urlscan.io logo urlscan.io
SecurityTrails logo

www.wcnc.com Open in urlscan Pro
184.30.18.234  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.wcnc.com/video/money/cash-up-for-grabs-in-federal-rebate-program/275-9d602892-bf91-4ee6-a82b-e811709425d4...
Submission: On May 15 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 93 IPs in 10 countries across 103 domains to perform 443 HTTP transactions. The main IP is 184.30.18.234, located in Frankfurt am Main, Germany and belongs to AKAMAI-AS, US. The main domain is www.wcnc.com.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on February 9th 2021. Valid for: a year.
This is the only time www.wcnc.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
46 184.30.18.234 16625 (AKAMAI-AS)
7 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
8 184.25.114.127 16625 (AKAMAI-AS)
1 13.224.95.128 16509 (AMAZON-02)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
6 13.32.5.125 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
6 142.250.181.226 15169 (GOOGLE)
16 2.18.233.180 16625 (AKAMAI-AS)
8 2a04:4e42:1b:... 54113 (FASTLY)
1 152.199.22.243 15133 (EDGECAST)
2 2a00:1450:400... 15169 (GOOGLE)
2 13.89.175.133 8075 (MICROSOFT...)
1 2a00:1450:400... 15169 (GOOGLE)
10 2a00:1450:400... 15169 (GOOGLE)
21 167.172.1.14 14061 (DIGITALOC...)
2 18.196.230.57 16509 (AMAZON-02)
2 3.125.137.77 16509 (AMAZON-02)
2 2600:9000:211... 16509 (AMAZON-02)
2 185.64.189.112 62713 (AS-PUBMATIC)
2 52.29.213.60 16509 (AMAZON-02)
2 178.250.2.131 44788 (ASN-CRITE...)
2 184.25.115.31 16625 (AKAMAI-AS)
2 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
10 2a00:1450:400... 15169 (GOOGLE)
1 11 52.95.124.165 16509 (AMAZON-02)
1 5 2a00:1450:400... 15169 (GOOGLE)
2 2 178.128.135.80 14061 (DIGITALOC...)
2 205.185.216.10 20446 (HIGHWINDS3)
2 2600:9000:219... 16509 (AMAZON-02)
11 29 2.18.234.21 16625 (AKAMAI-AS)
3 11 3.121.70.57 16509 (AMAZON-02)
2 104.17.120.107 13335 (CLOUDFLAR...)
4 4 23.79.143.124 16625 (AKAMAI-AS)
10 104.111.230.142 16625 (AKAMAI-AS)
2 8 37.252.172.45 29990 (ASN-APPNEX)
5 18 35.244.159.8 15169 (GOOGLE)
12 52.22.118.41 14618 (AMAZON-AES)
6 6 35.156.153.71 16509 (AMAZON-02)
6 6 18.156.0.31 16509 (AMAZON-02)
8 15 13.248.242.197 16509 (AMAZON-02)
6 8 69.173.144.138 26667 (RUBICONPR...)
2 2 88.214.206.142 46636 (NATCOWEB)
2 185.64.190.78 62713 (AS-PUBMATIC)
27 33 142.250.186.98 15169 (GOOGLE)
2 2620:1ec:c11:... 8068 (MICROSOFT...)
3 7 2a00:1288:110... 34010 (YAHOO-IRD)
2 8 72.21.206.140 16509 (AMAZON-02)
4 4 70.42.32.191 22075 (AS-OUTBRAIN)
1 1 13.224.95.11 16509 (AMAZON-02)
4 18.195.155.181 16509 (AMAZON-02)
15 52.50.187.150 16509 (AMAZON-02)
1 2600:9000:21f... 16509 (AMAZON-02)
2 2 2620:116:800d... 16509 (AMAZON-02)
5 6 37.157.6.241 198622 (ADFORM)
5 2a00:1450:400... 15169 (GOOGLE)
2 5 2a00:1450:400... 15169 (GOOGLE)
2 2a02:2638::3 44788 (ASN-CRITE...)
2 2 69.173.144.139 26667 (RUBICONPR...)
10 10 185.29.133.199 30419 (MEDIAMATH...)
1 2a00:1288:80:... 203220 (YAHOO-DEB)
1 2a02:2638::1c 44788 (ASN-CRITE...)
2 178.162.133.148 60781 (LEASEWEB-...)
4 6 35.186.253.211 15169 (GOOGLE)
2 13 178.162.133.149 60781 (LEASEWEB-...)
20 20 3.120.52.76 16509 (AMAZON-02)
1 34.98.67.61 15169 (GOOGLE)
1 94.130.102.164 24940 (HETZNER-AS)
2 2 18.193.144.52 16509 (AMAZON-02)
5 5 18.193.131.224 16509 (AMAZON-02)
4 4 54.171.74.241 16509 (AMAZON-02)
6 11 52.209.246.140 16509 (AMAZON-02)
1 1 146.0.227.110 20773 (GODADDY)
1 6 185.64.189.110 62713 (AS-PUBMATIC)
2 2 8.43.72.97 26667 (RUBICONPR...)
2 2 213.155.156.185 1299 (TELIANET ...)
1 1 178.250.0.163 44788 (ASN-CRITE...)
5 185.64.190.80 62713 (AS-PUBMATIC)
2 185.64.189.114 62713 (AS-PUBMATIC)
1 2 146.59.148.16 16276 (OVH)
2 4 18.198.69.109 16509 (AMAZON-02)
9 16 159.253.128.183 36351 (SOFTLAYER)
3 3 185.33.221.50 29990 (ASN-APPNEX)
2 2 34.240.2.137 16509 (AMAZON-02)
1 1 54.81.207.173 14618 (AMAZON-AES)
1 1 34.203.138.195 14618 (AMAZON-AES)
1 150.136.25.38 31898 (ORACLE-BM...)
1 169.197.150.7 398989 (DEEPINTENT)
2 2 52.28.33.202 16509 (AMAZON-02)
4 5 198.148.27.139 19189 (PULSEPOINT)
4 4 193.0.160.128 54312 (ROCKETFUEL)
2 2 185.184.8.30 204995 (RTB-HOUSE...)
2 185.64.189.244 62713 (AS-PUBMATIC)
1 5 46.4.10.47 24940 (HETZNER-AS)
2 185.64.190.81 62713 (AS-PUBMATIC)
2 2 18.158.167.137 16509 (AMAZON-02)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
2 2 2001:678:cb4:... 56396 (TURN)
1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
1 1 66.155.71.149 13768 (COGECO-PEER1)
2 104.109.77.38 16625 (AKAMAI-AS)
1 54.236.227.29 14618 (AMAZON-AES)
3 2a00:1450:400... 15169 (GOOGLE)
3 169.50.137.176 36351 (SOFTLAYER)
1 130.211.141.45 15169 (GOOGLE)
2 4 13.224.95.46 16509 (AMAZON-02)
2 2600:9000:206... 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a04:4e42:1b:... 54113 (FASTLY)
1 34.224.142.75 14618 (AMAZON-AES)
2 2a00:1450:400... 15169 (GOOGLE)
1 2600:1f18:612... 14618 (AMAZON-AES)
1 1 3.127.52.31 16509 (AMAZON-02)
1 1 18.194.113.221 16509 (AMAZON-02)
2 2 2600:1901:0:8... 15169 (GOOGLE)
2 35.244.174.68 15169 (GOOGLE)
1 52.22.84.205 14618 (AMAZON-AES)
1 23.45.99.241 16625 (AKAMAI-AS)
1 1 172.217.18.98 15169 (GOOGLE)
1 85.114.131.234 24961 (MYLOC-AS ...)
443 93
46    184.30.18.234 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-18-234.deploy.static.akamaitechnologies.com
www.wcnc.com
7    2606:4700::6810:9440 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.cookielaw.org
1    2a00:1450:4001:808::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
8    184.25.114.127 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-25-114-127.deploy.static.akamaitechnologies.com
media.wcnc.com
1    13.224.95.128 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-95-128.zrh50.r.cloudfront.net
native.sharethrough.com
1    2606:4700:10::6814:b944 (United States)

ASN13335 (CLOUDFLARENET, US)
geolocation.onetrust.com
6    13.32.5.125 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-5-125.vie50.r.cloudfront.net
c.amazon-adsystem.com
3    2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
1    2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
6    142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net
securepubads.g.doubleclick.net
16    2.18.233.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com
ads.pubmatic.com
8    2a04:4e42:1b::626 (United States)

ASN54113 (FASTLY, US)
ssl.p.jwpcdn.com
ping-meta-prd.jwpltx.com
prd.jwpltx.com
1    152.199.22.243 (United States)

ASN15133 (EDGECAST, US)
entitlements.jwplayer.com
2    2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
2    13.89.175.133 (Des Moines, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
tgna-ux-ctrl.service.signalr.net
1    2a00:1450:4001:812::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
10    2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
21    167.172.1.14 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
e.serverbid.com
2    18.196.230.57 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-230-57.eu-central-1.compute.amazonaws.com
hb.emxdgt.com
2    3.125.137.77 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-125-137-77.eu-central-1.compute.amazonaws.com
tlx.3lift.com
2    2600:9000:211a:9800:1f:df94:f9c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
hb.undertone.com
2    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
2    52.29.213.60 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
btlr.sharethrough.com
2    178.250.2.131 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.am5.vip.prod.criteo.com
bidder.criteo.com
2    184.25.115.31 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-25-115-31.deploy.static.akamaitechnologies.com
htlb.casalemedia.com
2    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
3    2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
2    2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
c70b44ee1a804784c16670da0322118d.safeframe.googlesyndication.com
10    2a00:1450:4001:803::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
11    52.95.124.165 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
5    2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
googleads.g.doubleclick.net
2    178.128.135.80 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
sync.serverbid.com
2    205.185.216.10 (United States)

ASN20446 (HIGHWINDS3, US)
PTR: map2.hwcdn.net
serverbid-sync.nyc3.cdn.digitaloceanspaces.com
2    2600:9000:2190:c000:1f:2473:9080:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.undertone.com
29    2.18.234.21 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com
js-sec.indexww.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
11    3.121.70.57 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
eb2.3lift.com
2    104.17.120.107 (United States)

ASN13335 (CLOUDFLARENET, US)
biddr.brealtime.com
4    23.79.143.124 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-79-143-124.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
10    104.111.230.142 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-230-142.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
8    37.252.172.45 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
ib.adnxs.com
18    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
us-u.openx.net
u.openx.net
eu-u.openx.net
gift-connect-d.openx.net
12    52.22.118.41 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
usr.undertone.com
6    35.156.153.71 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
pixel.advertising.com
6    18.156.0.31 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
15    13.248.242.197 (United States)

ASN16509 (AMAZON-02, US)
match.adsrvr.org
8    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
pixel-eu.rubiconproject.com
2    88.214.206.142 (United Kingdom)

ASN46636 (NATCOWEB, US)
cs.admanmedia.com
2    185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
33    142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net
cm.g.doubleclick.net
2    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
7    2a00:1288:110:c305::8000 (United Kingdom)

ASN34010 (YAHOO-IRD, GB)
pr-bh.ybp.yahoo.com
8    72.21.206.140 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: 206-140.amazon.com
s.amazon-adsystem.com
4    70.42.32.191 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com
b1sync.zemanta.com
sync.outbrain.com
1    13.224.95.11 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-95-11.zrh50.r.cloudfront.net
s.ad.smaato.net
4    18.195.155.181 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
cs.emxdgt.com
15    52.50.187.150 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
rtb.gumgum.com
1    2600:9000:21f3:7a00:0:70b1:7080:93a1 (United States)

ASN16509 (AMAZON-02, US)
sync-amz.ads.yieldmo.com
2    2620:116:800d:21:5a23:9c4e:e774:96c1 (United States)

ASN16509 (AMAZON-02, US)
pixel.quantserve.com
6    37.157.6.241 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
5    2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
5    2a00:1450:4001:831::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
2    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
10    185.29.133.199 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
1    2a00:1288:80:800::7001 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)
ads.yahoo.com
1    2a02:2638::1c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
2    178.162.133.148 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
go.sonobi.com
6    35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
rtb.openx.net
13    178.162.133.149 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-sync.go.sonobi.com
sync.go.sonobi.com
20    3.120.52.76 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
x.bidswitch.net
1    34.98.67.61 (Kansas City, United States)

ASN15169 (GOOGLE, US)
odr.mookie1.com
1    94.130.102.164 (Germany)

ASN24940 (HETZNER-AS, DE)
hal9000.redintelligence.net
2    18.193.144.52 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
a.sportradarserving.com
5    18.193.131.224 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
pm.w55c.net
4    54.171.74.241 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
r.scoota.co
11    52.209.246.140 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
match.prod.bidr.io
1    146.0.227.110 (Ascension Island)

ASN20773 (GODADDY, DE)
inv-nets.admixer.net
6    185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
2    8.43.72.97 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel-us-east.rubiconproject.com
2    213.155.156.185 (Sweden)

ASN1299 (TELIANET Telia Carrier, SE)
d5p.de17a.com
1    178.250.0.163 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
5    185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
2    185.64.189.114 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
2    146.59.148.16 (France)

ASN16276 (OVH, FR)
PTR: ns3181477.ip-146-59-148.eu
pixel.onaudience.com
4    18.198.69.109 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
loada.exelator.com
loadm.exelator.com
16    159.253.128.183 (Amsterdam, Netherlands)

ASN36351 (SOFTLAYER, US)
PTR: b7.80.fd9f.ip4.static.sl-reverse.com
um.simpli.fi
3    185.33.221.50 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
secure.adnxs.com
2    34.240.2.137 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
ads.avct.cloud
1    54.81.207.173 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
sync.srv.stackadapt.com
1    34.203.138.195 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-203-138-195.compute-1.amazonaws.com
sync.ipredictive.com
1    150.136.25.38 (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)
sync.technoratimedia.com
1    169.197.150.7 (United States)

ASN398989 (DEEPINTENT, US)
match.deepintent.com
2    52.28.33.202 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-33-202.eu-central-1.compute.amazonaws.com
ad.360yield.com
5    198.148.27.139 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
4    193.0.160.128 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
2    185.184.8.30 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
creativecdn.com
2    185.64.189.244 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
t.pubmatic.com
5    46.4.10.47 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.47.10.4.46.clients.your-server.de
hal90002.redintelligence.net
2    185.64.190.81 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage4.pubmatic.com
2    18.158.167.137 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
ads.creative-serving.com
1    2606:4700:10::ac43:db6 (United States)

ASN13335 (CLOUDFLARENET, US)
mwzeom.zeotap.com
2    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (TURN, GB)
ad.turn.com
1    2a02:fa8:8806:12::1400 (United States)

ASN41041 (VCLK-EU-SE, US)
pubmatic-match.dotomi.com
1    66.155.71.149 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
2    104.109.77.38 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-109-77-38.deploy.static.akamaitechnologies.com
tags.tiqcdn.com
1    54.236.227.29 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
rtb.adentifi.com
3    2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
3    169.50.137.176 (United States)

ASN36351 (SOFTLAYER, US)
PTR: b0.89.32a9.ip4.static.sl-reverse.com
tag.simpli.fi
i.simpli.fi
1    130.211.141.45 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
js.alpixtrack.com
4    13.224.95.46 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-95-46.zrh50.r.cloudfront.net
sb.scorecardresearch.com
2    2600:9000:206e:a000:18:1fcd:34e:d2a1 (United States)

ASN16509 (AMAZON-02, US)
static.chartbeat.com
1    2a00:1450:400c:c0c::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    2a04:4e42:1b::714 (United States)

ASN54113 (FASTLY, US)
mab.chartbeat.com
1    34.224.142.75 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
ping.chartbeat.net
2    2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    2600:1f18:612b:4232:3a2c:3c86:af1b:2715 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
simplifi.partners.tremorhub.com
1    3.127.52.31 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
aa.agkn.com
1    18.194.113.221 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
d.agkn.com
2    2600:1901:0:8eee:: (Kansas City, United States)

ASN15169 (GOOGLE, US)
fei.pro-market.net
2    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
idsync.rlcdn.com
1    52.22.84.205 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
sync.bfmio.com
1    23.45.99.241 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-45-99-241.deploy.static.akamaitechnologies.com
stags.bluekai.com
1    172.217.18.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s42-in-f2.1e100.net
www.googleadservices.com
1    85.114.131.234 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
cdn.contentspread.net
Apex Domain
Subdomains		 Transfer
54 wcnc.com
www.wcnc.com
media.wcnc.com
545 KB
44 doubleclick.net
securepubads.g.doubleclick.net
cm.g.doubleclick.net
googleads.g.doubleclick.net
stats.g.doubleclick.net
144 KB
37 pubmatic.com
ads.pubmatic.com
hbopenbid.pubmatic.com
image6.pubmatic.com
image2.pubmatic.com
simage2.pubmatic.com
image4.pubmatic.com
t.pubmatic.com
simage4.pubmatic.com
288 KB
29 casalemedia.com
htlb.casalemedia.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
29 KB
26 rubiconproject.com
secure-assets.rubiconproject.com
eus.rubiconproject.com
pixel.rubiconproject.com
pixel-eu.rubiconproject.com
token.rubiconproject.com
pixel-us-east.rubiconproject.com
60 KB
25 amazon-adsystem.com
c.amazon-adsystem.com
aax-eu.amazon-adsystem.com
s.amazon-adsystem.com
47 KB
24 openx.net
us-u.openx.net
u.openx.net
eu-u.openx.net
gift-connect-d.openx.net
rtb.openx.net
6 KB
23 serverbid.com
e.serverbid.com
sync.serverbid.com
1 KB
22 googlesyndication.com
pagead2.googlesyndication.com
c70b44ee1a804784c16670da0322118d.safeframe.googlesyndication.com
tpc.googlesyndication.com
114 KB
20 bidswitch.net
x.bidswitch.net
7 KB
19 simpli.fi
um.simpli.fi
tag.simpli.fi
i.simpli.fi
15 KB
16 undertone.com
hb.undertone.com
cdn.undertone.com
usr.undertone.com
8 KB
15 sonobi.com
go.sonobi.com
sync.go.sonobi.com
14 KB
15 gumgum.com
rtb.gumgum.com
5 KB
15 adsrvr.org
match.adsrvr.org
6 KB
14 yahoo.com
ups.analytics.yahoo.com
pr-bh.ybp.yahoo.com
ads.yahoo.com
10 KB
13 3lift.com
tlx.3lift.com
eb2.3lift.com
6 KB
11 bidr.io
match.prod.bidr.io
5 KB
11 adnxs.com
ib.adnxs.com
secure.adnxs.com
6 KB
10 mathtag.com
sync.mathtag.com
5 KB
9 google.com
www.google.com
adservice.google.com
2 KB
7 cookielaw.org
cdn.cookielaw.org
113 KB
6 redintelligence.net
hal9000.redintelligence.net
hal90002.redintelligence.net
9 KB
6 adform.net
c1.adform.net
3 KB
6 advertising.com
pixel.advertising.com
2 KB
6 emxdgt.com
hb.emxdgt.com
cs.emxdgt.com
335 B
5 contextweb.com
bh.contextweb.com
3 KB
5 w55c.net
pm.w55c.net
4 KB
5 ampproject.org
cdn.ampproject.org
108 KB
5 google.de
adservice.google.de
www.google.de
2 KB
5 jwpcdn.com
ssl.p.jwpcdn.com
224 KB
4 chartbeat.com
static.chartbeat.com
mab.chartbeat.com
34 KB
4 scorecardresearch.com
sb.scorecardresearch.com
1 KB
4 rfihub.com
p.rfihub.com
3 KB
4 exelator.com
loada.exelator.com
loadm.exelator.com
8 KB
4 scoota.co
r.scoota.co
3 KB
4 criteo.com
bidder.criteo.com
gum.criteo.com
dis.criteo.com
964 B
3 google-analytics.com
www.google-analytics.com
20 KB
3 zemanta.com
b1sync.zemanta.com
883 B
3 jwpltx.com
ping-meta-prd.jwpltx.com
prd.jwpltx.com
153 B
3 googletagservices.com
www.googletagservices.com
84 KB
3 sharethrough.com
native.sharethrough.com
btlr.sharethrough.com
66 KB
2 pro-market.net
fei.pro-market.net
856 B
2 agkn.com
aa.agkn.com
d.agkn.com
957 B
2 tiqcdn.com
tags.tiqcdn.com
33 KB
2 turn.com
ad.turn.com
943 B
2 creative-serving.com
ads.creative-serving.com
1 KB
2 creativecdn.com
creativecdn.com
695 B
2 360yield.com
ad.360yield.com
616 B
2 avct.cloud
ads.avct.cloud
892 B
2 onaudience.com
pixel.onaudience.com
736 B
2 de17a.com
d5p.de17a.com
637 B
2 sportradarserving.com
a.sportradarserving.com
1 KB
2 rlcdn.com
id.rlcdn.com Failed
idsync.rlcdn.com
108 B
2 criteo.net
static.criteo.net
53 KB
2 quantserve.com
pixel.quantserve.com
942 B
2 bing.com
c.bing.com
712 B
2 admanmedia.com
cs.admanmedia.com
826 B
2 brealtime.com
biddr.brealtime.com
2 KB
2 indexww.com
js-sec.indexww.com
3 KB
2 digitaloceanspaces.com
serverbid-sync.nyc3.cdn.digitaloceanspaces.com
16 KB
2 signalr.net
tgna-ux-ctrl.service.signalr.net
404 B
2 googleapis.com
imasdk.googleapis.com
302 KB
1 contentspread.net
cdn.contentspread.net
49 KB
1 googleadservices.com
www.googleadservices.com
633 B
1 bluekai.com
stags.bluekai.com
745 B
1 bfmio.com
sync.bfmio.com
421 B
1 tremorhub.com
simplifi.partners.tremorhub.com
183 B
1 chartbeat.net
ping.chartbeat.net
169 B
1 alpixtrack.com
js.alpixtrack.com
5 KB
1 adentifi.com
rtb.adentifi.com
88 B
1 sitescout.com
pixel-sync.sitescout.com
337 B
1 dotomi.com
pubmatic-match.dotomi.com
104 B
1 zeotap.com
mwzeom.zeotap.com
490 B
1 deepintent.com
match.deepintent.com
44 B
1 technoratimedia.com
sync.technoratimedia.com
294 B
1 ipredictive.com
sync.ipredictive.com
428 B
1 stackadapt.com
sync.srv.stackadapt.com
608 B
1 outbrain.com
sync.outbrain.com
627 B
1 admixer.net
inv-nets.admixer.net
555 B
1 mookie1.com
odr.mookie1.com
324 B
1 yieldmo.com
sync-amz.ads.yieldmo.com
480 B
1 smaato.net
s.ad.smaato.net
561 B
1 2mdn.net
s0.2mdn.net
17 KB
1 jwplayer.com
entitlements.jwplayer.com
245 B
1 gstatic.com
www.gstatic.com
131 KB
1 onetrust.com
geolocation.onetrust.com
406 B
0 spotxchange.com Failed
sync.search.spotxchange.com Failed
0 crwdcntrl.net Failed
bcp.crwdcntrl.net Failed
0 intentiq.com Failed
sync.intentiq.com Failed
0 tapad.com Failed
pixel.tapad.com Failed
0 adroll.com Failed
d.adroll.com Failed
0 taboola.com Failed
cdn.taboola.com Failed
0 bidtheatre.com Failed
match.adsby.bidtheatre.com Failed
0 taptapnetworks.com Failed
sonata-notifications.taptapnetworks.com Failed
0 semasio.net Failed
uipglob.semasio.net Failed
0 fiftyt.com Failed
visitor.fiftyt.com Failed
0 adition.com Failed
dsp.adfarm1.adition.com Failed
0 socdm.com Failed
tg.socdm.com Failed
0 33across.com Failed
ssc-cms.33across.com Failed
0 1rx.io Failed
sync.1rx.io Failed
0 everesttech.net Failed
sync-tm.everesttech.net Failed
0 lijit.com Failed
ap.lijit.com Failed
ce.lijit.com Failed
443 103
Domain Requested by
46 www.wcnc.com www.wcnc.com
33 cm.g.doubleclick.net 27 redirects eb2.3lift.com
u.openx.net
cdn.undertone.com
googleads.g.doubleclick.net
rtb.gumgum.com
21 e.serverbid.com ads.pubmatic.com
serverbid-sync.nyc3.cdn.digitaloceanspaces.com
gift-connect-d.openx.net
20 x.bidswitch.net 20 redirects
16 um.simpli.fi 9 redirects ads.pubmatic.com
16 ads.pubmatic.com www.wcnc.com
ads.pubmatic.com
aax-eu.amazon-adsystem.com
serverbid-sync.nyc3.cdn.digitaloceanspaces.com
rtb.gumgum.com
15 rtb.gumgum.com aax-eu.amazon-adsystem.com
rtb.gumgum.com
15 match.adsrvr.org 8 redirects eb2.3lift.com
u.openx.net
cdn.undertone.com
ssum-sec.casalemedia.com
13 sync.go.sonobi.com 2 redirects go.sonobi.com
13 dsum-sec.casalemedia.com 4 redirects googleads.g.doubleclick.net
ssum-sec.casalemedia.com
13 ssum-sec.casalemedia.com 7 redirects js-sec.indexww.com
aax-eu.amazon-adsystem.com
ssum-sec.casalemedia.com
12 usr.undertone.com cdn.undertone.com
11 match.prod.bidr.io 6 redirects gift-connect-d.openx.net
ads.pubmatic.com
ssum-sec.casalemedia.com
11 eb2.3lift.com 3 redirects ads.pubmatic.com
eb2.3lift.com
11 aax-eu.amazon-adsystem.com 1 redirects c.amazon-adsystem.com
aax-eu.amazon-adsystem.com
u.openx.net
rtb.gumgum.com
ssum-sec.casalemedia.com
10 sync.mathtag.com 10 redirects
10 us-u.openx.net 5 redirects u.openx.net
gift-connect-d.openx.net
10 eus.rubiconproject.com cdn.undertone.com
aax-eu.amazon-adsystem.com
eus.rubiconproject.com
serverbid-sync.nyc3.cdn.digitaloceanspaces.com
10 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.wcnc.com
c70b44ee1a804784c16670da0322118d.safeframe.googlesyndication.com
googleads.g.doubleclick.net
10 pagead2.googlesyndication.com srcdoc
securepubads.g.doubleclick.net
tpc.googlesyndication.com
c70b44ee1a804784c16670da0322118d.safeframe.googlesyndication.com
googleads.g.doubleclick.net
www.googletagservices.com
8 s.amazon-adsystem.com 2 redirects eb2.3lift.com
cdn.undertone.com
ssum-sec.casalemedia.com
8 ib.adnxs.com 2 redirects cdn.undertone.com
eb2.3lift.com
serverbid-sync.nyc3.cdn.digitaloceanspaces.com
ads.pubmatic.com
8 media.wcnc.com www.wcnc.com
7 pr-bh.ybp.yahoo.com 3 redirects gift-connect-d.openx.net
ads.pubmatic.com
ssum-sec.casalemedia.com
7 pixel.rubiconproject.com 5 redirects cdn.undertone.com
7 cdn.cookielaw.org www.wcnc.com
cdn.cookielaw.org
6 image2.pubmatic.com 1 redirects ads.pubmatic.com
6 rtb.openx.net 4 redirects gift-connect-d.openx.net
6 c1.adform.net 5 redirects ads.pubmatic.com
6 ups.analytics.yahoo.com 6 redirects
6 pixel.advertising.com 6 redirects
6 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
www.wcnc.com
6 c.amazon-adsystem.com www.wcnc.com
c.amazon-adsystem.com
6 www.google.com 2 redirects www.wcnc.com
c70b44ee1a804784c16670da0322118d.safeframe.googlesyndication.com
5 hal90002.redintelligence.net 1 redirects c70b44ee1a804784c16670da0322118d.safeframe.googlesyndication.com
hal90002.redintelligence.net
5 bh.contextweb.com 4 redirects go.sonobi.com
5 simage2.pubmatic.com ads.pubmatic.com
5 pm.w55c.net 5 redirects
5 cdn.ampproject.org securepubads.g.doubleclick.net
5 eu-u.openx.net u.openx.net
gift-connect-d.openx.net
5 ssl.p.jwpcdn.com www.wcnc.com
4 sb.scorecardresearch.com 2 redirects
4 p.rfihub.com 4 redirects
4 r.scoota.co 4 redirects
4 googleads.g.doubleclick.net 1 redirects www.wcnc.com
c70b44ee1a804784c16670da0322118d.safeframe.googlesyndication.com
4 cs.emxdgt.com aax-eu.amazon-adsystem.com
serverbid-sync.nyc3.cdn.digitaloceanspaces.com
rtb.gumgum.com
4 secure-assets.rubiconproject.com 4 redirects
3 www.google-analytics.com tags.tiqcdn.com
3 secure.adnxs.com 3 redirects
3 b1sync.zemanta.com 3 redirects
3 adservice.google.com securepubads.g.doubleclick.net
3 adservice.google.de securepubads.g.doubleclick.net
3 www.googletagservices.com www.wcnc.com
securepubads.g.doubleclick.net
c70b44ee1a804784c16670da0322118d.safeframe.googlesyndication.com
2 idsync.rlcdn.com
2 fei.pro-market.net 2 redirects
2 www.google.de
2 mab.chartbeat.com static.chartbeat.com
2 static.chartbeat.com tags.tiqcdn.com
www.wcnc.com
2 tag.simpli.fi tags.tiqcdn.com
2 tags.tiqcdn.com www.wcnc.com
tags.tiqcdn.com
2 ad.turn.com 2 redirects
2 loadm.exelator.com ads.pubmatic.com
2 ads.creative-serving.com 2 redirects
2 simage4.pubmatic.com ads.pubmatic.com
2 t.pubmatic.com ads.pubmatic.com
2 creativecdn.com 2 redirects
2 ad.360yield.com 2 redirects
2 ads.avct.cloud 2 redirects
2 loada.exelator.com 2 redirects
2 pixel.onaudience.com 1 redirects ads.pubmatic.com
2 image4.pubmatic.com ads.pubmatic.com
2 d5p.de17a.com 2 redirects
2 pixel-us-east.rubiconproject.com 2 redirects
2 a.sportradarserving.com 2 redirects
2 gift-connect-d.openx.net serverbid-sync.nyc3.cdn.digitaloceanspaces.com
2 go.sonobi.com serverbid-sync.nyc3.cdn.digitaloceanspaces.com
2 token.rubiconproject.com 2 redirects
2 static.criteo.net ads.pubmatic.com
static.criteo.net
2 pixel.quantserve.com 2 redirects
2 c.bing.com eb2.3lift.com
2 image6.pubmatic.com ads.pubmatic.com
2 cs.admanmedia.com 2 redirects
2 biddr.brealtime.com ads.pubmatic.com
2 js-sec.indexww.com ads.pubmatic.com
ssum-sec.casalemedia.com
2 cdn.undertone.com ads.pubmatic.com
2 serverbid-sync.nyc3.cdn.digitaloceanspaces.com ads.pubmatic.com
2 sync.serverbid.com 2 redirects
2 c70b44ee1a804784c16670da0322118d.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 prd.jwpltx.com
2 htlb.casalemedia.com ads.pubmatic.com
2 bidder.criteo.com ads.pubmatic.com
2 btlr.sharethrough.com ads.pubmatic.com
2 hbopenbid.pubmatic.com ads.pubmatic.com
2 hb.undertone.com ads.pubmatic.com
2 tlx.3lift.com ads.pubmatic.com
2 hb.emxdgt.com ads.pubmatic.com
2 tgna-ux-ctrl.service.signalr.net www.wcnc.com
2 imasdk.googleapis.com www.wcnc.com
imasdk.googleapis.com
1 cdn.contentspread.net hal90002.redintelligence.net
1 www.googleadservices.com 1 redirects
1 stags.bluekai.com
1 sync.bfmio.com
1 d.agkn.com 1 redirects
1 aa.agkn.com 1 redirects
1 simplifi.partners.tremorhub.com
1 i.simpli.fi tag.simpli.fi
1 ping.chartbeat.net
1 stats.g.doubleclick.net www.google-analytics.com
1 js.alpixtrack.com tags.tiqcdn.com
1 dsum.casalemedia.com ssum-sec.casalemedia.com
1 rtb.adentifi.com ssum-sec.casalemedia.com
1 pixel-sync.sitescout.com 1 redirects
1 pubmatic-match.dotomi.com ads.pubmatic.com
1 mwzeom.zeotap.com ads.pubmatic.com
1 match.deepintent.com rtb.gumgum.com
1 sync.technoratimedia.com rtb.gumgum.com
1 sync.ipredictive.com 1 redirects
1 sync.srv.stackadapt.com 1 redirects
1 sync.outbrain.com 1 redirects
1 dis.criteo.com 1 redirects
1 inv-nets.admixer.net 1 redirects
1 hal9000.redintelligence.net c70b44ee1a804784c16670da0322118d.safeframe.googlesyndication.com
1 odr.mookie1.com serverbid-sync.nyc3.cdn.digitaloceanspaces.com
1 gum.criteo.com static.criteo.net
1 ads.yahoo.com cdn.undertone.com
1 pixel-eu.rubiconproject.com 1 redirects
1 sync-amz.ads.yieldmo.com aax-eu.amazon-adsystem.com
1 u.openx.net aax-eu.amazon-adsystem.com
1 s.ad.smaato.net 1 redirects
1 ping-meta-prd.jwpltx.com
1 s0.2mdn.net imasdk.googleapis.com
1 entitlements.jwplayer.com www.wcnc.com
1 www.gstatic.com www.google.com
1 geolocation.onetrust.com cdn.cookielaw.org
1 native.sharethrough.com www.wcnc.com
0 sync.search.spotxchange.com Failed
0 ce.lijit.com Failed
0 bcp.crwdcntrl.net Failed
0 sync.intentiq.com Failed
0 pixel.tapad.com Failed
0 d.adroll.com Failed ssum-sec.casalemedia.com
0 cdn.taboola.com Failed www.wcnc.com
0 match.adsby.bidtheatre.com Failed ads.pubmatic.com
0 sonata-notifications.taptapnetworks.com Failed ads.pubmatic.com
0 uipglob.semasio.net Failed ads.pubmatic.com
0 visitor.fiftyt.com Failed ads.pubmatic.com
0 dsp.adfarm1.adition.com Failed ads.pubmatic.com
0 tg.socdm.com Failed rtb.gumgum.com
0 ssc-cms.33across.com Failed rtb.gumgum.com
0 sync.1rx.io Failed rtb.gumgum.com
go.sonobi.com
0 id.rlcdn.com Failed cdn.undertone.com
0 sync-tm.everesttech.net Failed cdn.undertone.com
rtb.gumgum.com
ads.pubmatic.com
ssum-sec.casalemedia.com
0 ap.lijit.com Failed aax-eu.amazon-adsystem.com
serverbid-sync.nyc3.cdn.digitaloceanspaces.com
443 153

