXmTnCXbY7THJ0oAfBpG7wosZbCQtQ0oETyxW&mediaDataID=5436426&mediaName=frame.html
Frame ID: 636A9FF7BBEDA4331EB85A0C0FFE036D
Requests: 2 HTTP requests in this frame

Frame: http://a.tribalfusion.com/p.media?clickID=aFmT09UqroTTQbQErZaRsjLRrZawSdr9Vc354Uynot6q0quy3dnGQVrA5AnEoWTsVWFf0rnaYUYgXqytRrYZbUFMPVWM0nU7uQUryXqFp3T7g2avRna7GXbj6TtMSoArBnGYtmWfH5Tnk3Wmr3AjJmUvHYVM0XsU20sfMmqrP5U32VUnEUAMTQab2PcUOPtfuYtjuWPjv2sZb5YFBLUmXu2PZbeR6MK2cfqVa3xnZaZcx2f&mediaDataID=6719746&mediaName=frame.html
Frame ID: 5AB0A952BF527265AE7F129E7BEFF766
Requests: 2 HTTP requests in this frame

Frame: http://a.tribalfusion.com/p.media?clickID=aHmT09RUjr1E3r3EFe4qU1oTnCXUf9TtFXmPrLpVrnmHvG2EYe3dmo4mBFnFfZc0GMX1s320GvupEnT3FU2VUZbZbW6UYQaURSVZbOPHUwYtZbsT6Mp3GQ4YbnKUAin2PQeP6FH4HZbnXHMZdnH2v36UV4VnfUs3jVsjeR6UNTHJSWrbP3r2oUqnvWqJiQaQHRGbZdRrivStfcWVfU5UipndAM0qep4dbZdQtQHRDUynBcYAf&mediaDataID=8039566&mediaName=frame.html
Frame ID: 3A08A3266941977A1DB5A8949A20F9BB
Requests: 2 HTTP requests in this frame

Frame: http://a.tribalfusion.com/p.media?clickID=aJmT09ScUsStZbN0WnpV6nw4sr00FrLUATw4AQ8RmfB4W3m1WUJnt2N4Pv05G77Vc3lUsbeRPFxWtZbWUbjP3r6xWTYqWqviSEBHRcQZbRrZatPHviWVjS4bXonWqq0qqp2d3CSVrC26rIoHXtVWFaYFrjXFZb91qatRUYBTrZb3TtQWmbQnRUfNXaFn5Tfe4qn5oTfIXF39UHnRnPbJmGUumHfJ5EZb73GTrSpbMm9Wjyn&mediaDataID=6347136&mediaName=frame.html
Frame ID: 38A15BF1BB80F4211E8135EAC3485BF6
Requests: 2 HTTP requests in this frame

Frame: http://a.tribalfusion.com/p.media?clickID=aLmT09STYZcQVJLRbeqPWjbUVUS2UTrmtZaOXaqv4tnESGbD5m3ZcotXmUdfeXUbb1UZb7XqitRbJEWFJYVdYWmbjuPrBpXarN5aUc5T73oTJG1rZbfTtfPomYZbms7nmHrJ3Eri5dmm3PFJnUbZd0GMUXGYU1VjnmEfT3bUPWbMAUAvTPTb1ScQMPWUv0WZbsWPjN4sUUYbFJTm6m5AB6Q6JI4WZbOXWBAnVuvSS38pYy5cZd&mediaDataID=7665496&mediaName=frame.html
Frame ID: 344FFD0301F332C73C354422AD7ADD6A
Requests: 2 HTTP requests in this frame

Frame: http://a.tribalfusion.com/p.media?clickID=anmUCkRr6oPHv9WcfT5UPoodZapYEau3t3ZdQVfG263ZamdIpUWF8Xrf8Xb760TusPb3ZdWFYYVtJ4obYnPFbNYTvO5q7f5EQPmEMKXFUcWHJVoAnBnGQsptMB2qZbe5HAM4AnFprUZaXGQVXcF41VZbppTB22bvUTFjZcW63YPqf5QGZbpQtZbN1tJrTP3p2cB50UUDTAit2PrcQ6nC3dvO0tBZdptEw3PYW3GMcUGBjUcM8PPFvRHYcbZdg6fj&mediaDataID=5578346&mediaName=frame.html
Frame ID: 5031B5309B80866440C0665D2E969F34
Requests: 2 HTTP requests in this frame

Frame: http://a.tribalfusion.com/p.media?clickID=apmT09oTbD1rZb9UdJSnAQIpGUupt7C3Tr73diq3PjZbprrLYGMSYsF01sBonarU5UQ4TUfEWA73RTj1Qs3MQdfs1WZbrWAUn2VBWYbZbZaVmXq2PUeQP7G2Wvm1dBLpdAo56vT3cjaVsr8WGMfPPQMTHY4TbfP2rZaoWEMrWqF7STYFSGQIRravSd77UcvS5rTsod6OYE6v2dfFPVvE5mMFmdXyVWQhXTZbbUcFXnkZd00W&mediaDataID=6807466&mediaName=frame.html
Frame ID: 7E64F679D1248DCFEEC83B9928DCC18C
Requests: 2 HTTP requests in this frame

Frame: http://a.tribalfusion.com/p.media?clickID=armT094sY40UUIV6qp4P37R6JH3Wvr1WvAntAu3mUR3sMbUc3aWsMkS6MnUWJWWrfR5rEoWqjmTEBbQEQFSGjBPUZaqSdQkWVb35r6qodAn0qmp3WvFQcJA5AJZamdEyTWfc0rf61Fbi0EqsPb3CTr3PWd3WnbBnPbboXaJo3TZba4q7XoT7IXUUaTWjSoPvZapGrwpt7D3EBh2dys4AZbEprbE0Gf0YW73VrbKm8OIL9&mediaDataID=6530936&mediaName=frame.html
Frame ID: 1A3C8FD32FB15CA0F8DE43A2FBFE9BB9
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 3D08C83C960F60815EC43506CC048BA2
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 8486A225E438BE119DB94110F249543F
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 2669B5D29190C5F6B9EE4E67AE4C0574
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 0C66CB1BB802085F7046CB8C5C7243FD
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Reality Rewind | Catching You Up On All Things Reality TV

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
<link[^>]+s\d+\.wp\.com
/wp-(?:content|includes)/
wp-embed\.min\.js\?ver=([\d.]+)

Google Sign-in (Social logins) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/platform\.js

All in One SEO Pack (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- All in One SEO Pack ([\d.]+)

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Plus (Widgets) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/[a-z]*\.js

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Pinterest (Widgets) Expand

Overall confidence: 100%
Detected patterns

//assets\.pinterest\.com/js/pinit\.js

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.twitter\.com/widgets\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

177
Requests

52 %
HTTPS

35 %
IPv6

51
Domains

81
Subdomains

56
IPs

6
Countries

1644 kB
Transfer

3616 kB
Size

56
Cookies

60 Outgoing links

These are links going to different origins than the main page.

URL: http://realityrewind.com/

Search URL Search Domain Scan URL

URL: http://realityrewind.com/hunted-cbs/
Title: Hunted

Search URL Search Domain Scan URL

URL: http://realityrewind.com/hunted-2017-who-was-caught-who-is-left-3553571/
Title: Who Was Caught?

Search URL Search Domain Scan URL

URL: http://realityrewind.com/hunted-cast-fugitives-teams-2017-3553477/
Title: Hunted Cast

Search URL Search Domain Scan URL

URL: http://realityrewind.com/hunters-cast-2017-hunted-on-cbs-3553501/
Title: The Hunters Cast

Search URL Search Domain Scan URL

URL: http://realityrewind.com/hunted-on-cbs-what-are-the-rules-3553512/
Title: Rules Of Hunted

Search URL Search Domain Scan URL

URL: http://realityrewind.com/hunted-cbs-premiere-january-2017-3553450/
Title: Hunted Schedule

Search URL Search Domain Scan URL

URL: http://realityrewind.com/all-access/
Title: Watch Hunted Online

Search URL Search Domain Scan URL

URL: https://www.facebook.com/realityrewind
Title: Facebook

Search URL Search Domain Scan URL

URL: http://twitter.com/realityrewind
Title: Twitter

Search URL Search Domain Scan URL

URL: http://realityrewind.com/about/
Title: About RealityRewind

Search URL Search Domain Scan URL

URL: http://realityrewind.com/american-idol-2019-spoilers-top-40-showcase-song-list-revealed-3556298/
Title: American Idol 2019 Spoilers: Top 40 Showcase Song List Revealed!

Search URL Search Domain Scan URL

URL: http://realityrewind.com/author/tbetzold/
Title: Todd Betzold

Search URL Search Domain Scan URL

URL: http://realityrewind.com/who-made-top-40-showcase-on-american-idol-2019-last-night-3556096/
Title: Top 40 on American Idol 2019

Search URL Search Domain Scan URL

URL: http://realityrewind.com/tag/american-idol/
Title: American Idol

Search URL Search Domain Scan URL

URL: http://realityrewind.com/tag/american-idol-2019/
Title: american idol 2019

Search URL Search Domain Scan URL

URL: http://realityrewind.com/tag/american-idol-season-17/
Title: American Idol Season 17

Search URL Search Domain Scan URL

URL: http://realityrewind.com/tag/american-idol-spoilers/
Title: American Idol Spoilers

Search URL Search Domain Scan URL

URL: http://realityrewind.com/tag/idol/
Title: idol

Search URL Search Domain Scan URL

URL: http://realityrewind.com/tag/idol-showcase/
Title: idol showcase

Search URL Search Domain Scan URL

URL: http://realityrewind.com/tag/idol-top-40/
Title: idol top 40

Search URL Search Domain Scan URL

URL: http://realityrewind.com/tag/reality-tv/
Title: Reality TV

Search URL Search Domain Scan URL

URL: http://realityrewind.com/tag/showcase-week/
Title: showcase week

Search URL Search Domain Scan URL

URL: http://realityrewind.com/american-idol-2019-spoilers-top-40-showcase-song-list-revealed-3556298/#disqus_thread
Title: Add Your Comment »

Search URL Search Domain Scan URL

URL: http://realityrewind.com/who-went-home-on-project-runway-2019-last-night-week-3-3556295/
Title: Who Went Home On Project Runway 2019 Last Night? Week 3

Search URL Search Domain Scan URL

URL: http://realityrewind.com/project-runway-2019-recap-week-3-all-the-rage-3556244/
Title: Last night on Project Runway Season 17

Search URL Search Domain Scan URL

URL: http://realityrewind.com/tag/project-runway/
Title: Project Runway

Search URL Search Domain Scan URL

URL: http://realityrewind.com/tag/project-runway-2019/
Title: project runway 2019

Search URL Search Domain Scan URL

URL: http://realityrewind.com/tag/project-runway-results/
Title: project runway results

Search URL Search Domain Scan URL

URL: http://realityrewind.com/tag/project-runway-season-17/
Title: project runway season 17

Search URL Search Domain Scan URL

URL: http://realityrewind.com/tag/project-runway-spoilers/
Title: Project Runway spoilers

Search URL Search Domain Scan URL

URL: http://realityrewind.com/who-went-home-on-project-runway-2019-last-night-week-3-3556295/#disqus_thread
Title: Add Your Comment »

Search URL Search Domain Scan URL

URL: http://realityrewind.com/project-runway-2019-recap-week-2-the-future-is-here-3556005/
Title: Last week on Project Runway Season 17

Search URL Search Domain Scan URL

URL: http://realityrewind.com/tag/project-runway-recap/
Title: Project Runway recap

Search URL Search Domain Scan URL

URL: http://realityrewind.com/project-runway-2019-recap-week-3-all-the-rage-3556244/#disqus_thread
Title: 1 Comment »

Search URL Search Domain Scan URL

URL: http://realityrewind.com/project-runway-2019-spoilers-week-3-sneak-peek-photos-3556217/
Title: Project Runway 2019 Spoilers: Week 3 Sneak Peek (PHOTOS)

Search URL Search Domain Scan URL

URL: http://realityrewind.com/project-runway-2019-spoilers-week-3-sneak-peek-photos-3556217/#disqus_thread
Title: Add Your Comment »

Search URL Search Domain Scan URL

URL: http://realityrewind.com/who-went-home-on-the-challenge-2019-last-night-week-8-3556286/
Title: Who Went Home On The Challenge 2019 Last Night? Week 8

Search URL Search Domain Scan URL

URL: http://realityrewind.com/the-challenge-war-of-the-worlds-2019-recap-week-8-liar-liar-3556186/
Title: Last night on The Challenge 33

Search URL Search Domain Scan URL

URL: http://realityrewind.com/tag/the-challenge/
Title: the challenge

Search URL Search Domain Scan URL

URL: http://realityrewind.com/tag/the-challenge-2019/
Title: the challenge 2019

Search URL Search Domain Scan URL

URL: http://realityrewind.com/tag/the-challenge-33/
Title: the challenge 33

Search URL Search Domain Scan URL

URL: http://realityrewind.com/tag/the-challenge-mtv/
Title: the challenge mtv

Search URL Search Domain Scan URL

URL: http://realityrewind.com/tag/the-challenge-results/
Title: the challenge results

Search URL Search Domain Scan URL

URL: http://realityrewind.com/tag/the-challenge-spoilers/
Title: the challenge spoilers

Search URL Search Domain Scan URL

URL: http://realityrewind.com/tag/the-challenge-war-of-the-worlds/
Title: the challenge war of the worlds

Search URL Search Domain Scan URL

URL: http://realityrewind.com/who-went-home-on-the-challenge-2019-last-night-week-8-3556286/#disqus_thread
Title: Add Your Comment »

Search URL Search Domain Scan URL

URL: http://realityrewind.com/page/2/
Title: 2

Search URL Search Domain Scan URL

URL: http://realityrewind.com/page/3/
Title: 3

Search URL Search Domain Scan URL

URL: http://realityrewind.com/page/4/
Title: 4

Search URL Search Domain Scan URL

URL: http://realityrewind.com/page/5/
Title: 5

Search URL Search Domain Scan URL

URL: http://realityrewind.com/page/10/
Title: 10

Search URL Search Domain Scan URL

URL: http://realityrewind.com/page/20/
Title: 20

Search URL Search Domain Scan URL

URL: http://realityrewind.com/page/30/
Title: 30

Search URL Search Domain Scan URL

URL: http://realityrewind.com/page/1000/
Title: Last »

Search URL Search Domain Scan URL

URL: http://feeds.feedburner.com/realityrewind

Search URL Search Domain Scan URL

URL: http://feedburner.google.com/fb/a/mailverify?uri=RealityRewind&loc=en_US

Search URL Search Domain Scan URL

URL: http://www.gravytrainproductions.com/
Title: Gravy Train Productions, LLC

Search URL Search Domain Scan URL

URL: http://realityrewind.com/sitemap.xml
Title: Sitemap

Search URL Search Domain Scan URL

URL: http://realityrewind.com/feed/
Title: Entries RSS

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 14

http://assets.pinterest.com/js/pinit.js HTTP 307
https://assets.pinterest.com/js/pinit.js

Request Chain 25

http://connect.facebook.net/en_US/sdk.js HTTP 307
https://connect.facebook.net/en_US/sdk.js

Request Chain 42

http://www.google-analytics.com/ga.js HTTP 307
https://www.google-analytics.com/ga.js

Request Chain 52

http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=938845580&utmhn=cdn.realityrewind.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Reality%20Rewind%20%7C%20Catching%20You%20Up%20On%20All%20Things%20Reality%20TV&utmhid=2022544045&utmr=-&utmp=%2F&utmht=1640694318447&utmac=UA-4548574-17&utmcc=__utma%3D116800084.955479509.1640694318.1640694318.1640694318.1%3B%2B__utmz%3D116800084.1640694318.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=217354269&utmredir=1&utmu=DAAAAAAAAAAAAAAAAAQAAAAE~ HTTP 307
https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=938845580&utmhn=cdn.realityrewind.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Reality%20Rewind%20%7C%20Catching%20You%20Up%20On%20All%20Things%20Reality%20TV&utmhid=2022544045&utmr=-&utmp=%2F&utmht=1640694318447&utmac=UA-4548574-17&utmcc=__utma%3D116800084.955479509.1640694318.1640694318.1640694318.1%3B%2B__utmz%3D116800084.1640694318.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=217354269&utmredir=1&utmu=DAAAAAAAAAAAAAAAAAQAAAAE~

Request Chain 55

https://www.facebook.com/v2.8/plugins/page.php?adapt_container_width=true&app_id=191429144239396&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3fd1059187cc6c%26domain%3Dcdn.realityrewind.com%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fcdn.realityrewind.com%252Ff262995fc0e746c%26relation%3Dparent.parent&container_width=300&height=300&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Frealityrewind%2F&locale=en_US&sdk=joey&show_facepile=true&small_header=false&tabs=timeline&width=300 HTTP 302
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D191429144239396%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df3fd1059187cc6c%2526domain%253Dcdn.realityrewind.com%2526is_canvas%253Dfalse%2526origin%253Dhttp%25253A%25252F%25252Fcdn.realityrewind.com%25252Ff262995fc0e746c%2526relation%253Dparent.parent%26container_width%3D300%26height%3D300%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Frealityrewind%252F%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dfalse%26tabs%3Dtimeline%26width%3D300

Request Chain 62

http://rules.quantcount.com/rules-p-0ays5_1VgWWKE.js HTTP 301
https://rules.quantcount.com/rules-p-0ays5_1VgWWKE.js

Request Chain 72

https://ssum-sec.casalemedia.com/usermatch?s=191306&cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D HTTP 302
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1

Request Chain 74

https://image8.pubmatic.com/AdServer/ImgSync?p=156872&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156872%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fpbm-usync%253Fuid%253D%2523PMUID HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?p=156872&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156872%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fpbm-usync%253Fuid%253D%2523PMUID&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RkNEM0YwRUUtNzYxOS00QkM1LUFDOTYtNTVDMDdEQ0U4QTIw&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
https://image4.pubmatic.com/AdServer/SPug?p=156872&pmc=1&pr=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fpbm-usync%3Fuid%3DFCD3F0EE-7619-4BC5-AC96-55C07DCE8A20 HTTP 302
https://router.infolinks.com/dyn/pbm-usync?uid=FCD3F0EE-7619-4BC5-AC96-55C07DCE8A20

Request Chain 75

https://ib.adnxs.com/getuid?https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fapn-usync%3Fuser_id%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fapn-usync%253Fuser_id%253D%2524UID HTTP 302
https://router.infolinks.com/dyn/apn-usync?user_id=2445082858277262493

Request Chain 77

https://ups.analytics.yahoo.com/ups/58422/occ HTTP 302
https://ups.analytics.yahoo.com/ups/58422/occ?verify=true HTTP 302
https://router.infolinks.com/dyn/VR-usync?uid=y-T4VwIgRE2uGdbX.wJg0ro9eRl9zLDxwsMvQ2oIo-~A

Request Chain 78

https://sync.1rx.io/usersync2/infolinks HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6584188091 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6584188091 HTTP 302
https://sync.1rx.io/usersync/tradedesk/4cba8aa8-6f94-43c4-8615-0ce211e69fd7 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-9177086c-e70f-4a1b-b9f1-b2827a0e7b71-003?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fr1-usync%3Fuid%3DRX-9177086c-e70f-4a1b-b9f1-b2827a0e7b71-003 HTTP 302
https://router.infolinks.com/dyn/r1-usync?uid=RX-9177086c-e70f-4a1b-b9f1-b2827a0e7b71-003

Request Chain 79

https://b1sync.zemanta.com/usersync/infolinks/?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fzmn-usync%3Fuid%3D__ZUID__ HTTP 302
https://router.infolinks.com/dyn/zmn-usync?uid=

Request Chain 81

https://ib.adnxs.com/getuid?https://s.cpx.to/ca.png?ref=http%253A%252F%252Fcdn.realityrewind.com%252F&pid=12306&adnxs_uid=$UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fs.cpx.to%2Fca.png%3Fref%3Dhttp%25253A%25252F%25252Fcdn.realityrewind.com%25252F%26pid%3D12306%26adnxs_uid%3D%24UID HTTP 302
https://s.cpx.to/ca.png?ref=http%3A%2F%2Fcdn.realityrewind.com%2F&pid=12306&adnxs_uid=4886527385519746490

Request Chain 83

https://pixel.advertising.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
https://pixel.advertising.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true&verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP38275a56-67d9-11ec-83cd-02cf8ce7f0ba HTTP 302
https://router.infolinks.com/dyn/outh-usync?uid=y-w_Tl1stE2uGYAS9HueGWE1rlSzthu2M5~A~UP38275a56-67d9-11ec-83cd-02cf8ce7f0ba

Request Chain 85

https://ap.lijit.com/pixel?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsovrn-usync%3Fuid%3D%24UID HTTP 307
https://ap.lijit.com/pixel?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsovrn-usync%3Fuid%3D%24UID&sovrn_retry=true HTTP 307
https://router.infolinks.com/dyn/sovrn-usync?uid=c6bfb79c336c257a0bbf5fce

Request Chain 86

https://image8.pubmatic.com/AdServer/ImgSync?p=60809&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D60809%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fusersync%253Fpmuservalue%253D%2523PMUID HTTP 302
https://image4.pubmatic.com/AdServer/SPug?p=60809&pmc=1&pr=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fusersync%3Fpmuservalue%3DFCD3F0EE-7619-4BC5-AC96-55C07DCE8A20 HTTP 302
https://router.infolinks.com/dyn/usersync?pmuservalue=FCD3F0EE-7619-4BC5-AC96-55C07DCE8A20

Request Chain 87

https://p.rfihub.com/cm?pub=43153&in=1 HTTP 302
https://router.infolinks.com/dyn/zeta-usync?uid=5133329520006624357

Request Chain 94

https://ad.doubleclick.net/ddm/trackimp/N1191766.154378CRITEO/B26422808.324166946;dc_trk_aid=516464208;dc_trk_cid=164009241;dcopt=anid;ord=61cb022e13ad9d7ee2510eead2d20abc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=1;;ltd= HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N1191766.154378CRITEO/B26422808.324166946;dc_pre=CKGhw9C-hvUCFeb_uwgdI3MGWw;dc_trk_aid=516464208;dc_trk_cid=164009241;dcopt=anid;ord=61cb022e13ad9d7ee2510eead2d20abc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=1;;ltd=

Request Chain 102

http://pixel.quantserve.com/pixel;r=2020378901;rf=0;a=p-0ays5_1VgWWKE;url=http%3A%2F%2Fcdn.realityrewind.com%2F;uht=2;fpan=1;fpa=P0-868215819-1640694318853;pbc=;ns=0;ce=1;qjs=1;qv=92a3679b-20211110211611;cm=;gdpr=0;ref=;d=realityrewind.com;je=0;sr=1600x1200x24;dst=0;et=1640694318853;tzo=0;ogl=site_name.Reality%20Rewind%2Ctype.website%2Clocale.en_US%2Ctitle.Reality%20Rewind%2Cdescription.Catching%20You%20Up%20On%20All%20Things%20Reality%20TV%2Curl.http%3A%2F%2Frealityrewind%252Ecom HTTP 301
https://pixel.quantserve.com/pixel;r=2020378901;rf=0;a=p-0ays5_1VgWWKE;url=http%3A%2F%2Fcdn.realityrewind.com%2F;uht=2;fpan=1;fpa=P0-868215819-1640694318853;pbc=;ns=0;ce=1;qjs=1;qv=92a3679b-20211110211611;cm=;gdpr=0;ref=;d=realityrewind.com;je=0;sr=1600x1200x24;dst=0;et=1640694318853;tzo=0;ogl=site_name.Reality%20Rewind%2Ctype.website%2Clocale.en_US%2Ctitle.Reality%20Rewind%2Cdescription.Catching%20You%20Up%20On%20All%20Things%20Reality%20TV%2Curl.http%3A%2F%2Frealityrewind%252Ecom

Request Chain 104

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YcsCLnyBLyEk4F_L3QkHaAAAAOIAAAAB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YcsCLnyBLyEk4F_L3QkHaAAAAOIAAAAB&dcc=t

Request Chain 105

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YcsCLnyBLyEk4F_L3QkHaAAAAOIAAAAB&gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEMzVkC57dBqSq4fMXycL9Wc&google_cver=1

Request Chain 107

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YcsCLnyBLyEk4F-L3QkHaAAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEHTaLgSMvmhdh3sRH3GsHLo&google_cver=1&gdpr=1

Request Chain 109

https://nep.advangelists.com/xp/user-sync?acctid=405&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D195%26external_user_id%3D%7BPARTNER_VISITOR_ID%7D%0A HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-505c2690-4dcb-474b-b458-2d57ceb9eec5

Request Chain 122

https://cm.g.doubleclick.net/pixel?google_nid=exp&google_cm&google_sc&google_ula=2786954&google_hm=18072662315992420724 HTTP 302
https://a.tribalfusion.com/i.match?p=b6&u=adx&google_gid=CAESENjkjJ92-GiAg7PCeYG20cA&google_cver=1&google_ula=2786954,0 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=adx&google_gid=CAESENjkjJ92-GiAg7PCeYG20cA&google_cver=1&google_ula=2786954,0

Request Chain 131

https://tags.bluekai.com/site/4229?id=18072662315992420724&redir=https%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db3%26u%3D%24_BK_UUID HTTP 302
https://a.tribalfusion.com/i.match?p=b3&u=$_BK_UUID HTTP 302
https://s.tribalfusion.com/z/i.match?p=b3&u=$_BK_UUID

Request Chain 157

https://a.tribalfusion.com/i.match?p=b10&u=18072662315992420724&redirect=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D111756%26nid%3D3856%26put%3D%24TF_USER_ID_ENC%24%26expires%3D180 HTTP 302
https://pixel.rubiconproject.com/tap.php?v=111756&nid=3856&put=18072662315992436155&expires=180

Request Chain 158

https://sync.search.spotxchange.com/partner?adv_id=8731&uid=18072662315992420724&redir=https%3A//a.tribalfusion.com/i.match%3Fp%3Db19%26u%3D$SPOTX_USER_ID HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=8731&uid=18072662315992420724&redir=https%3A//a.tribalfusion.com/i.match%3Fp%3Db19%26u%3D$SPOTX_USER_ID&__user_check__=1&sync_id=392cd449-67d9-11ec-b175-1a404fd50406 HTTP 302
https://a.tribalfusion.com/i.match?p=b19&u=392cd3fd-67d9-11ec-b175-1a404fd50406

Request Chain 159

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%253A//simage2.pubmatic.com/AdServer/Pug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%2526piggybackCookie%253D18072662315992420724%2526r%253Dhttps%25253A//a.tribalfusion.com/i.match%25253Fp%25253Db11%252526u%25253D%252524%25257BPUBMATIC_UID%25257D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw&piggybackCookie=18072662315992420724&r=https%3A//a.tribalfusion.com/i.match%3Fp%3Db11%26u%3D%24%7BPUBMATIC_UID%7D HTTP 302
https://a.tribalfusion.com/i.match?p=b11&u=FCD3F0EE-7619-4BC5-AC96-55C07DCE8A20

Request Chain 160

https://a.tribalfusion.com/i.match?p=b24&u=18072662315992420724&redirect=https%3A%2F%2Fpublic-prod-dspcookiematching.dmxleo.com%2Fdspreply%3FdspId%3D15%26dspUserId%3D%24TF_USER_ID_ENC%24 HTTP 302
https://public-prod-dspcookiematching.dmxleo.com/dspreply?dspId=15&dspUserId=18072662315992436155 HTTP 307
https://public-prod-dspcookiematching.dmxleo.com/dspreply?dspId=15&dspUserId=18072662315992436155&cookieRequired=true

Request Chain 162

https://aa.agkn.com/adscores/g.pixel?sid=9212295768&_puid=18072662315992420724 HTTP 302
https://a.tribalfusion.com/i.match?p=b23&u=165010604014000240801

Request Chain 164

https://pixel.advertising.com/ups/57628/sync?uid=18072662315992420724&_origin=1&redir=true HTTP 302
https://ups.analytics.yahoo.com/ups/57628/sync?uid=18072662315992420724&_origin=1&redir=true&apid=UP38275a56-67d9-11ec-83cd-02cf8ce7f0ba HTTP 302
https://a.tribalfusion.com/i.match?p=b17&u=UP38275a56-67d9-11ec-83cd-02cf8ce7f0ba

Request Chain 165

https://dsum-sec.casalemedia.com/rrum?cm_dsp_id=131&external_user_id=18072662315992420724&cb=https%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db20%26u%3D HTTP 302
https://a.tribalfusion.com/i.match?p=b20&u=YcsCLnyBLyEk4F-L3QkHaAAA

