urlscan.io logo urlscan.io
SecurityTrails logo

www.obsev.com Open in urlscan Pro
172.67.132.158  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.obsev.com/life/photos-show-unusual-historical-events/?utm_source=lit_456&utm_medium=paid&utm_campaign=07cc...
Submission: On September 27 via manual from EE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 83 IPs in 9 countries across 74 domains to perform 211 HTTP transactions. The main IP is 172.67.132.158, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.obsev.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 5th 2021. Valid for: a year.
This is the only time www.obsev.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 172.67.132.158 13335 (CLOUDFLAR...)
5 142.250.184.194 15169 (GOOGLE)
25 13.224.193.62 16509 (AMAZON-02)
1 151.139.240.1 33438 (HIGHWINDS2)
1 13.225.84.195 16509 (AMAZON-02)
4 2.16.186.113 20940 (AKAMAI-ASN1)
6 142.250.185.232 15169 (GOOGLE)
1 142.250.184.206 15169 (GOOGLE)
1 1 93.184.220.66 15133 (EDGECAST)
2 199.232.136.157 54113 (FASTLY)
1 192.0.73.2 2635 (AUTOMATTIC)
1 104.16.94.65 13335 (CLOUDFLAR...)
2 34.95.69.49 15169 (GOOGLE)
2 151.101.129.44 54113 (FASTLY)
2 157.240.236.1 32934 (FACEBOOK)
3 87.248.118.22 203220 (YAHOO-DEB)
4 2.16.186.145 20940 (AKAMAI-ASN1)
3 35.201.96.133 15169 (GOOGLE)
4 13.225.78.27 16509 (AMAZON-02)
4 11 151.101.194.137 54113 (FASTLY)
2 151.139.240.35 33438 (HIGHWINDS2)
1 3 13.225.78.101 16509 (AMAZON-02)
2 3 91.228.74.226 16509 (AMAZON-02)
1 104.244.42.131 13414 (TWITTER)
1 104.244.42.5 13414 (TWITTER)
1 142.250.185.194 15169 (GOOGLE)
2 142.250.186.78 15169 (GOOGLE)
1 52.49.37.161 16509 (AMAZON-02)
4 13.224.186.4 16509 (AMAZON-02)
1 157.230.212.27 14061 (DIGITALOC...)
2 157.240.236.35 32934 (FACEBOOK)
1 13.224.193.122 16509 (AMAZON-02)
2 142.250.181.226 15169 (GOOGLE)
1 13.225.78.2 16509 (AMAZON-02)
1 18.116.58.214 16509 (AMAZON-02)
2 142.250.186.68 15169 (GOOGLE)
2 193.122.128.135 31898 (ORACLE-BM...)
1 213.19.147.43 26120 (RHYTHMONE)
1 34.239.203.97 14618 (AMAZON-AES)
4 3.122.57.214 16509 (AMAZON-02)
2 104.16.190.66 13335 (CLOUDFLAR...)
2 147.75.64.214 54825 (PACKET)
3 7 185.33.221.89 29990 (ASN-APPNEX)
2 13.224.193.34 16509 (AMAZON-02)
1 185.64.189.112 62713 (AS-PUBMATIC)
1 11 35.244.159.8 15169 (GOOGLE)
1 23.37.38.181 16625 (AKAMAI-AS)
2 216.52.2.39 30282 (AS-INAPCD...)
1 2.18.232.7 16625 (AKAMAI-AS)
1 69.173.144.143 26667 (RUBICONPR...)
1 147.75.38.124 54825 (PACKET)
1 18.185.169.108 16509 (AMAZON-02)
4 34.149.20.76 15169 (GOOGLE)
4 18.156.195.47 16509 (AMAZON-02)
1 54.194.126.20 16509 (AMAZON-02)
1 64.233.167.156 15169 (GOOGLE)
1 151.101.2.137 54113 (FASTLY)
1 134.209.221.54 14061 (DIGITALOC...)
4 8 13.248.242.197 16509 (AMAZON-02)
1 5 23.37.42.132 16625 (AKAMAI-AS)
4 208.100.17.178 32748 (STEADFAST)
1 151.101.129.108 54113 (FASTLY)
2 7 13.248.245.213 16509 (AMAZON-02)
2 2.18.233.180 16625 (AKAMAI-AS)
1 13.225.78.24 16509 (AMAZON-02)
1 152.199.22.191 15133 (EDGECAST)
2 2 18.184.93.79 16509 (AMAZON-02)
3 4 18.194.59.214 16509 (AMAZON-02)
2 2 52.17.35.107 16509 (AMAZON-02)
6 6 52.49.53.128 16509 (AMAZON-02)
7 11 142.250.186.98 15169 (GOOGLE)
2 9 185.64.189.110 62713 (AS-PUBMATIC)
1 1 185.86.139.113 201081 (SMARTADSE...)
1 1 198.148.27.139 19189 (PULSEPOINT)
5 5 185.29.132.241 30419 (MEDIAMATH...)
4 5 37.157.2.235 198622 (ADFORM)
1 185.64.189.115 62713 (AS-PUBMATIC)
1 108.174.11.37 14413 (LINKEDIN)
2 3 212.82.100.176 34010 (YAHOO-IRD)
1 13.107.21.200 8068 (MICROSOFT...)
1 2 209.54.177.54 16509 (AMAZON-02)
1 1 70.42.32.191 22075 (AS-OUTBRAIN)
1 1 46.228.164.11 56396 (AMOBEE)
5 54.210.227.169 14618 (AMAZON-AES)
2 2 54.93.162.63 16509 (AMAZON-02)
4 4 18.156.0.31 16509 (AMAZON-02)
4 9 69.173.144.138 26667 (RUBICONPR...)
1 1 88.214.206.247 46636 (NATCOWEB)
3 3 185.64.189.216 62713 (AS-PUBMATIC)
2 185.64.189.114 62713 (AS-PUBMATIC)
2 2 213.155.156.166 1299 (TWELVE99 ...)
1 178.250.0.163 44788 (ASN-CRITE...)
4 4 51.210.112.63 16276 (OVH)
2 2 52.19.22.209 16509 (AMAZON-02)
6 7 3.124.210.90 16509 (AMAZON-02)
1 1 46.228.164.13 56396 (AMOBEE)
3 3 151.101.66.49 54113 (FASTLY)
1 159.253.128.188 36351 (SOFTLAYER)
1 35.244.174.68 15169 (GOOGLE)
1 185.64.190.81 62713 (AS-PUBMATIC)
211 83
2    172.67.132.158 (United States)

ASN13335 (CLOUDFLARENET, US)
www.obsev.com
5    142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net
securepubads.g.doubleclick.net
pagead2.googlesyndication.com
25    13.224.193.62 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-193-62.fra2.r.cloudfront.net
s29588.pcdn.co
1    151.139.240.1 (United States)

ASN33438 (HIGHWINDS2, US)
506.hostedprebid.com
1    13.225.84.195 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-84-195.fra2.r.cloudfront.net
d19m55ur8rme4m.cloudfront.net
4    2.16.186.113 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-113.deploy.static.akamaitechnologies.com
static.vidazoo.com
6    142.250.185.232 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f8.1e100.net
www.googletagmanager.com
1    142.250.184.206 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f14.1e100.net
www.googleoptimize.com
1    93.184.220.66 (London, United Kingdom)

ASN15133 (EDGECAST, US)
platform.twitter.com
2    199.232.136.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
static.ads-twitter.com
1    192.0.73.2 (United States)

ASN2635 (AUTOMATTIC, US)
secure.gravatar.com
1    104.16.94.65 (None, )

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
2    34.95.69.49 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 49.69.95.34.bc.googleusercontent.com
i.clean.gg
2    151.101.129.44 (United States)

ASN54113 (FASTLY, US)
cdn.taboola.com
2    157.240.236.1 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-frx5.fbcdn.net
connect.facebook.net
3    87.248.118.22 (Frankfurt am Main, Germany)

ASN203220 (YAHOO-DEB, GB)
PTR: e1.ycpi.vip.deb.yahoo.com
s.yimg.com
ads.yahoo.com
4    2.16.186.145 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-145.deploy.static.akamaitechnologies.com
analytics.tiktok.com
3    35.201.96.133 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 133.96.201.35.bc.googleusercontent.com
overconfidentfood.com
4    13.225.78.27 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-27.fra2.r.cloudfront.net
quantcast.mgr.consensu.org
11    151.101.194.137 (United States)

ASN54113 (FASTLY, US)
cd.connatix.com
cds.connatix.com
img.connatix.com
2    151.139.240.35 (United States)

ASN33438 (HIGHWINDS2, US)
jita.rtk.io
3    13.225.78.101 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-101.fra2.r.cloudfront.net
sb.scorecardresearch.com
3    91.228.74.226 (United Kingdom)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
pixel.quantserve.com
1    104.244.42.131 (United States)

ASN13414 (TWITTER, US)
analytics.twitter.com
1    104.244.42.5 (United States)

ASN13414 (TWITTER, US)
t.co
1    142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net
www.googleadservices.com
2    142.250.186.78 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f14.1e100.net
www.google-analytics.com
1    52.49.37.161 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-49-37-161.eu-west-1.compute.amazonaws.com
static.adsafeprotected.com
4    13.224.186.4 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-186-4.fra2.r.cloudfront.net
c.amazon-adsystem.com
1    157.230.212.27 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
wserver.vidazoo.com
2    157.240.236.35 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-02-frx5.facebook.com
www.facebook.com
1    13.224.193.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-193-122.fra2.r.cloudfront.net
rules.quantcount.com
2    142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net
googleads.g.doubleclick.net
1    13.225.78.2 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-2.fra2.r.cloudfront.net
test.quantcast.mgr.consensu.org
1    18.116.58.214 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-116-58-214.us-east-2.compute.amazonaws.com
capi.connatix.com
2    142.250.186.68 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f4.1e100.net
www.google.com
2    193.122.128.135 (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)
shandymedia.technoratimedia.com
1    213.19.147.43 (United Kingdom)

ASN26120 (RHYTHMONE, US)
tag.1rx.io
1    34.239.203.97 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-239-203-97.compute-1.amazonaws.com
brightcombid.marphezis.com
4    3.122.57.214 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-122-57-214.eu-central-1.compute.amazonaws.com
btlr.sharethrough.com
2    104.16.190.66 (None, )

ASN13335 (CLOUDFLARENET, US)
dmx.districtm.io
cdn.districtm.io
2    147.75.64.214 (Parsippany, United States)

ASN54825 (PACKET, US)
PTR: adstorm-pk-nj-101
bidder.rtk.io
sync.rtk.io
7    185.33.221.89 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com
2    13.224.193.34 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-193-34.fra2.r.cloudfront.net
hb.undertone.com
audit-tcfv2.quantcast.mgr.consensu.org
1    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
11    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
obsev-d.openx.net
eu-u.openx.net
us-u.openx.net
1    23.37.38.181 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-38-181.deploy.static.akamaitechnologies.com
htlb.casalemedia.com
2    216.52.2.39 (United States)

ASN30282 (AS-INAPCDN-OCY, US)
ap.lijit.com
1    2.18.232.7 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-7.deploy.static.akamaitechnologies.com
a.teads.tv
1    69.173.144.143 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
1    147.75.38.124 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)
prebid.a-mo.net
1    18.185.169.108 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-185-169-108.eu-central-1.compute.amazonaws.com
tlx.3lift.com
4    34.149.20.76 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 76.20.149.34.bc.googleusercontent.com
ssc.33across.com
4    18.156.195.47 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
c2shb.ssp.yahoo.com
1    54.194.126.20 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-126-20.eu-west-1.compute.amazonaws.com
ads.yieldmo.com
1    64.233.167.156 (United States)

ASN15169 (GOOGLE, US)
PTR: wl-in-f156.1e100.net
bid.g.doubleclick.net
1    151.101.2.137 (United States)

ASN54113 (FASTLY, US)
vid.connatix.com
1    134.209.221.54 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
bisdr.vidazoo.com
8    13.248.242.197 (United States)

ASN16509 (AMAZON-02, US)
PTR: a97adde81b00f2ca4.awsglobalaccelerator.com
match.adsrvr.org
5    23.37.42.132 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-42-132.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
secure-assets.rubiconproject.com
4    208.100.17.178 (United States)

ASN32748 (STEADFAST, US)
PTR: ip178.208-100-17.static.steadfastdns.net
ssc-cms.33across.com
1    151.101.129.108 (United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
7    13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
2    2.18.233.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com
ads.pubmatic.com
1    13.225.78.24 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-24.fra2.r.cloudfront.net
cdn.undertone.com
1    152.199.22.191 (United States)

ASN15133 (EDGECAST, US)
ad-cdn.technoratimedia.com
2    18.184.93.79 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-184-93-79.eu-central-1.compute.amazonaws.com
pm.w55c.net
4    18.194.59.214 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-194-59-214.eu-central-1.compute.amazonaws.com
x.bidswitch.net
2    52.17.35.107 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-35-107.eu-west-1.compute.amazonaws.com
r.scoota.co
6    52.49.53.128 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-49-53-128.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
11    142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net
cm.g.doubleclick.net
9    185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
simage2.pubmatic.com
1    185.86.139.113 (France)

ASN201081 (SMARTADSERVER, FR)
rtb-csync.smartadserver.com
1    198.148.27.139 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
5    185.29.132.241 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
5    37.157.2.235 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
1    185.64.189.115 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
1    108.174.11.37 (United States)

ASN14413 (LINKEDIN, US)
PTR: 108-174-11-37.fwd.linkedin.com
px.ads.linkedin.com
3    212.82.100.176 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: pr-bh-ing.pbp.vip.ir2.yahoo.com
pr-bh.ybp.yahoo.com
1    13.107.21.200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
2    209.54.177.54 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
1    70.42.32.191 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com
b1sync.zemanta.com
1    46.228.164.11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
5    54.210.227.169 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-210-227-169.compute-1.amazonaws.com
usr.undertone.com
2    54.93.162.63 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-93-162-63.eu-central-1.compute.amazonaws.com
pixel.advertising.com
4    18.156.0.31 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
9    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
token.rubiconproject.com
1    88.214.206.247 (United Kingdom)

ASN46636 (NATCOWEB, US)
PTR: buycheapfags.com
cs.admanmedia.com
3    185.64.189.216 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image8.pubmatic.com
2    185.64.189.114 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
2    213.155.156.166 (Uppsala, Sweden)

ASN1299 (TWELVE99 Twelve99, Telia Carrier, SE)
PTR: 213-155-156-166.teliacarrier-cust.com
d5p.de17a.com
1    178.250.0.163 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
4    51.210.112.63 (France)

ASN16276 (OVH, FR)
PTR: pikafka-3.cloudy.ovh
pixel.onaudience.com
2    52.19.22.209 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-19-22-209.eu-west-1.compute.amazonaws.com
sync.crwdcntrl.net
7    3.124.210.90 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-210-90.eu-central-1.compute.amazonaws.com
ps.eyeota.net
1    46.228.164.13 (United Kingdom)

ASN56396 (AMOBEE, GB)
d.turn.com
3    151.101.66.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    159.253.128.188 (Amsterdam, Netherlands)

ASN36351 (SOFTLAYER, US)
PTR: bc.80.fd9f.ip4.static.sl-reverse.com
um.simpli.fi
1    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
id.rlcdn.com
1    185.64.190.81 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage4.pubmatic.com
Apex Domain
Subdomains		 Transfer
25 pcdn.co
s29588.pcdn.co
384 KB
19 pubmatic.com
hbopenbid.pubmatic.com
ads.pubmatic.com
image2.pubmatic.com
image6.pubmatic.com
image8.pubmatic.com
image4.pubmatic.com
simage2.pubmatic.com
simage4.pubmatic.com
28 KB
18 doubleclick.net
securepubads.g.doubleclick.net
googleads.g.doubleclick.net
bid.g.doubleclick.net
cm.g.doubleclick.net
174 KB
15 rubiconproject.com
fastlane.rubiconproject.com
eus.rubiconproject.com
secure-assets.rubiconproject.com
pixel.rubiconproject.com
token.rubiconproject.com
27 KB
13 connatix.com
cd.connatix.com
cds.connatix.com
capi.connatix.com
vid.connatix.com
img.connatix.com
806 KB
12 yahoo.com
c2shb.ssp.yahoo.com
pr-bh.ybp.yahoo.com
ups.analytics.yahoo.com
ads.yahoo.com
7 KB
11 openx.net
obsev-d.openx.net
eu-u.openx.net
us-u.openx.net
2 KB
8 adsrvr.org
match.adsrvr.org
3 KB
8 33across.com
ssc.33across.com
ssc-cms.33across.com
762 B
8 3lift.com
tlx.3lift.com
eb2.3lift.com
3 KB
8 adnxs.com
ib.adnxs.com
acdn.adnxs.com
31 KB
7 eyeota.net
ps.eyeota.net
4 KB
7 undertone.com
hb.undertone.com
cdn.undertone.com
usr.undertone.com
4 KB
6 bidr.io
match.prod.bidr.io
3 KB
6 amazon-adsystem.com
c.amazon-adsystem.com
s.amazon-adsystem.com
40 KB
6 consensu.org
quantcast.mgr.consensu.org
test.quantcast.mgr.consensu.org
audit-tcfv2.quantcast.mgr.consensu.org
140 KB
6 googletagmanager.com
www.googletagmanager.com
231 KB
6 vidazoo.com
static.vidazoo.com
wserver.vidazoo.com
bisdr.vidazoo.com
242 KB
5 adform.net
c1.adform.net
2 KB
5 mathtag.com
sync.mathtag.com
3 KB
4 onaudience.com
pixel.onaudience.com
2 KB
4 bidswitch.net
x.bidswitch.net
1 KB
4 sharethrough.com
btlr.sharethrough.com
449 B
4 rtk.io
jita.rtk.io
bidder.rtk.io
sync.rtk.io
3 KB
4 tiktok.com
analytics.tiktok.com
66 KB
3 everesttech.net
sync-tm.everesttech.net
791 B
3 technoratimedia.com
shandymedia.technoratimedia.com
ad-cdn.technoratimedia.com
6 KB
3 quantserve.com
secure.quantserve.com
pixel.quantserve.com
10 KB
3 scorecardresearch.com
sb.scorecardresearch.com
2 KB
3 overconfidentfood.com
overconfidentfood.com
30 KB
2 crwdcntrl.net
sync.crwdcntrl.net
1 KB
2 de17a.com
d5p.de17a.com
637 B
2 advertising.com
pixel.advertising.com
676 B
2 turn.com
ad.turn.com
d.turn.com
884 B
2 scoota.co
r.scoota.co
1 KB
2 w55c.net
pm.w55c.net
2 KB
2 lijit.com
ap.lijit.com
759 B
2 districtm.io
dmx.districtm.io
cdn.districtm.io
283 B
2 google.com
www.google.com
677 B
2 facebook.com
www.facebook.com
331 B
2 google-analytics.com
www.google-analytics.com
20 KB
2 yimg.com
s.yimg.com
7 KB
2 facebook.net
connect.facebook.net
170 KB
2 taboola.com
cdn.taboola.com
154 KB
2 clean.gg
i.clean.gg
104 B
2 ads-twitter.com
static.ads-twitter.com
11 KB
2 twitter.com
platform.twitter.com
analytics.twitter.com
994 B
2 obsev.com
www.obsev.com
30 KB
1 rlcdn.com
id.rlcdn.com
1 simpli.fi
um.simpli.fi
612 B
1 criteo.com
dis.criteo.com
334 B
1 admanmedia.com
cs.admanmedia.com
509 B
1 zemanta.com
b1sync.zemanta.com
301 B
1 bing.com
c.bing.com
479 B
1 linkedin.com
px.ads.linkedin.com
463 B
1 contextweb.com
bh.contextweb.com
518 B
1 smartadserver.com
rtb-csync.smartadserver.com
762 B
1 yieldmo.com
ads.yieldmo.com
224 B
1 a-mo.net
prebid.a-mo.net
169 B
1 teads.tv
a.teads.tv
247 B
1 casalemedia.com
htlb.casalemedia.com
373 B
1 marphezis.com
brightcombid.marphezis.com
113 B
1 1rx.io
tag.1rx.io
169 B
1 googlesyndication.com
pagead2.googlesyndication.com
6 KB
1 quantcount.com
rules.quantcount.com
376 B
1 adsafeprotected.com
static.adsafeprotected.com
259 B
1 googleadservices.com
www.googleadservices.com
14 KB
1 t.co
t.co
454 B
1 cloudflareinsights.com
static.cloudflareinsights.com
5 KB
1 gravatar.com
secure.gravatar.com
3 KB
1 googleoptimize.com
www.googleoptimize.com
37 KB
1 cloudfront.net
d19m55ur8rme4m.cloudfront.net
38 KB
1 hostedprebid.com
506.hostedprebid.com
180 KB
0 googleapis.com Failed
imasdk.googleapis.com Failed
211 74
Domain Requested by
25 s29588.pcdn.co www.obsev.com
s29588.pcdn.co
11 cm.g.doubleclick.net 7 redirects eu-u.openx.net
eb2.3lift.com
www.obsev.com
8 match.adsrvr.org 4 redirects 506.hostedprebid.com
eu-u.openx.net
eb2.3lift.com
www.obsev.com
7 ps.eyeota.net 6 redirects ads.pubmatic.com
7 eb2.3lift.com 2 redirects d19m55ur8rme4m.cloudfront.net
eb2.3lift.com
7 ib.adnxs.com 3 redirects 506.hostedprebid.com
acdn.adnxs.com
6 image2.pubmatic.com 2 redirects ads.pubmatic.com
6 match.prod.bidr.io 6 redirects
6 cds.connatix.com www.obsev.com
d19m55ur8rme4m.cloudfront.net
6 www.googletagmanager.com www.obsev.com
d19m55ur8rme4m.cloudfront.net
5 pixel.rubiconproject.com cdn.undertone.com
eus.rubiconproject.com
www.obsev.com
5 usr.undertone.com cdn.undertone.com
5 c1.adform.net 4 redirects ads.pubmatic.com
5 sync.mathtag.com 5 redirects
5 us-u.openx.net 1 redirects eu-u.openx.net
5 eu-u.openx.net d19m55ur8rme4m.cloudfront.net
eu-u.openx.net
4 token.rubiconproject.com 4 redirects
4 pixel.onaudience.com 4 redirects
4 ups.analytics.yahoo.com 4 redirects
4 x.bidswitch.net 3 redirects eb2.3lift.com
4 ssc-cms.33across.com d19m55ur8rme4m.cloudfront.net
4 eus.rubiconproject.com d19m55ur8rme4m.cloudfront.net
eus.rubiconproject.com
cdn.undertone.com
4 c2shb.ssp.yahoo.com 506.hostedprebid.com
4 ssc.33across.com 506.hostedprebid.com
4 btlr.sharethrough.com 506.hostedprebid.com
4 c.amazon-adsystem.com d19m55ur8rme4m.cloudfront.net
c.amazon-adsystem.com
4 cd.connatix.com 4 redirects
4 quantcast.mgr.consensu.org d19m55ur8rme4m.cloudfront.net
quantcast.mgr.consensu.org
4 analytics.tiktok.com d19m55ur8rme4m.cloudfront.net
analytics.tiktok.com
4 static.vidazoo.com www.obsev.com
d19m55ur8rme4m.cloudfront.net
4 securepubads.g.doubleclick.net www.obsev.com
d19m55ur8rme4m.cloudfront.net
securepubads.g.doubleclick.net
3 simage2.pubmatic.com ads.pubmatic.com
3 sync-tm.everesttech.net 3 redirects
3 image8.pubmatic.com 3 redirects
3 pr-bh.ybp.yahoo.com 2 redirects ads.pubmatic.com
3 sb.scorecardresearch.com 1 redirects d19m55ur8rme4m.cloudfront.net
www.obsev.com
3 overconfidentfood.com d19m55ur8rme4m.cloudfront.net
2 sync.crwdcntrl.net 2 redirects
2 d5p.de17a.com 2 redirects
2 image4.pubmatic.com cdn.undertone.com
ads.pubmatic.com
2 pixel.advertising.com 2 redirects
2 s.amazon-adsystem.com 1 redirects eb2.3lift.com
2 pixel.quantserve.com 2 redirects
2 r.scoota.co 2 redirects
2 pm.w55c.net 2 redirects
2 ads.pubmatic.com d19m55ur8rme4m.cloudfront.net
ads.pubmatic.com
2 ap.lijit.com 506.hostedprebid.com
d19m55ur8rme4m.cloudfront.net
2 shandymedia.technoratimedia.com 506.hostedprebid.com
2 www.google.com www.obsev.com
2 googleads.g.doubleclick.net d19m55ur8rme4m.cloudfront.net
2 www.facebook.com www.obsev.com
2 www.google-analytics.com d19m55ur8rme4m.cloudfront.net
www.google-analytics.com
2 jita.rtk.io 506.hostedprebid.com
2 s.yimg.com d19m55ur8rme4m.cloudfront.net
s.yimg.com
2 connect.facebook.net d19m55ur8rme4m.cloudfront.net
2 cdn.taboola.com d19m55ur8rme4m.cloudfront.net
2 i.clean.gg d19m55ur8rme4m.cloudfront.net
2 static.ads-twitter.com www.obsev.com
d19m55ur8rme4m.cloudfront.net
2 www.obsev.com static.cloudflareinsights.com
1 simage4.pubmatic.com ads.pubmatic.com
1 ads.yahoo.com www.obsev.com
1 id.rlcdn.com www.obsev.com
1 um.simpli.fi ads.pubmatic.com
1 d.turn.com 1 redirects
1 dis.criteo.com ads.pubmatic.com
1 cs.admanmedia.com 1 redirects
1 secure-assets.rubiconproject.com 1 redirects
1 ad.turn.com 1 redirects
1 b1sync.zemanta.com 1 redirects
1 c.bing.com eb2.3lift.com
1 px.ads.linkedin.com eb2.3lift.com
1 image6.pubmatic.com ads.pubmatic.com
1 bh.contextweb.com 1 redirects
1 rtb-csync.smartadserver.com 1 redirects
1 ad-cdn.technoratimedia.com d19m55ur8rme4m.cloudfront.net
1 cdn.undertone.com d19m55ur8rme4m.cloudfront.net
1 acdn.adnxs.com d19m55ur8rme4m.cloudfront.net
1 cdn.districtm.io d19m55ur8rme4m.cloudfront.net
1 sync.rtk.io d19m55ur8rme4m.cloudfront.net
1 bisdr.vidazoo.com static.vidazoo.com
1 img.connatix.com
1 vid.connatix.com cd.connatix.com
1 bid.g.doubleclick.net d19m55ur8rme4m.cloudfront.net
1 audit-tcfv2.quantcast.mgr.consensu.org quantcast.mgr.consensu.org
1 ads.yieldmo.com 506.hostedprebid.com
1 tlx.3lift.com 506.hostedprebid.com
cd.connatix.com
1 prebid.a-mo.net 506.hostedprebid.com
1 fastlane.rubiconproject.com 506.hostedprebid.com
1 a.teads.tv 506.hostedprebid.com
1 htlb.casalemedia.com 506.hostedprebid.com
1 obsev-d.openx.net 506.hostedprebid.com
1 hbopenbid.pubmatic.com 506.hostedprebid.com
1 hb.undertone.com 506.hostedprebid.com
1 bidder.rtk.io 506.hostedprebid.com
1 dmx.districtm.io 506.hostedprebid.com
1 brightcombid.marphezis.com 506.hostedprebid.com
1 tag.1rx.io 506.hostedprebid.com
1 pagead2.googlesyndication.com d19m55ur8rme4m.cloudfront.net
1 capi.connatix.com cd.connatix.com
1 test.quantcast.mgr.consensu.org quantcast.mgr.consensu.org
1 rules.quantcount.com d19m55ur8rme4m.cloudfront.net
1 wserver.vidazoo.com static.vidazoo.com
1 static.adsafeprotected.com www.obsev.com
1 www.googleadservices.com d19m55ur8rme4m.cloudfront.net
1 t.co www.obsev.com
1 analytics.twitter.com d19m55ur8rme4m.cloudfront.net
1 secure.quantserve.com d19m55ur8rme4m.cloudfront.net
1 static.cloudflareinsights.com www.obsev.com
1 secure.gravatar.com www.obsev.com
1 platform.twitter.com 1 redirects
1 www.googleoptimize.com www.obsev.com
1 d19m55ur8rme4m.cloudfront.net www.obsev.com
1 506.hostedprebid.com www.obsev.com
0 imasdk.googleapis.com Failed www.obsev.com
211 114

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-07-05 -
2022-07-04		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
cdn.obsev.com
Amazon		 2020-12-27 -
2022-01-25		 a year crt.sh
*.hostedprebid.com
Sectigo RSA Domain Validation Secure Server CA		 2020-12-18 -
2022-01-18		 a year crt.sh
*.cloudfront.net
Amazon		 2021-03-19 -
2022-03-17		 a year crt.sh
*.vidazoo.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-03 -
2022-02-03		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
ads-twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-07-21 -
2022-07-26		 a year crt.sh
*.gravatar.com
Sectigo RSA Domain Validation Secure Server CA		 2020-08-14 -
2022-11-16		 2 years crt.sh
i.clean.gg
GTS CA 1D4		 2021-08-25 -
2021-11-23		 3 months crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-25 -
2021-12-26		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-07-07 -
2021-10-05		 3 months crt.sh
*.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-09-06 -
2021-10-27		 2 months crt.sh
*.tiktok.com
RapidSSL RSA CA 2018		 2019-11-14 -
2022-01-12		 2 years crt.sh
overconfidentfood.com
R3		 2021-08-27 -
2021-11-25		 3 months crt.sh
quantcast.mgr.consensu.org
Amazon		 2021-04-24 -
2022-05-23		 a year crt.sh
*.connatix.com
Go Daddy Secure Certificate Authority - G2		 2020-09-29 -
2021-10-19		 a year crt.sh
*.rtk.io
DigiCert SHA2 Secure Server CA		 2020-02-29 -
2022-03-04		 2 years crt.sh
*.scorecardresearch.com
Amazon		 2021-02-28 -
2022-03-29		 a year crt.sh
*.quantserve.com
DigiCert SHA2 High Assurance Server CA		 2020-10-02 -
2021-10-07		 a year crt.sh
*.twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-02-05 -
2022-02-04		 a year crt.sh
t.co
DigiCert TLS RSA SHA256 2020 CA1		 2021-02-05 -
2022-02-04		 a year crt.sh
www.googleadservices.com
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
static.adsafeprotected.com
Amazon		 2021-01-06 -
2022-02-04		 a year crt.sh
c.amazon-adsystem.com
Amazon		 2021-07-06 -
2022-06-27		 a year crt.sh
www.google.com
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
*.1rx.io
Sectigo RSA Domain Validation Secure Server CA		 2021-06-01 -
2022-07-02		 a year crt.sh
marphezis.com
Amazon		 2020-12-30 -
2022-01-28		 a year crt.sh
*.sharethrough.com
Amazon		 2021-08-13 -
2022-09-11		 a year crt.sh
districtm.io
Cloudflare Inc ECC CA-3		 2021-06-02 -
2022-06-01		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2021-03-05 -
2022-02-19		 a year crt.sh
*.undertone.com
Amazon		 2020-11-03 -
2021-12-02		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2020-12-07 -
2021-12-14		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2021-07-08 -
2022-08-08		 a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-02-05 -
2022-02-09		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2021-03-11 -
2022-04-12		 a year crt.sh
teads.tv
R3		 2021-08-23 -
2021-11-21		 3 months crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-03-30 -
2022-04-04		 a year crt.sh
*.a-mo.net
R3		 2021-07-16 -
2021-10-14		 3 months crt.sh
*.technoratimedia.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-09-17 -
2022-10-05		 a year crt.sh
*.3lift.com
Amazon		 2021-06-12 -
2022-07-11		 a year crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA		 2020-06-01 -
2021-09-30		 a year crt.sh
web.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-08-30 -
2022-02-23		 6 months crt.sh
*.yieldmo.com
Amazon		 2021-05-25 -
2022-06-23		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-18 -
2022-04-19		 a year crt.sh
cdn.adnxs.com
GlobalSign Organization Validated CA - SHA256 - G4		 2021-05-10 -
2022-06-11		 a year crt.sh
px.ads.linkedin.com
DigiCert SHA2 Secure Server CA		 2021-09-16 -
2022-03-16		 6 months crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2020-04-23 -
2022-05-04		 2 years crt.sh
www.bing.com
Microsoft RSA TLS CA 02		 2021-07-06 -
2022-01-06		 6 months crt.sh
s.amazon-adsystem.com
Amazon		 2021-07-14 -
2022-06-27		 a year crt.sh
*.k8s-cluster-p-us-east-1.ramp-ut.io
Amazon		 2020-11-18 -
2021-12-18		 a year crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-06 -
2022-10-07		 a year crt.sh
*.pbp.bf2.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-08-18 -
2021-11-17		 3 months crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-09-09 -
2021-12-07		 3 months crt.sh
*.eyeota.net
R3		 2021-08-27 -
2021-11-25		 3 months crt.sh
*.simpli.fi
DigiCert SHA2 Secure Server CA		 2019-09-18 -
2021-12-12		 2 years crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-25 -
2022-03-28		 a year crt.sh

This page contains 25 frames:

Primary Page: https://www.obsev.com/life/photos-show-unusual-historical-events/?utm_source=lit_456&utm_medium=paid&utm_campaign=07cc_ntd590_070_aa_lc_n_lc_dd_1_tnt_1&utm_content=23848775733490200&utm_term=07cc_ntd590_070_aa_lc_n_lc_dd_1_adset_1&fbclid=IwAR3ivSL7fWMhwzGX
Frame ID: 7C38C939E29803A6824742C9F0801E9E
Requests: 126 HTTP requests in this frame

Frame: https://cds.connatix.com/p/130560/connatix.playspace.dc.js
Frame ID: 36E3E0FB35EC00F4B53FCAF7E81723A4
Requests: 1 HTTP requests in this frame

Frame: https://cds.connatix.com/p/130560/connatix.player.dc.js
Frame ID: A34243FFB298B857667205B2BABECC18
Requests: 1 HTTP requests in this frame

Frame: https://cds.connatix.com/p/130560/connatix.playspace.dc.js
Frame ID: 96A25134264D56AB5E6BF07645F1D95D
Requests: 1 HTTP requests in this frame

Frame: https://cds.connatix.com/p/130560/connatix.player.dc.js
Frame ID: EC95325568410F9CA487430AFA5EC516
Requests: 7 HTTP requests in this frame

Frame: https://bid.g.doubleclick.net/xbbe/pixel?d=KAE
Frame ID: 95B636F1A5A041FC4F8591712DF48392
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: A65513B6445559FB5617C942FE19C1D0
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?us_privacy=1---
Frame ID: 8CDE19B99CB981B9E17F87F657CD66FF
Requests: 10 HTTP requests in this frame

Frame: https://sync.rtk.io/cs?ref=https%3A%2F%2Fwww.obsev.com&us_privacy=1---
Frame ID: 7E92164945CE00240DCBA265DCAFD5B1
Requests: 1 HTTP requests in this frame

Frame: https://cdn.districtm.io/ids/index.html?ccpa=1---
Frame ID: 946957BA2739A35F832350D815BDDBDF
Requests: 1 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=cN-KiO7e0r6yoPaKlId8sQ&gdpr_consent=undefined&us_privacy=1---
Frame ID: A9C77E8CA148ACEB1C1E1887F83F09CA
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 2DC542CA682432B54A7DD047A795338B
Requests: 3 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?us_privacy=1---&&ld=1
Frame ID: 44CFB523F10909DD516DEEF7F33F44A7
Requests: 11 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159001&us_privacy=1---
Frame ID: F407F1022BD000E49700FBD32F377615
Requests: 14 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=26ba2c35-e795-475f-bb65-56b378952c90&gdpr=0&us_privacy=1---
Frame ID: 7B5F82D9D76B5E89AB05390D7EA0D49D
Requests: 11 HTTP requests in this frame

Frame: https://cdn.undertone.com/js/usersync.html?ccpa=1---
Frame ID: 193A139A7FB13AE697B9DE2653F2B727
Requests: 8 HTTP requests in this frame

Frame: https://ad-cdn.technoratimedia.com/html/usersync.html?src=prebid_prebid_4.43.4
Frame ID: 067CB7EAD07A66622728BB42C79FB43F
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon?us_privacy=1---&informer=13426153
Frame ID: 78A8A3D7CF0FABDDEEB3A94C3ED251BE
Requests: 1 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=d808Gu7emr6ykqaKkGJozW&gdpr_consent=undefined&us_privacy=1---
Frame ID: 4EE81A9C14388B7D0FF47256DBDA700D
Requests: 1 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=anEIgw7emr6ykqaKkGJozW&gdpr_consent=undefined&us_privacy=1---
Frame ID: ABC65B473B93E0B1206AD8E53154C7E0
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=12776
Frame ID: 53BC7199BB5117AEB03D7891047FF4B9
Requests: 3 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=A7CFAC13-0AA2-474A-AC6E-52B8B145B74F
Frame ID: 0EDDF7D790A5F5195DA034720FE3EC5E
Requests: 1 HTTP requests in this frame

Frame: https://pr-bh.ybp.yahoo.com/sync/pubmatic/A7CFAC13-0AA2-474A-AC6E-52B8B145B74F?gdpr=0&gdpr_consent=
Frame ID: C708B1371270F8A63D438D805038E69E
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 745E7F5D70659CC628BECD35F6265410
Requests: 1 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=c_qS1a7eOr6ykqaKkGJozW&gdpr_consent=undefined&us_privacy=1---
Frame ID: 47CBFAE4022F85D74A34AA44FEE7D240
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googleoptimize\.com/optimize\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • quantcast\.mgr\.consensu\.org
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • \.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