This site contains links to these domains. Also see Links.

Domain
interactive.wcnc.com
onetrust.com
Subject Issuer Validity Valid
www.kagstv.com
DigiCert SHA2 Secure Server CA		 2021-02-09 -
2022-02-15		 a year crt.sh
cookielaw.org
Cloudflare Inc ECC CA-3		 2020-07-01 -
2021-07-01		 a year crt.sh
www.google.com
GTS CA 1C3		 2021-04-13 -
2021-07-06		 3 months crt.sh
www.tegna-media.com
DigiCert SHA2 Secure Server CA		 2021-01-21 -
2022-01-25		 a year crt.sh
*.sharethrough.com
Amazon		 2020-09-09 -
2021-10-11		 a year crt.sh
onetrust.com
Cloudflare Inc ECC CA-3		 2021-02-12 -
2022-02-11		 a year crt.sh
c.amazon-adsystem.com
Amazon		 2020-08-04 -
2021-08-02		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-04-13 -
2021-07-06		 3 months crt.sh
*.google.com
GTS CA 1O1		 2021-04-13 -
2021-07-06		 3 months crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA		 2021-03-30 -
2022-04-04		 a year crt.sh
*.jwplayer.com
GlobalSign Atlas R3 DV TLS CA 2020		 2021-04-20 -
2022-05-22		 a year crt.sh
entitlements.jwplayer.com
GeoTrust RSA CA 2018		 2020-04-27 -
2022-04-28		 2 years crt.sh
upload.video.google.com
GTS CA 1O1		 2021-04-13 -
2021-07-06		 3 months crt.sh
*.service.signalr.net
Microsoft Azure TLS Issuing CA 02		 2021-03-16 -
2022-03-11		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2021-04-13 -
2021-07-06		 3 months crt.sh
e.serverbid.com
R3		 2021-03-15 -
2021-06-13		 3 months crt.sh
*.emxdgt.com
Amazon		 2020-07-31 -
2021-08-30		 a year crt.sh
*.3lift.com
Amazon		 2020-07-04 -
2021-08-05		 a year crt.sh
*.undertone.com
Amazon		 2020-11-03 -
2021-12-02		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-04-14 -
2021-07-12		 3 months crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-02-05 -
2022-02-09		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-04-13 -
2021-07-06		 3 months crt.sh
aax-eu.amazon-adsystem.com
Amazon		 2021-04-09 -
2022-03-20		 a year crt.sh
*.nyc3.cdn.digitaloceanspaces.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-03-30 -
2022-04-30		 a year crt.sh
*.brealtime.com
Go Daddy Secure Certificate Authority - G2		 2020-01-22 -
2022-03-22		 2 years crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-04-01 -
2022-04-04		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2021-03-05 -
2022-02-19		 a year crt.sh
*.k8s-cluster-p-us-east-1.ramp-ut.io
Amazon		 2020-11-18 -
2021-12-18		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-18 -
2022-04-19		 a year crt.sh
www.bing.com
Microsoft RSA TLS CA 01		 2021-04-12 -
2021-10-12		 6 months crt.sh
s.amazon-adsystem.com
Amazon		 2020-08-28 -
2021-08-20		 a year crt.sh
*.gumgum.com
Amazon		 2020-07-03 -
2021-08-03		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2020-06-18 -
2021-08-17		 a year crt.sh
*.ads.yieldmo.com
Amazon		 2021-01-18 -
2022-02-15		 a year crt.sh
misc-sni.google.com
GTS CA 1C3		 2021-04-13 -
2021-07-06		 3 months crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-04-14 -
2021-07-12		 3 months crt.sh
*.ads.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-05-11 -
2021-06-30		 2 months crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2		 2020-12-06 -
2022-01-07		 a year crt.sh
*.mookie1.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-02-22 -
2022-03-25		 a year crt.sh
redintelligence.net
R3		 2021-04-21 -
2021-07-20		 3 months crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-03-29 -
2021-09-22		 6 months crt.sh
*.match.prod.bidr.io
Amazon		 2021-02-26 -
2022-03-27		 a year crt.sh
track.adform.net
DigiCert SHA2 Secure Server CA		 2019-09-16 -
2021-09-20		 2 years crt.sh
*.onaudience.com
Certyfikat SSL		 2020-05-28 -
2021-05-28		 a year crt.sh
*.simpli.fi
DigiCert SHA2 Secure Server CA		 2019-09-18 -
2021-12-12		 2 years crt.sh
*.technoratimedia.com
DigiCert SHA2 High Assurance Server CA		 2020-07-28 -
2021-10-01		 a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2020-04-09 -
2022-06-08		 2 years crt.sh
*.contextweb.com
DigiCert SHA2 Secure Server CA		 2020-05-07 -
2022-05-12		 2 years crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-08-05 -
2021-08-05		 a year crt.sh
*.exelator.com
Go Daddy Secure Certificate Authority - G2		 2019-05-17 -
2021-06-25		 2 years crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2019-06-19 -
2021-08-31		 2 years crt.sh
*.tiqcdn.com
DigiCert SHA2 Secure Server CA		 2021-04-19 -
2022-04-27		 a year crt.sh
adentifi.com
Amazon		 2020-10-02 -
2021-11-02		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-04-13 -
2021-07-06		 3 months crt.sh
*.alpixtrack.com
R3		 2021-03-22 -
2021-06-20		 3 months crt.sh
*.scorecardresearch.com
Amazon		 2021-02-28 -
2022-03-29		 a year crt.sh
*.chartbeat.com
Thawte RSA CA 2018		 2020-06-01 -
2021-06-02		 a year crt.sh
*.chartbeat.net
Thawte RSA CA 2018		 2020-12-01 -
2021-12-30		 a year crt.sh
www.google.de
GTS CA 1C3		 2021-04-13 -
2021-07-06		 3 months crt.sh
*.tremorhub.com
Amazon		 2020-07-25 -
2021-08-25		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-25 -
2022-03-28		 a year crt.sh
*.bfmio.com
Amazon		 2020-06-14 -
2021-07-14		 a year crt.sh
odc-pixel-prod-01.oracle.com
DigiCert SHA2 Secure Server CA		 2021-04-25 -
2022-04-26		 a year crt.sh
contentspread.net
R3		 2021-04-05 -
2021-07-04		 3 months crt.sh

This page contains 68 frames:

Primary Page: https://www.wcnc.com/video/money/cash-up-for-grabs-in-federal-rebate-program/275-9d602892-bf91-4ee6-a82b-e811709425d4?jwsource=cl
Frame ID: 5828C836F342BD4697D8E9C48DD01C90
Requests: 164 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.458.0_en.html
Frame ID: 4D1A09F96A62C2D9CFAA3B74ED613862
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 152E7539377BDF496C41CC1C0E3506A7
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_ox-db5_dm_n-smaato_pm-db5_ym_rbd_n-emx_n-vmg_an-db5_sovrn_3lift&dcc=t
Frame ID: 48D0EC0358D8160CA553FD116AE39AA6
Requests: 1 HTTP requests in this frame

Frame: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000210.html
Frame ID: C58B4A0F707B81A634B49F7E16F3D68B
Requests: 11 HTTP requests in this frame

Frame: https://cdn.undertone.com/js/usersync.html?ccpa=1YNY
Frame ID: 204FC04A98EE24E21876894040F5C6C1
Requests: 7 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 057A82EBF3AF813171B04F06785388FE
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?us_privacy=1YNY&
Frame ID: 05E1A95E4CBC7CE409866212EB7FA77C
Requests: 11 HTTP requests in this frame

Frame: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000210.html
Frame ID: C2A4D74C306DFE83C713BCB04843E775
Requests: 11 HTTP requests in this frame

Frame: https://cdn.undertone.com/js/usersync.html?ccpa=1YNY
Frame ID: 60F6CA8C92896167A01B8649BDB8F8CF
Requests: 7 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 131DCF4B91B36DA61D32EB57E4E918E9
Requests: 14 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?us_privacy=1YNY&
Frame ID: 55EC6150BF6FDD8AC6EF0C5A840622BC
Requests: 11 HTTP requests in this frame

Frame: https://biddr.brealtime.com/check.html
Frame ID: 387453F5409E1FB5AD871EE0D5C052E3
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 709C730CDB77811330326F9FCA195B97
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 934657FBBF5E557A223B0F86ADF144D6
Requests: 16 HTTP requests in this frame

Frame: https://biddr.brealtime.com/check.html
Frame ID: AED00E27CF7658CFFD4D3E0BDFBCA07A
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=12776
Frame ID: 6118E73358218BEFA498B53BBD4E1728
Requests: 11 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=12776
Frame ID: 32F54B961F9587252A8C1FEB8F7A8218
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: 5F0DE111F2F6CE6769ABD1975DA706EE
Requests: 2 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https://www.wcnc.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: F8C5BD46F42ACACF3BB73A7E3CC4B3E3
Requests: 10 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https://www.wcnc.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: E0713FC9B9FAF8D9BDF3078A7A2AF871
Requests: 10 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-index_ox-db5_dm_n-smaato_pm-db5_ym_rbd_n-emx_n-vmg_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1
Frame ID: 15F61319F4E9977C44B1C35D0B8A31B4
Requests: 3 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Frame ID: A75D4CD18C246BD5BC19153604DA12D4
Requests: 15 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Frame ID: FFD487B0B583B5455B830248F2264D9F
Requests: 10 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Frame ID: 2BCEB1BFDB42337D4B8856184C12528C
Requests: 7 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/ecm3?id=402486458537699868&ex=districtm
Frame ID: BE922D3E7C5878CD4431050E01279C96
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156657&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Frame ID: B6AF9A6889CDA534AB84A7CAB398824E
Requests: 1 HTTP requests in this frame

Frame: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Frame ID: 9388FCB69577B6EC3FFD907E03AAD695
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu
Frame ID: 8BF26E8B0E9F6511853C7CB05548C0FB
Requests: 3 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=vmg.com&id=y-b0Tn4lV1l2OuhIgipoeE8iLgwHCAtBA-&
Frame ID: E8AAC4E97D7F2BF226BDC41E7FBACD4C
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/ecm3?id=402486458537699868&ex=appnexus.com
Frame ID: 8F8D420716FA3CEF4A211EE67A7373DD
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon/amazon?url=https://aax-eu.amazon-adsystem.com%2Fs/ecm3?id=$UID&ex=sovrn.com
Frame ID: FD5EADD217C0DDE86A04958C012D62B1
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=3lift.com&id=12561668302868140987
Frame ID: 6D5365192ED699B5A95D46AD03C643FE
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: D01F3130C9568DB535F520F01ED8262B
Requests: 2 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs
Frame ID: 82D012E5E41132AAE3BF72FCE1A10035
Requests: 13 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.wcnc.com
Frame ID: C4DE6D6AB4981EA7ABCFB656AE8E48B8
Requests: 1 HTTP requests in this frame

Frame: https://c70b44ee1a804784c16670da0322118d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 737A5DF7118367B6BEF349694239219E
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYkq_ClQEwAQ&v=APEucNWlqC1rJt8pBoVhczaiRF8mYwwfCcO9I5Zvu5ClTDrXFVRjghqH2gmvMM_pED0Ko1anKPKNuPMUXDGCy6MWMhPw5K9KeHVMzuJ_GZpTDZ_Wk_xLTvDHSSW1DUA5KPI9OZaJc4HQbbAOIX3myKBmKSTr6V5qtWlwlODnPyvtngCBoY7NS-1cqpmBjPB5V7ea_3sZ4YXUYU2BG3fjgx4obDi-i6figA
Frame ID: F30ECA57BCB71F6D5F8BA95F28C5B53A
Requests: 4 HTTP requests in this frame

Frame: https://cs.emxdgt.com/um?ssp=pbs&redirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D44%26userId%3D%24UID
Frame ID: 287D2E72C70BB86E8AD4C9F7B833D609
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
Frame ID: 868838F5A9ADD5F46EB10F210ADBD2C1
Requests: 3 HTTP requests in this frame

Frame: https://go.sonobi.com/uc.html?pubid=e55fb5d7c2
Frame ID: A71D44D4F80335C91C2D262A8527048C
Requests: 8 HTTP requests in this frame

Frame: https://gift-connect-d.openx.net/w/1.0/cm?id=fd531c74-f5ed-4e60-8874-939fb2acafa1&r=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D19%26userId%3D
Frame ID: 68A2D8DD62FD1721799F8282BF006B7E
Requests: 8 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&userIdMacro=PM_UID&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3DPM_UID
Frame ID: 34966A3D045C2DA219EDF3FAFEA6F421
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 4F5A38D8A48BA06F07C57188A6ACD786
Requests: 3 HTTP requests in this frame

Frame: https://cs.emxdgt.com/um?ssp=pbs&redirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D44%26userId%3D%24UID
Frame ID: 7F6F0A1323F053A7446B1C6A3127A098
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
Frame ID: E97E01B708758B47C9CE3C3D760697C2
Requests: 3 HTTP requests in this frame

Frame: https://go.sonobi.com/uc.html?pubid=e55fb5d7c2
Frame ID: CF4FD7468968D31E9FA11EE595E5611D
Requests: 8 HTTP requests in this frame

Frame: https://gift-connect-d.openx.net/w/1.0/cm?id=fd531c74-f5ed-4e60-8874-939fb2acafa1&r=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D19%26userId%3D
Frame ID: D28CAB814735DE5CFA904972EE439B62
Requests: 8 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&userIdMacro=PM_UID&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3DPM_UID
Frame ID: A616E9178BF0ADF963810AFB6A6ACA6D
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 6ADF85C8828495C61EFF5382AE395EDB
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 5528143F39C27AB35AF4A87F822E3152
Requests: 2 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=D540C16B-877F-4C2D-94F1-B5EE9E22C7F9
Frame ID: 5F1720AD93430C8B1F2207F4C31A1C7E
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=2925024269823890376
Frame ID: 2B33153C58241974B0574DE8D5E09A4F
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=
Frame ID: 2F43DA016DB57B88AE12F2576630EB25
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=mmh&i=2e1f609f-d5b4-4f00-927a-25d1ade8a3b9&gdpr=&gdpr_consent=
Frame ID: 902970C98798D2D2DFF5CEEC967C3E6D
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=&gdpr_consent=
Frame ID: 3E964DE0A99254A62FBFA9AB7A152DAA
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV9kY2UwOGU4OC0zZGU2LTRhMmItODNmMS04YmE0NzU4YWYwNWQ=&gdpr=&gdpr_consent=
Frame ID: D4B252C1F72B53075D1C20CFCF6154F6
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Frame ID: 67680A8A9450A0709C8DE08F9C1C482F
Requests: 1 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0013300001r0t9mAAA&ru=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dtta%26i%3D33XUSERID33X
Frame ID: D152BEE0D60B6564A2996CAD8506B7A1
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=ttd&i=4fafc8c5-3568-427c-95f5-00ac7edaf594&t=1623679668
Frame ID: A767B95776893ED7C98645E13C7B01E1
Requests: 1 HTTP requests in this frame

Frame: https://cs.emxdgt.com/um?redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID
Frame ID: A5955E22D3233E4C4EEACF54E12F9081
Requests: 1 HTTP requests in this frame

Frame: https://tg.socdm.com/aux/idsync?proto=gumgum
Frame ID: E22C82233812B7B25BB6EF32D70E8295
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=zet&i=1871878970063020701
Frame ID: A8CCAA604E7ECC5B51AFA4612EFCF6D2
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=rth&i=HRAdFLpsreMG2EpF9xFc&pi=gumgum&tc=1
Frame ID: 216451520CF64368ADD38A88DE4450F5
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: AB0C88393CC2750A05ACE63BA3EBB90F
Requests: 1 HTTP requests in this frame

Frame: https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
Frame ID: 4DAE6AEE058A2CB858AD4DA4F9B69B78
Requests: 1 HTTP requests in this frame

Frame: https://dsp.adfarm1.adition.com/cookie/?ssp=9
Frame ID: 35D931304CAE4A39A278E40F630AE4BD
Requests: 1 HTTP requests in this frame

Frame: https://hal90002.redintelligence.net/request_content.php?s=41818000086747400710594011595002&a=df9fae95
Frame ID: 8970C8E69129EEF044646F0127F710F1
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Statistics