Request Chain 166

https://dpm.demdex.net/ibs:dpid=22054&dpuuid=18072662315992420724&redir=https%3A//a.tribalfusion.com/i.match%3Fp%3Db13%26u%3D%24%7BDD_UUID%7D HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=22054&dpuuid=18072662315992420724&redir=https%3A//a.tribalfusion.com/i.match%3Fp%3Db13%26u%3D%24%7BDD_UUID%7D HTTP 302
https://a.tribalfusion.com/i.match?p=b13&u=08951342012910990903611186663094195647

Request Chain 167

https://a.tribalfusion.com/i.match?p=b22&u=18072662315992420724&redirect=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dexponential%26partner_uid%3D%24TF_USER_ID_ENC%24 HTTP 302
https://beacon.krxd.net/usermatch.gif?partner=exponential&partner_uid=18072662315992436155

177 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
cdn.realityrewind.com/ 50 KB
14 KB 1051ms
901ms Document
text/html 94.31.29.248
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn.realityrewind.com/
Protocol: HTTP/1.1
Server: 94.31.29.248 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.248.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: f55aba3ac99f764cd5d5ffdeca8720431692231a6b64ce14c344a5283bd16054

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: en-GB,en;q=0.9

Response headers

Date: Tue, 28 Dec 2021 12:25:16 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Link: <http://realityrewind.com/wp-json/>; rel="https://api.w.org/", <https://wp.me/Q3yM>; rel=shortlink
Server: NetDNA-cache/2.2
X-Cache: MISS
Content-Encoding: gzip

GET
H/1.1 200
OK style.min.css
realityrewind.com/wp-includes/css/dist/block-library/ 50 KB
50 KB 846ms
224ms Stylesheet
text/css 209.188.81.66
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: http://realityrewind.com/wp-includes/css/dist/block-library/style.min.css?ver=5.6.6
Requested by: Host: cdn.realityrewind.com
URL: http://cdn.realityrewind.com/
Protocol: HTTP/1.1
Server: 209.188.81.66 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: host.gtprods.org
Software: Apache /
Resource Hash: fe9ad9796d39e706fe661ddf90151c0ebc03251164354d55f1ee95ca06878b40

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://cdn.realityrewind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Tue, 28 Dec 2021 12:25:17 GMT
Last-Modified: Mon, 22 Feb 2021 19:07:34 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=500
Content-Length: 51338

GET
H/1.1 200
OK sfsi-style.css
realityrewind.com/wp-content/plugins/ultimate-social-media-icons/css/ 49 KB
49 KB 844ms
222ms Stylesheet
text/css 209.188.81.66
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: http://realityrewind.com/wp-content/plugins/ultimate-social-media-icons/css/sfsi-style.css?ver=5.6.6
Requested by: Host: cdn.realityrewind.com
URL: http://cdn.realityrewind.com/
Protocol: HTTP/1.1
Server: 209.188.81.66 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: host.gtprods.org
Software: Apache /
Resource Hash: aa7cf11a417fdeb4161e5421a039389211fd56794d966729db61071d5240763d

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://cdn.realityrewind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Tue, 28 Dec 2021 12:25:17 GMT
Last-Modified: Fri, 01 Feb 2019 02:29:33 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=500
Content-Length: 49885

GET
H/1.1 200
OK pagenavi-css.css
realityrewind.com/wp-content/plugins/wp-pagenavi/ 374 B
615 B 843ms
221ms Stylesheet
text/css 209.188.81.66
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: http://realityrewind.com/wp-content/plugins/wp-pagenavi/pagenavi-css.css?ver=2.70
Requested by: Host: cdn.realityrewind.com
URL: http://cdn.realityrewind.com/
Protocol: HTTP/1.1
Server: 209.188.81.66 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: host.gtprods.org
Software: Apache /
Resource Hash: c2711e9edc60964dcb5aada1bfa59c2d68d3d9dc1baf4a5ee058b4c1bd32c3eb

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://cdn.realityrewind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Tue, 28 Dec 2021 12:25:17 GMT
Last-Modified: Mon, 28 Jan 2019 23:44:02 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=500
Content-Length: 374

GET
H/1.1 200
OK jetpack.css
realityrewind.com/wp-content/plugins/jetpack/css/ 71 KB
72 KB 846ms
224ms Stylesheet
text/css 209.188.81.66
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: http://realityrewind.com/wp-content/plugins/jetpack/css/jetpack.css?ver=7.0.3
Requested by: Host: cdn.realityrewind.com
URL: http://cdn.realityrewind.com/
Protocol: HTTP/1.1
Server: 209.188.81.66 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: host.gtprods.org
Software: Apache /
Resource Hash: a025c1b727608e9b86f461260e7a65c4266001b99a575c62225e52bc7093906f

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://cdn.realityrewind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Tue, 28 Dec 2021 12:25:17 GMT
Last-Modified: Thu, 03 Jun 2021 19:07:32 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=500
Content-Length: 73027

GET
H/1.1 200
OK jquery.min.js Show response
realityrewind.com/wp-includes/js/jquery/ 87 KB
88 KB 845ms
223ms Script
application/javascript 209.188.81.66
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: http://realityrewind.com/wp-includes/js/jquery/jquery.min.js?ver=3.5.1
Requested by: Host: cdn.realityrewind.com
URL: http://cdn.realityrewind.com/
Protocol: HTTP/1.1
Server: 209.188.81.66 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: host.gtprods.org
Software: Apache /
Resource Hash: 60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://cdn.realityrewind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Tue, 28 Dec 2021 12:25:17 GMT
Last-Modified: Fri, 18 Dec 2020 01:38:17 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=500
Content-Length: 89496

GET
H/1.1 200
OK jquery-migrate.min.js Show response
realityrewind.com/wp-includes/js/jquery/ 11 KB
11 KB 963ms
120ms Script
application/javascript 209.188.81.66
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: http://realityrewind.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by: Host: cdn.realityrewind.com
URL: http://cdn.realityrewind.com/
Protocol: HTTP/1.1
Server: 209.188.81.66 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: host.gtprods.org
Software: Apache /
Resource Hash: 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://cdn.realityrewind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Tue, 28 Dec 2021 12:25:17 GMT
Last-Modified: Fri, 18 Dec 2020 01:38:17 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=499
Content-Length: 11224

GET
H/1.1 200
OK style.css
realityrewind.com/wp-content/themes/rr-2016/ 25 KB
25 KB 841ms
220ms Stylesheet
text/css 209.188.81.66
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: http://realityrewind.com/wp-content/themes/rr-2016/style.css
Requested by: Host: cdn.realityrewind.com
URL: http://cdn.realityrewind.com/
Protocol: HTTP/1.1
Server: 209.188.81.66 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: host.gtprods.org
Software: Apache /
Resource Hash: 75e7ecaf5b939483c51079db071dd0d0144b4f057e1ac147d94b05ea0b7a419c

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://cdn.realityrewind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Tue, 28 Dec 2021 12:25:17 GMT
Last-Modified: Fri, 20 Jan 2017 13:54:25 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=500
Content-Length: 25111

GET
H/1.1 200
OK adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 144 KB
51 KB 101ms
77ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: cdn.realityrewind.com
URL: http://cdn.realityrewind.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d6bb86200ad87b179e77dded6e5c08dd06b693246ed6ef42f8bc9b7fbe07cc90

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://cdn.realityrewind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Timing-Allow-Origin: *
Date: Tue, 28 Dec 2021 12:25:18 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cafe
ETag: 3330079227900719568
Vary: Accept-Encoding, Origin
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=3600
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Content-Type: text/javascript; charset=UTF-8
Content-Length: 51733
X-XSS-Protection: 0
Expires: Tue, 28 Dec 2021 12:25:18 GMT

GET
H/1.1 200
OK spacer.gif
realityrewind.com/wp-content/themes/rr-2016/images/ 43 B
284 B 238ms
121ms Image
image/gif 209.188.81.66
LIQUIDWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://realityrewind.com/wp-content/themes/rr-2016/images/spacer.gif
Requested by: Host: cdn.realityrewind.com
URL: http://cdn.realityrewind.com/
Protocol: HTTP/1.1
Server: 209.188.81.66 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: host.gtprods.org
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://cdn.realityrewind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Tue, 28 Dec 2021 12:25:18 GMT
Last-Modified: Fri, 20 Jan 2017 13:56:06 GMT
Server: Apache
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=498
Content-Length: 43

GET
H/1.1 200
OK tags.js Show response
tags.expo9.exponential.com/tags/AmericanIdolNetcom/realityrewind/ 7 KB
3 KB 312ms
276ms Script
application/x-javascript 2606:4700::6812:417
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://tags.expo9.exponential.com/tags/AmericanIdolNetcom/realityrewind/tags.js
Requested by: Host: cdn.realityrewind.com
URL: http://cdn.realityrewind.com/
Protocol: HTTP/1.1
Server: 2606:4700::6812:417 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1a3d15771ed4eedb6bb6475092462506d4d7124f29ccbc3453726a87165b5d25

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://cdn.realityrewind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Tue, 28 Dec 2021 12:25:18 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
P3P: CP="NOI DEVo TAIa OUR BUS"
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Content-Length: 2305
X-Function: 151
Last-Modified: Wed, 11 Aug 2021 04:08:51 GMT
Server: cloudflare
X-Reuse-Index: 4
ETag: 4408853015460759652
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=3600, public
CF-RAY: 6c4ac53f78133762-MXP
Expires: Tue, 28 Dec 2021 13:25:18 GMT

GET
H2 200 facebook-icon-30px.jpg
i1.wp.com/cdn.bigbrothernetwork.com/wp-content/themes/2_column_v2/images/ 414 B
745 B 126ms
40ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i1.wp.com/cdn.bigbrothernetwork.com/wp-content/themes/2_column_v2/images/facebook-icon-30px.jpg?w=560

Requested by

Host: cdn.realityrewind.com
URL: http://cdn.realityrewind.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

31fd1942a1e8a14f634f6774efa8bdfcdc829fa7d9be2bf98e1638b771bf0cc9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://cdn.realityrewind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nc: HIT lhr 6
date: Tue, 28 Dec 2021 12:25:18 GMT
x-content-type-options: nosniff
last-modified: Sun, 10 Oct 2021 17:57:34 GMT
server: nginx
etag: "0646b4fbead13d32"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <http://cdn.bigbrothernetwork.com/wp-content/themes/2_column_v2/images/facebook-icon-30px.jpg>; rel="canonical"
content-length: 414
expires: Wed, 11 Oct 2023 05:57:34 GMT

GET
H2 200 twitter-icon.jpg
i2.wp.com/cdn.bigbrothernetwork.com/wp-content/themes/2_column_v2/images/ 410 B
735 B 128ms
41ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i2.wp.com/cdn.bigbrothernetwork.com/wp-content/themes/2_column_v2/images/twitter-icon.jpg?w=560

Requested by

Host: cdn.realityrewind.com
URL: http://cdn.realityrewind.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

9a6235070b28db6c68db8912e3ce8bec23e3f3fe6cdf3714460bcbb5fc630974

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://cdn.realityrewind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nc: HIT lhr 1
date: Tue, 28 Dec 2021 12:25:18 GMT
x-content-type-options: nosniff
last-modified: Sat, 09 Oct 2021 21:35:29 GMT
server: nginx
etag: "4d6fcd89a96d60a8"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <http://cdn.bigbrothernetwork.com/wp-content/themes/2_column_v2/images/twitter-icon.jpg>; rel="canonical"
content-length: 410
expires: Tue, 10 Oct 2023 09:35:29 GMT

GET
H2 200 rss-icon-30px.jpg
i1.wp.com/cdn.bigbrothernetwork.com/wp-content/themes/2_column_v2/images/ 488 B
667 B 68ms
41ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i1.wp.com/cdn.bigbrothernetwork.com/wp-content/themes/2_column_v2/images/rss-icon-30px.jpg?w=560

Requested by

Host: cdn.realityrewind.com
URL: http://cdn.realityrewind.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

2c51c0f1ede85b3fc1ce270bc5190cbe9399618863cbb1e67cf37f1ce1298e4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://cdn.realityrewind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nc: HIT lhr 6
date: Tue, 28 Dec 2021 12:25:18 GMT
x-content-type-options: nosniff
last-modified: Fri, 16 Jul 2021 04:39:01 GMT
server: nginx
etag: "984a5cab8ee6191d"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <http://cdn.bigbrothernetwork.com/wp-content/themes/2_column_v2/images/rss-icon-30px.jpg>; rel="canonical"
content-length: 488
expires: Sun, 16 Jul 2023 16:39:01 GMT

GET
H2 200 email-icon-2.jpg
i0.wp.com/cdn.bigbrothernetwork.com/wp-content/themes/2_column_v2/images/ 466 B
794 B 135ms
40ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/cdn.bigbrothernetwork.com/wp-content/themes/2_column_v2/images/email-icon-2.jpg?w=560

Requested by

Host: cdn.realityrewind.com
URL: http://cdn.realityrewind.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

a2a625f83657540b2145c5e1ab0f560cbb4a0e75df69a7382e92fe9af057c8b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://cdn.realityrewind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nc: HIT lhr 5
date: Tue, 28 Dec 2021 12:25:18 GMT
x-content-type-options: nosniff
last-modified: Mon, 03 May 2021 14:34:58 GMT
server: nginx
etag: "f849734718fb0802"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <http://cdn.bigbrothernetwork.com/wp-content/themes/2_column_v2/images/email-icon-2.jpg>; rel="canonical"
content-length: 466
expires: Thu, 04 May 2023 02:34:58 GMT

GET
H2

200

pinit.js Show response
assets.pinterest.com/js/
Redirect Chain

http://assets.pinterest.com/js/pinit.js
https://assets.pinterest.com/js/pinit.js

361 B
431 B

319ms
62ms

Script
application/javascript

2a02:26f0:6c00:2b6::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.pinterest.com/js/pinit.js
Requested by: Host: cdn.realityrewind.com
URL: http://cdn.realityrewind.com/
Protocol: H2
Server: 2a02:26f0:6c00:2b6::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 3faadebc89cdb21d11634a032816f152462d1cb8903eb21d0642501fcad065de

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://cdn.realityrewind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-encoding: br
x-cdn: akamai
etag: "62d32c28f14783b94192cd8d35bc010d"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: max-age=218
accept-ranges: bytes
content-length: 203
access-control-expose-headers: X-CDN

Redirect headers

Location: https://assets.pinterest.com/js/pinit.js
Non-Authoritative-Reason: HSTS

GET
H/1.1 200
OK photon.min.js Show response
realityrewind.com/wp-content/plugins/jetpack/_inc/build/photon/ 580 B
835 B 123ms
122ms Script
application/javascript 209.188.81.66
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: http://realityrewind.com/wp-content/plugins/jetpack/_inc/build/photon/photon.min.js?ver=20130122
Requested by: Host: cdn.realityrewind.com
URL: http://cdn.realityrewind.com/
Protocol: HTTP/1.1
Server: 209.188.81.66 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: host.gtprods.org
Software: Apache /
Resource Hash: f5fa487416676288b5e92b1530f85fbc61d2875f4a74926affa77be11223cfe9

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://cdn.realityrewind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Tue, 28 Dec 2021 12:25:17 GMT
Last-Modified: Thu, 03 Jun 2021 19:07:32 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=499
Content-Length: 580

GET
H2 200 devicepx-jetpack.js Show response
s0.wp.com/wp-content/js/ 10 KB
3 KB 133ms
40ms Script
application/javascript 192.0.77.32
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://s0.wp.com/wp-content/js/devicepx-jetpack.js?ver=202152
Requested by: Host: cdn.realityrewind.com
URL: http://cdn.realityrewind.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.77.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS: wordpress.com
Software: nginx /
Resource Hash: f32d41f2099a0be20e6b57c5e0d1b71c079d3e1345827b0f5c5b97c6e5e3f78d

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://cdn.realityrewind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nc: HIT lhr 2
date: Tue, 28 Dec 2021 12:25:18 GMT
content-encoding: br
server: nginx
etag: W/"5bffef56-52b6"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
x-ac: 4.lhr _dca
timing-allow-origin: *
expires: Mon, 26 Dec 2022 14:51:33 GMT

GET
H/1.1 200
OK core.min.js Show response
realityrewind.com/wp-includes/js/jquery/ui/ 20 KB
21 KB 123ms
121ms Script
application/javascript 209.188.81.66
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: http://realityrewind.com/wp-includes/js/jquery/ui/core.min.js?ver=1.12.1
Requested by: Host: cdn.realityrewind.com
URL: http://cdn.realityrewind.com/
Protocol: HTTP/1.1
Server: 209.188.81.66 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: host.gtprods.org
Software: Apache /
Resource Hash: 0cd851e5b33af0fbb354df65506da39807b998e07723f3d08aba5179fa2ed97e

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://cdn.realityrewind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Tue, 28 Dec 2021 12:25:17 GMT
Last-Modified: Thu, 15 Apr 2021 19:07:33 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=499
Content-Length: 20787

GET
H/1.1 200
OK modernizr.custom.min.js Show response
realityrewind.com/wp-content/plugins/ultimate-social-media-icons/js/shuffle/ 3 KB
3 KB 124ms
122ms Script
application/javascript 209.188.81.66
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: http://realityrewind.com/wp-content/plugins/ultimate-social-media-icons/js/shuffle/modernizr.custom.min.js?ver=5.6.6
Requested by: Host: cdn.realityrewind.com
URL: http://cdn.realityrewind.com/
Protocol: HTTP/1.1
Server: 209.188.81.66 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: host.gtprods.org
Software: Apache /
Resource Hash: 6a1fe0907100410728ab4d870e8b1cca4b9ce788b9c87e83444dd0cd5818ca3e

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://cdn.realityrewind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Tue, 28 Dec 2021 12:25:17 GMT
Last-Modified: Fri, 01 Feb 2019 02:29:33 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=499
Content-Length: 3074

GET
H/1.1 200
OK jquery.shuffle.min.js Show response
realityrewind.com/wp-content/plugins/ultimate-social-media-icons/js/shuffle/ 12 KB
12 KB 124ms
122ms Script
application/javascript 209.188.81.66
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: http://realityrewind.com/wp-content/plugins/ultimate-social-media-icons/js/shuffle/jquery.shuffle.min.js?ver=5.6.6
Requested by: Host: cdn.realityrewind.com
URL: http://cdn.realityrewind.com/
Protocol: HTTP/1.1
Server: 209.188.81.66 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: host.gtprods.org
Software: Apache /
Resource Hash: bed12088467e5c28c9dc4efe2d352183aaf4e3556b6348e8f71107f653a42bb8

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://cdn.realityrewind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Tue, 28 Dec 2021 12:25:17 GMT
Last-Modified: Fri, 01 Feb 2019 02:29:33 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=499
Content-Length: 12056

GET
H/1.1 200
OK random-shuffle-min.js Show response
realityrewind.com/wp-content/plugins/ultimate-social-media-icons/js/shuffle/ 1 KB
2 KB 123ms
121ms Script
application/javascript 209.188.81.66
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: http://realityrewind.com/wp-content/plugins/ultimate-social-media-icons/js/shuffle/random-shuffle-min.js?ver=5.6.6
Requested by: Host: cdn.realityrewind.com
URL: http://cdn.realityrewind.com/
Protocol: HTTP/1.1
Server: 209.188.81.66 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: host.gtprods.org
Software: Apache /
Resource Hash: 8577be08e13d868781746fd18e27a2d95ee4658c33221ec7659ece82d4d31463

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://cdn.realityrewind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Tue, 28 Dec 2021 12:25:17 GMT
Last-Modified: Fri, 01 Feb 2019 02:29:33 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=498
Content-Length: 1472

GET
H/1.1 200
OK custom.js Show response
realityrewind.com/wp-content/plugins/ultimate-social-media-icons/js/ 18 KB
18 KB 123ms
122ms Script
application/javascript 209.188.81.66
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: http://realityrewind.com/wp-content/plugins/ultimate-social-media-icons/js/custom.js?ver=5.6.6
Requested by: Host: cdn.realityrewind.com
URL: http://cdn.realityrewind.com/
Protocol: HTTP/1.1
Server: 209.188.81.66 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: host.gtprods.org
Software: Apache /
Resource Hash: 63f168a7118f48be6bf05c92de4a02313f0e0491663f24d14e26886dfaf07acb

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://cdn.realityrewind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Tue, 28 Dec 2021 12:25:17 GMT
Last-Modified: Fri, 01 Feb 2019 02:29:33 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=499
Content-Length: 18289

GET
H/1.1 200
OK wp-embed.min.js Show response
realityrewind.com/wp-includes/js/ 1 KB
2 KB 121ms
120ms Script
application/javascript 209.188.81.66
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: http://realityrewind.com/wp-includes/js/wp-embed.min.js?ver=5.6.6
Requested by: Host: cdn.realityrewind.com
URL: http://cdn.realityrewind.com/
Protocol: HTTP/1.1
Server: 209.188.81.66 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: host.gtprods.org
Software: Apache /
Resource Hash: 5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://cdn.realityrewind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Tue, 28 Dec 2021 12:25:18 GMT
Last-Modified: Thu, 04 Feb 2021 07:07:37 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=498
Content-Length: 1426

GET
H2 200 e-202152.js Show response
stats.wp.com/ 9 KB
3 KB 129ms
40ms Script
application/javascript 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.wp.com/e-202152.js
Requested by: Host: cdn.realityrewind.com
URL: http://cdn.realityrewind.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://cdn.realityrewind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nc: HIT lhr
date: Tue, 28 Dec 2021 12:25:18 GMT
content-encoding: br
server: nginx
etag: W/"6197c5cf-3508"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
expires: Mon, 19 Dec 2022 00:03:38 GMT

GET
H/1.1 200
OK infolinks_main.js Show response
resources.infolinks.com/js/ 3 KB
2 KB 65ms
34ms Script
application/javascript 172.66.42.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://resources.infolinks.com/js/infolinks_main.js
Requested by: Host: cdn.realityrewind.com
URL: http://cdn.realityrewind.com/
Protocol: HTTP/1.1
Server: 172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8aa062fba6f3cd9ce1b8cf732f5aac75b2f239685ca7f26ca63aecf4136f35ea

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://cdn.realityrewind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

CF-RAY: 6c4ac53f4d3735bf-MAN
Date: Tue, 28 Dec 2021 12:25:17 GMT
Via: 1.1 google
CF-Cache-Status: HIT
Last-Modified: Thu, 23 Dec 2021 14:48:04 GMT
Server: cloudflare
Age: 5450
ETag: W/"d74-5d3d15363d81c"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=3600
Transfer-Encoding: chunked
Connection: keep-alive
Content-Encoding: gzip
Expires: Tue, 28 Dec 2021 11:54:27 GMT

GET
H2

200

sdk.js Show response
connect.facebook.net/en_US/
Redirect Chain

http://connect.facebook.net/en_US/sdk.js
https://connect.facebook.net/en_US/sdk.js

3 KB
2 KB

125ms
40ms

Script
application/x-javascript

2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: cdn.realityrewind.com
URL: http://cdn.realityrewind.com/

Protocol

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7d5c2996d697b23e88fd8f59d1050cc5fa33133bc96f1e63b5b4327c812d1ab4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://cdn.realityrewind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: a0ar5yzpp1yg3X/KL5vW5g==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 1686
x-fb-rlafr: 0
x-fb-debug: J1Y/fRtEcfomY2kAcyNo1ygwJXt+s4KyamKbIPyc2wmPaxHbB2LlGLZVRIK/DbQztfF16IBM2LKfJZS8k8svJA==
x-fb-trip-id: 686109401
x-fb-content-md5: d224fe286067e8c03d20a150f394e664
x-frame-options: DENY
date: Tue, 28 Dec 2021 12:25:18 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "7237bcbc2eaa99bb7c918a9e884d70c7"
timing-allow-origin: *
priority: u=3,i
expires: Tue, 28 Dec 2021 12:29:23 GMT

Redirect headers

Location: https://connect.facebook.net/en_US/sdk.js#xfbml=1&version=v2.8&appId=191429144239396
Non-Authoritative-Reason: HSTS

GET
H/1.1 200
OK bg-01.png
realityrewind.com/wp-content/themes/rr-2016/images/ 3 KB
3 KB 237ms
121ms Image
image/png 209.188.81.66
LIQUIDWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://realityrewind.com/wp-content/themes/rr-2016/images/bg-01.png
Requested by: Host: realityrewind.com
URL: http://realityrewind.com/wp-content/themes/rr-2016/style.css
Protocol: HTTP/1.1
Server: 209.188.81.66 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: host.gtprods.org
Software: Apache /
Resource Hash: 7513bc583014233318969bf03770375b9d98ea74346ace21eefa35f7e1e6af27

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://realityrewind.com/wp-content/themes/rr-2016/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Tue, 28 Dec 2021 12:25:18 GMT
Last-Modified: Fri, 20 Jan 2017 13:56:05 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=498
Content-Length: 2836

GET
H/1.1 200
OK rr-hdr-2016-01.jpg
realityrewind.com/wp-content/themes/rr-2016/images/ 22 KB
23 KB 238ms
121ms Image
image/jpeg 209.188.81.66
LIQUIDWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://realityrewind.com/wp-content/themes/rr-2016/images/rr-hdr-2016-01.jpg
Requested by: Host: realityrewind.com
URL: http://realityrewind.com/wp-content/themes/rr-2016/style.css
Protocol: HTTP/1.1
Server: 209.188.81.66 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: host.gtprods.org
Software: Apache /
Resource Hash: ec276d0152a6c4e8216581c657790eb14a4528e95642e34a48e77803805c84b1

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://realityrewind.com/wp-content/themes/rr-2016/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Tue, 28 Dec 2021 12:25:18 GMT
Last-Modified: Fri, 20 Jan 2017 13:56:06 GMT
Server: Apache
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=497
Content-Length: 23010

GET
H2 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/ 276 KB
100 KB 160ms
69ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4715266245720387&plah=cdn.realityrewind.com

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1037f1e0d1ae470df705a7179a41aa2c969aec5ff56771a7438edc74fc46a9f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://cdn.realityrewind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 12:25:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 101736
x-xss-protection: 0
server: cafe
etag: 6975236974516728872
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 28 Dec 2021 12:25:18 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20211207/r20190131/ Frame 17ED 11 KB
5 KB 131ms
40ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20211207/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d853164105815c3ea423a95f095ee531f547ff1e12fba56a80be0f712c62929e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: http://cdn.realityrewind.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Mon, 27 Dec 2021 18:36:45 GMT
expires: Mon, 10 Jan 2022 18:36:45 GMT
content-type: text/html; charset=UTF-8
etag: 17731914101004188133
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4884
x-xss-protection: 0
age: 64113
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 290 KB
82 KB 87ms
40ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=8e4a6f240bdf44de8a9272f5a3845bdd

Requested by

Host: connect.facebook.net
URL: http://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

70560881bbcb4c73f3261eebd87cf503937e9d0d5eba786ed102d3d73d9cbc8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: http://cdn.realityrewind.com/
Origin: http://cdn.realityrewind.com
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: 3ZdOoJKCW0PR2mg/gUMpxg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 83417
x-fb-rlafr: 0
x-fb-debug: G+ZNW3exQZkagZVy0QVdaFlBHcwABDqNMRK5sY34yeNv6Idn96eUipBIC050UAr+XFsCtNvT6iH6tW3ZKjgH/Q==
x-fb-content-md5: b47cb55fd773517b60d993253a3c33f0
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Tue, 28 Dec 2021 12:25:18 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "53750f299ed0d311a7de5cb0cc4afbda"
timing-allow-origin: *
priority: u=3,i
expires: Wed, 28 Dec 2022 11:18:01 GMT

GET
H/1.1 200
OK tags.js Show response
a.tribalfusion.com/real/tags/AmericanIdolNetcom/realityrewind/ Frame 396A 59 KB
14 KB 301ms
271ms Script
application/x-javascript 2606:4700::6812:d05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://a.tribalfusion.com/real/tags/AmericanIdolNetcom/realityrewind/tags.js
Requested by: Host: tags.expo9.exponential.com
URL: http://tags.expo9.exponential.com/tags/AmericanIdolNetcom/realityrewind/tags.js
Protocol: HTTP/1.1
Server: 2606:4700::6812:d05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2c3f642667d2dc022f8d0213500436b4b1d62b45156c8e3731b6a5506c7c9764

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://cdn.realityrewind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Tue, 28 Dec 2021 12:25:18 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
P3P: CP="NOI DEVo TAIa OUR BUS"
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Content-Length: 14180
X-Function: 151
Last-Modified: Wed, 11 Aug 2021 04:08:51 GMT
Server: cloudflare
X-Reuse-Index: 7
ETag: 4337291672342461013
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=3600, private
CF-RAY: 6c4ac5417faf59a7-MXP
Expires: Tue, 28 Dec 2021 13:25:18 GMT