211
Requests

98 %
HTTPS

0 %
IPv6

74
Domains

114
Subdomains

83
IPs

9
Countries

2907 kB
Transfer

11145 kB
Size

95
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 18
  • https://platform.twitter.com/oct.js HTTP 301
  • https://static.ads-twitter.com/oct.js
Request Chain 42
  • https://cd.connatix.com/connatix.playspace.js HTTP 302
  • https://cds.connatix.com/p/130560/connatix.playspace.dc.js
Request Chain 43
  • https://cd.connatix.com/connatix.player.js HTTP 302
  • https://cds.connatix.com/p/130560/connatix.player.dc.js
Request Chain 51
  • https://cd.connatix.com/connatix.playspace.js HTTP 302
  • https://cds.connatix.com/p/130560/connatix.playspace.dc.js
Request Chain 52
  • https://cd.connatix.com/connatix.player.js HTTP 302
  • https://cds.connatix.com/p/130560/connatix.player.dc.js
Request Chain 71
  • https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&ns__t=1632734326790&ns_c=UTF-8&cv=3.5&c8=Photos%20That%20Show%20a%20Side%20of%20History%20That%20You%20Didn%E2%80%99t%20Know%20-%20Obsev&c7=https%3A%2F%2Fwww.obsev.com%2Flife%2Fphotos-show-unusual-historical-events%2F%3Futm_source%3Dlit_456%26utm_medium%3Dpaid%26utm_campaign%3D07cc_ntd590_070_aa_lc_n_lc_dd_1_tnt_1%26utm_content%3D23848775733490200%26utm_term%3D07cc_ntd590_070_aa_lc_n_lc_dd_1_adset_1%26fbclid%3DIwAR3ivSL7fWMhwzGX&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1632734326790&ns_c=UTF-8&cv=3.5&c8=Photos%20That%20Show%20a%20Side%20of%20History%20That%20You%20Didn%E2%80%99t%20Know%20-%20Obsev&c7=https%3A%2F%2Fwww.obsev.com%2Flife%2Fphotos-show-unusual-historical-events%2F%3Futm_source%3Dlit_456%26utm_medium%3Dpaid%26utm_campaign%3D07cc_ntd590_070_aa_lc_n_lc_dd_1_tnt_1%26utm_content%3D23848775733490200%26utm_term%3D07cc_ntd590_070_aa_lc_n_lc_dd_1_adset_1%26fbclid%3DIwAR3ivSL7fWMhwzGX&c9=
Request Chain 143
  • https://eb2.3lift.com/sync?us_privacy=1---& HTTP 302
  • https://eb2.3lift.com/sync?us_privacy=1---&&ld=1
Request Chain 152
  • https://pm.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537072979&val=N2Hftc3D1MuMMI5
Request Chain 153
  • https://x.bidswitch.net/sync?ssp=openx HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=openx HTTP 302
  • https://r.scoota.co/sync?ssp=bidswitch&bidswitch_ssp_id=openx HTTP 302
  • https://r.scoota.co/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=openx HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=29&expires=30&user_id=a8695f62-6d62-4731-8274-d590522b4653&ssp=openx HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072968&val=923cf5cf-bcf1-475e-893d-737dfe62d5ae
Request Chain 154
  • https://ib.adnxs.com/getuid?https://eu-u.openx.net/w/1.0/sd?id=537072399&val=$UID HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537072399&val=412609993434168691
Request Chain 155
  • https://match.prod.bidr.io/cookie-sync/ox HTTP 303
  • https://match.prod.bidr.io/cookie-sync/ox?_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFDclBVN0NveGtBQUR3WlJkNWxFZw&bee_sync_partners=pm%2Csas%2Cpp%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Csas%2Cpp%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1 HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AACrPU7CoxkAADwZRd5lEg&r=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Cpp%252Cox%26bee_sync_current_partner%3Dpm%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cpp%2Cox&bee_sync_current_partner=pm&bee_sync_initiator=adx&bee_sync_hop_count=2 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AACrPU7CoxkAADwZRd5lEg&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Cox%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID HTTP 302
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=pp%2Cox&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=7808748477100723742 HTTP 303
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AACrPU7CoxkAADwZRd5lEg&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fuserid%3D7808748477100723742%26bee_sync_partners%3Dox%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D4 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?userid=7808748477100723742&bee_sync_partners=ox&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=4&ev=AACrPU7CoxkAADwZRd5lEg&pid=558502&do=add HTTP 303
  • https://us-u.openx.net/w/1.0/sd?id=537125688&val=AACrPU7CoxkAADwZRd5lEg
Request Chain 156
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=d0ea6151-8c7c-4f00-98de-286741caa22d
Request Chain 157
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=lXREz5smRp2OIBTHwSZcnJUjSMyOdkHOl3daOOl3
Request Chain 158
  • https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=4155417303441706770
Request Chain 161
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEiiuQL63g0GhynTE3pa5aQ&google_cver=1
Request Chain 165
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=1&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEHXL1da3waQIIkXJcVoJ9gY&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
Request Chain 166
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=1&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTUwODI5OTMyNTU5NDU4MjYwMzI%3D
Request Chain 168
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/15082993255945826032?gdpr=1&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-cOIGUxxE2oRv0ZFpdD23J5Nk1TugLS7D3aWXgxrGjw--~A&dongle=0883
Request Chain 171
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=1&gdpr_consent=&uid=15082993255945826032 HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=15082993255945826032&dcc=t
Request Chain 172
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=1&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Request Chain 173
  • https://ad.turn.com/r/cs?pid=49&gdpr=1&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=4771&xuid=4543359819311492910&dongle=d407
Request Chain 175
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=12776 HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=12776
Request Chain 176
  • https://ib.adnxs.com/getuidnb?https://usr.undertone.com/userPixel/sync?partner=appnexus&uid=$UID HTTP 302
  • https://usr.undertone.com/userPixel/sync?partner=appnexus&uid=412609993434168691
Request Chain 177
  • https://us-u.openx.net/w/1.0/cm?id=fba3d144-1026-4d31-a758-943b9545e305&r=https://usr.undertone.com/userPixel/sync?partnerId=39&uid= HTTP 302
  • https://usr.undertone.com/userPixel/sync?partnerId=39&uid=120bc7d7-f1ed-437a-b153-1062a94b341b
Request Chain 178
  • https://pixel.advertising.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
  • https://pixel.advertising.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true&verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true&apid=UPeed8102b-1f73-11ec-b39f-02abba99f1a8 HTTP 302
  • https://ups.analytics.yahoo.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true&apid=UPeed8102b-1f73-11ec-b39f-02abba99f1a8&verify=true HTTP 302
  • https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-F3QUtbxE2uHaHPqcCTg8mwAkIVpWCQAU~A~UPeed8102b-1f73-11ec-b39f-02abba99f1a8
Request Chain 179
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sirnsvg&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://usr.undertone.com/userPixel/sync?partner=ttd&uid=037929fa-8c56-4157-8bbb-d0459f98666f&ttl=1635326332
Request Chain 181
  • https://cs.admanmedia.com/sync/undertone?url=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3Fpartner%3Dacuityads%26uid%3D%24UID HTTP 302
  • https://usr.undertone.com/userPixel/sync?partner=acuityads&uid=17bc8d727c400d7b265433c805729b1cc6c1bfca
Request Chain 182
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160318&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160318%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fusr.undertone.com%252FuserPixel%252Fsync%253FpartnerId%253D53%2526uid%253D%2523PMUID HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160318&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160318%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fusr.undertone.com%252FuserPixel%252Fsync%253FpartnerId%253D53%2526uid%253D%2523PMUID&rdf=1 HTTP 302
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=A7CFAC13-0AA2-474A-AC6E-52B8B145B74F&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=A7CFAC13-0AA2-474A-AC6E-52B8B145B74F&redir=true&gdpr=0&gdpr_consent=&verify=true HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-IPt7vU1E2uWleW6eLsUMkE6sJdvUnno-~A&gdpr=0&gdpr_consent=
Request Chain 183
  • https://c1.adform.net/serving/cookie/match?party=14&cid=A7CFAC13-0AA2-474A-AC6E-52B8B145B74F HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=A7CFAC13-0AA2-474A-AC6E-52B8B145B74F
Request Chain 184
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=9060834481519736520 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/pubmatic/A7CFAC13-0AA2-474A-AC6E-52B8B145B74F?gdpr=0&gdpr_consent=
Request Chain 186
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=p8-sEwqiR0qsblK4sUW3Tw%3D%3D HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Request Chain 187
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=d0ea6151-8c7c-4f00-98de-286741caa22d
Request Chain 188
  • https://pixel.onaudience.com/?partner=214&mapped=A7CFAC13-0AA2-474A-AC6E-52B8B145B74F HTTP 302
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D HTTP 302
  • https://sync.crwdcntrl.net/map/ct=y/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D HTTP 302
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=7d6eb0287fd7849a0db77bd286007d97 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1 HTTP 302
  • https://pixel.onaudience.com/?partner=147&mapped=037929fa-8c56-4157-8bbb-d0459f98666f&icm HTTP 302
  • https://pixel.onaudience.com/?partner=236&icm&cver&smartmap=1&redirect=ps.eyeota.net%2Fpixel%3Fgdpr%3D%26gdpr_consent%3D%26pid%3D3b2cb90%26t%3Dgif%26uid%3D%25m HTTP 302
  • https://ps.eyeota.net/pixel?gdpr=&gdpr_consent=&pid=3b2cb90&t=gif&uid=b5b97921b41d3788 HTTP 302
  • https://ps.eyeota.net/pixel/bounce/?gdpr=&gdpr_consent=&pid=3b2cb90&t=gif&uid=b5b97921b41d3788 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm&google_sc&google_hm=Mlo0Nk5xWmFuYmI4LU12QlBNVDhDcS1CZ1oxYUNOU0VHVklKZVFyWF9kZUk&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&dc_rc=1&dc_mr=5&dc_orig=3b2cb90&&referrer_pid=3b2cb90 HTTP 302
  • https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&dc_rc=1&dc_mr=5&dc_orig=3b2cb90&referrer_pid=3b2cb90&google_gid=CAESEH8dQDU-pOfKLFejY8vJvmw&google_cver=1 HTTP 302
  • https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMjg0NTA1NDYvdC8w/url/https://ps.eyeota.net/match?bid=1mpjpn0&turn_id=$!{TURN_UUID}&newuser=1&dc_rc=2&dc_mr=5&dc_orig=3b2cb90&&referrer_pid=3b2cb90 HTTP 302
  • https://ps.eyeota.net/match?bid=1mpjpn0&turn_id=4543359819311492910&newuser=1&dc_rc=2&dc_mr=5&dc_orig=3b2cb90&&referrer_pid=3b2cb90 HTTP 302
  • https://sync.mathtag.com/sync/img?mt_exid=10015&redir=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fbid%3D7vi0rg0%26uid%3D%5BMM_UUID%5D%26dc_rc%3D3%26dc_mr%3D5%26dc_orig%3D3b2cb90%26%26referrer_pid%3D3b2cb90 HTTP 302
  • https://ps.eyeota.net/match?bid=7vi0rg0&uid=d0ea6151-8c7c-4f00-98de-286741caa22d&dc_rc=3&dc_mr=5&dc_orig=3b2cb90&&referrer_pid=3b2cb90 HTTP 302
  • https://sync-tm.everesttech.net/upi/pid/lons7jax?redir=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fuid%3D%24%7BTM_USER_ID%7D%26bid%3D0rijhbu%26dc_rc%3D4%26dc_mr%3D5%26dc_orig%3D3b2cb90%26%26referrer_pid%3D3b2cb90 HTTP 302
  • https://ps.eyeota.net/match?uid=YVGMfQAAAlPT3wA6&bid=0rijhbu&dc_rc=4&dc_mr=5&dc_orig=3b2cb90&&referrer_pid=3b2cb90 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=eyeota&ttd_tpi=1 HTTP 302
  • https://ps.eyeota.net/match?uid=037929fa-8c56-4157-8bbb-d0459f98666f&bid=1e2n4ou
Request Chain 189
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QTdDRkFDMTMtMEFBMi00NzRBLUFDNkUtNTJCOEIxNDVCNzRG&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 190
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEGT6eIorX6UAmDZuPEJLJw8&google_cver=1
Request Chain 192
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=037929fa-8c56-4157-8bbb-d0459f98666f
Request Chain 193
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=7556761463745734077
Request Chain 194
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:d0ea6151-8c7c-4f00-98de-286741caa22d&gdpr=0&gdpr_consent=
Request Chain 195
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=412609993434168691&gdpr=0&gdpr_consent=
Request Chain 196
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=oye5z611u524c-nH93WhnKNwtcy4JbzOoSRPzdhd
Request Chain 199
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&us_privacy=1--- HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/ru__ARtwU6N4N9BGeG1_d8n5EUdSAgOZEtemQ7w0kco?csrc=&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=6385719322260363380
Request Chain 201
  • https://token.rubiconproject.com/token?pid=26594&us_privacy=1--- HTTP 302
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KU2FV1OY-24-GVYG&sigv=1&esig=2~02078bd3be8366daa2addf31820377aa7df6a715&us_privacy=1---
Request Chain 202
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&us_privacy=1--- HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&us_privacy=1---&_test=YVGMfQAAAlPT3wA6 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YVGMfQAAAlPT3wA6&us_privacy=1---&_test=YVGMfQAAAlPT3wA6
Request Chain 203
  • https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=d0ea6151-8c7c-4f00-98de-286741caa22d&expires=28
Request Chain 205
  • https://token.rubiconproject.com/token?pid=25470&us_privacy=1--- HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1UyRlYxT1ktMjQtR1ZZRw==&us_privacy=1---
Request Chain 206
  • https://token.rubiconproject.com/token?pid=2249&pt=n&us_privacy=1--- HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YjgxYjE4NjE4YmNjOTM3N2M1YjBmMGI4MmI2ZmRkZTdkOGViZTMzMg&us_privacy=1---

211 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.obsev.com/life/photos-show-unusual-historical-events/ 		204 KB
29 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.obsev.com/life/photos-show-unusual-historical-events/?utm_source=lit_456&utm_medium=paid&utm_campaign=07cc_ntd590_070_aa_lc_n_lc_dd_1_tnt_1&utm_content=23848775733490200&utm_term=07cc_ntd590_070_aa_lc_n_lc_dd_1_adset_1&fbclid=IwAR3ivSL7fWMhwzGX
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.67.132.158 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a0eccaf1eefb80f8c25c9d702351f4c81e24e388d64540136973895ea3b6bb22

Request headers

:method
GET
:authority
www.obsev.com
:scheme
https
:path
/life/photos-show-unusual-historical-events/?utm_source=lit_456&utm_medium=paid&utm_campaign=07cc_ntd590_070_aa_lc_n_lc_dd_1_tnt_1&utm_content=23848775733490200&utm_term=07cc_ntd590_070_aa_lc_n_lc_dd_1_adset_1&fbclid=IwAR3ivSL7fWMhwzGX
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Mon, 27 Sep 2021 09:18:46 GMT
content-type
text/html; charset=UTF-8
cf-ray
6953a574cae74a85-FRA
link
<https://www.obsev.com/wp-json/>; rel="https://api.w.org/", <https://www.obsev.com/?p=915971>; rel=shortlink
vary
Accept-Encoding
cf-cache-status
DYNAMIC
cf-apo-via
origin,host
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-distributor
yes
x-gateway-cache-key
1632687286.572|standard|https|www.obsev.com||/life/photos-show-unusual-historical-events/?utm_source=lit_456&utm_medium=paid&utm_campaign=07cc_ntd590_070_aa_lc_n_lc_dd_1_tnt_1&utm_content=23848775733490200&utm_term=07cc_ntd590_070_aa_lc_n_lc_dd_1_adset_1||webp
x-gateway-cache-status
MISS
x-gateway-request-id
dacc3f207593670501ab34591de07eb2
x-gateway-skip-cache
0
x-pingback
https://www.obsev.com/xmlrpc.php
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7z31mpm4JWzp94ItF2oxiujdg%2FsDZ5flCKmjZg9Pk9gUw3kKgzOZuKym9hqNq0b3iGxdMKXHU5uv%2BX%2FsxR3jVb%2BAHU8hA0QH2JaQAbAVGdjKy1kmdw6cHiqnV0oXw7Rp"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
content-encoding
gzip
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		73 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.obsev.com
URL: https://www.obsev.com/life/photos-show-unusual-historical-events/?utm_source=lit_456&utm_medium=paid&utm_campaign=07cc_ntd590_070_aa_lc_n_lc_dd_1_tnt_1&utm_content=23848775733490200&utm_term=07cc_ntd590_070_aa_lc_n_lc_dd_1_adset_1&fbclid=IwAR3ivSL7fWMhwzGX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
sffe /
Resource Hash
4012b60b50fc1eba6890f9744fc7ed75e12f2d3f9ae421670e200468e1785b34
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.obsev.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 09:18:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"999 / 686 of 1000 / last-modified: 1632522815"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25700
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 27 Sep 2021 09:18:46 GMT
dx-rtk-head.js
s29588.pcdn.co/wp-content/plugins/dx-rtk-plugin-v2/assets/dist/scripts/ 		9 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s29588.pcdn.co/wp-content/plugins/dx-rtk-plugin-v2/assets/dist/scripts/dx-rtk-head.js?ver=2020-08-15-01
Requested by
Host: www.obsev.com
URL: https://www.obsev.com/life/photos-show-unusual-historical-events/?utm_source=lit_456&utm_medium=paid&utm_campaign=07cc_ntd590_070_aa_lc_n_lc_dd_1_tnt_1&utm_content=23848775733490200&utm_term=07cc_ntd590_070_aa_lc_n_lc_dd_1_adset_1&fbclid=IwAR3ivSL7fWMhwzGX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.193.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-193-62.fra2.r.cloudfront.net
Software
cloudflare /
Resource Hash
016789079923b11c60c3b9c2fe5e6a440a52ce7f977fb26a721bdf59c429f240

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.obsev.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 20:15:33 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
51449
x-edge-origin-shield-skipped
0
content-type
application/javascript
x-cache
Hit from cloudfront
x-gateway-cache-status
MISS
x-gateway-skip-cache
0
x-gateway-request-id
11761dde8b59e0ed5ec8249e4cf19d88
last-modified
Wed, 01 Sep 2021 18:15:13 GMT
server
cloudflare
etag
W/"612fc331-257a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YlDL8sTVXcxSMDC5Oeo1OYApXAo4J9a4Dl6tYVCaJocU%2FMlTWoNWM95HaFmLryDsx%2FOANY4F6UfOJ3O6LZnDwmiIJ9CGZTW44C79FwSsXhFmjzi8aWySwirSicQM9gqY"}],"group":"cf-nel","max_age":604800}
x-gateway-cache-key
0||https|fun.obsev.com||/wp-content/plugins/dx-rtk-plugin-v2/assets/dist/scripts/dx-rtk-head.js?ver=2020-08-15-01
via
1.1 0e7eb16f335fe24acf3f13c5dee19c88.cloudfront.net (CloudFront)
cache-control
max-age=2592000
x-amz-cf-pop
FRA2-C1
cf-ray
694f2a3b2fec5363-FRA
x-amz-cf-id
yrBTmPEtGWFiw-2YLjM91XkqKxAAOPQ9nUWTzDIeq5PBmYCx8zeaTg==
expires
Tue, 26 Oct 2021 19:01:17 GMT
jita.js
506.hostedprebid.com/8L6B/Axf3_K67O_jS5l_GgFd_U2ui/ 		572 KB
180 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://506.hostedprebid.com/8L6B/Axf3_K67O_jS5l_GgFd_U2ui/jita.js?dfp=1
Requested by
Host: www.obsev.com
URL: https://www.obsev.com/life/photos-show-unusual-historical-events/?utm_source=lit_456&utm_medium=paid&utm_campaign=07cc_ntd590_070_aa_lc_n_lc_dd_1_tnt_1&utm_content=23848775733490200&utm_term=07cc_ntd590_070_aa_lc_n_lc_dd_1_adset_1&fbclid=IwAR3ivSL7fWMhwzGX
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.240.1 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
nginx /
Resource Hash
aa9430a6c3fd8091bb9ec2459cfeba31f0888b88a4d2c417e59a6d90b7d3c5b3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.obsev.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 09:18:46 GMT
content-encoding
gzip
x-amz-request-id
SRMEH2ZXX3D8GMXR
x-cache
HIT
content-disposition
inline
x-amz-id-2
5qYST9ZW8UR6eGbR/hwCX3cZUO3aixg9d5qu1FdQvCsvcnE9/aVrzKTA3Pq5j5BxfKju+XpX1Gs=
last-modified
Wed, 22 Sep 2021 22:39:21 GMT
server
nginx
etag
W/"b305cf70513337114405d2d3889ecf0d"
vary
Accept-Encoding
x-amz-version-id
4LbMSt8GCtMBbmVWB3Shc4e2Zb6yzCUt
cache-control
max-age=86400
accept-ranges
bytes
content-type
application/javascript
link
<https://s3.amazonaws.com/jita-cdn/8L6B/Axf3_K67O_jS5l_GgFd_U2ui/jita.js>; rel="canonical"
expires
Tue, 28 Sep 2021 09:18:46 GMT
script.js
d19m55ur8rme4m.cloudfront.net/ 		116 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d19m55ur8rme4m.cloudfront.net/script.js
Requested by
Host: www.obsev.com
URL: https://www.obsev.com/life/photos-show-unusual-historical-events/?utm_source=lit_456&utm_medium=paid&utm_campaign=07cc_ntd590_070_aa_lc_n_lc_dd_1_tnt_1&utm_content=23848775733490200&utm_term=07cc_ntd590_070_aa_lc_n_lc_dd_1_adset_1&fbclid=IwAR3ivSL7fWMhwzGX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.84.195 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-84-195.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6fdb2c455da80fc90bddea76f6370810f4b45d3d96552777193b281452e3762f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.obsev.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 09:17:27 GMT
content-encoding
gzip
last-modified
Fri, 24 Sep 2021 17:03:08 GMT
server
AmazonS3
age
192
etag
W/"5d23a34fe9c31960da2e14b9a9cbe773"
vary
Accept-Encoding
x-edge-origin-shield-skipped
0
content-type
application/javascript
via
1.1 56fad5a50ef67bd961b9722ed0931839.cloudfront.net (CloudFront)
cache-control
max-age=600,public,must-revalidate
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
F0xlStdYOrYcB96fvikk4XjnlM52MiPtPYCShRYvXyjWVO5WkBa8bg==
vwpt.js
static.vidazoo.com/basev/ 		184 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.vidazoo.com/basev/vwpt.js
Requested by
Host: www.obsev.com
URL: https://www.obsev.com/life/photos-show-unusual-historical-events/?utm_source=lit_456&utm_medium=paid&utm_campaign=07cc_ntd590_070_aa_lc_n_lc_dd_1_tnt_1&utm_content=23848775733490200&utm_term=07cc_ntd590_070_aa_lc_n_lc_dd_1_adset_1&fbclid=IwAR3ivSL7fWMhwzGX
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.113 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-113.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
6e6feebb53ca78c1931d269931f6e1c8efe80181864e7dea3ee3af8c81fe746a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.obsev.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 09:18:46 GMT
content-encoding
gzip
x-amz-request-id
MFV1HH1S3A7DRS7J
content-length
46229
x-amz-id-2
NgSpaTUhzqXAEQlZkL/PDtJL93K4/cXauRrhs/oIJcFqoYUuoxUsTIQddoYbc0VhBUESndpucds=
last-modified
Sun, 29 Aug 2021 12:04:32 GMT
server
AmazonS3
etag
"9720ff3bd3277fc2c528a6cf81fbfab2"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Origin, Accept ,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Length, Accept-Language, Accept-Encoding, Referer, Range
cache-control
max-age=79458
accept-ranges
bytes
access-control-allow-headers
Origin, Accept ,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Length, Accept-Language, Accept-Encoding, Referer, Range
expires
Tue, 28 Sep 2021 07:23:04 GMT
style.min.css
s29588.pcdn.co/wp-includes/css/dist/block-library/ 		52 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s29588.pcdn.co/wp-includes/css/dist/block-library/style.min.css?ver=5.4.7
Requested by
Host: www.obsev.com
URL: https://www.obsev.com/life/photos-show-unusual-historical-events/?utm_source=lit_456&utm_medium=paid&utm_campaign=07cc_ntd590_070_aa_lc_n_lc_dd_1_tnt_1&utm_content=23848775733490200&utm_term=07cc_ntd590_070_aa_lc_n_lc_dd_1_adset_1&fbclid=IwAR3ivSL7fWMhwzGX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.193.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-193-62.fra2.r.cloudfront.net
Software
cloudflare /
Resource Hash
bca7af0b45b6fc6a2064e8e7a34f2041f3e77261e63f0257209bcde6bc40545d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.obsev.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 20:14:51 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
249754
x-edge-origin-shield-skipped
0
content-type
text/css
x-cache
Hit from cloudfront
x-gateway-cache-status
MISS
x-gateway-skip-cache
0
x-gateway-request-id
0aae7f880a4b4f3e43a3f7d7190b021c
last-modified
Thu, 09 Sep 2021 05:16:25 GMT
server
cloudflare
etag
W/"613998a9-d159"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rYyZGheMgGou1nf4PU14n2m1v23CYvYCEN0WunA5wWEMlbsWqlokCyolKxNA2KOGt%2FsDV15n5M%2FO1VaJ0f%2BoQiT8Mm4tgvs1QISWd%2FOLlnaazWM3awP%2FhWzNGku%2BLfxa"}],"group":"cf-nel","max_age":604800}
x-gateway-cache-key
0||https|fun.obsev.com||/wp-includes/css/dist/block-library/style.min.css?ver=5.4.7
via
1.1 0e7eb16f335fe24acf3f13c5dee19c88.cloudfront.net (CloudFront)
cache-control
max-age=2592000
x-amz-cf-pop
FRA2-C1
cf-ray
694f29334afe5c5c-FRA
x-amz-cf-id
jXZ6UT1cJ_uTqXOpmCJoGFoC8RYP51IRRAOVw1YyL-_L316oO2FdHw==
expires
Sun, 24 Oct 2021 11:56:12 GMT
style.css
s29588.pcdn.co/wp-content/themes/magnetism-pro/ 		69 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s29588.pcdn.co/wp-content/themes/magnetism-pro/style.css?ver=202109231501
Requested by
Host: www.obsev.com
URL: https://www.obsev.com/life/photos-show-unusual-historical-events/?utm_source=lit_456&utm_medium=paid&utm_campaign=07cc_ntd590_070_aa_lc_n_lc_dd_1_tnt_1&utm_content=23848775733490200&utm_term=07cc_ntd590_070_aa_lc_n_lc_dd_1_adset_1&fbclid=IwAR3ivSL7fWMhwzGX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.193.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-193-62.fra2.r.cloudfront.net
Software
cloudflare /
Resource Hash
cdc87c531aaffeb2d41911312318bf5504bdd26d1a963ab66393e083e1cb599d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.obsev.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 20:14:51 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
249753
cf-polished
origSize=94162
x-edge-origin-shield-skipped
0
content-type
text/css
x-cache
Hit from cloudfront
cf-bgj
minify
x-gateway-cache-status
MISS
x-gateway-skip-cache
0
x-gateway-request-id
be4afa5409c8b59b1b4a5dd1f45ea255
last-modified
Thu, 17 Sep 2020 14:26:07 GMT
server
cloudflare
etag
W/"5f6371ff-16fd2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J57xdeWBWT5coAWPm0d9yAg3wYKy0MGNtxffE1j4OSiSa3jzBEbBudsu8A3USy3C1vBA3cyxHABtcFP6tHiXqf%2FSu1TwGNOEsvV6YA0WzN38bOXcbZvQLw27R7Dy1bPK"}],"group":"cf-nel","max_age":604800}
x-gateway-cache-key
0||https|fun.obsev.com||/wp-content/themes/magnetism-pro/style.css?ver=202109231501
via
1.1 0e7eb16f335fe24acf3f13c5dee19c88.cloudfront.net (CloudFront)
cache-control
max-age=2592000
x-amz-cf-pop
FRA2-C1
cf-ray
694f2933ce0b5c4a-FRA
x-amz-cf-id
UrexVamHGXEkbPT_RFnUC9yfJwTEG2tMAsXFlNT1AOES8ALvCUQs7g==
expires
Sun, 24 Oct 2021 11:56:13 GMT
master.css
s29588.pcdn.co/wp-content/themes/obsev-theme/assets/dist/css/ 		69 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s29588.pcdn.co/wp-content/themes/obsev-theme/assets/dist/css/master.css?ver=202109231501
Requested by
Host: www.obsev.com
URL: https://www.obsev.com/life/photos-show-unusual-historical-events/?utm_source=lit_456&utm_medium=paid&utm_campaign=07cc_ntd590_070_aa_lc_n_lc_dd_1_tnt_1&utm_content=23848775733490200&utm_term=07cc_ntd590_070_aa_lc_n_lc_dd_1_adset_1&fbclid=IwAR3ivSL7fWMhwzGX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.193.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-193-62.fra2.r.cloudfront.net
Software
cloudflare /
Resource Hash
d6c7189d7efc798f52c8e2a73fd126826f16918d98076a7a6d8207fdcf1ee68f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.obsev.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 20:14:51 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
249754
cf-polished
origSize=86433
x-edge-origin-shield-skipped
0
content-type
text/css
x-cache
Hit from cloudfront
cf-bgj
minify
x-gateway-cache-status
MISS
x-gateway-skip-cache
0
x-gateway-request-id
512ec1f39d82efd796ea3445da799a71
last-modified
Thu, 23 Sep 2021 15:01:39 GMT
server
cloudflare
etag
W/"614c96d3-151a1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Sedo1ZR7NN6RUuIo3YvKiqkJ8zvPabWpM5TFisTdtlQP9cPeh86yfyBseWAVC7PJs7jRvWM67koPQdxgQm7t0KdCTlFCPiqgq9PlnxJPtnqVFwCu1bMKnp%2BVbkn1IIcJ"}],"group":"cf-nel","max_age":604800}
x-gateway-cache-key
0||https|fun.obsev.com||/wp-content/themes/obsev-theme/assets/dist/css/master.css?ver=202109231501
via
1.1 0e7eb16f335fe24acf3f13c5dee19c88.cloudfront.net (CloudFront)
cache-control
max-age=2592000
x-amz-cf-pop
FRA2-C1
cf-ray
694f29334a6c5c26-FRA
x-amz-cf-id
KqFHx1Hl0aIXUWcILUbfXK9CEaX0hMpySJCTeqJj8CbNppA0qAgxtg==
expires
Sun, 24 Oct 2021 11:56:12 GMT
master.css
s29588.pcdn.co/wp-content/plugins/dx-rtk-plugin-v2/assets/dist/css/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s29588.pcdn.co/wp-content/plugins/dx-rtk-plugin-v2/assets/dist/css/master.css?ver=202109091517
Requested by
Host: www.obsev.com
URL: https://www.obsev.com/life/photos-show-unusual-historical-events/?utm_source=lit_456&utm_medium=paid&utm_campaign=07cc_ntd590_070_aa_lc_n_lc_dd_1_tnt_1&utm_content=23848775733490200&utm_term=07cc_ntd590_070_aa_lc_n_lc_dd_1_adset_1&fbclid=IwAR3ivSL7fWMhwzGX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.193.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-193-62.fra2.r.cloudfront.net
Software
cloudflare /
Resource Hash
5651eaf9f168cc2291eec10350e0c8b3bd71798fe601418589f80515808069de

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.obsev.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 20:15:33 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
249753
cf-polished
origSize=11180
x-edge-origin-shield-skipped
0
content-type
text/css
x-cache
Hit from cloudfront
cf-bgj
minify
x-gateway-cache-status
MISS
x-gateway-skip-cache
0
x-gateway-request-id
0d4c1136524c60558e26cc3220007567
last-modified
Thu, 15 Oct 2020 12:06:29 GMT
server
cloudflare
etag
W/"5f883b45-2bac"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KNrroq6cuXFuNr7TnyOlFIBwL2RWRBeqj6WpjoC2b4mxMEs0hn9EFosN6Feg1aGjEK7El1hx%2F3rzRLRSWME1HU9yUQzKeS3okeuA%2FlmSbwAhfqo6l9DfafOY5BzRBxI1"}],"group":"cf-nel","max_age":604800}
x-gateway-cache-key
0||https|fun.obsev.com||/wp-content/plugins/dx-rtk-plugin-v2/assets/dist/css/master.css?ver=202109091517
via
1.1 0e7eb16f335fe24acf3f13c5dee19c88.cloudfront.net (CloudFront)
cache-control
max-age=2592000
x-amz-cf-pop
FRA2-C1
cf-ray
694f2a3b4fe45c02-FRA
x-amz-cf-id
YeUsNrlgy4DRB9tBEsPLnn9S3hgbXoeqA2H35benxcU0ZLyKm9kcgQ==
expires
Sun, 24 Oct 2021 11:56:13 GMT
style.css
s29588.pcdn.co/wp-content/themes/obsev-theme/ 		0
991 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s29588.pcdn.co/wp-content/themes/obsev-theme/style.css?ver=5.4.7
Requested by
Host: www.obsev.com
URL: https://www.obsev.com/life/photos-show-unusual-historical-events/?utm_source=lit_456&utm_medium=paid&utm_campaign=07cc_ntd590_070_aa_lc_n_lc_dd_1_tnt_1&utm_content=23848775733490200&utm_term=07cc_ntd590_070_aa_lc_n_lc_dd_1_adset_1&fbclid=IwAR3ivSL7fWMhwzGX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.193.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-193-62.fra2.r.cloudfront.net
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.obsev.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 20:14:51 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
249753
cf-polished
origSize=282
x-edge-origin-shield-skipped
0
content-type
text/css
x-cache
Hit from cloudfront
cf-bgj
minify
x-gateway-cache-status
MISS
x-gateway-skip-cache
0
x-gateway-request-id
c9637e23d4a2668658efb2b46479a1a3
last-modified
Thu, 02 May 2019 16:52:59 GMT
server
cloudflare
etag
W/"5ccb206b-11a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lwaV%2BPzv5q5L871Vcf%2BIFxWH8HrAoiwNG1n%2BP6DM3APuaF8dbOGrKKxIpWE4IzuRb%2BDvkkTPLgH09xdHt3sCEmrbG%2Bf7pRD%2FBVVzMSea6NMHtFy%2FMm5RiyPLGaFWebV5"}],"group":"cf-nel","max_age":604800}
x-gateway-cache-key
0||https|fun.obsev.com||/wp-content/themes/obsev-theme/style.css?ver=5.4.7
via
1.1 0e7eb16f335fe24acf3f13c5dee19c88.cloudfront.net (CloudFront)
cache-control
max-age=2592000
x-amz-cf-pop
FRA2-C1
cf-ray
694f29333ac305e9-FRA
x-amz-cf-id
lP8y_Hh7ajMueW-RcQwFJRlnwHi8xAm3o7xK9OPdRP7wX6hbqyai-g==
expires
Sun, 24 Oct 2021 11:56:13 GMT
jquery.js
s29588.pcdn.co/wp-includes/js/jquery/ 		95 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s29588.pcdn.co/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Requested by
Host: www.obsev.com
URL: https://www.obsev.com/life/photos-show-unusual-historical-events/?utm_source=lit_456&utm_medium=paid&utm_campaign=07cc_ntd590_070_aa_lc_n_lc_dd_1_tnt_1&utm_content=23848775733490200&utm_term=07cc_ntd590_070_aa_lc_n_lc_dd_1_adset_1&fbclid=IwAR3ivSL7fWMhwzGX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.193.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-193-62.fra2.r.cloudfront.net
Software
cloudflare /
Resource Hash
8c7ee0238fa5cd80a02ef9870a7fff498ef52097181cb73edb9219dc022fd919