443
Requests

91 %
HTTPS

28 %
IPv6

103
Domains

153
Subdomains

93
IPs

10
Countries

2543 kB
Transfer

6856 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 109
  • https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_ox-db5_dm_n-smaato_pm-db5_ym_rbd_n-emx_n-vmg_an-db5_sovrn_3lift HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_ox-db5_dm_n-smaato_pm-db5_ym_rbd_n-emx_n-vmg_an-db5_sovrn_3lift&dcc=t
Request Chain 114
  • https://sync.serverbid.com/ss/2000210.html HTTP 302
  • https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000210.html
Request Chain 118
  • https://sync.serverbid.com/ss/2000210.html HTTP 302
  • https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000210.html
Request Chain 127
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=12776 HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=12776
Request Chain 129
  • https://us-u.openx.net/w/1.0/cm?id=fba3d144-1026-4d31-a758-943b9545e305&r=https://usr.undertone.com/userPixel/sync?partnerId=39&uid= HTTP 302
  • https://us-u.openx.net/w/1.0/cm?cc=1&id=fba3d144-1026-4d31-a758-943b9545e305&r=https://usr.undertone.com/userPixel/sync?partnerId=39&uid= HTTP 302
  • https://usr.undertone.com/userPixel/sync?partnerId=39&uid=2a14deb6-9097-4418-a189-ee0681936b44
Request Chain 130
  • https://pixel.advertising.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
  • https://pixel.advertising.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true&verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true&apid=UPeced1ec7-b586-11eb-a584-027eebdc813e HTTP 302
  • https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-fl0AMvtE2uG.103aWx2DXWsfVciNNuAd~A~UPeced1ec7-b586-11eb-a584-027eebdc813e
Request Chain 131
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sirnsvg&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=sirnsvg&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://usr.undertone.com/userPixel/sync?partner=ttd&uid=4fafc8c5-3568-427c-95f5-00ac7edaf594&ttl=1623679667
Request Chain 132
  • https://pixel.rubiconproject.com/exchange/sync.php?p=12776 HTTP 302
  • https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=KOPTQPAB-1S-J4EJ
Request Chain 133
  • https://cs.admanmedia.com/sync/undertone?url=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3Fpartner%3Dacuityads%26uid%3D%24UID HTTP 302
  • https://usr.undertone.com/userPixel/sync?partner=acuityads&uid=78b56ae1795edf42942c0fa65f10a4095a40df2d
Request Chain 136
  • https://us-u.openx.net/w/1.0/cm?id=fba3d144-1026-4d31-a758-943b9545e305&r=https://usr.undertone.com/userPixel/sync?partnerId=39&uid= HTTP 302
  • https://us-u.openx.net/w/1.0/cm?cc=1&id=fba3d144-1026-4d31-a758-943b9545e305&r=https://usr.undertone.com/userPixel/sync?partnerId=39&uid= HTTP 302
  • https://usr.undertone.com/userPixel/sync?partnerId=39&uid=2a14deb6-9097-4418-a189-ee0681936b44
Request Chain 137
  • https://pixel.advertising.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
  • https://pixel.advertising.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true&verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true&apid=UPeced1ec7-b586-11eb-a584-027eebdc813e HTTP 302
  • https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-fl0AMvtE2uG.103aWx2DXWsfVciNNuAd~A~UPeced1ec7-b586-11eb-a584-027eebdc813e
Request Chain 138
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sirnsvg&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=sirnsvg&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://usr.undertone.com/userPixel/sync?partner=ttd&uid=4fafc8c5-3568-427c-95f5-00ac7edaf594&ttl=1623679667
Request Chain 139
  • https://pixel.rubiconproject.com/exchange/sync.php?p=12776 HTTP 302
  • https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=KOPTQPBZ-E-5OM
Request Chain 140
  • https://cs.admanmedia.com/sync/undertone?url=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3Fpartner%3Dacuityads%26uid%3D%24UID HTTP 302
  • https://usr.undertone.com/userPixel/sync?partner=acuityads&uid=78b56ae1795edf42942c0fa65f10a4095a40df2d
Request Chain 141
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=12776 HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=12776
Request Chain 145
  • https://ssum-sec.casalemedia.com/usermatch?d=https://www.wcnc.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?d=https://www.wcnc.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Request Chain 147
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=1&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm=&google_sc=&gdpr=1&gdpr_consent=&google_tc= HTTP 302
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESECBHyIZCvMiryT0qTRhlBVI&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
Request Chain 148
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=1&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTI1NjE2NjgzMDI4NjgxNDA5ODc%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTI1NjE2NjgzMDI4NjgxNDA5ODc%3D&google_tc=
Request Chain 150
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/12561668302868140987?gdpr=1&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-zu2p7KVE2oSmGTy.rUTaSQ1p4bDpmDROEIKR4n6cBQ--~A&dongle=0883
Request Chain 151
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=1%26gdpr_consent= HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Feb2.3lift.com%252Fxuid%253Fmid%253D3335%2526xuid%253D%2524UID%2526dongle%253D4d58%2526gdpr%3D1%2526gdpr_consent%3D
Request Chain 152
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=1&gdpr_consent=&uid=12561668302868140987 HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=12561668302868140987&dcc=t
Request Chain 153
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=1&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Request Chain 157
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=1&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm=&google_sc=&gdpr=1&gdpr_consent=&google_tc= HTTP 302
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEOYDxGHzIcB8ad3yulSHrtA&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
Request Chain 158
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=1&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTI1NjE2NjgzMDI4NjgxNDA5ODc%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTI1NjE2NjgzMDI4NjgxNDA5ODc%3D&google_tc=
Request Chain 160
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/12561668302868140987?gdpr=1&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-D_a..zxE2oQR4MlX.5OSx8vaDO6cr6xohslpXPRYHQ--~A&dongle=0883
Request Chain 161
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=1%26gdpr_consent= HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Feb2.3lift.com%252Fxuid%253Fmid%253D3335%2526xuid%253D%2524UID%2526dongle%253D4d58%2526gdpr%3D1%2526gdpr_consent%3D
Request Chain 162
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=1&gdpr_consent=&uid=12561668302868140987 HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=12561668302868140987&dcc=t
Request Chain 163
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=1&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Request Chain 166
  • https://ssum-sec.casalemedia.com/usermatch?d=https://www.wcnc.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?d=https://www.wcnc.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Request Chain 169
  • https://s.ad.smaato.net/c/?adExInit=aps&redir=https%3A%2F%2Faax-eu.amazon-adsystem.com/s%2Fecm3%3Fex%3Dsmaato.com%26id%3D%24UID HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=smaato.com&id=901a44dee5888a4c9098
Request Chain 172
  • https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Request Chain 174
  • https://ib.adnxs.com/getuid?https://aax-eu.amazon-adsystem.com/s/ecm3?id=$UID&ex=districtm HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?id=402486458537699868&ex=districtm
Request Chain 178
  • https://ups.analytics.yahoo.com/ups/58252/sync?redir=true HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=vmg.com&id=y-b0Tn4lV1l2OuhIgipoeE8iLgwHCAtBA-&
Request Chain 179
  • https://ib.adnxs.com/getuid?https://aax-eu.amazon-adsystem.com/s/ecm3?id=$UID&ex=appnexus.com HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?id=402486458537699868&ex=appnexus.com
Request Chain 181
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=3lift.com&id=12561668302868140987
Request Chain 185
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=nwaRmM0Dys2EBcqYkFKFyZpTzp2EB86dnQVBVlBq
Request Chain 186
  • https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=8299716750570129754
Request Chain 189
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEAPLn6c06TSlJ1GHuIAow6w&google_cver=1
Request Chain 204
  • https://pixel.rubiconproject.com/exchange/sync.php?p=12776 HTTP 302
  • https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=KOPTQPBZ-E-5OM
Request Chain 205
  • https://pixel.rubiconproject.com/exchange/sync.php?p=12776 HTTP 302
  • https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=KOPTQPBZ-E-5OM
Request Chain 206
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si
Request Chain 207
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=a9eu HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?id=KOPTQPBZ-E-5OM&ex=d-rubiconproject.com&status=ok
Request Chain 209
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NTI2NTIxMjA1YzVkY2IyZWFlNGMyOGUyOWE1MDdjMDdkYmEyMmZhOQ
Request Chain 211
  • https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=6a69609f-d5b4-4a00-bceb-72957059eeef
Request Chain 212
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEAhBKUYmGl0cN6J9gJigXdI&google_cver=1
Request Chain 214
  • https://pixel.rubiconproject.com/exchange/sync.php?p=a9us HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=KOPTQPBZ-E-5OM&ex=d-rubiconproject.com&status=ok
Request Chain 215
  • https://token.rubiconproject.com/token?pid=26594 HTTP 302
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KOPTQPBZ-E-5OM&sigv=1&esig=2~53ff454a93eb0709a99220f3d0e4957f92dec867
Request Chain 228
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHXECxNww202qFlCrIofjD8&google_cver=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHXECxNww202qFlCrIofjD8&google_cver=1&C=1
Request Chain 229
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YJ-Vs-yqZDaynDV.bjsLAwAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHXECxNww202qFlCrIofjD8&google_cver=1&google_hm=2
Request Chain 231
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17632&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
Request Chain 235
  • https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D19%26userId%3D%24%7BUID%7D HTTP 302
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=19&userId=58a7365e-29a7-4b92-a080-31d4f764899b
Request Chain 236
  • https://sync.go.sonobi.com/usa?https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=38&userId= HTTP 302
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=38&userId=461620a2-a379-41b4-881f-3a878db5f2a7
Request Chain 238
  • https://pixel.advertising.com/ups/56621/occ HTTP 302
  • https://ups.analytics.yahoo.com/ups/56621/occ?apid=UPeced1ec7-b586-11eb-a584-027eebdc813e HTTP 302
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=29&userId=UPeced1ec7-b586-11eb-a584-027eebdc813e
Request Chain 239
  • https://ssum-sec.casalemedia.com/usermatchredir?s=185073&cb=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D&s=185073&C=1 HTTP 302
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=1&userId=YJ-Vt3C4xZ3A0roAgatB3wAA%261206
Request Chain 244
  • https://x.bidswitch.net/sync?ssp=consumable HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=consumable HTTP 302
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=5f05b0dc-084b-4231-8048-48327283ddbc&ssp=consumable&gdpr=&gdpr_consent=
Request Chain 249
  • https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D19%26userId%3D%24%7BUID%7D HTTP 302
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=19&userId=58a7365e-29a7-4b92-a080-31d4f764899b
Request Chain 250
  • https://sync.go.sonobi.com/usa?https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=38&userId= HTTP 302
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=38&userId=b98fbc0d-7f98-4892-9239-e2e1f1094a9a
Request Chain 252
  • https://pixel.advertising.com/ups/56621/occ HTTP 302
  • https://ups.analytics.yahoo.com/ups/56621/occ?apid=UPeced1ec7-b586-11eb-a584-027eebdc813e HTTP 302
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=29&userId=UPeced1ec7-b586-11eb-a584-027eebdc813e
Request Chain 253
  • https://ssum-sec.casalemedia.com/usermatchredir?s=185073&cb=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D&s=185073&C=1 HTTP 302
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=1&userId=YJ-Vt3C4xZ3A0roAgatB6gAA%261206
Request Chain 258
  • https://x.bidswitch.net/sync?ssp=consumable HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=consumable HTTP 302
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=consumable HTTP 302
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=consumable HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=2b4f9800-8b80-481e-8bac-4aa2ca6dfc37&ssp=consumable HTTP 302
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=52&userId=5f05b0dc-084b-4231-8048-48327283ddbc
Request Chain 260
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17632&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
Request Chain 267
  • https://rtb.openx.net/sync/dds HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=vi8zrTm-wVUteL12pSZxrA==&ox_sc=1&ox_init=1 HTTP 302
  • https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
Request Chain 269
  • https://pm.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537072979&val=HhprVPSH1LHUXl5
Request Chain 270
  • https://x.bidswitch.net/sync?ssp=openx HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=openx HTTP 302
  • https://r.scoota.co/sync?ssp=bidswitch&bidswitch_ssp_id=openx HTTP 302
  • https://r.scoota.co/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=openx HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=29&expires=30&user_id=a1e7f3d6-2c8b-4612-9061-5cbab3b758d6&ssp=openx HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072968&val=5f05b0dc-084b-4231-8048-48327283ddbc
Request Chain 271
  • https://match.prod.bidr.io/cookie-sync/ox HTTP 303
  • https://match.prod.bidr.io/cookie-sync/ox?_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFDY2FrN0JQNnNBQUN1XzA0SXFrdw&bee_sync_partners=pm%2Cpp%2Csas%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Cpp%2Csas%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1
Request Chain 272
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=03b8609f-d5b4-4d00-99e2-4761e9de37b8
Request Chain 276
  • https://rtb.openx.net/sync/dds HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=vi8zrTm-wVUteL12pSZxrA==&ox_sc=1&ox_init=1 HTTP 302
  • https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
Request Chain 278
  • https://pm.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537072979&val=Jy9EhQIJ1LHUXl5
Request Chain 279
  • https://x.bidswitch.net/sync?ssp=openx HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=openx HTTP 302
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=D41B0D84-4DB7-4D9C-81CC-3A497DB5D0A6&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D354%26user_id%3D%24%24visitor_cookie%24%24%26ssp%3Dopenx%26bsw_param%3D5f05b0dc-084b-4231-8048-48327283ddbc%26gdpr%3D%26consent%3D%26gdpr_pd%3D HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=354&user_id=407ba03687fb4454a1ed292e891af0b0&ssp=openx&bsw_param=5f05b0dc-084b-4231-8048-48327283ddbc&gdpr=&consent=&gdpr_pd= HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072968&val=5f05b0dc-084b-4231-8048-48327283ddbc
Request Chain 280
  • https://match.prod.bidr.io/cookie-sync/ox HTTP 303
  • https://match.prod.bidr.io/cookie-sync/ox?_bee_ppp=1 HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AACm1k7BP6sAACsR04Iqkw&r=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Csas%252Cox%26bee_sync_current_partner%3Dpm%26bee_sync_initiator%3Dox%26bee_sync_hop_count%3D1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=pp%2Csas%2Cox&bee_sync_current_partner=pm&bee_sync_initiator=ox&bee_sync_hop_count=1
Request Chain 281
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=9e04609f-d5b4-4100-8850-64115907d4d8
Request Chain 283
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=17632 HTTP 302
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=40&userId=?uid=KOPTQPBZ-E-5OM
Request Chain 284
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=17632 HTTP 302
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=40&userId=?uid=KOPTQPBZ-E-5OM
Request Chain 286
  • https://c1.adform.net/serving/cookie/match?party=14&cid=D540C16B-877F-4C2D-94F1-B5EE9E22C7F9 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=D540C16B-877F-4C2D-94F1-B5EE9E22C7F9
Request Chain 287
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=2925024269823890376
Request Chain 288
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=
Request Chain 289
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=1UDBa4d_TC2U8bXuniLH-Q%3D%3D HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Request Chain 290
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=283a609f-d5b4-4400-acb4-d2326147a215
Request Chain 291
  • https://pixel.onaudience.com/?partner=214&mapped=D540C16B-877F-4C2D-94F1-B5EE9E22C7F9 HTTP 302
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25 HTTP 302
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25&xl8blockcheck=1 HTTP 302
  • https://pixel.onaudience.com/?partner=161&icm&cver&mapped=bdeb65403f377c554374b6e9dc60b1d3
Request Chain 292
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RDU0MEMxNkItODc3Ri00QzJELTk0RjEtQjVFRTlFMjJDN0Y5&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 293
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEG66q0w5DA8bwSTeVqWYJ60&google_cver=1
Request Chain 295
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=292259784037434447
Request Chain 296
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:586a609f-d5b4-4f00-8892-27043b19ce9e&gdpr=0&gdpr_consent=
Request Chain 297
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=4fafc8c5-3568-427c-95f5-00ac7edaf594
Request Chain 301
  • https://secure.adnxs.com/getuid?https://rtb.gumgum.com/usersync?b=apn&i=$UID HTTP 302
  • https://rtb.gumgum.com/usersync?b=apn&i=5387147243252771319
Request Chain 302
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_dce08e88-3de6-4a2b-83f1-8ba4758af05d&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dgumgum2 HTTP 302
  • https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dgumgum2 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=59&user_id=55514f0f-3568-444a-af1c-6bab35b7a7d0&ssp=gumgum2 HTTP 302
  • https://rtb.gumgum.com/usersync?b=bsw&i=5f05b0dc-084b-4231-8048-48327283ddbc
Request Chain 303
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=&gdprConsent=&platformRdUrl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D HTTP 302
  • https://rtb.gumgum.com/usersync?b=obn&i=ENC%28nisUHhIQAJbi8bEKMsJpobT8207p8gErsbFwM_7a_j9T4KGxcZ4oIq6AAUP-dUTK%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28nisUHhIQAJbi8bEKMsJpobT8207p8gErsbFwM_7a_j9T4KGxcZ4oIq6AAUP-dUTK%29
Request Chain 304
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://rtb.gumgum.com/usersync?b=opx&i=96441de1-b82d-402d-ac77-e12cbe6f4a50
Request Chain 305
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/usersync?b=sta&i=0-2c7ac487-01d1-49fb-7e82-c466053d4aef$ip$84.17.53.163
Request Chain 306
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/usersync?b=oth&i=y-vZn0rDJE2pfrCAJLJP_34o7OAKZa7BAYUrpY~A
Request Chain 307
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
  • https://rtb.gumgum.com/usersync?b=vnt&i=f104c9eb-b586-11eb-a6b9-17b4684426da
Request Chain 310
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_dce08e88-3de6-4a2b-83f1-8ba4758af05d&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://rtb.gumgum.com/usersync?b=zem&i=
Request Chain 311
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://rtb.gumgum.com/usersync?b=idi&i=59f48738-8a52-4198-8002-27cec8711bde
Request Chain 313
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
  • https://rtb.gumgum.com/usersync?b=pln&i=jWkQZtWpwNuS&ev=1&pid=558355
Request Chain 315
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=&gdpr_consent=&redir=https%3a%2f%2frtb.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d HTTP 302
  • https://rtb.gumgum.com/usersync?b=mmh&i=2e1f609f-d5b4-4f00-927a-25d1ade8a3b9&gdpr=&gdpr_consent=
Request Chain 320
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/usersync?b=ttd&i=4fafc8c5-3568-427c-95f5-00ac7edaf594&t=1623679668
Request Chain 323
  • https://p.rfihub.com/cm?pub=42796&in=1 HTTP 302
  • https://rtb.gumgum.com/usersync?b=zet&i=1871878970063020701
Request Chain 324
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1 HTTP 302
  • https://rtb.gumgum.com/usersync?b=rth&i=HRAdFLpsreMG2EpF9xFc&pi=gumgum&tc=1
Request Chain 327
  • https://hal90002.redintelligence.net/request.php?zone=l6x6viz526e4&nw=20&renderingType=javascript&namespace=fe59fcdb36&subid=&uid=a39ce6157ff2a80e&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x18&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC0MQhstWfYKy5NdaKjuwPrOCS-AqP4PiGU6Wji6TKDPAuEAEgqKq1JWCVAsgBCakCzo_-MHRgtD6oAwGqBMsBT9AQpbJsq1BZKafspp6hZ03JqLHe22EnOT8O1EYlVzf-IkPEdavuHcPj9c1l0BfqhMX6wB4-LiahTByZJuchgP7VLb6cRR0LJ6KB64qDTXGpBCqx2zDDecXgLUOjKzrqQPYHGj7iJFIzzH29j11QhrKw3oMXmKWjZMdQNSwwKbSXClDDu-RFSQsW-tmD041MdltKuVm4LO-UO3qwFZiOZUqKAD4gY3QQBATGqrcrtMhXWMHBZ3ei83I0KcfwzE79J_WzaTnecX6MFOPABLvxqMDPAeAEA5AGAaAGTYAH6-foXqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfs1RuoB-6WsQKoB6a-G6gH7NUbqAfz0RuoB5bYG9gHANIICQiA4YBQEAEYHYAKA5gLAcgLAYAMAbATwpraCtATANgTA9gUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASPeRot8htAZzJ28J5DtOeVubJqkpydsnr66jWZfJ9Ee-Fth26Fc75IrLzhOjlCvA2YHySaviyQ1IISouP3CA%26sig%3DAOD64_1gGmmsCkSVI26BO5Tt-VctvVmnIA%26client%3Dca-pub-3686981407839642%26dbm_c%3DAKAmf-CnIOcuZz_6cPSXvLeeo66CuP9q9uzy8-_s45ScSH1jofMRCJhycE_I1sxymNRr5CWFC-vKy3MoOGRV1zR3OJAwq96xd9JiJgMxSNd7gL12Ta3TNqG3ojCqsYhW5aWqL_fbSBuo9wBgrCaaPqSp-DezC7pA3Q%26cry%3D1%26dbm_d%3DAKAmf-BW032aeW9d6dh5AbVobrEoUbWP6L6UEjs0X0DnEWjmkIdWwyTzk236PikaYO5CDVTOkjqR9DR8iLpakO2nvIchKyOmQj2D883pjqWs-SPdj-oDvbqXArMZwqAO1LqUvwPJ1WMlEB2Yn3dRBnyoH8gBPOo1xNvNjJ_n8VqHQZUI2Nei-2avaWf050MhJ5rAJZ6oOjtIxq9KK53W5JUco0c5q85k17omZPfc6nQd-pazDuxG8cau3q_UkPrMU9igLx45Jz8HikmHtJDHA_Z2zb_8caetc6StdgJvQaKYbaLS3RZHsjqmYjWpOb45Hmc9B0SJo3teBpbbU_4q8ltgl0SwUpegAi_rQx7XNEe9MYO2deJ2keLQ84uCMDjQDJNyCzHE8T1o8sy91EJzKS9JOPmNXkmtkbp51coH0WMd2pRh3G3py2egQqLZLqsIUI6dPWIHX5Z6R8lxfLVdnMpmfsj0MCbTaVRoMzFjFVu8bdnsCS3mYZhhXSvqkoezFtXbGA9o8RWx7U0qc4-V707bhH6zQB9TTlCiHdNEm4AKmVz7FzRwQ35uc3spMKTAUColvRBq5Z3t-rl147JTsAz-6NOIRsb9Tg%26adurl%3D&documentReferer=https%3A%2F%2Fwww.wcnc.com%2F&ancestorOrigins=https%3A%2F%2Fwww.wcnc.com&random=4264959743072&isIframe=1&container=&adPos=0x14&adPosCheck=1x15&adtagId=0 HTTP 302
  • https://hal90002.redintelligence.net/request.php?zone=l6x6viz526e4&nw=20&renderingType=javascript&namespace=fe59fcdb36&subid=&uid=a39ce6157ff2a80e&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x18&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC0MQhstWfYKy5NdaKjuwPrOCS-AqP4PiGU6Wji6TKDPAuEAEgqKq1JWCVAsgBCakCzo_-MHRgtD6oAwGqBMsBT9AQpbJsq1BZKafspp6hZ03JqLHe22EnOT8O1EYlVzf-IkPEdavuHcPj9c1l0BfqhMX6wB4-LiahTByZJuchgP7VLb6cRR0LJ6KB64qDTXGpBCqx2zDDecXgLUOjKzrqQPYHGj7iJFIzzH29j11QhrKw3oMXmKWjZMdQNSwwKbSXClDDu-RFSQsW-tmD041MdltKuVm4LO-UO3qwFZiOZUqKAD4gY3QQBATGqrcrtMhXWMHBZ3ei83I0KcfwzE79J_WzaTnecX6MFOPABLvxqMDPAeAEA5AGAaAGTYAH6-foXqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfs1RuoB-6WsQKoB6a-G6gH7NUbqAfz0RuoB5bYG9gHANIICQiA4YBQEAEYHYAKA5gLAcgLAYAMAbATwpraCtATANgTA9gUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASPeRot8htAZzJ28J5DtOeVubJqkpydsnr66jWZfJ9Ee-Fth26Fc75IrLzhOjlCvA2YHySaviyQ1IISouP3CA%26sig%3DAOD64_1gGmmsCkSVI26BO5Tt-VctvVmnIA%26client%3Dca-pub-3686981407839642%26dbm_c%3DAKAmf-CnIOcuZz_6cPSXvLeeo66CuP9q9uzy8-_s45ScSH1jofMRCJhycE_I1sxymNRr5CWFC-vKy3MoOGRV1zR3OJAwq96xd9JiJgMxSNd7gL12Ta3TNqG3ojCqsYhW5aWqL_fbSBuo9wBgrCaaPqSp-DezC7pA3Q%26cry%3D1%26dbm_d%3DAKAmf-BW032aeW9d6dh5AbVobrEoUbWP6L6UEjs0X0DnEWjmkIdWwyTzk236PikaYO5CDVTOkjqR9DR8iLpakO2nvIchKyOmQj2D883pjqWs-SPdj-oDvbqXArMZwqAO1LqUvwPJ1WMlEB2Yn3dRBnyoH8gBPOo1xNvNjJ_n8VqHQZUI2Nei-2avaWf050MhJ5rAJZ6oOjtIxq9KK53W5JUco0c5q85k17omZPfc6nQd-pazDuxG8cau3q_UkPrMU9igLx45Jz8HikmHtJDHA_Z2zb_8caetc6StdgJvQaKYbaLS3RZHsjqmYjWpOb45Hmc9B0SJo3teBpbbU_4q8ltgl0SwUpegAi_rQx7XNEe9MYO2deJ2keLQ84uCMDjQDJNyCzHE8T1o8sy91EJzKS9JOPmNXkmtkbp51coH0WMd2pRh3G3py2egQqLZLqsIUI6dPWIHX5Z6R8lxfLVdnMpmfsj0MCbTaVRoMzFjFVu8bdnsCS3mYZhhXSvqkoezFtXbGA9o8RWx7U0qc4-V707bhH6zQB9TTlCiHdNEm4AKmVz7FzRwQ35uc3spMKTAUColvRBq5Z3t-rl147JTsAz-6NOIRsb9Tg%26adurl%3D&documentReferer=https%3A%2F%2Fwww.wcnc.com%2F&ancestorOrigins=https%3A%2F%2Fwww.wcnc.com&random=4264959743072&isIframe=1&container=&adPos=0x14&adPosCheck=1x15&adtagId=0&uidRedirect=1
Request Chain 333
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sonobi&ttd_tpi=1&ttd_puid=e55fb5d7c2&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=td&nuid=4fafc8c5-3568-427c-95f5-00ac7edaf594&pubid=e55fb5d7c2
Request Chain 334
  • https://x.bidswitch.net/sync?ssp=sonobi&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=sonobi&bsw_param=5f05b0dc-084b-4231-8048-48327283ddbc&google_hm=NWYwNWIwZGMtMDg0Yi00MjMxLTgwNDgtNDgzMjcyODNkZGJj HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESENrJCVXgP1YFoQw-PQ6mxa0&google_cver=1&ssp=sonobi&bsw_param=5f05b0dc-084b-4231-8048-48327283ddbc HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=5f05b0dc-084b-4231-8048-48327283ddbc
Request Chain 335
  • https://sync.mathtag.com/sync/img?cs_wd_sy=1&dp=43&redir=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dmediamath%26nuid%3D[MM_UUID] HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=mediamath&nuid=586a609f-d5b4-4f00-8892-27043b19ce9e
Request Chain 336
  • https://bh.contextweb.com/bh/rtset?do=add&pid=560606&ev=e40f7d4a-e993-4235-945f-3fe38afc1872&daaqp=1&rurl=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dpp%26nuid%3D%25%25VGUID%25%25 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=NUdHZFJvZTJsZWJPUUpkS0xKT05lQQ&gdpr=&gdpr_consent= HTTP 302
  • https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=&gdpr_consent=&ev=CAESEKX2zbSqK1ijq6SS63jg2MA&google_cver=1
Request Chain 337
  • https://p.rfihub.com/cm?pub=35683&in=1 HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=zt&nuid=1870471595136783395
Request Chain 339
  • https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_cm&google_hm=ZTQwZjdkNGEtZTk5My00MjM1LTk0NWYtM2ZlMzhhZmMxODcy HTTP 302
  • https://sync.go.sonobi.com/usg.gif?google_gid=CAESEF4kjgsK_AFnvUkGfA3fWIA&google_cver=1
Request Chain 340
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sonobi&ttd_tpi=1&ttd_puid=e55fb5d7c2&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=td&nuid=4fafc8c5-3568-427c-95f5-00ac7edaf594&pubid=e55fb5d7c2
Request Chain 341
  • https://x.bidswitch.net/sync?ssp=sonobi&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=sonobi&bsw_custom_parameter=5f05b0dc-084b-4231-8048-48327283ddbc HTTP 302
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=sonobi&bsw_custom_parameter=5f05b0dc-084b-4231-8048-48327283ddbc HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=05b266af-de57-4e3a-b329-1b285379ac9f&ssp=sonobi&expires=30&user_group=5&bsw_param=5f05b0dc-084b-4231-8048-48327283ddbc HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=4&user_id=05b266af-de57-4e3a-b329-1b285379ac9f&ssp=sonobi&expires=30&user_group=5&bsw_param=5f05b0dc-084b-4231-8048-48327283ddbc HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=27e178c2-47d5-4ac3-b145-1c24936660d7
Request Chain 342
  • https://sync.mathtag.com/sync/img?cs_wd_sy=1&dp=43&redir=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dmediamath%26nuid%3D[MM_UUID] HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=mediamath&nuid=586a609f-d5b4-4f00-8892-27043b19ce9e
Request Chain 343
  • https://p.rfihub.com/cm?pub=35683&in=1 HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=zt&nuid=1871597495090835748
Request Chain 345
  • https://bh.contextweb.com/bh/rtset?do=add&pid=560606&ev=5df5510e-5770-4638-95bb-a972153fc6ae&daaqp=1&rurl=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dpp%26nuid%3D%25%25VGUID%25%25 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=NENwVlZkNTdmUG16ZFJXcGxtZzRlUQ&gdpr=&gdpr_consent= HTTP 302
  • https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=&gdpr_consent=&ev=CAESEKX2zbSqK1ijq6SS63jg2MA&google_cver=1 HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=pp&nuid=Bg7SVgFnuOcE
Request Chain 346
  • https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_cm&google_hm=NWRmNTUxMGUtNTc3MC00NjM4LTk1YmItYTk3MjE1M2ZjNmFl HTTP 302
  • https://sync.go.sonobi.com/usg.gif?google_gid=CAESEF4kjgsK_AFnvUkGfA3fWIA&google_cver=1
Request Chain 349
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFDbTFrN0JQNnNBQUNzUjA0SXFrdw&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
Request Chain 355
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=D540C16B-877F-4C2D-94F1-B5EE9E22C7F9&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-nDdfiWhE2uUcqxL0lEenL2_nWVJ7SYQ-~A&gdpr=0&gdpr_consent=
Request Chain 356
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://sonata-notifications.taptapnetworks.com/web/cookie/bidswitch/sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=5f05b0dc-084b-4231-8048-48327283ddbc&gdpr=0&gdpr_consent=&gdpr_pd=
Request Chain 357
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=kj5ieMA7OS2JPTl4nWp2KZdrPX2JPz19kD3cGPn2
Request Chain 358
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2582984913978891341&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 362
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
Request Chain 367
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YJ_VtqD4k35q4F2v9CPKLQAABLYAAAAB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEEz3Rtb6UeF5HRZBP1nK3z0&google_cver=1
Request Chain 369
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=586a609f-d5b4-4f00-8892-27043b19ce9e
Request Chain 374
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YJ_VtnC4xZ3A0roAgatBxAAABLYAAAAB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEEz3Rtb6UeF5HRZBP1nK3z0&google_cver=1
Request Chain 377
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=5387147243252771319
Request Chain 378
  • https://ad.turn.com/r/cs?pid=21 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2582984913978891341
Request Chain 379
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=586a609f-d5b4-4f00-8892-27043b19ce9e
Request Chain 385
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YJ_Vt3C4xZ3A0roAgatBywAABLYAAAIB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEEz3Rtb6UeF5HRZBP1nK3z0&google_cver=1
Request Chain 386
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=5387147243252771319
Request Chain 387
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_ HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=Jy9EhQIJ1LHUXl5
Request Chain 388
  • https://x.bidswitch.net/sync?ssp=index HTTP 302
  • https://r.scoota.co/sync?ssp=bidswitch&bidswitch_ssp_id=index HTTP 302
  • https://r.scoota.co/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=index HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=29&expires=30&user_id=4eafec04-c0f8-40eb-9be3-51564ff61b1c&ssp=index HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=5f05b0dc-084b-4231-8048-48327283ddbc
Request Chain 389
  • https://p.rfihub.com/cm?in=1&pub=2079 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=1870471595136783427 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=1870471595136783427&C=1
Request Chain 397
  • https://sb.scorecardresearch.com/c2/19962895/cs.js HTTP 302
  • https://sb.scorecardresearch.com/internal-c2/default/cs.js
Request Chain 398
  • https://sb.scorecardresearch.com/b?c1=2&c2=19962895&ns__t=1621087672477&ns_c=UTF-8&c8=Cash%20up%20for%20grabs%20in%20federal%20rebate%20program%20%7C%20wcnc.com&c7=https%3A%2F%2Fwww.wcnc.com%2Fvideo%2Fmoney%2Fcash-up-for-grabs-in-federal-rebate-program%2F275-9d602892-bf91-4ee6-a82b-e811709425d4%3Fjwsource%3Dcl&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=2&c2=19962895&ns__t=1621087672477&ns_c=UTF-8&c8=Cash%20up%20for%20grabs%20in%20federal%20rebate%20program%20%7C%20wcnc.com&c7=https%3A%2F%2Fwww.wcnc.com%2Fvideo%2Fmoney%2Fcash-up-for-grabs-in-federal-rebate-program%2F275-9d602892-bf91-4ee6-a82b-e811709425d4%3Fjwsource%3Dcl&c9=
Request Chain 412
  • https://um.simpli.fi/telaria_p HTTP 302
  • https://simplifi.partners.tremorhub.com/sync?UISF=7EC3F4EC11504FE1A29FA76509B1F1E1
Request Chain 413
  • https://um.simpli.fi/tapad HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2305&partner_device_id=7EC3F4EC11504FE1A29FA76509B1F1E1
Request Chain 414
  • https://um.simpli.fi/ad_advisor HTTP 302
  • https://aa.agkn.com/adscores/g.pixel?sid=9201915418&sifi_uid=7EC3F4EC11504FE1A29FA76509B1F1E1 HTTP 302
  • https://d.agkn.com/pixel/10751/?che=1621087673&ip=84.17.53.163&l1=https%3A%2F%2Fum.simpli.fi%2Faa_px%3Fsk%3D164950803787000555741 HTTP 302
  • https://um.simpli.fi/aa_px?sk=164950803787000555741
Request Chain 416
  • https://um.simpli.fi/intentiq HTTP 302
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=7EC3F4EC11504FE1A29FA76509B1F1E1
Request Chain 419
  • https://um.simpli.fi/dtnx HTTP 302
  • https://fei.pro-market.net/engine?du=24;csync=7EC3F4EC11504FE1A29FA76509B1F1E1;mimetype=img; HTTP 302
  • https://fei.pro-market.net/engine?du=24;csync=7EC3F4EC11504FE1A29FA76509B1F1E1;mimetype=img;sr HTTP 302
  • https://idsync.rlcdn.com/398696.gif?partner_uid=6533944442443220034
Request Chain 420
  • https://um.simpli.fi/exelatem HTTP 302
  • https://loadm.exelator.com/load/?p=204&g=2191&simid=7EC3F4EC11504FE1A29FA76509B1F1E1&j=0
Request Chain 422
  • https://um.simpli.fi/beachfront HTTP 302
  • https://sync.bfmio.com/sync?pid=141&uid=7EC3F4EC11504FE1A29FA76509B1F1E1
Request Chain 423
  • https://um.simpli.fi/bluekai HTTP 302
  • https://stags.bluekai.com/site/29931?id=7EC3F4EC11504FE1A29FA76509B1F1E1
Request Chain 424
  • https://um.simpli.fi/crwdcntrl HTTP 302
  • https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=7EC3F4EC11504FE1A29FA76509B1F1E1
Request Chain 425
  • https://um.simpli.fi/lj_match HTTP 302
  • https://ce.lijit.com/merge?pid=2&3pid=7EC3F4EC11504FE1A29FA76509B1F1E1
Request Chain 426
  • https://um.simpli.fi/liveramp_match HTTP 302
  • https://idsync.rlcdn.com/419566.gif?partner_uid=7EC3F4EC11504FE1A29FA76509B1F1E1
Request Chain 427
  • https://www.googleadservices.com/pagead/conversion/1026675585/?random=1621087672682&cv=7&fst=1621087672682&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON HTTP 302
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1026675585/?random=527333577&cv=7&fst=1621087672682&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=vNWfYK6VCenD7_UPmqK7iAc&sscte=1&crd= HTTP 302
  • https://www.google.com/pagead/1p-conversion/1026675585/?random=527333577&cv=7&fst=1621087672682&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=vNWfYK6VCenD7_UPmqK7iAc&cid=CAQSKQCNIrLM8D23bDeWjhgoi4nSR0gIWkNfYtdUgXweaq6_4QVnsUKA2YaM&random=1840009844 HTTP 302
  • https://www.google.de/pagead/1p-conversion/1026675585/?random=527333577&cv=7&fst=1621087672682&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=vNWfYK6VCenD7_UPmqK7iAc&cid=CAQSKQCNIrLM8D23bDeWjhgoi4nSR0gIWkNfYtdUgXweaq6_4QVnsUKA2YaM&random=1840009844&ipr=y
Request Chain 428
  • https://um.simpli.fi/spotx_match HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7797&uid=7EC3F4EC11504FE1A29FA76509B1F1E1
Request Chain 429
  • https://um.simpli.fi/an HTTP 302
  • https://ib.adnxs.com/setuid?entity=66&code=7EC3F4EC11504FE1A29FA76509B1F1E1
Request Chain 430
  • https://um.simpli.fi/rb_match HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=7EC3F4EC11504FE1A29FA76509B1F1E1&expires=365
Request Chain 431
  • https://um.simpli.fi/ox_match HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072966&val=7EC3F4EC11504FE1A29FA76509B1F1E1
Request Chain 432
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm&google_sc HTTP 302
  • https://um.simpli.fi/g_match?id=&google_gid=CAESEOlhmF22Pq9fcKdG8iWyQIo&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=7EC3F4EC11504FE1A29FA76509B1F1E1 HTTP 302
  • https://um.simpli.fi/g_match?id=