GET
H/1.1 200
OK mini-comments.gif
realityrewind.com/wp-content/themes/rr-2016/images/ 583 B
825 B 123ms
123ms Image
image/gif 209.188.81.66
LIQUIDWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://realityrewind.com/wp-content/themes/rr-2016/images/mini-comments.gif
Requested by: Host: realityrewind.com
URL: http://realityrewind.com/wp-content/themes/rr-2016/style.css
Protocol: HTTP/1.1
Server: 209.188.81.66 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: host.gtprods.org
Software: Apache /
Resource Hash: 4dd6e86eb720c9e9d48dd0507af2bd23e8f5b694f592d6a6658c66a79e432017

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://realityrewind.com/wp-content/themes/rr-2016/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Tue, 28 Dec 2021 12:25:18 GMT
Last-Modified: Fri, 20 Jan 2017 13:56:05 GMT
Server: Apache
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=497
Content-Length: 583

GET
H2 200 American-Idol-2019-Spoilers-Top-40-Showcase-Song-List.jpg
i1.wp.com/realityrewind.com/wp-content/uploads/2019/03/ 45 KB
45 KB 61ms
59ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i1.wp.com/realityrewind.com/wp-content/uploads/2019/03/American-Idol-2019-Spoilers-Top-40-Showcase-Song-List.jpg?resize=480%2C320

Requested by

Host: cdn.realityrewind.com
URL: http://cdn.realityrewind.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

cc7a9b28388129877394a8f806d4b03657a566be8df77ecac53bd18c3bbe4d49

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://cdn.realityrewind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nc: MISS lhr 5
date: Tue, 28 Dec 2021 12:25:18 GMT
x-content-type-options: nosniff
last-modified: Fri, 03 Dec 2021 14:19:46 GMT
server: nginx
etag: "c4984431928921e8"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <http://realityrewind.com/wp-content/uploads/2019/03/American-Idol-2019-Spoilers-Top-40-Showcase-Song-List.jpg>; rel="canonical"
content-length: 45704
expires: Mon, 04 Dec 2023 02:19:46 GMT

GET
H2 200 Project-Runway-2019-Spoilers-Week-3-Sneak-Peek-7.jpg
i1.wp.com/realityrewind.com/wp-content/uploads/2019/03/ 21 KB
21 KB 49ms
47ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i1.wp.com/realityrewind.com/wp-content/uploads/2019/03/Project-Runway-2019-Spoilers-Week-3-Sneak-Peek-7.jpg?resize=480%2C320

Requested by

Host: cdn.realityrewind.com
URL: http://cdn.realityrewind.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

6ccbd2a25f16c28004399f87b7f72c660defa584826bc883c2cc3dd6acbb4fe1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://cdn.realityrewind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nc: MISS lhr 4
date: Tue, 28 Dec 2021 12:25:18 GMT
x-content-type-options: nosniff
last-modified: Fri, 03 Dec 2021 14:19:46 GMT
server: nginx
etag: "29fa2c658ef23987"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <http://realityrewind.com/wp-content/uploads/2019/03/Project-Runway-2019-Spoilers-Week-3-Sneak-Peek-7.jpg>; rel="canonical"
content-length: 21314
expires: Mon, 04 Dec 2023 02:19:46 GMT

GET
H2 200 Project-Runway-2019-Spoilers-Week-3-Sneak-Peek-8.jpg
i2.wp.com/realityrewind.com/wp-content/uploads/2019/03/ 23 KB
23 KB 74ms
73ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i2.wp.com/realityrewind.com/wp-content/uploads/2019/03/Project-Runway-2019-Spoilers-Week-3-Sneak-Peek-8.jpg?resize=480%2C320

Requested by

Host: cdn.realityrewind.com
URL: http://cdn.realityrewind.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

b6e6fb627f486a05e7aced72e492ac0be9803d0bed262950414a41687ada79f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://cdn.realityrewind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nc: MISS lhr 8
date: Tue, 28 Dec 2021 12:25:18 GMT
x-content-type-options: nosniff
last-modified: Fri, 03 Dec 2021 14:19:46 GMT
server: nginx
etag: "e99d1a594096c330"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <http://realityrewind.com/wp-content/uploads/2019/03/Project-Runway-2019-Spoilers-Week-3-Sneak-Peek-8.jpg>; rel="canonical"
content-length: 23188
expires: Mon, 04 Dec 2023 02:19:46 GMT

GET
H2 200 Project-Runway-2019-Spoilers-Week-3-Sneak-Peek-19.jpg
i2.wp.com/realityrewind.com/wp-content/uploads/2019/03/ 29 KB
29 KB 49ms
48ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i2.wp.com/realityrewind.com/wp-content/uploads/2019/03/Project-Runway-2019-Spoilers-Week-3-Sneak-Peek-19.jpg?resize=480%2C320

Requested by

Host: cdn.realityrewind.com
URL: http://cdn.realityrewind.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

ec333a9855563b9c38aca285029a103636939f2829145bf9c66d3d5c8a05f00e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://cdn.realityrewind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nc: MISS lhr 3
date: Tue, 28 Dec 2021 12:25:18 GMT
x-content-type-options: nosniff
last-modified: Fri, 03 Dec 2021 14:19:46 GMT
server: nginx
etag: "f521b1ecb4e641ea"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <http://realityrewind.com/wp-content/uploads/2019/03/Project-Runway-2019-Spoilers-Week-3-Sneak-Peek-19.jpg>; rel="canonical"
content-length: 29410
expires: Mon, 04 Dec 2023 02:19:46 GMT

GET
H2 200 The-Challenge-War-of-the-Worlds-2019-Spoilers-Week-8-Results.jpg
i2.wp.com/realityrewind.com/wp-content/uploads/2019/03/ 17 KB
18 KB 82ms
81ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i2.wp.com/realityrewind.com/wp-content/uploads/2019/03/The-Challenge-War-of-the-Worlds-2019-Spoilers-Week-8-Results.jpg?resize=480%2C270

Requested by

Host: cdn.realityrewind.com
URL: http://cdn.realityrewind.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

b2cc03f08465689017c8138fd1c69591bbd5b05cbb2846264d43830562aea44d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://cdn.realityrewind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nc: MISS lhr 5
date: Tue, 28 Dec 2021 12:25:18 GMT
x-content-type-options: nosniff
last-modified: Fri, 03 Dec 2021 14:19:46 GMT
server: nginx
etag: "4077003676025bce"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <http://realityrewind.com/wp-content/uploads/2019/03/The-Challenge-War-of-the-Worlds-2019-Spoilers-Week-8-Results.jpg>; rel="canonical"
content-length: 17904
expires: Mon, 04 Dec 2023 02:19:46 GMT

GET
H/1.1 200
OK tags.js Show response
a.tribalfusion.com/real/tags/AmericanIdolNetcom/realityrewind/ Frame EE76 59 KB
14 KB 300ms
278ms Script
application/x-javascript 2606:4700::6812:d05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://a.tribalfusion.com/real/tags/AmericanIdolNetcom/realityrewind/tags.js
Requested by: Host: tags.expo9.exponential.com
URL: http://tags.expo9.exponential.com/tags/AmericanIdolNetcom/realityrewind/tags.js
Protocol: HTTP/1.1
Server: 2606:4700::6812:d05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2c3f642667d2dc022f8d0213500436b4b1d62b45156c8e3731b6a5506c7c9764

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://cdn.realityrewind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Tue, 28 Dec 2021 12:25:18 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
P3P: CP="NOI DEVo TAIa OUR BUS"
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Content-Length: 14180
X-Function: 151
Last-Modified: Wed, 11 Aug 2021 04:08:51 GMT
Server: cloudflare
X-Reuse-Index: 11
ETag: 4337291672342461013
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=3600, private
CF-RAY: 6c4ac541acd80f72-MXP
Expires: Tue, 28 Dec 2021 13:25:18 GMT

GET
H2 200 plusone.js Show response
apis.google.com/js/ 52 KB
21 KB 152ms
61ms Script
application/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/plusone.js

Requested by

Host: cdn.realityrewind.com
URL: http://cdn.realityrewind.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1c0ba20dd6ab974307ca4fb34d7d48a7537bce6eb56c562c1e69264745221540

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-4duGYr+C9b3JaW5NqZsS8Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://cdn.realityrewind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 12:25:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
x-ua-compatible: IE=edge, chrome=1
server: ESF
cross-origin-opener-policy: same-origin
etag: "c9f5a685272db812846def3c0d393045"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
content-security-policy: script-src 'report-sample' 'nonce-4duGYr+C9b3JaW5NqZsS8Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin: *
expires: Tue, 28 Dec 2021 12:25:18 GMT

GET
H2 200 platform.js Show response
apis.google.com/js/ 52 KB
20 KB 175ms
84ms Script
application/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/platform.js

Requested by

Host: cdn.realityrewind.com
URL: http://cdn.realityrewind.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

51dc201352664df8a472d290e8da5387964769924e98c6989726b8c391b3b8b0

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-JM/9e/i2F9OFxjvwpAcuHg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://cdn.realityrewind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 12:25:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
x-ua-compatible: IE=edge, chrome=1
server: ESF
cross-origin-opener-policy: same-origin
etag: "cbe05d0ffec5ecb141a76eb91aaeeb84"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
content-security-policy: script-src 'report-sample' 'nonce-JM/9e/i2F9OFxjvwpAcuHg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin: *
expires: Tue, 28 Dec 2021 12:25:18 GMT

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 96 KB
29 KB 250ms
62ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: cdn.realityrewind.com
URL: http://cdn.realityrewind.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (mil/6CF2) /
Resource Hash: 97719c71e44494e537beba8d51c6bb268a34dcd867fdefc431229225ca734b46

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://cdn.realityrewind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Tue, 28 Dec 2021 12:25:18 GMT
Content-Encoding: gzip
Last-Modified: Thu, 02 Dec 2021 21:35:27 GMT
Server: ECS (mil/6CF2)
Age: 115
Etag: "50ec7e701ed018305368886c39cac301+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 29126

GET
H2

200

ga.js Show response
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/ga.js
https://www.google-analytics.com/ga.js

45 KB
17 KB

131ms
40ms

Script
text/javascript

2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/ga.js

Requested by

Host: cdn.realityrewind.com
URL: http://cdn.realityrewind.com/

Protocol

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://cdn.realityrewind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 3717
date: Tue, 28 Dec 2021 11:23:21 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17168
expires: Tue, 28 Dec 2021 13:23:21 GMT

Redirect headers

Location: https://www.google-analytics.com/ga.js
Non-Authoritative-Reason: HSTS

GET
H/1.1 200
OK g.gif
pixel.wp.com/ 50 B
247 B 82ms
59ms Image
image/gif 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://pixel.wp.com/g.gif?v=ext&j=1%3A7.0.3&blog=12406744&post=0&tz=-5&srv=realityrewind.com&host=cdn.realityrewind.com&ref=&fcp=2264&rand=0.4380421344479579
Requested by: Host: cdn.realityrewind.com
URL: http://cdn.realityrewind.com/
Protocol: HTTP/1.1
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://cdn.realityrewind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 28 Dec 2021 12:25:18 GMT
Cache-Control: no-cache
Server: nginx
Connection: keep-alive
Content-Length: 50
Content-Type: image/gif

GET
H2 200 pinit_main.js Show response
assets.pinterest.com/js/ 66 KB
19 KB 64ms
64ms Script
application/javascript 2a02:26f0:6c00:2b6::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.pinterest.com/js/pinit_main.js?0.6887221878468717
Requested by: Host: assets.pinterest.com
URL: http://assets.pinterest.com/js/pinit.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:2b6::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 20f0315c97ff7007f2e7a94d659e094a7efc01b8306da53987538c1101489e0e

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://cdn.realityrewind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-encoding: br
x-cdn: akamai
etag: "3725764cf05d1a0938de73d398772331"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: max-age=225
accept-ranges: bytes
content-length: 18679
access-control-expose-headers: X-CDN

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 221 B
648 B 144ms
50ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=cdn.realityrewind.com&callback=_gfp_s_&client=ca-pub-4715266245720387

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4715266245720387&plah=cdn.realityrewind.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

9de142d26063f40862e05f56ba5473702001ac8d638cbd0c2f91c78f1724a716

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://cdn.realityrewind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 12:25:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 204
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.co.uk/adsid/ 107 B
792 B 165ms
49ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.uk/adsid/integrator.js?domain=cdn.realityrewind.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://cdn.realityrewind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 28 Dec 2021 12:25:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 142ms
50ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=cdn.realityrewind.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://cdn.realityrewind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 28 Dec 2021 12:25:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame FDEB 9 KB
4 KB 191ms
143ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4715266245720387&output=html&adk=1812271804&adf=3025194257&lmt=1640694318&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fcdn.realityrewind.com%2F&ea=0&flash=0&pra=5&wgl=1&dt=1640694318157&bpp=4&bdt=1427&idt=239&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1756506614525&frm=20&pv=2&ga_vid=955479509.1640694318&ga_sid=1640694318&ga_hid=2022544045&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063858&oid=2&pvsid=3430653642811118&pem=880&tmod=837&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=252

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0fcc179a43165df6528858a03201abbb98500c686c2bc7eeb34057926a955465

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: http://cdn.realityrewind.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 28 Dec 2021 12:25:18 GMT
server: cafe
content-length: 4409
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 28 Dec 2021 12:25:18 GMT
cache-control: private

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 2E6A 22 KB
9 KB 239ms
197ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4715266245720387&output=html&h=250&slotname=0765996815&adk=410649583&adf=3209260708&pi=t.ma~as.0765996815&w=300&lmt=1640694318&psa=0&format=300x250&url=http%3A%2F%2Fcdn.realityrewind.com%2F&flash=0&wgl=1&dt=1640694318263&bpp=1&bdt=1532&idt=148&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1756506614525&frm=20&pv=1&ga_vid=955479509.1640694318&ga_sid=1640694318&ga_hid=2022544045&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=955&ady=763&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063858&oid=2&pvsid=3430653642811118&pem=880&tmod=837&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&cms=2&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=GMVqGFuQ0D&p=http%3A//cdn.realityrewind.com&dtd=152

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c1c1c4a9d429cb18f162477d30c547159be66dc764e76f613f1d79505fe06d87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: http://cdn.realityrewind.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 28 Dec 2021 12:25:18 GMT
server: cafe
content-length: 9428
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 28 Dec 2021 12:25:18 GMT
cache-control: private

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 7C7D 436 B
235 B 203ms
170ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4715266245720387&output=html&h=600&slotname=1614245493&adk=1893923518&adf=4205648974&pi=t.ma~as.1614245493&w=300&lmt=1640694318&psa=0&format=300x600&url=http%3A%2F%2Fcdn.realityrewind.com%2F&flash=0&wgl=1&dt=1640694318265&bpp=1&bdt=1534&idt=156&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250&nras=1&correlator=1756506614525&frm=20&pv=1&ga_vid=955479509.1640694318&ga_sid=1640694318&ga_hid=2022544045&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=955&ady=1082&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063858&oid=2&pvsid=3430653642811118&pem=880&tmod=837&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&fsb=1&xpc=FDWYfFsoJI&p=http%3A//cdn.realityrewind.com&dtd=159

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

588b6cab990fae46efd7b31ce948353ed1db528fb9c7e125882c9c66d5da91ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: http://cdn.realityrewind.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 28 Dec 2021 12:25:18 GMT
server: cafe
content-length: 212
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 28 Dec 2021 12:25:18 GMT
cache-control: private

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6FDF 436 B
235 B 214ms
187ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4715266245720387&output=html&h=600&slotname=1753846299&adk=4032795514&adf=1760133856&pi=t.ma~as.1753846299&w=300&lmt=1640694318&psa=0&format=300x600&url=http%3A%2F%2Fcdn.realityrewind.com%2F&flash=0&wgl=1&dt=1640694318265&bpp=1&bdt=1534&idt=162&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C300x600&nras=1&correlator=1756506614525&frm=20&pv=1&ga_vid=955479509.1640694318&ga_sid=1640694318&ga_hid=2022544045&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=955&ady=1707&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063858&oid=2&pvsid=3430653642811118&pem=880&tmod=837&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=G5AzpuTa6l&p=http%3A//cdn.realityrewind.com&dtd=165

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8eca7205e59341df7f339e1e07eddeee9d031f522b9808067948a715affe16c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: http://cdn.realityrewind.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 28 Dec 2021 12:25:18 GMT
server: cafe
content-length: 212
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 28 Dec 2021 12:25:18 GMT
cache-control: private

GET
H3

200

__utm.gif
www.google-analytics.com/r/
Redirect Chain

http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=938845580&utmhn=cdn.realityrewind.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=...
https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=938845580&utmhn=cdn.realityrewind.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt...

35 B
54 B

97ms
47ms

Image
image/gif

2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=938845580&utmhn=cdn.realityrewind.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Reality%20Rewind%20%7C%20Catching%20You%20Up%20On%20All%20Things%20Reality%20TV&utmhid=2022544045&utmr=-&utmp=%2F&utmht=1640694318447&utmac=UA-4548574-17&utmcc=__utma%3D116800084.955479509.1640694318.1640694318.1640694318.1%3B%2B__utmz%3D116800084.1640694318.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=217354269&utmredir=1&utmu=DAAAAAAAAAAAAAAAAAQAAAAE~

Requested by

Host: cdn.realityrewind.com
URL: http://cdn.realityrewind.com/

Protocol

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://cdn.realityrewind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Dec 2021 12:25:18 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=938845580&utmhn=cdn.realityrewind.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Reality%20Rewind%20%7C%20Catching%20You%20Up%20On%20All%20Things%20Reality%20TV&utmhid=2022544045&utmr=-&utmp=%2F&utmht=1640694318447&utmac=UA-4548574-17&utmcc=__utma%3D116800084.955479509.1640694318.1640694318.1640694318.1%3B%2B__utmz%3D116800084.1640694318.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=217354269&utmredir=1&utmu=DAAAAAAAAAAAAAAAAAQAAAAE~
Non-Authoritative-Reason: HSTS

GET
H/1.1 200
OK quant.js Show response
edge.quantserve.com/ 24 KB
10 KB 90ms
59ms Script
application/javascript 2620:116:800d:21:f916:5049:f87f:108e
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://edge.quantserve.com/quant.js
Requested by: Host: cdn.realityrewind.com
URL: http://cdn.realityrewind.com/
Protocol: HTTP/1.1
Server: 2620:116:800d:21:f916:5049:f87f:108e , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 487fce51fd801415c362f3f9f2df43c445a4b9ba38f9b6d49dfc898dc85ede94

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://cdn.realityrewind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Tue, 28 Dec 2021 12:25:18 GMT
Content-Encoding: gzip
Etag: "FMCWFRCBdbNj8Eh2c0G78Q=="
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: private, max-age=604800
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Accept-Ranges: bytes
Expires: Tue, 04 Jan 2022 12:25:18 GMT

GET
H/1.1 200
OK ice.js Show response
resources.infolinks.com/js/1775.005-3.025.ab.1774.006-3.025/ 207 KB
67 KB 33ms
33ms Script
application/javascript 172.66.42.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://resources.infolinks.com/js/1775.005-3.025.ab.1774.006-3.025/ice.js
Requested by: Host: cdn.realityrewind.com
URL: http://cdn.realityrewind.com/
Protocol: HTTP/1.1
Server: 172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3d276d676d044a790a34f40aa20de0fc4e3d1c561a635ae430d28c693fbe1473

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://cdn.realityrewind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

CF-RAY: 6c4ac5426aa435bf-MAN
Date: Tue, 28 Dec 2021 12:25:18 GMT
Via: 1.1 google
CF-Cache-Status: HIT
Last-Modified: Wed, 22 Dec 2021 13:55:23 GMT
Server: cloudflare
Age: 3047
ETag: W/"33cd8-5d3bc792394e4"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
Connection: keep-alive
Content-Encoding: gzip
Expires: Thu, 27 Jan 2022 11:34:31 GMT

GET
H3

200

/
www.facebook.com/login/ Frame F4C4
Redirect Chain

https://www.facebook.com/v2.8/plugins/page.php?adapt_container_width=true&app_id=191429144239396&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3fd...
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D191429144239396%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook....

0
0

318ms
276ms

Document
text/html

2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D191429144239396%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df3fd1059187cc6c%2526domain%253Dcdn.realityrewind.com%2526is_canvas%253Dfalse%2526origin%253Dhttp%25253A%25252F%25252Fcdn.realityrewind.com%25252Ff262995fc0e746c%2526relation%253Dparent.parent%26container_width%3D300%26height%3D300%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Frealityrewind%252F%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dfalse%26tabs%3Dtimeline%26width%3D300

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=8e4a6f240bdf44de8a9272f5a3845bdd

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* attachment.fbsbx.com blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: about:blank

Response headers

vary: Accept-Encoding
content-encoding: br
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-opener-policy: unsafe-none
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: QBLR9TPY58xT1z1t16usunXpGyuSC5PEH53EoRQ5m07LGloVx9fKnzh9VKsL+rEM6hO20CYb+9jfA63Y56PFMA==
date: Tue, 28 Dec 2021 12:25:18 GMT
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i

Redirect headers

location: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D191429144239396%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df3fd1059187cc6c%2526domain%253Dcdn.realityrewind.com%2526is_canvas%253Dfalse%2526origin%253Dhttp%25253A%25252F%25252Fcdn.realityrewind.com%25252Ff262995fc0e746c%2526relation%253Dparent.parent%26container_width%3D300%26height%3D300%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Frealityrewind%252F%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dfalse%26tabs%3Dtimeline%26width%3D300
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-opener-policy: unsafe-none
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
facebook-api-version: v5.0
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: gBXcbcJ6deFWFG3wK8vRZvsDrivhXEKsWhBUSEcLysKr4+tJokMMxyYRYnZJfQMsZ5CF3/FbE1Ls+UI3yUksTQ==
content-length: 0
date: Tue, 28 Dec 2021 12:25:18 GMT
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600

GET
H3 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.qv6viowpwpE.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCOaUfPxgj7Tq1y4CPKAnKfHQ9ZJNQ/ 148 KB
51 KB 91ms
41ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.qv6viowpwpE.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCOaUfPxgj7Tq1y4CPKAnKfHQ9ZJNQ/cb=gapi.loaded_0

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a2b8c98adb1d2f405aa95c776222f4eacb326f0622b1aaaa2dfbdebb70d11eef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://cdn.realityrewind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 25 Dec 2021 16:06:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 245905
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51833
x-xss-protection: 0
last-modified: Wed, 01 Dec 2021 04:25:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding, Origin
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sun, 25 Dec 2022 16:06:53 GMT

GET
H2 200 manage Show response
router.infolinks.com/usync/ Frame 41FC 9 KB
2 KB 184ms
125ms Document
text/html 172.66.41.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://router.infolinks.com/usync/manage?pid=9126&wsid=8&pdom=cdn.realityrewind.com&purl=http%3A%2F%2Fcdn.realityrewind.com%2F
Requested by: Host: resources.infolinks.com
URL: http://resources.infolinks.com/js/1775.005-3.025.ab.1774.006-3.025/ice.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 05ed5f51c65d668cd3c8e69932e70f7df961701751a6424d499613af76266073

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: http://cdn.realityrewind.com/

Response headers

date: Tue, 28 Dec 2021 12:25:18 GMT
content-type: text/html;charset=UTF-8
cache-control: no-store
p3p: CP="NON DSP NID OUR COR"
via: 1.1 google
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6c4ac54379cb35f5-MAN
content-encoding: gzip

GET
H2 200 lcmanage Show response
router.infolinks.com/usync/ 0
37 B 182ms
126ms Script
text/plain 172.66.41.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://router.infolinks.com/usync/lcmanage?pid=9126&wsid=8&pdom=cdn.realityrewind.com&purl=http%3A%2F%2Fcdn.realityrewind.com%2F
Requested by: Host: resources.infolinks.com
URL: http://resources.infolinks.com/js/1775.005-3.025.ab.1774.006-3.025/ice.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://cdn.realityrewind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 12:25:18 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cache-control: no-store
cf-ray: 6c4ac54379cd35f5-MAN
content-length: 0

GET
H/1.1 200
OK gsd Show response
router.infolinks.com/ 322 B
802 B 560ms
534ms Script
text/javascript 172.66.41.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://router.infolinks.com/gsd?evt=afterGSD&pid=9126&wsid=8&pdom=cdn.realityrewind.com&purl=http%3A%2F%2Fcdn.realityrewind.com%2F&jsv=1775.005-3.025.ab.1774.006-3.025&_cb=16406943185720
Requested by: Host: resources.infolinks.com
URL: http://resources.infolinks.com/js/1775.005-3.025.ab.1774.006-3.025/ice.js
Protocol: HTTP/1.1
Server: 172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: de949c48b18618f02ce79a39d52d56eb074ac1e1b3bd94cf6c458a871b28427e

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://cdn.realityrewind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 28 Dec 2021 12:25:19 GMT
Via: 1.1 google
CF-Cache-Status: DYNAMIC
Server: cloudflare
Transfer-Encoding: chunked
P3P: CP="NON DSP NID OUR COR"
Content-Type: text/javascript;charset=UTF-8
Content-Encoding: gzip
Cache-Control: max-age=0
Connection: keep-alive
CF-RAY: 6c4ac543587c54b7-MAN
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK displayAd.js Show response
a.tribalfusion.com/ Frame 396A 678 B
1 KB 244ms
244ms Script
application/x-javascript 2606:4700::6812:d05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://a.tribalfusion.com/displayAd.js?dver=0.9&th=10399943210
Requested by: Host: a.tribalfusion.com
URL: http://a.tribalfusion.com/real/tags/AmericanIdolNetcom/realityrewind/tags.js
Protocol: HTTP/1.1
Server: 2606:4700::6812:d05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3bfe3078ef3d06570a03b17f9260449348b90b0a74ff58a7fa862255333e01e8

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://cdn.realityrewind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Tue, 28 Dec 2021 12:25:18 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
P3P: CP="NOI DEVo TAIa OUR BUS"
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Content-Length: 332
X-Function: 153
Last-Modified: Wed, 11 Aug 2021 04:08:51 GMT
Server: cloudflare
X-Reuse-Index: 4
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: private
CF-RAY: 6c4ac5436fdf0f72-MXP
Expires: Mon, 28 Mar 2022 12:25:18 GMT

GET
H/1.1 200
OK widget_iframe.21f942bb866c2823339b839747a0c50c.html Show response
platform.twitter.com/widgets/ Frame 3E3E 319 KB
103 KB 62ms
62ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.21f942bb866c2823339b839747a0c50c.html?origin=http%3A%2F%2Fcdn.realityrewind.com
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (mil/6CF2) /
Resource Hash: c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: http://cdn.realityrewind.com/

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 1612736
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Tue, 28 Dec 2021 12:25:18 GMT
Etag: "8321d7cf58d70200c1423dfa0bca40f6+gzip"
Last-Modified: Thu, 02 Dec 2021 21:34:18 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (mil/6CF2)
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 105433

GET
H2

200

rules-p-0ays5_1VgWWKE.js Show response
rules.quantcount.com/
Redirect Chain

http://rules.quantcount.com/rules-p-0ays5_1VgWWKE.js
https://rules.quantcount.com/rules-p-0ays5_1VgWWKE.js

3 B
439 B

133ms
47ms

Script
application/javascript

2600:9000:223c:ec00:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-0ays5_1VgWWKE.js
Requested by: Host: cdn.realityrewind.com
URL: http://cdn.realityrewind.com/
Protocol: H2
Server: 2600:9000:223c:ec00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://cdn.realityrewind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 09:27:22 GMT
via: 1.1 367a4718be97a49df7ac0500a986437b.cloudfront.net (CloudFront)
age: 10677
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 3
last-modified: Sat, 04 Mar 2017 19:40:31 GMT
server: AmazonS3
etag: "8a80554c91d9fca8acb82f023de02f11"
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-cf-pop: FRA56-P2
accept-ranges: bytes
x-amz-cf-id: WlbSw3NC8wkL1LjYldkTr7aFwpDWUzlG6fytLt6l3M_QOzDGczHabQ==

Redirect headers

Date: Tue, 28 Dec 2021 12:25:18 GMT
Via: 1.1 993c0866e705e48daa4fed5e30627712.cloudfront.net (CloudFront)
Server: CloudFront
X-Amz-Cf-Pop: FRA56-P2
X-Cache: Redirect from cloudfront
Content-Type: text/html
Location: https://rules.quantcount.com/rules-p-0ays5_1VgWWKE.js
Connection: keep-alive
Content-Length: 183
X-Amz-Cf-Id: rcTVxsAP0HLXWr5QlaBbftm5nvq-K56HsHe36K1d916hkaJ-X9Lh2w==

GET
H/1.1 200
OK displayAd.js Show response
a.tribalfusion.com/ Frame EE76 677 B
1 KB 229ms
229ms Script
application/x-javascript 2606:4700::6812:d05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://a.tribalfusion.com/displayAd.js?dver=0.9&th=10399943210
Requested by: Host: a.tribalfusion.com
URL: http://a.tribalfusion.com/real/tags/AmericanIdolNetcom/realityrewind/tags.js
Protocol: HTTP/1.1
Server: 2606:4700::6812:d05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0ebe307beedcd8d666486851120eacd65084d5db9bfdcad613953c5a613df4ca