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.obsev.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 20:14:51 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
249753
cf-polished
origSize=96873
x-edge-origin-shield-skipped
0
content-type
application/javascript
x-cache
Hit from cloudfront
cf-bgj
minify
x-gateway-cache-status
MISS
x-gateway-skip-cache
0
x-gateway-request-id
88dc8ccd3baf914f12fb964d9b99a88b
last-modified
Thu, 09 Sep 2021 05:16:25 GMT
server
cloudflare
etag
W/"613998a9-17a69"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aHNyvrqSjuEymltsg8u9MG9i%2FaK5WDjfvieCg8IXM9Bt7ZbwWkRxOK7LYy%2FXIBVddF0Jj2YoYKH5H1V6ShWvMSNz7JRYhoPgXYthM%2BiMocQN9nmgzORQxjpbP8rxxO0y"}],"group":"cf-nel","max_age":604800}
x-gateway-cache-key
0||https|fun.obsev.com||/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
via
1.1 0e7eb16f335fe24acf3f13c5dee19c88.cloudfront.net (CloudFront)
cache-control
max-age=2592000
x-amz-cf-pop
FRA2-C1
cf-ray
694f29334e8342d5-FRA
x-amz-cf-id
jHQ6GpL47hLKk4gNMLpPHsR3D2bhXghPKszSaqL8M9GP5zWz04KUuQ==
expires
Sun, 24 Oct 2021 11:56:13 GMT
jquery-migrate.min.js
s29588.pcdn.co/wp-includes/js/jquery/ 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s29588.pcdn.co/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
Requested by
Host: www.obsev.com
URL: https://www.obsev.com/life/photos-show-unusual-historical-events/?utm_source=lit_456&utm_medium=paid&utm_campaign=07cc_ntd590_070_aa_lc_n_lc_dd_1_tnt_1&utm_content=23848775733490200&utm_term=07cc_ntd590_070_aa_lc_n_lc_dd_1_adset_1&fbclid=IwAR3ivSL7fWMhwzGX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.193.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-193-62.fra2.r.cloudfront.net
Software
cloudflare /
Resource Hash
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.obsev.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 20:14:51 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
249753
x-edge-origin-shield-skipped
0
content-type
application/javascript
x-cache
Hit from cloudfront
x-gateway-cache-status
MISS
x-gateway-skip-cache
0
x-gateway-request-id
d4b0494b90fc60af4fc253c1482a8da5
last-modified
Thu, 09 Sep 2021 05:16:25 GMT
server
cloudflare
etag
W/"613998a9-2748"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S%2FU1Wria9%2FIx%2B6Lqp4yOqH6VYjrDIyKCdZr8vGN8RXQYJm0FMFIqNLHFDy%2FKjwR65WFyww7KkbYFLlnFs7g9PMhghEOUB6E6kHwRGV%2BhfkgWs0z3l9qI6htltbNup%2BFq"}],"group":"cf-nel","max_age":604800}
x-gateway-cache-key
0||https|fun.obsev.com||/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
via
1.1 0e7eb16f335fe24acf3f13c5dee19c88.cloudfront.net (CloudFront)
cache-control
max-age=2592000
x-amz-cf-pop
FRA2-C1
cf-ray
694f29333d5a4db2-FRA
x-amz-cf-id
YF7J_nvtKn3qQHZRs0-g-lc68RnjOarh9rxS2bBzNZlsgnNL27r9Rg==
expires
Sun, 24 Oct 2021 11:56:13 GMT
dx-rtk-fullpage.js
s29588.pcdn.co/wp-content/plugins/dx-rtk-plugin-v2/assets/dist/scripts/ 		24 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s29588.pcdn.co/wp-content/plugins/dx-rtk-plugin-v2/assets/dist/scripts/dx-rtk-fullpage.js?ver=202109091517
Requested by
Host: www.obsev.com
URL: https://www.obsev.com/life/photos-show-unusual-historical-events/?utm_source=lit_456&utm_medium=paid&utm_campaign=07cc_ntd590_070_aa_lc_n_lc_dd_1_tnt_1&utm_content=23848775733490200&utm_term=07cc_ntd590_070_aa_lc_n_lc_dd_1_adset_1&fbclid=IwAR3ivSL7fWMhwzGX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.193.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-193-62.fra2.r.cloudfront.net
Software
cloudflare /
Resource Hash
9ceea3f7fc63c9fd2add907fa04979a30c65d28c3df4153909e1b05acf7a100f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.obsev.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 20:15:33 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
249753
x-edge-origin-shield-skipped
0
content-type
application/javascript
x-cache
Hit from cloudfront
x-gateway-cache-status
MISS
x-gateway-skip-cache
0
x-gateway-request-id
ef1fa1c1b5b5faf37d823c1c2cfb84ae
last-modified
Thu, 09 Sep 2021 15:17:53 GMT
server
cloudflare
etag
W/"613a25a1-5fa0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SBvFL1NAb1CLsnfG9l1y6VgKwf7QX2Xx2puxpDYkdomRsfi9MEQQn%2FrgF7JNsyHDrvL3gwvpiPfcsUGajngLyrCw70T33NIPKXJxkTgaqn3FSosbGRFq3vwLTquBa4b4"}],"group":"cf-nel","max_age":604800}
x-gateway-cache-key
0||https|fun.obsev.com||/wp-content/plugins/dx-rtk-plugin-v2/assets/dist/scripts/dx-rtk-fullpage.js?ver=202109091517
via
1.1 0e7eb16f335fe24acf3f13c5dee19c88.cloudfront.net (CloudFront)
cache-control
max-age=2592000
x-amz-cf-pop
FRA2-C1
cf-ray
694f2a3b4f504ec7-FRA
x-amz-cf-id
ZolDghSW8PUHg3lYvunsfz3VSV8QmgU2W0CDy1m-D5Q5TUyy0OyjmQ==
expires
Sun, 24 Oct 2021 11:56:13 GMT
wp-hide-post-public.js
s29588.pcdn.co/wp-content/plugins/wp-hide-post/public/js/ 		838 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s29588.pcdn.co/wp-content/plugins/wp-hide-post/public/js/wp-hide-post-public.js?ver=9.9.9
Requested by
Host: www.obsev.com
URL: https://www.obsev.com/life/photos-show-unusual-historical-events/?utm_source=lit_456&utm_medium=paid&utm_campaign=07cc_ntd590_070_aa_lc_n_lc_dd_1_tnt_1&utm_content=23848775733490200&utm_term=07cc_ntd590_070_aa_lc_n_lc_dd_1_adset_1&fbclid=IwAR3ivSL7fWMhwzGX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.193.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-193-62.fra2.r.cloudfront.net
Software
cloudflare /
Resource Hash
57a50c99a31ef4e89e86664e96f6dfbdde163a2eb96e88b3b492c49aa4be2f37

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.obsev.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 20:14:51 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
249752
x-edge-origin-shield-skipped
0
content-type
application/javascript
x-cache
Hit from cloudfront
x-gateway-cache-status
MISS
x-gateway-skip-cache
0
x-gateway-request-id
e5d5bf85199800f9460a4463b2a99c80
last-modified
Tue, 16 Apr 2019 15:50:06 GMT
server
cloudflare
etag
W/"5cb5f9ae-346"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ypplbAZkQbu9BDBqLm0LLPwOOHwSjkhMrRZoZKIyrFpN8dc7S1QjDGzCX%2B5rINehnfncR%2BwciD4lzW0ncx6nU%2BmkoLgLpRLfCrIPaXrTqhJWtN%2FrDipu9v9DNN3VV8BW"}],"group":"cf-nel","max_age":604800}
x-gateway-cache-key
0||https|fun.obsev.com||/wp-content/plugins/wp-hide-post/public/js/wp-hide-post-public.js?ver=9.9.9
via
1.1 0e7eb16f335fe24acf3f13c5dee19c88.cloudfront.net (CloudFront)
cache-control
max-age=2592000
x-amz-cf-pop
FRA2-C1
cf-ray
694f29361a4f4db2-FRA
x-amz-cf-id
okd-JwNo32WxuuitgHrzpDVuCCT04bpSxuTooSgREbYtIJTaV8beSQ==
expires
Sun, 24 Oct 2021 11:56:14 GMT
js
www.googletagmanager.com/gtag/ 		96 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-311288447
Requested by
Host: www.obsev.com
URL: https://www.obsev.com/life/photos-show-unusual-historical-events/?utm_source=lit_456&utm_medium=paid&utm_campaign=07cc_ntd590_070_aa_lc_n_lc_dd_1_tnt_1&utm_content=23848775733490200&utm_term=07cc_ntd590_070_aa_lc_n_lc_dd_1_adset_1&fbclid=IwAR3ivSL7fWMhwzGX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.232 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
0261a2f683cac009cc3722392f595b7a694674eafbc518036821f8130ba10937
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.obsev.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 09:18:46 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39112
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 09:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 27 Sep 2021 09:18:46 GMT
js
www.googletagmanager.com/gtag/ 		96 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-311288240
Requested by
Host: www.obsev.com
URL: https://www.obsev.com/life/photos-show-unusual-historical-events/?utm_source=lit_456&utm_medium=paid&utm_campaign=07cc_ntd590_070_aa_lc_n_lc_dd_1_tnt_1&utm_content=23848775733490200&utm_term=07cc_ntd590_070_aa_lc_n_lc_dd_1_adset_1&fbclid=IwAR3ivSL7fWMhwzGX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.232 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
dbcd2f6fb92e24eba276ecaf8489f74c988994bb4d089ce806441aead32ebefa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.obsev.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 09:18:46 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39092
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 09:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 27 Sep 2021 09:18:46 GMT
js
www.googletagmanager.com/gtag/ 		97 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-67215840-1
Requested by
Host: www.obsev.com
URL: https://www.obsev.com/life/photos-show-unusual-historical-events/?utm_source=lit_456&utm_medium=paid&utm_campaign=07cc_ntd590_070_aa_lc_n_lc_dd_1_tnt_1&utm_content=23848775733490200&utm_term=07cc_ntd590_070_aa_lc_n_lc_dd_1_adset_1&fbclid=IwAR3ivSL7fWMhwzGX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.232 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
9fd9fae6d5a1efb7a12bf660007fe83fcec3f4887a3b0ab9f47efae78df923c0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.obsev.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 09:18:46 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39330
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 09:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 27 Sep 2021 09:18:46 GMT
optimize.js
www.googleoptimize.com/ 		92 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleoptimize.com/optimize.js?id=OPT-T4HKTS4
Requested by
Host: www.obsev.com
URL: https://www.obsev.com/life/photos-show-unusual-historical-events/?utm_source=lit_456&utm_medium=paid&utm_campaign=07cc_ntd590_070_aa_lc_n_lc_dd_1_tnt_1&utm_content=23848775733490200&utm_term=07cc_ntd590_070_aa_lc_n_lc_dd_1_adset_1&fbclid=IwAR3ivSL7fWMhwzGX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f14.1e100.net
Software
Google Tag Manager /
Resource Hash
7e2e470257d8af8bcef74a9f2919bf8a76fd2ca79d5f0e66e5872eff38b70e9f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.obsev.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 09:18:46 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37275
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 09:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 27 Sep 2021 09:18:46 GMT
oct.js
static.ads-twitter.com/
Redirect Chain
  • https://platform.twitter.com/oct.js
  • https://static.ads-twitter.com/oct.js
14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ads-twitter.com/oct.js
Requested by
Host: www.obsev.com
URL: https://www.obsev.com/life/photos-show-unusual-historical-events/?utm_source=lit_456&utm_medium=paid&utm_campaign=07cc_ntd590_070_aa_lc_n_lc_dd_1_tnt_1&utm_content=23848775733490200&utm_term=07cc_ntd590_070_aa_lc_n_lc_dd_1_adset_1&fbclid=IwAR3ivSL7fWMhwzGX
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.136.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4da3e3aa30b5b06390d7e7e3fcfb16d648909eb429d161c2748bd6d79a7ec5fb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.obsev.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 09:18:46 GMT
content-encoding
gzip
last-modified
Mon, 20 Sep 2021 23:58:10 GMT
etag
"8dc11b7ca1d5ed9ec3b1ab1beb621c75+gzip+gzip"
vary
Accept-Encoding,Host
x-tw-cdn
FT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-geo-cc_and_ra
DE-BW
cache-control
no-cache
x-cache
HIT, HIT
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
content-length
5410
x-served-by
cache-iad-kiad7000089-IAD, cache-hhn11559-HHN

Redirect headers

x-tw-cdn
VZ
Date
Mon, 27 Sep 2021 09:18:46 GMT
Server
ECS (frb/6725)
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Location
https://static.ads-twitter.com/oct.js
Content-Length
0
logo-main.png.webp
s29588.pcdn.co/wp-content/uploads/sites/2/2020/01/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s29588.pcdn.co/wp-content/uploads/sites/2/2020/01/logo-main.png.webp
Requested by
Host: www.obsev.com
URL: https://www.obsev.com/life/photos-show-unusual-historical-events/?utm_source=lit_456&utm_medium=paid&utm_campaign=07cc_ntd590_070_aa_lc_n_lc_dd_1_tnt_1&utm_content=23848775733490200&utm_term=07cc_ntd590_070_aa_lc_n_lc_dd_1_adset_1&fbclid=IwAR3ivSL7fWMhwzGX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.193.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-193-62.fra2.r.cloudfront.net
Software
cloudflare /
Resource Hash
56bb976e6e4282951416ae8018d25f885fa126c95828c6c555ff66b97632aa2e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.obsev.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 20:14:51 GMT
via
1.1 0e7eb16f335fe24acf3f13c5dee19c88.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
249751
x-edge-origin-shield-skipped
0
content-type
image/webp
x-cache
Hit from cloudfront
content-length
3100
x-gateway-cache-status
MISS
x-gateway-skip-cache
0
x-gateway-request-id
10b00876f4aaca804dfd9ae62d0ac281
server
cloudflare
etag
"1e5707e153518f073b513580e1cd96f3948f30cd"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DwpidfppTxnwY8WjCxwNnDpBDev3kyMmKbUU5OtlUbRojGkUsUQSB8m6PZ7FowWEqUAkyv2jeZByVh417N12hZy5OCgCiWMww4b6QsXIH3U6ZFYAg7miecWnemPgbKSC"}],"group":"cf-nel","max_age":604800}
x-gateway-cache-key
0||https|fun.obsev.com||/wp-content/uploads/sites/2/2020/01/logo-main.png.webp
cache-control
public, max-age=2592000
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
cf-ray
694f29364ae0dfa5-FRA
x-amz-cf-id
8LLZJ3B8NtFZ5S8m5aOOTt4MjLaD18Olx7Pfx6CVTNCMoGdJ13YN2Q==
expires
Sun, 24 Oct 2021 11:56:15 GMT
ca333bcaf83414e1cefce64e620bc439
secure.gravatar.com/avatar/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.gravatar.com/avatar/ca333bcaf83414e1cefce64e620bc439?s=75&d=mm&r=g
Requested by
Host: www.obsev.com
URL: https://www.obsev.com/life/photos-show-unusual-historical-events/?utm_source=lit_456&utm_medium=paid&utm_campaign=07cc_ntd590_070_aa_lc_n_lc_dd_1_tnt_1&utm_content=23848775733490200&utm_term=07cc_ntd590_070_aa_lc_n_lc_dd_1_adset_1&fbclid=IwAR3ivSL7fWMhwzGX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.73.2 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
924bebc42783edf15677c196e1d4ce303971c331e0f63fa5c1e5572704aa90da

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.obsev.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-nc
HIT hhn 1
date
Mon, 27 Sep 2021 09:18:46 GMT
last-modified
Thu, 05 Jul 2018 20:31:14 GMT
server
nginx
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=300
content-disposition
inline; filename="ca333bcaf83414e1cefce64e620bc439.jpeg"
accept-ranges
bytes
link
<https://www.gravatar.com/avatar/ca333bcaf83414e1cefce64e620bc439?s=75&d=mm&r=g>; rel="canonical"
content-length
3285
expires
Mon, 27 Sep 2021 09:23:46 GMT
Madhubala.jpgresize.jpg.webp
s29588.pcdn.co/wp-content/uploads/sites/2/2020/05/ 		29 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s29588.pcdn.co/wp-content/uploads/sites/2/2020/05/Madhubala.jpgresize.jpg.webp
Requested by
Host: www.obsev.com
URL: https://www.obsev.com/life/photos-show-unusual-historical-events/?utm_source=lit_456&utm_medium=paid&utm_campaign=07cc_ntd590_070_aa_lc_n_lc_dd_1_tnt_1&utm_content=23848775733490200&utm_term=07cc_ntd590_070_aa_lc_n_lc_dd_1_adset_1&fbclid=IwAR3ivSL7fWMhwzGX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.193.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-193-62.fra2.r.cloudfront.net
Software
cloudflare /
Resource Hash
e320dea1e5b95e11a7684f52a0db6099ee222e6556165b238cf90a986736da61

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.obsev.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 06:08:07 GMT
via
1.1 0e7eb16f335fe24acf3f13c5dee19c88.cloudfront.net (CloudFront)
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11439
x-edge-origin-shield-skipped
0
content-type
image/webp
x-cache
Hit from cloudfront
content-length
29440
x-gateway-cache-status
MISS
x-gateway-skip-cache
0
x-gateway-request-id
8ada828533f26e1d9102f4053232900a
server
cloudflare
etag
"faf50031d9a9793447913f641e86ceffe0d52f0e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6zIb44vsqEtp33bd1qSGs0L5a6ZxjO01xFEr%2BhcLbexQHz%2FLdNvJO80rZQItkJWYEOajcpBxXcE7W2%2BLNcNcYbmF15MvHZSkKPn1%2Fz1oVNIP%2Bvo%2FD1qmQsqnnQNK40Gq"}],"group":"cf-nel","max_age":604800}
x-gateway-cache-key
0||https|fun.obsev.com||/wp-content/uploads/sites/2/2020/05/Madhubala.jpgresize.jpg.webp
cache-control
public, max-age=2592000
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
cf-ray
69528e3c9ace6916-FRA
x-amz-cf-id
AGCB6csrRCRAedCmi1b7y37s_fe386J1NBdMG4TKrpWzjzcfzOmVkQ==
expires
Wed, 27 Oct 2021 06:08:07 GMT
navigation.js
s29588.pcdn.co/wp-content/themes/magnetism-pro/js/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s29588.pcdn.co/wp-content/themes/magnetism-pro/js/navigation.js?ver=20161205
Requested by
Host: www.obsev.com
URL: https://www.obsev.com/life/photos-show-unusual-historical-events/?utm_source=lit_456&utm_medium=paid&utm_campaign=07cc_ntd590_070_aa_lc_n_lc_dd_1_tnt_1&utm_content=23848775733490200&utm_term=07cc_ntd590_070_aa_lc_n_lc_dd_1_adset_1&fbclid=IwAR3ivSL7fWMhwzGX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.193.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-193-62.fra2.r.cloudfront.net
Software
cloudflare /
Resource Hash
d79752e33e156b5cb219ab45103fe0ed7d80f111533dd8eec42c57546b4da500

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.obsev.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 20:14:52 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
249751
x-edge-origin-shield-skipped
0
content-type
application/javascript
x-cache
Hit from cloudfront
x-gateway-cache-status
MISS
x-gateway-skip-cache
0
x-gateway-request-id
9f2bf3323c01f6320f5b5b35afc12338
last-modified
Tue, 16 Apr 2019 15:50:06 GMT
server
cloudflare
etag
W/"5cb5f9ae-8e7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1YC0DwTBhIVASB%2FHFSDdX25hW8hwWlnorJEmKwFfDQlkaDwWMvGCTTW%2BBa3wokVNrOuCMHlBBb%2FTsBcrOVu2hoBNfeMy65TExhZWiZFI44BzrVgsicvKFJp3hR2XbQMr"}],"group":"cf-nel","max_age":604800}
x-gateway-cache-key
0||https|fun.obsev.com||/wp-content/themes/magnetism-pro/js/navigation.js?ver=20161205
via
1.1 0e7eb16f335fe24acf3f13c5dee19c88.cloudfront.net (CloudFront)
cache-control
max-age=2592000
x-amz-cf-pop
FRA2-C1
cf-ray
694f2937f9e164d9-FRA
x-amz-cf-id
M9UAkh77hmC6E_QHJIldu266DCUD621vQlJJQw0GAEP4xUFftFkBQA==
expires
Sun, 24 Oct 2021 11:56:15 GMT
main.js
s29588.pcdn.co/wp-content/themes/magnetism-pro/js/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s29588.pcdn.co/wp-content/themes/magnetism-pro/js/main.js?ver=202109231501
Requested by
Host: www.obsev.com
URL: https://www.obsev.com/life/photos-show-unusual-historical-events/?utm_source=lit_456&utm_medium=paid&utm_campaign=07cc_ntd590_070_aa_lc_n_lc_dd_1_tnt_1&utm_content=23848775733490200&utm_term=07cc_ntd590_070_aa_lc_n_lc_dd_1_adset_1&fbclid=IwAR3ivSL7fWMhwzGX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.193.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-193-62.fra2.r.cloudfront.net
Software
cloudflare /
Resource Hash
eec8a8ed4a551debaf76700713145c8c9b127412de8b5a5212adb2aacc6f87a9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.obsev.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 20:14:52 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
249751
x-edge-origin-shield-skipped
0
content-type
application/javascript
x-cache
Hit from cloudfront
x-gateway-cache-status
MISS
x-gateway-skip-cache
0
x-gateway-request-id
00f42af6a8e1633d0563d3469117f3d3
last-modified
Thu, 17 Sep 2020 14:26:07 GMT
server
cloudflare
etag
W/"5f6371ff-8fc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7yks2%2BioLFyyFbbUUDqJLCUOvYGjwH1k3OZZiC26bbZ0FTwn1FdZYU0YKgD7jg%2BVlVvce5P%2Fcl2WtUf%2FFeiCc8cf%2BFQhc1YilmVOlBQWD8HSWNYc9FK%2F%2B9UKS%2BbUCJw8"}],"group":"cf-nel","max_age":604800}
x-gateway-cache-key
0||https|fun.obsev.com||/wp-content/themes/magnetism-pro/js/main.js?ver=202109231501
via
1.1 0e7eb16f335fe24acf3f13c5dee19c88.cloudfront.net (CloudFront)
cache-control
max-age=2592000
x-amz-cf-pop
FRA2-C1
cf-ray
694f2937eebf5b4a-FRA
x-amz-cf-id
MIjpSzNt0i-jyw0ECtkt4yd44AUNjzd_RzsCQesG0w6oNBPblPj7fw==
expires
Sun, 24 Oct 2021 11:56:15 GMT
skip-link-focus-fix.js
s29588.pcdn.co/wp-content/themes/magnetism-pro/js/ 		751 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s29588.pcdn.co/wp-content/themes/magnetism-pro/js/skip-link-focus-fix.js?ver=20130115
Requested by
Host: www.obsev.com
URL: https://www.obsev.com/life/photos-show-unusual-historical-events/?utm_source=lit_456&utm_medium=paid&utm_campaign=07cc_ntd590_070_aa_lc_n_lc_dd_1_tnt_1&utm_content=23848775733490200&utm_term=07cc_ntd590_070_aa_lc_n_lc_dd_1_adset_1&fbclid=IwAR3ivSL7fWMhwzGX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.193.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-193-62.fra2.r.cloudfront.net
Software
cloudflare /
Resource Hash
5a1a3a3f0ef52a304cde50940ee607a2ebb008b76fa4cf49721b6e5cc07c350a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.obsev.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 20:14:52 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
249751
x-edge-origin-shield-skipped
0
content-type
application/javascript
x-cache
Hit from cloudfront
x-gateway-cache-status
MISS
x-gateway-skip-cache
0
x-gateway-request-id
8e865e695c1e55c38bb1ef268b547212
last-modified
Tue, 16 Apr 2019 15:50:06 GMT
server
cloudflare
etag
W/"5cb5f9ae-2ef"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Dd0Mg4yI4IdYenuiYf6GJ3Fb%2BgRdHSF5cv25nNNfNEHw1qtvGNUDuWqQhkKGn%2FFlmA0nJfzvZLwswSKh05sRuuS2z9IsEsBxvHWrswstGrhU8NN6hkc1mXkgvQk5fcA8"}],"group":"cf-nel","max_age":604800}
x-gateway-cache-key
0||https|fun.obsev.com||/wp-content/themes/magnetism-pro/js/skip-link-focus-fix.js?ver=20130115
via
1.1 0e7eb16f335fe24acf3f13c5dee19c88.cloudfront.net (CloudFront)
cache-control
max-age=2592000
x-amz-cf-pop
FRA2-C1
cf-ray
694f2937e9c6691c-FRA
x-amz-cf-id
_ObjPmiRvNd-m041g5ZDykbDlBKnKuftAufhYPOXUcla_vnB8d8LLg==
expires
Sun, 24 Oct 2021 11:56:15 GMT
single-post.js
s29588.pcdn.co/wp-content/themes/magnetism-pro/js/ 		579 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s29588.pcdn.co/wp-content/themes/magnetism-pro/js/single-post.js?ver=20130119
Requested by
Host: www.obsev.com
URL: https://www.obsev.com/life/photos-show-unusual-historical-events/?utm_source=lit_456&utm_medium=paid&utm_campaign=07cc_ntd590_070_aa_lc_n_lc_dd_1_tnt_1&utm_content=23848775733490200&utm_term=07cc_ntd590_070_aa_lc_n_lc_dd_1_adset_1&fbclid=IwAR3ivSL7fWMhwzGX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.193.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-193-62.fra2.r.cloudfront.net
Software
cloudflare /
Resource Hash
3ff42f6f57602f41ab60068adca26617b68022a930596fdc93095b21d32a2fc0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.obsev.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 20:15:34 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
249751
x-edge-origin-shield-skipped
0
content-type
application/javascript
x-cache
Hit from cloudfront
x-gateway-cache-status
MISS
x-gateway-skip-cache
0
x-gateway-request-id
ce7fe263676fb4706b2b93815ac30d37
last-modified
Tue, 16 Apr 2019 15:50:06 GMT
server
cloudflare
etag
W/"5cb5f9ae-243"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Nq8HXhD28Kyn7vDwwxP2X8BchTMca%2Bu217z%2FMA%2F2WO5rz1koHQXf2cK2cy4IfMxHLvx%2B0YcPQcWIjMMpcWAgDS8G7zL%2Br2119Kn7KOD4Q%2FDynynvUusbdApoZNiDjBCF"}],"group":"cf-nel","max_age":604800}
x-gateway-cache-key
0||https|fun.obsev.com||/wp-content/themes/magnetism-pro/js/single-post.js?ver=20130119
via
1.1 0e7eb16f335fe24acf3f13c5dee19c88.cloudfront.net (CloudFront)
cache-control
max-age=2592000
x-amz-cf-pop
FRA2-C1
cf-ray
694f2a3dccce5363-FRA
x-amz-cf-id
eGrTnOUNV596XcAN5pVBRuK1bBKTbCrE752vcg8ppM13bUCkyFlnKQ==
expires
Sun, 24 Oct 2021 11:56:15 GMT
beacon.min.js
static.cloudflareinsights.com/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js
Requested by
Host: www.obsev.com
URL: https://www.obsev.com/life/photos-show-unusual-historical-events/?utm_source=lit_456&utm_medium=paid&utm_campaign=07cc_ntd590_070_aa_lc_n_lc_dd_1_tnt_1&utm_content=23848775733490200&utm_term=07cc_ntd590_070_aa_lc_n_lc_dd_1_adset_1&fbclid=IwAR3ivSL7fWMhwzGX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.94.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
acd89c8dd5cc9cf47ee574302ec883993c33d419da8840ddb05763b857f1f09f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.obsev.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 09:18:46 GMT
content-encoding
gzip
last-modified
Wed, 22 Sep 2021 16:39:17 GMT
server
cloudflare
etag
W/2021.9.0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
6953a5833cbc2b89-FRA
1a
i.clean.gg/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://i.clean.gg/1a
Protocol
H2
Server
34.95.69.49 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
49.69.95.34.bc.googleusercontent.com
Software
nginx/1.17.4 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.obsev.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx/1.17.4
date
Mon, 27 Sep 2021 09:18:46 GMT
access-control-allow-origin
*
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
access-control-max-age
1728000
content-type
text/plain; charset=utf-8
content-length
0
via
1.1 google
alt-svc
clear
1a
i.clean.gg/ 		0
104 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://i.clean.gg/1a
Requested by
Host: d19m55ur8rme4m.cloudfront.net
URL: https://d19m55ur8rme4m.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.69.49 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
49.69.95.34.bc.googleusercontent.com
Software
nginx/1.17.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.obsev.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 27 Sep 2021 09:18:46 GMT
via
1.1 google
server
nginx/1.17.4
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/octet-stream
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
alt-svc
clear
content-length
0
dx-rtk-stylesheet-2.css
s29588.pcdn.co/wp-content/plugins/dx-rtk-plugin-v2/assets/dist/css/ 		2 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s29588.pcdn.co/wp-content/plugins/dx-rtk-plugin-v2/assets/dist/css/dx-rtk-stylesheet-2.css?ver=202109091517
Requested by
Host: www.obsev.com
URL: https://www.obsev.com/life/photos-show-unusual-historical-events/?utm_source=lit_456&utm_medium=paid&utm_campaign=07cc_ntd590_070_aa_lc_n_lc_dd_1_tnt_1&utm_content=23848775733490200&utm_term=07cc_ntd590_070_aa_lc_n_lc_dd_1_adset_1&fbclid=IwAR3ivSL7fWMhwzGX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.193.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-193-62.fra2.r.cloudfront.net
Software
cloudflare /
Resource Hash
7d2a71f6a1a35e552d1bbc0b52a8f1b20f67f3c5b365dc021d23831934f4a06a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.obsev.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 20:15:34 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
249748
cf-polished
origSize=9022
x-edge-origin-shield-skipped
0
content-type
text/css
x-cache
Hit from cloudfront
cf-bgj
minify
x-gateway-cache-status
MISS
x-gateway-skip-cache
0
x-gateway-request-id
4ba2b0b30b980ec25ff8f87ea05c1c31
last-modified
Thu, 15 Oct 2020 12:06:29 GMT
server
cloudflare
etag
W/"5f883b45-233e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=df%2BfWw8bFVd0rI5qGAwOxdrDaUZ42b6l%2BA6QRIoKHn7VOSqbniP4PiOtEQjt99f8AwJwNVTC37K2NYlqCLov5fjjtPh4aFoPA4F5CV0pD8uZAhKPn1BkgL0l4ZdkerfJ"}],"group":"cf-nel","max_age":604800}
x-gateway-cache-key
0||https|fun.obsev.com||/wp-content/plugins/dx-rtk-plugin-v2/assets/dist/css/dx-rtk-stylesheet-2.css?ver=202109091517
via
1.1 0e7eb16f335fe24acf3f13c5dee19c88.cloudfront.net (CloudFront)
cache-control
max-age=2592000
x-amz-cf-pop
FRA2-C1
cf-ray
694f2a3ddde54d89-FRA
x-amz-cf-id
FTtTzCthmcXCXl9hIdB4iVbOjFA9lQLqRzmVGsVlW6OksGRLplxsng==
expires
Sun, 24 Oct 2021 11:56:18 GMT
font-awesome.min.css
s29588.pcdn.co/wp-content/themes/magnetism-pro/css/font-awesome/ 		28 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s29588.pcdn.co/wp-content/themes/magnetism-pro/css/font-awesome/font-awesome.min.css?ver=5.4.7
Requested by
Host: www.obsev.com
URL: https://www.obsev.com/life/photos-show-unusual-historical-events/?utm_source=lit_456&utm_medium=paid&utm_campaign=07cc_ntd590_070_aa_lc_n_lc_dd_1_tnt_1&utm_content=23848775733490200&utm_term=07cc_ntd590_070_aa_lc_n_lc_dd_1_adset_1&fbclid=IwAR3ivSL7fWMhwzGX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.193.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-193-62.fra2.r.cloudfront.net
Software
cloudflare /
Resource Hash
b2233bd56e2f58aa8135d4ef5dca75a3414522a9f7dd035798dfc268edf6d3b4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.obsev.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 20:14:51 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
249748
x-edge-origin-shield-skipped
0
content-type
text/css
x-cache
Hit from cloudfront
x-gateway-cache-status
MISS
x-gateway-skip-cache
0
x-gateway-request-id
c5dfa0cc81a1623e8833795f70821d6a
last-modified
Fri, 06 Nov 2020 16:15:24 GMT
server
cloudflare
etag
W/"5fa5769c-7000"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ttRUO4daa%2BXSZNCHaHerFqA8kcCyNpEH2DkXoYatjbUUvW%2BsiPqBP3GHjWWJ0YD4SLVbwuaJalYZ7A0%2FjFdpBR35cNUXg%2FOWXQL3Hw%2BWjrgz19FjgHTiPXI0CPA5VdlZ"}],"group":"cf-nel","max_age":604800}
x-gateway-cache-key
0||https|fun.obsev.com||/wp-content/themes/magnetism-pro/css/font-awesome/font-awesome.min.css?ver=5.4.7
via
1.1 0e7eb16f335fe24acf3f13c5dee19c88.cloudfront.net (CloudFront)
cache-control
max-age=2592000
x-amz-cf-pop
FRA2-C1
cf-ray
694f2936482205e9-FRA
x-amz-cf-id
O2um-tJ3GpyuMIKuHBvo43AVu-OuPj-2Jd0Nu240JN_SWkn698tUZg==
expires
Sun, 24 Oct 2021 11:56:18 GMT
ionicons.css
s29588.pcdn.co/wp-content/themes/magnetism-pro/css/ 		50 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s29588.pcdn.co/wp-content/themes/magnetism-pro/css/ionicons.css?ver=5.4.7
Requested by
Host: www.obsev.com
URL: https://www.obsev.com/life/photos-show-unusual-historical-events/?utm_source=lit_456&utm_medium=paid&utm_campaign=07cc_ntd590_070_aa_lc_n_lc_dd_1_tnt_1&utm_content=23848775733490200&utm_term=07cc_ntd590_070_aa_lc_n_lc_dd_1_adset_1&fbclid=IwAR3ivSL7fWMhwzGX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.193.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-193-62.fra2.r.cloudfront.net
Software
cloudflare /
Resource Hash
b4c9c3c2bb4b17bff5986d759288ef76a69d3f9bf0ff6e80cf7f278300eb05c7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.obsev.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 20:14:51 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
249748
cf-polished
origSize=57178
x-edge-origin-shield-skipped
0
content-type
text/css
x-cache
Hit from cloudfront
cf-bgj
minify
x-gateway-cache-status
MISS
x-gateway-skip-cache
0
x-gateway-request-id
6cdc5628452325751715163285f1e6b8
last-modified
Tue, 16 Apr 2019 15:50:06 GMT
server
cloudflare
etag
W/"5cb5f9ae-df5a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I%2F2ZzcueqFg9Vw%2Bcz42z9gW7cPxMmGVP9gF4iJn8ulzdyYj%2FgyxQXtHoSC0E6zm50llzhq4mZNYXAu1GajjhuS91cY99Z8sbOH1vOqqZdSRW%2B%2BmK7QE9nF%2BOHIKGvdVl"}],"group":"cf-nel","max_age":604800}
x-gateway-cache-key
0||https|fun.obsev.com||/wp-content/themes/magnetism-pro/css/ionicons.css?ver=5.4.7
via
1.1 0e7eb16f335fe24acf3f13c5dee19c88.cloudfront.net (CloudFront)
cache-control
max-age=2592000
x-amz-cf-pop
FRA2-C1
cf-ray
694f29364b3e5c5c-FRA
x-amz-cf-id
f84Qznu1EQZC6ABvM6o492OIJXkXNJXufeNdH_UNx6p-og12AG070Q==
expires
Sun, 24 Oct 2021 11:56:18 GMT
animate.css
s29588.pcdn.co/wp-content/themes/magnetism-pro/css/ 		55 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s29588.pcdn.co/wp-content/themes/magnetism-pro/css/animate.css?ver=5.4.7
Requested by
Host: www.obsev.com
URL: https://www.obsev.com/life/photos-show-unusual-historical-events/?utm_source=lit_456&utm_medium=paid&utm_campaign=07cc_ntd590_070_aa_lc_n_lc_dd_1_tnt_1&utm_content=23848775733490200&utm_term=07cc_ntd590_070_aa_lc_n_lc_dd_1_adset_1&fbclid=IwAR3ivSL7fWMhwzGX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.193.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-193-62.fra2.r.cloudfront.net
Software
cloudflare /
Resource Hash
9141953d9fa60e3d829b5588eb14a2ba746309db1005c36d29ac2a0b659449b0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.obsev.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 20:14:51 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
249748
cf-polished
origSize=72257
x-edge-origin-shield-skipped
0
content-type
text/css
x-cache
Hit from cloudfront
cf-bgj
minify
x-gateway-cache-status
MISS
x-gateway-skip-cache
0
x-gateway-request-id
c41fe1efb1a30b56b34f2590248363a3
last-modified
Tue, 16 Apr 2019 15:50:06 GMT
server
cloudflare
etag
W/"5cb5f9ae-11a41"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LrBEBq4Pkhz%2BCchm4mn2RzYhAai%2F5uUnCUJA2oI0kmwCzmbDEo5Av2G4pD%2Bf1%2FllO6PZAkCLVUqpbUur5GGAkfYOWstJQ6hXQzOLpdSl8wXoFVoCfIUGisFS9OjxMcew"}],"group":"cf-nel","max_age":604800}
x-gateway-cache-key
0||https|fun.obsev.com||/wp-content/themes/magnetism-pro/css/animate.css?ver=5.4.7
via
1.1 0e7eb16f335fe24acf3f13c5dee19c88.cloudfront.net (CloudFront)
cache-control
max-age=2592000
x-amz-cf-pop
FRA2-C1
cf-ray
694f293649825c26-FRA
x-amz-cf-id
3LGiVpJwvL1964XLzEb6Rl3zzc9DpbHWivqde3v_Nea7ZJ-60oXiMA==
expires
Sun, 24 Oct 2021 11:56:18 GMT
responsive.css
s29588.pcdn.co/wp-content/themes/magnetism-pro/css/ 		2 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s29588.pcdn.co/wp-content/themes/magnetism-pro/css/responsive.css?ver=5.4.7
Requested by
Host: www.obsev.com
URL: https://www.obsev.com/life/photos-show-unusual-historical-events/?utm_source=lit_456&utm_medium=paid&utm_campaign=07cc_ntd590_070_aa_lc_n_lc_dd_1_tnt_1&utm_content=23848775733490200&utm_term=07cc_ntd590_070_aa_lc_n_lc_dd_1_adset_1&fbclid=IwAR3ivSL7fWMhwzGX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.193.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-193-62.fra2.r.cloudfront.net
Software
cloudflare /
Resource Hash
2e7448cc3623c60307b28ad956e5b9a3f48acceb721e2a021eb0696135254282