443 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 275-9d602892-bf91-4ee6-a82b-e811709425d4
www.wcnc.com/video/money/cash-up-for-grabs-in-federal-rebate-program/ 		187 KB
47 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.wcnc.com/video/money/cash-up-for-grabs-in-federal-rebate-program/275-9d602892-bf91-4ee6-a82b-e811709425d4?jwsource=cl
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.18.234 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-18-234.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
15d7102dce5c29b9671e9ae90fd839d5e3f4d1f578a1473b4981cbdd01d9aa59
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.wcnc.com
:scheme
https
:path
/video/money/cash-up-for-grabs-in-federal-rebate-program/275-9d602892-bf91-4ee6-a82b-e811709425d4?jwsource=cl
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
content-encoding
gzip
tegna-content
true
x-cache-hits
0
accept-ranges
bytes
content-length
47442
cache-control
max-age=7200
expires
Sat, 15 May 2021 16:07:45 GMT
date
Sat, 15 May 2021 14:07:45 GMT
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
1; mode=block
x-frame-options
SAMEORIGIN
modules.min_5.5.1.css
www.wcnc.com/ 		158 KB
36 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.wcnc.com/modules.min_5.5.1.css
Requested by
Host: www.wcnc.com
URL: https://www.wcnc.com/video/money/cash-up-for-grabs-in-federal-rebate-program/275-9d602892-bf91-4ee6-a82b-e811709425d4?jwsource=cl
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.18.234 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-18-234.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
24a58ecfdf6d4195a94c1723223b86ad271756c59c609f1913fd7d3838b56a49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/modules.min_5.5.1.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.wcnc.com
referer
https://www.wcnc.com/video/money/cash-up-for-grabs-in-federal-rebate-program/275-9d602892-bf91-4ee6-a82b-e811709425d4?jwsource=cl
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.wcnc.com/video/money/cash-up-for-grabs-in-federal-rebate-program/275-9d602892-bf91-4ee6-a82b-e811709425d4?jwsource=cl
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 15 May 2021 14:07:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 04 May 2021 19:45:46 GMT
etag
"1d7411e1354a9f6"
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
max-age=182942
x-cache-hits
1
accept-ranges
bytes
vary
Accept-Encoding
content-length
37008
x-xss-protection
1; mode=block
expires
Mon, 17 May 2021 16:56:47 GMT
common.min_5.5.1.js
www.wcnc.com/ 		33 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.wcnc.com/common.min_5.5.1.js?ver=5.5.1
Requested by
Host: www.wcnc.com
URL: https://www.wcnc.com/video/money/cash-up-for-grabs-in-federal-rebate-program/275-9d602892-bf91-4ee6-a82b-e811709425d4?jwsource=cl
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.18.234 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-18-234.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
da53b4b3093ed7f6928654e5ee2c1820e875451aab8a25d98b70ad708c1213e9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/common.min_5.5.1.js?ver=5.5.1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.wcnc.com
referer
https://www.wcnc.com/video/money/cash-up-for-grabs-in-federal-rebate-program/275-9d602892-bf91-4ee6-a82b-e811709425d4?jwsource=cl
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.wcnc.com/video/money/cash-up-for-grabs-in-federal-rebate-program/275-9d602892-bf91-4ee6-a82b-e811709425d4?jwsource=cl
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 15 May 2021 14:07:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 04 May 2021 19:46:26 GMT
etag
"1d7411e2b2ed09e"
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=183016
x-cache-hits
0
accept-ranges
bytes
vary
Accept-Encoding
content-length
12626
x-xss-protection
1; mode=block
expires
Mon, 17 May 2021 16:58:01 GMT
otSDKStub.js
cdn.cookielaw.org/scripttemplates/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Requested by
Host: www.wcnc.com
URL: https://www.wcnc.com/video/money/cash-up-for-grabs-in-federal-rebate-program/275-9d602892-bf91-4ee6-a82b-e811709425d4?jwsource=cl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
40f12e335914950b4f2058dbcbbee727f3f7542399ec6b2e98256480ea91aa49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.wcnc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 15 May 2021 14:07:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
pE7xqZRyx6XQkryUB7ni+A==
age
2590
vary
Accept-Encoding
content-length
5801
cf-request-id
0a11f3d5d00000d6e18e923000000001
x-ms-lease-status
unlocked
last-modified
Fri, 14 May 2021 01:47:06 GMT
server
cloudflare
etag
0x8D9167A2E5FD52B
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
fa14a1d8-401e-0177-4670-481bf2000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
64fcef3618b4d6e1-FRA
otCCPAiab.js
cdn.cookielaw.org/opt-out/ 		22 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/opt-out/otCCPAiab.js
Requested by
Host: www.wcnc.com
URL: https://www.wcnc.com/video/money/cash-up-for-grabs-in-federal-rebate-program/275-9d602892-bf91-4ee6-a82b-e811709425d4?jwsource=cl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8f11f2d65d3a1594a57625e5a9457a1beb87c6a0399172cab062d50263ae388b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.wcnc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 15 May 2021 14:07:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
YyyuJSQqC/IlFtjhtrYhpg==
age
2567
vary
Accept-Encoding
cf-request-id
0a11f3d5d00000d6e18906c000000001
x-ms-lease-status
unlocked
last-modified
Wed, 03 Mar 2021 08:12:01 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
092852fe-901e-00bd-3547-25ce6a000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
cf-ray
64fcef3618b6d6e1-FRA
api.js
www.google.com/recaptcha/ 		912 B
670 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?onload=recaptchaCallback&render=explicit
Requested by
Host: www.wcnc.com
URL: https://www.wcnc.com/video/money/cash-up-for-grabs-in-federal-rebate-program/275-9d602892-bf91-4ee6-a82b-e811709425d4?jwsource=cl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
860c031c10a03384b13a4278e6843498d5f334b112952f818278aada03b3650c
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.wcnc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 15 May 2021 14:07:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
578
x-xss-protection
1; mode=block
expires
Sat, 15 May 2021 14:07:45 GMT
close-menu.svg
www.wcnc.com/assets/shared-images/icons/ 		287 B
477 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.wcnc.com/assets/shared-images/icons/close-menu.svg
Requested by
Host: www.wcnc.com
URL: https://www.wcnc.com/video/money/cash-up-for-grabs-in-federal-rebate-program/275-9d602892-bf91-4ee6-a82b-e811709425d4?jwsource=cl
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.18.234 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-18-234.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
010e128b57dec050c1a5a238e8d18f42ba3b66f4fc52cc83cdd392c230263544
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/assets/shared-images/icons/close-menu.svg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.wcnc.com
referer
https://www.wcnc.com/video/money/cash-up-for-grabs-in-federal-rebate-program/275-9d602892-bf91-4ee6-a82b-e811709425d4?jwsource=cl
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.wcnc.com/video/money/cash-up-for-grabs-in-federal-rebate-program/275-9d602892-bf91-4ee6-a82b-e811709425d4?jwsource=cl
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 15 May 2021 14:07:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 04 May 2021 19:43:16 GMT
etag
"1d7411db9eea31f"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=86777
x-cache-hits
1
vha6-origin
tgna-varnish-east2-03
accept-ranges
bytes
content-length
208
x-xss-protection
1; mode=block
expires
Sun, 16 May 2021 14:14:02 GMT
wcnc.png
www.wcnc.com/assets/shared-images/logos/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.wcnc.com/assets/shared-images/logos/wcnc.png
Requested by
Host: www.wcnc.com
URL: https://www.wcnc.com/video/money/cash-up-for-grabs-in-federal-rebate-program/275-9d602892-bf91-4ee6-a82b-e811709425d4?jwsource=cl
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.18.234 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-18-234.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
bbe1cfe6b7fe12d43da69aea0739595957376986c1b3f86e91871e0b5531a69f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/assets/shared-images/logos/wcnc.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.wcnc.com
referer
https://www.wcnc.com/video/money/cash-up-for-grabs-in-federal-rebate-program/275-9d602892-bf91-4ee6-a82b-e811709425d4?jwsource=cl
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.wcnc.com/video/money/cash-up-for-grabs-in-federal-rebate-program/275-9d602892-bf91-4ee6-a82b-e811709425d4?jwsource=cl
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 15 May 2021 14:07:45 GMT
x-content-type-options
nosniff
last-modified
Tue, 04 May 2021 19:46:04 GMT
etag
"1d7411e1e117440"
content-type
image/png
expires
Sun, 16 May 2021 19:41:52 GMT
cache-control
max-age=106447
accept-ranges
bytes
content-length
4672
x-xss-protection
1; mode=block
x-cache-hits
0
92397b47-450b-4a2a-82f7-af879fd18196_16x9.png
media.wcnc.com/assets/WCNC/images/92397b47-450b-4a2a-82f7-af879fd18196/ 		551 B
896 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.wcnc.com/assets/WCNC/images/92397b47-450b-4a2a-82f7-af879fd18196/92397b47-450b-4a2a-82f7-af879fd18196_16x9.png
Requested by
Host: www.wcnc.com
URL: https://www.wcnc.com/video/money/cash-up-for-grabs-in-federal-rebate-program/275-9d602892-bf91-4ee6-a82b-e811709425d4?jwsource=cl
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.25.114.127 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-25-114-127.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
11f4aadee3909cceae05a18baab645ad7d97329919241076a61cb6f3f95f8fd2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.wcnc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
null
x-content-type-options
nosniff
last-modified
Sat, 15 May 2021 13:15:11 GMT
x-amz-request-id
YY2B3MGMKWNFK0S2
etag
"290fd32295c17cf5a753ffbea20dccb5"
x-amz-id-2
8371WmSPsSpK5H7S7iwCbQgHCWhjhlWdnqHb3dQMbGZlvyqEyU01y4CPRPTfenHUIC6J6/aKe00=
content-type
image/png
access-control-allow-origin
nope
cache-control
max-age=1292918
date
Sat, 15 May 2021 14:07:45 GMT
accept-ranges
bytes
content-length
551
x-xss-protection
1; mode=block
expires
Sun, 30 May 2021 13:16:23 GMT
blank.png
www.wcnc.com/assets/shared-images/backgrounds/ 		95 B
314 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.wcnc.com/assets/shared-images/backgrounds/blank.png
Requested by
Host: www.wcnc.com
URL: https://www.wcnc.com/video/money/cash-up-for-grabs-in-federal-rebate-program/275-9d602892-bf91-4ee6-a82b-e811709425d4?jwsource=cl
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.18.234 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-18-234.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
cafbd551d674da240212f6c44988757a728b9dc8cbc2a6c8dcf53c0d9159c323
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/assets/shared-images/backgrounds/blank.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.wcnc.com
referer
https://www.wcnc.com/video/money/cash-up-for-grabs-in-federal-rebate-program/275-9d602892-bf91-4ee6-a82b-e811709425d4?jwsource=cl
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.wcnc.com/video/money/cash-up-for-grabs-in-federal-rebate-program/275-9d602892-bf91-4ee6-a82b-e811709425d4?jwsource=cl
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 15 May 2021 14:07:45 GMT
x-content-type-options
nosniff
last-modified
Tue, 04 May 2021 19:45:48 GMT
etag
"1d7411e1487fe5f"
content-type
image/png
expires
Sun, 16 May 2021 12:16:51 GMT
cache-control
max-age=79746
accept-ranges
bytes
content-length
95
x-xss-protection
1; mode=block
x-cache-hits
0
8529d5cc-a151-408a-b193-d1e72d3a184e_16x9.jpeg
media.wcnc.com/assets/WCNC/images/8529d5cc-a151-408a-b193-d1e72d3a184e/ 		749 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.wcnc.com/assets/WCNC/images/8529d5cc-a151-408a-b193-d1e72d3a184e/8529d5cc-a151-408a-b193-d1e72d3a184e_16x9.jpeg
Requested by
Host: www.wcnc.com
URL: https://www.wcnc.com/video/money/cash-up-for-grabs-in-federal-rebate-program/275-9d602892-bf91-4ee6-a82b-e811709425d4?jwsource=cl
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.25.114.127 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-25-114-127.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
1679dc5c49eba59bea7493931643016631cc4f452bb03541743c12907346f275
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.wcnc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
null
x-content-type-options
nosniff
last-modified
Sun, 28 Feb 2021 14:11:32 GMT
x-amz-request-id
0TGKN2ZSBB4E0STQ
etag
"a05061769c03d16bef060e72624561a1"
x-amz-id-2
vhbAgPweWLgM4Dj0I+nlYkAMNyGg8rTcDCIpFi5hS/zOyxAaELaKQr9bM+AN1nCwqsySSuD08dQ=
content-type
image/jpeg
access-control-allow-origin
nope
cache-control
max-age=1289427
date
Sat, 15 May 2021 14:07:45 GMT
accept-ranges
bytes
content-length
749
x-xss-protection
1; mode=block
expires
Sun, 30 May 2021 12:18:12 GMT
dfad1716-94d4-4971-95d5-198e8316fa4b_16x9.png
media.wcnc.com/assets/WCNC/images/dfad1716-94d4-4971-95d5-198e8316fa4b/ 		655 B
1000 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.wcnc.com/assets/WCNC/images/dfad1716-94d4-4971-95d5-198e8316fa4b/dfad1716-94d4-4971-95d5-198e8316fa4b_16x9.png
Requested by
Host: www.wcnc.com
URL: https://www.wcnc.com/video/money/cash-up-for-grabs-in-federal-rebate-program/275-9d602892-bf91-4ee6-a82b-e811709425d4?jwsource=cl
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.25.114.127 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-25-114-127.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
af75f0d21261526a056032dec44c7dac8e5812515bf253e1f877da38d45faee6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.wcnc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
null
x-content-type-options
nosniff
last-modified
Fri, 14 May 2021 20:15:36 GMT
x-amz-request-id
ZHAVFE3PRTP9TYM7
etag
"d3e1882eb44b9333ec0c8b7b5a5e1e27"
x-amz-id-2
EXh/BlnaaGWp3P4JilNHcKTd3FNMoZ7oRfry0zZ822mfYOyJZwEVfEfiQNjpLdnREXh1n8UWkVc=
content-type
image/png
access-control-allow-origin
nope
cache-control
max-age=1294457
date
Sat, 15 May 2021 14:07:45 GMT
accept-ranges
bytes
content-length
655
x-xss-protection
1; mode=block
expires
Sun, 30 May 2021 13:42:02 GMT
0ccd878a-233f-407d-bcbb-eea6ddd23cd4_16x9.jpg
media.wcnc.com/assets/WCNC/images/0ccd878a-233f-407d-bcbb-eea6ddd23cd4/ 		729 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.wcnc.com/assets/WCNC/images/0ccd878a-233f-407d-bcbb-eea6ddd23cd4/0ccd878a-233f-407d-bcbb-eea6ddd23cd4_16x9.jpg
Requested by
Host: www.wcnc.com
URL: https://www.wcnc.com/video/money/cash-up-for-grabs-in-federal-rebate-program/275-9d602892-bf91-4ee6-a82b-e811709425d4?jwsource=cl
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.25.114.127 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-25-114-127.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6960fb9bc57f47f44b11ebcdf875771e8532e09d5cec00ba6e52ac3aca476b05
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.wcnc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
null
x-content-type-options
nosniff
last-modified
Sat, 15 May 2021 12:47:33 GMT
x-amz-request-id
2X2QN311BE8GWVRG
etag
"bd77d0ea63391c30d054012c7a983fab"
x-amz-id-2
O25RLGHvvST3/hS7tUcf9KpsylHdl9mEva0nna3iCkTDo5YKVl5JPymLTc1eUo96KfLgCjgKHhs=
content-type
image/jpeg
access-control-allow-origin
nope
cache-control
max-age=1291255
date
Sat, 15 May 2021 14:07:46 GMT
accept-ranges
bytes
content-length
729
x-xss-protection
1; mode=block
expires
Sun, 30 May 2021 12:48:41 GMT
b9859504-b4ea-4b82-891f-858dbbbe9435_16x9.jpg
media.wcnc.com/assets/CCT/images/b9859504-b4ea-4b82-891f-858dbbbe9435/ 		782 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.wcnc.com/assets/CCT/images/b9859504-b4ea-4b82-891f-858dbbbe9435/b9859504-b4ea-4b82-891f-858dbbbe9435_16x9.jpg
Requested by
Host: www.wcnc.com
URL: https://www.wcnc.com/video/money/cash-up-for-grabs-in-federal-rebate-program/275-9d602892-bf91-4ee6-a82b-e811709425d4?jwsource=cl
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.25.114.127 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-25-114-127.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
306542149b29e0d8a5e1da83fb88f244bedf946a24bfeaf94d1012f92b2f09db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.wcnc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
null
x-content-type-options
nosniff
last-modified
Sat, 15 May 2021 12:28:03 GMT
x-amz-request-id
KTPKFHR16QJW7C9D
etag
"208a8fc2ca40775b431d9b0171f7dd35"
x-amz-id-2
3+yNYKU1idjVMEpGbAfCvm9O1sBxOd2zchG7j/imVyNry7O/msJxc74V6rp+4BjmKE/Cy9NRhhQ=
content-type
image/jpeg
access-control-allow-origin
nope
cache-control
max-age=1290217
date
Sat, 15 May 2021 14:07:46 GMT
accept-ranges
bytes
content-length
782
x-xss-protection
1; mode=block
expires
Sun, 30 May 2021 12:31:23 GMT
19183ec5-8330-4dc1-ae57-20a467ec21f3_16x9.jpg
media.wcnc.com/assets/WCNC/images/19183ec5-8330-4dc1-ae57-20a467ec21f3/ 		747 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.wcnc.com/assets/WCNC/images/19183ec5-8330-4dc1-ae57-20a467ec21f3/19183ec5-8330-4dc1-ae57-20a467ec21f3_16x9.jpg
Requested by
Host: www.wcnc.com
URL: https://www.wcnc.com/video/money/cash-up-for-grabs-in-federal-rebate-program/275-9d602892-bf91-4ee6-a82b-e811709425d4?jwsource=cl
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.25.114.127 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-25-114-127.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
b701ed69b573de149226a5753983df7fbc11f5e834a7f8e0d4038be8b7c51864
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.wcnc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
null
x-content-type-options
nosniff
last-modified
Sat, 15 May 2021 04:06:24 GMT
x-amz-request-id
98M3YJBRRZTVPN91
etag
"c9ac75c30f6c7077baef31e3f7b402d2"
x-amz-id-2
oD5JxSBamdiYge5fBQL8YQ6yDTFMusgWt9kToHe2YkHOuwZrf5+flYSa7FndPt4qKoJhA87+n6o=
content-type
image/jpeg
access-control-allow-origin
nope
cache-control
max-age=1260055
date
Sat, 15 May 2021 14:07:45 GMT
accept-ranges
bytes
content-length
747
x-xss-protection
1; mode=block
expires
Sun, 30 May 2021 04:08:40 GMT
6e93c1a3-d186-4f34-b5b9-00ca838b3717_16x9.jpg
media.wcnc.com/assets/CCT/images/6e93c1a3-d186-4f34-b5b9-00ca838b3717/ 		740 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.wcnc.com/assets/CCT/images/6e93c1a3-d186-4f34-b5b9-00ca838b3717/6e93c1a3-d186-4f34-b5b9-00ca838b3717_16x9.jpg
Requested by
Host: www.wcnc.com
URL: https://www.wcnc.com/video/money/cash-up-for-grabs-in-federal-rebate-program/275-9d602892-bf91-4ee6-a82b-e811709425d4?jwsource=cl
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.25.114.127 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-25-114-127.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
ff1127808426d5f023799a1f1ddb8d9b8edcd711fbb74084bc664566879071ad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.wcnc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
null
x-content-type-options
nosniff
last-modified
Sat, 15 May 2021 13:13:39 GMT
x-amz-request-id
RG5555R4SAKWE7Z9
etag
"1a079d856db59674fa8c11b7759b4b88"
x-amz-id-2
1ZePkgEcwvBpHKS9aho7mOS4ozFXj4JGoISGJz8gjIu1FsLG25msZb6XT0OY/pX1E6r5wkjii/I=
content-type
image/jpeg
access-control-allow-origin
nope
cache-control
max-age=1292934
date
Sat, 15 May 2021 14:07:46 GMT
accept-ranges
bytes
content-length
740
x-xss-protection
1; mode=block
expires
Sun, 30 May 2021 13:16:40 GMT
wx-65_8x8.png
www.wcnc.com/assets/shared-images/weather-icons/ 		305 B
525 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.wcnc.com/assets/shared-images/weather-icons/wx-65_8x8.png
Requested by
Host: www.wcnc.com
URL: https://www.wcnc.com/video/money/cash-up-for-grabs-in-federal-rebate-program/275-9d602892-bf91-4ee6-a82b-e811709425d4?jwsource=cl
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.18.234 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-18-234.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
4f46b50281cc387a202816e26b329a1b40045904544f09dcce50d920777d72da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/assets/shared-images/weather-icons/wx-65_8x8.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.wcnc.com
referer
https://www.wcnc.com/video/money/cash-up-for-grabs-in-federal-rebate-program/275-9d602892-bf91-4ee6-a82b-e811709425d4?jwsource=cl
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.wcnc.com/video/money/cash-up-for-grabs-in-federal-rebate-program/275-9d602892-bf91-4ee6-a82b-e811709425d4?jwsource=cl
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 15 May 2021 14:07:45 GMT
x-content-type-options
nosniff
last-modified
Tue, 04 May 2021 19:46:06 GMT
etag
"1d7411e1f429231"
content-type
image/png
expires
Sun, 16 May 2021 13:00:52 GMT
cache-control
max-age=82387
accept-ranges
bytes
content-length
305
x-xss-protection
1; mode=block
x-cache-hits
0
arrow.png
www.wcnc.com/images/header/ 		732 B
1015 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.wcnc.com/images/header/arrow.png
Requested by
Host: www.wcnc.com
URL: https://www.wcnc.com/video/money/cash-up-for-grabs-in-federal-rebate-program/275-9d602892-bf91-4ee6-a82b-e811709425d4?jwsource=cl
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.18.234 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-18-234.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
a060c61decc8daa80d700f95cdcab86e1f2fed93e4817df8757009a68fe0ac6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/images/header/arrow.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.wcnc.com
referer
https://www.wcnc.com/video/money/cash-up-for-grabs-in-federal-rebate-program/275-9d602892-bf91-4ee6-a82b-e811709425d4?jwsource=cl
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.wcnc.com/video/money/cash-up-for-grabs-in-federal-rebate-program/275-9d602892-bf91-4ee6-a82b-e811709425d4?jwsource=cl
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 15 May 2021 14:07:45 GMT
x-content-type-options
nosniff
last-modified
Tue, 04 May 2021 19:46:10 GMT
etag
"1d7411e21a4efdc"
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
max-age=78375
x-cache-hits
0
vha6-origin
tgna-varnish-east2-02tgna-varnish-east2-05
accept-ranges
bytes
content-length
732
x-xss-protection
1; mode=block
expires
Sun, 16 May 2021 11:54:00 GMT
e0b8b08e-398a-4754-9055-aa8da6400d96_1920x1080.jpg
media.wcnc.com/assets/WCNC/images/e0b8b08e-398a-4754-9055-aa8da6400d96/ 		167 KB
168 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.wcnc.com/assets/WCNC/images/e0b8b08e-398a-4754-9055-aa8da6400d96/e0b8b08e-398a-4754-9055-aa8da6400d96_1920x1080.jpg
Requested by
Host: www.wcnc.com
URL: https://www.wcnc.com/video/money/cash-up-for-grabs-in-federal-rebate-program/275-9d602892-bf91-4ee6-a82b-e811709425d4?jwsource=cl
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.25.114.127 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-25-114-127.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
ecb0101a1af3ee3c1f9c3a1007e43df4f2e75e8c737d724c2b373d361578edde
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.wcnc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
null
x-content-type-options
nosniff
last-modified
Thu, 22 Apr 2021 04:08:31 GMT
x-amz-request-id
3MBHK4PFCTFJZFNZ
etag
"6373649186be9824ba9ea519c801f014"
x-amz-id-2
WGqub7Q8ruVcT29sn55EeBzMlOjhTHe6rrH4LaN7gFIivU+PudBTX7LWg6crFEyamdxNGZ2EQcU=
content-type
image/jpeg
access-control-allow-origin
nope
cache-control
max-age=1296000
date
Sat, 15 May 2021 14:07:46 GMT
accept-ranges
bytes
content-length
171339
x-xss-protection
1; mode=block
expires
Sun, 30 May 2021 14:07:46 GMT
sfp.js
native.sharethrough.com/assets/ 		230 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://native.sharethrough.com/assets/sfp.js
Requested by
Host: www.wcnc.com
URL: https://www.wcnc.com/video/money/cash-up-for-grabs-in-federal-rebate-program/275-9d602892-bf91-4ee6-a82b-e811709425d4?jwsource=cl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.95.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-95-128.zrh50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1ca7c4da6020839f3e0f6312ad36447f9003ac913dea63bc14a66e9731498835