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://cdn.realityrewind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Tue, 28 Dec 2021 12:25:18 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
P3P: CP="NOI DEVo TAIa OUR BUS"
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Content-Length: 326
X-Function: 153
Last-Modified: Wed, 11 Aug 2021 04:08:51 GMT
Server: cloudflare
X-Reuse-Index: 2
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: private
CF-RAY: 6c4ac5439ce059a7-MXP
Expires: Mon, 28 Mar 2022 12:25:18 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame 2E6A 2 KB
1 KB 136ms
45ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4715266245720387&output=html&h=250&slotname=0765996815&adk=410649583&adf=3209260708&pi=t.ma~as.0765996815&w=300&lmt=1640694318&psa=0&format=300x250&url=http%3A%2F%2Fcdn.realityrewind.com%2F&flash=0&wgl=1&dt=1640694318263&bpp=1&bdt=1532&idt=148&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1756506614525&frm=20&pv=1&ga_vid=955479509.1640694318&ga_sid=1640694318&ga_hid=2022544045&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=955&ady=763&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063858&oid=2&pvsid=3430653642811118&pem=880&tmod=837&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&cms=2&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=GMVqGFuQ0D&p=http%3A//cdn.realityrewind.com&dtd=152

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 12:20:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 277
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 11 Jan 2022 12:20:41 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame 2E6A 15 KB
7 KB 132ms
42ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ffb89f1f1fa54e822805cddf1f6ec0492cd8b806b36a921eda855241d1eee914

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 12:18:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 390
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6464
x-xss-protection: 0
server: cafe
etag: 15715955993838318253
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 11 Jan 2022 12:18:48 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2E6A 119 KB
37 KB 179ms
88ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 12:25:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37305
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1638461285297402"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 28 Dec 2021 12:25:18 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 2E6A 0
0 80ms
80ms Fetch
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C8hvDLgLLYY7kHtWo1wb2lqWIAuSP0rFcp5LhiIgBwI23ARABIABgu4aAgNAKggEXY2EtcHViLTQ3MTUyNjYyNDU3MjAzODegAb3UiOsDyAEJqQLA6TwMQYu2PqgDAaoEywFP0Pj--d1wIE1nDs9kpcf3ITbi11ZeCbb6qCpW7pt5zxmD-XkDS3lUuUj29yJabgzZime9EdZgXfYcSabMH2dgzcY5ZZzjQNFUZTL-hsSpGsnGKQRzexX5FGjTtIxxX4KNPJ6VgkCHAaYnx0kOCLKv2AbW8bDkN6oCgVBnZcIojUwzKO1BpV9Drhxk4ApM7HqPSnxbQP_PTdB7_6hxsYnz9ZL4U4qn_N4Su5HCAnNIvRvdx3yn3KtICrJEpGe3T39oBWofyKcIdN3DpYAG-e-5mPbDqtBDoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAGACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItNDcxNTI2NjI0NTcyMDM4NxgA&sigh=0O98L2gnNVA&uach_m=[UACH]&cid=CAQSGwCNIrLMsLIhDajh6xf_ih8dNnLaCgWL5G-HjxgB

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4715266245720387&output=html&h=250&slotname=0765996815&adk=410649583&adf=3209260708&pi=t.ma~as.0765996815&w=300&lmt=1640694318&psa=0&format=300x250&url=http%3A%2F%2Fcdn.realityrewind.com%2F&flash=0&wgl=1&dt=1640694318263&bpp=1&bdt=1532&idt=148&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1756506614525&frm=20&pv=1&ga_vid=955479509.1640694318&ga_sid=1640694318&ga_hid=2022544045&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=955&ady=763&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063858&oid=2&pvsid=3430653642811118&pem=880&tmod=837&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&cms=2&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=GMVqGFuQ0D&p=http%3A//cdn.realityrewind.com&dtd=152
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Tue, 28 Dec 2021 12:25:18 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Tue, 28 Dec 2021 12:25:18 GMT

GET
H2 200 notify
rtb.fr.eu.criteo.com/google/auction/ Frame 2E6A 0
0 119ms
37ms Fetch 2a02:2638::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=UJWXEsmBMKwC-gGH-lcYAgAAABXBf9c5DLvYEC4Cy2E8ejAJx-M8mHprzAAS&wp=YcsCLgAHsg4K1dRVAAlLdqk_TTQMKZW9M8tIww

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 12:25:18 GMT
server: Kestrel
server-processing-duration-in-ticks: 264080
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 71FF 46 KB
18 KB 127ms
46ms Document
text/html 2a02:2638::18
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=YcsCLgAHsg4K1dRVAAlLdqk_TTQMKZW9M8tIww&u=%7CJZz6DaVSH6IlZ9Ydty2XWH4QFmIwZiJLKiC68AZ%2BKxQ%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD0z6RaFAlAQ6ciC3rnAoG72_3BFDfZ8qj0n6FwJ08Cvv_7xsebT9t6W_-wyZF9WzRgbf9WC3ilLIAiVUjl9n1Hke-MjT5zVU5302dZ_43d521FSmhiDEWS0i55WdPUbqyjxRPHfo5Lyvxd3vqwtSOhRQOZsRNXkACVJPZUzQfq84UqxNWlPWceqK0Cy1PZ0RN6LqJPXIMHfl90iZvS1TZcIpNMx7jNHealJZ3DKsMfUieBuyG-Shr-BiUyAdup2zxEveSsdG6m7_cit7xeG4cZxjj0JidtG7gdDwNw6oMDiMZMN2jFdwiTROp9ZnT5_BytAA524KaS9_8qzy2FCzJ-FYap8zRfpEiioZihKapatXOXz5PhdBqLPdA1cwBdHyz5TUwDfMPYuOG4Gv3j96oK8u8tos648Xn1QpBfJHorUcFfV33Q5Y0PEOCeoG58F7awZ0GghbUiQqlY5YsUEeIf4_BLyQiCzIN-4oRfdHBSxMXQRAD32sSbQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCwn4ULgLLYY7kHtWo1wb2lqWIAuSP0rFcp5LhiIgBwI23ARABIABgu4aAgNAKggEXY2EtcHViLTQ3MTUyNjYyNDU3MjAzODegAb3UiOsDyAEJqQLA6TwMQYu2PqgDAaoEzgFP0Pj--d1wIE1nDs9kpcf3ITbi11ZeCbb6qCpW7pt5zxmD-XkDS3lUuUj29yJabgzZime9EdZgXfYcSabMH2dgzcY5ZZzjQNFUZTL-hsSpGsnGKQRzexX5FGjTtIxxX4KNPJ6VgkCHAaYnx0kOCLKv2AbW8bDkN6oCgVBnZcIojUwzKO1BpV9Drhxk4ApM7HqPSnxbQP_PTdB7_6hxsYnz9ZL4U4rl_v-AaDMwB-C6soNeo-AM379CtrhqvLw51Bv0pNUB5L_Z8zfGNpdD9oAG-e-5mPbDqtBDoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1Sdg0-lFANh1WOPLJlQ_DApVPS7g%26client%3Dca-pub-4715266245720387%26adurl%3D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::18 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

636b3421b6ab10acf5a319784b3a251056184843438e5508588d180353e213f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

date: Tue, 28 Dec 2021 12:25:18 GMT
content-type: text/html
server: Kestrel
cache-control: private, max-age=0, no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cross-origin-resource-policy: cross-origin
p3p: CP='CUR ADM OUR NOR STA NID'
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=yMZyDJ6rnn-4sijTmQvvA7JfaqCmnfTpx1KO5VPPrVNFfG57vAlgXcPMQcdQKOZVmquRS80M4BPZNx75EgQhit8U63T6fDn7leM_hr7IO8aq3_3LFVfubM_9ICeGjVrOPtPdPWq0OlpG0Oj14-4Qv-SXSyx9gY9YcaQ9SnGHqJI7Lsf2BH9gYJdBnbV9VO-S-ALawPOASPqI0_TdUkOMFGeX3zCo8dSSbrlbpe14o5tay9_v2ReZlbfuPXlZ_-4_D8Ya-eAZcncosBQJ"}], "max_age": 86400}
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
server-processing-duration-in-ticks: 4608796
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding

GET
H2 200 settings Show response
syndication.twitter.com/ Frame 3E3E 232 B
448 B 196ms
133ms Fetch
application/json 104.244.42.8
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=4dd06f543a4cbb50b56fd18cdc97f925c1cf4908

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.21f942bb866c2823339b839747a0c50c.html?origin=http%3A%2F%2Fcdn.realityrewind.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.8 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_f /

Resource Hash

726906ee6ce6dfe1b6e35ddad151196c50277e31520de30e916e9cd9affc0ef3

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-response-time: 104
date: Tue, 28 Dec 2021 12:25:18 GMT
content-encoding: gzip
last-modified: Tue, 28 Dec 2021 12:25:18 GMT
server: tsa_f
vary: Origin
strict-transport-security: max-age=631138519
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
x-connection-hash: 66f85ded867c529a7dcb3cb12532ac2662f569b2e1de7f4fa58157663491ebe8
content-length: 166

GET
H2 200 / Show response
de.tynt.com/deb/ Frame 4D0E 75 B
289 B 358ms
113ms Document
text/html 67.202.105.32
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://de.tynt.com/deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=9126&wsid=8&pdom=cdn.realityrewind.com&purl=http%3A%2F%2Fcdn.realityrewind.com%2F
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.32 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip32.67-202-105.static.steadfastdns.net
Software: /
Resource Hash: e170d20dbbd5a22f50118e25fa2eefb1e85d2ad780e5477ed3a9643186090442

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://router.infolinks.com/

Response headers

cache-control: max-age=86400
expires: Wed, 29 Dec 2021 12:25:19 GMT
referrer-policy: unsafe-url
content-type: text/html
content-length: 75
date: Tue, 28 Dec 2021 12:25:18 GMT
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H/1.1

200
OK

usermatch Show response
ssum-sec.casalemedia.com/ Frame D0D5
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?s=191306&cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1

2 KB
3 KB

80ms
79ms

Document
text/html

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=9126&wsid=8&pdom=cdn.realityrewind.com&purl=http%3A%2F%2Fcdn.realityrewind.com%2F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: d8d6b0599b7ec5749275714999d92d7e16786cd18e01b3adf5ac8f2be7e56bda

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://router.infolinks.com/

Response headers

Server: Apache
Content-Type: text/html
Dropped-Udsids: 241|230|39|45|5|195|190|176
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary: Is-Traffic-Usersync
Content-Length: 1656
Expires: Tue, 28 Dec 2021 12:25:19 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Tue, 28 Dec 2021 12:25:19 GMT
Connection: keep-alive

Redirect headers

Server: Apache
Content-Length: 311
Content-Type: text/html; charset=iso-8859-1
Location: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires: Tue, 28 Dec 2021 12:25:18 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Tue, 28 Dec 2021 12:25:18 GMT
Connection: keep-alive

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame 7EB6 2 KB
814 B 145ms
46ms Document
text/html 51.75.86.98
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=598ce3ddaee8c90

Requested by

Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=9126&wsid=8&pdom=cdn.realityrewind.com&purl=http%3A%2F%2Fcdn.realityrewind.com%2F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.75.86.98 , France, ASN16276 (OVH, FR),

Reverse DNS

ip98.ip-51-75-86.eu

Software

Resource Hash

37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://router.infolinks.com/

Response headers

content-type: text/html
cache-control: no-transform, no-cache
content-encoding: gzip
content-length: 731
strict-transport-security: max-age=15552000

GET
H2

200

pbm-usync
router.infolinks.com/dyn/ Frame 41FC
Redirect Chain

https://image8.pubmatic.com/AdServer/ImgSync?p=156872&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156872%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infoli...
https://image8.pubmatic.com/AdServer/ImgSync?p=156872&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156872%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infoli...
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RkNEM0YwRUUtNzYxOS00QkM1LUFDOTYtNTVDMDdEQ0U4QTIw&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
https://image4.pubmatic.com/AdServer/SPug?p=156872&pmc=1&pr=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fpbm-usync%3Fuid%3DFCD3F0EE-7619-4BC5-AC96-55C07DCE8A20
https://router.infolinks.com/dyn/pbm-usync?uid=FCD3F0EE-7619-4BC5-AC96-55C07DCE8A20

0
167 B

123ms
123ms

Image
text/html

172.66.41.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://router.infolinks.com/dyn/pbm-usync?uid=FCD3F0EE-7619-4BC5-AC96-55C07DCE8A20
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=9126&wsid=8&pdom=cdn.realityrewind.com&purl=http%3A%2F%2Fcdn.realityrewind.com%2F
Protocol: H2
Server: 172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Dec 2021 12:25:19 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NON DSP NID OUR COR"
content-type: text/html;charset=UTF-8
cache-control: no-store, no-cache, private
cf-ray: 6c4ac547ba3935f5-MAN
content-length: 0
expires: Mon, 28 Dec 2020 12:25:19 GMT

Redirect headers

location: https://router.infolinks.com/dyn/pbm-usync?uid=FCD3F0EE-7619-4BC5-AC96-55C07DCE8A20
date: Tue, 28 Dec 2021 12:25:17 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2

200

apn-usync
router.infolinks.com/dyn/ Frame 41FC
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fapn-usync%3Fuser_id%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fapn-usync%253Fuser_id%253D%2524UID
https://router.infolinks.com/dyn/apn-usync?user_id=2445082858277262493

35 B
187 B

123ms
123ms

Image
image/gif

172.66.41.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://router.infolinks.com/dyn/apn-usync?user_id=2445082858277262493
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=9126&wsid=8&pdom=cdn.realityrewind.com&purl=http%3A%2F%2Fcdn.realityrewind.com%2F
Protocol: H2
Server: 172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Dec 2021 12:25:19 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NON DSP NID OUR COR"
content-type: image/gif
cache-control: no-store, no-cache, private
cf-ray: 6c4ac5463f1135f5-MAN
content-length: 35
expires: Mon, 28 Dec 2020 12:25:19 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 28 Dec 2021 12:25:19 GMT
X-Proxy-Origin: 89.238.142.212; 89.238.142.212; 537.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: d4e2ab02-76c5-4989-b7b5-199c18de2b70
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://router.infolinks.com/dyn/apn-usync?user_id=2445082858277262493
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 cm
u.openx.net/w/1.0/ Frame 41FC 43 B
305 B 106ms
35ms Image
image/gif 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://u.openx.net/w/1.0/cm?id=9b5994f2-035d-46de-8c12-bc0e9a4e66c2&r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fox-usync%3Fuid%3D
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=9126&wsid=8&pdom=cdn.realityrewind.com&purl=http%3A%2F%2Fcdn.realityrewind.com%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/17.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Dec 2021 12:25:18 GMT
content-encoding: gzip
server: OXGW/17.0.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
via: 1.1 google
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

VR-usync
router.infolinks.com/dyn/ Frame 41FC
Redirect Chain

https://ups.analytics.yahoo.com/ups/58422/occ
https://ups.analytics.yahoo.com/ups/58422/occ?verify=true
https://router.infolinks.com/dyn/VR-usync?uid=y-T4VwIgRE2uGdbX.wJg0ro9eRl9zLDxwsMvQ2oIo-~A

35 B
300 B

123ms
123ms

Image
image/gif

172.66.41.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://router.infolinks.com/dyn/VR-usync?uid=y-T4VwIgRE2uGdbX.wJg0ro9eRl9zLDxwsMvQ2oIo-~A
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=9126&wsid=8&pdom=cdn.realityrewind.com&purl=http%3A%2F%2Fcdn.realityrewind.com%2F
Protocol: H2
Server: 172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Dec 2021 12:25:19 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NON DSP NID OUR COR"
content-type: image/gif
cache-control: no-store, no-cache, private
cf-ray: 6c4ac545de2f35f5-MAN
content-length: 35
expires: Mon, 28 Dec 2020 12:25:19 GMT

Redirect headers

location: https://router.infolinks.com/dyn/VR-usync?uid=y-T4VwIgRE2uGdbX.wJg0ro9eRl9zLDxwsMvQ2oIo-~A
date: Tue, 28 Dec 2021 12:25:18 GMT
server: ATS/9.1.0.33
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

r1-usync
router.infolinks.com/dyn/ Frame 41FC
Redirect Chain

https://sync.1rx.io/usersync2/infolinks
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6584188091
https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6584188091
https://sync.1rx.io/usersync/tradedesk/4cba8aa8-6f94-43c4-8615-0ce211e69fd7
https://sync.targeting.unrulymedia.com/csync/RX-9177086c-e70f-4a1b-b9f1-b2827a0e7b71-003?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fr1-usync%3Fuid%3DRX-9177086c-e70f-4a1b-b9f1-b2827a0e7b71-003
https://router.infolinks.com/dyn/r1-usync?uid=RX-9177086c-e70f-4a1b-b9f1-b2827a0e7b71-003

35 B
204 B

122ms
122ms

Image
image/gif

172.66.41.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://router.infolinks.com/dyn/r1-usync?uid=RX-9177086c-e70f-4a1b-b9f1-b2827a0e7b71-003
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=9126&wsid=8&pdom=cdn.realityrewind.com&purl=http%3A%2F%2Fcdn.realityrewind.com%2F
Protocol: H2
Server: 172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Dec 2021 12:25:19 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NON DSP NID OUR COR"
content-type: image/gif
cache-control: no-store, no-cache, private
cf-ray: 6c4ac547aa2135f5-MAN
content-length: 35
expires: Mon, 28 Dec 2020 12:25:19 GMT

Redirect headers

location: https://router.infolinks.com/dyn/r1-usync?uid=RX-9177086c-e70f-4a1b-b9f1-b2827a0e7b71-003
date: Tue, 28 Dec 2021 12:25:19 GMT
server: Tengine
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RX9177086ce70f4a1bb9f1b2827a0e7b71003
content-type: text/html

GET
H2

200

zmn-usync
router.infolinks.com/dyn/ Frame 41FC
Redirect Chain

https://b1sync.zemanta.com/usersync/infolinks/?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fzmn-usync%3Fuid%3D__ZUID__
https://router.infolinks.com/dyn/zmn-usync?uid=

35 B
90 B

189ms
189ms

Image
image/gif

172.66.41.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://router.infolinks.com/dyn/zmn-usync?uid=
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=9126&wsid=8&pdom=cdn.realityrewind.com&purl=http%3A%2F%2Fcdn.realityrewind.com%2F
Protocol: H2
Server: 172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 12:25:19 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NON DSP NID OUR COR"
content-type: image/gif
cache-control: no-store
cf-ray: 6c4ac547494c35f5-MAN
content-length: 35

Redirect headers

Location: https://router.infolinks.com/dyn/zmn-usync?uid=
Pragma: no-cache
Date: Tue, 28 Dec 2021 12:25:19 GMT
Cache-Control: no-cache, no-store, must-revalidate
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Content-Length: 70
Content-Type: text/html; charset=utf-8

GET
H/1.1 200
OK us
sync.go.sonobi.com/ Frame 41FC 0
474 B 167ms
38ms Image
text/plain 178.162.133.149
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/us?loc=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsonobi-usync%3Fuid%3D%5BUID%5D

Requested by

Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=9126&wsid=8&pdom=cdn.realityrewind.com&purl=http%3A%2F%2Fcdn.realityrewind.com%2F

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.149 Rotterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-sync.go.sonobi.com

Software

sonobi-go /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 28 Dec 2021 12:25:18 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-9
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Type: text/plain; charset=utf8
Content-Length: 0
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1

200
OK

ca.png
s.cpx.to/ Frame 41FC
Redirect Chain

https://ib.adnxs.com/getuid?https://s.cpx.to/ca.png?ref=http%253A%252F%252Fcdn.realityrewind.com%252F&pid=12306&adnxs_uid=$UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fs.cpx.to%2Fca.png%3Fref%3Dhttp%25253A%25252F%25252Fcdn.realityrewind.com%25252F%26pid%3D12306%26adnxs_uid%3D%24UID
https://s.cpx.to/ca.png?ref=http%3A%2F%2Fcdn.realityrewind.com%2F&pid=12306&adnxs_uid=4886527385519746490

95 B
945 B

173ms
39ms

Image
image/png

34.253.11.36
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.cpx.to/ca.png?ref=http%3A%2F%2Fcdn.realityrewind.com%2F&pid=12306&adnxs_uid=4886527385519746490

Requested by

Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=9126&wsid=8&pdom=cdn.realityrewind.com&purl=http%3A%2F%2Fcdn.realityrewind.com%2F

Protocol

HTTP/1.1

Server

34.253.11.36 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-253-11-36.eu-west-1.compute.amazonaws.com

Software

Resource Hash

bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache, no-cache
Content-Security-Policy: default-src 'self'
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Date: Tue, 28 Dec 2021 12:25:19 GMT
X-Frame-Options: sameorigin
Connection: keep-alive
P3P: CP="NOI DEV ADM"
Cache-Control: no-store, must-revalidate, private, max-age=0, no-store, must-revalidate, private, max-age=0
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/png
Content-Length: 95
Expires: Tue, 28 Dec 2021 12:25:19 UTC

Redirect headers

Pragma: no-cache
Date: Tue, 28 Dec 2021 12:25:18 GMT
X-Proxy-Origin: 89.238.142.212; 89.238.142.212; 537.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 2a11292a-bf2a-44d8-ab7b-cb555ebb2e8f
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://s.cpx.to/ca.png?ref=http%3A%2F%2Fcdn.realityrewind.com%2F&pid=12306&adnxs_uid=4886527385519746490
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK sync
dsp.adkernel.com/ Frame 41FC 42 B
233 B 311ms
105ms Image
image/gif 174.137.133.49
WEBAIR-INTERNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsp.adkernel.com/sync?exchange=202&r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fearn-usync%3Fuid%3D%7BUID%7D
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=9126&wsid=8&pdom=cdn.realityrewind.com&purl=http%3A%2F%2Fcdn.realityrewind.com%2F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 174.137.133.49 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 28 Dec 2021 12:25:19 GMT
Server: nginx
Age: 0
Content-Type: image/gif
Cache-Control: no-store
Connection: keep-alive
Content-Length: 42

GET
H2

200

outh-usync
router.infolinks.com/dyn/ Frame 41FC
Redirect Chain

https://pixel.advertising.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true
https://pixel.advertising.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true&verify=true
https://ups.analytics.yahoo.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP38275a56-67d9-11ec-83cd-02cf8ce7f0ba
https://router.infolinks.com/dyn/outh-usync?uid=y-w_Tl1stE2uGYAS9HueGWE1rlSzthu2M5~A~UP38275a56-67d9-11ec-83cd-02cf8ce7f0ba

35 B
234 B

155ms
154ms

Image
image/gif

172.66.41.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://router.infolinks.com/dyn/outh-usync?uid=y-w_Tl1stE2uGYAS9HueGWE1rlSzthu2M5~A~UP38275a56-67d9-11ec-83cd-02cf8ce7f0ba
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=9126&wsid=8&pdom=cdn.realityrewind.com&purl=http%3A%2F%2Fcdn.realityrewind.com%2F
Protocol: H2
Server: 172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Dec 2021 12:25:19 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NON DSP NID OUR COR"
content-type: image/gif
cache-control: no-store, no-cache, private
cf-ray: 6c4ac5462ee635f5-MAN
content-length: 35
expires: Mon, 28 Dec 2020 12:25:19 GMT

Redirect headers

location: https://router.infolinks.com/dyn/outh-usync?uid=y-w_Tl1stE2uGYAS9HueGWE1rlSzthu2M5~A~UP38275a56-67d9-11ec-83cd-02cf8ce7f0ba
date: Tue, 28 Dec 2021 12:25:19 GMT
server: ATS/9.1.0.33
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1 200
OK usersync
match.bnmla.com/ Frame 41FC 0
114 B 331ms
106ms Image
text/plain 38.27.122.101
COGENT-174

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.bnmla.com/usersync?sspid=1000361&redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fenbd-usync%3Fuid%3D%5BUUID%5D
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=9126&wsid=8&pdom=cdn.realityrewind.com&purl=http%3A%2F%2Fcdn.realityrewind.com%2F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 38.27.122.101 , United States, ASN174 (COGENT-174, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Tue, 28 Dec 2021 12:25:19 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H2

200

sovrn-usync
router.infolinks.com/dyn/ Frame 41FC
Redirect Chain

https://ap.lijit.com/pixel?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsovrn-usync%3Fuid%3D%24UID
https://ap.lijit.com/pixel?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsovrn-usync%3Fuid%3D%24UID&sovrn_retry=true
https://router.infolinks.com/dyn/sovrn-usync?uid=c6bfb79c336c257a0bbf5fce

35 B
193 B

124ms
123ms

Image
image/gif

172.66.41.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://router.infolinks.com/dyn/sovrn-usync?uid=c6bfb79c336c257a0bbf5fce
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=9126&wsid=8&pdom=cdn.realityrewind.com&purl=http%3A%2F%2Fcdn.realityrewind.com%2F
Protocol: H2
Server: 172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Dec 2021 12:25:19 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NON DSP NID OUR COR"
content-type: image/gif
cache-control: no-store, no-cache, private
cf-ray: 6c4ac547598d35f5-MAN
content-length: 35
expires: Mon, 28 Dec 2020 12:25:19 GMT

Redirect headers

Date: Tue, 28 Dec 2021 12:25:19 GMT
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://router.infolinks.com/dyn/sovrn-usync?uid=c6bfb79c336c257a0bbf5fce
Access-Control-Allow-Credentials: true
Connection: close
X-Sovrn-Pod: ad_ap5ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type

GET
H2

200

usersync
router.infolinks.com/dyn/ Frame 41FC
Redirect Chain

https://image8.pubmatic.com/AdServer/ImgSync?p=60809&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D60809%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infolink...
https://image4.pubmatic.com/AdServer/SPug?p=60809&pmc=1&pr=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fusersync%3Fpmuservalue%3DFCD3F0EE-7619-4BC5-AC96-55C07DCE8A20
https://router.infolinks.com/dyn/usersync?pmuservalue=FCD3F0EE-7619-4BC5-AC96-55C07DCE8A20

0
157 B

156ms
156ms

Image
text/plain

172.66.41.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://router.infolinks.com/dyn/usersync?pmuservalue=FCD3F0EE-7619-4BC5-AC96-55C07DCE8A20
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=9126&wsid=8&pdom=cdn.realityrewind.com&purl=http%3A%2F%2Fcdn.realityrewind.com%2F
Protocol: H2
Server: 172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 12:25:19 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NON DSP NID OUR COR"
cache-control: no-store
cf-ray: 6c4ac5469fc335f5-MAN
content-length: 0

Redirect headers

location: https://router.infolinks.com/dyn/usersync?pmuservalue=FCD3F0EE-7619-4BC5-AC96-55C07DCE8A20
date: Tue, 28 Dec 2021 12:25:17 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2

200

zeta-usync
router.infolinks.com/dyn/ Frame 41FC
Redirect Chain

https://p.rfihub.com/cm?pub=43153&in=1
https://router.infolinks.com/dyn/zeta-usync?uid=5133329520006624357

35 B
187 B

125ms
125ms

Image
image/gif

172.66.41.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://router.infolinks.com/dyn/zeta-usync?uid=5133329520006624357
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=9126&wsid=8&pdom=cdn.realityrewind.com&purl=http%3A%2F%2Fcdn.realityrewind.com%2F
Protocol: H2
Server: 172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Dec 2021 12:25:19 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NON DSP NID OUR COR"
content-type: image/gif
cache-control: no-store, no-cache, private
cf-ray: 6c4ac54779e635f5-MAN
content-length: 35
expires: Mon, 28 Dec 2020 12:25:19 GMT

Redirect headers

Location: https://router.infolinks.com/dyn/zeta-usync?uid=5133329520006624357
Date: Tue, 28 Dec 2021 12:25:19 GMT
Server: Jetty(9.3.29.v20201019)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 204 /
ssc-cms.33across.com/ps/ Frame 41FC 0
72 B 422ms
179ms Image
text/plain 67.202.105.21
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssc-cms.33across.com/ps/?ri=0010b00002CpYhEAAV&ru=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2F33a-usync%3Fuid%3D33XUSERID33X
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=9126&wsid=8&pdom=cdn.realityrewind.com&purl=http%3A%2F%2Fcdn.realityrewind.com%2F
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.21 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip21.67-202-105.static.steadfastdns.net
Software: 33XP005 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-33x-status: 2000208
date: Tue, 28 Dec 2021 12:25:19 GMT
server: 33XP005