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.obsev.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 20:14:51 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
249748
cf-polished
origSize=3286
x-edge-origin-shield-skipped
0
content-type
text/css
x-cache
Hit from cloudfront
cf-bgj
minify
x-gateway-cache-status
MISS
x-gateway-skip-cache
0
x-gateway-request-id
2348bc5cfa2cdc8fdf59f032dffc37dc
last-modified
Tue, 16 Apr 2019 15:50:06 GMT
server
cloudflare
etag
W/"5cb5f9ae-cd6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8DExkvGgm7ZWfRdCDZZ2swOa%2BNiIsIoeOEj4tOTsR55V9R0J%2F6hMxJxALH7dpBnAt0Y207gAQTJEmSqjY%2Fz%2FGwnmzQKCc9UaSCKQwP66hUZsfOMW6uYAQJ7USmmuZtAp"}],"group":"cf-nel","max_age":604800}
x-gateway-cache-key
0||https|fun.obsev.com||/wp-content/themes/magnetism-pro/css/responsive.css?ver=5.4.7
via
1.1 0e7eb16f335fe24acf3f13c5dee19c88.cloudfront.net (CloudFront)
cache-control
max-age=2592000
x-amz-cf-pop
FRA2-C1
cf-ray
694f29365bf0d709-FRA
x-amz-cf-id
YAX0l4dSFguDSO-SifYGZje26lexy7gf9uLdha-XxSRoLFq_v4QEKw==
expires
Sun, 24 Oct 2021 11:56:18 GMT
extras.css
s29588.pcdn.co/wp-content/themes/magnetism-pro/css/ 		20 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s29588.pcdn.co/wp-content/themes/magnetism-pro/css/extras.css?ver=5.4.7
Requested by
Host: www.obsev.com
URL: https://www.obsev.com/life/photos-show-unusual-historical-events/?utm_source=lit_456&utm_medium=paid&utm_campaign=07cc_ntd590_070_aa_lc_n_lc_dd_1_tnt_1&utm_content=23848775733490200&utm_term=07cc_ntd590_070_aa_lc_n_lc_dd_1_adset_1&fbclid=IwAR3ivSL7fWMhwzGX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.193.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-193-62.fra2.r.cloudfront.net
Software
cloudflare /
Resource Hash
00b8626deb2ef52222d65c6f3039c35c38940cd7458181332381fbd81b76a004

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.obsev.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 20:14:51 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
249748
cf-polished
origSize=24487
x-edge-origin-shield-skipped
0
content-type
text/css
x-cache
Hit from cloudfront
cf-bgj
minify
x-gateway-cache-status
MISS
x-gateway-skip-cache
0
x-gateway-request-id
c6d4ebbe829dc65d182dd1b71e3e35af
last-modified
Tue, 16 Apr 2019 15:50:06 GMT
server
cloudflare
etag
W/"5cb5f9ae-5fa7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IwHPXoRkomjicBPX6sUd5q0K8dT1jtQpUqF%2BNAX%2B%2B4aYQGFSRNIlc7YoXbo0%2B4ZY3URXzFsCvjuJxWqX%2FEG6wc6YxsVc7Nleauqc16od5mlHl2Q5taoIdnOiNGLQKlKC"}],"group":"cf-nel","max_age":604800}
x-gateway-cache-key
0||https|fun.obsev.com||/wp-content/themes/magnetism-pro/css/extras.css?ver=5.4.7
via
1.1 0e7eb16f335fe24acf3f13c5dee19c88.cloudfront.net (CloudFront)
cache-control
max-age=2592000
x-amz-cf-pop
FRA2-C1
cf-ray
694f29367b17dfa5-FRA
x-amz-cf-id
RgwCnVdTHSYTtqz0tEmlCr5NPqtsJemSRUdk975Tom4eR6JEwq2psQ==
expires
Sun, 24 Oct 2021 11:56:18 GMT
loader.js
cdn.taboola.com/libtrc/revnewmedia-network/ 		488 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/revnewmedia-network/loader.js
Requested by
Host: d19m55ur8rme4m.cloudfront.net
URL: https://d19m55ur8rme4m.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9cb3cf4e89bf245f757155fa1b942f90ab16a48b81e5f74ae841e5c3d9502e0d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.obsev.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id
JiFalILnhInVsYjpnyXKjWW_dVhS.yPh
content-encoding
gzip
etag
"43ce077c4de6def1e05499b7fe7985e6"
age
101
x-cache
HIT
content-length
37154
x-amz-id-2
z9qJQ1G8cw2np37ctbu1jUSAE2Q4banfshFn6Nf2GikCgvCfsMu5BBbopDDqsLM51CE4MCHwqPQ=
x-served-by
cache-fra19181-FRA
last-modified
Thu, 23 Sep 2021 09:15:57 GMT
server
AmazonS3
x-timer
S1632734326.292818,VS0,VE1
date
Mon, 27 Sep 2021 09:18:46 GMT
vary
Accept-Encoding
x-amz-request-id
WJWX13RHGEDGWFM2
via
1.1 varnish
cache-control
private,max-age=14401
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
80
x-cache-hits
1
fbevents.js
connect.facebook.net/en_US/ 		98 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: d19m55ur8rme4m.cloudfront.net
URL: https://d19m55ur8rme4m.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.236.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-frx5.fbcdn.net
Software
/
Resource Hash
ab43cf929d649dba8ce38c92dec4849c8049b678fec9942ae08df5ca57757280
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.obsev.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
25969
x-xss-protection
0
pragma
public
x-fb-debug
mffO8uwRpq/o81JDgEGOV26tyk/Vat4yrArMBPlz8qtYHYinHVyGLXnUyc6BbaeKIM01M/57bSGIx81OmGtNWg==
x-fb-trip-id
917726464
x-frame-options
DENY
date
Mon, 27 Sep 2021 09:18:46 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
uwt.js
static.ads-twitter.com/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: d19m55ur8rme4m.cloudfront.net
URL: https://d19m55ur8rme4m.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.136.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4da3e3aa30b5b06390d7e7e3fcfb16d648909eb429d161c2748bd6d79a7ec5fb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.obsev.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 09:18:46 GMT
content-encoding
gzip
last-modified
Mon, 20 Sep 2021 23:58:10 GMT
etag
"8dc11b7ca1d5ed9ec3b1ab1beb621c75+gzip+gzip"
vary
Accept-Encoding,Host
x-tw-cdn
FT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-geo-cc_and_ra
DE-BW
cache-control
no-cache
x-cache
HIT, HIT
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
content-length
5410
x-served-by
cache-iad-kiad7000091-IAD, cache-hhn11559-HHN
ytc.js
s.yimg.com/wi/ 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.yimg.com/wi/ytc.js
Requested by
Host: d19m55ur8rme4m.cloudfront.net
URL: https://d19m55ur8rme4m.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
87.248.118.22 Frankfurt am Main, Germany, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
e1.ycpi.vip.deb.yahoo.com
Software
ATS /
Resource Hash
b9e6c38b3493790e6525ba6715ad839211cab5db3ddc80c7f70f20f92679fee6
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.obsev.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

ats-carp-promotion
1
date
Mon, 27 Sep 2021 08:39:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2341
x-amz-server-side-encryption
AES256
vary
Origin, Accept-Encoding
content-length
5639
x-amz-id-2
+L0cYPPSqsf4vG27Rx59PdgEMmrddOon/sXxJpxUCVZS/QKoR38x1AUeVtUvROxT6ysjr5os1og=
referrer-policy
no-referrer-when-downgrade
x-amz-expiration
expiry-date="Sat, 02 Jul 2022 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified
Thu, 27 May 2021 13:00:20 GMT
server
ATS
etag
"6de43f1c725d89777edaa2bc5d679ecb-df"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=15552000
x-amz-request-id
AKME8WBN07J9SCKF
x-xss-protection
1; mode=block
cache-control
public,max-age=3600
x-amz-version-id
Bv0RNzsjZsSn6kGrZjdvdggYqc20u__d
accept-ranges
bytes
content-type
application/javascript
events.js
analytics.tiktok.com/i18n/pixel/ 		113 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C4TTEAH6H18A0MH1QGGG&lib=ttq
Requested by
Host: d19m55ur8rme4m.cloudfront.net
URL: https://d19m55ur8rme4m.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.145 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-145.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
ac28ee4c234de329ce740ef7ec8af26cec56ac1a0968eafd882b780c9d0bf036

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.obsev.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-akamai-request-id
365363a.bde0dd46
date
Mon, 27 Sep 2021 09:18:46 GMT
content-encoding
gzip
x-cache-remote
TCP_MISS from a23-50-232-132.deploy.akamaitechnologies.com (AkamaiGHost/10.4.4-34529956) (-)
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a2-16-186-141.deploy.akamaitechnologies.com (AkamaiGHost/10.4.4-34529956) (-)
x-parent-response-time
159,2.16.186.141
server-timing
cdn-cache; desc=MISS, edge; dur=154, origin; dur=6, inner; dur=3
pragma
no-cache
server
nginx
x-tt-logid
20210927091846010245154056146F710D
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
6,23.50.232.132
x-tt-trace-host
019aa59d138511745a73f39333dd0d78a09ad7aacb6cbbb5cea1241180787b160aaa8c06b2c63aa039e65c1324117ed0fe1345f6085ca7e1bdf785242609d5454717a48ea0778e410e251229b21cdcc83c79d025f9668a22968a5d1ad54114ad1118ba01ab91ba893f3d97567051baa188
expires
Mon, 27 Sep 2021 09:18:46 GMT
v2sqmM-r8dC3ZDvsi5fWfBRJFDm4M9gYicwrg7sDFyPlcDmoMdyC1ZSE
overconfidentfood.com/ 		103 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://overconfidentfood.com/v2sqmM-r8dC3ZDvsi5fWfBRJFDm4M9gYicwrg7sDFyPlcDmoMdyC1ZSE
Requested by
Host: d19m55ur8rme4m.cloudfront.net
URL: https://d19m55ur8rme4m.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.96.133 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
133.96.201.35.bc.googleusercontent.com
Software
/
Resource Hash
ea49a7298d81921bd731d7742545b6d5cab9544c54d7a3043eb717e97318a538
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.obsev.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; preload
content-encoding
br
x-datacenter
gce-europe-west1
etag
"ff5b09928e043d156dcc5d346090f696bd488e396e3a4833e24a977f9f49f07f"
vary
Accept-Encoding, Accept-Language
x-hostname
a26589ac
content-type
text/javascript; charset=utf-8
cache-control
private, must-revalidate, max-age=21600
date
Mon, 27 Sep 2021 09:18:46 GMT
timing-allow-origin
*
choice.js
quantcast.mgr.consensu.org/choice/SLxMaH0S8rqsR/www.obsev.com/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://quantcast.mgr.consensu.org/choice/SLxMaH0S8rqsR/www.obsev.com/choice.js
Requested by
Host: d19m55ur8rme4m.cloudfront.net
URL: https://d19m55ur8rme4m.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-27.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a74d9a88b145b13af856ba7e17892f66caac51a83e14adafc1e36babd8476b54

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.obsev.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Mon, 27 Sep 2021 09:18:46 GMT
content-encoding
gzip
last-modified
Wed, 10 Feb 2021 21:52:50 GMT
server
AmazonS3
x-edge-origin-shield-skipped
0
etag
W/"d5875d1ba0991905b3f69fe3f539d272"
vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 21a3da42c823b5a4a2d9c4c63248bbd6.cloudfront.net (CloudFront)
cache-control
max-age=900
cross-origin-resource-policy
cross-origin
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
jfEvyE3WJl6HBOPZ9BlfVgvKEkg2CLsM-O0IIrbVvQ0AOcXSPt2e_g==
connatix.playspace.dc.js
cds.connatix.com/p/130560/ Frame 36E3
Redirect Chain
  • https://cd.connatix.com/connatix.playspace.js
  • https://cds.connatix.com/p/130560/connatix.playspace.dc.js
512 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cds.connatix.com/p/130560/connatix.playspace.dc.js
Requested by
Host: www.obsev.com
URL: https://www.obsev.com/life/photos-show-unusual-historical-events/?utm_source=lit_456&utm_medium=paid&utm_campaign=07cc_ntd590_070_aa_lc_n_lc_dd_1_tnt_1&utm_content=23848775733490200&utm_term=07cc_ntd590_070_aa_lc_n_lc_dd_1_adset_1&fbclid=IwAR3ivSL7fWMhwzGX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 09:18:46 GMT
content-encoding
br
last-modified
Fri, 24 Sep 2021 14:14:49 GMT
age
240964
etag
"d222fa1d6350be6fc1baee9bfe905b5f"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
access-control-max-age
86400
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
content-length
239699

Redirect headers

location
https://cds.connatix.com/p/130560/connatix.playspace.dc.js
date
Mon, 27 Sep 2021 09:18:46 GMT
cache-control
no-cache, no-store, must-revalidate, max-age=0
age
0
accept-ranges
bytes
content-length
0
retry-after
0
connatix.player.dc.js
cds.connatix.com/p/130560/ Frame A342
Redirect Chain
  • https://cd.connatix.com/connatix.player.js
  • https://cds.connatix.com/p/130560/connatix.player.dc.js
1 MB
225 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cds.connatix.com/p/130560/connatix.player.dc.js
Requested by
Host: www.obsev.com
URL: https://www.obsev.com/life/photos-show-unusual-historical-events/?utm_source=lit_456&utm_medium=paid&utm_campaign=07cc_ntd590_070_aa_lc_n_lc_dd_1_tnt_1&utm_content=23848775733490200&utm_term=07cc_ntd590_070_aa_lc_n_lc_dd_1_adset_1&fbclid=IwAR3ivSL7fWMhwzGX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
84751873b81e025c813cae29a4814e4eb98ad51d382336442a200cbdc5a708f9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 09:18:46 GMT
content-encoding
br
last-modified
Fri, 24 Sep 2021 14:14:49 GMT
age
240964
etag
"de68edfe8bc0e60a50e0949fda90dbba"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
access-control-max-age
86400
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
content-length
229718

Redirect headers

location
https://cds.connatix.com/p/130560/connatix.player.dc.js
date
Mon, 27 Sep 2021 09:18:46 GMT
cache-control
no-cache, no-store, must-revalidate, max-age=0
age
0
accept-ranges
bytes
content-length
0
retry-after
0
DroidSans-webfont.woff2
s29588.pcdn.co/wp-content/themes/obsev-theme/assets/dist/fonts/ 		71 KB
72 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s29588.pcdn.co/wp-content/themes/obsev-theme/assets/dist/fonts/DroidSans-webfont.woff2
Requested by
Host: s29588.pcdn.co
URL: https://s29588.pcdn.co/wp-content/themes/obsev-theme/assets/dist/css/master.css?ver=202109231501
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.193.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-193-62.fra2.r.cloudfront.net
Software
cloudflare /
Resource Hash
ce1d230c6b398c67085e6344ee1c1232c7ce29fc9f2fcc65a3b5674acfdd9ce1

Request headers

Referer
https://s29588.pcdn.co/wp-content/themes/obsev-theme/assets/dist/css/master.css?ver=202109231501
Origin
https://www.obsev.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 20:14:52 GMT
via
1.1 34f50889bc574f1edeb41dd758962a5b.cloudfront.net (CloudFront)
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
47034
x-edge-origin-shield-skipped
0
content-type
font/woff2
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5w3%2B9MJ0wxh%2BAGgUS6vRQEULUPhP6iFOKwnCRHAM%2FXOVtYR%2Bn2Qt8YPpd4J6rbp06wbk2GhMuDMhG0sOaOe5I%2Fk%2FqG5eRRlG%2FPAgyGrpLFDWcne9GU%2BRo2uFyOBBCzgg"}],"group":"cf-nel","max_age":604800}
x-cache
Hit from cloudfront
content-length
72676
x-gateway-cache-status
HIT
x-gateway-skip-cache
0
x-gateway-request-id
85db36d5bbb6f8638b8c7b92d50a1e30
last-modified
Fri, 10 May 2019 12:35:31 GMT
server
cloudflare
etag
"5cd57013-11be4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD, OPTIONS
x-gateway-cache-key
0||https|fun.obsev.com||/wp-content/themes/obsev-theme/assets/dist/fonts/DroidSans-webfont.woff2
access-control-allow-origin
*
cache-control
max-age=2592000
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
cf-ray
694f2936aa44323c-FRA
x-amz-cf-id
JbwZaqrUCsvE2E_k4cJm2RUtLzDa9FMtcjA0_xjlUsMatEWM0Ju_tw==
expires
Tue, 26 Oct 2021 20:14:50 GMT
DroidSans-Bold-webfont.woff2
s29588.pcdn.co/wp-content/themes/obsev-theme/assets/dist/fonts/ 		74 KB
75 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s29588.pcdn.co/wp-content/themes/obsev-theme/assets/dist/fonts/DroidSans-Bold-webfont.woff2
Requested by
Host: s29588.pcdn.co
URL: https://s29588.pcdn.co/wp-content/themes/obsev-theme/assets/dist/css/master.css?ver=202109231501
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.193.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-193-62.fra2.r.cloudfront.net
Software
cloudflare /
Resource Hash
6199df887e6da8e621cd94fef4e7dbb8c5e6382b043a5de7143a0ca81bc65db2

Request headers

Referer
https://s29588.pcdn.co/wp-content/themes/obsev-theme/assets/dist/css/master.css?ver=202109231501
Origin
https://www.obsev.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 20:14:52 GMT
via
1.1 34f50889bc574f1edeb41dd758962a5b.cloudfront.net (CloudFront)
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
47034
x-edge-origin-shield-skipped
0
content-type
font/woff2
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EajVI%2BiekdmjBwT2bxeMVLKs5Badm5rDwLDSa8RDct2Ghjrxsl80f9XhkfeOw7rX2IHGCQcSwPAznxPd5t%2BCx7j2CTq%2F7gx9MmBObeJ1cry8oWYA6uArQoiHWtyOPVBq"}],"group":"cf-nel","max_age":604800}
x-cache
Hit from cloudfront
content-length
75948
x-gateway-cache-status
HIT
x-gateway-skip-cache
0
x-gateway-request-id
ca101f61f12b660cc92fa957044189e5
last-modified
Fri, 10 May 2019 12:35:31 GMT
server
cloudflare
etag
"5cd57013-128ac"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD, OPTIONS
x-gateway-cache-key
0||https|fun.obsev.com||/wp-content/themes/obsev-theme/assets/dist/fonts/DroidSans-Bold-webfont.woff2
access-control-allow-origin
*
cache-control
max-age=2592000
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
cf-ray
694f2936aa3c5c26-FRA
x-amz-cf-id
o-ybU_v-1L5qOQsYlbCcSDPA0OdZTR6P9lkp1u2rfvzfVQ-ATP1fAA==
expires
Tue, 26 Oct 2021 20:14:50 GMT
gdpr
jita.rtk.io/ 		0
272 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://jita.rtk.io/gdpr
Requested by
Host: 506.hostedprebid.com
URL: https://506.hostedprebid.com/8L6B/Axf3_K67O_jS5l_GgFd_U2ui/jita.js?dfp=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.240.35 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.obsev.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Mon, 27 Sep 2021 09:18:46 GMT
Server
nginx
X-Cache
MISS
Content-Type
text/html
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-Gdpr,X-Country
X-Country
US
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
0
fontawesome-webfont.woff2
s29588.pcdn.co/wp-content/themes/magnetism-pro/css/fonts/ 		70 KB
71 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s29588.pcdn.co/wp-content/themes/magnetism-pro/css/fonts/fontawesome-webfont.woff2?v=4.6.4
Requested by
Host: s29588.pcdn.co
URL: https://s29588.pcdn.co/wp-content/themes/magnetism-pro/css/font-awesome/font-awesome.min.css?ver=5.4.7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.193.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-193-62.fra2.r.cloudfront.net
Software
cloudflare /
Resource Hash
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73

Request headers

Referer
https://s29588.pcdn.co/wp-content/themes/magnetism-pro/css/font-awesome/font-awesome.min.css?ver=5.4.7
Origin
https://www.obsev.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 20:14:52 GMT
via
1.1 34f50889bc574f1edeb41dd758962a5b.cloudfront.net (CloudFront)
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
47034
x-edge-origin-shield-skipped
0
content-type
font/woff2
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bqs4AkLel6WMfFsrAjNd9aQLa1eZx%2FczBuEqZazICXQrbM8D7YpU5D37IP7KJGxccSiKz9PVv7J3YpX3ETLeeh2WJgCTq83Ljffb%2FrsTMij7sPeN2SHjeY8DQiMYLLVe"}],"group":"cf-nel","max_age":604800}
x-cache
Hit from cloudfront
content-length
71896
x-gateway-cache-status
HIT
x-gateway-skip-cache
0
x-gateway-request-id
806e37914e665ca059b15c7390d8d396
last-modified
Tue, 16 Apr 2019 15:50:06 GMT
server
cloudflare
etag
"5cb5f9ae-118d8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD, OPTIONS
x-gateway-cache-key
0||https|fun.obsev.com||/wp-content/themes/magnetism-pro/css/fonts/fontawesome-webfont.woff2?v=4.6.4
access-control-allow-origin
*
cache-control
max-age=2592000
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
cf-ray
694f29372b745c56-FRA
x-amz-cf-id
9rdhfatsGj9Vk7QBDdrIdPDemflQIyvJAilFHs9CvTOL8hYzaq9Hcw==
expires
Tue, 26 Oct 2021 20:14:50 GMT
impl.20210923-4-RELEASE.js
cdn.taboola.com/libtrc/ 		528 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/impl.20210923-4-RELEASE.js
Requested by
Host: d19m55ur8rme4m.cloudfront.net
URL: https://d19m55ur8rme4m.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
9ef2fa6d02bd3595685a4fa73762bb189deac1d05605ff00a2bb58b879b75557

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.obsev.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id
SWCjDnks_i1ZGGuO0eJBGk_rQc_n85qJ
content-encoding
br
etag
"f30da82f08687af7c0344b8258fb7906"
age
1498
x-cache
HIT
content-length
119564
x-amz-id-2
n7YtVMW9WvD4ADPOeQDasIgC6IPxPphFxd7pDycS4imO+O8M7NBS2fh7GCgAZhJEhTcXO3Lg4arTBsqUwKX1LA==
x-served-by
cache-fra19181-FRA
last-modified
Thu, 23 Sep 2021 08:53:47 GMT
server
AmazonS3-br
x-timer
S1632734326.483334,VS0,VE0
date
Mon, 27 Sep 2021 09:18:46 GMT
vary
Accept-Encoding
x-amz-request-id
W2S6MMCKRAC253K8
via
1.1 varnish
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
application/javascript
abp
81
x-cache-hits
4753
beacon.js
sb.scorecardresearch.com/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: d19m55ur8rme4m.cloudfront.net
URL: https://d19m55ur8rme4m.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-101.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.obsev.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 05:46:43 GMT
content-encoding
gzip
etag
W/"1827f116c73f319409b97f10b8a58ade"
last-modified
Fri, 26 Feb 2021 14:35:05 GMT
server
AmazonS3
age
12724
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-edge-origin-shield-skipped
0
content-type
application/javascript
via
1.1 83caebe1f817a31bd75ba17dff7ae1a6.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
FlBUYlNVcmK3YSw5rqyCbbxPqI-lXTDvRlsjgcokCVLZz2-01uaitw==
10098065.json
s.yimg.com/wi/config/ 		2 B
451 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.yimg.com/wi/config/10098065.json
Requested by
Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
87.248.118.22 Frankfurt am Main, Germany, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
e1.ycpi.vip.deb.yahoo.com
Software
ATS /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.obsev.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 08:43:46 GMT
x-content-type-options
nosniff
age
2100
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
XY5D8RZ7Y8MDKD5X
x-amz-id-2
+odDOTX5COmduZoHfqCDW2l+GjHbIx1w9QPApKy9iWhfENHwAAJEZC9dx4o8gUmoN9RXWzigOCc=
referrer-policy
no-referrer-when-downgrade
server
ATS
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=15552000
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
x-xss-protection
1; mode=block
cache-control
public,max-age=3600
content-length
2
connatix.playspace.dc.js
cds.connatix.com/p/130560/ Frame 96A2
Redirect Chain
  • https://cd.connatix.com/connatix.playspace.js
  • https://cds.connatix.com/p/130560/connatix.playspace.dc.js
1 MB
234 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cds.connatix.com/p/130560/connatix.playspace.dc.js
Requested by
Host: www.obsev.com
URL: https://www.obsev.com/life/photos-show-unusual-historical-events/?utm_source=lit_456&utm_medium=paid&utm_campaign=07cc_ntd590_070_aa_lc_n_lc_dd_1_tnt_1&utm_content=23848775733490200&utm_term=07cc_ntd590_070_aa_lc_n_lc_dd_1_adset_1&fbclid=IwAR3ivSL7fWMhwzGX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c6c037babefbd41006822221701916c78c530f66ab366a5b47d623a50dfcc97d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 09:18:46 GMT
content-encoding
br
last-modified
Fri, 24 Sep 2021 14:14:49 GMT
age
240964
etag
"d222fa1d6350be6fc1baee9bfe905b5f"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
access-control-max-age
86400
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
content-length
239699

Redirect headers

location
https://cds.connatix.com/p/130560/connatix.playspace.dc.js
date
Mon, 27 Sep 2021 09:18:46 GMT
cache-control
no-cache, no-store, must-revalidate, max-age=0
age
0
accept-ranges
bytes
content-length
0
retry-after
0
connatix.player.dc.js
cds.connatix.com/p/130560/ Frame EC95
Redirect Chain
  • https://cd.connatix.com/connatix.player.js
  • https://cds.connatix.com/p/130560/connatix.player.dc.js
1 MB
225 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cds.connatix.com/p/130560/connatix.player.dc.js
Requested by
Host: www.obsev.com
URL: https://www.obsev.com/life/photos-show-unusual-historical-events/?utm_source=lit_456&utm_medium=paid&utm_campaign=07cc_ntd590_070_aa_lc_n_lc_dd_1_tnt_1&utm_content=23848775733490200&utm_term=07cc_ntd590_070_aa_lc_n_lc_dd_1_adset_1&fbclid=IwAR3ivSL7fWMhwzGX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
84751873b81e025c813cae29a4814e4eb98ad51d382336442a200cbdc5a708f9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 09:18:46 GMT
content-encoding
br
last-modified
Fri, 24 Sep 2021 14:14:49 GMT
age
240964
etag
"de68edfe8bc0e60a50e0949fda90dbba"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
access-control-max-age
86400
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
content-length
229718

Redirect headers

location
https://cds.connatix.com/p/130560/connatix.player.dc.js
date
Mon, 27 Sep 2021 09:18:46 GMT
cache-control
no-cache, no-store, must-revalidate, max-age=0
age
0
accept-ranges
bytes
content-length
0
retry-after
0
1216874878695665
connect.facebook.net/signals/config/ 		490 KB
143 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1216874878695665?v=2.9.46&r=stable
Requested by
Host: d19m55ur8rme4m.cloudfront.net
URL: https://d19m55ur8rme4m.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.236.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-frx5.fbcdn.net
Software
/
Resource Hash
72f8d22d487cc7b7c62273167c3b94e1db0a1d7daea0d01003c42a35c9654b75
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.obsev.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
146695
x-xss-protection
0
pragma
public
x-fb-debug
q8AqHh1elUGz+ItWG6ajt6UNhscZ6mzF0DylZKUME3QBVNbXHn3TV2yF6mFTKrLqdYSLqO7otZjVQpsgESr2kg==
x-fb-trip-id
917726464
x-frame-options
DENY
date
Mon, 27 Sep 2021 09:18:46 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
rates.json
jita.rtk.io/assets/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://jita.rtk.io/assets/rates.json
Requested by
Host: 506.hostedprebid.com
URL: https://506.hostedprebid.com/8L6B/Axf3_K67O_jS5l_GgFd_U2ui/jita.js?dfp=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.240.35 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
nginx /
Resource Hash
d21bb5f51e4dc268852d1ad2941e95c1ecc8efa9581c1b3aa4b63a83a78e771b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.obsev.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Mon, 27 Sep 2021 09:18:46 GMT
Content-Encoding
gzip
Last-Modified
Mon, 27 Sep 2021 09:00:03 GMT
Server
nginx
x-amz-request-id
0BPAJYWERJAPEWP4
ETag
"2f0f8f5b78c53190f7775e8a93f2b720"
Vary
Accept-Encoding
X-Cache
HIT
Content-Type
application/json
Access-Control-Allow-Origin
*
Content-Length
1549
Connection
keep-alive
Accept-Ranges
bytes
x-amz-version-id
Sfwgf2j3AI7GATeM2KLmP_NbkAzcyePr
x-amz-id-2
rRgV/Dm8IGh4WYAtJBumV9MOSYxkgxM2wEuy5uWIepB1EQ4PugJ+mRh6eQUJpDboPd/2mp7FR7M=
quant.js
secure.quantserve.com/ 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: d19m55ur8rme4m.cloudfront.net
URL: https://d19m55ur8rme4m.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.228.74.226 , United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
c9d50edae9ab89f8373214510b01eb50f60e16bd5e71328173962c0e13b31c07

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.obsev.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 09:18:46 GMT
content-encoding
gzip
etag
"dfAcRt65NMPvqdNgsZZi3w=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
expires
Mon, 04 Oct 2021 09:18:46 GMT
cmp2.js
quantcast.mgr.consensu.org/tcfv2/ 		179 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=www.obsev.com
Requested by
Host: d19m55ur8rme4m.cloudfront.net
URL: https://d19m55ur8rme4m.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-27.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7289837e876c7bbbf1afc71abc4c5383e7f56692abeaa0a72b82e4e721ceba26

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.obsev.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 09:18:39 GMT
content-encoding
br
age
66
x-amz-server-side-encryption
AES256
x-edge-origin-shield-skipped
0
access-control-max-age
86400
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Thu, 02 Sep 2021 17:09:42 GMT
server
AmazonS3
etag
W/"9deb1d626be8c031919272577f54eb7e"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
text/javascript;charset=UTF-8
via
1.1 21a3da42c823b5a4a2d9c4c63248bbd6.cloudfront.net (CloudFront)
cache-control
max-age=3600
x-amz-meta-qc-ineu
True
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
Tc--oc-YopyErbGi6rpSKbPRyVFxGJlujzHS3P4vbZaobf4IxXcPLw==
js
www.googletagmanager.com/gtag/ 		96 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-311288447&l=dataLayer&cx=c
Requested by
Host: d19m55ur8rme4m.cloudfront.net
URL: https://d19m55ur8rme4m.cloudfront.net/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.232 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
3999f9cfc12ba40994ad1b3d31cc8e05afd224b1718027ca9ac58d79c2d6601c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.obsev.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 09:18:46 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39131
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 09:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 27 Sep 2021 09:18:46 GMT
js
www.googletagmanager.com/gtag/ 		97 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-67215840-1&l=dataLayer&cx=c
Requested by
Host: d19m55ur8rme4m.cloudfront.net
URL: https://d19m55ur8rme4m.cloudfront.net/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.232 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
ad1dbde9573d7616472dcb79f7b01013815630f192725c4da532af0651428bc4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.obsev.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 09:18:46 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39343
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 09:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 27 Sep 2021 09:18:46 GMT
js
www.googletagmanager.com/gtag/ 		97 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-67215840-2&l=dataLayer&cx=c
Requested by
Host: d19m55ur8rme4m.cloudfront.net
URL: https://d19m55ur8rme4m.cloudfront.net/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.232 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
08fcf9446aed1d3502f28be78b5183240290c1a24de433c285a726db1b70c027
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.obsev.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 09:18:46 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39345
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 09:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 27 Sep 2021 09:18:46 GMT
adsct
analytics.twitter.com/i/ 		31 B
659 B 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.twitter.com/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=o5egv&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=80d35b9a-479f-45da-9a9d-b5b0ecc9dc64&tw_document_href=https%3A%2F%2Fwww.obsev.com%2Flife%2Fphotos-show-unusual-historical-events%2F%3Futm_source%3Dlit_456%26utm_medium%3Dpaid%26utm_campaign%3D07cc_ntd590_070_aa_lc_n_lc_dd_1_tnt_1%26utm_content%3D23848775733490200%26utm_term%3D07cc_ntd590_070_aa_lc_n_lc_dd_1_adset_1%26fbclid%3DIwAR3ivSL7fWMhwzGX&tpx_cb=twttr.conversion.loadPixels
Requested by
Host: d19m55ur8rme4m.cloudfront.net
URL: https://d19m55ur8rme4m.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.131 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.obsev.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 09:18:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status
200 OK
x-twitter-response-tags
BouncerCompliant
content-length
57
x-xss-protection
0
pragma
no-cache
last-modified
Mon, 27 Sep 2021 09:18:46 GMT
server
tsa_o
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=631138519
content-type
application/javascript;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
4bd5b2163c214efd44843c233c97683f2fef428fff7b39edc2a827f6ee29714b
x-transaction
88a470e569a54e3c
expires
Tue, 31 Mar 1981 05:00:00 GMT
adsct
t.co/i/ 		43 B
454 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=o5egv&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=80d35b9a-479f-45da-9a9d-b5b0ecc9dc64&tw_document_href=https%3A%2F%2Fwww.obsev.com%2Flife%2Fphotos-show-unusual-historical-events%2F%3Futm_source%3Dlit_456%26utm_medium%3Dpaid%26utm_campaign%3D07cc_ntd590_070_aa_lc_n_lc_dd_1_tnt_1%26utm_content%3D23848775733490200%26utm_term%3D07cc_ntd590_070_aa_lc_n_lc_dd_1_adset_1%26fbclid%3DIwAR3ivSL7fWMhwzGX
Requested by
Host: www.obsev.com
URL: https://www.obsev.com/life/photos-show-unusual-historical-events/?utm_source=lit_456&utm_medium=paid&utm_campaign=07cc_ntd590_070_aa_lc_n_lc_dd_1_tnt_1&utm_content=23848775733490200&utm_term=07cc_ntd590_070_aa_lc_n_lc_dd_1_adset_1&fbclid=IwAR3ivSL7fWMhwzGX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.5 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.obsev.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 09:18:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200 OK
x-twitter-response-tags
BouncerCompliant
content-length
65
x-xss-protection
0
pragma
no-cache
last-modified
Mon, 27 Sep 2021 09:18:46 GMT
server
tsa_o
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=0
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
07785cf3ff484bbc8824ba03204afc38d12d9b955c680a5857572266ea1e420e
x-transaction
36707765e1a1f4a5
expires
Tue, 31 Mar 1981 05:00:00 GMT
conversion_async.js
www.googleadservices.com/pagead/ 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: d19m55ur8rme4m.cloudfront.net
URL: https://d19m55ur8rme4m.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
936790ccabd26acddebd039c54120623734e2aa82310def49cc535912338fc0c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.obsev.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 09:18:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14166
x-xss-protection
0
server
cafe
etag
5348393372526461885
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 27 Sep 2021 09:18:46 GMT
analytics.js
www.google-analytics.com/ 		48 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: d19m55ur8rme4m.cloudfront.net
URL: https://d19m55ur8rme4m.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.78 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.obsev.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 11 Aug 2021 00:32:57 GMT
server
Golfe2
age
1606
date
Mon, 27 Sep 2021 08:52:00 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19747
expires
Mon, 27 Sep 2021 10:52:00 GMT
skeleton.gif
static.adsafeprotected.com/ 		43 B
259 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.adsafeprotected.com/skeleton.gif
Requested by
Host: www.obsev.com
URL: https://www.obsev.com/life/photos-show-unusual-historical-events/?utm_source=lit_456&utm_medium=paid&utm_campaign=07cc_ntd590_070_aa_lc_n_lc_dd_1_tnt_1&utm_content=23848775733490200&utm_term=07cc_ntd590_070_aa_lc_n_lc_dd_1_adset_1&fbclid=IwAR3ivSL7fWMhwzGX
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.49.37.161 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-49-37-161.eu-west-1.compute.amazonaws.com
Software
nginx/1.16.1 /
Resource Hash
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.obsev.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 09:18:46 GMT
last-modified
Mon, 17 Aug 2020 23:55:15 GMT
server
nginx/1.16.1
age
18554905
etag
"45cf913e5d9d3c9b2058033056d3dd23"
x-cache-status
HIT
content-type
image/gif
cache-control
max-age=315360000
accept-ranges
bytes
content-length
43
apstag.js
c.amazon-adsystem.com/aax2/ 		133 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: d19m55ur8rme4m.cloudfront.net
URL: https://d19m55ur8rme4m.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.186.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-186-4.fra2.r.cloudfront.net
Software
Server /
Resource Hash
975b62423e82390a1b54f47625f46f5b4451a8ea69945b2e85008a194bb55edd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.obsev.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id
8N42zakBwOFy.ZF9LMqjmgZs3f2_X5lT
content-encoding
gzip
etag
3900a2c2d757386fb762bfd86288f882
age
221
x-edge-origin-shield-skipped
0
x-cache
Hit from cloudfront
server
Server
x-amz-rid
179W72XQKJQC18TDEN86
date
Mon, 27 Sep 2021 09:16:11 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 c3b74c81fdcb7942211a6c721efa13fd.cloudfront.net (CloudFront)
cache-control
public, max-age=900
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
caPhvf6fylwBLJeErwDIwP7S3YJ-zdoOEEJNuA-T0YxnaGbuJ56hzg==
5f1f56e15ca092000440e366
wserver.vidazoo.com/api/ 		4 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://wserver.vidazoo.com/api/5f1f56e15ca092000440e366?trace=GbP121fkovSH9gMPNSkQeHBMhAV1Fd3J7BFdfXUIyeggFfDJ%2FV1ZTX0ZlLltRK2lsHUQHABc3DksCPCUrXxIHFiI6JVxFd2Z%2BAVZbQ1QjKUsGITwrXURRCRc%2FO1xLbyUgWBceClRpLlgLPjViEwcHAxkkDksGIDVsCwAKAwU2ZBsRKSo5fQkIDhoQKVoPKHJ0RRQeClpxL10XPxUgVwkZDBM%2BLVcTb2ooUAoYClpxOFgVPjVsCxIZGhN%2FakwTIA89XhMZDBNxchsLJCQRBVNdTVpxPU0KEj0rVQ8eAlRpakkGJDRsHUQeGxsMK1gKPTEnVghJVVRjf1oEEj46VVNSXyljfwk4LDERXQU0ASk%2FK2YDKQ9%2FbhIFGyliahVFOCQjbgUEAQI2Jk1Fd3J8Al5fV0FkfQ5UfmR3AVRbX1R%2FakwTIA86VBQGTUxxeA4ELg8gRQJeVkYMeA5XEjEvbgoIMBgMJFo4KTQRADkKCwU2PGZWb3xsVwQIAx83agNFBCcPY1UCGSUff18wADg5SyEzTVpxK10Jb2psQhIKGx8wZk8OKTE0XglFDBk%2BahVFOCIiE1xJBwInOEpCfhFrAyBOXTAkP05JIjI9VBBFDBk%2BbQshITkoVENZKQY7J00IPn09WQkcQgM9PUoSLDxjWQ8YGxkhIVoGIX0rRwMFGwV2en9CfhY7RQs0HBkmOloCaGMKXQ8fMEJmfhxVeyU6XDkGChI6PVRCfhQ%2BUA8PSkRlPU0KEjMvXBYKBhE9bQojfWctUjkFGxJmcQk4fWd%2BbgcKMBowF1c4ITMRVQI0XiknJk04fHV8BxMfAikwJ1cTKD46FFUvXUVrfAFQemV5AlVfVkZheAlCf2Y7RQs0GxMhJRxUCWB5UgU0AQI3fQBXEmB5ATkKDik%2FK2YJEjwtbgIPMEcMKV0UKCQRAENZWRAxK1UOKXV9dS8cLiRgIU80AWcoZisDGAwUEBtLbyMtQwMOASU6MlxFd3J%2FB1ZbF0dheAlFYXInXwgOHSU6MlxFd3J%2BSVZJQ1Q8PU0CPwMnSwNJVVRifglXNWl%2BAURHTRoyMVYSOXJ0Ew8FCR89IU0eb3xsQwMNCgQhLUtFd3IiWBI0W0NlahVFPjM8XgoHJxM6L1ETb2p4CVBYWVpxJVgfGT87Ug47AB89PEpFd2BiEwMFDBk3LXoKPnJ0RRQeClpxPk4XOQYrQxUCABhxchtWY2BgAERHTQI6JVwdIj4rE1xJKgIwZ2wJJj4hRghJQ1QnIVQCNz8gVCkNCQU2PBtdfS0%3D
Requested by
Host: static.vidazoo.com
URL: https://static.vidazoo.com/basev/vwpt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
157.230.212.27 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
64953967476e4a79197954523781577f80a0800f2971903eaf51eb3913bbc1ee