Request headers

Referer
https://www.wcnc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 15 May 2021 13:12:12 GMT
content-encoding
gzip
last-modified
Wed, 12 May 2021 17:11:24 GMT
server
AmazonS3
age
3334
etag
W/"cff52d9bc3805a003c0f1d3538b6c4fc"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 666ff4ad81b3b60af3d2241160893ee3.cloudfront.net (CloudFront)
cache-control
public, max-age=3600
x-amz-cf-pop
ZRH50-C1
x-amz-cf-id
9QTdM0cNSbj0wzFyixSBD-nWTfGm4wjszM14SifAPyLzJ1WYqg8VqQ==
expires
Wed, 12 May 2021 18:11:23 GMT
1880d7df-5f80-423d-b83d-f0ab8b227a06.json
cdn.cookielaw.org/consent/1880d7df-5f80-423d-b83d-f0ab8b227a06/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/1880d7df-5f80-423d-b83d-f0ab8b227a06/1880d7df-5f80-423d-b83d-f0ab8b227a06.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
72cb96ad9f56b86ddfd5059f2af37740efc99f08949b662c3badc807445aebce
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.wcnc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 15 May 2021 14:07:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
content-md5
FqZuyOlUg8znkOYBhXVb0Q==
vary
Accept-Encoding
content-length
1021
cf-request-id
0a11f3d5ff00000746480c4000000001
x-ms-lease-status
unlocked
last-modified
Thu, 30 Jul 2020 19:30:38 GMT
server
cloudflare
etag
0x8D834BF0A43BB38
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
747efa29-001e-0030-4442-3582cc000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
64fcef366b640746-FRA
dnsfeed
geolocation.onetrust.com/cookieconsentpub/v1/geo/location/ 		162 B
406 B 		Script
General
Check archive.org
Download Go to
Full URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location/dnsfeed
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/opt-out/otCCPAiab.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:b944 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dfeb7783a538aaf85df056bf149c808937dccdb3e3af5714d6fba017054e2f94
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.wcnc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 15 May 2021 14:07:45 GMT
content-encoding
gzip
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
64fcef3678fc4e74-FRA
cf-request-id
0a11f3d60800004e746390f000000001
apstag.js
c.amazon-adsystem.com/aax2/ 		126 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: www.wcnc.com
URL: https://www.wcnc.com/video/money/cash-up-for-grabs-in-federal-rebate-program/275-9d602892-bf91-4ee6-a82b-e811709425d4?jwsource=cl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.5.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-5-125.vie50.r.cloudfront.net
Software
Server /
Resource Hash
05b1936a5e4229dc34d8e5fcfc22ce024634ea618687f37e31857402b27c4dba