GET
H2 200 iq-usync
router.infolinks.com/dyn/ Frame 41FC 0
35 B 123ms
123ms Image
text/plain 172.66.41.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://router.infolinks.com/dyn/iq-usync
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=9126&wsid=8&pdom=cdn.realityrewind.com&purl=http%3A%2F%2Fcdn.realityrewind.com%2F
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://router.infolinks.com/usync/manage?pid=9126&wsid=8&pdom=cdn.realityrewind.com&purl=http%3A%2F%2Fcdn.realityrewind.com%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 12:25:18 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cache-control: no-store
cf-ray: 6c4ac5448ba035f5-MAN
content-length: 0

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 71FF 2 KB
1 KB 128ms
54ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YcsCLgAHsg4K1dRVAAlLdqk_TTQMKZW9M8tIww&u=%7CJZz6DaVSH6IlZ9Ydty2XWH4QFmIwZiJLKiC68AZ%2BKxQ%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD0z6RaFAlAQ6ciC3rnAoG72_3BFDfZ8qj0n6FwJ08Cvv_7xsebT9t6W_-wyZF9WzRgbf9WC3ilLIAiVUjl9n1Hke-MjT5zVU5302dZ_43d521FSmhiDEWS0i55WdPUbqyjxRPHfo5Lyvxd3vqwtSOhRQOZsRNXkACVJPZUzQfq84UqxNWlPWceqK0Cy1PZ0RN6LqJPXIMHfl90iZvS1TZcIpNMx7jNHealJZ3DKsMfUieBuyG-Shr-BiUyAdup2zxEveSsdG6m7_cit7xeG4cZxjj0JidtG7gdDwNw6oMDiMZMN2jFdwiTROp9ZnT5_BytAA524KaS9_8qzy2FCzJ-FYap8zRfpEiioZihKapatXOXz5PhdBqLPdA1cwBdHyz5TUwDfMPYuOG4Gv3j96oK8u8tos648Xn1QpBfJHorUcFfV33Q5Y0PEOCeoG58F7awZ0GghbUiQqlY5YsUEeIf4_BLyQiCzIN-4oRfdHBSxMXQRAD32sSbQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCwn4ULgLLYY7kHtWo1wb2lqWIAuSP0rFcp5LhiIgBwI23ARABIABgu4aAgNAKggEXY2EtcHViLTQ3MTUyNjYyNDU3MjAzODegAb3UiOsDyAEJqQLA6TwMQYu2PqgDAaoEzgFP0Pj--d1wIE1nDs9kpcf3ITbi11ZeCbb6qCpW7pt5zxmD-XkDS3lUuUj29yJabgzZime9EdZgXfYcSabMH2dgzcY5ZZzjQNFUZTL-hsSpGsnGKQRzexX5FGjTtIxxX4KNPJ6VgkCHAaYnx0kOCLKv2AbW8bDkN6oCgVBnZcIojUwzKO1BpV9Drhxk4ApM7HqPSnxbQP_PTdB7_6hxsYnz9ZL4U4rl_v-AaDMwB-C6soNeo-AM379CtrhqvLw51Bv0pNUB5L_Z8zfGNpdD9oAG-e-5mPbDqtBDoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1Sdg0-lFANh1WOPLJlQ_DApVPS7g%26client%3Dca-pub-4715266245720387%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 12:25:18 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 23 Dec 2022 12:25:18 GMT

GET
H2 200 adchoices_en.svg
static.criteo.net/flash/icon/ Frame 71FF 2 KB
1 KB 117ms
44ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_en.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 12:25:18 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-759"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 23 Dec 2022 12:25:18 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 71FF 308 B
636 B 111ms
38ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 12:25:18 GMT
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Fri, 23 Dec 2022 12:25:18 GMT

GET
H2 200 back_button.svg
static.criteo.net/flash/icon/ Frame 71FF 507 B
835 B 127ms
55ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 12:25:18 GMT
last-modified: Thu, 01 Apr 2021 14:03:13 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "6065d2a1-1fb"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 507
expires: Fri, 23 Dec 2022 12:25:18 GMT

GET
H3

200

B26422808.324166946;dc_pre=CKGhw9C-hvUCFeb_uwgdI3MGWw;dc_trk_aid=516464208;dc_trk_cid=164009241;dcopt=anid;ord=61cb022e13ad9d7ee2510eead2d20abc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tf...
ad.doubleclick.net/ddm/trackimp/N1191766.154378CRITEO/ Frame 71FF
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N1191766.154378CRITEO/B26422808.324166946;dc_trk_aid=516464208;dc_trk_cid=164009241;dcopt=anid;ord=61cb022e13ad9d7ee2510eead2d20abc;dc_lat=;dc_rdid=;tag_for_...
https://ad.doubleclick.net/ddm/trackimp/N1191766.154378CRITEO/B26422808.324166946;dc_pre=CKGhw9C-hvUCFeb_uwgdI3MGWw;dc_trk_aid=516464208;dc_trk_cid=164009241;dcopt=anid;ord=61cb022e13ad9d7ee2510eea...

42 B
63 B

114ms
61ms

Image
image/gif

142.250.184.230
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/trackimp/N1191766.154378CRITEO/B26422808.324166946;dc_pre=CKGhw9C-hvUCFeb_uwgdI3MGWw;dc_trk_aid=516464208;dc_trk_cid=164009241;dcopt=anid;ord=61cb022e13ad9d7ee2510eead2d20abc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=1;;ltd=?

Requested by

Protocol

Server

142.250.184.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f6.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Dec 2021 12:25:19 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 28 Dec 2021 12:25:18 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
location: https://ad.doubleclick.net/ddm/trackimp/N1191766.154378CRITEO/B26422808.324166946;dc_pre=CKGhw9C-hvUCFeb_uwgdI3MGWw;dc_trk_aid=516464208;dc_trk_cid=164009241;dcopt=anid;ord=61cb022e13ad9d7ee2510eead2d20abc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=1;;ltd=?
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 lg.php
cat.fr.eu.criteo.com/m/delivery/ Frame 71FF 43 B
347 B 123ms
39ms Image
image/gif 178.250.0.160
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.fr.eu.criteo.com/m/delivery/lg.php?cppv=3&cpp=KTz0s5plwofp5urjhfuMWqIYSAF-YcTiLdtBazuY3GsEW2zHhxEjLfO6t8J38hUVsz3xUoe41nf0Y2DF56fEom7r7KpIgBsvzwVjNGni6y8yxgUWotGEwYnHD7-OQuRG7R9FXxtnu0yptW1BjO_i-q3mMRMFlA5o-klys_MJvHXdKn8OjUu3EIFn5xg8vqLQUtWZejnu7VjgwB8eFMHljXyKXxp310_dYOIR4y9zF_vzu5AGJTMyibGV7Y5VDL7klcAqR0zis111HKFt9MaQxQAvhFv256udgLv4LFdvkT3PkCosSyYZIG6r_t1qmvP_d58MzN2Ba6N99CMUtgqhCW5IGNH0sK3VfyQBsit4_1ZVBU8Sc2bU-iHyoxa4i0cZN8elz7w6I8AW0D-2o_TVklErf1P1of2zlU3Rnpn3NYgUi5RJWCoOsuLKLI2PF9FK1zNOtg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.160 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Dec 2021 12:25:17 GMT
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 3074417
content-type: image/gif
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 4fb042edc9524850ac1ad8e224e84e47_img0116_-_300x250.jpg
static.criteo.net/design/dt/89710/211223/ Frame 71FF 8 KB
8 KB 111ms
39ms Image
image/jpeg 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/design/dt/89710/211223/4fb042edc9524850ac1ad8e224e84e47_img0116_-_300x250.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

1df8ca2d6d3354d12fe22871a3fd19fc2154884cb98c517f2e963f864c947f8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 12:25:18 GMT
last-modified: Thu, 23 Dec 2021 17:06:37 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "61c4ac9d-1ea2"
strict-transport-security: max-age=31536000; preload;
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 7842
expires: Fri, 23 Dec 2022 12:25:18 GMT

GET
DATA 200
OK truncated
/ Frame 2E6A 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 54ee29cd854e6d8f90ced50f67ebbe44ab1affca0f64d936d695121465bc5c03

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 200 all
csm.eu.criteo.net/ Frame 71FF 0
127 B 119ms
36ms Ping
text/plain 178.250.0.162
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=yMZyDJ6rnn-4sijTmQvvA7JfaqCmnfTpx1KO5VPPrVNFfG57vAlgXcPMQcdQKOZVmquRS80M4BPZNx75EgQhit8U63T6fDn7leM_hr7IO8aq3_3LFVfubM_9ICeGjVrOPtPdPWq0OlpG0Oj14-4Qv-SXSyx9gY9YcaQ9SnGHqJI7Lsf2BH9gYJdBnbV9VO-S-ALawPOASPqI0_TdUkOMFGeX3zCo8dSSbrlbpe14o5tay9_v2ReZlbfuPXlZ_-4_D8Ya-eAZcncosBQJ&sds=2&rev=79924&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.162 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 28 Dec 2021 12:25:18 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 71FF 2 KB
1 KB 101ms
40ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 12:25:18 GMT
content-encoding: gzip
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 23 Dec 2022 12:25:18 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 71FF 2 KB
1 KB 35ms
34ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 12:25:18 GMT
content-encoding: gzip
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 23 Dec 2022 12:25:18 GMT

GET
H/1.1 200
OK j.ad Show response
a.tribalfusion.com/ Frame 396A 4 KB
3 KB 279ms
279ms Script
application/x-javascript 2606:4700::6812:d05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://a.tribalfusion.com/j.ad?flashVer=0&ver=1.29&th=10399943210&tagKey=1531452146&loaderVer=0.1&site=americanidolnetcom&adSpace=realityrewind&center=1&json=1&callback=e9Manager.setSingleAdResponse&env=display&size=728x90,468x60&busted=1&url=http%3A%2F%2Fcdn.realityrewind.com%2F&f=0&p=14243463&tKey=aQmneMQPrA2WBr1HZbImdemSS38U9KkEJ&a=1&adContainerId=richmedia_2&rnd=14238640
Requested by: Host: a.tribalfusion.com
URL: http://a.tribalfusion.com/real/tags/AmericanIdolNetcom/realityrewind/tags.js
Protocol: HTTP/1.1
Server: 2606:4700::6812:d05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 53aeae66c57c35edfba9b4efe5679b6b6f5f12823f905e4524188f9c7c44b077

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://cdn.realityrewind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Tue, 28 Dec 2021 12:25:19 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
P3P: CP="NOI DEVo TAIa OUR BUS"
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Content-Length: 2243
Pragma: no-cache
X-Function: 101
Server: cloudflare
X-Reuse-Index: 6
Vary: Accept-Encoding
Content-Type: application/x-javascript; charset=utf-8
Cache-Control: private, no-cache, no-store, proxy-revalidate
CF-RAY: 6c4ac544faa40f72-MXP
Expires: 0

GET
H2

200

pixel;r=2020378901;rf=0;a=p-0ays5_1VgWWKE;url=http%3A%2F%2Fcdn.realityrewind.com%2F;uht=2;fpan=1;fpa=P0-868215819-1640694318853;pbc=;ns=0;ce=1;qjs=1;qv=92a3679b-20211110211611;cm=;gdpr=0;ref=;d=rea...
pixel.quantserve.com/
Redirect Chain

http://pixel.quantserve.com/pixel;r=2020378901;rf=0;a=p-0ays5_1VgWWKE;url=http%3A%2F%2Fcdn.realityrewind.com%2F;uht=2;fpan=1;fpa=P0-868215819-1640694318853;pbc=;ns=0;ce=1;qjs=1;qv=92a3679b-20211110...
https://pixel.quantserve.com/pixel;r=2020378901;rf=0;a=p-0ays5_1VgWWKE;url=http%3A%2F%2Fcdn.realityrewind.com%2F;uht=2;fpan=1;fpa=P0-868215819-1640694318853;pbc=;ns=0;ce=1;qjs=1;qv=92a3679b-2021111...

35 B
372 B

133ms
43ms

Image
image/gif

2620:116:800d:21:51e4:db4b:4436:b305
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=2020378901;rf=0;a=p-0ays5_1VgWWKE;url=http%3A%2F%2Fcdn.realityrewind.com%2F;uht=2;fpan=1;fpa=P0-868215819-1640694318853;pbc=;ns=0;ce=1;qjs=1;qv=92a3679b-20211110211611;cm=;gdpr=0;ref=;d=realityrewind.com;je=0;sr=1600x1200x24;dst=0;et=1640694318853;tzo=0;ogl=site_name.Reality%20Rewind%2Ctype.website%2Clocale.en_US%2Ctitle.Reality%20Rewind%2Cdescription.Catching%20You%20Up%20On%20All%20Things%20Reality%20TV%2Curl.http%3A%2F%2Frealityrewind%252Ecom

Requested by

Host: cdn.realityrewind.com
URL: http://cdn.realityrewind.com/

Protocol

Server

2620:116:800d:21:51e4:db4b:4436:b305 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://cdn.realityrewind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Dec 2021 12:25:19 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

Redirect headers

Location: https://pixel.quantserve.com/pixel;r=2020378901;rf=0;a=p-0ays5_1VgWWKE;url=http%3A%2F%2Fcdn.realityrewind.com%2F;uht=2;fpan=1;fpa=P0-868215819-1640694318853;pbc=;ns=0;ce=1;qjs=1;qv=92a3679b-20211110211611;cm=;gdpr=0;ref=;d=realityrewind.com;je=0;sr=1600x1200x24;dst=0;et=1640694318853;tzo=0;ogl=site_name.Reality%20Rewind%2Ctype.website%2Clocale.en_US%2Ctitle.Reality%20Rewind%2Cdescription.Catching%20You%20Up%20On%20All%20Things%20Reality%20TV%2Curl.http%3A%2F%2Frealityrewind%252Ecom
Date: Tue, 28 Dec 2021 12:25:18 GMT
Cache-Control: private, no-transform, max-age=86400
Connection: keep-alive
Content-Length: 0
Expires: Wed, 29 Dec 2021 12:25:18 GMT

GET
H/1.1 200
OK j.ad Show response
a.tribalfusion.com/ Frame EE76 10 KB
5 KB 241ms
240ms Script
application/x-javascript 2606:4700::6812:d05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://a.tribalfusion.com/j.ad?flashVer=0&ver=1.29&th=10399943210&tagKey=1531452146&loaderVer=0.1&site=americanidolnetcom&adSpace=realityrewind&center=1&json=1&callback=e9Manager.setSingleAdResponse&env=display&size=300x250&busted=1&url=http%3A%2F%2Fcdn.realityrewind.com%2F&f=0&p=14243463&tKey=apmneMnarCYrY9TWnPnA3DMrMBU9KNep&a=3&adContainerId=richmedia_4&rnd=14243567
Requested by: Host: a.tribalfusion.com
URL: http://a.tribalfusion.com/real/tags/AmericanIdolNetcom/realityrewind/tags.js
Protocol: HTTP/1.1
Server: 2606:4700::6812:d05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a56e4cdbee9e362513c2334e155f33ce9f9a70bb2d81ea7a37969acb69425878

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://cdn.realityrewind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Tue, 28 Dec 2021 12:25:19 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
P3P: CP="NOI DEVo TAIa OUR BUS"
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Content-Length: 4531
Pragma: no-cache
X-Function: 101
Server: cloudflare
X-Reuse-Index: 12
Vary: Accept-Encoding
Content-Type: application/x-javascript; charset=utf-8
Cache-Control: private, no-cache, no-store, proxy-revalidate
CF-RAY: 6c4ac545091e59a7-MXP
Expires: 0

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame D0D5
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YcsCLnyBLyEk4F_L3QkHaAAAAOIAAAAB
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YcsCLnyBLyEk4F_L3QkHaAAAAOIAAAAB&dcc=t

43 B
645 B

116ms
116ms

Image
image/gif

209.54.180.144
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YcsCLnyBLyEk4F_L3QkHaAAAAOIAAAAB&dcc=t

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1

Protocol

HTTP/1.1

Server

209.54.180.144 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 28 Dec 2021 12:25:19 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: ADT51CBT9DVC657A01VB
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 28 Dec 2021 12:25:19 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 64YKHVW4PRQD7MQZ8YJA
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YcsCLnyBLyEk4F_L3QkHaAAAAOIAAAAB&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

usermatchredir
ssum-sec.casalemedia.com/ Frame D0D5
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YcsCLnyBLyEk4F_L3QkHaAAAAOIAAAAB&gdpr_consent=&us_privacy=&gdpr=1
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEMzVkC57dBqSq4fMXycL9Wc&google_cver=1

43 B
315 B

53ms
52ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEMzVkC57dBqSq4fMXycL9Wc&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 28 Dec 2021 12:25:19 GMT
Server: Apache
Vary: Is-Traffic-Usersync
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 43
Expires: Tue, 28 Dec 2021 12:25:19 GMT

Redirect headers

pragma: no-cache
date: Tue, 28 Dec 2021 12:25:19 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEMzVkC57dBqSq4fMXycL9Wc&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 343
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame D0D5 70 B
264 B 45ms
43ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Dec 2021 12:25:19 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame D0D5
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YcsCLnyBLyEk4F-L3QkHaAAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEHTaLgSMvmhdh3sRH3GsHLo&google_cver=1&gdpr=1

43 B
999 B

65ms
65ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEHTaLgSMvmhdh3sRH3GsHLo&google_cver=1&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 28 Dec 2021 12:25:19 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 28 Dec 2021 12:25:19 GMT

Redirect headers

pragma: no-cache
date: Tue, 28 Dec 2021 12:25:19 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEHTaLgSMvmhdh3sRH3GsHLo&google_cver=1&gdpr=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 325
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ix
ad4m.at/ad/sim/ Frame D0D5 0
0 214ms
72ms Image
text/html 2606:4700:3039::6815:c0a3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad4m.at/ad/sim/ix?gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3039::6815:c0a3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame D0D5
Redirect Chain

https://nep.advangelists.com/xp/user-sync?acctid=405&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D195%26external_user_id%3D%7BPARTNER_VISITOR_ID%7D%0A
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-505c2690-4dcb-474b-b458-2d57ceb9eec5

43 B
1 KB

57ms
57ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-505c2690-4dcb-474b-b458-2d57ceb9eec5
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 28 Dec 2021 12:25:19 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 28 Dec 2021 12:25:19 GMT

Redirect headers

location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-505c2690-4dcb-474b-b458-2d57ceb9eec5
date: Tue, 28 Dec 2021 12:25:19 GMT
server: Apache-Coyote/1.1
content-length: 0

GET
H/1.1 400
Request failed due to privacy signals getuid
ib.adnxs.com/ Frame D0D5 0
0 59ms
57ms Image
text/html 37.252.173.38
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 37.252.173.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS: 537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

GET
H2 200 113
match.deepintent.com/usersync/ Frame D0D5 0
44 B 331ms
106ms Image
text/plain 169.197.150.7
DEEPINTENT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.deepintent.com/usersync/113
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 169.197.150.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS: g.deepintent.com
Software: b /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 12:25:19 GMT
content-length: 0
server: b

GET
H2 200 ix-usync
router.infolinks.com/dyn/ Frame D0D5 35 B
196 B 252ms
251ms Image
image/gif 172.66.41.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://router.infolinks.com/dyn/ix-usync?uid=YcsCLnyBLyEk4F-L3QkHaAAA%26226
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Dec 2021 12:25:19 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NON DSP NID OUR COR"
content-type: image/gif
cache-control: no-store, no-cache, private
cf-ray: 6c4ac5463f0735f5-MAN
content-length: 35
expires: Mon, 28 Dec 2020 12:25:19 GMT

GET
H/1.1 200
OK dvbs_src.js Show response
cdn.doubleverify.com/ Frame EE76 2 KB
1 KB 216ms
64ms Script
application/javascript 2a02:26f0:6c00:286::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=3758893&cmp=26699365&plc=318192413&sid=5745037&dvregion=0&unit=300x250
Requested by: Host: a.tribalfusion.com
URL: http://a.tribalfusion.com/real/tags/AmericanIdolNetcom/realityrewind/tags.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:286::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: c1e12130de1af0a08256debddf188cd3a6d0de24ae929bcaa2bb6be433fa6c99

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://cdn.realityrewind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Tue, 28 Dec 2021 12:25:19 GMT
Content-Encoding: gzip
Last-Modified: Wed, 08 Dec 2021 09:35:31 GMT
Server: Microsoft-IIS/10.0
ETag: "8f6388f116ecd71:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 1163

GET
H/1.1 200
OK adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 396A 144 KB
51 KB 60ms
60ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: a.tribalfusion.com
URL: http://a.tribalfusion.com/real/tags/AmericanIdolNetcom/realityrewind/tags.js

Protocol

HTTP/1.1

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c14624c59c56921783926b15fc505384514c173d7a764d41af48f1d38bd387dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://cdn.realityrewind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Timing-Allow-Origin: *
Date: Tue, 28 Dec 2021 12:25:19 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cafe
ETag: 1033892298842430532
Vary: Accept-Encoding, Origin
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=3600
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Content-Type: text/javascript; charset=UTF-8
Content-Length: 51732
X-XSS-Protection: 0
Expires: Tue, 28 Dec 2021 12:25:19 GMT

GET
H/1.1 200
OK p.media Show response
a.tribalfusion.com/ Frame 6BD9 242 B
1 KB 226ms
226ms Document
text/html 2606:4700::6812:d05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://a.tribalfusion.com/p.media?clickID=aymT09oAnKpGvnoHnK5qve5tZas56JEmr3EXVrP1sQ3XGfNmTjW3FFPWrJZbWmj5REnSSsUtQtUyYdnoVmrp2cMVXrvZcUP2u5AZbgQPMF4WvnXWYAndIy3mYT4Gj7VcUjWcFlPAFyWtvRUUM15bItVTnwWE3lPEQZdScBZcQUqtPHviWGbU2FyxnHqmXEPN2djCSG7Za5ABZbodTsUH39Yb3i1UY9XaqMRTjGYc3emqesxG&mediaDataID=4056396&mediaName=frame.html
Requested by: Host: a.tribalfusion.com
URL: http://a.tribalfusion.com/real/tags/AmericanIdolNetcom/realityrewind/tags.js
Protocol: HTTP/1.1
Server: 2606:4700::6812:d05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e310622430f2246740c3b275812a427fda5eab6fe1a0a2d880038269ce1c2870

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: http://cdn.realityrewind.com/

Response headers

Date: Tue, 28 Dec 2021 12:25:19 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="NOI DEVo TAIa OUR BUS"
X-Function: 102
X-Reuse-Index: 9
Pragma: no-cache
Cache-Control: private, no-cache, no-store, proxy-revalidate
Vary: Accept-Encoding
Expires: 0
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 6c4ac546be560f72-MXP
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H/1.1 200
OK p.media Show response
a.tribalfusion.com/ Frame B852 381 B
1 KB 234ms
234ms Document
text/html 2606:4700::6812:d05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://a.tribalfusion.com/p.media?clickID=aNmT092PU9R6bB4HYpXHZbJpdeO3mYT4sUgTsUdUsffPPUMTdQTUbM22UaxWE7pTT3jSEYZdSVQLRbmpRWniWGY24bTsnHEMYTen3WbASGBC2mQHpWEsUHbfYUfb1UF90aZamPrJDWFM2VWJ2orFqQrfMXTQy4EFk4Tn4nqnG1rZbfUWMRoArBmc7tpWUE2TFi5taN4mnZanrfZcYVbRXcnTXGvnpTv43a7W0sjrp1FFxv&mediaDataID=6546596&mediaName=frame.html
Requested by: Host: a.tribalfusion.com
URL: http://a.tribalfusion.com/real/tags/AmericanIdolNetcom/realityrewind/tags.js
Protocol: HTTP/1.1
Server: 2606:4700::6812:d05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9d375b4d5473b45d8097a0e65054a34026693e24b05c0d5de5ae9c7ed90f18ac

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: http://cdn.realityrewind.com/

Response headers

Date: Tue, 28 Dec 2021 12:25:19 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="NOI DEVo TAIa OUR BUS"
X-Function: 102
X-Reuse-Index: 16
Pragma: no-cache
Cache-Control: private, no-cache, no-store, proxy-revalidate
Vary: Accept-Encoding
Expires: 0
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 6c4ac546cdb659a7-MXP
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H/1.1 200
OK p.media Show response
a.tribalfusion.com/ Frame C5C8 259 B
1 KB 291ms
269ms Document
text/html 2606:4700::6812:d05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://a.tribalfusion.com/p.media?clickID=aPmT090qmu4dMFQcBZc5PBZcmdItUdbd0UQkYFFfXq6sPbYCTUU0VdJ1nFfuPbvr1EQN3EZbk4a71oErCYbFfUWB1m63ZamcQupHfL2qZbk5tEm3A7GnUrZbXcnSXVF3XGbnnTBS5FFRTUZbBW675REn4PGQNPdBr0dfoVPrO3VZb10UUDT6im2PQeQAMD3WUt1WQZbpdIo4PJS5s76UsFbVcJ6PPFoWdF3UEY1QVADonKey2&mediaDataID=2713736&mediaName=frame.html
Requested by: Host: a.tribalfusion.com
URL: http://a.tribalfusion.com/real/tags/AmericanIdolNetcom/realityrewind/tags.js
Protocol: HTTP/1.1
Server: 2606:4700::6812:d05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e470a076ccaf0d7e487f090c93f965cc8583a7ae6d5ac240d95ef6ca887dba39

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: http://cdn.realityrewind.com/

Response headers

Date: Tue, 28 Dec 2021 12:25:19 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="NOI DEVo TAIa OUR BUS"
X-Function: 102
X-Reuse-Index: 3
Pragma: no-cache
Cache-Control: private, no-cache, no-store, proxy-revalidate
Vary: Accept-Encoding
Expires: 0
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 6c4ac54728d483bb-MXP
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H/1.1 200
OK p.media Show response
a.tribalfusion.com/ Frame FD95 721 B
1 KB 440ms
418ms Document
text/html 2606:4700::6812:d05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://a.tribalfusion.com/p.media?clickID=aRmT09mHnC5EUh3Hyy5AnZdpr3LXsrV1VMV0VbxpEjU5UUSWFbHWP7XQq3RQVBsStBtYd7oV6bw4cJ5XF3DT6Pv4mvbQAZbI4dZbM1dBZdpdey36YY5sYdTGBbVVMfPPYoUdMPWbM45r6tWTjoTT36Pq3GRGFCQbepRtn6VsfQ2Fuxmtqr0qqp3HbBQcfA4mQKmdZayUdY7XbbaXFUh1aAOPbJZbWUBSVGj2yGZbAoE9eVT&mediaDataID=5207316&mediaName=frame.html
Requested by: Host: a.tribalfusion.com
URL: http://a.tribalfusion.com/real/tags/AmericanIdolNetcom/realityrewind/tags.js
Protocol: HTTP/1.1
Server: 2606:4700::6812:d05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9f88db0de989bc118ff39b3332aeb0a9ba9a29429288de8f809f8fed3fa74806

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: http://cdn.realityrewind.com/

Response headers

Date: Tue, 28 Dec 2021 12:25:19 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="NOI DEVo TAIa OUR BUS"
X-Function: 102
X-Reuse-Index: 1
Pragma: no-cache
Cache-Control: private, no-cache, no-store, proxy-revalidate
Vary: Accept-Encoding
Expires: 0
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 6c4ac547282c59d7-MXP
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

POST
H/1.1 200
OK doq.htm Show response
rt3042.infolinks.com/action/ 787 B
1 KB 244ms
212ms XHR
text/html 172.66.41.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://rt3042.infolinks.com/action/doq.htm?pcode=utf-8&r=16406943191581
Requested by: Host: resources.infolinks.com
URL: http://resources.infolinks.com/js/1775.005-3.025.ab.1774.006-3.025/ice.js
Protocol: HTTP/1.1
Server: 172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a8ff8dee42b29e389d8400680018c0bce46e9df677488d07020074417aaa799

Request headers

Referer: http://cdn.realityrewind.com/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Date: Tue, 28 Dec 2021 12:25:19 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Transfer-Encoding: chunked
P3P: CP="NON DSP NID OUR COR"
Content-Type: text/html;charset=UTF-8
Connection: keep-alive
X-Application-Context: application:prod
Pragma: no-cache
Server: cloudflare
Vary: Origin
Content-Language: en-GB
Access-Control-Allow-Origin: http://cdn.realityrewind.com
Cache-Control: no-cache,no-store
Access-Control-Allow-Credentials: true
CF-RAY: 6c4ac5470c5ebfe3-MAN
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/ Frame 396A 276 KB
99 KB 114ms
66ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4715266245720387&plah=cdn.realityrewind.com

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1037f1e0d1ae470df705a7179a41aa2c969aec5ff56771a7438edc74fc46a9f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://cdn.realityrewind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 12:25:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 101736
x-xss-protection: 0
server: cafe
etag: 6975236974516728872
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 28 Dec 2021 12:25:19 GMT