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.obsev.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Mon, 27 Sep 2021 09:18:47 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.obsev.com
Cache-Control
max-age=0, no-cache, must-revalidate, proxy-revalidate
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, Content-Range, Cache-Control
Content-Length
2987
identify.js
analytics.tiktok.com/i18n/pixel/ 		114 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/identify.js
Requested by
Host: d19m55ur8rme4m.cloudfront.net
URL: https://d19m55ur8rme4m.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.145 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-145.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
da556df4dc2e8a01fc001ae2a2446328a6615e19a40e9113a8718f0ac018d2c4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.obsev.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-akamai-request-id
9f965cc4.bde0dfbf
date
Mon, 27 Sep 2021 09:18:46 GMT
content-encoding
gzip
x-cache-remote
TCP_MISS from a23-44-4-119.deploy.akamaitechnologies.com (AkamaiGHost/10.4.4-34529956) (-)
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a2-16-186-141.deploy.akamaitechnologies.com (AkamaiGHost/10.4.4-34529956) (-)
x-parent-response-time
159,2.16.186.141
server-timing
cdn-cache; desc=MISS, edge; dur=153, origin; dur=6, inner; dur=2
pragma
no-cache
server
nginx
x-tt-logid
20210927091846010245241002126C1D32
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
6,23.44.4.119
x-tt-trace-host
019aa59d138511745a73f39333dd0d78a09ad7aacb6cbbb5cea1241180787b160a4765d2069045cb166036d663577334e69baae02b1304e06868e252d778f7c65300b9853ff02d176f149a8d1805600b53e2ac0fabdbe96ed1f099f11a983da1773d9813fc7883665d71fd72b7d70dd6ce
expires
Mon, 27 Sep 2021 09:18:46 GMT
config.js
analytics.tiktok.com/i18n/pixel/ 		682 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/config.js?sdkid=C4TTEAH6H18A0MH1QGGG&hostname=www.obsev.com
Requested by
Host: d19m55ur8rme4m.cloudfront.net
URL: https://d19m55ur8rme4m.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.145 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-145.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
a7b38f2810bc32b7813ed86b526ebbf1aa9d48e398364d59735c17a34897f1ef

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.obsev.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-akamai-request-id
3654d07.bde0e006
date
Mon, 27 Sep 2021 09:18:46 GMT
content-encoding
gzip
x-cache-remote
TCP_MISS from a23-50-232-132.deploy.akamaitechnologies.com (AkamaiGHost/10.4.4-34529956) (-)
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a2-16-186-141.deploy.akamaitechnologies.com (AkamaiGHost/10.4.4-34529956) (-)
x-parent-response-time
156,2.16.186.141
server-timing
cdn-cache; desc=MISS, edge; dur=152, origin; dur=4, inner; dur=2
content-length
298
pragma
no-cache
server
nginx
x-tt-logid
20210927091846010245244138016C2C81
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
4,23.50.232.132
x-tt-trace-host
019aa59d138511745a73f39333dd0d78a09ad7aacb6cbbb5cea1241180787b160aaa8c06b2c63aa039e65c1324117ed0fe1345f6085ca7e1bdf785242609d54547beaec8bf3f885f75e87b3b89f9264fc2f223fe3c4fb8f9c0066a4a53bff29d1dbf2ebbf869c2a87ff84bc3a4c8102cef
expires
Mon, 27 Sep 2021 09:18:46 GMT
pubads_impl_2021092101.js
securepubads.g.doubleclick.net/gpt/ 		336 KB
118 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092101.js?31062917
Requested by
Host: d19m55ur8rme4m.cloudfront.net
URL: https://d19m55ur8rme4m.cloudfront.net/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
sffe /
Resource Hash
9cddc4e1c7049c1e45ebb678a8a47bb3b67dfa86009c877de6a9e6da0cfae474
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.obsev.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 09:18:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
120556
x-xss-protection
0
last-modified
Tue, 21 Sep 2021 08:37:56 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 27 Sep 2021 09:18:46 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		169 B
139 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.obsev.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
40c936ed115d290ad392a23861042794164887d5e95778e1165e111de93d46a0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.obsev.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 27 Sep 2021 09:18:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
114
x-xss-protection
0
expires
Mon, 27 Sep 2021 09:18:46 GMT
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&ns__t=1632734326790&ns_c=UTF-8&cv=3.5&c8=Photos%20That%20Show%20a%20Side%20of%20History%20That%20You%20Didn%E2%80%99t%20Know%20-%20Obsev&c7=...
  • https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1632734326790&ns_c=UTF-8&cv=3.5&c8=Photos%20That%20Show%20a%20Side%20of%20History%20That%20You%20Didn%E2%80%99t%20Know%20-%20Obsev&c7...
64 B
328 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1632734326790&ns_c=UTF-8&cv=3.5&c8=Photos%20That%20Show%20a%20Side%20of%20History%20That%20You%20Didn%E2%80%99t%20Know%20-%20Obsev&c7=https%3A%2F%2Fwww.obsev.com%2Flife%2Fphotos-show-unusual-historical-events%2F%3Futm_source%3Dlit_456%26utm_medium%3Dpaid%26utm_campaign%3D07cc_ntd590_070_aa_lc_n_lc_dd_1_tnt_1%26utm_content%3D23848775733490200%26utm_term%3D07cc_ntd590_070_aa_lc_n_lc_dd_1_adset_1%26fbclid%3DIwAR3ivSL7fWMhwzGX&c9=
Requested by
Host: www.obsev.com
URL: https://www.obsev.com/life/photos-show-unusual-historical-events/?utm_source=lit_456&utm_medium=paid&utm_campaign=07cc_ntd590_070_aa_lc_n_lc_dd_1_tnt_1&utm_content=23848775733490200&utm_term=07cc_ntd590_070_aa_lc_n_lc_dd_1_adset_1&fbclid=IwAR3ivSL7fWMhwzGX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-101.fra2.r.cloudfront.net
Software
/
Resource Hash
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.obsev.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 09:18:46 GMT
via
1.1 83caebe1f817a31bd75ba17dff7ae1a6.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
etag
W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache
Miss from cloudfront
content-type
image/gif; charset=utf-8
content-length
64
x-amz-cf-id
DtQpbx3fzb6aBsHFhL40-x3zxQyRXnOoEeLemTEdpn5ac9hGfdcaYw==

Redirect headers

date
Mon, 27 Sep 2021 09:18:46 GMT
via
1.1 83caebe1f817a31bd75ba17dff7ae1a6.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
vary
Accept
x-cache
Miss from cloudfront
content-type
text/plain; charset=utf-8
location
https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1632734326790&ns_c=UTF-8&cv=3.5&c8=Photos%20That%20Show%20a%20Side%20of%20History%20That%20You%20Didn%E2%80%99t%20Know%20-%20Obsev&c7=https%3A%2F%2Fwww.obsev.com%2Flife%2Fphotos-show-unusual-historical-events%2F%3Futm_source%3Dlit_456%26utm_medium%3Dpaid%26utm_campaign%3D07cc_ntd590_070_aa_lc_n_lc_dd_1_tnt_1%26utm_content%3D23848775733490200%26utm_term%3D07cc_ntd590_070_aa_lc_n_lc_dd_1_adset_1%26fbclid%3DIwAR3ivSL7fWMhwzGX&c9=
content-length
516
x-amz-cf-id
uv-KZFMLVRckmGz171Mz2khwa9l_NVpf-xtfmrWMuJ431y6Z61rWnA==
/
www.facebook.com/tr/ 		44 B
313 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1216874878695665&ev=PageView&dl=https%3A%2F%2Fwww.obsev.com%2Flife%2Fphotos-show-unusual-historical-events%2F%3Futm_source%3Dlit_456%26utm_medium%3Dpaid%26utm_campaign%3D07cc_ntd590_070_aa_lc_n_lc_dd_1_tnt_1%26utm_content%3D23848775733490200%26utm_term%3D07cc_ntd590_070_aa_lc_n_lc_dd_1_adset_1%26fbclid%3DIwAR3ivSL7fWMhwzGX&rl=&if=false&ts=1632734326816&sw=1600&sh=1200&v=2.9.46&r=stable&ec=0&o=30&fbc=fb.1.1632734326815.IwAR3ivSL7fWMhwzGX&fbp=fb.1.1632734326816.2068822521&it=1632734326542&coo=false&exp=p0&rqm=GET
Requested by
Host: www.obsev.com
URL: https://www.obsev.com/life/photos-show-unusual-historical-events/?utm_source=lit_456&utm_medium=paid&utm_campaign=07cc_ntd590_070_aa_lc_n_lc_dd_1_tnt_1&utm_content=23848775733490200&utm_term=07cc_ntd590_070_aa_lc_n_lc_dd_1_adset_1&fbclid=IwAR3ivSL7fWMhwzGX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.236.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-frx5.facebook.com
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.obsev.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 09:18:46 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Mon, 27 Sep 2021 09:18:46 GMT
player.css
cds.connatix.com/p/130560/ 		53 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cds.connatix.com/p/130560/player.css
Requested by
Host: d19m55ur8rme4m.cloudfront.net
URL: https://d19m55ur8rme4m.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d7085b79344e220cb544d6b66abadb2fbf658ce9d70654a5406ac7e55691bc0f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.obsev.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 09:18:46 GMT
content-encoding
br
last-modified
Fri, 24 Sep 2021 14:14:50 GMT
age
240964
etag
"caa4f32b7315ec6a7e5ee2e4b1c6aff8"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
access-control-max-age
86400
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
content-length
8276
rules-p-SLxMaH0S8rqsR.js
rules.quantcount.com/ 		2 B
376 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-SLxMaH0S8rqsR.js
Requested by
Host: d19m55ur8rme4m.cloudfront.net
URL: https://d19m55ur8rme4m.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.193.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-193-122.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.obsev.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 09:07:16 GMT
via
1.1 0f538ee832e1105649039b38ce89e883.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
server
AmazonS3
age
689
x-edge-origin-shield-skipped
0
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
cross-origin-resource-policy
cross-origin
x-cache
Hit from cloudfront
access-control-allow-methods
GET
content-length
2
x-amz-cf-id
_bCHn2BrCCdOidWeIB79-v3n5nuYa34SW1Y0HaDk57lwjg_nRlitUA==
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/311288240/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/311288240/?random=1632734326930&cv=9&fst=1632734326930&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&eid=376635471&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9m0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.obsev.com%2Flife%2Fphotos-show-unusual-historical-events%2F%3Futm_source%3Dlit_456%26utm_medium%3Dpaid%26utm_campaign%3D07cc_ntd590_070_aa_lc_n_lc_dd_1_tnt_1%26utm_content%3D23848775733490200%26utm_term%3D07cc_ntd590_070_aa_lc_n_lc_dd_1_adset_1%26fbclid%3DIwAR3ivSL7fWMhwzGX&tiba=Photos%20That%20Show%20a%20Side%20of%20History%20That%20You%20Didn%E2%80%99t%20Know%20-%20Obsev&hn=www.googleadservices.com&us_privacy=error&async=1&rfmt=3&fmt=4
Requested by
Host: d19m55ur8rme4m.cloudfront.net
URL: https://d19m55ur8rme4m.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
e47f9908dc8b938c857feeffec68b3d53aeeb98bafec8a7710bb608430c67394
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.obsev.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 27 Sep 2021 09:18:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1220
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/311288447/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/311288447/?random=1632734326934&cv=9&fst=1632734326934&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9m0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.obsev.com%2Flife%2Fphotos-show-unusual-historical-events%2F%3Futm_source%3Dlit_456%26utm_medium%3Dpaid%26utm_campaign%3D07cc_ntd590_070_aa_lc_n_lc_dd_1_tnt_1%26utm_content%3D23848775733490200%26utm_term%3D07cc_ntd590_070_aa_lc_n_lc_dd_1_adset_1%26fbclid%3DIwAR3ivSL7fWMhwzGX&tiba=Photos%20That%20Show%20a%20Side%20of%20History%20That%20You%20Didn%E2%80%99t%20Know%20-%20Obsev&hn=www.googleadservices.com&us_privacy=error&async=1&rfmt=3&fmt=4
Requested by
Host: d19m55ur8rme4m.cloudfront.net
URL: https://d19m55ur8rme4m.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
bb2d184be3766003d1337dd69477c04f546537e16a9e4def50b0844e5bd8e0d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.obsev.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 27 Sep 2021 09:18:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1209
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cmp-list.json
test.quantcast.mgr.consensu.org/GVL-v2/ 		8 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://test.quantcast.mgr.consensu.org/GVL-v2/cmp-list.json
Requested by
Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=www.obsev.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-2.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0a5c20add80dfa892c8ce20c1185a664b9d9ba991c3b7281db96dab5178bfbf6

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.obsev.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 03:00:40 GMT
content-encoding
gzip
age
22687
x-amz-server-side-encryption
AES256
x-edge-origin-shield-skipped
0
access-control-max-age
86400
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Tue, 21 Sep 2021 19:52:29 GMT
server
AmazonS3
etag
W/"c9ca46e8bca386b00ae734ec7f36e72e"
vary
Accept-Encoding
access-control-allow-methods
GET
x-amz-version-id
53eMtdSFMejUNxoIEd.wWdAMwnfkg3aL
via
1.1 ccfe5851ecd4194e2d976fb32dec7539.cloudfront.net (CloudFront)
cache-control
max-age=172800
x-amz-cf-pop
FRA2-C2
content-type
application/json
x-amz-cf-id
JT_NOS-db3WgcirkmvsqJlKQ5t38aeKlnH83tUpmwOJUBVFlDoEAfA==
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j93&a=2015511233&t=pageview&_s=1&dl=https%3A%2F%2Fwww.obsev.com%2Flife%2Fphotos-show-unusual-historical-events%2F%3Futm_source%3Dlit_456%26utm_medium%3Dpaid%26utm_campaign%3D07cc_ntd590_070_aa_lc_n_lc_dd_1_tnt_1%26utm_content%3D23848775733490200%26utm_term%3D07cc_ntd590_070_aa_lc_n_lc_dd_1_adset_1%26fbclid%3DIwAR3ivSL7fWMhwzGX&ul=en-us&de=UTF-8&dt=Photos%20That%20Show%20a%20Side%20of%20History%20That%20You%20Didn%E2%80%99t%20Know%20-%20Obsev&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAUABAAAAAC~&jid=163084930&gjid=1765609776&cid=638220631.1632734327&tid=UA-67215840-2&_gid=1055286273.1632734327&_r=1&gtm=2ou9m0&z=2001220414
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.78 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.obsev.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 27 Sep 2021 09:18:46 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.obsev.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
pls
capi.connatix.com/core/ Frame EC95 		5 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/core/pls?v=130560
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.116.58.214 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-116-58-214.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
09b6992f671ef5e0bafe4085dcca479e60c63718101f6dbe40c74bf0a5c0b1de

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
multipart/form-data

Response headers

Date
Mon, 27 Sep 2021 09:18:47 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
multipart/form-data
Access-Control-Allow-Origin
https://www.obsev.com
transfer-encoding
chunked
Connection
keep-alive
Access-Control-Allow-Credentials
true
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.186.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-186-4.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.obsev.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id
S8kNCKkikutwvs4V44q0sFuZ4JNc9Ate
content-encoding
gzip
etag
W/"a4d296427fc806b21335359e398c025c"
age
81417
x-edge-origin-shield-skipped
0
access-control-max-age
3000
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Tue, 07 Sep 2021 22:15:56 GMT
server
AmazonS3
date
Sun, 26 Sep 2021 10:41:51 GMT
vary
Origin
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 8f20db43ba7579b7216cf908572d5054.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
0qUyvv-rr0IBgNUI6iwAk1vedOexpoxnLbwE62yqF84Jf9Hn1RRcZg==
show_companion_ad.js
pagead2.googlesyndication.com/pagead/ 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_companion_ad.js
Requested by
Host: d19m55ur8rme4m.cloudfront.net
URL: https://d19m55ur8rme4m.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
986dd30240c5c391020459db60212c4d9df2d2eec66a1c065f76f89e85b17c87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.obsev.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 08:52:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1606
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6277
x-xss-protection
0
server
cafe
etag
15175151693415529340
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
timing-allow-origin
*
expires
Mon, 27 Sep 2021 09:52:01 GMT
pixel
analytics.tiktok.com/api/v2/ 		0
711 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C4TTEAH6H18A0MH1QGGG&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.145 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-145.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.obsev.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
785274b7.bde0e1d5
date
Mon, 27 Sep 2021 09:18:47 GMT
x-cache-remote
TCP_MISS from a23-200-218-71.deploy.akamaitechnologies.com (AkamaiGHost/10.4.4-34529956) (-)
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a2-16-186-141.deploy.akamaitechnologies.com (AkamaiGHost/10.4.4-34529956) (-)
x-parent-response-time
168,2.16.186.141
server-timing
cdn-cache; desc=MISS, edge; dur=155, origin; dur=13, inner; dur=9
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
202109270918470102452480432265DBB5
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
13,23.200.218.71
x-tt-trace-host
019aa59d138511745a73f39333dd0d78a09ad7aacb6cbbb5cea1241180787b160aabdf199092934a19685493176a8cff83b79c17dfd64789708e15d8312c7616338f928e1b2af1be2ee0105cb2e1f9c1d6217010bf34a198901138710ba2cc748973aefc057ff89dbbfb8635faccb1661d
expires
Mon, 27 Sep 2021 09:18:47 GMT
vendor-list.json
quantcast.mgr.consensu.org/GVL-v2/ 		287 KB
37 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://quantcast.mgr.consensu.org/GVL-v2/vendor-list.json
Requested by
Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=www.obsev.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-27.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8bd8b4ab751d7e1cf0a74d1813c61e932f283210339e7fe479ba95a4bb5d9a16

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.obsev.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 03:00:38 GMT
content-encoding
gzip
vary
Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
age
22690
x-amz-server-side-encryption
AES256
x-edge-origin-shield-skipped
0
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Mon, 27 Sep 2021 03:00:31 GMT
server
AmazonS3
etag
W/"dccf112bc5d2e3e28d1ec13b6c87167e"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/json
via
1.1 e5b93012e2bfb81dc9846f43efd610a6.cloudfront.net (CloudFront)
cache-control
max-age=172800
access-control-allow-credentials
true
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
3s1RhOUd4tSBF0b31lVaCCiBcscd-bUCzV4r9fo7Kx6RzTFYpojBbw==
/
www.google.com/pagead/1p-user-list/311288240/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/311288240/?random=1632734326930&cv=9&fst=1632733200000&num=1&bg=ffffff&guid=ON&eid=376635471&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9m0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.obsev.com%2Flife%2Fphotos-show-unusual-historical-events%2F%3Futm_source%3Dlit_456%26utm_medium%3Dpaid%26utm_campaign%3D07cc_ntd590_070_aa_lc_n_lc_dd_1_tnt_1%26utm_content%3D23848775733490200%26utm_term%3D07cc_ntd590_070_aa_lc_n_lc_dd_1_adset_1%26fbclid%3DIwAR3ivSL7fWMhwzGX&tiba=Photos%20That%20Show%20a%20Side%20of%20History%20That%20You%20Didn%E2%80%99t%20Know%20-%20Obsev&async=1&fmt=3&is_vtc=1&random=1817896515&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: www.obsev.com
URL: https://www.obsev.com/life/photos-show-unusual-historical-events/?utm_source=lit_456&utm_medium=paid&utm_campaign=07cc_ntd590_070_aa_lc_n_lc_dd_1_tnt_1&utm_content=23848775733490200&utm_term=07cc_ntd590_070_aa_lc_n_lc_dd_1_adset_1&fbclid=IwAR3ivSL7fWMhwzGX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.68 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.obsev.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 27 Sep 2021 09:18:47 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/311288447/ 		42 B
569 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/311288447/?random=1632734326934&cv=9&fst=1632733200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9m0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.obsev.com%2Flife%2Fphotos-show-unusual-historical-events%2F%3Futm_source%3Dlit_456%26utm_medium%3Dpaid%26utm_campaign%3D07cc_ntd590_070_aa_lc_n_lc_dd_1_tnt_1%26utm_content%3D23848775733490200%26utm_term%3D07cc_ntd590_070_aa_lc_n_lc_dd_1_adset_1%26fbclid%3DIwAR3ivSL7fWMhwzGX&tiba=Photos%20That%20Show%20a%20Side%20of%20History%20That%20You%20Didn%E2%80%99t%20Know%20-%20Obsev&async=1&fmt=3&is_vtc=1&random=2728683616&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: www.obsev.com
URL: https://www.obsev.com/life/photos-show-unusual-historical-events/?utm_source=lit_456&utm_medium=paid&utm_campaign=07cc_ntd590_070_aa_lc_n_lc_dd_1_tnt_1&utm_content=23848775733490200&utm_term=07cc_ntd590_070_aa_lc_n_lc_dd_1_adset_1&fbclid=IwAR3ivSL7fWMhwzGX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.68 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.obsev.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 27 Sep 2021 09:18:47 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
shandymedia
shandymedia.technoratimedia.com/openrtb/bids/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://shandymedia.technoratimedia.com/openrtb/bids/shandymedia?src=prebid_prebid_4.43.4
Protocol
H2
Server
193.122.128.135 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.obsev.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Mon, 27 Sep 2021 09:18:47 GMT
access-control-allow-headers
content-type
access-control-allow-origin
https://www.obsev.com
access-control-allow-credentials
true
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
1067616107
age
0
via
1.1 varnish
mvo
tag.1rx.io/rmp/237962/0/ 		0
169 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.1rx.io/rmp/237962/0/mvo?z=1r&hbv=4.43.4,2.1
Requested by
Host: 506.hostedprebid.com
URL: https://506.hostedprebid.com/8L6B/Axf3_K67O_jS5l_GgFd_U2ui/jita.js?dfp=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.obsev.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.obsev.com
pragma
no-cache
date
Mon, 27 Sep 2021 09:18:47 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
Tengine
hb
brightcombid.marphezis.com/ 		0
113 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://brightcombid.marphezis.com/hb
Requested by
Host: 506.hostedprebid.com
URL: https://506.hostedprebid.com/8L6B/Axf3_K67O_jS5l_GgFd_U2ui/jita.js?dfp=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.239.203.97 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-239-203-97.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.obsev.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.obsev.com
date
Mon, 27 Sep 2021 09:18:47 GMT
access-control-allow-credentials
true
server
nginx
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
112 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1
Requested by
Host: 506.hostedprebid.com
URL: https://506.hostedprebid.com/8L6B/Axf3_K67O_jS5l_GgFd_U2ui/jita.js?dfp=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.122.57.214 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-122-57-214.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.obsev.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.obsev.com
date
Mon, 27 Sep 2021 09:18:47 GMT
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
112 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1
Requested by
Host: 506.hostedprebid.com
URL: https://506.hostedprebid.com/8L6B/Axf3_K67O_jS5l_GgFd_U2ui/jita.js?dfp=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.122.57.214 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-122-57-214.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.obsev.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.obsev.com
date
Mon, 27 Sep 2021 09:18:47 GMT
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
112 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1
Requested by
Host: 506.hostedprebid.com
URL: https://506.hostedprebid.com/8L6B/Axf3_K67O_jS5l_GgFd_U2ui/jita.js?dfp=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.122.57.214 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-122-57-214.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.obsev.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.obsev.com
date
Mon, 27 Sep 2021 09:18:47 GMT
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
113 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1
Requested by
Host: 506.hostedprebid.com
URL: https://506.hostedprebid.com/8L6B/Axf3_K67O_jS5l_GgFd_U2ui/jita.js?dfp=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.122.57.214 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-122-57-214.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.obsev.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.obsev.com
date
Mon, 27 Sep 2021 09:18:47 GMT
access-control-allow-credentials
true
vary
Origin
v1
dmx.districtm.io/b/ 		0
283 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/b/v1
Requested by
Host: 506.hostedprebid.com
URL: https://506.hostedprebid.com/8L6B/Axf3_K67O_jS5l_GgFd_U2ui/jita.js?dfp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.obsev.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 27 Sep 2021 09:18:47 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD, POST, OPTIONS
access-control-allow-origin
https://www.obsev.com
access-control-allow-credentials
true
cf-ray
6953a5883bd44a98-FRA
access-control-allow-headers
Content-Type, Origin
aardvark
bidder.rtk.io/8L6B/jS5l_K67O_GgFd_U2ui/ 		0
329 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.rtk.io/8L6B/jS5l_K67O_GgFd_U2ui/aardvark?version=1&jsonp=false&rtkreferer=https%3A%2F%2Fwww.obsev.com%2Flife%2Fphotos-show-unusual-historical-events%2F%3Futm_source%3Dlit_456%26utm_medium%3Dpaid%26utm_campaign%3D07cc_ntd590_070_aa_lc_n_lc_dd_1_tnt_1%26utm_content%3D23848775733490200%26utm_term%3D07cc_ntd590_070_aa_lc_n_lc_dd_1_adset_1%26fbclid%3DIwAR3ivSL7fWMhwzGX&w=1600&h=1200&us_privacy=1---&jS5l=22fae95cfe1755b&K67O=2321aba42a34e2f&GgFd=2454be251ff960c&U2ui=25385c949a925e6
Requested by
Host: 506.hostedprebid.com
URL: https://506.hostedprebid.com/8L6B/Axf3_K67O_jS5l_GgFd_U2ui/jita.js?dfp=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
147.75.64.214 Parsippany, United States, ASN54825 (PACKET, US),
Reverse DNS
adstorm-pk-nj-101
Software
RTK AdStorm/1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.obsev.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 27 Sep 2021 09:18:47 GMT
server
RTK AdStorm/1.1
access-control-allow-methods
GET
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.obsev.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Access-Control-Allow-Headers, Authorization, X-Requested-With, Access-Control-Allow-Origin
content-length
0
expires
0
prebid
ib.adnxs.com/ut/v3/ 		38 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: 506.hostedprebid.com
URL: https://506.hostedprebid.com/8L6B/Axf3_K67O_jS5l_GgFd_U2ui/jita.js?dfp=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.89 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
aa527219f15dec6be84fd36445705f3f024fcdf0057fc6d1894160a5caf939fe
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.obsev.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 27 Sep 2021 09:18:47 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
216.131.114.223; 216.131.114.223; 719.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
cb55c8db-3b38-4e7b-ad2d-ea8d3d76ae76
Server
nginx/1.17.9
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.obsev.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
hb
hb.undertone.com/ 		0
447 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.undertone.com/hb?pid=3822&domain=obsev.com&ccpa=1---
Requested by
Host: 506.hostedprebid.com
URL: https://506.hostedprebid.com/8L6B/Axf3_K67O_jS5l_GgFd_U2ui/jita.js?dfp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.193.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-193-34.fra2.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.obsev.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 27 Sep 2021 09:18:46 GMT
via
1.1 69f13f852a135432abb1b7bfc5a8b421.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
FRA2-C1
x-cache
Miss from cloudfront
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSDo OUR BUS UNI COM NAV"
access-control-allow-origin
https://www.obsev.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
x-amz-cf-id
bs3sZT58YMsLuYOznNpLR0ZS917OjOyHRKm4zE4x_75e0Js33GR6Zg==
expires
Mon, 26 Jul 1997 05:00:00 GMT
translator
hbopenbid.pubmatic.com/ 		0
115 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: 506.hostedprebid.com
URL: https://506.hostedprebid.com/8L6B/Axf3_K67O_jS5l_GgFd_U2ui/jita.js?dfp=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.obsev.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.obsev.com
date
Mon, 27 Sep 2021 09:18:47 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
arj
obsev-d.openx.net/w/1.0/ 		190 B
573 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://obsev-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.obsev.com%2Flife%2Fphotos-show-unusual-historical-events%2F%3Futm_source%3Dlit_456%26utm_medium%3Dpaid%26utm_campaign%3D07cc_ntd590_070_aa_lc_n_lc_dd_1_tnt_1%26utm_content%3D23848775733490200%26utm_term%3D07cc_ntd590_070_aa_lc_n_lc_dd_1_adset_1%26fbclid%3DIwAR3ivSL7fWMhwzGX&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=80c2dfdb-32ad-41f0-affb-d1dd89710752%2Cfdbd0398-4a32-4488-9758-0e6407e93bfc%2C153378bb-4ff6-4dfb-ac19-03bd0b930c92&nocache=1632734327038&us_privacy=1---&pubcid=8aca9fa9-58c5-40ee-8100-c74d3ac027b4&aus=300x250%7C300x250%7C300x600%2C336x280%2C300x1050&divids=RTK_jS5l%2CRTK_K67O%2CRTK_GgFd&aucs=%2C%2C&auid=540167184%2C540167171%2C540167168
Requested by
Host: 506.hostedprebid.com
URL: https://506.hostedprebid.com/8L6B/Axf3_K67O_jS5l_GgFd_U2ui/jita.js?dfp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.216.3 /
Resource Hash
a6b8768ff9246e7c6c313e9a4cfcfaefeb291e59e507d72cf2f83f597cb0c5d3

Request headers

Referer
https://www.obsev.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 27 Sep 2021 09:18:47 GMT
content-encoding
gzip
server
OXGW/16.216.3
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.obsev.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
178
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
cygnus
htlb.casalemedia.com/ 		25 B
373 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=271445&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2244382076953ac99%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.obsev.com%2Flife%2Fphotos-show-unusual-historical-events%2F%3Futm_source%3Dlit_456%26utm_medium%3Dpaid%26utm_campaign%3D07cc_ntd590_070_aa_lc_n_lc_dd_1_tnt_1%26utm_content%3D23848775733490200%26utm_term%3D07cc_ntd590_070_aa_lc_n_lc_dd_1_adset_1%26fbclid%3DIwAR3ivSL7fWMhwzGX%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A4%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A4%2C%22ren%22%3Afalse%2C%22version%22%3A%224.43.4%22%2C%22userIds%22%3A%5B%22pubcid%22%5D%2C%22msd%22%3A2%2C%22msi%22%3A2%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22us_privacy%22%3A%221---%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2245282ad5f6010e7%22%2C%22ext%22%3A%7B%22siteID%22%3A%22271445%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22468ec3893d9244a%22%2C%22ext%22%3A%7B%22siteID%22%3A%22271450%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2247d89a7cfce6e6c%22%2C%22ext%22%3A%7B%22siteID%22%3A%22271447%22%2C%22sid%22%3A%22300x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22481b39369ac1d08%22%2C%22ext%22%3A%7B%22siteID%22%3A%22292743%22%2C%22sid%22%3A%22160x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A160%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2247d89a7cfce6e6c%22%2C%22ext%22%3A%7B%22siteID%22%3A%22271447%22%2C%22sid%22%3A%22336x280%22%7D%2C%22banner%22%3A%7B%22w%22%3A336%2C%22h%22%3A280%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2247d89a7cfce6e6c%22%2C%22ext%22%3A%7B%22siteID%22%3A%22271447%22%2C%22sid%22%3A%22300x1050%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A1050%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by
Host: 506.hostedprebid.com
URL: https://506.hostedprebid.com/8L6B/Axf3_K67O_jS5l_GgFd_U2ui/jita.js?dfp=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.37.38.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-38-181.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d16d0537b527af64b31464c4d824364c6c4766fe8c302a7c56829963c4a18f60

Request headers

Referer
https://www.obsev.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 27 Sep 2021 09:18:47 GMT
content-encoding
gzip
x-ak-initial-geo
CC:[DE], RC:[HE], CN:[EU], CIP:[216.131.114.223], XFF:[]
server
Apache
vary
Is-Traffic-Invalid,Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.obsev.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
45
x-ak-client-geo
12
expires
Mon, 27 Sep 2021 09:18:47 GMT
bid
ap.lijit.com/rtb/ 		94 B
759 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_4.43.4
Requested by
Host: 506.hostedprebid.com
URL: https://506.hostedprebid.com/8L6B/Axf3_K67O_jS5l_GgFd_U2ui/jita.js?dfp=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.39 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
nginx /
Resource Hash
1f33e8bf57ec624875971f1221522df2e4f9ac90a3c1e7faab1c334b1604f73c

Request headers

Referer
https://www.obsev.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 27 Sep 2021 09:18:47 GMT
Content-Encoding
gzip
Server
nginx
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.obsev.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap7ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
99
bid-request
a.teads.tv/hb/ 		16 B
247 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: 506.hostedprebid.com
URL: https://506.hostedprebid.com/8L6B/Axf3_K67O_jS5l_GgFd_U2ui/jita.js?dfp=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.232.7 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-7.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://www.obsev.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 27 Sep 2021 09:18:47 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.obsev.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Mon, 27 Sep 2021 09:18:47 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		594 B
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=19228&site_id=216254&zone_id=1066394%3B1066332%3B1066326%3B1066396&size_id=15%3B15%3B10%3B9&alt_size_ids=%3B%3B16%2C54%3B&us_privacy=1---&eid_pubcid.org=8aca9fa9-58c5-40ee-8100-c74d3ac027b4%5E1&rf=https%3A%2F%2Fwww.obsev.com%2Flife%2Fphotos-show-unusual-historical-events%2F%3Futm_source%3Dlit_456%26utm_medium%3Dpaid%26utm_campaign%3D07cc_ntd590_070_aa_lc_n_lc_dd_1_tnt_1%26utm_content%3D23848775733490200%26utm_term%3D07cc_ntd590_070_aa_lc_n_lc_dd_1_adset_1%26fbclid%3DIwAR3ivSL7fWMhwzGX&tk_flint=pbjs_lite_v4.43.4&x_source.tid=80c2dfdb-32ad-41f0-affb-d1dd89710752%3Bfdbd0398-4a32-4488-9758-0e6407e93bfc%3B153378bb-4ff6-4dfb-ac19-03bd0b930c92%3B42c924c5-a956-4185-91ed-691669a1807b&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=4&rand=0.46550542860108757
Requested by
Host: 506.hostedprebid.com
URL: https://506.hostedprebid.com/8L6B/Axf3_K67O_jS5l_GgFd_U2ui/jita.js?dfp=1
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.143 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
f3379632123e5d19fc951e6e23e4314e8031d9e944cade192134f900cbc316b9

Request headers

Referer
https://www.obsev.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 27 Sep 2021 09:18:47 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.obsev.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
594
Expires
Wed, 17 Sep 1975 21:32:10 GMT
c
prebid.a-mo.net/a/ 		0
169 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: 506.hostedprebid.com
URL: https://506.hostedprebid.com/8L6B/Axf3_K67O_jS5l_GgFd_U2ui/jita.js?dfp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.obsev.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

x-nbr
1
date
Mon, 27 Sep 2021 09:18:46 GMT
server
envoy
vary
origin, Accept-Encoding
access-control-allow-origin
https://www.obsev.com
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
shandymedia
shandymedia.technoratimedia.com/openrtb/bids/ 		0
293 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://shandymedia.technoratimedia.com/openrtb/bids/shandymedia?src=prebid_prebid_4.43.4
Requested by
Host: 506.hostedprebid.com
URL: https://506.hostedprebid.com/8L6B/Axf3_K67O_jS5l_GgFd_U2ui/jita.js?dfp=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
193.122.128.135 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.obsev.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 27 Sep 2021 09:18:47 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
1057328416
access-control-allow-origin
https://www.obsev.com
access-control-allow-credentials
true
auction
tlx.3lift.com/header/ 		19 B
263 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=4.43.4&referrer=https%3A%2F%2Fwww.obsev.com%2Flife%2Fphotos-show-unusual-historical-events%2F%3Futm_source%3Dlit_456%26utm_medium%3Dpaid%26utm_campaign%3D07cc_ntd590_070_aa_lc_n_lc_dd_1_tnt_1%26utm_content%3D23848775733490200%26utm_term%3D07cc_ntd590_070_aa_lc_n_lc_dd_1_adset_1%26fbclid%3DIwAR3ivSL7fWMhwzGX&tmax=2500&us_privacy=1---
Requested by
Host: 506.hostedprebid.com
URL: https://506.hostedprebid.com/8L6B/Axf3_K67O_jS5l_GgFd_U2ui/jita.js?dfp=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.185.169.108 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-185-169-108.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.obsev.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 27 Sep 2021 09:18:47 GMT
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.obsev.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
hb
ssc.33across.com/api/v1/ 		66 B
149 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=anEIgw7emr6ykqaKkGJozW
Requested by
Host: 506.hostedprebid.com
URL: https://506.hostedprebid.com/8L6B/Axf3_K67O_jS5l_GgFd_U2ui/jita.js?dfp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
b652663d7e2cbcb7a33982374d229aca5bb087924b10cf3a3e3b5b5eadd428a1