Request headers

Referer
https://www.wcnc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
RvFob.r3TH_ft5dtWL2SCNMCpiQphReE
content-encoding
gzip
server
Server
age
32315
etag
8975e8311e479cf7d71d71133ee2dff8
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 a4035907ac3c3ba8d1fd116b6b6b9a4d.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
date
Sat, 15 May 2021 05:09:10 GMT
x-amz-cf-pop
VIE50-C2
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
BKxej5XY8Y5H_9zJEpbVEaDGkmQGXNM-0EWuWHjhDRq3rjK1ZG5_8g==
diag-5x5-blue-2x.png
www.wcnc.com/assets/shared-images/backgrounds/ 		130 B
375 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.wcnc.com/assets/shared-images/backgrounds/diag-5x5-blue-2x.png
Requested by
Host: www.wcnc.com
URL: https://www.wcnc.com/video/money/cash-up-for-grabs-in-federal-rebate-program/275-9d602892-bf91-4ee6-a82b-e811709425d4?jwsource=cl
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.18.234 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-18-234.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
ee4f42803bae67f5ae3497bc48edf72f31553aefee6c1a5662aef645182fafb7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/assets/shared-images/backgrounds/diag-5x5-blue-2x.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.wcnc.com
referer
https://www.wcnc.com/video/money/cash-up-for-grabs-in-federal-rebate-program/275-9d602892-bf91-4ee6-a82b-e811709425d4?jwsource=cl
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.wcnc.com/video/money/cash-up-for-grabs-in-federal-rebate-program/275-9d602892-bf91-4ee6-a82b-e811709425d4?jwsource=cl
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 15 May 2021 14:07:45 GMT
x-content-type-options
nosniff
last-modified
Tue, 04 May 2021 19:45:48 GMT
etag
"1d7411e1487fe82"
content-type
image/png
cache-control
max-age=104356
x-cache-hits
0
vha6-origin
tgna-varnish-ctrl-05
accept-ranges
bytes
content-length
130
x-xss-protection
1; mode=block
expires
Sun, 16 May 2021 19:07:01 GMT
search.png
www.wcnc.com/images/header/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.wcnc.com/images/header/search.png
Requested by
Host: www.wcnc.com
URL: https://www.wcnc.com/video/money/cash-up-for-grabs-in-federal-rebate-program/275-9d602892-bf91-4ee6-a82b-e811709425d4?jwsource=cl
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.18.234 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-18-234.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
f154c12a052caec9aa9c1e5f7bcf9106a1b650798cfbc5d891172a243c96e27c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/images/header/search.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.wcnc.com
referer
https://www.wcnc.com/video/money/cash-up-for-grabs-in-federal-rebate-program/275-9d602892-bf91-4ee6-a82b-e811709425d4?jwsource=cl
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.wcnc.com/video/money/cash-up-for-grabs-in-federal-rebate-program/275-9d602892-bf91-4ee6-a82b-e811709425d4?jwsource=cl
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 15 May 2021 14:07:45 GMT
x-content-type-options
nosniff
last-modified
Tue, 04 May 2021 19:46:10 GMT
etag
"1d7411e21a4e9d8"
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
max-age=116629
x-cache-hits
0
vha6-origin
tgna-varnish-east2-04
accept-ranges
bytes
content-length
1240
x-xss-protection
1; mode=block
expires
Sun, 16 May 2021 22:31:34 GMT
gpt.js
www.googletagservices.com/tag/js/ 		63 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: www.wcnc.com
URL: https://www.wcnc.com/video/money/cash-up-for-grabs-in-federal-rebate-program/275-9d602892-bf91-4ee6-a82b-e811709425d4?jwsource=cl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4bf63af61eae56517944f32094187ba6082c7d29cfaac60064142769f57af1c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.wcnc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 15 May 2021 14:07:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"872 / 83 of 1000 / last-modified: 1621030146"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21333
x-xss-protection
0
expires
Sat, 15 May 2021 14:07:45 GMT
common.min_5.5.1.js
www.wcnc.com/ 		33 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.wcnc.com/common.min_5.5.1.js
Requested by
Host: www.wcnc.com
URL: https://www.wcnc.com/video/money/cash-up-for-grabs-in-federal-rebate-program/275-9d602892-bf91-4ee6-a82b-e811709425d4?jwsource=cl
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.18.234 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-18-234.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
da53b4b3093ed7f6928654e5ee2c1820e875451aab8a25d98b70ad708c1213e9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/common.min_5.5.1.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.wcnc.com
referer
https://www.wcnc.com/video/money/cash-up-for-grabs-in-federal-rebate-program/275-9d602892-bf91-4ee6-a82b-e811709425d4?jwsource=cl
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.wcnc.com/video/money/cash-up-for-grabs-in-federal-rebate-program/275-9d602892-bf91-4ee6-a82b-e811709425d4?jwsource=cl
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 15 May 2021 14:07:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 04 May 2021 19:46:26 GMT
etag
"1d7411e2b2ed09e"
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=167262
x-cache-hits
1
vha6-origin
tgna-varnish-ctrl-03
accept-ranges
bytes
vary
Accept-Encoding
content-length
12626
x-xss-protection
1; mode=block
expires
Mon, 17 May 2021 12:35:27 GMT
photo_5.5.1.js
www.wcnc.com/ 		307 B
630 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.wcnc.com/photo_5.5.1.js
Requested by
Host: www.wcnc.com
URL: https://www.wcnc.com/video/money/cash-up-for-grabs-in-federal-rebate-program/275-9d602892-bf91-4ee6-a82b-e811709425d4?jwsource=cl
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.18.234 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-18-234.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
9c03faa7f1a0782e916dbae897b96d443ed450df44e01b4cd3f5b0f1720af494
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/photo_5.5.1.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.wcnc.com
referer
https://www.wcnc.com/video/money/cash-up-for-grabs-in-federal-rebate-program/275-9d602892-bf91-4ee6-a82b-e811709425d4?jwsource=cl
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.wcnc.com/video/money/cash-up-for-grabs-in-federal-rebate-program/275-9d602892-bf91-4ee6-a82b-e811709425d4?jwsource=cl
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 15 May 2021 14:07:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 04 May 2021 19:46:30 GMT
etag
"1d7411e2d90ae33"
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=167373
x-cache-hits
1
vha6-origin
tgna-varnish-ctrl-05
accept-ranges
bytes
vary
Accept-Encoding
content-length
331
x-xss-protection
1; mode=block
expires
Mon, 17 May 2021 12:37:18 GMT
lazy-image_5.5.1.js
www.wcnc.com/ 		901 B
883 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.wcnc.com/lazy-image_5.5.1.js
Requested by
Host: www.wcnc.com
URL: https://www.wcnc.com/video/money/cash-up-for-grabs-in-federal-rebate-program/275-9d602892-bf91-4ee6-a82b-e811709425d4?jwsource=cl
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.18.234 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-18-234.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
1d3b44733db0c0167cafb64ccb0e74572c7795a436ee472eaa88f5a6089ba894
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/lazy-image_5.5.1.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.wcnc.com
referer
https://www.wcnc.com/video/money/cash-up-for-grabs-in-federal-rebate-program/275-9d602892-bf91-4ee6-a82b-e811709425d4?jwsource=cl
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.wcnc.com/video/money/cash-up-for-grabs-in-federal-rebate-program/275-9d602892-bf91-4ee6-a82b-e811709425d4?jwsource=cl
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 15 May 2021 14:07:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 04 May 2021 19:46:30 GMT
etag
"1d7411e2d90ac85"
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=167295
x-cache-hits
0
accept-ranges
bytes
vary
Accept-Encoding
content-length
612
x-xss-protection
1; mode=block
expires
Mon, 17 May 2021 12:36:00 GMT
ad_5.5.1.js
www.wcnc.com/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.wcnc.com/ad_5.5.1.js
Requested by
Host: www.wcnc.com
URL: https://www.wcnc.com/video/money/cash-up-for-grabs-in-federal-rebate-program/275-9d602892-bf91-4ee6-a82b-e811709425d4?jwsource=cl
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.18.234 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-18-234.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
ad37a015854eb03f58c6e08603fe8bfac057484f94a2113a10116991623e4abb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/ad_5.5.1.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.wcnc.com
referer
https://www.wcnc.com/video/money/cash-up-for-grabs-in-federal-rebate-program/275-9d602892-bf91-4ee6-a82b-e811709425d4?jwsource=cl
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.wcnc.com/video/money/cash-up-for-grabs-in-federal-rebate-program/275-9d602892-bf91-4ee6-a82b-e811709425d4?jwsource=cl
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 15 May 2021 14:07:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 04 May 2021 19:46:10 GMT
etag
"1d7411e21a4f752"
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=167318
x-cache-hits
2
vha6-origin
tgna-varnish-ctrl-04
accept-ranges
bytes
vary
Accept-Encoding
content-length
2800
x-xss-protection
1; mode=block
expires
Mon, 17 May 2021 12:36:23 GMT
gallery_5.5.1.js
www.wcnc.com/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.wcnc.com/gallery_5.5.1.js
Requested by
Host: www.wcnc.com
URL: https://www.wcnc.com/video/money/cash-up-for-grabs-in-federal-rebate-program/275-9d602892-bf91-4ee6-a82b-e811709425d4?jwsource=cl
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.18.234 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-18-234.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
082b3365410bcf2809a6b106bdf14befbce73034be5bca2255cfc4721ed594d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/gallery_5.5.1.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.wcnc.com
referer
https://www.wcnc.com/video/money/cash-up-for-grabs-in-federal-rebate-program/275-9d602892-bf91-4ee6-a82b-e811709425d4?jwsource=cl
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.wcnc.com/video/money/cash-up-for-grabs-in-federal-rebate-program/275-9d602892-bf91-4ee6-a82b-e811709425d4?jwsource=cl
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 15 May 2021 14:07:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 04 May 2021 19:46:26 GMT
etag
"1d7411e2b2e5f3e"
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=167282
x-cache-hits
6
accept-ranges
bytes
vary
Accept-Encoding
content-length
1213
x-xss-protection
1; mode=block
expires
Mon, 17 May 2021 12:35:47 GMT
video_5.5.1.js
www.wcnc.com/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.wcnc.com/video_5.5.1.js
Requested by
Host: www.wcnc.com
URL: https://www.wcnc.com/video/money/cash-up-for-grabs-in-federal-rebate-program/275-9d602892-bf91-4ee6-a82b-e811709425d4?jwsource=cl
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.18.234 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-18-234.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
5d56dc4c445b469402d99527d6961ad842b73d46c2bbee3c465478ecb7ac741f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/video_5.5.1.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.wcnc.com
referer
https://www.wcnc.com/video/money/cash-up-for-grabs-in-federal-rebate-program/275-9d602892-bf91-4ee6-a82b-e811709425d4?jwsource=cl
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.wcnc.com/video/money/cash-up-for-grabs-in-federal-rebate-program/275-9d602892-bf91-4ee6-a82b-e811709425d4?jwsource=cl
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 15 May 2021 14:07:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 04 May 2021 19:46:40 GMT
etag
"1d7411e3386bffb"
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=167398
x-cache-hits
2
vha6-origin
tgna-varnish-ctrl-03
accept-ranges
bytes
vary
Accept-Encoding
content-length
4854
x-xss-protection
1; mode=block
expires
Mon, 17 May 2021 12:37:43 GMT
taboola_5.5.1.js
www.wcnc.com/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.wcnc.com/taboola_5.5.1.js
Requested by
Host: www.wcnc.com
URL: https://www.wcnc.com/video/money/cash-up-for-grabs-in-federal-rebate-program/275-9d602892-bf91-4ee6-a82b-e811709425d4?jwsource=cl
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.18.234 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-18-234.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
c718cd3280f67258b227f705c8088e07c1b396c376d0984a954338f2004323e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/taboola_5.5.1.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.wcnc.com
referer
https://www.wcnc.com/video/money/cash-up-for-grabs-in-federal-rebate-program/275-9d602892-bf91-4ee6-a82b-e811709425d4?jwsource=cl
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.wcnc.com/video/money/cash-up-for-grabs-in-federal-rebate-program/275-9d602892-bf91-4ee6-a82b-e811709425d4?jwsource=cl
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 15 May 2021 14:07:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 04 May 2021 19:46:38 GMT
etag
"1d7411e32556627"
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=167414
x-cache-hits
3
accept-ranges
bytes
vary
Accept-Encoding
content-length
822
x-xss-protection
1; mode=block
expires
Mon, 17 May 2021 12:37:59 GMT
related-stories_5.5.1.js
www.wcnc.com/ 		327 B
637 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.wcnc.com/related-stories_5.5.1.js
Requested by
Host: www.wcnc.com
URL: https://www.wcnc.com/video/money/cash-up-for-grabs-in-federal-rebate-program/275-9d602892-bf91-4ee6-a82b-e811709425d4?jwsource=cl
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.18.234 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-18-234.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
69888638e9ff0c81c3441d6647ad23d5569bf7a1d1d31678665584b94bcc5c62
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/related-stories_5.5.1.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.wcnc.com
referer
https://www.wcnc.com/video/money/cash-up-for-grabs-in-federal-rebate-program/275-9d602892-bf91-4ee6-a82b-e811709425d4?jwsource=cl
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.wcnc.com/video/money/cash-up-for-grabs-in-federal-rebate-program/275-9d602892-bf91-4ee6-a82b-e811709425d4?jwsource=cl
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 15 May 2021 14:07:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 04 May 2021 19:46:38 GMT
etag
"1d7411e32556247"
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=167394
x-cache-hits
1
vha6-origin
tgna-varnish-ctrl-02
accept-ranges
bytes
vary
Accept-Encoding
content-length
339
x-xss-protection
1; mode=block
expires
Mon, 17 May 2021 12:37:39 GMT
raw-html_5.5.1.js
www.wcnc.com/ 		313 B
607 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.wcnc.com/raw-html_5.5.1.js
Requested by
Host: www.wcnc.com
URL: https://www.wcnc.com/video/money/cash-up-for-grabs-in-federal-rebate-program/275-9d602892-bf91-4ee6-a82b-e811709425d4?jwsource=cl
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.18.234 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-18-234.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
02e50d4e14196629bed86e260ca3a288e723001492bc60ece4b4e6ccd1b3998a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/raw-html_5.5.1.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.wcnc.com
referer
https://www.wcnc.com/video/money/cash-up-for-grabs-in-federal-rebate-program/275-9d602892-bf91-4ee6-a82b-e811709425d4?jwsource=cl
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.wcnc.com/video/money/cash-up-for-grabs-in-federal-rebate-program/275-9d602892-bf91-4ee6-a82b-e811709425d4?jwsource=cl
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 15 May 2021 14:07:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 04 May 2021 19:46:38 GMT
etag
"1d7411e32556239"
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=167393
x-cache-hits
0
accept-ranges
bytes
vary
Accept-Encoding
content-length
334
x-xss-protection
1; mode=block
expires
Mon, 17 May 2021 12:37:38 GMT
elections_5.5.1.js
www.wcnc.com/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.wcnc.com/elections_5.5.1.js
Requested by
Host: www.wcnc.com
URL: https://www.wcnc.com/video/money/cash-up-for-grabs-in-federal-rebate-program/275-9d602892-bf91-4ee6-a82b-e811709425d4?jwsource=cl
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.18.234 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-18-234.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
f21ef21977e18adbfb6a24300c330bedd64ea698312f70ac94ff6a36c6fb05bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/elections_5.5.1.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.wcnc.com
referer
https://www.wcnc.com/video/money/cash-up-for-grabs-in-federal-rebate-program/275-9d602892-bf91-4ee6-a82b-e811709425d4?jwsource=cl
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.wcnc.com/video/money/cash-up-for-grabs-in-federal-rebate-program/275-9d602892-bf91-4ee6-a82b-e811709425d4?jwsource=cl
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 15 May 2021 14:07:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 04 May 2021 19:46:26 GMT
etag
"1d7411e2b2e5f8c"
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=167392
x-cache-hits
4
accept-ranges
bytes
vary
Accept-Encoding
content-length
1230
x-xss-protection
1; mode=block
expires
Mon, 17 May 2021 12:37:37 GMT
election-single-race_5.5.1.js
www.wcnc.com/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.wcnc.com/election-single-race_5.5.1.js
Requested by
Host: www.wcnc.com
URL: https://www.wcnc.com/video/money/cash-up-for-grabs-in-federal-rebate-program/275-9d602892-bf91-4ee6-a82b-e811709425d4?jwsource=cl
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.18.234 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-18-234.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
66c15b23dbfcb2e4c295844c69e32656ea8960e816c20745c4263a2daa268511
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/election-single-race_5.5.1.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.wcnc.com
referer
https://www.wcnc.com/video/money/cash-up-for-grabs-in-federal-rebate-program/275-9d602892-bf91-4ee6-a82b-e811709425d4?jwsource=cl
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.wcnc.com/video/money/cash-up-for-grabs-in-federal-rebate-program/275-9d602892-bf91-4ee6-a82b-e811709425d4?jwsource=cl
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 15 May 2021 14:07:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 04 May 2021 19:46:26 GMT
etag
"1d7411e2b2e5c7b"
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=167439
x-cache-hits
3
vha6-origin
tgna-varnish-ctrl-03
accept-ranges
bytes
vary
Accept-Encoding
content-length
1141
x-xss-protection
1; mode=block
expires
Mon, 17 May 2021 12:38:24 GMT
story-row_5.5.1.js
www.wcnc.com/ 		315 B
632 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.wcnc.com/story-row_5.5.1.js
Requested by
Host: www.wcnc.com
URL: https://www.wcnc.com/video/money/cash-up-for-grabs-in-federal-rebate-program/275-9d602892-bf91-4ee6-a82b-e811709425d4?jwsource=cl
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.18.234 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-18-234.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
52ed72317198b4732b86870171988d5945d7db405e14c117a48d63de2340b8ac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/story-row_5.5.1.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.wcnc.com
referer
https://www.wcnc.com/video/money/cash-up-for-grabs-in-federal-rebate-program/275-9d602892-bf91-4ee6-a82b-e811709425d4?jwsource=cl
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.wcnc.com/video/money/cash-up-for-grabs-in-federal-rebate-program/275-9d602892-bf91-4ee6-a82b-e811709425d4?jwsource=cl
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 15 May 2021 14:07:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 04 May 2021 19:46:38 GMT
etag
"1d7411e3255623b"
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=165441
x-cache-hits
1
vha6-origin
tgna-varnish-ctrl-02
accept-ranges
bytes
vary
Accept-Encoding
content-length
335
x-xss-protection
1; mode=block
expires
Mon, 17 May 2021 12:05:06 GMT
watch-live_5.5.1.js
www.wcnc.com/ 		957 B
911 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.wcnc.com/watch-live_5.5.1.js
Requested by
Host: www.wcnc.com
URL: https://www.wcnc.com/video/money/cash-up-for-grabs-in-federal-rebate-program/275-9d602892-bf91-4ee6-a82b-e811709425d4?jwsource=cl
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.18.234 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-18-234.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
282c429b052baa13bf3c496b5484d4bec616db46fb7505a487fa86e97a3e652f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/watch-live_5.5.1.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.wcnc.com
referer
https://www.wcnc.com/video/money/cash-up-for-grabs-in-federal-rebate-program/275-9d602892-bf91-4ee6-a82b-e811709425d4?jwsource=cl
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.wcnc.com/video/money/cash-up-for-grabs-in-federal-rebate-program/275-9d602892-bf91-4ee6-a82b-e811709425d4?jwsource=cl
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 15 May 2021 14:07:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 04 May 2021 19:46:40 GMT
etag
"1d7411e338693bd"
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=195310
x-cache-hits
0
vha6-origin
tgna-varnish-ctrl-04tgna-varnish-ctrl-02tgna-varnish-ctrl-03
accept-ranges
bytes
vary
Accept-Encoding
content-length
584
x-xss-protection
1; mode=block
expires
Mon, 17 May 2021 20:22:55 GMT
mini-live-video_5.5.1.js
www.wcnc.com/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.wcnc.com/mini-live-video_5.5.1.js
Requested by
Host: www.wcnc.com
URL: https://www.wcnc.com/video/money/cash-up-for-grabs-in-federal-rebate-program/275-9d602892-bf91-4ee6-a82b-e811709425d4?jwsource=cl
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.18.234 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-18-234.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
efae70b6766292613f92f988f2ecd58f4a7a6167bb70c090437fc5189859f791
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/mini-live-video_5.5.1.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.wcnc.com
referer
https://www.wcnc.com/video/money/cash-up-for-grabs-in-federal-rebate-program/275-9d602892-bf91-4ee6-a82b-e811709425d4?jwsource=cl
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.wcnc.com/video/money/cash-up-for-grabs-in-federal-rebate-program/275-9d602892-bf91-4ee6-a82b-e811709425d4?jwsource=cl
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 15 May 2021 14:07:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 04 May 2021 19:46:30 GMT
etag
"1d7411e2d90a298"
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=165604
x-cache-hits
2
accept-ranges
bytes
vary
Accept-Encoding
content-length
1591
x-xss-protection
1; mode=block
expires
Mon, 17 May 2021 12:07:49 GMT
notifications_5.5.1.js
www.wcnc.com/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.wcnc.com/notifications_5.5.1.js
Requested by
Host: www.wcnc.com
URL: https://www.wcnc.com/video/money/cash-up-for-grabs-in-federal-rebate-program/275-9d602892-bf91-4ee6-a82b-e811709425d4?jwsource=cl
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.18.234 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-18-234.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
9b39120936e9a362eaa60c69de188339baac5739f3f0f960e6eb247c55cfb684
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/notifications_5.5.1.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.wcnc.com
referer
https://www.wcnc.com/video/money/cash-up-for-grabs-in-federal-rebate-program/275-9d602892-bf91-4ee6-a82b-e811709425d4?jwsource=cl
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.wcnc.com/video/money/cash-up-for-grabs-in-federal-rebate-program/275-9d602892-bf91-4ee6-a82b-e811709425d4?jwsource=cl
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 15 May 2021 14:07:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 04 May 2021 19:46:30 GMT
etag
"1d7411e2d90a592"
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=182919
x-cache-hits
0
vha6-origin
tgna-varnish-ctrl-03
accept-ranges
bytes
vary
Accept-Encoding
content-length
1163
x-xss-protection
1; mode=block
expires
Mon, 17 May 2021 16:56:24 GMT
firebase-app.js
www.wcnc.com/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.wcnc.com/firebase-app.js
Requested by
Host: www.wcnc.com
URL: https://www.wcnc.com/video/money/cash-up-for-grabs-in-federal-rebate-program/275-9d602892-bf91-4ee6-a82b-e811709425d4?jwsource=cl
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.18.234 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-18-234.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
05a4fb803e2982bbc2b71afad4bd921bc3389ed80e0d0374ad0d5ec97212c75d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/firebase-app.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.wcnc.com
referer
https://www.wcnc.com/video/money/cash-up-for-grabs-in-federal-rebate-program/275-9d602892-bf91-4ee6-a82b-e811709425d4?jwsource=cl
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.wcnc.com/video/money/cash-up-for-grabs-in-federal-rebate-program/275-9d602892-bf91-4ee6-a82b-e811709425d4?jwsource=cl
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 15 May 2021 14:07:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 04 May 2021 19:46:26 GMT
etag
"1d7411e2b2e7eec"
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=168100
x-cache-hits
0
accept-ranges
bytes
vary
Accept-Encoding
content-length
4579
x-xss-protection
1; mode=block
expires
Mon, 17 May 2021 12:49:25 GMT
firebase-messaging.js
www.wcnc.com/ 		32 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.wcnc.com/firebase-messaging.js
Requested by
Host: www.wcnc.com
URL: https://www.wcnc.com/video/money/cash-up-for-grabs-in-federal-rebate-program/275-9d602892-bf91-4ee6-a82b-e811709425d4?jwsource=cl
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.18.234 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-18-234.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
61f60917f730662b6783589f1421f56d262279847c2c27490023b3257914c3eb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/firebase-messaging.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.wcnc.com
referer
https://www.wcnc.com/video/money/cash-up-for-grabs-in-federal-rebate-program/275-9d602892-bf91-4ee6-a82b-e811709425d4?jwsource=cl
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.wcnc.com/video/money/cash-up-for-grabs-in-federal-rebate-program/275-9d602892-bf91-4ee6-a82b-e811709425d4?jwsource=cl
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 15 May 2021 14:07:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 04 May 2021 19:46:26 GMT
etag
"1d7411e2b2e2a21"
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=176984
x-cache-hits
0
vha6-origin
tgna-varnish-ctrl-02
accept-ranges
bytes
vary
Accept-Encoding
content-length
11269
x-xss-protection
1; mode=block
expires
Mon, 17 May 2021 15:17:29 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/f-bnnOuahiYKuei7dmAd3kgv/ 		335 KB
131 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/f-bnnOuahiYKuei7dmAd3kgv/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=recaptchaCallback&render=explicit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ee8f2a6ea8c02259b3f4d068d0607f92ba9cd2a6f06d915ca317b75a39676932
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.wcnc.com
Referer
https://www.wcnc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 15 May 2021 14:05:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
159
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
134136
x-xss-protection
0
last-modified
Tue, 11 May 2021 21:19:12 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 15 May 2022 14:05:06 GMT
proximanova-extrabold-webfont.woff2
www.wcnc.com/assets/fonts/ 		14 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.wcnc.com/assets/fonts/proximanova-extrabold-webfont.woff2
Requested by
Host: www.wcnc.com
URL: https://www.wcnc.com/modules.min_5.5.1.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.18.234 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-18-234.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
8f4ad4651d303f2ba96e415554e247770276cbf7a9165d3ae1d3fd8fcaed5f41
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-fetch-mode
cors
origin
https://www.wcnc.com
accept-encoding
gzip, deflate, br
accept-language
en-US
sec-fetch-dest
font
cookie
usprivacy=1YNY
:path
/assets/fonts/proximanova-extrabold-webfont.woff2
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.wcnc.com
referer
https://www.wcnc.com/modules.min_5.5.1.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Origin
https://www.wcnc.com
Referer
https://www.wcnc.com/modules.min_5.5.1.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 15 May 2021 14:07:45 GMT
x-content-type-options
nosniff
last-modified
Tue, 04 May 2021 19:43:16 GMT
etag
"1d7411db9ee9b14"
content-type
font/woff2
cache-control
max-age=72327
x-cache-hits
0
vha6-origin
tgna-varnish-ctrl-05tgna-varnish-ctrl-04
accept-ranges
bytes
content-length
14612
x-xss-protection
1; mode=block
expires
Sun, 16 May 2021 10:13:12 GMT
proximanova-bold-webfont.woff2
www.wcnc.com/assets/fonts/ 		14 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.wcnc.com/assets/fonts/proximanova-bold-webfont.woff2
Requested by
Host: www.wcnc.com
URL: https://www.wcnc.com/modules.min_5.5.1.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.18.234 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-18-234.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6b1a95aed3687521fcbf654063d65a3facbe97c96c888c9016bbe8d1c719637f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-fetch-mode
cors
origin
https://www.wcnc.com
accept-encoding
gzip, deflate, br
accept-language
en-US
sec-fetch-dest
font
cookie
usprivacy=1YNY
:path
/assets/fonts/proximanova-bold-webfont.woff2
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.wcnc.com
referer
https://www.wcnc.com/modules.min_5.5.1.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Origin
https://www.wcnc.com
Referer
https://www.wcnc.com/modules.min_5.5.1.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 15 May 2021 14:07:45 GMT
x-content-type-options
nosniff
last-modified
Tue, 04 May 2021 19:43:16 GMT
etag
"1d7411db9ee9b94"
content-type
font/woff2
expires
Sun, 16 May 2021 11:03:02 GMT
cache-control
max-age=75317
accept-ranges
bytes
content-length
14740
x-xss-protection
1; mode=block
x-cache-hits
0
proximanova-semibold-webfont.woff2
www.wcnc.com/assets/fonts/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.wcnc.com/assets/fonts/proximanova-semibold-webfont.woff2
Requested by
Host: www.wcnc.com
URL: https://www.wcnc.com/modules.min_5.5.1.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.18.234 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-18-234.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
ecf31d03b0335b2099411a2b2ffe02cb9272db8ee1878e7f693b9f07caf12af1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-fetch-mode
cors
origin
https://www.wcnc.com
accept-encoding
gzip, deflate, br
accept-language
en-US
sec-fetch-dest
font
cookie
usprivacy=1YNY
:path
/assets/fonts/proximanova-semibold-webfont.woff2
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.wcnc.com
referer
https://www.wcnc.com/modules.min_5.5.1.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Origin
https://www.wcnc.com
Referer
https://www.wcnc.com/modules.min_5.5.1.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 15 May 2021 14:07:45 GMT
x-content-type-options
nosniff
last-modified
Tue, 04 May 2021 19:43:16 GMT
etag
"1d7411db9ee9aa0"
content-type
font/woff2
expires
Sun, 16 May 2021 12:55:08 GMT
cache-control
max-age=82043
accept-ranges
bytes
content-length
14496
x-xss-protection
1; mode=block
x-cache-hits
0
proximanova-regular-webfont.woff2
www.wcnc.com/assets/fonts/ 		14 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.wcnc.com/assets/fonts/proximanova-regular-webfont.woff2
Requested by
Host: www.wcnc.com
URL: https://www.wcnc.com/modules.min_5.5.1.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.18.234 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-18-234.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
bc902768c2ec3a51106337c1b7b7ee9d0994a21f795b879db7cd24029edd33c7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-fetch-mode
cors
origin
https://www.wcnc.com
accept-encoding
gzip, deflate, br
accept-language
en-US
sec-fetch-dest
font
cookie
usprivacy=1YNY
:path
/assets/fonts/proximanova-regular-webfont.woff2
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.wcnc.com
referer
https://www.wcnc.com/modules.min_5.5.1.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Origin
https://www.wcnc.com
Referer
https://www.wcnc.com/modules.min_5.5.1.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 15 May 2021 14:07:45 GMT
x-content-type-options
nosniff
last-modified
Tue, 04 May 2021 19:43:16 GMT
etag
"1d7411db9ee9bc8"
content-type
font/woff2
expires
Sun, 16 May 2021 11:31:05 GMT
cache-control
max-age=77000
accept-ranges
bytes
content-length
14792
x-xss-protection
1; mode=block
x-cache-hits
1
close.svg
www.wcnc.com/assets/shared-images/icons/ 		270 B
444 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.wcnc.com/assets/shared-images/icons/close.svg
Requested by
Host: www.wcnc.com
URL: https://www.wcnc.com/modules.min_5.5.1.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.18.234 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-18-234.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2774640b1d27c3aa4e178db75e4a77fd9ae7d9b01fa15e29de0a05bc21d3d829
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/assets/shared-images/icons/close.svg
pragma
no-cache
cookie
usprivacy=1YNY
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.wcnc.com
referer
https://www.wcnc.com/modules.min_5.5.1.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.wcnc.com/modules.min_5.5.1.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 15 May 2021 14:07:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 04 May 2021 19:43:16 GMT
etag
"1d7411db9eea30e"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=172250
x-cache-hits
0
accept-ranges
bytes
content-length
201
x-xss-protection
1; mode=block
expires
Mon, 17 May 2021 13:58:35 GMT
tegna-utils.js
www.wcnc.com/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.wcnc.com/tegna-utils.js
Requested by
Host: www.wcnc.com
URL: https://www.wcnc.com/video/money/cash-up-for-grabs-in-federal-rebate-program/275-9d602892-bf91-4ee6-a82b-e811709425d4?jwsource=cl
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.18.234 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-18-234.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
f848a64faf6e20ee11b1299965bfb230499b3e96743ab6fee80b5fa5e1941d7f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/tegna-utils.js
pragma
no-cache
cookie
usprivacy=1YNY
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.wcnc.com
referer
https://www.wcnc.com/video/money/cash-up-for-grabs-in-federal-rebate-program/275-9d602892-bf91-4ee6-a82b-e811709425d4?jwsource=cl
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.wcnc.com/video/money/cash-up-for-grabs-in-federal-rebate-program/275-9d602892-bf91-4ee6-a82b-e811709425d4?jwsource=cl
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 15 May 2021 14:07:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 04 May 2021 19:46:40 GMT
etag
"1d7411e3386a1cf"
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=171594
x-cache-hits
0
accept-ranges
bytes
vary
Accept-Encoding
content-length
5312
x-xss-protection
1; mode=block
expires
Mon, 17 May 2021 13:47:39 GMT
bem.js
www.wcnc.com/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.wcnc.com/bem.js
Requested by
Host: www.wcnc.com
URL: https://www.wcnc.com/video/money/cash-up-for-grabs-in-federal-rebate-program/275-9d602892-bf91-4ee6-a82b-e811709425d4?jwsource=cl
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.18.234 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-18-234.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e97111aafb20d4a147b62e17a52d1205a6eec10de56f79cbcecb74b792d868dd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/bem.js
pragma
no-cache
cookie
usprivacy=1YNY
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.wcnc.com
referer
https://www.wcnc.com/video/money/cash-up-for-grabs-in-federal-rebate-program/275-9d602892-bf91-4ee6-a82b-e811709425d4?jwsource=cl
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.wcnc.com/video/money/cash-up-for-grabs-in-federal-rebate-program/275-9d602892-bf91-4ee6-a82b-e811709425d4?jwsource=cl
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 15 May 2021 14:07:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 04 May 2021 19:46:26 GMT
etag
"1d7411e2b2e5ca8"
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=168445
x-cache-hits
0
vha6-origin
tgna-varnish-ctrl-03
accept-ranges
bytes
vary
Accept-Encoding
content-length
1009
x-xss-protection
1; mode=block
expires
Mon, 17 May 2021 12:55:10 GMT
jquery.js
www.wcnc.com/ 		87 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.wcnc.com/jquery.js
Requested by
Host: www.wcnc.com
URL: https://www.wcnc.com/video/money/cash-up-for-grabs-in-federal-rebate-program/275-9d602892-bf91-4ee6-a82b-e811709425d4?jwsource=cl
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.18.234 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-18-234.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
cdaeb0ef01928c88da8f7022878a69a8dfa43f78963a0a9a5d17c4adbc336f4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/jquery.js
pragma
no-cache
cookie
usprivacy=1YNY
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.wcnc.com
referer
https://www.wcnc.com/video/money/cash-up-for-grabs-in-federal-rebate-program/275-9d602892-bf91-4ee6-a82b-e811709425d4?jwsource=cl
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.wcnc.com/video/money/cash-up-for-grabs-in-federal-rebate-program/275-9d602892-bf91-4ee6-a82b-e811709425d4?jwsource=cl
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 15 May 2021 14:07:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 04 May 2021 19:46:26 GMT
etag
"1d7411e2b2f095a"
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=168586
x-cache-hits
0
accept-ranges
bytes
vary
Accept-Encoding
content-length
39788
x-xss-protection
1; mode=block
expires
Mon, 17 May 2021 12:57:31 GMT
live-messages.js
www.wcnc.com/assets/js-libs/live-messages/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.wcnc.com/assets/js-libs/live-messages/live-messages.js
Requested by
Host: www.wcnc.com
URL: https://www.wcnc.com/video/money/cash-up-for-grabs-in-federal-rebate-program/275-9d602892-bf91-4ee6-a82b-e811709425d4?jwsource=cl
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.18.234 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-18-234.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
3fc7323b2e13107147cac7f90cce221e7efb2c7588f60911bc322a4722d88e6d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/assets/js-libs/live-messages/live-messages.js
pragma
no-cache
cookie
usprivacy=1YNY
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.wcnc.com
referer
https://www.wcnc.com/video/money/cash-up-for-grabs-in-federal-rebate-program/275-9d602892-bf91-4ee6-a82b-e811709425d4?jwsource=cl
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.wcnc.com/video/money/cash-up-for-grabs-in-federal-rebate-program/275-9d602892-bf91-4ee6-a82b-e811709425d4?jwsource=cl
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 15 May 2021 14:07:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 04 May 2021 19:46:24 GMT
etag
"1d7411e29fd2483"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=168713
x-cache-hits
0
accept-ranges
bytes
content-length
1078
x-xss-protection
1; mode=block
expires
Mon, 17 May 2021 12:59:38 GMT
modal_5.5.1.js
www.wcnc.com/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.wcnc.com/modal_5.5.1.js
Requested by
Host: www.wcnc.com
URL: https://www.wcnc.com/video/money/cash-up-for-grabs-in-federal-rebate-program/275-9d602892-bf91-4ee6-a82b-e811709425d4?jwsource=cl
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.18.234 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-18-234.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
d70e3039202264152b0c58cc609fdd12fa198fd2fcb9046ad42106525627afa2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/modal_5.5.1.js
pragma
no-cache
cookie
usprivacy=1YNY
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.wcnc.com
referer
https://www.wcnc.com/video/money/cash-up-for-grabs-in-federal-rebate-program/275-9d602892-bf91-4ee6-a82b-e811709425d4?jwsource=cl
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.wcnc.com/video/money/cash-up-for-grabs-in-federal-rebate-program/275-9d602892-bf91-4ee6-a82b-e811709425d4?jwsource=cl
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 15 May 2021 14:07:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 04 May 2021 19:46:30 GMT
etag
"1d7411e2d90aba1"
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=165685
x-cache-hits
2
accept-ranges
bytes
vary
Accept-Encoding
content-length
846
x-xss-protection
1; mode=block
expires
Mon, 17 May 2021 12:09:10 GMT
jquery-utils.js
www.wcnc.com/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.wcnc.com/jquery-utils.js
Requested by
Host: www.wcnc.com
URL: https://www.wcnc.com/video/money/cash-up-for-grabs-in-federal-rebate-program/275-9d602892-bf91-4ee6-a82b-e811709425d4?jwsource=cl
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.18.234 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-18-234.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
d25e0020e619e93bc1c3bd099646f505ff81224bcb664a7ba211e81d4818183e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/jquery-utils.js
pragma
no-cache
cookie
usprivacy=1YNY
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.wcnc.com
referer
https://www.wcnc.com/video/money/cash-up-for-grabs-in-federal-rebate-program/275-9d602892-bf91-4ee6-a82b-e811709425d4?jwsource=cl
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.wcnc.com/video/money/cash-up-for-grabs-in-federal-rebate-program/275-9d602892-bf91-4ee6-a82b-e811709425d4?jwsource=cl
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 15 May 2021 14:07:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 04 May 2021 19:46:26 GMT
etag
"1d7411e2b2e5e74"
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=142977
x-cache-hits
0
vha6-origin
tgna-varnish-east2-03
accept-ranges
bytes
vary
Accept-Encoding
content-length
1366
x-xss-protection
1; mode=block
expires
Mon, 17 May 2021 05:50:42 GMT
app-badge_5.5.1.js
www.wcnc.com/ 		642 B
796 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.wcnc.com/app-badge_5.5.1.js
Requested by
Host: www.wcnc.com
URL: https://www.wcnc.com/video/money/cash-up-for-grabs-in-federal-rebate-program/275-9d602892-bf91-4ee6-a82b-e811709425d4?jwsource=cl
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.18.234 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-18-234.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
bcd981b09aa80b5744acece2246e71309f2a7825b01603e49e55d8f83e828b03
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/app-badge_5.5.1.js
pragma
no-cache
cookie
usprivacy=1YNY
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.wcnc.com
referer
https://www.wcnc.com/video/money/cash-up-for-grabs-in-federal-rebate-program/275-9d602892-bf91-4ee6-a82b-e811709425d4?jwsource=cl
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.wcnc.com/video/money/cash-up-for-grabs-in-federal-rebate-program/275-9d602892-bf91-4ee6-a82b-e811709425d4?jwsource=cl
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 15 May 2021 14:07:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 04 May 2021 19:46:10 GMT
etag
"1d7411e21a4ef82"
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=165653
x-cache-hits
0
accept-ranges
bytes
vary
Accept-Encoding
content-length
523
x-xss-protection
1; mode=block
expires
Mon, 17 May 2021 12:08:38 GMT
pubads_impl_2021051001.js
securepubads.g.doubleclick.net/gpt/ 		303 KB
107 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051001.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
sffe /
Resource Hash
b19865c2e8366fc6cef8f869b9447b23243e4917d73591e554f1b697a1f8da9a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.wcnc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 15 May 2021 14:07:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 10 May 2021 08:38:30 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
109340
x-xss-protection
0
expires
Sat, 15 May 2021 14:07:45 GMT
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.5.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-5-125.vie50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Referer
https://www.wcnc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
eEYYOb32LZFr6yGAi8hXG4401uAIPew2
content-encoding
gzip
etag
W/"a4d296427fc806b21335359e398c025c"
age
46856
x-cache
Hit from cloudfront
access-control-max-age
3000
access-control-allow-origin
*
last-modified
Wed, 07 Apr 2021 05:49:36 GMT
server
AmazonS3
date
Sat, 15 May 2021 01:06:51 GMT
vary
Origin
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 f886f6227d3373aee9b545641306fb68.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
VIE50-C2
x-amz-cf-id
T1noUKllUpoS881V0idzBIT5GqRgBf2kixTXfR5XOK4IRWttx6Ymsw==
live-video-banner_5.5.1.js
www.wcnc.com/ 		1 KB
1019 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.wcnc.com/live-video-banner_5.5.1.js
Requested by
Host: www.wcnc.com
URL: https://www.wcnc.com/video/money/cash-up-for-grabs-in-federal-rebate-program/275-9d602892-bf91-4ee6-a82b-e811709425d4?jwsource=cl
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.18.234 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-18-234.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
b772d9b544e76e60f9304d449812c8bc4f67b8b67dafa5a089d82c982d6c9e44
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/live-video-banner_5.5.1.js
pragma
no-cache
cookie
usprivacy=1YNY
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.wcnc.com
referer
https://www.wcnc.com/video/money/cash-up-for-grabs-in-federal-rebate-program/275-9d602892-bf91-4ee6-a82b-e811709425d4?jwsource=cl
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.wcnc.com/video/money/cash-up-for-grabs-in-federal-rebate-program/275-9d602892-bf91-4ee6-a82b-e811709425d4?jwsource=cl
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 15 May 2021 14:07:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 04 May 2021 19:46:30 GMT
etag
"1d7411e2d90ab82"
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=177207
x-cache-hits
4
accept-ranges
bytes
vary
Accept-Encoding
content-length
747
x-xss-protection
1; mode=block
expires
Mon, 17 May 2021 15:21:12 GMT
header
www.wcnc.com/ajax/content/ 		514 B
697 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.wcnc.com/ajax/content/header
Requested by
Host: www.wcnc.com
URL: https://www.wcnc.com/common.min_5.5.1.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.18.234 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-18-234.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
f2952aeb4901aea0ec5383db704749906494f762738b2020ce306c4bd8e7cd8b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-fetch-mode
same-origin
accept-encoding
gzip, deflate, br
accept-language
en-US
sec-fetch-dest
empty
cookie
usprivacy=1YNY
:path
/ajax/content/header
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
application/json
accept
*/*
cache-control
no-cache
:authority
www.wcnc.com
referer
https://www.wcnc.com/video/money/cash-up-for-grabs-in-federal-rebate-program/275-9d602892-bf91-4ee6-a82b-e811709425d4?jwsource=cl
:scheme
https
sec-fetch-site
same-origin
:method
GET
pragma
no-cache
cache-control
no-cache
Referer
https://www.wcnc.com/video/money/cash-up-for-grabs-in-federal-rebate-program/275-9d602892-bf91-4ee6-a82b-e811709425d4?jwsource=cl
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 15 May 2021 14:07:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
expires
Sat, 15 May 2021 14:10:15 GMT
cache-control
max-age=149
accept-ranges
bytes
vary
Accept-Encoding
content-length
462
x-xss-protection
1; mode=block
x-cache-hits
1
jwplayer.js
www.wcnc.com/assets/js-libs/jwplayer/ 		112 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.wcnc.com/assets/js-libs/jwplayer/jwplayer.js
Requested by
Host: www.wcnc.com
URL: https://www.wcnc.com/video/money/cash-up-for-grabs-in-federal-rebate-program/275-9d602892-bf91-4ee6-a82b-e811709425d4?jwsource=cl
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.18.234 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-18-234.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
c1fdbb51cd82b45ed2f8ffe288f9cdb9e00d3c6398c1b1bbde936f751a73e613
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/assets/js-libs/jwplayer/jwplayer.js
pragma
no-cache
cookie
usprivacy=1YNY
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.wcnc.com
referer
https://www.wcnc.com/video/money/cash-up-for-grabs-in-federal-rebate-program/275-9d602892-bf91-4ee6-a82b-e811709425d4?jwsource=cl
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.wcnc.com/video/money/cash-up-for-grabs-in-federal-rebate-program/275-9d602892-bf91-4ee6-a82b-e811709425d4?jwsource=cl
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 15 May 2021 14:07:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 04 May 2021 19:46:16 GMT
etag
"1d7411e2539ca9a"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=168455
x-cache-hits
0
accept-ranges
bytes
content-length
47107
x-xss-protection
1; mode=block
expires
Mon, 17 May 2021 12:55:21 GMT
signalr.min.js
www.wcnc.com/assets/js-libs/signalr/ 		118 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.wcnc.com/assets/js-libs/signalr/signalr.min.js
Requested by
Host: www.wcnc.com
URL: https://www.wcnc.com/video/money/cash-up-for-grabs-in-federal-rebate-program/275-9d602892-bf91-4ee6-a82b-e811709425d4?jwsource=cl
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.18.234 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-18-234.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
c682f11f436b09c0f49e0f3c6ad3525000bec52c72754afa5692c16c9ece776f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/assets/js-libs/signalr/signalr.min.js
pragma
no-cache
cookie
usprivacy=1YNY
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.wcnc.com
referer
https://www.wcnc.com/video/money/cash-up-for-grabs-in-federal-rebate-program/275-9d602892-bf91-4ee6-a82b-e811709425d4?jwsource=cl
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.wcnc.com/video/money/cash-up-for-grabs-in-federal-rebate-program/275-9d602892-bf91-4ee6-a82b-e811709425d4?jwsource=cl
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 15 May 2021 14:07:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 04 May 2021 19:46:24 GMT
etag
"1d7411e29fcff3c"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=168126
x-cache-hits
0
accept-ranges
bytes
content-length
32811
x-xss-protection
1; mode=block
expires
Mon, 17 May 2021 12:49:52 GMT
otBannerSdk.js
cdn.cookielaw.org/scripttemplates/6.4.0/ 		324 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/6.4.0/otBannerSdk.js
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d165f84e466f4d1c4e4840e7bddf5e6e0114e114cf2c555078c40719498430dc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.wcnc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 15 May 2021 14:07:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
OXmd51EQ9oHx+DG8SQeJEg==
age
4640625
vary
Accept-Encoding
content-length
68972
cf-request-id
0a11f3d78d0000d6e1c0133000000001
x-ms-lease-status
unlocked
last-modified
Thu, 13 Aug 2020 04:48:11 GMT
server
cloudflare
etag
0x8D83F44153EEB2B
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
32323393-901e-007a-295e-1fb2ab000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=691200
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
64fcef38edcfd6e1-FRA
expires
Sun, 23 May 2021 14:07:46 GMT
negotiate
www.wcnc.com/tgnaMessage/ 		451 B
775 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.wcnc.com/tgnaMessage/negotiate
Requested by
Host: www.wcnc.com
URL: https://www.wcnc.com/assets/js-libs/signalr/signalr.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.18.234 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-18-234.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
bda5b27b7c31ac6ef9f7260e2b46ddcb02e659df1b0614c191a85b0f1165461f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-fetch-mode
cors
origin
https://www.wcnc.com
accept-encoding
gzip, deflate, br
accept-language
en-US
sec-fetch-dest
empty
x-requested-with
XMLHttpRequest
cookie
usprivacy=1YNY
content-length
0
:path
/tgnaMessage/negotiate
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain;charset=UTF-8
accept
*/*
cache-control
no-cache
:authority
www.wcnc.com
referer
https://www.wcnc.com/video/money/cash-up-for-grabs-in-federal-rebate-program/275-9d602892-bf91-4ee6-a82b-e811709425d4?jwsource=cl
:scheme
https
sec-fetch-site
same-origin
:method
POST
Referer
https://www.wcnc.com/video/money/cash-up-for-grabs-in-federal-rebate-program/275-9d602892-bf91-4ee6-a82b-e811709425d4?jwsource=cl
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sat, 15 May 2021 14:07:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
content-type
application/json
expires
Sat, 15 May 2021 14:11:06 GMT
cache-control
max-age=200
accept-ranges
bytes
vary
Accept-Encoding
content-length
551
x-xss-protection
1; mode=block
x-cache-hits
0
pwt.js
ads.pubmatic.com/AdServer/js/pwt/160138/3986/ 		367 KB
111 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/160138/3986/pwt.js
Requested by
Host: www.wcnc.com
URL: https://www.wcnc.com/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
9d67345f2b7684ed471d46c1042687a3cda65323d00aef597c11e9f261800d0f