GET
H/1.1 200
OK dvbs_src_internal101.js Show response
cdn.doubleverify.com/ Frame EE76 55 KB
18 KB 71ms
71ms Script
application/javascript 2a02:26f0:6c00:286::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvbs_src_internal101.js
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=3758893&cmp=26699365&plc=318192413&sid=5745037&dvregion=0&unit=300x250
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:286::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 319dc60c796946da643a880fec740453dfa1308266841c576d1c577a4c9bac44

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://cdn.realityrewind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Tue, 28 Dec 2021 12:25:19 GMT
Content-Encoding: gzip
Last-Modified: Wed, 08 Dec 2021 09:35:46 GMT
Server: Microsoft-IIS/10.0
ETag: "08517fa16ecd71:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=946080000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 18088

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame 6BD9
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=exp&google_cm&google_sc&google_ula=2786954&google_hm=18072662315992420724
https://a.tribalfusion.com/i.match?p=b6&u=adx&google_gid=CAESENjkjJ92-GiAg7PCeYG20cA&google_cver=1&google_ula=2786954,0
https://s.tribalfusion.com/z/i.match?p=b6&u=adx&google_gid=CAESENjkjJ92-GiAg7PCeYG20cA&google_cver=1&google_ula=2786954,0

43 B
416 B

246ms
237ms

Image
image/gif

2606:4700::6812:d05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=adx&google_gid=CAESENjkjJ92-GiAg7PCeYG20cA&google_cver=1&google_ula=2786954,0
Requested by: Host: a.tribalfusion.com
URL: http://a.tribalfusion.com/p.media?clickID=aymT09oAnKpGvnoHnK5qve5tZas56JEmr3EXVrP1sQ3XGfNmTjW3FFPWrJZbWmj5REnSSsUtQtUyYdnoVmrp2cMVXrvZcUP2u5AZbgQPMF4WvnXWYAndIy3mYT4Gj7VcUjWcFlPAFyWtvRUUM15bItVTnwWE3lPEQZdScBZcQUqtPHviWGbU2FyxnHqmXEPN2djCSG7Za5ABZbodTsUH39Yb3i1UY9XaqMRTjGYc3emqesxG&mediaDataID=4056396&mediaName=frame.html
Protocol: H2
Server: 2606:4700::6812:d05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://a.tribalfusion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Dec 2021 12:25:20 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 6c4ac54ae9ea375e-MXP
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
content-type: image/gif; charset=utf-8
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 28 Dec 2021 12:25:19 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 11005
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 6c4ac5496f55375e-MXP
p3p: CP="NOI DEVo TAIa OUR BUS"
location: https://s.tribalfusion.com/z/i.match?p=b6&u=adx&google_gid=CAESENjkjJ92-GiAg7PCeYG20cA&google_cver=1&google_ula=2786954,0
cache-control: no-cache, private
content-type: text/html
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 /
log.pinterest.com/ 0
333 B 178ms
109ms Image
text/plain 151.101.64.84
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://log.pinterest.com/?type=pidget&guid=nS6j9HfehpEX&tv=2021110201&event=init&sub=www&button_count=0&follow_count=0&pin_count=0&profile_count=0&board_count=0&section_count=0&lang=en&nvl=en-US&via=http%3A%2F%2Frealityrewind.com%2F&viaSrc=canonical
Requested by: Host: cdn.realityrewind.com
URL: http://cdn.realityrewind.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.64.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://cdn.realityrewind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 12:25:19 GMT
via: 1.1 varnish
x-cache: MISS
x-envoy-upstream-service-time: 0
x-cache-hits: 0
content-length: 0
x-served-by: cache-lcy19281-LCY
pragma: no-cache
server: envoy
x-timer: S1640694319.462822,VS0,VE80
access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-pinterest-rid: 4358359863540735
accept-ranges: bytes
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 cm
us-u.openx.net/w/1.0/ Frame B852 43 B
120 B 39ms
33ms Image
image/gif 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/cm?id=b9f5c7de-85f6-48cc-ba86-351b90373b6b&r=https%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db12%26redirect%3Dhttps%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%253Fid%253D537141727%2526val%253D%2524TF_USER_ID_ENC%2524%26u%3D
Requested by: Host: a.tribalfusion.com
URL: http://a.tribalfusion.com/p.media?clickID=aNmT092PU9R6bB4HYpXHZbJpdeO3mYT4sUgTsUdUsffPPUMTdQTUbM22UaxWE7pTT3jSEYZdSVQLRbmpRWniWGY24bTsnHEMYTen3WbASGBC2mQHpWEsUHbfYUfb1UF90aZamPrJDWFM2VWJ2orFqQrfMXTQy4EFk4Tn4nqnG1rZbfUWMRoArBmc7tpWUE2TFi5taN4mnZanrfZcYVbRXcnTXGvnpTv43a7W0sjrp1FFxv&mediaDataID=6546596&mediaName=frame.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/17.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://a.tribalfusion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Dec 2021 12:25:19 GMT
content-encoding: gzip
server: OXGW/17.0.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
via: 1.1 google
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK verify.js Show response
rtb0.doubleverify.com/ Frame EE76 1 KB
1017 B 206ms
47ms Script
text/javascript 213.254.244.18
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb0.doubleverify.com/verify.js?jsCallback=__verify_callback_49421711432&jsTagObjCallback=__tagObject_callback_49421711432&num=6&ctx=3758893&cmp=26699365&plc=318192413&sid=5745037&advid=&adsrv=&unit=300x250&isdvvid=&uid=49421711432&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&brid=3&brver=96&bridua=3&dup=null&chro=1&hist=2&winh=1200&winw=1600&wouh=1200&wouw=1600&scah=1200&scaw=1600&srcurlD=0&ssl=1&refD=1&htmlmsging=1&m1=13&noc=4&fcifrms=11&brh=2&fwc=3&fcl=405&flt=125&fec=478&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=149&eparams=DC4FC%3Dl9EEATbpTauTau45%3F%5DC62%3D%3AEJC6H%3A%3F5%5D4%40%3ETauU2%3F4r92%3A%3Fl9EEATbpTauTau45%3F%5DC62%3D%3AEJC6H%3A%3F5%5D4%40%3ETar9EEATbpTauTau45%3F%5DC62%3D%3AEJC6H%3A%3F5%5D4%40%3E&dvp_exetime=6.60&callbackName=__verify_callback_49421711432
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal101.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.18 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: /
Resource Hash: bffaf436572a06ebee561a83444d59f4707013ba68978cfeb5e70fce33365e59

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://cdn.realityrewind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
X-DV-Response: 1
Content-Encoding: gzip
Date: Tue, 28 Dec 2021 12:25:19 GMT
Vary: Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Cache-Control: max-age=0
Transfer-Encoding: chunked
Expires: 12/27/2021 12:25:19 PM

GET
H2 200 bubble.js Show response
resources.infolinks.com/js/1775.005-3.025.ab.1774.006-3.025/ 156 KB
47 KB 39ms
38ms Script
application/javascript 172.66.41.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.infolinks.com/js/1775.005-3.025.ab.1774.006-3.025/bubble.js
Requested by: Host: resources.infolinks.com
URL: http://resources.infolinks.com/js/1775.005-3.025.ab.1774.006-3.025/ice.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2093eeb7c8703b51436f09e47b6c107f5dd5068fee50a9ece8dc2f757793ddeb

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://cdn.realityrewind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

cf-ray: 6c4ac5486bb035f5-MAN
date: Tue, 28 Dec 2021 12:25:19 GMT
via: 1.1 google
cf-cache-status: HIT
last-modified: Wed, 22 Dec 2021 13:55:23 GMT
server: cloudflare
age: 8274
etag: W/"27044-5d3bc792390fc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
content-encoding: gzip
expires: Thu, 27 Jan 2022 10:07:25 GMT

GET
H3 200 cookie.js Show response
partner.googleadservices.com/gampad/ Frame 396A 12 B
53 B 103ms
51ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=cdn.realityrewind.com&callback=_gfp_s_&client=ca-pub-4715266245720387&cookie=ID%3D23790c1a2053fc64-2290b90711cd00e6%3AT%3D1640694318%3ART%3D1640694318%3AS%3DALNI_MbRnG3-Bgw65-U6Dw40PD_sf-pFYA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://cdn.realityrewind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 12:25:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.co.uk/adsid/ Frame 396A 107 B
122 B 99ms
50ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.uk/adsid/integrator.js?domain=cdn.realityrewind.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://cdn.realityrewind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 28 Dec 2021 12:25:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame 396A 107 B
122 B 102ms
50ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=cdn.realityrewind.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://cdn.realityrewind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 28 Dec 2021 12:25:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame A6FC 436 B
232 B 191ms
191ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4715266245720387&output=html&h=90&slotname=4438370377&adk=2132491200&adf=3965729263&pi=t.ma~as.4438370377&w=728&lmt=1640694319&psa=1&format=728x90&url=http%3A%2F%2Fcdn.realityrewind.com%2F&ea=0&flash=0&wgl=1&dt=1640694319219&bpp=2&bdt=1010&idt=203&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&cookie=ID%3D23790c1a2053fc64-2290b90711cd00e6%3AT%3D1640694318%3ART%3D1640694318%3AS%3DALNI_MbRnG3-Bgw65-U6Dw40PD_sf-pFYA&correlator=1756506614525&frm=23&ife=1&pv=1&ga_vid=955479509.1640694318&ga_sid=1640694318&ga_hid=879468772&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=436&ady=95&biw=1600&bih=1200&isw=728&ish=90&ifk=949669466&scr_x=0&scr_y=0&eid=31062422&oid=2&pvsid=3561234589336304&pem=880&tmod=442&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&cms=2&fu=4&bc=23&ifi=1&uci=1.n4a3jejak2ga&fsb=1&dtd=208

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

79699402f1bb3666863c28cc1dc9fe4808672b37c16fce08e31d7abfa0e95a9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: http://cdn.realityrewind.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 28 Dec 2021 12:25:19 GMT
server: cafe
content-length: 212
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame C5C8
Redirect Chain

https://tags.bluekai.com/site/4229?id=18072662315992420724&redir=https%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db3%26u%3D%24_BK_UUID
https://a.tribalfusion.com/i.match?p=b3&u=$_BK_UUID
https://s.tribalfusion.com/z/i.match?p=b3&u=$_BK_UUID

43 B
369 B

227ms
227ms

Image
image/gif

2606:4700::6812:d05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b3&u=$_BK_UUID
Requested by: Host: a.tribalfusion.com
URL: http://a.tribalfusion.com/p.media?clickID=aPmT090qmu4dMFQcBZc5PBZcmdItUdbd0UQkYFFfXq6sPbYCTUU0VdJ1nFfuPbvr1EQN3EZbk4a71oErCYbFfUWB1m63ZamcQupHfL2qZbk5tEm3A7GnUrZbXcnSXVF3XGbnnTBS5FFRTUZbBW675REn4PGQNPdBr0dfoVPrO3VZb10UUDT6im2PQeQAMD3WUt1WQZbpdIo4PJS5s76UsFbVcJ6PPFoWdF3UEY1QVADonKey2&mediaDataID=2713736&mediaName=frame.html
Protocol: H2
Server: 2606:4700::6812:d05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://a.tribalfusion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Dec 2021 12:25:20 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 6c4ac54c0c3b375e-MXP
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
content-type: image/gif; charset=utf-8
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 28 Dec 2021 12:25:19 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 10639
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 6c4ac54a9950375e-MXP
p3p: CP="NOI DEVo TAIa OUR BUS"
location: https://s.tribalfusion.com/z/i.match?p=b3&u=$_BK_UUID
cache-control: no-cache, private
content-type: text/html
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 in_text.js Show response
resources.infolinks.com/js/1775.005-3.025.ab.1774.006-3.025/ 10 KB
4 KB 34ms
34ms Script
application/javascript 172.66.41.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.infolinks.com/js/1775.005-3.025.ab.1774.006-3.025/in_text.js
Requested by: Host: resources.infolinks.com
URL: http://resources.infolinks.com/js/1775.005-3.025.ab.1774.006-3.025/ice.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 10000e50858213f4e33be0c6e50ffac69e77fe180e9aa08d4aa241273506bb91

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://cdn.realityrewind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

cf-ray: 6c4ac548ecc435f5-MAN
date: Tue, 28 Dec 2021 12:25:19 GMT
via: 1.1 google
cf-cache-status: HIT
last-modified: Wed, 22 Dec 2021 13:55:23 GMT
server: cloudflare
age: 10888
etag: W/"29f5-5d3bc79238d14"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
content-encoding: gzip
expires: Thu, 27 Jan 2022 09:23:51 GMT

GET
H/1.1 200
OK loader.gif
resources.infolinks.com/static/skins/ 962 B
1 KB 135ms
134ms Image
image/gif 172.66.42.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://resources.infolinks.com/static/skins/loader.gif
Requested by: Host: cdn.realityrewind.com
URL: http://cdn.realityrewind.com/
Protocol: HTTP/1.1
Server: 172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b8ee13d35110d7006bc5c5147ee0a0c6c3e1f26b2f246b8d5e57edf4f6b97b

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://cdn.realityrewind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Tue, 28 Dec 2021 12:25:19 GMT
Via: 1.1 google
CF-Cache-Status: REVALIDATED
Cf-Polished: origSize=1631, status=webp_bigger
Connection: keep-alive
Content-Length: 962
Last-Modified: Mon, 14 Nov 2016 12:31:03 GMT
Server: cloudflare
ETag: "65f-54142035d0066"
Vary: Accept-Encoding
Content-Type: image/gif
Expires: Thu, 27 Jan 2022 12:25:19 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
CF-RAY: 6c4ac5494e8435bf-MAN
Cf-Bgj: imgq:85,h2pri

GET
H/1.1 200
OK loader-bg.png
resources.infolinks.com/static/skins/ 902 B
1 KB 63ms
41ms Image
image/webp 172.66.42.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://resources.infolinks.com/static/skins/loader-bg.png
Requested by: Host: cdn.realityrewind.com
URL: http://cdn.realityrewind.com/
Protocol: HTTP/1.1
Server: 172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c5ddb995fe37710a4be439e4e3f45016cd7b7ecfa3423a29e4f4f4dcce63efff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://cdn.realityrewind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Tue, 28 Dec 2021 12:25:19 GMT
Via: 1.1 google
CF-Cache-Status: HIT
Age: 13222
Cf-Polished: origFmt=png, origSize=1488
Content-Disposition: inline; filename="loader-bg.webp"
Connection: keep-alive
Content-Length: 902
Last-Modified: Mon, 14 Nov 2016 12:31:03 GMT
Server: cloudflare
ETag: "5d0-541420359b4a6"
Vary: Accept
Content-Type: image/webp
Expires: Thu, 27 Jan 2022 08:44:57 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
CF-RAY: 6c4ac5496f3954db-MAN
Cf-Bgj: imgq:85,h2pri

GET
H/1.1 200
OK hmac-sha1.js Show response
cdnx.tribalfusion.com/media/5207316/ Frame FD95 5 KB
3 KB 142ms
110ms Script
application/x-javascript 2606:4700::6812:c05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://cdnx.tribalfusion.com/media/5207316/hmac-sha1.js
Requested by: Host: a.tribalfusion.com
URL: http://a.tribalfusion.com/p.media?clickID=aRmT09mHnC5EUh3Hyy5AnZdpr3LXsrV1VMV0VbxpEjU5UUSWFbHWP7XQq3RQVBsStBtYd7oV6bw4cJ5XF3DT6Pv4mvbQAZbI4dZbM1dBZdpdey36YY5sYdTGBbVVMfPPYoUdMPWbM45r6tWTjoTT36Pq3GRGFCQbepRtn6VsfQ2Fuxmtqr0qqp3HbBQcfA4mQKmdZayUdY7XbbaXFUh1aAOPbJZbWUBSVGj2yGZbAoE9eVT&mediaDataID=5207316&mediaName=frame.html
Protocol: HTTP/1.1
Server: 2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 373015d4e34dbf73ecb406228a102a191bf689ab1531ad0afa629e97b6a4a7bd

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://a.tribalfusion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Tue, 28 Dec 2021 12:25:19 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Age: 22375
Transfer-Encoding: chunked
P3P: CP="NOI DEVo TAIa OUR BUS"
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
X-Function: 301
Last-Modified: Thu, 08 Feb 2018 21:10:28 GMT
Server: cloudflare
Vary: Accept-Encoding
Content-Type: application/x-javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public
CF-RAY: 6c4ac54a0e1559a7-MXP
Expires: Tue, 31 Dec 2030 00:00:00 GMT

POST
H/1.1 200
OK bsevent.gif
tps20516.doubleverify.com/ Frame EE76 807 B
1 KB 139ms
40ms Ping
image/gif 213.254.244.18
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://tps20516.doubleverify.com/bsevent.gif?impid=ed179ddc26c3407c99dd0764c257b20b&vfdur=207&cbust=1640694319614214
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal101.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.18 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: /
Resource Hash: 78fdf5abc0ba7951eb52c6d66c9d1a9f8766f4d1c60ca05173c26623de3f3416

Request headers

Referer: http://cdn.realityrewind.com/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Tue, 28 Dec 2021 12:25:19 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: image/gif
Access-Control-Allow-Origin: http://cdn.realityrewind.com
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Content-Length: 860
Expires: 12/27/2021 12:25:19 PM

GET
H2 200 tags.js Show response
tags.expo9.exponential.com/tags/ContentVerification/AdVerificationBackup_DV/ Frame EE76 59 KB
14 KB 369ms
242ms Script
application/x-javascript 2606:4700::6812:417
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.expo9.exponential.com/tags/ContentVerification/AdVerificationBackup_DV/tags.js
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal101.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:417 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 13b2aae7c207d341034e8c4d676d39f25e7d2cf086c61d4644d38a9483cd6a93

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://cdn.realityrewind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 12:25:19 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
p3p: CP="NOI DEVo TAIa OUR BUS"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 14122
x-function: 151
last-modified: Wed, 11 Aug 2021 04:08:51 GMT
server: cloudflare
x-reuse-index: 103
etag: 11188522327057894552
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=3600, private
cf-ray: 6c4ac54a8859e8f3-MXP
expires: Tue, 28 Dec 2021 13:25:19 GMT

GET
H2 204 v1
ads.yahoo.com/cms/ Frame FD95 0
615 B 144ms
44ms Image
text/plain 2a00:1288:80:800::7001
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.yahoo.com/cms/v1?nwid=10001105643&eid=18072662315992420724&sigv=1&esig=2~e988bab9b3288d0687fb414c25cc81bbe60d1668

Requested by

Host: a.tribalfusion.com
URL: http://a.tribalfusion.com/p.media?clickID=aRmT09mHnC5EUh3Hyy5AnZdpr3LXsrV1VMV0VbxpEjU5UUSWFbHWP7XQq3RQVBsStBtYd7oV6bw4cJ5XF3DT6Pv4mvbQAZbI4dZbM1dBZdpdey36YY5sYdTGBbVVMfPPYoUdMPWbM45r6tWTjoTT36Pq3GRGFCQbepRtn6VsfQ2Fuxmtqr0qqp3HbBQcfA4mQKmdZayUdY7XbbaXFUh1aAOPbJZbWUBSVGj2yGZbAoE9eVT&mediaDataID=5207316&mediaName=frame.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:800::7001 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://a.tribalfusion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 12:25:19 GMT
cache-control: no-store
x-content-type-options: nosniff
server: ATS
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block

POST
H2 200 all
csm.eu.criteo.net/ Frame 71FF 0
127 B 36ms
36ms Ping
text/plain 178.250.0.162
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.162 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 28 Dec 2021 12:25:19 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 2E6A 42 B
64 B 122ms
73ms Fetch
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvzNYgAmUxVQbIHyXSsarJixAOiERdyF0tdsESM3nS_83VCkMvjPJM9vl-hM0xVMI0fq6gHbIgrDF23pm6fJVlbFQ&sig=Cg0ArKJSzM_lQ8BXgQN3EAE&id=lidar2&mcvt=1000&p=0,0,250,300&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20211202&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=410649583&rs=2&la=0&cr=0&vs=4&r=v&rst=1640694318415&rpt=501&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Dec 2021 12:25:20 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK j.ad Show response
a.tribalfusion.com/ Frame EE76 1 KB
2 KB 237ms
237ms Script
application/x-javascript 2606:4700::6812:d05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://a.tribalfusion.com/j.ad?flashVer=0&ver=1.29&th=10399943210&tagKey=1531452146&loaderVer=0.1&site=contentverification&adSpace=adverificationbackup_dv&center=1&json=1&callback=e9Manager.setSingleAdResponse&env=display&size=300x250&busted=1&url=http%3A%2F%2Fcdn.realityrewind.com%2F&f=0&p=14243463&tKey=apmneMnarCYrY9TWnPnA3DMrMBU9KNep&a=5&adContainerId=richmedia_6&rnd=14247554
Requested by: Host: a.tribalfusion.com
URL: http://a.tribalfusion.com/real/tags/AmericanIdolNetcom/realityrewind/tags.js
Protocol: HTTP/1.1
Server: 2606:4700::6812:d05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 856f522d53c024507fb9b919ecc937b0a96be70138d598969930309fac945909

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://cdn.realityrewind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Tue, 28 Dec 2021 12:25:20 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
P3P: CP="NOI DEVo TAIa OUR BUS"
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Content-Length: 763
Pragma: no-cache
X-Function: 101
Server: cloudflare
X-Reuse-Index: 20
Vary: Accept-Encoding
Content-Type: application/x-javascript; charset=utf-8
Cache-Control: private, no-cache, no-store, proxy-revalidate
CF-RAY: 6c4ac54c1d2059d7-MXP
Expires: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 396A 11 KB
8 KB 53ms
53ms XHR
application/json 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20211207&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

81452b3457d98dc001518335ffb61b0a0967a48c4620501ccc9391e0a259d920

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://cdn.realityrewind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 28 Dec 2021 12:25:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8482
x-xss-protection: 0

GET
H/1.1 200
OK adc_ndr_nepal_300x250.gif
cdnx.tribalfusion.com/media/5268446/ Frame EE76 38 KB
39 KB 87ms
86ms Image
image/gif 2606:4700::6812:c05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://cdnx.tribalfusion.com/media/5268446/adc_ndr_nepal_300x250.gif
Requested by: Host: cdn.realityrewind.com
URL: http://cdn.realityrewind.com/
Protocol: HTTP/1.1
Server: 2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9161f345320ccafa2602a032f8e9d080e70b6a06ccd90635102d21d43d8fbce3

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://cdn.realityrewind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Tue, 28 Dec 2021 12:25:20 GMT
CF-Cache-Status: HIT
Age: 55651
P3P: CP="NOI DEVo TAIa OUR BUS"
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Content-Length: 39001
X-Function: 301
Last-Modified: Wed, 03 Jun 2015 15:24:51 GMT
Server: cloudflare
ETag: 1433345091
Vary: Accept-Encoding
Content-Type: image/gif; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public
Accept-Ranges: bytes
CF-RAY: 6c4ac54d983359a7-MXP
Expires: Tue, 31 Dec 2030 00:00:00 GMT

GET
H/1.1 200
OK p.media Show response
a.tribalfusion.com/ Frame 6552 279 B
1 KB 231ms
231ms Document
text/html 2606:4700::6812:d05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://a.tribalfusion.com/p.media?clickID=aBmT09TtQ2orJpQrjn1TQr3T3j5TQ0nTFIYbJ9WWfSoAvZcmGrpoWfF2qr83Hyr3AjEpbMZcXGfS1sZb20VfnnEF33rnQWbBZbVP7VQqb4ScvpStZbr0HFxVAnm3GB40UQDTmTt2AZbcRmBF2tZbqXWUZdmHAn4mUY4cM6TVY7VGniPP3oUtFWWr7P2F2wWaQwTa38STUFRcYIPrqpSWjaVVQ32F6xodqOXFZauPTvqnBZd1EV&mediaDataID=9148826&mediaName=frame.html
Requested by: Host: cdn.realityrewind.com
URL: http://cdn.realityrewind.com/
Protocol: HTTP/1.1
Server: 2606:4700::6812:d05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b4a956c3241cd6e1a9e7663d981b9e7948f179f8310595c1cc6edcb0927b1f48

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: http://cdn.realityrewind.com/

Response headers

Date: Tue, 28 Dec 2021 12:25:20 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="NOI DEVo TAIa OUR BUS"
X-Function: 102
X-Reuse-Index: 1
Pragma: no-cache
Cache-Control: private, no-cache, no-store, proxy-revalidate
Vary: Accept-Encoding
Expires: 0
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 6c4ac54d98d859d7-MXP
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H/1.1 200
OK p.media Show response
a.tribalfusion.com/ Frame 636A 324 B
1 KB 230ms
229ms Document
text/html 2606:4700::6812:d05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://a.tribalfusion.com/p.media?clickID=aDmT09UAv5REMYQcrmPdYyYtBrVmrw3cvUXFQJV6un2P3dQ6fD2HZbp1dvDnWPv36U13cr6TcJaUsreRAUoUtv4UUJ32FixVTjxWaJ6STrLQVJCPrImSdvcVcbT2FyxmdZao0aeM4tYAQcrH2m3IpHEOUHFhYrvaYbJl1EupPbQZbUFBYTtUWnUQrQbbpXqQn3TBa5TfXmTnCXbY7THJ0oAfBpG7wosZbCQtQ0oETyxW&mediaDataID=5436426&mediaName=frame.html
Requested by: Host: cdn.realityrewind.com
URL: http://cdn.realityrewind.com/
Protocol: HTTP/1.1
Server: 2606:4700::6812:d05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 94345992f052b881b760e35f6e2f17921fd778ec19c9f35841ae6fddc7f5f603

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: http://cdn.realityrewind.com/

Response headers

Date: Tue, 28 Dec 2021 12:25:20 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="NOI DEVo TAIa OUR BUS"
X-Function: 102
X-Reuse-Index: 8
Pragma: no-cache
Cache-Control: private, no-cache, no-store, proxy-revalidate
Vary: Accept-Encoding
Expires: 0
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 6c4ac54d99a383bb-MXP
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H/1.1 200
OK p.media Show response
a.tribalfusion.com/ Frame 5AB0 447 B
1 KB 239ms
239ms Document
text/html 2606:4700::6812:d05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://a.tribalfusion.com/p.media?clickID=aFmT09UqroTTQbQErZaRsjLRrZawSdr9Vc354Uynot6q0quy3dnGQVrA5AnEoWTsVWFf0rnaYUYgXqytRrYZbUFMPVWM0nU7uQUryXqFp3T7g2avRna7GXbj6TtMSoArBnGYtmWfH5Tnk3Wmr3AjJmUvHYVM0XsU20sfMmqrP5U32VUnEUAMTQab2PcUOPtfuYtjuWPjv2sZb5YFBLUmXu2PZbeR6MK2cfqVa3xnZaZcx2f&mediaDataID=6719746&mediaName=frame.html
Requested by: Host: cdn.realityrewind.com
URL: http://cdn.realityrewind.com/
Protocol: HTTP/1.1
Server: 2606:4700::6812:d05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 85a8fab31d033c5ff04a6be598e2ae9e047d98c7f7d96f4619bd8dedc946c18f

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: http://cdn.realityrewind.com/

Response headers

Date: Tue, 28 Dec 2021 12:25:20 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="NOI DEVo TAIa OUR BUS"
X-Function: 102
X-Reuse-Index: 6
Pragma: no-cache
Cache-Control: private, no-cache, no-store, proxy-revalidate
Vary: Accept-Encoding
Expires: 0
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 6c4ac54da84a59a7-MXP
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H/1.1 200
OK p.media Show response
a.tribalfusion.com/ Frame 3A08 309 B
1 KB 239ms
239ms Document
text/html 2606:4700::6812:d05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://a.tribalfusion.com/p.media?clickID=aHmT09RUjr1E3r3EFe4qU1oTnCXUf9TtFXmPrLpVrnmHvG2EYe3dmo4mBFnFfZc0GMX1s320GvupEnT3FU2VUZbZbW6UYQaURSVZbOPHUwYtZbsT6Mp3GQ4YbnKUAin2PQeP6FH4HZbnXHMZdnH2v36UV4VnfUs3jVsjeR6UNTHJSWrbP3r2oUqnvWqJiQaQHRGbZdRrivStfcWVfU5UipndAM0qep4dbZdQtQHRDUynBcYAf&mediaDataID=8039566&mediaName=frame.html
Requested by: Host: cdn.realityrewind.com
URL: http://cdn.realityrewind.com/
Protocol: HTTP/1.1
Server: 2606:4700::6812:d05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 89bf6518487d30a4103b9f7c1ac053d91b0334d5a37a17382544bc3868182518

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: http://cdn.realityrewind.com/