Request headers

Referer
https://www.obsev.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 27 Sep 2021 09:18:47 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.obsev.com
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
hb
ssc.33across.com/api/v1/ 		66 B
158 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=c_qS1a7eOr6ykqaKkGJozW
Requested by
Host: 506.hostedprebid.com
URL: https://506.hostedprebid.com/8L6B/Axf3_K67O_jS5l_GgFd_U2ui/jita.js?dfp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
50744d037f1ccf7f0436a80eed18aa292d868d596e39e83da696b1d4f917b17c

Request headers

Referer
https://www.obsev.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 27 Sep 2021 09:18:47 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.obsev.com
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
hb
ssc.33across.com/api/v1/ 		66 B
158 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=d808Gu7emr6ykqaKkGJozW
Requested by
Host: 506.hostedprebid.com
URL: https://506.hostedprebid.com/8L6B/Axf3_K67O_jS5l_GgFd_U2ui/jita.js?dfp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
db18d6df34f62c13a2fbda844f89600b7c67bb41883d106e599419958b6edf3f

Request headers

Referer
https://www.obsev.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 27 Sep 2021 09:18:47 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.obsev.com
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
hb
ssc.33across.com/api/v1/ 		66 B
297 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=cN-KiO7e0r6yoPaKlId8sQ
Requested by
Host: 506.hostedprebid.com
URL: https://506.hostedprebid.com/8L6B/Axf3_K67O_jS5l_GgFd_U2ui/jita.js?dfp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
629523460aa77e8a60024143fd3d74380bb095c900a364e4071a1ef8eb7eafac

Request headers

Referer
https://www.obsev.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 27 Sep 2021 09:18:47 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.obsev.com
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
prebid
ib.adnxs.com/ut/v3/ 		484 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: 506.hostedprebid.com
URL: https://506.hostedprebid.com/8L6B/Axf3_K67O_jS5l_GgFd_U2ui/jita.js?dfp=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.89 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
7b5ebe0b15e73b5df06f15cb49948c37982f42d5c73b18244b5c2c5b5c4a7d37
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.obsev.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 27 Sep 2021 09:18:47 GMT
X-Proxy-Origin
216.131.114.223; 216.131.114.223; 719.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
e25a0998-8690-4b0b-bbf8-611e223b6e42
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.obsev.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
484
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
473 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96954f01747430358b31ecfff00212&pos=ob_desktop_med_bottom_standard_2&cmd=bid&secure=1&us_privacy=1---
Requested by
Host: 506.hostedprebid.com
URL: https://506.hostedprebid.com/8L6B/Axf3_K67O_jS5l_GgFd_U2ui/jita.js?dfp=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/7.1.2.138 /
Resource Hash
69869d96334edee922f659a34f8906b1976133d24a1f9f5871e10ef7dc04211b

Request headers

Referer
https://www.obsev.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 27 Sep 2021 09:18:47 GMT
Server
ATS/7.1.2.138
Age
0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST,GET,HEAD,OPTIONS
Content-Type
application/json;charset=utf-8
Access-Control-Allow-Origin
https://www.obsev.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
473 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96954f01747430358b31ecfff00212&pos=ob_desktop_med_middle_standard&cmd=bid&secure=1&us_privacy=1---
Requested by
Host: 506.hostedprebid.com
URL: https://506.hostedprebid.com/8L6B/Axf3_K67O_jS5l_GgFd_U2ui/jita.js?dfp=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/7.1.2.138 /
Resource Hash
c86d9a44addeaf3b88ab7994b137595d383e7b67533aa28f4ac2466dc5b0d2fe

Request headers

Referer
https://www.obsev.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 27 Sep 2021 09:18:47 GMT
Server
ATS/7.1.2.138
Age
0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST,GET,HEAD,OPTIONS
Content-Type
application/json;charset=utf-8
Access-Control-Allow-Origin
https://www.obsev.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
473 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96954f01747430358b31ecfff00212&pos=ob_desktop_med_top_ultra&cmd=bid&secure=1&us_privacy=1---
Requested by
Host: 506.hostedprebid.com
URL: https://506.hostedprebid.com/8L6B/Axf3_K67O_jS5l_GgFd_U2ui/jita.js?dfp=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/7.1.2.138 /
Resource Hash
d662bcf2f9cf2672af42ee2786dfeca7ca057922b0d8c366673933e32f7bed2b

Request headers

Referer
https://www.obsev.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 27 Sep 2021 09:18:47 GMT
Server
ATS/7.1.2.138
Age
0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST,GET,HEAD,OPTIONS
Content-Type
application/json;charset=utf-8
Access-Control-Allow-Origin
https://www.obsev.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
473 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96954f01747430358b31ecfff00212&pos=ob_desktop_sky_top_standard&cmd=bid&secure=1&us_privacy=1---
Requested by
Host: 506.hostedprebid.com
URL: https://506.hostedprebid.com/8L6B/Axf3_K67O_jS5l_GgFd_U2ui/jita.js?dfp=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/7.1.2.138 /
Resource Hash
9b81ef31ea16f71c5d490714a0a01f932c25cd9d21803e64e74e1b46aa23886f

Request headers

Referer
https://www.obsev.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 27 Sep 2021 09:18:47 GMT
Server
ATS/7.1.2.138
Age
0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST,GET,HEAD,OPTIONS
Content-Type
application/json;charset=utf-8
Access-Control-Allow-Origin
https://www.obsev.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
62
prebid
ads.yieldmo.com/exchange/ 		0
224 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/exchange/prebid?pbav=4.43.4&p=%5B%7B%22placement_id%22%3A%22RTK_jS5l%22%2C%22callback_id%22%3A%22941fbcd827c987e%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%5D%2C%22ym_placement_id%22%3A%222556582347667349967%22%7D%2C%7B%22placement_id%22%3A%22RTK_K67O%22%2C%22callback_id%22%3A%2295e318973a5d173%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%5D%2C%22ym_placement_id%22%3A%222556582348799812055%22%7D%2C%7B%22placement_id%22%3A%22RTK_GgFd%22%2C%22callback_id%22%3A%2296e81ff629778eb%22%2C%22sizes%22%3A%5B%5B300%2C600%5D%2C%5B336%2C280%5D%2C%5B300%2C1050%5D%5D%2C%22ym_placement_id%22%3A%222556582348111946194%22%7D%2C%7B%22placement_id%22%3A%22RTK_U2ui%22%2C%22callback_id%22%3A%22970e6d7c0ad4314%22%2C%22sizes%22%3A%5B%5B160%2C600%5D%5D%2C%22ym_placement_id%22%3A%222556582350343315938%22%7D%5D&page_url=https%3A%2F%2Fwww.obsev.com%2Flife%2Fphotos-show-unusual-historical-events%2F%3Futm_source%3Dlit_456%26utm_medium%3Dpaid%26utm_campaign%3D07cc_ntd590_070_aa_lc_n_lc_dd_1_tnt_1%26utm_content%3D23848775733490200%26utm_term%3D07cc_ntd590_070_aa_lc_n_lc_dd_1_adset_1%26fbclid%3DIwAR3ivSL7fWMhwzGX&bust=1632734327051&pr=&scrd=1&dnt=false&description=&title=Photos%20That%20Show%20a%20Side%20of%20History%20That%20You%20Didn%E2%80%99t%20Know%20-%20Obsev&w=1600&h=1200&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%7D&us_privacy=1---&pubcid=8aca9fa9-58c5-40ee-8100-c74d3ac027b4
Requested by
Host: 506.hostedprebid.com
URL: https://506.hostedprebid.com/8L6B/Axf3_K67O_jS5l_GgFd_U2ui/jita.js?dfp=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.194.126.20 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-126-20.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.obsev.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.obsev.com
pragma
no-cache
date
Mon, 27 Sep 2021 09:18:47 GMT
access-control-allow-credentials
true
x-robots-tag
none,NOINDEX,NOFOLLOW
access-control-allow-methods
POST, GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
cmp2ui-en.js
quantcast.mgr.consensu.org/tcfv2/34/ 		219 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://quantcast.mgr.consensu.org/tcfv2/34/cmp2ui-en.js
Requested by
Host: d19m55ur8rme4m.cloudfront.net
URL: https://d19m55ur8rme4m.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-27.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e95015e979a80102c2ca35fd0d302a3d72fe378e46babe201e2219d41fab8658

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.obsev.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 20:40:55 GMT
content-encoding
br
age
45473
x-amz-server-side-encryption
AES256
x-edge-origin-shield-skipped
0
access-control-max-age
86400
cross-origin-resource-policy
cross-origin
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Thu, 02 Sep 2021 17:09:08 GMT
server
AmazonS3
etag
W/"e77784835dce13809b52939bdf8047be"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
text/javascript;charset=UTF-8
via
1.1 21a3da42c823b5a4a2d9c4c63248bbd6.cloudfront.net (CloudFront)
cache-control
max-age=172800
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
--KmSo2sXH3PdIoxacKziArZyuL0KTG3NVoIt3-M5rmQQfgfgwOT0g==
/
audit-tcfv2.quantcast.mgr.consensu.org/ 		80 B
529 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://audit-tcfv2.quantcast.mgr.consensu.org/?log=%7B%22accountId%22%3A%22SLxMaH0S8rqsR%22%2C%22domain%22%3A%22www.obsev.com%22%2C%22publisher%22%3A%22Obsev%22%2C%22cmpId%22%3A10%2C%22cmpVersion%22%3A%222.34%22%2C%22displayType%22%3A%22tcfui%3Amandatory%22%2C%22configurationHashCode%22%3A%220H5lb5opbMKTOn3kb2FwjA%22%2C%22clientTimestamp%22%3A1632734327123%2C%22operationType%22%3A%22init%22%2C%22sessionId%22%3A%22GDPR-nvr02u8s87pq2x644k7x%22%7D
Requested by
Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/34/cmp2ui-en.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.193.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-193-34.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2d0f6b590917e7d27ddeb026b280d62dde9d03bb92f47f56342fc5f68f0c24eb

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.obsev.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 04:55:58 GMT
via
1.1 9568a708c8ab21597698ebe7dce6c42e.cloudfront.net (CloudFront)
age
16476
x-amz-server-side-encryption
AES256
x-edge-origin-shield-skipped
0
access-control-max-age
3000
x-cache
Hit from cloudfront
content-length
80
last-modified
Tue, 26 Nov 2019 14:21:44 GMT
server
AmazonS3
etag
"0614149d8033903db5de46d6c184bbfd"
vary
Origin
access-control-allow-methods
GET
content-type
text/html
access-control-allow-origin
*
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
x-amz-cf-id
RqJ1E83ay3a7yiueGFdQ2FVo4lDVozKSAyTDgNjA7Of8-RXOFUWS-A==
pixel
bid.g.doubleclick.net/xbbe/ Frame 95B6 		0
705 B 		Document
General
Check archive.org
Download Go to
Full URL
https://bid.g.doubleclick.net/xbbe/pixel?d=KAE
Requested by
Host: d19m55ur8rme4m.cloudfront.net
URL: https://d19m55ur8rme4m.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.167.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wl-in-f156.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
bid.g.doubleclick.net
:scheme
https
:path
/xbbe/pixel?d=KAE
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.obsev.com/
accept-encoding
gzip, deflate, br
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.obsev.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Mon, 27 Sep 2021 09:18:47 GMT
server
cafe
content-length
0
x-xss-protection
0
set-cookie
test_cookie=; domain=.doubleclick.net; path=/; expires=Fri, 01-Aug-2008 22:45:55 GMT; SameSite=none; Secure IDE=AHWqTUk8erooNqh1OdJBT3Fd3Fvj6k_l3XIrMuxwxMJqIl9-I51V6fuXJnDBdw9L; expires=Wed, 27-Sep-2023 09:18:47 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Mon, 27 Sep 2021 09:18:47 GMT
cache-control
private
v2xuhKzfmeWPRtQdA_Vy2Y7OeF4E6Ja8n9BTt_M0tvMCrlKVqCTW9ajubIoQFW1c56rkSzhQx
overconfidentfood.com/ 		216 B
612 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://overconfidentfood.com/v2xuhKzfmeWPRtQdA_Vy2Y7OeF4E6Ja8n9BTt_M0tvMCrlKVqCTW9ajubIoQFW1c56rkSzhQx
Requested by
Host: d19m55ur8rme4m.cloudfront.net
URL: https://d19m55ur8rme4m.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.96.133 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
133.96.201.35.bc.googleusercontent.com
Software
/
Resource Hash
772171e7667d71ea4008a0e1bf966952d10ad40131dd47ddba48efd8f55de039
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://www.obsev.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
x-datacenter
gce-europe-west1
date
Mon, 27 Sep 2021 09:18:47 GMT
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.obsev.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-hostname
a26589ac
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
content-length
216
expires
Mon, 27 Sep 2021 09:18:46 GMT
rum
www.obsev.com/cdn-cgi/ 		0
201 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.obsev.com/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.132.158 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-fetch-mode
cors
origin
https://www.obsev.com
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
sec-fetch-dest
empty
cookie
rtk_session=eyJyZXZlbnVlIjowLCJ0cmlnZ2VyZWRSUFNSdWxlcyI6W10sInNpZCI6IjZmNzA0NTY2LWExZWMtNGI3NC05MDFjLTk0YjE4YmU5Nzc2YyIsInN0YXJ0ZWRBdCI6MTYzMjczNDMyNiwibGFzdFNlZW4iOjE2MzI3MzQzMjZ9; _gcl_au=1.1.876823288.1632734327; _fbc=fb.1.1632734326815.IwAR3ivSL7fWMhwzGX; _fbp=fb.1.1632734326816.2068822521; _ga=GA1.2.638220631.1632734327; _gid=GA1.2.1055286273.1632734327; _gat_gtag_UA_67215840_2=1; _pbjs_userid_consent_data=3524755945110770; _pubcid=8aca9fa9-58c5-40ee-8100-c74d3ac027b4
content-length
1599
:path
/cdn-cgi/rum?
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type
application/json
accept
*/*
cache-control
no-cache
:authority
www.obsev.com
referer
https://www.obsev.com/life/photos-show-unusual-historical-events/?utm_source=lit_456&utm_medium=paid&utm_campaign=07cc_ntd590_070_aa_lc_n_lc_dd_1_tnt_1&utm_content=23848775733490200&utm_term=07cc_ntd590_070_aa_lc_n_lc_dd_1_adset_1&fbclid=IwAR3ivSL7fWMhwzGX
:scheme
https
sec-fetch-site
same-origin
:method
POST
Referer
https://www.obsev.com/life/photos-show-unusual-historical-events/?utm_source=lit_456&utm_medium=paid&utm_campaign=07cc_ntd590_070_aa_lc_n_lc_dd_1_tnt_1&utm_content=23848775733490200&utm_term=07cc_ntd590_070_aa_lc_n_lc_dd_1_adset_1&fbclid=IwAR3ivSL7fWMhwzGX
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type
application/json

Response headers

date
Mon, 27 Sep 2021 09:18:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cloudflare
x-frame-options
DENY
access-control-allow-methods
POST,OPTIONS
content-type
text/plain
access-control-allow-origin
https://www.obsev.com
access-control-max-age
86400
access-control-allow-credentials
true
cf-ray
6953a5899cb35ca4-FRA
vary
Origin
config
c.amazon-adsystem.com/cdn/prod/ 		0
325 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.obsev.com%2Flife%2Fphotos-show-unusual-historical-events%2F%3Futm_source%3Dlit_456%26utm_medium%3Dpaid%26utm_campaign%3D07cc_ntd590_070_aa_lc_n_lc_dd_1_tnt_1%26utm_content%3D23848775733490200%26utm_term%3D07cc_ntd590_070_aa_lc_n_lc_dd_1_adset_1%26fbclid%3DIwAR3ivSL7fWMhwzGX&pubid=67d82afd-5c77-4816-97e0-97527d798aa4
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.186.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-186-4.fra2.r.cloudfront.net
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.obsev.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 09:18:46 GMT
via
1.1 c3b74c81fdcb7942211a6c721efa13fd.cloudfront.net (CloudFront)
server
Server
x-edge-origin-shield-skipped
0
x-cache
Miss from cloudfront
access-control-allow-origin
https://www.obsev.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
WQb1euQomIAqVXGHHV218LOgZgYvJ5m_poyH0YTQk0yIJ8ShRJV7FQ==
vptm.js
static.vidazoo.com/basev/ 		40 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.vidazoo.com/basev/vptm.js
Requested by
Host: d19m55ur8rme4m.cloudfront.net
URL: https://d19m55ur8rme4m.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.113 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-113.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
c3cc00dba6427450ca398d496b6d4d5ae385c893d1470754f1fba733c2a54d04

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.obsev.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 09:18:47 GMT
content-encoding
gzip
x-amz-request-id
JWM8D1K9FKEX47QZ
content-length
10371
x-amz-id-2
nyqIIxXpJ7RhiUVEjaY7QwNn+ObG53qV5QIMJPM+0DpzNLa6S9IBP2n8lU6xyoa1OecY7uncXx8=
last-modified
Wed, 21 Apr 2021 09:37:00 GMT
server
AmazonS3
etag
"21a2c9567e39057710d15b53f8cc270a"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Origin, Accept ,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Length, Accept-Language, Accept-Encoding, Referer, Range
cache-control
max-age=39534
accept-ranges
bytes
access-control-allow-headers
Origin, Accept ,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Length, Accept-Language, Accept-Encoding, Referer, Range
expires
Mon, 27 Sep 2021 20:17:41 GMT
sbt.js
static.vidazoo.com/basev/1.0.598/ 		584 KB
123 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.vidazoo.com/basev/1.0.598/sbt.js
Requested by
Host: d19m55ur8rme4m.cloudfront.net
URL: https://d19m55ur8rme4m.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.113 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-113.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
d68dc9b480e9320132e2e652b228b5cc8ebe5d026b9af8355c74f340c78807ad

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.obsev.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 09:18:47 GMT
content-encoding
gzip
x-amz-request-id
3P9BFZTJK5PKZK6A
content-length
124674
x-amz-id-2
3gr9Q2lhLmYys+gApXyFSyf/SQNdbWMvfxVWHP64qRWsQlTddZ2KYe6I4Sv/N3xlSR/QT+T6dd4=
last-modified
Sun, 12 Sep 2021 09:49:04 GMT
server
AmazonS3
etag
"891321caabbfdebc4546eeffdc3cd016"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Origin, Accept ,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Length, Accept-Language, Accept-Encoding, Referer, Range
cache-control
max-age=36910
accept-ranges
bytes
access-control-allow-headers
Origin, Accept ,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Length, Accept-Language, Accept-Encoding, Referer, Range
expires
Mon, 27 Sep 2021 19:33:57 GMT
widget.js
static.vidazoo.com/basev/wgt/outstream-prebid-mobile/2.1.23/ 		241 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.vidazoo.com/basev/wgt/outstream-prebid-mobile/2.1.23/widget.js?jsonp=__vdzw_5f1f56e15ca092000440e366_lHQ5_jsonp_
Requested by
Host: d19m55ur8rme4m.cloudfront.net
URL: https://d19m55ur8rme4m.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.113 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-113.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
677a578bc7e86d9d482600a4be5e9beb85eb63c26a8b1855255453de025325a5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.obsev.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 09:18:47 GMT
content-encoding
gzip
x-amz-request-id
YK6HPK3YW6G8EBZE
content-length
59147
x-amz-id-2
wVKLl0QANxzLrftBxAlhG4u9HhzsNsv7cEPoXwfUo58GGYAlObINe9KYEqbMcZu8Zfbaa+7dAUE=
last-modified
Sun, 05 Sep 2021 10:18:17 GMT
server
AmazonS3
etag
"d5fb77b662e224a99e88ee54964010b4"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Origin, Accept ,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Length, Accept-Language, Accept-Encoding, Referer, Range
cache-control
max-age=60295
accept-ranges
bytes
access-control-allow-headers
Origin, Accept ,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Length, Accept-Language, Accept-Encoding, Referer, Range
expires
Tue, 28 Sep 2021 02:03:42 GMT
bid
c.amazon-adsystem.com/e/dtb/ 		23 B
368 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.obsev.com%2Flife%2Fphotos-show-unusual-historical-events%2F%3Futm_source%3Dlit_456%26utm_medium%3Dpaid%26utm_campaign%3D07cc_ntd590_070_aa_lc_n_lc_dd_1_tnt_1%26utm_content%3D23848775733490200%26utm_term%3D07cc_ntd590_070_aa_lc_n_lc_dd_1_adset_1%26fbclid%3DIwAR3ivSL7fWMhwzGX&pid=w7igIb2j8XvvT&cb=0&ws=1600x1200&v=7.69.01&t=2500&slots=%5B%7B%22sd%22%3A%220%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F101538805%2Fob_desktop_med_middle_standard%22%7D%2C%7B%22sd%22%3A%221%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F101538805%2FOB_Desktop_MED_Bottom_Standard_2%22%7D%2C%7B%22sd%22%3A%222%22%2C%22s%22%3A%5B%22300x600%22%2C%22336x280%22%2C%22300x1050%22%5D%2C%22sn%22%3A%22%2F101538805%2Fob_desktop_med_top_ultra%22%7D%2C%7B%22sd%22%3A%223%22%2C%22s%22%3A%5B%22160x600%22%5D%2C%22sn%22%3A%22%2F101538805%2FOB_Desktop_SKY_Top_Standard%22%7D%5D&pj=%7B%22us_privacy%22%3A%221---%22%7D&pubid=67d82afd-5c77-4816-97e0-97527d798aa4&gdpre=1&gdprl=%7B%22status%22%3A%22tcfv2-success%22%2C%22cmpTimeout%22%3A8000%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.186.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-186-4.fra2.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.obsev.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 09:18:47 GMT
via
1.1 c3b74c81fdcb7942211a6c721efa13fd.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA2-C1
vary
User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.obsev.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
HdxerD79hRqlQkC7eHCmvSGDG7VpGOaF4niIIc2lwPffLtyN06EXkw==
v2dhvK_xbJF8qM1etNoWWRNXksNCQtfiy9DTjQ9alPEMhS7dBaZ8hV_qJPgbRATR4y9BNmF3U
overconfidentfood.com/ 		3 B
36 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://overconfidentfood.com/v2dhvK_xbJF8qM1etNoWWRNXksNCQtfiy9DTjQ9alPEMhS7dBaZ8hV_qJPgbRATR4y9BNmF3U
Requested by
Host: d19m55ur8rme4m.cloudfront.net
URL: https://d19m55ur8rme4m.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.96.133 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
133.96.201.35.bc.googleusercontent.com
Software
/
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://www.obsev.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
x-datacenter
gce-europe-west1
date
Mon, 27 Sep 2021 09:18:47 GMT
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.obsev.com
access-control-allow-credentials
true
x-hostname
a26589ac
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
content-length
3
/
www.facebook.com/tr/ Frame A655 		0
18 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.236.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-frx5.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

:method
POST
:authority
www.facebook.com
:scheme
https
:path
/tr/
content-length
2009
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
origin
https://www.obsev.com
content-type
application/x-www-form-urlencoded
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.obsev.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
Origin
https://www.obsev.com
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.obsev.com/

Response headers

content-type
text/plain
access-control-allow-origin
https://www.obsev.com
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
content-length
0
server
proxygen-bolt
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
date
Mon, 27 Sep 2021 09:18:47 GMT
sr
capi.connatix.com/tr/ Frame EC95 		0
0
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		73 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: d19m55ur8rme4m.cloudfront.net
URL: https://d19m55ur8rme4m.cloudfront.net/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
sffe /
Resource Hash
6a0c48cc26befa65bdebf31bd7af3f72634a9d82cb5adfb1de07f04102c26034
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.obsev.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 09:18:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"999 / 849 of 1000 / last-modified: 1632522815"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25715
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 27 Sep 2021 09:18:47 GMT
2_media.bin
vid.connatix.com/60764267-557e-410f-85cb-f102d92ee134/a3fc0995-ba7e-4fc7-8292-7b10966d4619/ Frame EC95 		291 B
492 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.connatix.com/60764267-557e-410f-85cb-f102d92ee134/a3fc0995-ba7e-4fc7-8292-7b10966d4619/2_media.bin
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
932da60c35768cdd109c7361be41eba1a055942888f455927375479e314665ae

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 09:18:47 GMT
content-encoding
gzip
last-modified
Wed, 01 Sep 2021 20:40:07 GMT
age
67655
etag
"53d21854a3955729248e5c87ab1b28bc"
vary
Accept-Encoding
content-type
application/octet-stream
access-control-allow-origin
*
access-control-max-age
86400
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
content-length
255
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame EC95 		0
0
g
capi.connatix.com/rtb/ Frame EC95 		0
0
auction
tlx.3lift.com/vast/ Frame EC95 		0
0
1_th.jpg
img.connatix.com/60764267-557e-410f-85cb-f102d92ee134/a3fc0995-ba7e-4fc7-8292-7b10966d4619/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.connatix.com/60764267-557e-410f-85cb-f102d92ee134/a3fc0995-ba7e-4fc7-8292-7b10966d4619/1_th.jpg?crop=401:226,smart&width=401&height=226&format=jpeg&quality=60&fit=crop
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
7eb1ae64b457cfdf2bb4e393d88f0ba461a2d3f069c3f7594f1547bbc3292850

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.obsev.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 09:18:47 GMT
age
72143
etag
"Mgf/GI0KXoZ57u2oOlxGLxfRem/aha2e7WE6AY/UOlE"
access-control-max-age
86400
fastly-io-info
ifsz=120258 idim=2560x1440 ifmt=jpeg ofsz=9875 odim=401x226 ofmt=jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, public
fastly-stats
io=1
accept-ranges
bytes
content-type
image/jpeg
content-length
9875
prebid4.43.0-1.js
cds.connatix.com/p/plugins/ 		369 KB
101 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cds.connatix.com/p/plugins/prebid4.43.0-1.js
Requested by
Host: d19m55ur8rme4m.cloudfront.net
URL: https://d19m55ur8rme4m.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4adaeccb264cbd8319080fd9f61eb769ff6f8aa1a02ab3408430b2b853d9cbe8

Request headers

Referer
https://www.obsev.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Mon, 27 Sep 2021 09:18:47 GMT
content-encoding
br
last-modified
Fri, 11 Jun 2021 12:04:10 GMT
age
9321255
etag
"e4701779c6417de6368034bef638e34b"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
access-control-max-age
86400
cache-control
public,max-stale=31557600,stale-while-revalidate= 31557600, immutable,max-age=31557600
accept-ranges
bytes
content-length
103396
aggregate
bisdr.vidazoo.com/ 		0
273 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bisdr.vidazoo.com/aggregate
Requested by
Host: static.vidazoo.com
URL: https://static.vidazoo.com/basev/wgt/outstream-prebid-mobile/2.1.23/widget.js?jsonp=__vdzw_5f1f56e15ca092000440e366_lHQ5_jsonp_
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
134.209.221.54 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.obsev.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 27 Sep 2021 09:18:48 GMT
Server
nginx
Content-Type
text/plain
Access-Control-Allow-Headers
*
Content-Length
0
P3P
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
rid
match.adsrvr.org/track/ 		109 B
543 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=j3v367e&fmt=json
Requested by
Host: 506.hostedprebid.com
URL: https://506.hostedprebid.com/8L6B/Axf3_K67O_jS5l_GgFd_U2ui/jita.js?dfp=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
4749f1f98a4b997aa5828b3645c63c084edae4c517da77046f8c6cb80963c40e

Request headers

Referer
https://www.obsev.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 27 Sep 2021 09:18:52 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.obsev.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
109
expires
Wed, 27 Oct 2021 09:18:52 GMT
usync.html
eus.rubiconproject.com/ Frame 8CDE 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?us_privacy=1---
Requested by
Host: d19m55ur8rme4m.cloudfront.net
URL: https://d19m55ur8rme4m.cloudfront.net/script.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.obsev.com/
Accept-Encoding
gzip, deflate, br
Cookie
khaos=KU2FV1OY-24-GVYG; rsid=1|HsGqLFsFr/vVSy6g0MQzNQWiuYBcZJvAvCF6IsCkVVw8wYaQOmrhRKqbYr6DgI/DQB+kslOnYX6qF0anVSaRRFrEpFc6uQw19gMkasvdREJwzG+hEKZeU6r9VKHaWVv/VO/a+hEPPQ==; ses15=; vis15=216254^1; audit=1|hLZGFuTafB3k9RaVnoXf+GUzPgnV/Zv5v2FR2LKygIB6p9ENaYBHKyiRTgk7w7IDwFCfoC+4IsXauYAbF1ISHR04pbWpEGPK; ses10=; vis10=216254^1; ses9=; vis9=216254^1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.obsev.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 23 Feb 2021 20:47:52 GMT
ETag
"402b0-119-5bc0708346e00"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 27 Sep 2021 09:18:52 GMT
Connection
keep-alive
Vary
Accept-Encoding
cs
sync.rtk.io/ Frame 7E92 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.rtk.io/cs?ref=https%3A%2F%2Fwww.obsev.com&us_privacy=1---
Requested by
Host: d19m55ur8rme4m.cloudfront.net
URL: https://d19m55ur8rme4m.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
147.75.64.214 Parsippany, United States, ASN54825 (PACKET, US),
Reverse DNS
adstorm-pk-nj-101
Software
nginx/1.20.1 /
Resource Hash

Request headers

:method
GET
:authority
sync.rtk.io
:scheme
https
:path
/cs?ref=https%3A%2F%2Fwww.obsev.com&us_privacy=1---
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.obsev.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.obsev.com/

Response headers

server
nginx/1.20.1
date
Mon, 27 Sep 2021 09:18:52 GMT
index.html
cdn.districtm.io/ids/ Frame 9469 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.districtm.io/ids/index.html?ccpa=1---
Requested by
Host: d19m55ur8rme4m.cloudfront.net
URL: https://d19m55ur8rme4m.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
cdn.districtm.io
:scheme
https
:path
/ids/index.html?ccpa=1---
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.obsev.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.obsev.com/

Response headers

date
Mon, 27 Sep 2021 09:18:52 GMT
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Origin
access-control-allow-methods
GET, HEAD, POST, OPTIONS
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
server
cloudflare
cf-ray
6953a5ac8be24a98-FRA
/
ssc-cms.33across.com/ps/ Frame A9C7 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=cN-KiO7e0r6yoPaKlId8sQ&gdpr_consent=undefined&us_privacy=1---
Requested by
Host: d19m55ur8rme4m.cloudfront.net
URL: https://d19m55ur8rme4m.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.100.17.178 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip178.208-100-17.static.steadfastdns.net
Software
33XP001 /
Resource Hash

Request headers

:method
GET
:authority
ssc-cms.33across.com
:scheme
https
:path
/ps/?m=xch&rt=html&ru=deb&id=cN-KiO7e0r6yoPaKlId8sQ&gdpr_consent=undefined&us_privacy=1---
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.obsev.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.obsev.com/

Response headers

x-33x-status
2000208
server
33XP001
date
Mon, 27 Sep 2021 09:18:53 GMT
async_usersync.html
acdn.adnxs.com/dmp/ Frame 2DC5 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: d19m55ur8rme4m.cloudfront.net
URL: https://d19m55ur8rme4m.cloudfront.net/script.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.obsev.com/
Accept-Encoding
gzip, deflate, br
Cookie
icu=ChgIt5tIEAoYASABKAEw95jGigY4AUABSAEQ95jGigYYAA..; uuid2=412609993434168691
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.obsev.com/

Response headers

Connection
keep-alive
Content-Length
17053
Server
nginx/1.18.0 (Ubuntu)
Content-Type
text/html
Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
W/"5fc7ff8f-cf34"
Expires
Sun, 26 Sep 2021 04:19:43 GMT
Cache-Control
max-age=86402
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Accept-Ranges
bytes
Date
Mon, 27 Sep 2021 09:18:52 GMT
Age
17948
X-Served-By
cache-lga21975-LGA, cache-hhn4070-HHN
X-Cache
HIT, HIT
X-Cache-Hits
1, 355788
X-Timer
S1632734333.922151,VS0,VE0
Vary
Accept-Encoding
sync
eb2.3lift.com/ Frame 44CF
Redirect Chain
  • https://eb2.3lift.com/sync?us_privacy=1---&
  • https://eb2.3lift.com/sync?us_privacy=1---&&ld=1
1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?us_privacy=1---&&ld=1
Requested by
Host: d19m55ur8rme4m.cloudfront.net
URL: https://d19m55ur8rme4m.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bbca223da58c816803ac6f1140fc10377e4dc3785e83cecb3c8adb305c8cfd0c

Request headers

:method
GET
:authority
eb2.3lift.com
:scheme
https
:path
/sync?us_privacy=1---&&ld=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.obsev.com/
accept-encoding
gzip, deflate, br
cookie
tluid=15082993255945826032
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.obsev.com/

Response headers

date
Mon, 27 Sep 2021 09:18:52 GMT
content-type
text/html; charset=utf-8
content-length
464
set-cookie
sync=CgoIgQIQ8I-ztMIvCgoI4gEQ8I-ztMIvCgoI5gEQ8I-ztMIvCgoIhwIQ8I-ztMIvCgkICRDwj7O0wi8KCQg6EPCPs7TCLwoJCAsQ8I-ztMIvCgoIjAIQ8I-ztMIvCgoIzgEQ8I-ztMIvCgkIXxDwj7O0wi8=; Max-Age=7776000; Expires=Sun, 26 Dec 2021 09:18:52 GMT; Path=/sync; Domain=.3lift.com; SameSite=None; Secure tluid=15082993255945826032; Max-Age=7776000; Expires=Sun, 26 Dec 2021 09:18:52 GMT; Path=/; Domain=.3lift.com; SameSite=None; Secure
content-encoding
gzip
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
cache-control
no-cache, no-store, must-revalidate

Redirect headers

date
Mon, 27 Sep 2021 09:18:52 GMT
content-length
0
set-cookie
tluid=15082993255945826032; Max-Age=7776000; Expires=Sun, 26 Dec 2021 09:18:52 GMT; Path=/; Domain=.3lift.com; SameSite=None; Secure
location
/sync?us_privacy=1---&&ld=1
cache-control
no-cache, no-store, must-revalidate
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame F407 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159001&us_privacy=1---
Requested by
Host: d19m55ur8rme4m.cloudfront.net
URL: https://d19m55ur8rme4m.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/user_sync.html?kdntuid=1&p=159001&us_privacy=1---
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.obsev.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.obsev.com/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=73568
expires
Tue, 28 Sep 2021 05:45:00 GMT
date
Mon, 27 Sep 2021 09:18:52 GMT
vary
Accept-Encoding
pd
eu-u.openx.net/w/1.0/ Frame 7B5F 		1006 B
859 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eu-u.openx.net/w/1.0/pd?plm=10&ph=26ba2c35-e795-475f-bb65-56b378952c90&gdpr=0&us_privacy=1---
Requested by
Host: d19m55ur8rme4m.cloudfront.net
URL: https://d19m55ur8rme4m.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.216.3 /
Resource Hash
270ed047f71ec281b7c4978ce19eaf27f4d88020bafd93aa1477557de86c1e5a

Request headers

:method
GET
:authority
eu-u.openx.net
:scheme
https
:path
/w/1.0/pd?plm=10&ph=26ba2c35-e795-475f-bb65-56b378952c90&gdpr=0&us_privacy=1---
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.obsev.com/
accept-encoding
gzip, deflate, br
cookie
i=8aca9fa9-58c5-40ee-8100-c74d3ac027b4|1632734327
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.obsev.com/

Response headers

vary
Accept, Accept-Encoding
set-cookie
i=8aca9fa9-58c5-40ee-8100-c74d3ac027b4|1632734327; Version=1; Expires=Tue, 27-Sep-2022 09:18:52 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1632734332|mOgeginskin0vNomiygu; Version=1; Expires=Tue, 12-Oct-2021 09:18:52 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server
OXGW/16.216.3
p3p
CP="CUR ADM OUR NOR STA NID"
date
Mon, 27 Sep 2021 09:18:52 GMT
content-type
text/html
content-length
542
content-encoding
gzip
via
1.1 google
alt-svc
clear
usersync.html
cdn.undertone.com/js/ Frame 193A 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.undertone.com/js/usersync.html?ccpa=1---
Requested by
Host: d19m55ur8rme4m.cloudfront.net
URL: https://d19m55ur8rme4m.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-24.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f0c6c17bbefb440a7e7ee03a4363aeba33a7c57345af065c670848e8fd40a4b5

Request headers

:method
GET
:authority
cdn.undertone.com
:scheme
https
:path
/js/usersync.html?ccpa=1---
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.obsev.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.obsev.com/

Response headers

content-type
text/html
x-amz-replication-status
COMPLETED
last-modified
Thu, 08 Jul 2021 07:16:59 GMT
x-amz-version-id
6994YJvhVK.G.S8wNruUeW.ksGihHjjx
server
AmazonS3
x-edge-origin-shield-skipped
0
content-encoding
gzip
date
Sun, 26 Sep 2021 11:28:17 GMT
etag
W/"71d386aa3a4939b04d8b4f9c237f4eaf"
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 df26103dc140569d7032449c70c3b141.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
QxGzw6cVW-80wfa3acwD7D6_u0oqPt_3-0_kDCnuGyURI6iwoALlCQ==
age
78636
/
ssc-cms.33across.com/ps/ 		0
0
usersync.html
ad-cdn.technoratimedia.com/html/ Frame 067C 		17 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad-cdn.technoratimedia.com/html/usersync.html?src=prebid_prebid_4.43.4
Requested by
Host: d19m55ur8rme4m.cloudfront.net
URL: https://d19m55ur8rme4m.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.22.191 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frd/E2F8) /
Resource Hash
62f3a786e694b5c0ea068b3267e019ec7de62fb98fbebffdfbd425f1cd99a86e