Request headers

Referer
https://www.wcnc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 15 May 2021 14:07:46 GMT
Content-Encoding
gzip
Last-Modified
Mon, 10 May 2021 16:03:57 GMT
Server
Apache/2.2.15 (CentOS)
ETag
"14c1abb-5baed-5c1fbecd3cbb7"
Vary
Accept-Encoding
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
public, max-age=61681
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
text/javascript
Content-Length
112921
Expires
Sun, 16 May 2021 07:15:47 GMT
googima.js
ssl.p.jwpcdn.com/player/plugins/googima/v/8.8.9/ 		69 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.p.jwpcdn.com/player/plugins/googima/v/8.8.9/googima.js
Requested by
Host: www.wcnc.com
URL: https://www.wcnc.com/assets/js-libs/jwplayer/jwplayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
36213828ced246a1cf0a48bd06cc47a85ab14362cd629c02bd1afdebfc76873d

Request headers

Referer
https://www.wcnc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 15 May 2021 14:07:46 GMT
content-encoding
gzip
age
2023376
x-cache
HIT
content-length
20931
via
1.1 varnish
x-served-by
cache-hhn4021-HHN
last-modified
Thu, 10 Dec 2020 22:08:09 GMT
server
AmazonS3
x-timer
S1621087666.156903,VS0,VE0
etag
"6240686df4d402b1c25b3334a1af62a1"
vary
Accept-Encoding
content-type
text/plain
access-control-allow-origin
*
cache-control
max-age=31536000, immutable
accept-ranges
bytes
x-cache-hits
21055
jwpsrv.js
ssl.p.jwpcdn.com/player/v/8.18.4/ 		57 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.p.jwpcdn.com/player/v/8.18.4/jwpsrv.js
Requested by
Host: www.wcnc.com
URL: https://www.wcnc.com/assets/js-libs/jwplayer/jwplayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4c616b0445de7236c857bbcff63e3236985202ead1d6676dd74b6151a5d88800

Request headers

Referer
https://www.wcnc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 15 May 2021 14:07:46 GMT
content-encoding
gzip
age
391
x-cache
HIT
content-length
17360
via
1.1 varnish
x-served-by
cache-hhn4021-HHN
last-modified
Mon, 08 Feb 2021 19:59:45 GMT
server
AmazonS3
x-timer
S1621087666.157017,VS0,VE0
etag
"9babdf430d4678f3029506d58b1f0c17"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=900, immutable
accept-ranges
bytes
x-cache-hits
6
jwplayer.core.controls.js
ssl.p.jwpcdn.com/player/v/8.18.4/ 		298 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.p.jwpcdn.com/player/v/8.18.4/jwplayer.core.controls.js
Requested by
Host: www.wcnc.com
URL: https://www.wcnc.com/assets/js-libs/jwplayer/jwplayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fbddb5dc71dbc432fe3c0882955fd4942934d931ea1cf8ed3107b6f8e8f6c7c8

Request headers

Referer
https://www.wcnc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 15 May 2021 14:07:46 GMT
content-encoding
gzip
age
2030304
x-cache
HIT
content-length
78129
via
1.1 varnish
x-served-by
cache-hhn4021-HHN
last-modified
Fri, 15 Jan 2021 21:39:06 GMT
server
AmazonS3
x-timer
S1621087666.157115,VS0,VE0
etag
"bce8a935003a2164805362d8ad7026a6"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000, immutable
accept-ranges
bytes
x-cache-hits
24384
provider.hlsjs.js
ssl.p.jwpcdn.com/player/v/8.18.4/ 		283 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.p.jwpcdn.com/player/v/8.18.4/provider.hlsjs.js
Requested by
Host: www.wcnc.com
URL: https://www.wcnc.com/assets/js-libs/jwplayer/jwplayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
dfa05a5964f7993f83a296584170a7e49ace63db0891f1e53add0635e022bf6b

Request headers

Referer
https://www.wcnc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 15 May 2021 14:07:46 GMT
content-encoding
gzip
age
10314358
x-cache
HIT
content-length
87594
via
1.1 varnish
x-served-by
cache-hhn4021-HHN
last-modified
Fri, 15 Jan 2021 21:39:09 GMT
server
AmazonS3
x-timer
S1621087666.156997,VS0,VE1
etag
"7ad588058a2b5fbdc9f3b1642b7383fa"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000, immutable
accept-ranges
bytes
x-cache-hits
1
en.json
cdn.cookielaw.org/consent/1880d7df-5f80-423d-b83d-f0ab8b227a06/6136f85f-6938-4683-83a2-fc0fdc2ed231/ 		57 KB
13 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/1880d7df-5f80-423d-b83d-f0ab8b227a06/6136f85f-6938-4683-83a2-fc0fdc2ed231/en.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.4.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3a1b8041b461cc76efe8b2e53dfe10b3d12f06cb71504c0a6601ea86205d3034
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.wcnc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 15 May 2021 14:07:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
vyGxVS0pQkpbnolyvcabAw==
age
979
vary
Accept-Encoding
content-length
12943
cf-request-id
0a11f3d7f000000746b63cb000000001
x-ms-lease-status
unlocked
last-modified
Thu, 30 Jul 2020 19:30:41 GMT
server
cloudflare
etag
0x8D834BF0BF7D3C5
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
8f8a92cd-301e-0137-5f22-38321c000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
64fcef397baf0746-FRA
wx-65_32x32.png
www.wcnc.com/assets/shared-images/weather-icons/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.wcnc.com/assets/shared-images/weather-icons/wx-65_32x32.png
Requested by
Host: www.wcnc.com
URL: https://www.wcnc.com/video/money/cash-up-for-grabs-in-federal-rebate-program/275-9d602892-bf91-4ee6-a82b-e811709425d4?jwsource=cl
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.18.234 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-18-234.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
174ab6f83cfd4d727ecefe5da9c2f806c971bff23694858be705db16c633b556
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/assets/shared-images/weather-icons/wx-65_32x32.png
pragma
no-cache
cookie
usprivacy=1YNY
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.wcnc.com
referer
https://www.wcnc.com/video/money/cash-up-for-grabs-in-federal-rebate-program/275-9d602892-bf91-4ee6-a82b-e811709425d4?jwsource=cl
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.wcnc.com/video/money/cash-up-for-grabs-in-federal-rebate-program/275-9d602892-bf91-4ee6-a82b-e811709425d4?jwsource=cl
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 15 May 2021 14:07:46 GMT
x-content-type-options
nosniff
last-modified
Tue, 04 May 2021 19:46:06 GMT
etag
"1d7411e1f4295b6"
content-type
image/png
expires
Sun, 16 May 2021 04:04:02 GMT
cache-control
max-age=50176
accept-ranges
bytes
content-length
1718
x-xss-protection
1; mode=block
x-cache-hits
0
vNp04p8tEeOUdSIACmOLpg.json
entitlements.jwplayer.com/ 		70 B
245 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://entitlements.jwplayer.com/vNp04p8tEeOUdSIACmOLpg.json
Requested by
Host: www.wcnc.com
URL: https://www.wcnc.com/assets/js-libs/jwplayer/jwplayer.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.22.243 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frd/E2E2) /
Resource Hash
58a14ba2e3e773324e8b8aeadcd988bdd177f68e6bf65c5fcdd339032e536e61

Request headers

Referer
https://www.wcnc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 15 May 2021 14:07:46 GMT
content-encoding
gzip
last-modified
Sat, 15 May 2021 10:09:59 GMT
server
ECAcc (frd/E2E2)
age
14267
vary
Accept-Encoding
x-cache
HIT
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=1800, s-maxage=19860
accept-ranges
bytes
content-length
75
ima3.js
imasdk.googleapis.com/js/sdkloader/ 		334 KB
115 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: www.wcnc.com
URL: https://www.wcnc.com/assets/js-libs/jwplayer/jwplayer.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f74bdfeec83247edd199110ac967f48433637c2cd8dcac06c4de540abb3393e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.wcnc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 15 May 2021 14:07:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
117163
x-xss-protection
0
expires
Sat, 15 May 2021 14:07:46 GMT
comscore.min.js
www.wcnc.com/assets/js-libs/comscore/ 		87 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.wcnc.com/assets/js-libs/comscore/comscore.min.js
Requested by
Host: www.wcnc.com
URL: https://www.wcnc.com/video/money/cash-up-for-grabs-in-federal-rebate-program/275-9d602892-bf91-4ee6-a82b-e811709425d4?jwsource=cl
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.18.234 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-18-234.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
c24734b740915380b22b08f6f5bd88e5cfdce76cffbbd48fe9cfba9636c00d48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/assets/js-libs/comscore/comscore.min.js
pragma
no-cache
cookie
usprivacy=1YNY
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.wcnc.com
referer
https://www.wcnc.com/video/money/cash-up-for-grabs-in-federal-rebate-program/275-9d602892-bf91-4ee6-a82b-e811709425d4?jwsource=cl
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.wcnc.com/video/money/cash-up-for-grabs-in-federal-rebate-program/275-9d602892-bf91-4ee6-a82b-e811709425d4?jwsource=cl
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 15 May 2021 14:07:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 04 May 2021 19:46:12 GMT
etag
"1d7411e22d7470a"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=169098
x-cache-hits
0
accept-ranges
bytes
content-length
23166
x-xss-protection
1; mode=block
expires
Mon, 17 May 2021 13:06:04 GMT
otFlat.json
cdn.cookielaw.org/scripttemplates/6.4.0/assets/ 		12 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/6.4.0/assets/otFlat.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.4.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ae407e415a45b6c720d8d61fef8c28756883d0f546a64e7a2969d6174c669951
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.wcnc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 15 May 2021 14:07:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
6gV+HVzh3FZtolGVOUCRaQ==
age
116718
vary
Accept-Encoding
content-length
3248
cf-request-id
0a11f3d8110000074655aa0000000001
x-ms-lease-status
unlocked
last-modified
Thu, 13 Aug 2020 04:48:04 GMT
server
cloudflare
etag
0x8D83F4410917650
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
f2e9d00c-001e-0056-0783-483096000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=691200
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
64fcef39bc630746-FRA
expires
Sun, 23 May 2021 14:07:46 GMT
otPcCenter.json
cdn.cookielaw.org/scripttemplates/6.4.0/assets/ 		61 KB
15 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/6.4.0/assets/otPcCenter.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.4.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2f5bf5edcefe950e16d287cdcb9c28690952439098ee0639f4a960fe268ae231
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.wcnc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 15 May 2021 14:07:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
Ks8d5YTomxp0YggJVomz8A==
age
2233770
vary
Accept-Encoding
content-length
14901
cf-request-id
0a11f3d811000007465c8ff000000001
x-ms-lease-status
unlocked
last-modified
Thu, 13 Aug 2020 04:48:04 GMT
server
cloudflare
etag
0x8D83F4410E34EE2
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
14e1737d-201e-0027-7a42-3542af000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=691200
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
64fcef39bc650746-FRA
expires
Sun, 23 May 2021 14:07:46 GMT
related.js
ssl.p.jwpcdn.com/player/v/8.18.4/ 		106 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.p.jwpcdn.com/player/v/8.18.4/related.js
Requested by
Host: www.wcnc.com
URL: https://www.wcnc.com/assets/js-libs/jwplayer/jwplayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4e09b68632588396c28cfadd6fda5f86b0bd0e0119c955ea0ba8121c34c0fa37

Request headers

Referer
https://www.wcnc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 15 May 2021 14:07:46 GMT
content-encoding
gzip
age
1420793
x-cache
HIT
content-length
24438
via
1.1 varnish
x-served-by
cache-hhn4021-HHN
last-modified
Fri, 15 Jan 2021 21:39:11 GMT
server
AmazonS3
x-timer
S1621087666.279435,VS0,VE1
etag
"3444ba72502987ef98fe56e85bec1ecd"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000, immutable
accept-ranges
bytes
x-cache-hits
1
negotiate
tgna-ux-ctrl.service.signalr.net/client/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://tgna-ux-ctrl.service.signalr.net/client/negotiate?hub=tegnaonemessage&asrs.op=%2FtgnaMessage&asrs_request_id=CcJ3h2gjAAA%3D
Protocol
H2
Server
13.89.175.133 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
authorization,x-requested-with
Origin
https://www.wcnc.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Sat, 15 May 2021 14:07:46 GMT
access-control-allow-credentials
true
access-control-allow-headers
authorization,x-requested-with
access-control-allow-methods
POST
access-control-allow-origin
https://www.wcnc.com
strict-transport-security
max-age=15724800; includeSubDomains
negotiate
tgna-ux-ctrl.service.signalr.net/client/ 		282 B
404 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tgna-ux-ctrl.service.signalr.net/client/negotiate?hub=tegnaonemessage&asrs.op=%2FtgnaMessage&asrs_request_id=CcJ3h2gjAAA%3D
Requested by
Host: www.wcnc.com
URL: https://www.wcnc.com/assets/js-libs/signalr/signalr.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.89.175.133 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
1425c2cb6889b51138bd22417d62f500dcac0e9ad39a5af51094627724529e03
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.wcnc.com/
X-Requested-With
XMLHttpRequest
Authorization
Bearer eyJhbGciOiJIUzI1NiIsImtpZCI6IjQ2OTIwNjEyNyIsInR5cCI6IkpXVCJ9.eyJuYmYiOjE2MjEwODY5MDcsImV4cCI6MTYyMTA5MDUwNywiaWF0IjoxNjIxMDg2OTA3LCJhdWQiOiJodHRwczovL3RnbmEtdXgtY3RybC5zZXJ2aWNlLnNpZ25hbHIubmV0L2NsaWVudC8_aHViPXRlZ25hb25lbWVzc2FnZSJ9.ogp4Q-_xdykCw7kiCPC9OxFvAFvTZ6dAkgbXbLLnASo
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.wcnc.com
date
Sat, 15 May 2021 14:07:47 GMT
content-encoding
gzip
access-control-allow-credentials
true
vary
Accept-Encoding
strict-transport-security
max-age=15724800; includeSubDomains
content-type
application/json
366027c8-c78d-4d1a-9815-693b90679705
https://www.wcnc.com/ 		1 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
blob:https://www.wcnc.com/366027c8-c78d-4d1a-9815-693b90679705
Requested by
Host: www.wcnc.com
URL: https://www.wcnc.com/video/money/cash-up-for-grabs-in-federal-rebate-program/275-9d602892-bf91-4ee6-a82b-e811709425d4?jwsource=cl
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

Content-Range
bytes 0-1492/1493
Content-Length
1493
Content-Type
video/mp4
bridge3.458.0_en.html
imasdk.googleapis.com/js/core/ Frame 4D1A 		573 KB
187 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.458.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
081fe081ca1a1c7857c829ef147d17156961a29cbe66e56b31bb6fbefee16310
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
imasdk.googleapis.com
:scheme
https
:path
/js/core/bridge3.458.0_en.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.wcnc.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.wcnc.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
191944
date
Wed, 12 May 2021 01:40:52 GMT
expires
Thu, 12 May 2022 01:40:52 GMT
last-modified
Wed, 12 May 2021 01:31:31 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
304014
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
client.js
s0.2mdn.net/instream/video/ 		44 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.wcnc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 15 May 2021 14:07:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
expires
Sat, 15 May 2021 14:07:46 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 152E 		36 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.wcnc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 15 May 2021 13:39:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 14 Dec 2020 16:45:56 GMT
server
sffe
age
1723
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12603
x-xss-protection
0
expires
Sat, 15 May 2021 14:39:03 GMT
bid
c.amazon-adsystem.com/e/dtb/ 		176 B
549 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=3276&u=https%3A%2F%2Fwww.wcnc.com%2Fvideo%2Fmoney%2Fcash-up-for-grabs-in-federal-rebate-program%2F275-9d602892-bf91-4ee6-a82b-e811709425d4%3Fjwsource%3Dcl&pid=5zy5rFen3ThlJ&cb=0&ws=1600x1200&v=7.64.00&t=1000&slots=%5B%7B%22sd%22%3A%220%22%2C%22s%22%3A%5B%221140x250%22%2C%221140x600%22%2C%22970x250%22%2C%22728x90%22%2C%221x1%22%5D%2C%22sn%22%3A%22%2F32805352%2Fnc-charlotte-WCNC-B3352_DesktopTablet%2Ffront_universal%2Fmoney%22%7D%5D&pj=%7B%22us_privacy%22%3A%221---%22%7D&cfgv=0&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.5.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-5-125.vie50.r.cloudfront.net
Software
Server /
Resource Hash
d3cc6a23eb5853b54cfb653bf511d55bdcd62368a8c3627d6ebfe6678fe5217b

Request headers

Referer
https://www.wcnc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 15 May 2021 14:07:46 GMT
content-encoding
gzip
server
Server
x-amz-cf-pop
VIE50-C2
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.wcnc.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
164
via
1.1 a4035907ac3c3ba8d1fd116b6b6b9a4d.cloudfront.net (CloudFront)
x-amz-cf-id
--3F3sDrD3VzQcpl_lwNGdEPOgDVLFjnX4UGT6LR1g_qVeDgVAkVOw==
v2
e.serverbid.com/api/ 		16 B
166 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://e.serverbid.com/api/v2
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160138/3986/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
167.172.1.14 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
903eb8f1cc364e01930ba03579f049a72794aa91d1a5842a2edb6365e436bb7c

Request headers

Referer
https://www.wcnc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.wcnc.com
date
Sat, 15 May 2021 14:07:46 GMT
access-control-allow-credentials
true
content-length
16
vary
Origin
content-type
application/json
/
hb.emxdgt.com/ 		0
157 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.emxdgt.com/?t=950&ts=1621087666410&src=pbjs
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160138/3986/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.196.230.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-196-230-57.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.wcnc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.wcnc.com
date
Sat, 15 May 2021 14:07:46 GMT
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
security, Content-Type
auction
tlx.3lift.com/header/ 		19 B
475 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=4.25.0&referrer=https%3A%2F%2Fwww.wcnc.com%2Fvideo%2Fmoney%2Fcash-up-for-grabs-in-federal-rebate-program%2F275-9d602892-bf91-4ee6-a82b-e811709425d4%3Fjwsource%3Dcl&tmax=950&us_privacy=1YNY
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160138/3986/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.125.137.77 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-125-137-77.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.wcnc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 15 May 2021 14:07:46 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
access-control-allow-origin
https://www.wcnc.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
hb
hb.undertone.com/ 		0
447 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.undertone.com/hb?pid=3009&domain=wcnc.com&ccpa=1YNY
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160138/3986/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211a:9800:1f:df94:f9c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.wcnc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 15 May 2021 14:07:46 GMT
via
1.1 47b3fa796fd76d32bef114d0b8ce8cad.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
VIE50-C2
x-cache
Miss from cloudfront
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSDo OUR BUS UNI COM NAV"
access-control-allow-origin
https://www.wcnc.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
x-envoy-upstream-service-time
3
x-amz-cf-id
q7PiJsKpCJ2zF41sgjvI1SyAxcBLNyTAHP8XqtHijPiUHU8hpHfIBw==
expires
Mon, 26 Jul 1997 05:00:00 GMT
translator
hbopenbid.pubmatic.com/ 		0
114 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=ow-client
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160138/3986/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.wcnc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.wcnc.com
date
Sat, 15 May 2021 14:07:45 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
111 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160138/3986/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.213.60 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.wcnc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.wcnc.com
date
Sat, 15 May 2021 14:07:46 GMT
access-control-allow-credentials
true
vary
Origin
cdb
bidder.criteo.com/ 		0
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=33&wv=4.25.0&cb=27761256141
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160138/3986/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.wcnc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.wcnc.com
date
Sat, 15 May 2021 14:07:46 GMT
access-control-allow-credentials
true
server
Finatra
timing-allow-origin
*
vary
Origin
cygnus
htlb.casalemedia.com/ 		25 B
683 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=646744&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2215491b0dd03143f%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.wcnc.com%2Fvideo%2Fmoney%2Fcash-up-for-grabs-in-federal-rebate-program%2F275-9d602892-bf91-4ee6-a82b-e811709425d4%3Fjwsource%3Dcl%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allU%22%3A1%2C%22ren%22%3Afalse%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22us_privacy%22%3A%221YNY%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22162c0786a0e72c9%22%2C%22ext%22%3A%7B%22siteID%22%3A%22646744%22%2C%22sid%22%3A%22970x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22179f0883f42874%22%2C%22ext%22%3A%7B%22siteID%22%3A%22646744%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160138/3986/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.25.115.31 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-25-115-31.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e5fe75940ef4f7d560b70139c1a0219793d3c21cfd690760e0831774f65aa1d0

Request headers

Referer
https://www.wcnc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 15 May 2021 14:07:46 GMT
content-encoding
gzip
x-ak-initial-geo
CC:[CH], RC:[ZH], CN:[EU], CIP:[84.17.53.163], XFF:[]
server
Apache
vary
Is-Traffic-Invalid,Accept-Encoding
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
access-control-allow-origin
https://www.wcnc.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-type
application/json
content-length
45
x-ak-client-geo
12
expires
Sat, 15 May 2021 14:07:46 GMT
bid
c.amazon-adsystem.com/e/dtb/ 		176 B
539 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=3276&u=https%3A%2F%2Fwww.wcnc.com%2Fvideo%2Fmoney%2Fcash-up-for-grabs-in-federal-rebate-program%2F275-9d602892-bf91-4ee6-a82b-e811709425d4%3Fjwsource%3Dcl&pid=5zy5rFen3ThlJ&cb=1&ws=1600x1200&v=7.64.00&t=1000&slots=%5B%7B%22sd%22%3A%221%22%2C%22s%22%3A%5B%22112x38%22%5D%2C%22sn%22%3A%22%2F32805352%2Fnc-charlotte-WCNC-B3352_DesktopTablet%2Fmasthead_sponsor%2Fmoney%22%7D%5D&pj=%7B%22us_privacy%22%3A%221---%22%7D&cfgv=0&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.5.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-5-125.vie50.r.cloudfront.net
Software
Server /
Resource Hash
9e41ff7f2f9527f9f68e87e21f6fcea9a2f380999869354e71c6d45e9482812d