Response headers

Date: Tue, 28 Dec 2021 12:25:20 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="NOI DEVo TAIa OUR BUS"
X-Function: 102
X-Reuse-Index: 6
Pragma: no-cache
Cache-Control: private, no-cache, no-store, proxy-revalidate
Vary: Accept-Encoding
Expires: 0
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 6c4ac54d9b060f72-MXP
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H/1.1 200
OK p.media Show response
a.tribalfusion.com/ Frame 38A1 213 B
1 KB 453ms
432ms Document
text/html 2606:4700::6812:d05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://a.tribalfusion.com/p.media?clickID=aJmT09ScUsStZbN0WnpV6nw4sr00FrLUATw4AQ8RmfB4W3m1WUJnt2N4Pv05G77Vc3lUsbeRPFxWtZbWUbjP3r6xWTYqWqviSEBHRcQZbRrZatPHviWVjS4bXonWqq0qqp2d3CSVrC26rIoHXtVWFaYFrjXFZb91qatRUYBTrZb3TtQWmbQnRUfNXaFn5Tfe4qn5oTfIXF39UHnRnPbJmGUumHfJ5EZb73GTrSpbMm9Wjyn&mediaDataID=6347136&mediaName=frame.html
Requested by: Host: cdn.realityrewind.com
URL: http://cdn.realityrewind.com/
Protocol: HTTP/1.1
Server: 2606:4700::6812:d05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5646160608a78feb1d68f692fa7fe2df4ad03036fb80acd4e8189b1cf607df89

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: http://cdn.realityrewind.com/

Response headers

Date: Tue, 28 Dec 2021 12:25:20 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="NOI DEVo TAIa OUR BUS"
X-Function: 102
X-Reuse-Index: 1
Pragma: no-cache
Cache-Control: private, no-cache, no-store, proxy-revalidate
Vary: Accept-Encoding
Expires: 0
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 6c4ac54e0cbd3762-MXP
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H/1.1 200
OK p.media Show response
a.tribalfusion.com/ Frame 344F 201 B
1 KB 302ms
279ms Document
text/html 2606:4700::6812:d05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://a.tribalfusion.com/p.media?clickID=aLmT09STYZcQVJLRbeqPWjbUVUS2UTrmtZaOXaqv4tnESGbD5m3ZcotXmUdfeXUbb1UZb7XqitRbJEWFJYVdYWmbjuPrBpXarN5aUc5T73oTJG1rZbfTtfPomYZbms7nmHrJ3Eri5dmm3PFJnUbZd0GMUXGYU1VjnmEfT3bUPWbMAUAvTPTb1ScQMPWUv0WZbsWPjN4sUUYbFJTm6m5AB6Q6JI4WZbOXWBAnVuvSS38pYy5cZd&mediaDataID=7665496&mediaName=frame.html
Requested by: Host: cdn.realityrewind.com
URL: http://cdn.realityrewind.com/
Protocol: HTTP/1.1
Server: 2606:4700::6812:d05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 51d6840c0df4cc49b3b27baa5483a65ba3f80cf6508659aa8c5a379572728e4c

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: http://cdn.realityrewind.com/

Response headers

Date: Tue, 28 Dec 2021 12:25:20 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="NOI DEVo TAIa OUR BUS"
X-Function: 102
X-Reuse-Index: 5
Pragma: no-cache
Cache-Control: private, no-cache, no-store, proxy-revalidate
Vary: Accept-Encoding
Expires: 0
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 6c4ac54e0bae83b5-MXP
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H/1.1 200
OK p.media Show response
a.tribalfusion.com/ Frame 5031 264 B
1 KB 607ms
380ms Document
text/html 2606:4700::6812:d05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://a.tribalfusion.com/p.media?clickID=anmUCkRr6oPHv9WcfT5UPoodZapYEau3t3ZdQVfG263ZamdIpUWF8Xrf8Xb760TusPb3ZdWFYYVtJ4obYnPFbNYTvO5q7f5EQPmEMKXFUcWHJVoAnBnGQsptMB2qZbe5HAM4AnFprUZaXGQVXcF41VZbppTB22bvUTFjZcW63YPqf5QGZbpQtZbN1tJrTP3p2cB50UUDTAit2PrcQ6nC3dvO0tBZdptEw3PYW3GMcUGBjUcM8PPFvRHYcbZdg6fj&mediaDataID=5578346&mediaName=frame.html
Requested by: Host: cdn.realityrewind.com
URL: http://cdn.realityrewind.com/
Protocol: HTTP/1.1
Server: 2606:4700::6812:d05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6697a677d489d6b5aedf532be2c9a947760683d08369a78e89cc7afdae7edb0e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: http://cdn.realityrewind.com/

Response headers

Date: Tue, 28 Dec 2021 12:25:20 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="NOI DEVo TAIa OUR BUS"
X-Function: 102
X-Reuse-Index: 1
Pragma: no-cache
Cache-Control: private, no-cache, no-store, proxy-revalidate
Vary: Accept-Encoding
Expires: 0
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 6c4ac54f0d3083bb-MXP
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H/1.1 200
OK p.media Show response
a.tribalfusion.com/ Frame 7E64 302 B
1 KB 621ms
395ms Document
text/html 2606:4700::6812:d05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://a.tribalfusion.com/p.media?clickID=apmT09oTbD1rZb9UdJSnAQIpGUupt7C3Tr73diq3PjZbprrLYGMSYsF01sBonarU5UQ4TUfEWA73RTj1Qs3MQdfs1WZbrWAUn2VBWYbZbZaVmXq2PUeQP7G2Wvm1dBLpdAo56vT3cjaVsr8WGMfPPQMTHY4TbfP2rZaoWEMrWqF7STYFSGQIRravSd77UcvS5rTsod6OYE6v2dfFPVvE5mMFmdXyVWQhXTZbbUcFXnkZd00W&mediaDataID=6807466&mediaName=frame.html
Requested by: Host: cdn.realityrewind.com
URL: http://cdn.realityrewind.com/
Protocol: HTTP/1.1
Server: 2606:4700::6812:d05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f6405e79c753e6a76c5c0a6f62640fc2f0dd1f06f1403cfd6ee98fcb322b30f3

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: http://cdn.realityrewind.com/

Response headers

Date: Tue, 28 Dec 2021 12:25:20 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="NOI DEVo TAIa OUR BUS"
X-Function: 102
X-Reuse-Index: 1
Pragma: no-cache
Cache-Control: private, no-cache, no-store, proxy-revalidate
Vary: Accept-Encoding
Expires: 0
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 6c4ac54f0c9059d7-MXP
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H/1.1 200
OK p.media Show response
a.tribalfusion.com/ Frame 1A3C 275 B
1 KB 469ms
234ms Document
text/html 2606:4700::6812:d05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://a.tribalfusion.com/p.media?clickID=armT094sY40UUIV6qp4P37R6JH3Wvr1WvAntAu3mUR3sMbUc3aWsMkS6MnUWJWWrfR5rEoWqjmTEBbQEQFSGjBPUZaqSdQkWVb35r6qodAn0qmp3WvFQcJA5AJZamdEyTWfc0rf61Fbi0EqsPb3CTr3PWd3WnbBnPbboXaJo3TZba4q7XoT7IXUUaTWjSoPvZapGrwpt7D3EBh2dys4AZbEprbE0Gf0YW73VrbKm8OIL9&mediaDataID=6530936&mediaName=frame.html
Requested by: Host: cdn.realityrewind.com
URL: http://cdn.realityrewind.com/
Protocol: HTTP/1.1
Server: 2606:4700::6812:d05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 94194dc263a841aa0266e1042e7f389318a52c43e8e638528cb9e24ea3c61e96

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: http://cdn.realityrewind.com/

Response headers

Date: Tue, 28 Dec 2021 12:25:20 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="NOI DEVo TAIa OUR BUS"
X-Function: 102
X-Reuse-Index: 3
Pragma: no-cache
Cache-Control: private, no-cache, no-store, proxy-revalidate
Vary: Accept-Encoding
Expires: 0
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 6c4ac54f1c5459a7-MXP
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 396A 17 KB
6 KB 101ms
50ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://cdn.realityrewind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 12:25:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
expires: Tue, 28 Dec 2021 12:25:20 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 3D08 13 KB
5 KB 47ms
47ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: http://cdn.realityrewind.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
date: Tue, 28 Dec 2021 09:17:45 GMT
expires: Wed, 28 Dec 2022 09:17:45 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 11255
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 8486 783 B
1 KB 145ms
53ms Document
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

18bfa52c03f6ad803676ca04152ea966964ec97277c2a98dd3b11f45f39c7950

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-J5uNx0CBMedHAJQkKzjTgQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: http://cdn.realityrewind.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Tue, 28 Dec 2021 12:25:20 GMT
date: Tue, 28 Dec 2021 12:25:20 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-J5uNx0CBMedHAJQkKzjTgQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 514
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 b_8rsBg2pSAE7OSEuXeXkmKAJRzK7XLbOE8Wp2RNR2Q.js Show response
pagead2.googlesyndication.com/bg/ Frame 3D08 35 KB
13 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/b_8rsBg2pSAE7OSEuXeXkmKAJRzK7XLbOE8Wp2RNR2Q.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6fff2bb01836a52004ece484b97797926280251ccaed72db384f16a7644d4764

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 07:39:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17165
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13622
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 19:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 28 Dec 2022 07:39:15 GMT

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 636A
Redirect Chain

https://a.tribalfusion.com/i.match?p=b10&u=18072662315992420724&redirect=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D111756%26nid%3D3856%26put%3D%24TF_USER_ID_ENC%24%26expires%3D180
https://pixel.rubiconproject.com/tap.php?v=111756&nid=3856&put=18072662315992436155&expires=180

0
239 B

184ms
46ms

Image
image/gif

69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=111756&nid=3856&put=18072662315992436155&expires=180
Requested by: Host: a.tribalfusion.com
URL: http://a.tribalfusion.com/p.media?clickID=aDmT09UAv5REMYQcrmPdYyYtBrVmrw3cvUXFQJV6un2P3dQ6fD2HZbp1dvDnWPv36U13cr6TcJaUsreRAUoUtv4UUJ32FixVTjxWaJ6STrLQVJCPrImSdvcVcbT2FyxmdZao0aeM4tYAQcrH2m3IpHEOUHFhYrvaYbJl1EupPbQZbUFBYTtUWnUQrQbbpXqQn3TBa5TfXmTnCXbY7THJ0oAfBpG7wosZbCQtQ0oETyxW&mediaDataID=5436426&mediaName=frame.html
Protocol: HTTP/1.1
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://a.tribalfusion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 37b22a0c36bd84993dd2cda4a5e04b1d
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Tue, 28 Dec 2021 12:25:20 GMT
cf-cache-status: DYNAMIC
x-function: 209
server: cloudflare
x-reuse-index: 15204
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 6c4ac54faea00f62-MXP
p3p: CP="NOI DEVo TAIa OUR BUS"
location: https://pixel.rubiconproject.com/tap.php?v=111756&nid=3856&put=18072662315992436155&expires=180
cache-control: no-cache, private
content-type: text/html
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

i.match
a.tribalfusion.com/ Frame 6552
Redirect Chain

https://sync.search.spotxchange.com/partner?adv_id=8731&uid=18072662315992420724&redir=https%3A//a.tribalfusion.com/i.match%3Fp%3Db19%26u%3D$SPOTX_USER_ID
https://sync.search.spotxchange.com/partner?adv_id=8731&uid=18072662315992420724&redir=https%3A//a.tribalfusion.com/i.match%3Fp%3Db19%26u%3D$SPOTX_USER_ID&__user_check__=1&sync_id=392cd449-67d9-11e...
https://a.tribalfusion.com/i.match?p=b19&u=392cd3fd-67d9-11ec-b175-1a404fd50406

43 B
686 B

235ms
234ms

Image
image/gif

2606:4700::6812:d05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.tribalfusion.com/i.match?p=b19&u=392cd3fd-67d9-11ec-b175-1a404fd50406
Requested by: Host: a.tribalfusion.com
URL: http://a.tribalfusion.com/p.media?clickID=aBmT09TtQ2orJpQrjn1TQr3T3j5TQ0nTFIYbJ9WWfSoAvZcmGrpoWfF2qr83Hyr3AjEpbMZcXGfS1sZb20VfnnEF33rnQWbBZbVP7VQqb4ScvpStZbr0HFxVAnm3GB40UQDTmTt2AZbcRmBF2tZbqXWUZdmHAn4mUY4cM6TVY7VGniPP3oUtFWWr7P2F2wWaQwTa38STUFRcYIPrqpSWjaVVQ32F6xodqOXFZauPTvqnBZd1EV&mediaDataID=9148826&mediaName=frame.html
Protocol: H3
Server: 2606:4700::6812:d05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://a.tribalfusion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Dec 2021 12:25:20 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 6c4ac550a8a10f62-MXP
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
content-type: image/gif; charset=utf-8
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date: Tue, 28 Dec 2021 12:25:20 GMT
Server: nginx
Location: https://a.tribalfusion.com/i.match?p=b19&u=392cd3fd-67d9-11ec-b175-1a404fd50406
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 143
Connection: keep-alive
Content-Length: 43

GET
H3

200

i.match
a.tribalfusion.com/ Frame 5AB0
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%253A//simage2.pubmatic.com/AdServer/Pug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%2526piggybackCookie%253D180726623159...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw&piggybackCookie=18072662315992420724&r=https%3A//a.tribalfusion.com/i.match%3Fp%3Db11%26u%3D%24%7BPUBMATIC_U...
https://a.tribalfusion.com/i.match?p=b11&u=FCD3F0EE-7619-4BC5-AC96-55C07DCE8A20

43 B
692 B

232ms
232ms

Image
image/gif

2606:4700::6812:d05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.tribalfusion.com/i.match?p=b11&u=FCD3F0EE-7619-4BC5-AC96-55C07DCE8A20
Requested by: Host: a.tribalfusion.com
URL: http://a.tribalfusion.com/p.media?clickID=aFmT09UqroTTQbQErZaRsjLRrZawSdr9Vc354Uynot6q0quy3dnGQVrA5AnEoWTsVWFf0rnaYUYgXqytRrYZbUFMPVWM0nU7uQUryXqFp3T7g2avRna7GXbj6TtMSoArBnGYtmWfH5Tnk3Wmr3AjJmUvHYVM0XsU20sfMmqrP5U32VUnEUAMTQab2PcUOPtfuYtjuWPjv2sZb5YFBLUmXu2PZbeR6MK2cfqVa3xnZaZcx2f&mediaDataID=6719746&mediaName=frame.html
Protocol: H3
Server: 2606:4700::6812:d05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://a.tribalfusion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Dec 2021 12:25:20 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 6c4ac550e8f40f62-MXP
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
content-type: image/gif; charset=utf-8
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://a.tribalfusion.com/i.match?p=b11&u=FCD3F0EE-7619-4BC5-AC96-55C07DCE8A20
date: Tue, 28 Dec 2021 12:25:19 GMT
cache-control: no-store, no-cache, private
x-lat: amspug001:0:417
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2

200

dspreply
public-prod-dspcookiematching.dmxleo.com/ Frame 3A08
Redirect Chain

https://a.tribalfusion.com/i.match?p=b24&u=18072662315992420724&redirect=https%3A%2F%2Fpublic-prod-dspcookiematching.dmxleo.com%2Fdspreply%3FdspId%3D15%26dspUserId%3D%24TF_USER_ID_ENC%24
https://public-prod-dspcookiematching.dmxleo.com/dspreply?dspId=15&dspUserId=18072662315992436155
https://public-prod-dspcookiematching.dmxleo.com/dspreply?dspId=15&dspUserId=18072662315992436155&cookieRequired=true

0
115 B

46ms
45ms

Image
text/plain

188.65.124.38
DAILYMOTION For p...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://public-prod-dspcookiematching.dmxleo.com/dspreply?dspId=15&dspUserId=18072662315992436155&cookieRequired=true

Requested by

Host: a.tribalfusion.com
URL: http://a.tribalfusion.com/p.media?clickID=aHmT09RUjr1E3r3EFe4qU1oTnCXUf9TtFXmPrLpVrnmHvG2EYe3dmo4mBFnFfZc0GMX1s320GvupEnT3FU2VUZbZbW6UYQaURSVZbOPHUwYtZbsT6Mp3GQ4YbnKUAin2PQeP6FH4HZbnXHMZdnH2v36UV4VnfUs3jVsjeR6UNTHJSWrbP3r2oUqnvWqJiQaQHRGbZdRrivStfcWVfU5UipndAM0qep4dbZdQtQHRDUynBcYAf&mediaDataID=8039566&mediaName=frame.html

Protocol

Server

188.65.124.38 , France, ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR),

Reverse DNS

icscale-01-pub-ix7.vip.dailymotion.com

Software

nginx/1.19.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://a.tribalfusion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-dm-lb-name: icscale-01-02
date: Tue, 28 Dec 2021 12:25:20 GMT
server: nginx/1.19.3
content-length: 0
strict-transport-security: max-age=15724800; includeSubDomains

Redirect headers

location: /dspreply?dspId=15&dspUserId=18072662315992436155&cookieRequired=true
date: Tue, 28 Dec 2021 12:25:20 GMT
server: nginx/1.19.3
content-length: 113
strict-transport-security: max-age=15724800; includeSubDomains
x-dm-lb-name: icscale-01-02
content-type: text/html; charset=utf-8

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 8486 0
0 76ms
75ms Image
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20211207&jk=3561234589336304&rc=
Requested by: Host: cdn.realityrewind.com
URL: http://cdn.realityrewind.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

GET
H3

200

i.match
a.tribalfusion.com/ Frame 344F
Redirect Chain

https://aa.agkn.com/adscores/g.pixel?sid=9212295768&_puid=18072662315992420724
https://a.tribalfusion.com/i.match?p=b23&u=165010604014000240801

43 B
684 B

233ms
233ms

Image
image/gif

2606:4700::6812:d05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.tribalfusion.com/i.match?p=b23&u=165010604014000240801
Requested by: Host: a.tribalfusion.com
URL: http://a.tribalfusion.com/p.media?clickID=aLmT09STYZcQVJLRbeqPWjbUVUS2UTrmtZaOXaqv4tnESGbD5m3ZcotXmUdfeXUbb1UZb7XqitRbJEWFJYVdYWmbjuPrBpXarN5aUc5T73oTJG1rZbfTtfPomYZbms7nmHrJ3Eri5dmm3PFJnUbZd0GMUXGYU1VjnmEfT3bUPWbMAUAvTPTb1ScQMPWUv0WZbsWPjN4sUUYbFJTm6m5AB6Q6JI4WZbOXWBAnVuvSS38pYy5cZd&mediaDataID=7665496&mediaName=frame.html
Protocol: H3
Server: 2606:4700::6812:d05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://a.tribalfusion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Dec 2021 12:25:20 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 6c4ac550885a0f62-MXP
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
content-type: image/gif; charset=utf-8
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 28 Dec 2021 12:25:20 GMT
server: AAWebServer
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location: https://a.tribalfusion.com/i.match?p=b23&u=165010604014000240801
cache-control: no-cache, no-store, must-revalidate
content-length: 0
expires: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 396A 0
20 B 76ms
75ms Image
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gda_r20211207&jk=3561234589336304&bg=!FxSlFFDNAAZKWFskSlg7ACkAdvg8WhIHKNYcjHjOCNyvK2UXHalpAmoRf21W-G-I4iTdiUx3CdlVOQIAAABqUgAAAApoAQcKAEljYbFtnkmErv3seAC7GfdN10lAP5yGduMv55t4XzimRL4ZXqfc8MeQwAjOAxTsgOGrF_Boj2A6_ofafsBSC_Xpibb9CwCr4JgjmQLOInYsZVmgWONdZLWObj9pClFoKMx-IGzpZ9uCmSmmSVdSGZmjDvtgVJim8qURuTPISIhpV8kPvMwPEtQxbLgn3AXnenB64MJDfZcx8NWe52UBb-gOR-nYp7qoD1BV78h_U3tZl8wG4Oz1bzcvi4kgnb3lDh6TJ5e3Gzs2iW7FAa53ki5ONltPbv_NKuWr4TS0ipwpRLiXg_c6DmqsmNLhYJy1ULWGdJh5uun1gKloyJiQhvxIR-s1x4dz_Ck0o58UjMc930KbnVOD1akWeXvW55DiYTixqRueNev26ejFr9MmWGi86ezw06e7q6wFc0Od1C9aoT-2-MbmYaq_hv2ZBN9jBCjMWvPZf_Q1ZO2rEVSd4RiBeCcB_IEbZOxwJeWnahLFfUJQdAD9W5ROnUDK_ME0V5zpYfAhDTngOO7Fw-4UJNZ5fTQmOjqaeprlm2dYDb2xu2czhQlHUxSKie7IZMD8kNBIBjvUlgxhfRYndSNy980Pc2DHFUkbo4zK_qMzlsjhupImOSXLO_IVObAoG91IOxtiCFUhi3r4hdD5crYl8t4I9jvRlc5TXCxlic6gR8bbem0c4yQU58dibhouTLG7oOxaPBp4uCsqN4p681Wl6WFJE2bk9FsF9ePE-o1tIeNUnbhOqj7kgWxEHyQJ-HQnmAyiSCqI9nX3HuPUHcNwLPlp8Q-iQqBimw6uzbBpG0gOdiZYjzTxxGV4nvADgVC-_qdYWz9cgBmuaMXnuRr6GXlPocVYl5vgEtrFNJOmEkJLdC0vhmIHUa8_6dYU-2Xu5-tcy85GvyOPZqeZoHb-Qv3FxX7Lo70TlHUgQUwFFK-ZLkGKEuUNboHREb9BpZ6fz9YLqenA2viT6dGLifxJE446TJRl6CumPY0EspvT7AGAVckKZEIpk16_xBaFyk78sYuUzG_oEDjbSCOZHwywDCKbT9koeVVQAnFPIQ

Requested by

Host: cdn.realityrewind.com
URL: http://cdn.realityrewind.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://cdn.realityrewind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Dec 2021 12:25:20 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

i.match
a.tribalfusion.com/ Frame 38A1
Redirect Chain

https://pixel.advertising.com/ups/57628/sync?uid=18072662315992420724&_origin=1&redir=true
https://ups.analytics.yahoo.com/ups/57628/sync?uid=18072662315992420724&_origin=1&redir=true&apid=UP38275a56-67d9-11ec-83cd-02cf8ce7f0ba
https://a.tribalfusion.com/i.match?p=b17&u=UP38275a56-67d9-11ec-83cd-02cf8ce7f0ba

43 B
718 B

239ms
239ms

Image
image/gif

2606:4700::6812:d05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.tribalfusion.com/i.match?p=b17&u=UP38275a56-67d9-11ec-83cd-02cf8ce7f0ba
Requested by: Host: a.tribalfusion.com
URL: http://a.tribalfusion.com/p.media?clickID=aJmT09ScUsStZbN0WnpV6nw4sr00FrLUATw4AQ8RmfB4W3m1WUJnt2N4Pv05G77Vc3lUsbeRPFxWtZbWUbjP3r6xWTYqWqviSEBHRcQZbRrZatPHviWVjS4bXonWqq0qqp2d3CSVrC26rIoHXtVWFaYFrjXFZb91qatRUYBTrZb3TtQWmbQnRUfNXaFn5Tfe4qn5oTfIXF39UHnRnPbJmGUumHfJ5EZb73GTrSpbMm9Wjyn&mediaDataID=6347136&mediaName=frame.html
Protocol: H3
Server: 2606:4700::6812:d05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://a.tribalfusion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Dec 2021 12:25:20 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 6c4ac55119450f62-MXP
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
content-type: image/gif; charset=utf-8
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://a.tribalfusion.com/i.match?p=b17&u=UP38275a56-67d9-11ec-83cd-02cf8ce7f0ba
date: Tue, 28 Dec 2021 12:25:20 GMT
server: ATS/9.1.0.33
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H3

200

i.match
a.tribalfusion.com/ Frame 1A3C
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?cm_dsp_id=131&external_user_id=18072662315992420724&cb=https%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db20%26u%3D
https://a.tribalfusion.com/i.match?p=b20&u=YcsCLnyBLyEk4F-L3QkHaAAA

43 B
714 B

234ms
234ms

Image
image/gif

2606:4700::6812:d05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.tribalfusion.com/i.match?p=b20&u=YcsCLnyBLyEk4F-L3QkHaAAA
Requested by: Host: a.tribalfusion.com
URL: http://a.tribalfusion.com/p.media?clickID=armT094sY40UUIV6qp4P37R6JH3Wvr1WvAntAu3mUR3sMbUc3aWsMkS6MnUWJWWrfR5rEoWqjmTEBbQEQFSGjBPUZaqSdQkWVb35r6qodAn0qmp3WvFQcJA5AJZamdEyTWfc0rf61Fbi0EqsPb3CTr3PWd3WnbBnPbboXaJo3TZba4q7XoT7IXUUaTWjSoPvZapGrwpt7D3EBh2dys4AZbEprbE0Gf0YW73VrbKm8OIL9&mediaDataID=6530936&mediaName=frame.html
Protocol: H3
Server: 2606:4700::6812:d05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://a.tribalfusion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Dec 2021 12:25:20 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 6c4ac55129660f62-MXP
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
content-type: image/gif; charset=utf-8
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 28 Dec 2021 12:25:20 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://a.tribalfusion.com/i.match?p=b20&u=YcsCLnyBLyEk4F-L3QkHaAAA
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 255
Expires: Tue, 28 Dec 2021 12:25:20 GMT

GET
H3

200

i.match
a.tribalfusion.com/ Frame 5031
Redirect Chain

https://dpm.demdex.net/ibs:dpid=22054&dpuuid=18072662315992420724&redir=https%3A//a.tribalfusion.com/i.match%3Fp%3Db13%26u%3D%24%7BDD_UUID%7D
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=22054&dpuuid=18072662315992420724&redir=https%3A//a.tribalfusion.com/i.match%3Fp%3Db13%26u%3D%24%7BDD_UUID%7D
https://a.tribalfusion.com/i.match?p=b13&u=08951342012910990903611186663094195647

43 B
751 B

230ms
230ms

Image
image/gif

2606:4700::6812:d05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.tribalfusion.com/i.match?p=b13&u=08951342012910990903611186663094195647
Requested by: Host: a.tribalfusion.com
URL: http://a.tribalfusion.com/p.media?clickID=anmUCkRr6oPHv9WcfT5UPoodZapYEau3t3ZdQVfG263ZamdIpUWF8Xrf8Xb760TusPb3ZdWFYYVtJ4obYnPFbNYTvO5q7f5EQPmEMKXFUcWHJVoAnBnGQsptMB2qZbe5HAM4AnFprUZaXGQVXcF41VZbppTB22bvUTFjZcW63YPqf5QGZbpQtZbN1tJrTP3p2cB50UUDTAit2PrcQ6nC3dvO0tBZdptEw3PYW3GMcUGBjUcM8PPFvRHYcbZdg6fj&mediaDataID=5578346&mediaName=frame.html
Protocol: H3
Server: 2606:4700::6812:d05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://a.tribalfusion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Dec 2021 12:25:21 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 6c4ac552ec180f62-MXP
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
content-type: image/gif; charset=utf-8
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

DCS: dcs-prod-irl1-1-v026-04d220ae3.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: 88aC9HqwSPc=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://a.tribalfusion.com/i.match?p=b13&u=08951342012910990903611186663094195647
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame 7E64
Redirect Chain

https://a.tribalfusion.com/i.match?p=b22&u=18072662315992420724&redirect=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dexponential%26partner_uid%3D%24TF_USER_ID_ENC%24
https://beacon.krxd.net/usermatch.gif?partner=exponential&partner_uid=18072662315992436155

0
338 B

139ms
40ms

Image
text/plain

52.215.164.121
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=exponential&partner_uid=18072662315992436155
Requested by: Host: a.tribalfusion.com
URL: http://a.tribalfusion.com/p.media?clickID=apmT09oTbD1rZb9UdJSnAQIpGUupt7C3Tr73diq3PjZbprrLYGMSYsF01sBonarU5UQ4TUfEWA73RTj1Qs3MQdfs1WZbrWAUn2VBWYbZbZaVmXq2PUeQP7G2Wvm1dBLpdAo56vT3cjaVsr8WGMfPPQMTHY4TbfP2rZaoWEMrWqF7STYFSGQIRravSd77UcvS5rTsod6OYE6v2dfFPVvE5mMFmdXyVWQhXTZbbUcFXnkZd00W&mediaDataID=6807466&mediaName=frame.html
Protocol: H2
Server: 52.215.164.121 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-215-164-121.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://a.tribalfusion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 12:25:21 GMT
cache-control: private, no-cache, no-store
x-request-time: D=97 t=1640694321
x-served-by: beacon-n013-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma: no-cache
date: Tue, 28 Dec 2021 12:25:21 GMT
cf-cache-status: DYNAMIC
x-function: 209
server: cloudflare
x-reuse-index: 2855
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 6c4ac55199e80f62-MXP
p3p: CP="NOI DEVo TAIa OUR BUS"
location: https://beacon.krxd.net/usermatch.gif?partner=exponential&partner_uid=18072662315992436155
cache-control: no-cache, private
content-type: text/html
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
8 KB 59ms
59ms XHR
application/json 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20211207&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d662cd85312c0907cf15de21813cbdc4e985f1a112e98ccca59baf0aec81dc90