Request headers

:method
GET
:authority
ad-cdn.technoratimedia.com
:scheme
https
:path
/html/usersync.html?src=prebid_prebid_4.43.4
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.obsev.com/
accept-encoding
gzip, deflate, br
cookie
tads_uid=GDPR
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.obsev.com/

Response headers

content-encoding
gzip
accept-ranges
bytes
access-control-allow-origin
*
age
823
cache-control
max-age=900
content-type
text/html; charset=UTF-8
date
Mon, 27 Sep 2021 09:18:52 GMT
etag
"450f-5c7a90520f640"
expires
Mon, 27 Sep 2021 09:33:52 GMT
last-modified
Wed, 21 Jul 2021 21:40:33 GMT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
server
ECAcc (frd/E2F8)
vary
Accept-Encoding
via
1.1 varnish
x-cache
HIT
x-varnish
846368643
content-length
5566
beacon
ap.lijit.com/ Frame 78A8 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/beacon?us_privacy=1---&informer=13426153
Requested by
Host: d19m55ur8rme4m.cloudfront.net
URL: https://d19m55ur8rme4m.cloudfront.net/script.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.39 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
nginx / raptor
Resource Hash

Request headers

Host
ap.lijit.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.obsev.com/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.obsev.com/

Response headers

Server
nginx
Date
Mon, 27 Sep 2021 09:18:52 GMT
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma
no-cache
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
X-Powered-By
raptor
X-Sovrn-Pod
ad_ap7ams1
/
ssc-cms.33across.com/ps/ Frame 4EE8 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=d808Gu7emr6ykqaKkGJozW&gdpr_consent=undefined&us_privacy=1---
Requested by
Host: d19m55ur8rme4m.cloudfront.net
URL: https://d19m55ur8rme4m.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.100.17.178 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip178.208-100-17.static.steadfastdns.net
Software
33XP004 /
Resource Hash

Request headers

:method
GET
:authority
ssc-cms.33across.com
:scheme
https
:path
/ps/?m=xch&rt=html&ru=deb&id=d808Gu7emr6ykqaKkGJozW&gdpr_consent=undefined&us_privacy=1---
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.obsev.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.obsev.com/

Response headers

x-33x-status
2000208
server
33XP004
date
Mon, 27 Sep 2021 09:18:52 GMT
/
ssc-cms.33across.com/ps/ Frame ABC6 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=anEIgw7emr6ykqaKkGJozW&gdpr_consent=undefined&us_privacy=1---
Requested by
Host: d19m55ur8rme4m.cloudfront.net
URL: https://d19m55ur8rme4m.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.100.17.178 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip178.208-100-17.static.steadfastdns.net
Software
33XP005 /
Resource Hash

Request headers

:method
GET
:authority
ssc-cms.33across.com
:scheme
https
:path
/ps/?m=xch&rt=html&ru=deb&id=anEIgw7emr6ykqaKkGJozW&gdpr_consent=undefined&us_privacy=1---
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.obsev.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.obsev.com/

Response headers

x-33x-status
2000208
server
33XP005
date
Mon, 27 Sep 2021 09:18:52 GMT
sd
eu-u.openx.net/w/1.0/ Frame 7B5F
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
  • https://eu-u.openx.net/w/1.0/sd?id=537072979&val=N2Hftc3D1MuMMI5
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537072979&val=N2Hftc3D1MuMMI5
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=26ba2c35-e795-475f-bb65-56b378952c90&gdpr=0&us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.216.3 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 27 Sep 2021 09:18:53 GMT
via
1.1 google
server
OXGW/16.216.3
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 27 Sep 2021 09:18:52 GMT
Server
PingMatch/8a430fa#rel-ec2-master i-0f1a9d8b7eed06fb2@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
P3P
policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Location
https://eu-u.openx.net/w/1.0/sd?id=537072979&val=N2Hftc3D1MuMMI5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 7B5F
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=openx
  • https://x.bidswitch.net/ul_cb/sync?ssp=openx
  • https://r.scoota.co/sync?ssp=bidswitch&bidswitch_ssp_id=openx
  • https://r.scoota.co/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=openx
  • https://x.bidswitch.net/sync?dsp_id=29&expires=30&user_id=a8695f62-6d62-4731-8274-d590522b4653&ssp=openx
  • https://us-u.openx.net/w/1.0/sd?id=537072968&val=923cf5cf-bcf1-475e-893d-737dfe62d5ae
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072968&val=923cf5cf-bcf1-475e-893d-737dfe62d5ae
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=26ba2c35-e795-475f-bb65-56b378952c90&gdpr=0&us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.216.3 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 27 Sep 2021 09:18:53 GMT
via
1.1 google
server
OXGW/16.216.3
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
//us-u.openx.net/w/1.0/sd?id=537072968&val=923cf5cf-bcf1-475e-893d-737dfe62d5ae
date
Mon, 27 Sep 2021 09:18:53 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
sd
eu-u.openx.net/w/1.0/ Frame 7B5F
Redirect Chain
  • https://ib.adnxs.com/getuid?https://eu-u.openx.net/w/1.0/sd?id=537072399&val=$UID
  • https://eu-u.openx.net/w/1.0/sd?id=537072399&val=412609993434168691
43 B
122 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537072399&val=412609993434168691
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=26ba2c35-e795-475f-bb65-56b378952c90&gdpr=0&us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.216.3 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 27 Sep 2021 09:18:52 GMT
via
1.1 google
server
OXGW/16.216.3
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 27 Sep 2021 09:18:52 GMT
X-Proxy-Origin
216.131.114.223; 216.131.114.223; 719.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
843f1637-781e-465c-8eaf-34aeefe70387
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://eu-u.openx.net/w/1.0/sd?id=537072399&val=412609993434168691
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 7B5F
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ox
  • https://match.prod.bidr.io/cookie-sync/ox?_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFDclBVN0NveGtBQUR3WlJkNWxFZw&bee_sync_partners=pm%2Csas%2Cpp%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&b...
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Csas%2Cpp%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AACrPU7CoxkAADwZRd5lEg&r=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3...
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cpp%2Cox&bee_sync_current_partner=pm&bee_sync_initiator=adx&bee_sync_hop_count=2
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AACrPU7CoxkAADwZRd5lEg&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Cox%26bee_sync_curre...
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=pp%2Cox&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=7808748477100723742
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AACrPU7CoxkAADwZRd5lEg&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fuserid%3D7808748477100723742%26bee_sync_partners%3Dox%26bee_sync...
  • https://match.prod.bidr.io/cookie-sync?userid=7808748477100723742&bee_sync_partners=ox&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=4&ev=AACrPU7CoxkAADwZRd5lEg&pid=558502&d...
  • https://us-u.openx.net/w/1.0/sd?id=537125688&val=AACrPU7CoxkAADwZRd5lEg
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537125688&val=AACrPU7CoxkAADwZRd5lEg
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=26ba2c35-e795-475f-bb65-56b378952c90&gdpr=0&us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.216.3 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 27 Sep 2021 09:18:53 GMT
via
1.1 google
server
OXGW/16.216.3
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537125688&val=AACrPU7CoxkAADwZRd5lEg
Date
Mon, 27 Sep 2021 09:18:53 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
strict-transport-security
max-age=2592000; includeSubDomains
sd
eu-u.openx.net/w/1.0/ Frame 7B5F
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=d0ea6151-8c7c-4f00-98de-286741caa22d
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=d0ea6151-8c7c-4f00-98de-286741caa22d
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=26ba2c35-e795-475f-bb65-56b378952c90&gdpr=0&us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.216.3 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 27 Sep 2021 09:18:52 GMT
via
1.1 google
server
OXGW/16.216.3
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Mon, 27 Sep 2021 09:18:52 GMT
Server
MT3 3984 0e3af3b master zrh-pixel-x1 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=d0ea6151-8c7c-4f00-98de-286741caa22d
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 27 Sep 2021 09:18:51 GMT
sd
us-u.openx.net/w/1.0/ Frame 7B5F
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=lXREz5smRp2OIBTHwSZcnJUjSMyOdkHOl3daOOl3
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=lXREz5smRp2OIBTHwSZcnJUjSMyOdkHOl3daOOl3
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=26ba2c35-e795-475f-bb65-56b378952c90&gdpr=0&us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.216.3 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 27 Sep 2021 09:18:52 GMT
via
1.1 google
server
OXGW/16.216.3
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 27 Sep 2021 09:18:52 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=lXREz5smRp2OIBTHwSZcnJUjSMyOdkHOl3daOOl3
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame 7B5F
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=22
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=4155417303441706770
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=4155417303441706770
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=26ba2c35-e795-475f-bb65-56b378952c90&gdpr=0&us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.216.3 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 27 Sep 2021 09:18:53 GMT
via
1.1 google
server
OXGW/16.216.3
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 27 Sep 2021 09:18:53 GMT
server
nginx
location
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=4155417303441706770
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
openx
match.adsrvr.org/track/cmf/ Frame 7B5F 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/openx?oxid=5966a0f0-f142-7f19-dbd6-0fa55ee71449&gdpr=0
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=26ba2c35-e795-475f-bb65-56b378952c90&gdpr=0&us_privacy=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 27 Sep 2021 09:18:52 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 7B5F 		170 B
523 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NzUwOTczM2EtMzgzNS0yMWJkLWNlMzYtNTUxYzk0MDVkYTI5
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=26ba2c35-e795-475f-bb65-56b378952c90&gdpr=0&us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 27 Sep 2021 09:18:52 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 7B5F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEiiuQL63g0GhynTE3pa5aQ&google_cver=1
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEiiuQL63g0GhynTE3pa5aQ&google_cver=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=26ba2c35-e795-475f-bb65-56b378952c90&gdpr=0&us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.216.3 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 27 Sep 2021 09:18:53 GMT
via
1.1 google
server
OXGW/16.216.3
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 27 Sep 2021 09:18:52 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEiiuQL63g0GhynTE3pa5aQ&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame F407 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=56821533&p=159001&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159001&us_privacy=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
12be9d1992649e87efd723cae11e35605236eb276d6adf01e1173dd3c8588f9e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 09:18:52 GMT
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
usync.js
eus.rubiconproject.com/ Frame 8CDE 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
3640dd4cd66e624cfb0a2f81a673e4e34ca137737ba32d6f117accc4d5e8ad1f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?us_privacy=1---
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Mon, 27 Sep 2021 09:18:52 GMT
Content-Encoding
gzip
Last-Modified
Fri, 24 Sep 2021 16:02:15 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=48839
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9352
Expires
Mon, 27 Sep 2021 22:52:51 GMT
generic
match.adsrvr.org/track/cmf/ Frame 44CF 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=1&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 27 Sep 2021 09:18:52 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
xuid
eb2.3lift.com/ Frame 44CF
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=1&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEHXL1da3waQIIkXJcVoJ9gY&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
37 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEHXL1da3waQIIkXJcVoJ9gY&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 09:18:52 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Mon, 27 Sep 2021 09:18:52 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEHXL1da3waQIIkXJcVoJ9gY&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
332
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 44CF
Redirect Chain
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=1&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTUwODI5OTMyNTU5NDU4MjYwMzI%3D
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTUwODI5OTMyNTU5NDU4MjYwMzI%3D
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&&ld=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 27 Sep 2021 09:18:52 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTUwODI5OTMyNTU5NDU4MjYwMzI%3D
date
Mon, 27 Sep 2021 09:18:52 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
setuid
px.ads.linkedin.com/ Frame 44CF 		0
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=15082993255945826032&dbredirect=true&gdpr=1&consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.174.11.37 , United States, ASN14413 (LINKEDIN, US),
Reverse DNS
108-174-11-37.fwd.linkedin.com
Software
Play /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 09:18:53 GMT
server
Play
linkedin-action
1
x-li-fabric
prod-lor1
x-li-proto
http/2
x-li-pop
prod-esv5
content-length
0
x-li-uuid
u8rCvzmjqBYQHJm7hysAAA==
xuid
eb2.3lift.com/ Frame 44CF
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/15082993255945826032?gdpr=1&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-cOIGUxxE2oRv0ZFpdD23J5Nk1TugLS7D3aWXgxrGjw--~A&dongle=0883
37 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2662&xuid=y-cOIGUxxE2oRv0ZFpdD23J5Nk1TugLS7D3aWXgxrGjw--~A&dongle=0883
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 09:18:53 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Mon, 27 Sep 2021 09:18:53 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://eb2.3lift.com/xuid?mid=2662&xuid=y-cOIGUxxE2oRv0ZFpdD23J5Nk1TugLS7D3aWXgxrGjw--~A&dongle=0883
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
sync
x.bidswitch.net/ Frame 44CF 		43 B
146 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=triplelift&user_id=15082993255945826032&gdpr=1&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.194.59.214 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-194-59-214.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 09:18:52 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
c.gif
c.bing.com/ Frame 44CF 		42 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bing.com/c.gif?xid=15082993255945826032&Red3=TLMS_pd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.21.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 27 Sep 2021 09:18:52 GMT
etag
"367bb54357aad71:0"
last-modified
Wed, 15 Sep 2021 17:29:40 GMT
x-msedge-ref
Ref A: 2E0270918F494E04A40B86AA3AD7BFBA Ref B: PRG01EDGE0718 Ref C: 2021-09-27T09:18:53Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-type
image/gif
content-length
42
iu3
s.amazon-adsystem.com/ Frame 44CF
Redirect Chain
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=1&gdpr_consent=&uid=15082993255945826032
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=15082993255945826032&dcc=t
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=15082993255945826032&dcc=t
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&&ld=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.177.54 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Redirect headers

Pragma
no-cache
Date
Mon, 27 Sep 2021 09:18:53 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
6PB2H105Z8Y87D9ZZACJ
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=15082993255945826032&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
xuid
eb2.3lift.com/ Frame 44CF
Redirect Chain
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=1&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 09:18:53 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

Location
https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Pragma
no-cache
Date
Mon, 27 Sep 2021 09:18:53 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Content-Length
95
Content-Type
text/html; charset=utf-8
xuid
eb2.3lift.com/ Frame 44CF
Redirect Chain
  • https://ad.turn.com/r/cs?pid=49&gdpr=1&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=4771&xuid=4543359819311492910&dongle=d407
37 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=4771&xuid=4543359819311492910&dongle=d407
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 09:18:53 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://eb2.3lift.com/xuid?mid=4771&xuid=4543359819311492910&dongle=d407
pragma
no-cache
date
Mon, 27 Sep 2021 09:18:52 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
async_usersync
ib.adnxs.com/ Frame 2DC5 		0
734 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.89 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 27 Sep 2021 09:18:52 GMT
X-Proxy-Origin
216.131.114.223; 216.131.114.223; 719.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
e65982fb-0c7a-4ee2-a5a2-9ad8585a0372
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usync.html
eus.rubiconproject.com/ Frame 53BC
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=12776
  • https://eus.rubiconproject.com/usync.html?p=12776
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=12776
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?ccpa=1---
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://cdn.undertone.com/
Accept-Encoding
gzip, deflate, br
Cookie
khaos=KU2FV1OY-24-GVYG; rsid=1|HsGqLFsFr/vVSy6g0MQzNQWiuYBcZJvAvCF6IsCkVVw8wYaQOmrhRKqbYr6DgI/DQB+kslOnYX6qF0anVSaRRFrEpFc6uQw19gMkasvdREJwzG+hEKZeU6r9VKHaWVv/VO/a+hEPPQ==; ses15=; vis15=216254^1; audit=1|hLZGFuTafB3k9RaVnoXf+GUzPgnV/Zv5v2FR2LKygIB6p9ENaYBHKyiRTgk7w7IDwFCfoC+4IsXauYAbF1ISHR04pbWpEGPK; ses10=; vis10=216254^1; ses9=; vis9=216254^1; pux=1512%3D102897%262307%3D102897%262974%3D102897%263778%3D102897%26idl%3D102897%26brx%3D102897%26goog%3D102897%262249-DV360-Hosted%3D102897%26
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.undertone.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 23 Feb 2021 20:47:52 GMT
ETag
"402b0-119-5bc0708346e00"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 27 Sep 2021 09:18:53 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

Server
AkamaiGHost
Content-Length
0
Location
https://eus.rubiconproject.com/usync.html?p=12776
Date
Mon, 27 Sep 2021 09:18:53 GMT
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
sync
usr.undertone.com/userPixel/ Frame 193A
Redirect Chain
  • https://ib.adnxs.com/getuidnb?https://usr.undertone.com/userPixel/sync?partner=appnexus&uid=$UID
  • https://usr.undertone.com/userPixel/sync?partner=appnexus&uid=412609993434168691
0
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partner=appnexus&uid=412609993434168691
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?ccpa=1---
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.210.227.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-210-227-169.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 09:18:53 GMT
x-envoy-upstream-service-time
1
server
istio-envoy
Connection
keep-alive
Content-Length
0

Redirect headers

Pragma
no-cache
Date
Mon, 27 Sep 2021 09:18:52 GMT
X-Proxy-Origin
216.131.114.223; 216.131.114.223; 719.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
b6e2628f-73a3-4ad9-b554-a6821537f2fa
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://usr.undertone.com/userPixel/sync?partner=appnexus&uid=412609993434168691
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
usr.undertone.com/userPixel/ Frame 193A
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=fba3d144-1026-4d31-a758-943b9545e305&r=https://usr.undertone.com/userPixel/sync?partnerId=39&uid=
  • https://usr.undertone.com/userPixel/sync?partnerId=39&uid=120bc7d7-f1ed-437a-b153-1062a94b341b
0
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partnerId=39&uid=120bc7d7-f1ed-437a-b153-1062a94b341b
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?ccpa=1---
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.210.227.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-210-227-169.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 09:18:53 GMT
x-envoy-upstream-service-time
0
server
istio-envoy
Connection
keep-alive
Content-Length
0

Redirect headers

date
Mon, 27 Sep 2021 09:18:52 GMT
content-encoding
gzip
server
OXGW/16.216.3
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://usr.undertone.com/userPixel/sync?partnerId=39&uid=120bc7d7-f1ed-437a-b153-1062a94b341b
content-type
image/gif
alt-svc
clear
content-length
0
via
1.1 google
sync
usr.undertone.com/userPixel/ Frame 193A
Redirect Chain
  • https://pixel.advertising.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true
  • https://pixel.advertising.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true&verify=true
  • https://ups.analytics.yahoo.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true&apid=UPeed8102b-1f73-11ec-b39f-02abba99f1a8
  • https://ups.analytics.yahoo.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true&apid=UPeed8102b-1f73-11ec-b39f-02abba99f1a8&verify=true
  • https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-F3QUtbxE2uHaHPqcCTg8mwAkIVpWCQAU~A~UPeed8102b-1f73-11ec-b39f-02abba99f1a8
0
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-F3QUtbxE2uHaHPqcCTg8mwAkIVpWCQAU~A~UPeed8102b-1f73-11ec-b39f-02abba99f1a8
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?ccpa=1---
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.210.227.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-210-227-169.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 09:18:53 GMT
x-envoy-upstream-service-time
1
server
istio-envoy
Connection
keep-alive
Content-Length
0

Redirect headers

Date
Mon, 27 Sep 2021 09:18:53 GMT
Server
ATS/7.1.2.138
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-F3QUtbxE2uHaHPqcCTg8mwAkIVpWCQAU~A~UPeed8102b-1f73-11ec-b39f-02abba99f1a8
Connection
keep-alive
Content-Length
0
sync
usr.undertone.com/userPixel/ Frame 193A
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sirnsvg&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://usr.undertone.com/userPixel/sync?partner=ttd&uid=037929fa-8c56-4157-8bbb-d0459f98666f&ttl=1635326332
0
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partner=ttd&uid=037929fa-8c56-4157-8bbb-d0459f98666f&ttl=1635326332
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?ccpa=1---
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.210.227.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-210-227-169.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 09:18:52 GMT
x-envoy-upstream-service-time
1
server
istio-envoy
Connection
keep-alive
Content-Length
0

Redirect headers

pragma
no-cache
date
Mon, 27 Sep 2021 09:18:52 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://usr.undertone.com/userPixel/sync?partner=ttd&uid=037929fa-8c56-4157-8bbb-d0459f98666f&ttl=1635326332
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
247
sync.php
pixel.rubiconproject.com/exchange/ Frame 193A 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=12776
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?ccpa=1---
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
Content-Type
image/gif
sync
usr.undertone.com/userPixel/ Frame 193A
Redirect Chain
  • https://cs.admanmedia.com/sync/undertone?url=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3Fpartner%3Dacuityads%26uid%3D%24UID
  • https://usr.undertone.com/userPixel/sync?partner=acuityads&uid=17bc8d727c400d7b265433c805729b1cc6c1bfca
0
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partner=acuityads&uid=17bc8d727c400d7b265433c805729b1cc6c1bfca
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?ccpa=1---
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.210.227.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-210-227-169.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 09:18:53 GMT
x-envoy-upstream-service-time
1
server
istio-envoy
Connection
keep-alive
Content-Length
0

Redirect headers

Location
https://usr.undertone.com/userPixel/sync?partner=acuityads&uid=17bc8d727c400d7b265433c805729b1cc6c1bfca
Date
Mon, 27 Sep 2021 09:18:53 GMT
Transfer-Encoding
chunked
Server
nginx
Connection
keep-alive
X-Frame-Options
DENY
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
SPug
image4.pubmatic.com/AdServer/ Frame 193A
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160318&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160318%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fusr.undertone...
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160318&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160318%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fusr.undertone...
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=A7CFAC13-0AA2-474A-AC6E-52B8B145B74F&redir=true&gdpr=0&gdpr_consent=
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=A7CFAC13-0AA2-474A-AC6E-52B8B145B74F&redir=true&gdpr=0&gdpr_consent=&verify=true
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-IPt7vU1E2uWleW6eLsUMkE6sJdvUnno-~A&gdpr=0&gdpr_consent=
0
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-IPt7vU1E2uWleW6eLsUMkE6sJdvUnno-~A&gdpr=0&gdpr_consent=
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?ccpa=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 09:18:51 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Mon, 27 Sep 2021 09:18:53 GMT
Server
ATS/7.1.2.138
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-IPt7vU1E2uWleW6eLsUMkE6sJdvUnno-~A&gdpr=0&gdpr_consent=
Connection
keep-alive
Content-Length
0
match
c1.adform.net/serving/cookie/ Frame 0EDD
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&cid=A7CFAC13-0AA2-474A-AC6E-52B8B145B74F
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=A7CFAC13-0AA2-474A-AC6E-52B8B145B74F
35 B
468 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=A7CFAC13-0AA2-474A-AC6E-52B8B145B74F
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159001&us_privacy=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

:method
GET
:authority
c1.adform.net
:scheme
https
:path
/serving/cookie/match?CC=1&party=14&cid=A7CFAC13-0AA2-474A-AC6E-52B8B145B74F
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
cookie
C=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Mon, 27 Sep 2021 09:18:53 GMT
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, no-transform
pragma
no-cache
expires
-1
set-cookie
uid=4213238994030266360; expires=Fri, 26 Nov 2021 09:18:53 GMT; domain=adform.net; path=/; secure; samesite=none
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
strict-transport-security
max-age=31536000; includeSubDomains

Redirect headers

server
nginx
date
Mon, 27 Sep 2021 09:18:53 GMT
content-length
0
location
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=A7CFAC13-0AA2-474A-AC6E-52B8B145B74F
cache-control
no-cache, no-store, must-revalidate, no-transform
pragma
no-cache
expires
-1
set-cookie
C=1; expires=Wed, 27 Oct 2021 09:18:53 GMT; domain=adform.net; path=/; secure; samesite=none
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
strict-transport-security
max-age=31536000; includeSubDomains
A7CFAC13-0AA2-474A-AC6E-52B8B145B74F
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame C708
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=9060834481519736520
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://pr-bh.ybp.yahoo.com/sync/pubmatic/A7CFAC13-0AA2-474A-AC6E-52B8B145B74F?gdpr=0&gdpr_consent=
43 B
691 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/A7CFAC13-0AA2-474A-AC6E-52B8B145B74F?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159001&us_privacy=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.82.100.176 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
pr-bh-ing.pbp.vip.ir2.yahoo.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
pr-bh.ybp.yahoo.com
:scheme
https
:path
/sync/pubmatic/A7CFAC13-0AA2-474A-AC6E-52B8B145B74F?gdpr=0&gdpr_consent=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
cookie
A3=d=AQABBH2MUWECEDFsuGhR1InnTF-AEPGSLg8FEgEBAQHdUmFbYQAAAAAA_eMAAA&S=AQAAAthj5g0CWHO7DlD0T6k51OU
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

set-cookie
B=0ubkiu5gl333t&b=3&s=6a; Path=/; Domain=yahoo.com; Expires=Tue, 27-Sep-2022 09:18:53 GMT; Max-Age=31536000 A1=d=AQABBH2MUWECEDFsuGhR1InnTF-AEPGSLg8FEgEBAQHdUmFbYQAAAAAA_eMAAA&S=AQAAAthj5g0CWHO7DlD0T6k51OU; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=Lax; Secure; HttpOnly A3=d=AQABBH2MUWECEDFsuGhR1InnTF-AEPGSLg8FEgEBAQHdUmFbYQAAAAAA_eMAAA&S=AQAAAthj5g0CWHO7DlD0T6k51OU; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly A1S=d=AQABBH2MUWECEDFsuGhR1InnTF-AEPGSLg8FEgEBAQHdUmFbYQAAAAAA_eMAAA&S=AQAAAthj5g0CWHO7DlD0T6k51OU&j=GDPR; Domain=.yahoo.com; Path=/; SameSite=Lax; Secure B=0ubkiu5gl333t&b=3&s=6a; Max-Age=31557600; Domain=.yahoo.com; Path=/ GUC=AQEBAQFhUt1hW0If7gRm; Max-Age=31557600; Domain=.yahoo.com; Path=/; Secure
expires
Thu, 01 Jan 1970 00:00:00 GMT
content-type
image/gif
content-length
43
date
Mon, 27 Sep 2021 09:18:53 GMT
age
0
strict-transport-security
max-age=31536000
server
ATS
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-content-type-options
nosniff
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin

Redirect headers

content-type
text/html; charset=utf-8
location
https://pr-bh.ybp.yahoo.com/sync/pubmatic/A7CFAC13-0AA2-474A-AC6E-52B8B145B74F?gdpr=0&gdpr_consent=
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
set-cookie
SyncRTB3=1633910400%3A71_7_3_8_13_161_56_220_21_54%7C1633305600%3A223%7C1633996800%3A35; domain=pubmatic.com; path=/; max-age=7776000; SameSite=None; secure; ipc=160318^https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160318%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fusr.undertone.com%252FuserPixel%252Fsync%253FpartnerId%253D53%2526uid%253D%2523PMUID^1^0; domain=pubmatic.com; path=/; max-age=3; SameSite=None; secure; KADUSERCOOKIE=A7CFAC13-0AA2-474A-AC6E-52B8B145B74F; domain=pubmatic.com; path=/; max-age=7776000; SameSite=None; secure; chkChromeAb67Sec=3; domain=pubmatic.com; path=/; max-age=7776000; SameSite=None; secure;
date
Mon, 27 Sep 2021 09:18:51 GMT
content-length
126
usersync.aspx
dis.criteo.com/dis/ Frame 745E 		43 B
334 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159001&us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

:method
GET
:authority
dis.criteo.com
:scheme
https
:path
/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

date
Mon, 27 Sep 2021 09:18:52 GMT
content-type
image/gif
server
Kestrel
cache-control
no-cache
pragma
no-cache
expires
Mon, 27 Sep 2021 00:00:00 GMT
x-errorlevel
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
581085
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame F407
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=p8-sEwqiR0qsblK4sUW3Tw%3D%3D
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159001&us_privacy=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 09:18:53 GMT
content-encoding
gzip
last-modified
Tue, 15 Jun 2021 06:08:03 GMT
server
Apache/2.2.15 (CentOS)
etag
"1300708-3945-5c4c7cc02bd56"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=73567
accept-ranges
bytes
content-type
text/html; charset=UTF-8
content-length
5054
expires
Tue, 28 Sep 2021 05:45:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 27 Sep 2021 09:18:53 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
272
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame F407
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=d0ea6151-8c7c-4f00-98de-286741caa22d
0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=d0ea6151-8c7c-4f00-98de-286741caa22d
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159001&us_privacy=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 09:18:51 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Mon, 27 Sep 2021 09:18:53 GMT
Server
MT3 3984 0e3af3b master zrh-pixel-x28 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=d0ea6151-8c7c-4f00-98de-286741caa22d
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 27 Sep 2021 09:18:52 GMT
match
ps.eyeota.net/ Frame F407
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=A7CFAC13-0AA2-474A-AC6E-52B8B145B74F
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D
  • https://sync.crwdcntrl.net/map/ct=y/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=7d6eb0287fd7849a0db77bd286007d97
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1
  • https://pixel.onaudience.com/?partner=147&mapped=037929fa-8c56-4157-8bbb-d0459f98666f&icm
  • https://pixel.onaudience.com/?partner=236&icm&cver&smartmap=1&redirect=ps.eyeota.net%2Fpixel%3Fgdpr%3D%26gdpr_consent%3D%26pid%3D3b2cb90%26t%3Dgif%26uid%3D%25m
  • https://ps.eyeota.net/pixel?gdpr=&gdpr_consent=&pid=3b2cb90&t=gif&uid=b5b97921b41d3788
  • https://ps.eyeota.net/pixel/bounce/?gdpr=&gdpr_consent=&pid=3b2cb90&t=gif&uid=b5b97921b41d3788
  • https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm&google_sc&google_hm=Mlo0Nk5xWmFuYmI4LU12QlBNVDhDcS1CZ1oxYUNOU0VHVklKZVFyWF9kZUk&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&dc_rc=1&...
  • https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&dc_rc=1&dc_mr=5&dc_orig=3b2cb90&referrer_pid=3b2cb90&google_gid=CAESEH8dQDU-pOfKLFejY8vJvmw&google_cver=1
  • https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMjg0NTA1NDYvdC8w/url/https://ps.eyeota.net/match?bid=1mpjpn0&turn_id=$!{TURN_UUID}&newuser=1&dc_rc=2&dc_mr=5&dc_orig=3b2cb90&&referrer_pid=3b2cb90
  • https://ps.eyeota.net/match?bid=1mpjpn0&turn_id=4543359819311492910&newuser=1&dc_rc=2&dc_mr=5&dc_orig=3b2cb90&&referrer_pid=3b2cb90
  • https://sync.mathtag.com/sync/img?mt_exid=10015&redir=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fbid%3D7vi0rg0%26uid%3D%5BMM_UUID%5D%26dc_rc%3D3%26dc_mr%3D5%26dc_orig%3D3b2cb90%26%26referrer_pid%3D3b2cb90
  • https://ps.eyeota.net/match?bid=7vi0rg0&uid=d0ea6151-8c7c-4f00-98de-286741caa22d&dc_rc=3&dc_mr=5&dc_orig=3b2cb90&&referrer_pid=3b2cb90
  • https://sync-tm.everesttech.net/upi/pid/lons7jax?redir=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fuid%3D%24%7BTM_USER_ID%7D%26bid%3D0rijhbu%26dc_rc%3D4%26dc_mr%3D5%26dc_orig%3D3b2cb90%26%26referrer_pid%...
  • https://ps.eyeota.net/match?uid=YVGMfQAAAlPT3wA6&bid=0rijhbu&dc_rc=4&dc_mr=5&dc_orig=3b2cb90&&referrer_pid=3b2cb90
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=eyeota&ttd_tpi=1
  • https://ps.eyeota.net/match?uid=037929fa-8c56-4157-8bbb-d0459f98666f&bid=1e2n4ou
70 B
440 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ps.eyeota.net/match?uid=037929fa-8c56-4157-8bbb-d0459f98666f&bid=1e2n4ou
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159001&us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.124.210.90 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-210-90.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Mon, 27 Sep 2021 09:18:53 GMT
Content-Type
image/gif
Content-Length
70
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

pragma
no-cache
date
Mon, 27 Sep 2021 09:18:53 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://ps.eyeota.net/match?uid=037929fa-8c56-4157-8bbb-d0459f98666f&bid=1e2n4ou
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
191
Pug
image2.pubmatic.com/AdServer/ Frame F407
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QTdDRkFDMTMtMEFBMi00NzRBLUFDNkUtNTJCOEIxNDVCNzRG&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
341 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159001&us_privacy=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 09:18:52 GMT
cache-control
no-store, no-cache, private
x-lat
amspug018:0:341
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 27 Sep 2021 09:18:53 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame F407
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEGT6eIorX6UAmDZuPEJLJw8&google_cver=1
42 B
439 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEGT6eIorX6UAmDZuPEJLJw8&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159001&us_privacy=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 09:18:51 GMT
cache-control
no-store, no-cache, private
x-lat
amspug016:0:272
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 27 Sep 2021 09:18:53 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEGT6eIorX6UAmDZuPEJLJw8&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame F407 		43 B
612 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159001&us_privacy=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.253.128.188 Amsterdam, Netherlands, ASN36351 (SOFTLAYER, US),
Reverse DNS
bc.80.fd9f.ip4.static.sl-reverse.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 09:18:53 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Sun, 26 Sep 2021 09:18:53 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame F407
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=037929fa-8c56-4157-8bbb-d0459f98666f
42 B
605 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=037929fa-8c56-4157-8bbb-d0459f98666f
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159001&us_privacy=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 09:18:52 GMT
cache-control
no-store, no-cache, private
x-lat
amspug002:0:399
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 27 Sep 2021 09:18:53 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=037929fa-8c56-4157-8bbb-d0459f98666f
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
313
Pug
simage2.pubmatic.com/AdServer/ Frame F407
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=7556761463745734077
42 B
234 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=7556761463745734077
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159001&us_privacy=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 09:18:52 GMT
cache-control
no-store, no-cache, private
x-lat
amspug005:0:556
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 27 Sep 2021 09:18:53 GMT
server
nginx
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=7556761463745734077
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
Pug
simage2.pubmatic.com/AdServer/ Frame F407
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:d0ea6151-8c7c-4f00-98de-286741caa22d&gdpr=0&gdpr_consent=
42 B
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:d0ea6151-8c7c-4f00-98de-286741caa22d&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159001&us_privacy=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 09:18:52 GMT
cache-control
no-store, no-cache, private
x-lat
amspug003:0:562
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Mon, 27 Sep 2021 09:18:53 GMT
Server
MT3 3984 0e3af3b master zrh-pixel-x8 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:d0ea6151-8c7c-4f00-98de-286741caa22d&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 27 Sep 2021 09:18:52 GMT
Pug
image2.pubmatic.com/AdServer/ Frame F407
Redirect Chain
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=412609993434168691&gdpr=0&gdpr_consent=
42 B
209 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=412609993434168691&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159001&us_privacy=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 09:18:51 GMT
cache-control
no-store, no-cache, private
x-lat
amspug015:0:604
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Mon, 27 Sep 2021 09:18:53 GMT
X-Proxy-Origin
216.131.114.223; 216.131.114.223; 719.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
8f26d6e0-9fd4-42dc-981d-27612dd7c632
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=412609993434168691&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame F407
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=oye5z611u524c-nH93WhnKNwtcy4JbzOoSRPzdhd
42 B
269 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=oye5z611u524c-nH93WhnKNwtcy4JbzOoSRPzdhd
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159001&us_privacy=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 09:18:51 GMT
cache-control
no-store, no-cache, private
x-lat
amspug012:0:522
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 27 Sep 2021 09:18:53 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=oye5z611u524c-nH93WhnKNwtcy4JbzOoSRPzdhd
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame 53BC 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=12776
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
3640dd4cd66e624cfb0a2f81a673e4e34ca137737ba32d6f117accc4d5e8ad1f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=12776
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Mon, 27 Sep 2021 09:18:53 GMT
Content-Encoding
gzip
Last-Modified
Fri, 24 Sep 2021 16:02:15 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=48838
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9352
Expires
Mon, 27 Sep 2021 22:52:51 GMT
sync.php
pixel.rubiconproject.com/exchange/ Frame 53BC 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=12776
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
Content-Type
image/gif
tap.php
pixel.rubiconproject.com/ Frame 8CDE
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&us_privacy=1---
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/ru__ARtwU6N4N9BGeG1_d8n5EUdSAgOZEtemQ7w0kco?csrc=&us_privacy=1---
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=6385719322260363380
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=6385719322260363380
Requested by
Host: www.obsev.com
URL: https://www.obsev.com/life/photos-show-unusual-historical-events/?utm_source=lit_456&utm_medium=paid&utm_campaign=07cc_ntd590_070_aa_lc_n_lc_dd_1_tnt_1&utm_content=23848775733490200&utm_term=07cc_ntd590_070_aa_lc_n_lc_dd_1_adset_1&fbclid=IwAR3ivSL7fWMhwzGX
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
Content-Type
image/gif