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://cdn.realityrewind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 28 Dec 2021 12:25:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8589
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 49ms
49ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://cdn.realityrewind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 12:25:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
expires: Tue, 28 Dec 2021 12:25:21 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 2669 13 KB
5 KB 41ms
40ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: http://cdn.realityrewind.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
date: Tue, 28 Dec 2021 09:17:45 GMT
expires: Wed, 28 Dec 2022 09:17:45 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 11256
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 0C66 783 B
534 B 100ms
49ms Document
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

d0d594f8b1e9d8c0d3345886dcbb54816b4795cc252b27212e0863940f4e14c3

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-jawl7i/tbk8OLl90H3GlcA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: http://cdn.realityrewind.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Tue, 28 Dec 2021 12:25:21 GMT
date: Tue, 28 Dec 2021 12:25:21 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-jawl7i/tbk8OLl90H3GlcA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 b_8rsBg2pSAE7OSEuXeXkmKAJRzK7XLbOE8Wp2RNR2Q.js Show response
pagead2.googlesyndication.com/bg/ Frame 2669 35 KB
13 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/b_8rsBg2pSAE7OSEuXeXkmKAJRzK7XLbOE8Wp2RNR2Q.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6fff2bb01836a52004ece484b97797926280251ccaed72db384f16a7644d4764

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 07:39:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17166
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13622
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 19:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 28 Dec 2022 07:39:15 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 0C66 0
0 76ms
76ms Image
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20211207&jk=3430653642811118&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

POST
H/1.1 200
OK bsevent.gif
tps20516.doubleverify.com/ Frame EE76 807 B
1 KB 41ms
41ms Ping
image/gif 213.254.244.18
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://tps20516.doubleverify.com/bsevent.gif?impid=ed179ddc26c3407c99dd0764c257b20b&nav_pltfrm=Linux%20x86_64&cbust=1640694321617150
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal101.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.18 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: /
Resource Hash: 78fdf5abc0ba7951eb52c6d66c9d1a9f8766f4d1c60ca05173c26623de3f3416

Request headers

Referer: http://cdn.realityrewind.com/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Tue, 28 Dec 2021 12:25:21 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: image/gif
Access-Control-Allow-Origin: http://cdn.realityrewind.com
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Content-Length: 860
Expires: 12/27/2021 12:25:21 PM

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 76ms
76ms Image
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gda_r20211207&jk=3430653642811118&bg=!qKulq-_NAAZKWFskSlg7ACkAdvg8Wlf9zXyNGFtQO0GepnBOf27VK9CEdG1MTJaA5EeGZR3mjKQ9LAIAAABRUgAAAAdoAQeZAs6Ic6dz38S-6Yuh86IhT3pp34ZgV4h30hSE1Zm4Ua9Q9FiKTVpIVlqhQC-_qe2oUlYbLGvn5y232xaN7-crpZei6B8f2oNVNdNX1Rx6-tG3ckukaJ8zMSdrRjIigutQ7N0eQ3zdhYgn5iNpc7KYY0Uhnhd8ZC317EpMCtPKOL63YWgQxMI7oQF02tIpyKxKLjRrOqSM0Z9zMQFCkTpAmTSxX_9VedhFM6NQLlDmix8jM8LU8eTbcp88H-mE0gg8MRmb-QyfGc4Vz73ykFIE0K5pOZtDQ-n_898Y90utMVdet7NMg4u6eCHrkA5TDmIaMthYzS9Y0P0w2CR_DQkp9tSBPvbCeRH1p8EVBfR8hx7f1_KtT-MjNSiHJCJlMtdpTBk_fsx8gYJaT6VF8x4l11V0LywYvG8q8K9dkYUhrMU5DVz0AQqNaI-r1gpxlbgb595daOqFc7_MRv1VbG6xypviGAIOyRgbuKxOokEa5hUfML6m9inTKyebJddriuOvMJA88DRQzf2EK4TgDXT8laMoncer1WSa26D59dgoDeouZ4mR1deTd50TO1e-1e7FHPdR4Bbh5x-E7nKLo01y4yOim6A1eDjYAgUhRsuyRmeltVRGRpiDspFgwo85zv9C2n3KjR4SxDV5NylWDty97lndcNoO6j0KNf2Up8hVEgurIR6l-i0vt1RlofCrOSwOmFO81bOu-X56sakcoEmeMwwNlGsIngUYw5xH2ppC9DvlGjvl5Qw2tqgbrDarGfvU2zuq4X9eBXLO-TKxOpnp4foqDMDQOZdgEixntH5g85gL8chTLDEkk-JhdcNyy4cLH2JBitCLQaaCD1-UToRXkee4CO0fhncuuaccqXNwhrFhE8EcN3-EiIQNXi9afLatYqM0Mf8PBbxCKP49uygYT68OVmrgsBnUzRMXE4z9iC5_4XmIPe1CQ_vNACZIHhkZ

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://cdn.realityrewind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Dec 2021 12:25:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

136 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

56 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.cdn.realityrewind.com/	1969-12-31 23:59:59	Name: __utmc Value: 116800084
.cdn.realityrewind.com/	1970-01-20 04:07:42	Name: __utmz Value: 116800084.1640694318.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
.cdn.realityrewind.com/	1970-01-19 23:44:54	Name: __utmt Value: 1
.cdn.realityrewind.com/	1970-01-20 17:16:06	Name: __utma Value: 116800084.955479509.1640694318.1640694318.1640694318.1
.cdn.realityrewind.com/	1970-01-19 23:44:56	Name: __utmb Value: 116800084.1.10.1640694318
.google.com/	1970-01-20 04:08:25	Name: NID Value: 511=erMl-XF0QbIMh6Y03Al0GXveY6r6_SqbUQscY4bHM8zqXn4lkcp3pxgDyHD_wzXnFcVD4pBAOoO9jmO7DlI6woKb3LZnFDrkit7Ks2-TVC6T2M8evIgfGT7zlCjg0IFad-d6XlLLJoZ5tFRg6djh_pRfZbUdiXN31OOnY6sssKQ
cdn.realityrewind.com/	1969-12-31 23:59:59	Name: logglytrackingsession Value: 5bbadaec-9884-4cd5-acc2-563b4d203f2a
.realityrewind.com/	1970-01-20 09:06:30	Name: __gads Value: ID=23790c1a2053fc64-2290b90711cd00e6:T=1640694318:RT=1640694318:S=ALNI_MbRnG3-Bgw65-U6Dw40PD_sf-pFYA
.doubleclick.net/	1970-01-20 09:06:30	Name: IDE Value: AHWqTUlYpPL1H0Cvl4s8RY-4b-X8-T3E6I-yL9WeKdO-9Y0sZMPx6yg4pdDNTrjPoEQ
.pubmatic.com/	1970-01-19 23:46:20	Name: KTPCACOOKIE Value: YES
.yahoo.com/	1970-01-20 08:30:51	Name: A3 Value: d=AQABBC4Cy2ECENMZh3Nkl2vDlVtEcR79jF4FEgEBAQFTzGHUYQAAAAAA_eMAAA&S=AQAAAqe4eYnk1m9ULWCLqsMzdbs
.advertising.com/	1970-01-20 08:31:56	Name: APID Value: UP38275a56-67d9-11ec-83cd-02cf8ce7f0ba
.pubmatic.com/	1970-01-20 01:54:30	Name: SyncRTB3 Value: 1641859200%3A220
.pubmatic.com/	1970-01-20 01:54:30	Name: KADUSERCOOKIE Value: FCD3F0EE-7619-4BC5-AC96-55C07DCE8A20
.casalemedia.com/	1970-01-20 08:30:30	Name: CMID Value: YcsCLnyBLyEk4F-L3QkHaAAA
.casalemedia.com/	1970-01-20 01:54:30	Name: CMPS Value: 697
.adnxs.com/	1970-01-20 01:54:30	Name: uuid2 Value: 2445082858277262493
.casalemedia.com/	1970-01-20 01:54:30	Name: CMPRO Value: 226
.yahoo.com/	1970-01-20 00:34:33	Name: APID Value: UP38275a56-67d9-11ec-83cd-02cf8ce7f0ba
.adsrvr.org/	1970-01-20 08:30:30	Name: TDID Value: 4cba8aa8-6f94-43c4-8615-0ce211e69fd7
.quantserve.com/	1970-01-20 09:15:08	Name: mc Value: 61cb022f-0ee1b-d2ec5-2f74b
.realityrewind.com/	1970-01-20 09:09:23	Name: __qca Value: P0-868215819-1640694318853
.lijit.com/	1970-01-20 08:30:30	Name: ljt_reader Value: c6bfb79c336c257a0bbf5fce
.adsrvr.org/	1970-01-20 08:30:30	Name: TDCPM Value: CAEYBSABKAIyCwimzLX4-oGlOhAFOAE.
.infolinks.com/	1970-01-19 23:46:20	Name: VRUSERCOOKIE Value: y-T4VwIgRE2uGdbX.wJg0ro9eRl9zLDxwsMvQ2oIo-~A
.1rx.io/	1970-01-20 08:30:30	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-9177086c-e70f-4a1b-b9f1-b2827a0e7b71-003%22%7D
.cpx.to/	1970-01-20 08:30:30	Name: cpSess Value: 7d0332c93c082dc6
.cpx.to/	1970-01-20 08:30:30	Name: dsp_app_nexus Value: 4886527385519746490#1640694319121
.infolinks.com/	1970-01-20 01:54:30	Name: ANUSERCOOKIE Value: 2445082858277262493
.infolinks.com/	1970-01-19 23:46:20	Name: OUTHUSERCOOKIE Value: y-w_Tl1stE2uGYAS9HueGWE1rlSzthu2M5~A~UP38275a56-67d9-11ec-83cd-02cf8ce7f0ba
.pubmatic.com/	1970-01-20 01:54:30	Name: PUBMDCID Value: 3
.pubmatic.com/	1970-01-19 23:46:20	Name: pi Value: 156872:3
.pubmatic.com/	1970-01-20 01:54:30	Name: chkChromeAb67Sec Value: 3
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAAAOMSNjU0NjY2sjQ1MjAwMDMzMjE2NRfiM9Q19Mwqdo0yiC9z9i4AAIJ86sQlAAAA
.rfihub.com/	1970-01-20 09:06:30	Name: eud Value: H4sIAAAAAAAAAFslzmtoZmJgZmlibGhpZGIBANDDJlYQAAAA
.rfihub.com/	1970-01-20 09:06:30	Name: rud Value: H4sIAAAAAAAAAOMSNjU0NjY2sjQ1MjAwMDMzMjE2NRfiM9Q19Mwqdo0yiC9z9i6Q4jU0MzEwszQxNrQ0MrEAAInMzs80AAAA
.infolinks.com/	1970-01-19 23:46:20	Name: KADUSERCOOKIE Value: FCD3F0EE-7619-4BC5-AC96-55C07DCE8A20~1640694405607
.targeting.unrulymedia.com/	1970-01-20 08:30:30	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-9177086c-e70f-4a1b-b9f1-b2827a0e7b71-003%22%7D
.infolinks.com/	1970-01-19 23:46:20	Name: IXUSERCOOKIE Value: YcsCLnyBLyEk4F-L3QkHaAAA&226
.infolinks.com/	1970-01-19 23:46:20	Name: SOVRNUSERCOOKIE Value: c6bfb79c336c257a0bbf5fce
.infolinks.com/	1970-01-19 23:46:20	Name: ZTUSERCOOKIE Value: 5133329520006624357
.infolinks.com/	1970-01-19 23:46:20	Name: R1USERCOOKIE Value: RX-9177086c-e70f-4a1b-b9f1-b2827a0e7b71-003
.infolinks.com/	1970-01-19 23:46:20	Name: PUBMUSERCOOKIE Value: FCD3F0EE-7619-4BC5-AC96-55C07DCE8A20
.spotxchange.com/	1970-01-20 08:30:34	Name: audience Value: 392cd3fd-67d9-11ec-b175-1a404fd50406
.agkn.com/	1970-01-20 08:30:30	Name: ab Value: 0001%3AhAkXRhmcOi8gGoZG7PEsMXTjuWXxOS8f
.pubmatic.com/	1970-01-20 00:28:06	Name: KRTBCOOKIE_1051 Value: 22884-18072662315992420724
.pubmatic.com/	1970-01-20 00:28:06	Name: PugT Value: 1640694319
.analytics.yahoo.com/	1970-01-20 08:31:56	Name: IDSYNC Value: "192u~22cc:18xp~22cc:18gs~22cc"
.yahoo.com/	1970-01-19 23:46:20	Name: APIDTS Value: 1640694320
.casalemedia.com/	1970-01-20 08:30:30	Name: CMRUM3 Value: 8361cb0230276018072662315992420724&2d61cb022f2760CAESEHTaLgSMvmhdh3sRH3GsHLo&e661cb022f2760&b061cb022f05a00&0561cb022f05a0&2761cb022f0b40&be61cb022f05a0&f161cb022f05a0&c361cb022f2760av-505c2690-4dcb-474b-b458-2d57ceb9eec5
.casalemedia.com/	1970-01-19 23:46:20	Name: CMST Value: YcsCL2HLAjAA
.dmxleo.com/	1970-01-20 06:56:54	Name: dmxId Value: 238F20C2F38B3A100YPEMMWLACVIODPEX
.demdex.net/	1970-01-20 04:04:06	Name: demdex Value: 08951342012910990903611186663094195647
.dpm.demdex.net/	1970-01-20 04:04:06	Name: dpm Value: 08951342012910990903611186663094195647
.krxd.net/	1970-01-20 04:04:06	Name: _kuid_ Value: OkVTvhk7
.tribalfusion.com/	1970-01-20 01:54:30	Name: ANON_ID Value: aPnwfUwZcF1eoXarpfowT9gKiPLwcZaZaefHY3skqGWZcZcn8i3lFg7rKl9223eX5Jxkie2iNZdHZa9Boa6Pr5KN7Dtp8EUsVZbTbrCVqU8CZdr9m0gKHcuUInOIUJJWFYj38wudM

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: http://cdn.realityrewind.com/(Line 709) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, http://www.google-analytics.com/ga.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: http://cdn.realityrewind.com/(Line 709) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, http://www.google-analytics.com/ga.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
other	error	URL: chrome-error://chromewebdata/ Message: Refused to display 'https://www.facebook.com/' in a frame because it set 'X-Frame-Options' to 'deny'.
network	error	URL: https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID&gdpr=1 Message: Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.tribalfusion.com
aa.agkn.com
ad.doubleclick.net
ad4m.at
ads.eu.criteo.com
ads.yahoo.com
adservice.google.co.uk
adservice.google.com
ap.lijit.com
apis.google.com
assets.pinterest.com
b1sync.zemanta.com
beacon.krxd.net
cat.fr.eu.criteo.com
cdn.doubleverify.com
cdn.realityrewind.com
cdnx.tribalfusion.com
cm.g.doubleclick.net
connect.facebook.net
csm.eu.criteo.net
de.tynt.com
dpm.demdex.net
dsp.adkernel.com
dsum-sec.casalemedia.com
edge.quantserve.com
googleads.g.doubleclick.net
i0.wp.com
i1.wp.com
i2.wp.com
ib.adnxs.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
image8.pubmatic.com
log.pinterest.com
match.adsrvr.org
match.bnmla.com
match.deepintent.com
nep.advangelists.com
onetag-sys.com
p.rfihub.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.advertising.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.wp.com
platform.twitter.com
public-prod-dspcookiematching.dmxleo.com
realityrewind.com
resources.infolinks.com
router.infolinks.com
rt3042.infolinks.com
rtb.fr.eu.criteo.com
rtb0.doubleverify.com
rules.quantcount.com
s.amazon-adsystem.com
s.cpx.to
s.tribalfusion.com
s0.wp.com
simage2.pubmatic.com
ssc-cms.33across.com
ssum-sec.casalemedia.com
static.criteo.net
stats.wp.com
sync.1rx.io
sync.go.sonobi.com
sync.search.spotxchange.com
sync.targeting.unrulymedia.com
syndication.twitter.com
tags.bluekai.com
tags.expo9.exponential.com
tpc.googlesyndication.com
tps20516.doubleverify.com
u.openx.net
ups.analytics.yahoo.com
us-u.openx.net
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagservices.com
104.111.215.191
104.244.42.8
142.250.184.230
142.250.185.66
142.250.74.194
151.101.64.84
169.197.150.7
172.66.41.9
172.66.42.247
174.137.133.49
178.162.133.149
178.250.0.160
178.250.0.162
185.64.189.110
185.64.190.80
185.94.180.126
188.65.124.38
192.0.76.3
192.0.77.2
192.0.77.32
193.0.160.129
198.47.127.18
198.47.127.19
198.47.127.20
2.18.234.21
209.188.81.66
209.54.180.144
213.19.147.44
213.254.244.18
216.52.2.48
2600:9000:223c:ec00:6:44e3:f8c0:93a1
2606:2800:234:59:254c:406:2366:268c
2606:4700:3039::6815:c0a3
2606:4700::6812:417
2606:4700::6812:c05
2606:4700::6812:d05
2620:116:800d:21:51e4:db4b:4436:b305
2620:116:800d:21:f916:5049:f87f:108e
2a00:1288:80:800::7001
2a00:1450:4001:808::2002
2a00:1450:4001:809::2002
2a00:1450:4001:80f::200e
2a00:1450:4001:810::2002
2a00:1450:4001:812::2002
2a00:1450:4001:829::2002
2a00:1450:4001:82f::200e
2a00:1450:4001:830::2004
2a00:1450:4001:831::2001
2a02:2638:1::3
2a02:2638::18
2a02:2638::2
2a02:26f0:6c00:286::4469
2a02:26f0:6c00:2b6::1931
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
3.124.133.36
3.126.56.137
34.253.11.36
35.156.119.137
35.244.159.8
35.71.131.137
37.252.173.38
38.27.122.101
51.75.86.98
52.19.78.71
52.215.164.121
52.86.199.207
67.202.105.21
67.202.105.32
69.173.144.139
70.42.32.255
94.31.29.248
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
05ed5f51c65d668cd3c8e69932e70f7df961701751a6424d499613af76266073
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0cd851e5b33af0fbb354df65506da39807b998e07723f3d08aba5179fa2ed97e
0ebe307beedcd8d666486851120eacd65084d5db9bfdcad613953c5a613df4ca
0fcc179a43165df6528858a03201abbb98500c686c2bc7eeb34057926a955465
10000e50858213f4e33be0c6e50ffac69e77fe180e9aa08d4aa241273506bb91
1037f1e0d1ae470df705a7179a41aa2c969aec5ff56771a7438edc74fc46a9f5
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
13b2aae7c207d341034e8c4d676d39f25e7d2cf086c61d4644d38a9483cd6a93
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d
18bfa52c03f6ad803676ca04152ea966964ec97277c2a98dd3b11f45f39c7950
1a3d15771ed4eedb6bb6475092462506d4d7124f29ccbc3453726a87165b5d25
1c0ba20dd6ab974307ca4fb34d7d48a7537bce6eb56c562c1e69264745221540
1df8ca2d6d3354d12fe22871a3fd19fc2154884cb98c517f2e963f864c947f8a
2093eeb7c8703b51436f09e47b6c107f5dd5068fee50a9ece8dc2f757793ddeb
20f0315c97ff7007f2e7a94d659e094a7efc01b8306da53987538c1101489e0e
2c3f642667d2dc022f8d0213500436b4b1d62b45156c8e3731b6a5506c7c9764
2c51c0f1ede85b3fc1ce270bc5190cbe9399618863cbb1e67cf37f1ce1298e4a
319dc60c796946da643a880fec740453dfa1308266841c576d1c577a4c9bac44
31fd1942a1e8a14f634f6774efa8bdfcdc829fa7d9be2bf98e1638b771bf0cc9
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
373015d4e34dbf73ecb406228a102a191bf689ab1531ad0afa629e97b6a4a7bd
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
3bfe3078ef3d06570a03b17f9260449348b90b0a74ff58a7fa862255333e01e8
3d276d676d044a790a34f40aa20de0fc4e3d1c561a635ae430d28c693fbe1473
3faadebc89cdb21d11634a032816f152462d1cb8903eb21d0642501fcad065de
487fce51fd801415c362f3f9f2df43c445a4b9ba38f9b6d49dfc898dc85ede94
4dd6e86eb720c9e9d48dd0507af2bd23e8f5b694f592d6a6658c66a79e432017
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
51d6840c0df4cc49b3b27baa5483a65ba3f80cf6508659aa8c5a379572728e4c
51dc201352664df8a472d290e8da5387964769924e98c6989726b8c391b3b8b0
53aeae66c57c35edfba9b4efe5679b6b6f5f12823f905e4524188f9c7c44b077
54ee29cd854e6d8f90ced50f67ebbe44ab1affca0f64d936d695121465bc5c03
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5646160608a78feb1d68f692fa7fe2df4ad03036fb80acd4e8189b1cf607df89
588b6cab990fae46efd7b31ce948353ed1db528fb9c7e125882c9c66d5da91ee
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
636b3421b6ab10acf5a319784b3a251056184843438e5508588d180353e213f9
63f168a7118f48be6bf05c92de4a02313f0e0491663f24d14e26886dfaf07acb
6697a677d489d6b5aedf532be2c9a947760683d08369a78e89cc7afdae7edb0e
6a1fe0907100410728ab4d870e8b1cca4b9ce788b9c87e83444dd0cd5818ca3e
6ccbd2a25f16c28004399f87b7f72c660defa584826bc883c2cc3dd6acbb4fe1
6fff2bb01836a52004ece484b97797926280251ccaed72db384f16a7644d4764
70560881bbcb4c73f3261eebd87cf503937e9d0d5eba786ed102d3d73d9cbc8a
726906ee6ce6dfe1b6e35ddad151196c50277e31520de30e916e9cd9affc0ef3
7513bc583014233318969bf03770375b9d98ea74346ace21eefa35f7e1e6af27
75e7ecaf5b939483c51079db071dd0d0144b4f057e1ac147d94b05ea0b7a419c
78fdf5abc0ba7951eb52c6d66c9d1a9f8766f4d1c60ca05173c26623de3f3416
79699402f1bb3666863c28cc1dc9fe4808672b37c16fce08e31d7abfa0e95a9c
7d5c2996d697b23e88fd8f59d1050cc5fa33133bc96f1e63b5b4327c812d1ab4
81452b3457d98dc001518335ffb61b0a0967a48c4620501ccc9391e0a259d920
82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
856f522d53c024507fb9b919ecc937b0a96be70138d598969930309fac945909
8577be08e13d868781746fd18e27a2d95ee4658c33221ec7659ece82d4d31463
85a8fab31d033c5ff04a6be598e2ae9e047d98c7f7d96f4619bd8dedc946c18f
87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48
89bf6518487d30a4103b9f7c1ac053d91b0334d5a37a17382544bc3868182518
8a8ff8dee42b29e389d8400680018c0bce46e9df677488d07020074417aaa799
8aa062fba6f3cd9ce1b8cf732f5aac75b2f239685ca7f26ca63aecf4136f35ea
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8eca7205e59341df7f339e1e07eddeee9d031f522b9808067948a715affe16c9
8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422
9161f345320ccafa2602a032f8e9d080e70b6a06ccd90635102d21d43d8fbce3
94194dc263a841aa0266e1042e7f389318a52c43e8e638528cb9e24ea3c61e96
94345992f052b881b760e35f6e2f17921fd778ec19c9f35841ae6fddc7f5f603
97719c71e44494e537beba8d51c6bb268a34dcd867fdefc431229225ca734b46
9a6235070b28db6c68db8912e3ce8bec23e3f3fe6cdf3714460bcbb5fc630974
9d375b4d5473b45d8097a0e65054a34026693e24b05c0d5de5ae9c7ed90f18ac
9de142d26063f40862e05f56ba5473702001ac8d638cbd0c2f91c78f1724a716
9f88db0de989bc118ff39b3332aeb0a9ba9a29429288de8f809f8fed3fa74806
a025c1b727608e9b86f461260e7a65c4266001b99a575c62225e52bc7093906f
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a2a625f83657540b2145c5e1ab0f560cbb4a0e75df69a7382e92fe9af057c8b1
a2b8c98adb1d2f405aa95c776222f4eacb326f0622b1aaaa2dfbdebb70d11eef
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a56e4cdbee9e362513c2334e155f33ce9f9a70bb2d81ea7a37969acb69425878
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
aa7cf11a417fdeb4161e5421a039389211fd56794d966729db61071d5240763d
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2cc03f08465689017c8138fd1c69591bbd5b05cbb2846264d43830562aea44d
b4a956c3241cd6e1a9e7663d981b9e7948f179f8310595c1cc6edcb0927b1f48
b6e6fb627f486a05e7aced72e492ac0be9803d0bed262950414a41687ada79f6
bed12088467e5c28c9dc4efe2d352183aaf4e3556b6348e8f71107f653a42bb8
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab
bffaf436572a06ebee561a83444d59f4707013ba68978cfeb5e70fce33365e59
c14624c59c56921783926b15fc505384514c173d7a764d41af48f1d38bd387dd
c1c1c4a9d429cb18f162477d30c547159be66dc764e76f613f1d79505fe06d87
c1e12130de1af0a08256debddf188cd3a6d0de24ae929bcaa2bb6be433fa6c99
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2711e9edc60964dcb5aada1bfa59c2d68d3d9dc1baf4a5ee058b4c1bd32c3eb
c5ddb995fe37710a4be439e4e3f45016cd7b7ecfa3423a29e4f4f4dcce63efff
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cc7a9b28388129877394a8f806d4b03657a566be8df77ecac53bd18c3bbe4d49
d0d594f8b1e9d8c0d3345886dcbb54816b4795cc252b27212e0863940f4e14c3
d662cd85312c0907cf15de21813cbdc4e985f1a112e98ccca59baf0aec81dc90
d6bb86200ad87b179e77dded6e5c08dd06b693246ed6ef42f8bc9b7fbe07cc90
d853164105815c3ea423a95f095ee531f547ff1e12fba56a80be0f712c62929e
d8d6b0599b7ec5749275714999d92d7e16786cd18e01b3adf5ac8f2be7e56bda
daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f
de949c48b18618f02ce79a39d52d56eb074ac1e1b3bd94cf6c458a871b28427e
e170d20dbbd5a22f50118e25fa2eefb1e85d2ad780e5477ed3a9643186090442
e310622430f2246740c3b275812a427fda5eab6fe1a0a2d880038269ce1c2870
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3b8ee13d35110d7006bc5c5147ee0a0c6c3e1f26b2f246b8d5e57edf4f6b97b
e470a076ccaf0d7e487f090c93f965cc8583a7ae6d5ac240d95ef6ca887dba39
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
ec276d0152a6c4e8216581c657790eb14a4528e95642e34a48e77803805c84b1
ec333a9855563b9c38aca285029a103636939f2829145bf9c66d3d5c8a05f00e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f32d41f2099a0be20e6b57c5e0d1b71c079d3e1345827b0f5c5b97c6e5e3f78d
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f55aba3ac99f764cd5d5ffdeca8720431692231a6b64ce14c344a5283bd16054
f5fa487416676288b5e92b1530f85fbc61d2875f4a74926affa77be11223cfe9
f6405e79c753e6a76c5c0a6f62640fc2f0dd1f06f1403cfd6ee98fcb322b30f3
fe9ad9796d39e706fe661ddf90151c0ebc03251164354d55f1ee95ca06878b40
ffb89f1f1fa54e822805cddf1f6ec0492cd8b806b36a921eda855241d1eee914

cdn.realityrewind.com Open in urlscan Pro 94.31.29.248 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

177 Requests

52 %HTTPS

35 %IPv6

51 Domains

81 Subdomains

56 IPs

6 Countries

1644 kBTransfer

3616 kBSize

56 Cookies

60 Outgoing links

Redirected requests

177 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

cdn.realityrewind.com Open in urlscan Pro
94.31.29.248 Public Scan

Screenshot
Live screenshot

Full Image

177
Requests

52 %
HTTPS

35 %
IPv6

51
Domains

81
Subdomains

56
IPs

6
Countries

1644 kB
Transfer

3616 kB
Size

56
Cookies

177 HTTP transactions
0 data transactions