Redirect headers

date
Mon, 27 Sep 2021 09:18:53 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=6385719322260363380
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
709414.gif
id.rlcdn.com/ Frame 8CDE 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/709414.gif?us_privacy=1---
Requested by
Host: www.obsev.com
URL: https://www.obsev.com/life/photos-show-unusual-historical-events/?utm_source=lit_456&utm_medium=paid&utm_campaign=07cc_ntd590_070_aa_lc_n_lc_dd_1_tnt_1&utm_content=23848775733490200&utm_term=07cc_ntd590_070_aa_lc_n_lc_dd_1_adset_1&fbclid=IwAR3ivSL7fWMhwzGX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers
v1
ads.yahoo.com/cms/ Frame 8CDE
Redirect Chain
  • https://token.rubiconproject.com/token?pid=26594&us_privacy=1---
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KU2FV1OY-24-GVYG&sigv=1&esig=2~02078bd3be8366daa2addf31820377aa7df6a715&us_privacy=1---
0
299 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KU2FV1OY-24-GVYG&sigv=1&esig=2~02078bd3be8366daa2addf31820377aa7df6a715&us_privacy=1---
Requested by
Host: www.obsev.com
URL: https://www.obsev.com/life/photos-show-unusual-historical-events/?utm_source=lit_456&utm_medium=paid&utm_campaign=07cc_ntd590_070_aa_lc_n_lc_dd_1_tnt_1&utm_content=23848775733490200&utm_term=07cc_ntd590_070_aa_lc_n_lc_dd_1_adset_1&fbclid=IwAR3ivSL7fWMhwzGX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
87.248.118.22 Frankfurt am Main, Germany, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
e1.ycpi.vip.deb.yahoo.com
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 09:18:53 GMT
cache-control
no-store
x-content-type-options
nosniff
server
ATS
strict-transport-security
max-age=15552000
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection
1; mode=block

Redirect headers

Location
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KU2FV1OY-24-GVYG&sigv=1&esig=2~02078bd3be8366daa2addf31820377aa7df6a715&us_privacy=1---
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 8CDE
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&us_privacy=1---
  • https://sync-tm.everesttech.net/ct/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&us_privacy=1---&_test=YVGMfQAAAlPT3wA6
  • https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YVGMfQAAAlPT3wA6&us_privacy=1---&_test=YVGMfQAAAlPT3wA6
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YVGMfQAAAlPT3wA6&us_privacy=1---&_test=YVGMfQAAAlPT3wA6
Requested by
Host: www.obsev.com
URL: https://www.obsev.com/life/photos-show-unusual-historical-events/?utm_source=lit_456&utm_medium=paid&utm_campaign=07cc_ntd590_070_aa_lc_n_lc_dd_1_tnt_1&utm_content=23848775733490200&utm_term=07cc_ntd590_070_aa_lc_n_lc_dd_1_adset_1&fbclid=IwAR3ivSL7fWMhwzGX
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 27 Sep 2021 09:18:53 GMT
via
1.1 varnish
server
Varnish
x-timer
S1632734333.210562,VS0,VE0
x-served-by
cache-fra19170-FRA
x-cache
HIT
location
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YVGMfQAAAlPT3wA6&us_privacy=1---&_test=YVGMfQAAAlPT3wA6
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
tap.php
pixel.rubiconproject.com/ Frame 8CDE
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D&us_privacy=1---
  • https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=d0ea6151-8c7c-4f00-98de-286741caa22d&expires=28
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=d0ea6151-8c7c-4f00-98de-286741caa22d&expires=28
Requested by
Host: www.obsev.com
URL: https://www.obsev.com/life/photos-show-unusual-historical-events/?utm_source=lit_456&utm_medium=paid&utm_campaign=07cc_ntd590_070_aa_lc_n_lc_dd_1_tnt_1&utm_content=23848775733490200&utm_term=07cc_ntd590_070_aa_lc_n_lc_dd_1_adset_1&fbclid=IwAR3ivSL7fWMhwzGX
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
Content-Type
image/gif

Redirect headers

Date
Mon, 27 Sep 2021 09:18:53 GMT
Server
MT3 3984 0e3af3b master zrh-pixel-x29 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=d0ea6151-8c7c-4f00-98de-286741caa22d&expires=28
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 27 Sep 2021 09:18:52 GMT
rubicon
match.adsrvr.org/track/cmf/ Frame 8CDE 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon?us_privacy=1---
Requested by
Host: www.obsev.com
URL: https://www.obsev.com/life/photos-show-unusual-historical-events/?utm_source=lit_456&utm_medium=paid&utm_campaign=07cc_ntd590_070_aa_lc_n_lc_dd_1_tnt_1&utm_content=23848775733490200&utm_term=07cc_ntd590_070_aa_lc_n_lc_dd_1_adset_1&fbclid=IwAR3ivSL7fWMhwzGX
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 27 Sep 2021 09:18:53 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 8CDE
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470&us_privacy=1---
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1UyRlYxT1ktMjQtR1ZZRw==&us_privacy=1---
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1UyRlYxT1ktMjQtR1ZZRw==&us_privacy=1---
Requested by
Host: www.obsev.com
URL: https://www.obsev.com/life/photos-show-unusual-historical-events/?utm_source=lit_456&utm_medium=paid&utm_campaign=07cc_ntd590_070_aa_lc_n_lc_dd_1_tnt_1&utm_content=23848775733490200&utm_term=07cc_ntd590_070_aa_lc_n_lc_dd_1_adset_1&fbclid=IwAR3ivSL7fWMhwzGX
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 27 Sep 2021 09:18:53 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1UyRlYxT1ktMjQtR1ZZRw==&us_privacy=1---
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 8CDE
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n&us_privacy=1---
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YjgxYjE4NjE4YmNjOTM3N2M1YjBmMGI4MmI2ZmRkZTdkOGViZTMzMg&us_privacy=1---
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YjgxYjE4NjE4YmNjOTM3N2M1YjBmMGI4MmI2ZmRkZTdkOGViZTMzMg&us_privacy=1---
Requested by
Host: www.obsev.com
URL: https://www.obsev.com/life/photos-show-unusual-historical-events/?utm_source=lit_456&utm_medium=paid&utm_campaign=07cc_ntd590_070_aa_lc_n_lc_dd_1_tnt_1&utm_content=23848775733490200&utm_term=07cc_ntd590_070_aa_lc_n_lc_dd_1_adset_1&fbclid=IwAR3ivSL7fWMhwzGX
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 27 Sep 2021 09:18:53 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YjgxYjE4NjE4YmNjOTM3N2M1YjBmMGI4MmI2ZmRkZTdkOGViZTMzMg&us_privacy=1---
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
/
ssc-cms.33across.com/ps/ Frame 47CB 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=c_qS1a7eOr6ykqaKkGJozW&gdpr_consent=undefined&us_privacy=1---
Requested by
Host: d19m55ur8rme4m.cloudfront.net
URL: https://d19m55ur8rme4m.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.100.17.178 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip178.208-100-17.static.steadfastdns.net
Software
33XP005 /
Resource Hash

Request headers

:method
GET
:authority
ssc-cms.33across.com
:scheme
https
:path
/ps/?m=xch&rt=html&ru=deb&id=c_qS1a7eOr6ykqaKkGJozW&gdpr_consent=undefined&us_privacy=1---
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.obsev.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.obsev.com/

Response headers

x-33x-status
2000208
server
33XP005
date
Mon, 27 Sep 2021 09:18:52 GMT
async_usersync
ib.adnxs.com/ Frame 2DC5 		0
734 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.89 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 27 Sep 2021 09:18:53 GMT
X-Proxy-Origin
216.131.114.223; 216.131.114.223; 719.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
b89d69f6-0b66-4003-8745-a1827c006292
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame F407 		0
260 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=159001&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159001&us_privacy=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 09:18:54 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
capi.connatix.com
URL
https://capi.connatix.com/tr/sr?v=130560
Domain
imasdk.googleapis.com
URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Domain
capi.connatix.com
URL
https://capi.connatix.com/rtb/g?v=130560
Domain
tlx.3lift.com
URL
https://tlx.3lift.com/vast/auction?inv_code=obsev_prebid_preroll_ROS&format=REPLACE_ME&width=401&height=226&minDuration=REPLACE_ME&maxDuration=REPLACE_ME&contentLanguage=REPLACE_ME
Domain
ssc-cms.33across.com
URL
https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=c_qS1a7eOr6ykqaKkGJozW&gdpr_consent=undefined&us_privacy=1---

Verdicts & Comments Add Verdict or Comment

170 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| onbeforexrselect boolean| originAgentCluster function| _typeof object| jitaJS function| dx_log function| getQueryStringValue function| domReady function| setNPA object| rtkEagerAdUnitCodes object| rtkGPTSlotsTargeting object| rtkLazyAdUnitCodes object| jita_tg_params object| this_script object| script function| $ function| jQuery object| dx_rtk_data number| refresh_adhesion object| sent_pageviews object| articleInfo number| windowHeight function| isObjectEmpty function| iOS function| handleArticleSwitching function| updateUrlAndTitle function| updateCurrentArticle function| watchForNextArticle function| isPartiallyInViewport function| isElementInViewport function| isElementClose function| handleAdhesion function| handlePageviews function| sendTaboolaPageview function| sendOutbrainPageview function| sendRevcontentPageview function| getCurrentArticle function| handleInfinitePostResponse function| sendGtagConversion function| getTotalLoadedArticles function| gtag object| dataLayer object| google_tag_manager object| google_optimize object| _taboola function| fbq function| _fbq object| twttr function| twq object| dotq string| TiktokAnalyticsObject object| ttq function| dxTaboolaAC function| admiral object| googletag function| __tcfapi function| __uspapi function| cnxps function| cnx boolean| isIE string| custom_param_1 string| custom_param_2 string| custom_param_3 function| JITAPBChunk object| JITAPB object| _pbjsGlobals object| JITA object| v_0x32bb function| v_0x9346 object| regeneratorRuntime object| _vdzwgt_ object| __cfBeacon boolean| is_iOS boolean| hasAdInContent object| jQuery112407462458343593583 object| TRC object| _tblConsole undefined| msg object| _comscore object| YAHOO object| _qevents object| google_tag_data string| GoogleAnalyticsObject function| ga function| 4dm1r11545242527 object| apstag object| webpackJsonp.TiktTokAnalytics object| JSBridge object| Native2JSBridge object| ToutiaoJSBridge function| __trcCopyProps function| __trcFromError function| __trcClientTimestamp function| __trcLog function| __trcError function| __trcDebug function| __trcInfo function| __trcWarn function| __trcWarnUsingBeacon function| __trcDOMWalker function| __trcJSONify function| __trcUnJSONify function| __trcTrim function| __trcGetElementsByClass function| __trcToArray function| __trcObjectCreate function| PageManager function| addHashParam number| trc_debug_level string| trc_article_id object| TRCImpl object| ggeac object| google_js_reporting_queue function| udm_ object| ns_p object| COMSCORE object| JSON3 object| cnx_usr_storage function| quantserve function| __qc object| ezt object| _qoptions function| qtrack function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO function| __tcfapiui object| gaplugins object| gaGlobal object| gaData boolean| apstagLOADED function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter undefined| google_measure_js_timing string| pubcidCookie number| google_srt function| googleCompanionsServicePresent function| googleGetCompanionAdSlots function| googleSetCompanionAdContents function| google_companion_error object| vdz function| webpackJsonpbzh4lgkeoeyk function| setImmediate function| clearImmediate object| __vidazooPlayer__ object| vidazoo object| v_0x4037 function| v_0x3658 object| cnxEnfStorage function| cnxsetTimeout function| cnxsetInterval object| cnxPlugins function| cnxProxyTask function| pbjsChunk object| pbjs object| mnet function| cnxAddEventListener

95 Cookies

Domain/Path Name / Value
.obsev.com/life/photos-show-unusual-historical-events Name: _dlt
Value: 1
.3lift.com/sync Name: sync
Value: CgoIgQIQ8I-ztMIvCgoI4gEQ8I-ztMIvCgoI5gEQ8I-ztMIvCgoIhwIQ8I-ztMIvCgkICRDwj7O0wi8KCQg6EPCPs7TCLwoJCAsQ8I-ztMIvCgoIjAIQ8I-ztMIvCgoIzgEQ8I-ztMIvCgkIXxDwj7O0wi8=
.obsev.com/ Name: rtk_session
Value: eyJyZXZlbnVlIjowLCJ0cmlnZ2VyZWRSUFNSdWxlcyI6W10sInNpZCI6IjZmNzA0NTY2LWExZWMtNGI3NC05MDFjLTk0YjE4YmU5Nzc2YyIsInN0YXJ0ZWRBdCI6MTYzMjczNDMyNiwibGFzdFNlZW4iOjE2MzI3MzQzMjZ9
.obsev.com/ Name: _gcl_au
Value: 1.1.876823288.1632734327
.twitter.com/ Name: personalization_id
Value: "v1_mVnkA4XvcbRE3Na4lefhWg=="
.scorecardresearch.com/ Name: UID
Value: 1UVKZFMLVRCKMGZ171MZ2Kg1632734327
.obsev.com/ Name: _fbc
Value: fb.1.1632734326815.IwAR3ivSL7fWMhwzGX
.obsev.com/ Name: _fbp
Value: fb.1.1632734326816.2068822521
.obsev.com/ Name: _ga
Value: GA1.2.638220631.1632734327
.obsev.com/ Name: _gid
Value: GA1.2.1055286273.1632734327
.obsev.com/ Name: _gat_gtag_UA_67215840_2
Value: 1
www.obsev.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.obsev.com/ Name: _pubcid
Value: 8aca9fa9-58c5-40ee-8100-c74d3ac027b4
.openx.net/ Name: i
Value: 8aca9fa9-58c5-40ee-8100-c74d3ac027b4|1632734327
.doubleclick.net/ Name: IDE
Value: AHWqTUk8erooNqh1OdJBT3Fd3Fvj6k_l3XIrMuxwxMJqIl9-I51V6fuXJnDBdw9L
.rubiconproject.com/ Name: khaos
Value: KU2FV1OY-24-GVYG
.rubiconproject.com/ Name: rsid
Value: 1|HsGqLFsFr/vVSy6g0MQzNQWiuYBcZJvAvCF6IsCkVVw8wYaQOmrhRKqbYr6DgI/DQB+kslOnYX6qF0anVSaRRFrEpFc6uQw19gMkasvdREJwzG+hEKZeU6r9VKHaWVv/VO/a+hEPPQ==
.rubiconproject.com/ Name: ses15
Value:
.rubiconproject.com/ Name: vis15
Value: 216254^1
.rubiconproject.com/ Name: audit
Value: 1|hLZGFuTafB3k9RaVnoXf+GUzPgnV/Zv5v2FR2LKygIB6p9ENaYBHKyiRTgk7w7IDwFCfoC+4IsXauYAbF1ISHR04pbWpEGPK
.rubiconproject.com/ Name: ses10
Value:
.rubiconproject.com/ Name: vis10
Value: 216254^1
.rubiconproject.com/ Name: ses9
Value:
.rubiconproject.com/ Name: vis9
Value: 216254^1
.adnxs.com/ Name: icu
Value: ChgIt5tIEAoYASABKAEw95jGigY4AUABSAEQ95jGigYYAA..
.adnxs.com/ Name: uuid2
Value: 412609993434168691
.obsev.com/ Name: _awl
Value: 2.1632734327.0.4-1728d6ba-54b42e90bd8c81012216bf845402fc5c-6763652d6575726f70652d7765737431-61518c77-0
.technoratimedia.com/ Name: tads_uid
Value: GDPR
.openx.net/ Name: pd
Value: v2|1632734332|mOgeginskin0vNomiygu
.3lift.com/ Name: tluid
Value: 15082993255945826032
.adsrvr.org/ Name: TDID
Value: 037929fa-8c56-4157-8bbb-d0459f98666f
www.obsev.com/ Name: _unifiedId
Value: %7B%22TDID%22%3A%22037929fa-8c56-4157-8bbb-d0459f98666f%22%2C%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222021-09-27T09%3A18%3A52%22%7D
eus.rubiconproject.com/ Name: pux
Value: 1512%3D102897%262307%3D102897%262974%3D102897%263778%3D102897%26idl%3D102897%26brx%3D102897%26goog%3D102897%262249-DV360-Hosted%3D102897%26
.quantserve.com/ Name: mc
Value: 61518c7c-ee9bc-b6f92-30042
.mathtag.com/ Name: uuid
Value: d0ea6151-8c7c-4f00-98de-286741caa22d
.w55c.net/ Name: wfivefivec
Value: N2Hftc3D1MuMMI5
.pubmatic.com/ Name: KADUSERCOOKIE
Value: A7CFAC13-0AA2-474A-AC6E-52B8B145B74F
.pubmatic.com/ Name: DPSync3
Value: 1633910400%3A219_201_197%7C1632787200%3A174
.adform.net/ Name: C
Value: 1
.bidswitch.net/ Name: tuuid
Value: 923cf5cf-bcf1-475e-893d-737dfe62d5ae
.bidswitch.net/ Name: c
Value: 1632734332
.w55c.net/ Name: matchopenx
Value: 5
.quantserve.com/ Name: d
Value: ENEBEQGsJPijCJiTAA
.bidswitch.net/ Name: tuuid_lu
Value: 1632734333
.adform.net/ Name: uid
Value: 4213238994030266360
.advertising.com/ Name: APID
Value: UPeed8102b-1f73-11ec-b39f-02abba99f1a8
.pubmatic.com/ Name: KTPCACOOKIE
Value: YES
.turn.com/ Name: uid
Value: 4543359819311492910
.onaudience.com/ Name: cookie
Value: 8ea07db1c5ea2af1
.onaudience.com/ Name: done_redirects104
Value: 1
.simpli.fi/ Name: suid
Value: 1C0C65C2BBD04C4B9120AFDFB5F935CC
.bing.com/ Name: MUID
Value: 38C557B2EDB769E22DB8470DECF2687F
.de17a.com/ Name: guid2
Value: 1.9060834481519736520
.mathtag.com/ Name: mt_mop
Value: 9:1632734332
.pubmatic.com/ Name: KRTBCOOKIE_377
Value: 6810-037929fa-8c56-4157-8bbb-d0459f98666f&KRTB&22918-037929fa-8c56-4157-8bbb-d0459f98666f&KRTB&23031-037929fa-8c56-4157-8bbb-d0459f98666f
.pubmatic.com/ Name: PUBMDCID
Value: 3
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:d0ea6151-8c7c-4f00-98de-286741caa22d&KRTB&16736-uid:d0ea6151-8c7c-4f00-98de-286741caa22d&KRTB&23019-uid:d0ea6151-8c7c-4f00-98de-286741caa22d&KRTB&23114-uid:d0ea6151-8c7c-4f00-98de-286741caa22d
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-7556761463745734077&KRTB&23263-7556761463745734077
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEGT6eIorX6UAmDZuPEJLJw8&KRTB&16514-CAESEGT6eIorX6UAmDZuPEJLJw8&KRTB&23025-CAESEGT6eIorX6UAmDZuPEJLJw8
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-412609993434168691
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 19420-oye5z611u524c-nH93WhnKNwtcy4JbzOoSRPzdhd&KRTB&22979-oye5z611u524c-nH93WhnKNwtcy4JbzOoSRPzdhd
.pubmatic.com/ Name: KRTBCOOKIE_336
Value: 5844-9060834481519736520
.bidr.io/ Name: bito
Value: AACrPU7CoxkAADwZRd5lEg
.bidr.io/ Name: bitoIsSecure
Value: ok
.pubmatic.com/ Name: SyncRTB3
Value: 1633910400%3A71_7_3_8_13_161_56_220_21_54%7C1633305600%3A223%7C1633996800%3A35
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 3
.analytics.yahoo.com/ Name: IDSYNC
Value: 18z9~20mx
.yahoo.com/ Name: APID
Value: UPeed8102b-1f73-11ec-b39f-02abba99f1a8
.yahoo.com/ Name: APIDTS
Value: 1632734333
.yahoo.com/ Name: A3
Value: d=AQABBH2MUWECEDFsuGhR1InnTF-AEPGSLg8FEgEBAQHdUmFbYQAAAAAA_eMAAA&S=AQAAAthj5g0CWHO7DlD0T6k51OU
.scoota.co/ Name: tuuid
Value: a8695f62-6d62-4731-8274-d590522b4653
.scoota.co/ Name: c
Value: 1632734333
.scoota.co/ Name: tuuid_lu
Value: 1632734333
.crwdcntrl.net/ Name: _cc_dc
Value: 1
.crwdcntrl.net/ Name: _cc_id
Value: 7d6eb0287fd7849a0db77bd286007d97
.crwdcntrl.net/ Name: _cc_cc
Value: "ACZ4XmNQME8xS00yMLIwT0sxtzCxTDRISTI3T0oxsjAzMDBPsTRnAILEwJ5aEA0FAFS7CoE%3D"
.crwdcntrl.net/ Name: _cc_aud
Value: "ABR4XmNgYGBIDOypBVJQAAAVbAG8"
.pubmatic.com/ Name: KRTBCOOKIE_699
Value: 22727-AACrPU7CoxkAADwZRd5lEg
.pubmatic.com/ Name: PugT
Value: 1632734331
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~YVGMfQAAAlPT3wA6
.onaudience.com/ Name: done_redirects147
Value: 1
.admanmedia.com/ Name: admtr
Value: 17bc8d727c400d7b265433c805729b1cc6c1bfca
.onaudience.com/ Name: done_redirects236
Value: 1
.smartadserver.com/ Name: pid
Value: 7808748477100723742
.smartadserver.com/ Name: TestIfCookieP
Value: ok
.smartadserver.com/ Name: csync
Value: 127:AACrPU7CoxkAADwZRd5lEg
.eyeota.net/ Name: mako_uid
Value: 17c268cc9a6-54a30000010f4e36
.eyeota.net/ Name: SERVERID
Value: 20022~DM
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&9abc8555-9dd3-484e-87d1-c1b54a84895a"
.linkedin.com/ Name: lidc
Value: "b=OGST05:s=O:r=O:a=O:p=O:g=2322:u=1:x=1:i=1632734333:t=1632820733:v=2:sig=AQFb6ZdI8nV0foIBlNRZAWs3Q8QaxL3c"
.undertone.com/ Name: UID_EXT_39
Value: 120bc7d7-f1ed-437a-b153-1062a94b341b
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: f2d228179efdd443
.adsrvr.org/ Name: TDCPM
Value: CAESFwoIcHVibWF0aWMSCwi8uJK1u-iAOhAFGAEgASgCMgsI-IG46dHogDoQBTgBWgZleWVvdGFgAg..
.pubmatic.com/ Name: SPugT
Value: 1632734334

5 Console Messages

Source Level URL
Text
javascript warning URL: https://d19m55ur8rme4m.cloudfront.net/script.js
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://cds.connatix.com/p/plugins/prebid4.43.0-1.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://d19m55ur8rme4m.cloudfront.net/script.js
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://cds.connatix.com/p/plugins/prebid4.43.0-1.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network error URL: https://id.rlcdn.com/709414.gif?us_privacy=1---
Message:
Failed to load resource: the server responded with a status of 451 ()
javascript error URL: https://www.obsev.com/life/photos-show-unusual-historical-events/?utm_source=lit_456&utm_medium=paid&utm_campaign=07cc_ntd590_070_aa_lc_n_lc_dd_1_tnt_1&utm_content=23848775733490200&utm_term=07cc_ntd590_070_aa_lc_n_lc_dd_1_adset_1&fbclid=IwAR3ivSL7fWMhwzGX
Message:
Access to XMLHttpRequest at 'https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=c_qS1a7eOr6ykqaKkGJozW&gdpr_consent=undefined&us_privacy=1---' from origin 'https://www.obsev.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=c_qS1a7eOr6ykqaKkGJozW&gdpr_consent=undefined&us_privacy=1---
Message:
Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

506.hostedprebid.com
a.teads.tv
acdn.adnxs.com
ad-cdn.technoratimedia.com
ad.turn.com
ads.pubmatic.com
ads.yahoo.com
ads.yieldmo.com
analytics.tiktok.com
analytics.twitter.com
ap.lijit.com
audit-tcfv2.quantcast.mgr.consensu.org
b1sync.zemanta.com
bh.contextweb.com
bid.g.doubleclick.net
bidder.rtk.io
bisdr.vidazoo.com
brightcombid.marphezis.com
btlr.sharethrough.com
c.amazon-adsystem.com
c.bing.com
c1.adform.net
c2shb.ssp.yahoo.com
capi.connatix.com
cd.connatix.com
cdn.districtm.io
cdn.taboola.com
cdn.undertone.com
cds.connatix.com
cm.g.doubleclick.net
connect.facebook.net
cs.admanmedia.com
d.turn.com
d19m55ur8rme4m.cloudfront.net
d5p.de17a.com
dis.criteo.com
dmx.districtm.io
eb2.3lift.com
eu-u.openx.net
eus.rubiconproject.com
fastlane.rubiconproject.com
googleads.g.doubleclick.net
hb.undertone.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
i.clean.gg
ib.adnxs.com
id.rlcdn.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
image8.pubmatic.com
imasdk.googleapis.com
img.connatix.com
jita.rtk.io
match.adsrvr.org
match.prod.bidr.io
obsev-d.openx.net
overconfidentfood.com
pagead2.googlesyndication.com
pixel.advertising.com
pixel.onaudience.com
pixel.quantserve.com
pixel.rubiconproject.com
platform.twitter.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prebid.a-mo.net
ps.eyeota.net
px.ads.linkedin.com
quantcast.mgr.consensu.org
r.scoota.co
rtb-csync.smartadserver.com
rules.quantcount.com
s.amazon-adsystem.com
s.yimg.com
s29588.pcdn.co
sb.scorecardresearch.com
secure-assets.rubiconproject.com
secure.gravatar.com
secure.quantserve.com
securepubads.g.doubleclick.net
shandymedia.technoratimedia.com
simage2.pubmatic.com
simage4.pubmatic.com
ssc-cms.33across.com
ssc.33across.com
static.ads-twitter.com
static.adsafeprotected.com
static.cloudflareinsights.com
static.vidazoo.com
sync-tm.everesttech.net
sync.crwdcntrl.net
sync.mathtag.com
sync.rtk.io
t.co
tag.1rx.io
test.quantcast.mgr.consensu.org
tlx.3lift.com
token.rubiconproject.com
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
usr.undertone.com
vid.connatix.com
wserver.vidazoo.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googleoptimize.com
www.googletagmanager.com
www.obsev.com
x.bidswitch.net
capi.connatix.com
imasdk.googleapis.com
ssc-cms.33across.com
tlx.3lift.com
104.16.190.66
104.16.94.65
104.244.42.131
104.244.42.5
108.174.11.37
13.107.21.200
13.224.186.4
13.224.193.122
13.224.193.34
13.224.193.62
13.225.78.101
13.225.78.2
13.225.78.24
13.225.78.27
13.225.84.195
13.248.242.197
13.248.245.213
134.209.221.54
142.250.181.226
142.250.184.194
142.250.184.206
142.250.185.194
142.250.185.232
142.250.186.68
142.250.186.78
142.250.186.98
147.75.38.124
147.75.64.214
151.101.129.108
151.101.129.44
151.101.194.137
151.101.2.137
151.101.66.49
151.139.240.1
151.139.240.35
152.199.22.191
157.230.212.27
157.240.236.1
157.240.236.35
159.253.128.188
172.67.132.158
178.250.0.163
18.116.58.214
18.156.0.31
18.156.195.47
18.184.93.79
18.185.169.108
18.194.59.214
185.29.132.241
185.33.221.89
185.64.189.110
185.64.189.112
185.64.189.114
185.64.189.115
185.64.189.216
185.64.190.81
185.86.139.113
192.0.73.2
193.122.128.135
198.148.27.139
199.232.136.157
2.16.186.113
2.16.186.145
2.18.232.7
2.18.233.180
208.100.17.178
209.54.177.54
212.82.100.176
213.155.156.166
213.19.147.43
216.52.2.39
23.37.38.181
23.37.42.132
3.122.57.214
3.124.210.90
34.149.20.76
34.239.203.97
34.95.69.49
35.201.96.133
35.244.159.8
35.244.174.68
37.157.2.235
46.228.164.11
46.228.164.13
51.210.112.63
52.17.35.107
52.19.22.209
52.49.37.161
52.49.53.128
54.194.126.20
54.210.227.169
54.93.162.63
64.233.167.156
69.173.144.138
69.173.144.143
70.42.32.191
87.248.118.22
88.214.206.247
91.228.74.226
93.184.220.66
00b8626deb2ef52222d65c6f3039c35c38940cd7458181332381fbd81b76a004
016789079923b11c60c3b9c2fe5e6a440a52ce7f977fb26a721bdf59c429f240
0261a2f683cac009cc3722392f595b7a694674eafbc518036821f8130ba10937
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
08fcf9446aed1d3502f28be78b5183240290c1a24de433c285a726db1b70c027
09b6992f671ef5e0bafe4085dcca479e60c63718101f6dbe40c74bf0a5c0b1de
0a5c20add80dfa892c8ce20c1185a664b9d9ba991c3b7281db96dab5178bfbf6
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
12be9d1992649e87efd723cae11e35605236eb276d6adf01e1173dd3c8588f9e
1f33e8bf57ec624875971f1221522df2e4f9ac90a3c1e7faab1c334b1604f73c
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba
270ed047f71ec281b7c4978ce19eaf27f4d88020bafd93aa1477557de86c1e5a
2d0f6b590917e7d27ddeb026b280d62dde9d03bb92f47f56342fc5f68f0c24eb
2e7448cc3623c60307b28ad956e5b9a3f48acceb721e2a021eb0696135254282
3640dd4cd66e624cfb0a2f81a673e4e34ca137737ba32d6f117accc4d5e8ad1f
3999f9cfc12ba40994ad1b3d31cc8e05afd224b1718027ca9ac58d79c2d6601c
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
3ff42f6f57602f41ab60068adca26617b68022a930596fdc93095b21d32a2fc0
4012b60b50fc1eba6890f9744fc7ed75e12f2d3f9ae421670e200468e1785b34
40c936ed115d290ad392a23861042794164887d5e95778e1165e111de93d46a0
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4749f1f98a4b997aa5828b3645c63c084edae4c517da77046f8c6cb80963c40e
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
4adaeccb264cbd8319080fd9f61eb769ff6f8aa1a02ab3408430b2b853d9cbe8
4da3e3aa30b5b06390d7e7e3fcfb16d648909eb429d161c2748bd6d79a7ec5fb
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
50744d037f1ccf7f0436a80eed18aa292d868d596e39e83da696b1d4f917b17c
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5651eaf9f168cc2291eec10350e0c8b3bd71798fe601418589f80515808069de
56bb976e6e4282951416ae8018d25f885fa126c95828c6c555ff66b97632aa2e
57a50c99a31ef4e89e86664e96f6dfbdde163a2eb96e88b3b492c49aa4be2f37
5a1a3a3f0ef52a304cde50940ee607a2ebb008b76fa4cf49721b6e5cc07c350a
6199df887e6da8e621cd94fef4e7dbb8c5e6382b043a5de7143a0ca81bc65db2
629523460aa77e8a60024143fd3d74380bb095c900a364e4071a1ef8eb7eafac
62f3a786e694b5c0ea068b3267e019ec7de62fb98fbebffdfbd425f1cd99a86e
64953967476e4a79197954523781577f80a0800f2971903eaf51eb3913bbc1ee
677a578bc7e86d9d482600a4be5e9beb85eb63c26a8b1855255453de025325a5
69869d96334edee922f659a34f8906b1976133d24a1f9f5871e10ef7dc04211b
6a0c48cc26befa65bdebf31bd7af3f72634a9d82cb5adfb1de07f04102c26034
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6e6feebb53ca78c1931d269931f6e1c8efe80181864e7dea3ee3af8c81fe746a
6fdb2c455da80fc90bddea76f6370810f4b45d3d96552777193b281452e3762f
7289837e876c7bbbf1afc71abc4c5383e7f56692abeaa0a72b82e4e721ceba26
72f8d22d487cc7b7c62273167c3b94e1db0a1d7daea0d01003c42a35c9654b75
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
772171e7667d71ea4008a0e1bf966952d10ad40131dd47ddba48efd8f55de039
7b5ebe0b15e73b5df06f15cb49948c37982f42d5c73b18244b5c2c5b5c4a7d37
7d2a71f6a1a35e552d1bbc0b52a8f1b20f67f3c5b365dc021d23831934f4a06a
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73
7e2e470257d8af8bcef74a9f2919bf8a76fd2ca79d5f0e66e5872eff38b70e9f
7eb1ae64b457cfdf2bb4e393d88f0ba461a2d3f069c3f7594f1547bbc3292850
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84751873b81e025c813cae29a4814e4eb98ad51d382336442a200cbdc5a708f9
8bd8b4ab751d7e1cf0a74d1813c61e932f283210339e7fe479ba95a4bb5d9a16
8c7ee0238fa5cd80a02ef9870a7fff498ef52097181cb73edb9219dc022fd919
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
9141953d9fa60e3d829b5588eb14a2ba746309db1005c36d29ac2a0b659449b0
924bebc42783edf15677c196e1d4ce303971c331e0f63fa5c1e5572704aa90da
932da60c35768cdd109c7361be41eba1a055942888f455927375479e314665ae
936790ccabd26acddebd039c54120623734e2aa82310def49cc535912338fc0c
975b62423e82390a1b54f47625f46f5b4451a8ea69945b2e85008a194bb55edd
986dd30240c5c391020459db60212c4d9df2d2eec66a1c065f76f89e85b17c87
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9b81ef31ea16f71c5d490714a0a01f932c25cd9d21803e64e74e1b46aa23886f
9cb3cf4e89bf245f757155fa1b942f90ab16a48b81e5f74ae841e5c3d9502e0d
9cddc4e1c7049c1e45ebb678a8a47bb3b67dfa86009c877de6a9e6da0cfae474
9ceea3f7fc63c9fd2add907fa04979a30c65d28c3df4153909e1b05acf7a100f
9ef2fa6d02bd3595685a4fa73762bb189deac1d05605ff00a2bb58b879b75557
9fd9fae6d5a1efb7a12bf660007fe83fcec3f4887a3b0ab9f47efae78df923c0
a0eccaf1eefb80f8c25c9d702351f4c81e24e388d64540136973895ea3b6bb22
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a6b8768ff9246e7c6c313e9a4cfcfaefeb291e59e507d72cf2f83f597cb0c5d3
a74d9a88b145b13af856ba7e17892f66caac51a83e14adafc1e36babd8476b54
a7b38f2810bc32b7813ed86b526ebbf1aa9d48e398364d59735c17a34897f1ef
aa527219f15dec6be84fd36445705f3f024fcdf0057fc6d1894160a5caf939fe
aa9430a6c3fd8091bb9ec2459cfeba31f0888b88a4d2c417e59a6d90b7d3c5b3
ab43cf929d649dba8ce38c92dec4849c8049b678fec9942ae08df5ca57757280
ac28ee4c234de329ce740ef7ec8af26cec56ac1a0968eafd882b780c9d0bf036
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
acd89c8dd5cc9cf47ee574302ec883993c33d419da8840ddb05763b857f1f09f
ad1dbde9573d7616472dcb79f7b01013815630f192725c4da532af0651428bc4
b2233bd56e2f58aa8135d4ef5dca75a3414522a9f7dd035798dfc268edf6d3b4
b4c9c3c2bb4b17bff5986d759288ef76a69d3f9bf0ff6e80cf7f278300eb05c7
b652663d7e2cbcb7a33982374d229aca5bb087924b10cf3a3e3b5b5eadd428a1
b9e6c38b3493790e6525ba6715ad839211cab5db3ddc80c7f70f20f92679fee6
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb2d184be3766003d1337dd69477c04f546537e16a9e4def50b0844e5bd8e0d2
bbca223da58c816803ac6f1140fc10377e4dc3785e83cecb3c8adb305c8cfd0c
bca7af0b45b6fc6a2064e8e7a34f2041f3e77261e63f0257209bcde6bc40545d
c3cc00dba6427450ca398d496b6d4d5ae385c893d1470754f1fba733c2a54d04
c6c037babefbd41006822221701916c78c530f66ab366a5b47d623a50dfcc97d
c86d9a44addeaf3b88ab7994b137595d383e7b67533aa28f4ac2466dc5b0d2fe
c9d50edae9ab89f8373214510b01eb50f60e16bd5e71328173962c0e13b31c07
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cdc87c531aaffeb2d41911312318bf5504bdd26d1a963ab66393e083e1cb599d
ce1d230c6b398c67085e6344ee1c1232c7ce29fc9f2fcc65a3b5674acfdd9ce1
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d16d0537b527af64b31464c4d824364c6c4766fe8c302a7c56829963c4a18f60
d21bb5f51e4dc268852d1ad2941e95c1ecc8efa9581c1b3aa4b63a83a78e771b
d662bcf2f9cf2672af42ee2786dfeca7ca057922b0d8c366673933e32f7bed2b
d68dc9b480e9320132e2e652b228b5cc8ebe5d026b9af8355c74f340c78807ad
d6c7189d7efc798f52c8e2a73fd126826f16918d98076a7a6d8207fdcf1ee68f
d7085b79344e220cb544d6b66abadb2fbf658ce9d70654a5406ac7e55691bc0f
d79752e33e156b5cb219ab45103fe0ed7d80f111533dd8eec42c57546b4da500
da556df4dc2e8a01fc001ae2a2446328a6615e19a40e9113a8718f0ac018d2c4
db18d6df34f62c13a2fbda844f89600b7c67bb41883d106e599419958b6edf3f
dbcd2f6fb92e24eba276ecaf8489f74c988994bb4d089ce806441aead32ebefa
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
e320dea1e5b95e11a7684f52a0db6099ee222e6556165b238cf90a986736da61
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e47f9908dc8b938c857feeffec68b3d53aeeb98bafec8a7710bb608430c67394
e95015e979a80102c2ca35fd0d302a3d72fe378e46babe201e2219d41fab8658
ea49a7298d81921bd731d7742545b6d5cab9544c54d7a3043eb717e97318a538
eec8a8ed4a551debaf76700713145c8c9b127412de8b5a5212adb2aacc6f87a9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0c6c17bbefb440a7e7ee03a4363aeba33a7c57345af065c670848e8fd40a4b5
f3379632123e5d19fc951e6e23e4314e8031d9e944cade192134f900cbc316b9
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62