Request headers

Referer
https://www.wcnc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 15 May 2021 14:07:46 GMT
content-encoding
gzip
server
Server
x-amz-cf-pop
VIE50-C2
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.wcnc.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
163
via
1.1 a4035907ac3c3ba8d1fd116b6b6b9a4d.cloudfront.net (CloudFront)
x-amz-cf-id
OvWNXTwGoH7pbcHBlzwdMLagLapq-VGeiDnEDHOCID27M3IGOF1exw==
bid
c.amazon-adsystem.com/e/dtb/ 		176 B
539 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=3276&u=https%3A%2F%2Fwww.wcnc.com%2Fvideo%2Fmoney%2Fcash-up-for-grabs-in-federal-rebate-program%2F275-9d602892-bf91-4ee6-a82b-e811709425d4%3Fjwsource%3Dcl&pid=5zy5rFen3ThlJ&cb=2&ws=1600x1200&v=7.64.00&t=1000&slots=%5B%7B%22sd%22%3A%222%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F32805352%2Fnc-charlotte-WCNC-B3352_DesktopTablet%2Ffront_atf%2Fmoney%22%7D%5D&pj=%7B%22us_privacy%22%3A%221---%22%7D&cfgv=0&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.5.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-5-125.vie50.r.cloudfront.net
Software
Server /
Resource Hash
60ae8e358a5baa13dc2222a458efebfab53bffc351789f13602cd5bba9dc0d24

Request headers

Referer
https://www.wcnc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 15 May 2021 14:07:46 GMT
content-encoding
gzip
server
Server
x-amz-cf-pop
VIE50-C2
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.wcnc.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
164
via
1.1 a4035907ac3c3ba8d1fd116b6b6b9a4d.cloudfront.net (CloudFront)
x-amz-cf-id
dz1SJLbBla_TYQivi0CMnSKvr9xp_oUuRA8uW2CXcHmqkmI7cjrujQ==
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
112 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160138/3986/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.213.60 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.wcnc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.wcnc.com
date
Sat, 15 May 2021 14:07:46 GMT
access-control-allow-credentials
true
vary
Origin
cygnus
htlb.casalemedia.com/ 		25 B
683 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=646798&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2220ba7568326a0cd%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.wcnc.com%2Fvideo%2Fmoney%2Fcash-up-for-grabs-in-federal-rebate-program%2F275-9d602892-bf91-4ee6-a82b-e811709425d4%3Fjwsource%3Dcl%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allU%22%3A1%2C%22ren%22%3Afalse%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22us_privacy%22%3A%221YNY%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%222183a290ca57447%22%2C%22ext%22%3A%7B%22siteID%22%3A%22646798%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160138/3986/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.25.115.31 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-25-115-31.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
202a9cabd46d72d09eabd4600ce3c0b3f793c460ff6d4240f8fb216f36581cd6

Request headers

Referer
https://www.wcnc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 15 May 2021 14:07:46 GMT
content-encoding
gzip
x-ak-initial-geo
CC:[CH], RC:[ZH], CN:[EU], CIP:[84.17.53.163], XFF:[]
server
Apache
vary
Is-Traffic-Invalid,Accept-Encoding
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
access-control-allow-origin
https://www.wcnc.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-type
application/json
content-length
45
x-ak-client-geo
12
expires
Sat, 15 May 2021 14:07:46 GMT
/
hb.emxdgt.com/ 		0
156 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.emxdgt.com/?t=950&ts=1621087666441&src=pbjs
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160138/3986/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.196.230.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-196-230-57.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.wcnc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.wcnc.com
date
Sat, 15 May 2021 14:07:46 GMT
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
security, Content-Type
cdb
bidder.criteo.com/ 		0
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=33&wv=4.25.0&cb=17380938480
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160138/3986/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.wcnc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.wcnc.com
date
Sat, 15 May 2021 14:07:46 GMT
access-control-allow-credentials
true
server
Finatra
timing-allow-origin
*
vary
Origin
auction
tlx.3lift.com/header/ 		19 B
475 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=4.25.0&referrer=https%3A%2F%2Fwww.wcnc.com%2Fvideo%2Fmoney%2Fcash-up-for-grabs-in-federal-rebate-program%2F275-9d602892-bf91-4ee6-a82b-e811709425d4%3Fjwsource%3Dcl&tmax=950&us_privacy=1YNY
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160138/3986/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.125.137.77 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-125-137-77.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.wcnc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 15 May 2021 14:07:46 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
access-control-allow-origin
https://www.wcnc.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
hb
hb.undertone.com/ 		0
446 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.undertone.com/hb?pid=3009&domain=wcnc.com&ccpa=1YNY
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160138/3986/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211a:9800:1f:df94:f9c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.wcnc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 15 May 2021 14:07:46 GMT
via
1.1 47b3fa796fd76d32bef114d0b8ce8cad.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
VIE50-C2
x-cache
Miss from cloudfront
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSDo OUR BUS UNI COM NAV"
access-control-allow-origin
https://www.wcnc.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
x-amz-cf-id
JZEseHcWcta7YA8Q9b-9lPmMFsfgG3zO7_dcozJZGAY07oQtAh3VEQ==
expires
Mon, 26 Jul 1997 05:00:00 GMT
v2
e.serverbid.com/api/ 		16 B
166 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://e.serverbid.com/api/v2
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160138/3986/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
167.172.1.14 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
903eb8f1cc364e01930ba03579f049a72794aa91d1a5842a2edb6365e436bb7c

Request headers

Referer
https://www.wcnc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.wcnc.com
date
Sat, 15 May 2021 14:07:46 GMT
access-control-allow-credentials
true
content-length
16
vary
Origin
content-type
application/json
translator
hbopenbid.pubmatic.com/ 		5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=ow-client
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160138/3986/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
47322e807cfc93f44b01789c1fc54f8518857b3777b4943b0313e04cda925635

Request headers

Referer
https://www.wcnc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.wcnc.com
date
Sat, 15 May 2021 14:07:45 GMT
content-encoding
gzip
x-openrtb-version
2.3
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
application/json
ping.gif
ping-meta-prd.jwpltx.com/v1/jwplayer6/ 		0
26 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ping-meta-prd.jwpltx.com/v1/jwplayer6/ping.gif?h=-1360071020&e=xapi&n=7103775316261574&aid=vNp04p8tEeOUdSIACmOLpg&emi=1nilz3ewqrwl&id=oaWOMr7I&pli=1ueelhlu50gu&pv=8.18.4&tv=3.35.0&ed=3&prs=idle&ph=0&sdk=0&xam=on&xfmp=setupError&sa=1621087666509
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.wcnc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 15 May 2021 14:07:46 GMT
via
1.1 varnish
server
nginx
accept-ranges
bytes
x-served-by
cache-hhn4021-HHN
x-cache
MISS
x-cache-hits
0
ping.gif
prd.jwpltx.com/v1/jwplayer6/ 		0
50 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prd.jwpltx.com/v1/jwplayer6/ping.gif?h=531220436&e=e&n=3099519317343666&abc=0&aid=vNp04p8tEeOUdSIACmOLpg&amp=0&at=1&c=1&ccp=0&cp=0&d=1&eb=0&ed=3&emi=1nilz3ewqrwl&i=0&id=oaWOMr7I&lsa=fail&mt=0&pbd=1&pbr=1&pgi=wb1739fvp7mu&ph=0&pii=0&pl=422&plc=1&pli=1ueelhlu50gu&pp=hlsjs&prc=0&ps=4&pss=1&pt=Cash%20up%20for%20grabs%20in%20federal%20rebate%20program%20%7C%20wcnc.com&pu=https%3A%2F%2Fwww.wcnc.com%2Fvideo%2Fmoney%2Fcash-up-for-grabs-in-federal-rebate-program%2F275-9d602892-bf91-4ee6-a82b-e811709425d4%3Fjwsource%3Dcl&pv=8.18.4&pyc=0&s=1&sdk=0&stc=1&stpe=0&t=Cash%20up%20for%20grabs%20in%20federal%20rebate%20program&tv=3.35.0&vb=1&vi=1&vl=90&wd=750&ab=1&cae=0&cb=1&cdid=video-aff406f2-a5dc-4297-ba40-a2f0a1f2cb0e&cme=0&dd=1&flc=0&fv=&ga=0&lng=en-US&mk=hls&mu=https%3A%2F%2Fvideo.tegna-media.com%2Fassets%2FWCNC%2Fvideos%2F9d602892-bf91-4ee6-a82b-e811709425d4%2F9d602892-bf91-4ee6-a82b-e811709425d4.m3u8&pbc=0&pd=2&pdr=&plng=en-US&plt=1950&pni=0&po=1&pogt=Cash%20up%20for%20grabs%20in%20federal%20rebate%20program&rf=https%3A%2F%2Fcdn.jwplayer.com%2Fv2%2Fplaylists%2FbKXailFi%3Fformat%3Djson%26recency%3D2D&sp=0&srf=cl&st=140&sa=1621087666509
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.wcnc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 15 May 2021 14:07:46 GMT
via
1.1 varnish
server
nginx
accept-ranges
bytes
x-served-by
cache-hhn4021-HHN
x-cache
MISS
x-cache-hits
0
ping.gif
prd.jwpltx.com/v1/jwplayer6/ 		0
77 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prd.jwpltx.com/v1/jwplayer6/ping.gif?h=39869864&e=ana&n=3174557264705955&aid=vNp04p8tEeOUdSIACmOLpg&emi=1nilz3ewqrwl&id=oaWOMr7I&pli=1ueelhlu50gu&pv=8.18.4&tv=3.35.0&sa=1621087666509
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.wcnc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 15 May 2021 14:07:46 GMT
via
1.1 varnish
server
nginx
accept-ranges
bytes
x-served-by
cache-hhn4021-HHN
x-cache
MISS
x-cache-hits
0
integrator.js
adservice.google.de/adsid/ 		107 B
799 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.wcnc.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.wcnc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 15 May 2021 14:07:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
553 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.wcnc.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.wcnc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 15 May 2021 14:07:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		487 B
291 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4422469680201682&correlator=3915330912005441&output=ldjh&impl=fifs&eid=31060842%2C21064365%2C21068030%2C31060990&vrg=2021051001&ptt=17&us_privacy=1YNY&sc=1&sfv=1-0-38&ecs=20210515&iu_parts=32805352%2Cnc-charlotte-WCNC-B3352_DesktopTablet%2Cmasthead_sponsor%2Cmoney&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=112x38&prev_scp=amznbid%3D2%26amznsz%3D0x0%26amznp%3D2&eri=1&cust_params=video_included%3DTrue%26ttid%3D9d602892-bf91-4ee6-a82b-e811709425d4%26pgtype%3Dvideo%26topic_section%3D%26url%3Dhttps%253A%252F%252Fwww.wcnc.com%252Fvideo%252Fmoney%252Fcash-up-for-grabs-in-federal-rebate-program%252F275-9d602892-bf91-4ee6-a82b-e811709425d4%253Fjwsource%253Dcl&cookie_enabled=1&bc=31&abxe=1&lmt=1621087666&dt=1621087666641&dlt=1621087665585&idt=507&frm=20&biw=1600&bih=1200&oid=3&adxs=-12245933&adys=-12245933&adks=247784063&ucis=1&ifi=1&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.wcnc.com%2Fvideo%2Fmoney%2Fcash-up-for-grabs-in-federal-rebate-program%2F275-9d602892-bf91-4ee6-a82b-e811709425d4%3Fjwsource%3Dcl&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x0&msz=0x0&ga_vid=1370277086.1621087667&ga_sid=1621087667&ga_hid=1284077479&ga_fc=false&fws=644&ohw=1600&btvi=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051001.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
eeddf3677f094ef1f1d550ee477db1334e751427ed120fedda94b2a13f9c9b4d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.wcnc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 15 May 2021 14:07:46 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
261
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.wcnc.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
c70b44ee1a804784c16670da0322118d.safeframe.googlesyndication.com/safeframe/1-0-38/html/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://c70b44ee1a804784c16670da0322118d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.wcnc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
container.html
tpc.googlesyndication.com/safeframe/1-0-38/html/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.wcnc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
Cookie set iu3
aax-eu.amazon-adsystem.com/s/ Frame 48D0
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_ox-db5_dm_n-smaato_pm-db5_ym_rbd_n-emx_n-vmg_an-db5_sovrn_3lift
  • https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_ox-db5_dm_n-smaato_pm-db5_ym_rbd_n-emx_n-vmg_an-db5_sovrn_3lift&dcc=t
298 B
967 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_ox-db5_dm_n-smaato_pm-db5_ym_rbd_n-emx_n-vmg_an-db5_sovrn_3lift&dcc=t
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.124.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
8adf835b297f18aa78975306db085e99a6518696fa8faed144ef25e8024d9038

Request headers

Host
aax-eu.amazon-adsystem.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.wcnc.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
ad-id=Axjk1NBQ1ESzg8z6gEhmDR4|t
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.wcnc.com/

Response headers

Server
Server
Date
Sat, 15 May 2021 14:07:47 GMT
Content-Type
text/html;charset=ISO-8859-1
Content-Length
230
Connection
keep-alive
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Set-Cookie
ad-id=Axjk1NBQ1ESzg8z6gEhmDR4; Domain=.amazon-adsystem.com; Expires=Sat, 01-Jan-2022 14:07:46 GMT; Path=/; Secure; HttpOnly; SameSite=None ad-privacy=0; Domain=.amazon-adsystem.com; Expires=Wed, 01-Jul-2026 14:07:47 GMT; Path=/; Secure; HttpOnly; SameSite=None
Vary
Accept-Encoding,User-Agent
Content-Encoding
gzip

Redirect headers

Server
Server
Date
Sat, 15 May 2021 14:07:46 GMT
Content-Length
0
Connection
keep-alive
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_ox-db5_dm_n-smaato_pm-db5_ym_rbd_n-emx_n-vmg_an-db5_sovrn_3lift&dcc=t
Set-Cookie
ad-id=Axjk1NBQ1ESzg8z6gEhmDR4|t; Domain=.amazon-adsystem.com; Expires=Sat, 01-Jan-2022 14:07:46 GMT; Path=/; Secure; HttpOnly; SameSite=None
Vary
User-Agent
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.wcnc.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051001.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.wcnc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 15 May 2021 14:07:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.wcnc.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051001.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.wcnc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 15 May 2021 14:07:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		15 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4422469680201682&correlator=2190986152639222&output=ldjh&impl=fifs&eid=31060842%2C21064365%2C21068030%2C31060990&vrg=2021051001&ptt=17&us_privacy=1YNY&sc=1&sfv=1-0-38&ecs=20210515&iu_parts=32805352%2Cnc-charlotte-WCNC-B3352_DesktopTablet%2Cfront_universal%2Cmoney&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=1140x250%7C1140x600%7C970x250%7C728x90%7C1x1&prev_scp=amznbid%3D2%26amznsz%3D0x0%26amznp%3D2&eri=1&cust_params=video_included%3DTrue%26ttid%3D9d602892-bf91-4ee6-a82b-e811709425d4%26pgtype%3Dvideo%26topic_section%3D%26url%3Dhttps%253A%252F%252Fwww.wcnc.com%252Fvideo%252Fmoney%252Fcash-up-for-grabs-in-federal-rebate-program%252F275-9d602892-bf91-4ee6-a82b-e811709425d4%253Fjwsource%253Dcl&cookie_enabled=1&bc=31&abxe=1&lmt=1621087666&dt=1621087666808&dlt=1621087665585&idt=507&frm=20&biw=1600&bih=1200&oid=3&adxs=230&adys=30&adks=2159144634&ucis=2&ifi=2&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.wcnc.com%2Fvideo%2Fmoney%2Fcash-up-for-grabs-in-federal-rebate-program%2F275-9d602892-bf91-4ee6-a82b-e811709425d4%3Fjwsource%3Dcl&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x-1&msz=1140x-1&ga_vid=1370277086.1621087667&ga_sid=1621087667&ga_hid=1284077479&ga_fc=false&fws=516&ohw=1600&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051001.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
394fbee3f40224fe0d37a0987ea217e45e2019289ac8b895715fde9fec2c6d5d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.wcnc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 15 May 2021 14:07:47 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8475
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.wcnc.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		42 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4422469680201682&correlator=940569279153107&output=ldjh&impl=fifs&eid=31060842%2C21064365%2C21068030%2C31060990&vrg=2021051001&ptt=17&us_privacy=1YNY&sc=1&sfv=1-0-38&ecs=20210515&iu_parts=32805352%2Cnc-charlotte-WCNC-B3352_DesktopTablet%2Cfront_atf%2Cmoney&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=300x250&prev_scp=amznbid%3D2%26amznsz%3D0x0%26amznp%3D2%26pwtsid%3D26c624e2ebf41f3%26pwtbst%3D1%26pwtecp%3D0.04%26pwtpid%3Dpubmatic%26pwtpubid%3D160138%26pwtprofid%3D3986%26pwtverid%3D2%26pwtsz%3D300x250%26pwtplt%3Ddisplay&eri=1&cust_params=video_included%3DTrue%26ttid%3D9d602892-bf91-4ee6-a82b-e811709425d4%26pgtype%3Dvideo%26topic_section%3D%26url%3Dhttps%253A%252F%252Fwww.wcnc.com%252Fvideo%252Fmoney%252Fcash-up-for-grabs-in-federal-rebate-program%252F275-9d602892-bf91-4ee6-a82b-e811709425d4%253Fjwsource%253Dcl&cookie_enabled=1&bc=31&abxe=1&lmt=1621087666&dt=1621087666819&dlt=1621087665585&idt=507&frm=20&biw=1600&bih=1200&oid=3&adxs=1040&adys=175&adks=3190145751&ucis=3&ifi=3&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.wcnc.com%2Fvideo%2Fmoney%2Fcash-up-for-grabs-in-federal-rebate-program%2F275-9d602892-bf91-4ee6-a82b-e811709425d4%3Fjwsource%3Dcl&vis=1&dmc=8&scr_x=0&scr_y=0&psz=360x310&msz=360x310&ga_vid=1370277086.1621087667&ga_sid=1621087667&ga_hid=1284077479&ga_fc=false&fws=516&ohw=1600&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051001.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
9dc239c6f331ca10ed94790e3f3af7d432a8d004806e0bf76fc855ffffc621a2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.wcnc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 15 May 2021 14:07:47 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10807
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.wcnc.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
2000210.html
serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/ Frame C58B
Redirect Chain
  • https://sync.serverbid.com/ss/2000210.html
  • https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000210.html
7 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000210.html
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160138/3986/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
f19e9316ce9a7698f51e07bda20607b8488b16c7145b7892050a8c2148643ba0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Host
serverbid-sync.nyc3.cdn.digitaloceanspaces.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.wcnc.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.wcnc.com/

Response headers

Date
Sat, 15 May 2021 14:07:47 GMT
Connection
Keep-Alive
Cache-Control
max-age=51000
Content-Length
7375
Content-Type
text/html
Last-Modified
Tue, 08 Dec 2020 16:27:54 GMT
Accept-Ranges
bytes
etag
"f8f85bc3827aaa87417c59102b86160a"
x-amz-request-id
tx00000000000000f98de63-00609f4b6b-4d842b1-nyc3a
age
239
strict-transport-security
max-age=15552000; includeSubDomains; preload
Vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin
X-HW
1621087667.dop244.am5.t,1621087667.cds247.am5.shn,1621087667.dop244.am5.t,1621087667.cds246.am5.c

Redirect headers

content-length
0
location
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000210.html
cache-control
no-cache
usersync.html
cdn.undertone.com/js/ Frame 204F 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.undertone.com/js/usersync.html?ccpa=1YNY
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160138/3986/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2190:c000:1f:2473:9080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
21d46bb0a238b8c1b0ab5ea12b5fa6cab58b90e30ca08727321e1e40e2970046

Request headers

:method
GET
:authority
cdn.undertone.com
:scheme
https
:path
/js/usersync.html?ccpa=1YNY
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.wcnc.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.wcnc.com/

Response headers

content-type
text/html
last-modified
Wed, 16 Dec 2020 12:35:23 GMT
server
AmazonS3
content-encoding
gzip
date
Fri, 14 May 2021 23:24:05 GMT
etag
W/"8ee422394c26ec0371c4676b43dd838d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 e1532b3ffd3d84bfecb9972a863a75ef.cloudfront.net (CloudFront)
x-amz-cf-pop
ZRH50-C1
x-amz-cf-id
qcWrJ1hu3NnykVCBLdI2UpImPlTw3XiKpzn95AeK-0BY4icMUMqkhQ==
age
53022
ixmatch.html
js-sec.indexww.com/um/ Frame 057A 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160138/3986/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Host
js-sec.indexww.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.wcnc.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.wcnc.com/

Response headers

Server
Apache
Last-Modified
Thu, 11 Feb 2021 16:12:45 GMT
ETag
"e20015-90b-5bb11ca420f07"
Accept-Ranges
bytes
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Date
Sat, 15 May 2021 14:07:46 GMT
Content-Length
1151
Connection
keep-alive
sync
eb2.3lift.com/ Frame 05E1 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?us_privacy=1YNY&
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160138/3986/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.121.70.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a4638d140c7a66cf9be9a72a4297037ebafd5465e1f1e7ea44df31fb5ecb4b68

Request headers

:method
GET
:authority
eb2.3lift.com
:scheme
https
:path
/sync?us_privacy=1YNY&
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.wcnc.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
tluid=12561668302868140987
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.wcnc.com/

Response headers

date
Sat, 15 May 2021 14:07:46 GMT
content-type
text/html; charset=utf-8
content-length
479
set-cookie
sync=CgoIgQIQgobrgpcvCgoIkQIQgobrgpcvCgoI4gEQgobrgpcvCgoIkgIQgobrgpcvCgoI5gEQgobrgpcvCgoIhwIQgobrgpcvCgkIOhCChuuCly8KCQgLEIKG64KXLwoJCF8QgobrgpcvCgkIHxCChuuCly8=; Max-Age=7776000; Expires=Fri, 13 Aug 2021 14:07:46 GMT; Path=/sync; Domain=.3lift.com; SameSite=None; Secure tluid=12561668302868140987; Max-Age=7776000; Expires=Fri, 13 Aug 2021 14:07:46 GMT; Path=/; Domain=.3lift.com; SameSite=None; Secure
content-encoding
gzip
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
cache-control
no-cache, no-store, must-revalidate
2000210.html
serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/ Frame C2A4
Redirect Chain
  • https://sync.serverbid.com/ss/2000210.html
  • https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000210.html
7 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000210.html
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160138/3986/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
f19e9316ce9a7698f51e07bda20607b8488b16c7145b7892050a8c2148643ba0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Host
serverbid-sync.nyc3.cdn.digitaloceanspaces.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.wcnc.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.wcnc.com/

Response headers

Date
Sat, 15 May 2021 14:07:47 GMT
Connection
Keep-Alive
Cache-Control
max-age=51000
Content-Length
7375
Content-Type
text/html
Last-Modified
Tue, 08 Dec 2020 16:27:54 GMT
Accept-Ranges
bytes
etag
"f8f85bc3827aaa87417c59102b86160a"
x-amz-request-id
tx00000000000000f98de63-00609f4b6b-4d842b1-nyc3a
age
239
strict-transport-security
max-age=15552000; includeSubDomains; preload
Vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin
X-HW
1621087667.dop244.am5.t,1621087667.cds247.am5.shn,1621087667.dop244.am5.t,1621087667.cds246.am5.c

Redirect headers

content-length
0
location
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000210.html
cache-control
no-cache
usersync.html
cdn.undertone.com/js/ Frame 60F6 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.undertone.com/js/usersync.html?ccpa=1YNY
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160138/3986/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2190:c000:1f:2473:9080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
21d46bb0a238b8c1b0ab5ea12b5fa6cab58b90e30ca08727321e1e40e2970046

Request headers

:method
GET
:authority
cdn.undertone.com
:scheme
https
:path
/js/usersync.html?ccpa=1YNY
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.wcnc.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.wcnc.com/

Response headers

content-type
text/html
last-modified
Wed, 16 Dec 2020 12:35:23 GMT
server
AmazonS3
content-encoding
gzip
date
Fri, 14 May 2021 23:24:05 GMT
etag
W/"8ee422394c26ec0371c4676b43dd838d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 e1532b3ffd3d84bfecb9972a863a75ef.cloudfront.net (CloudFront)
x-amz-cf-pop
ZRH50-C1
x-amz-cf-id
3KtMAYk3oXFb_IVOteOONr6Chj90B609YsSGX6rTkTw51RtGCbZygw==
age
53022
showad.js
ads.pubmatic.com/AdServer/js/ Frame 131D 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160138/3986/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
1b95ffd8d5e131d47fa1a5ab65bca620eeef87328c413940cd60a9fbcedf4b74

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.wcnc.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.wcnc.com/

Response headers

Last-Modified
Tue, 11 May 2021 05:24:02 GMT
ETag
"13006b6-96ca-5c2071a26cca4"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
13964
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=110903
Expires
Sun, 16 May 2021 20:56:09 GMT
Date
Sat, 15 May 2021 14:07:46 GMT
Connection
keep-alive
Vary
Accept-Encoding
sync
eb2.3lift.com/ Frame 55EC 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?us_privacy=1YNY&
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160138/3986/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.121.70.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a4638d140c7a66cf9be9a72a4297037ebafd5465e1f1e7ea44df31fb5ecb4b68

Request headers

:method
GET
:authority
eb2.3lift.com
:scheme
https
:path
/sync?us_privacy=1YNY&
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.wcnc.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
tluid=12561668302868140987
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.wcnc.com/

Response headers

date
Sat, 15 May 2021 14:07:46 GMT
content-type
text/html; charset=utf-8
content-length
479
set-cookie
sync=CgoIgQIQgobrgpcvCgoIkQIQgobrgpcvCgoI4gEQgobrgpcvCgoIkgIQgobrgpcvCgoI5gEQgobrgpcvCgoIhwIQgobrgpcvCgkIOhCChuuCly8KCQgLEIKG64KXLwoJCF8QgobrgpcvCgkIHxCChuuCly8=; Max-Age=7776000; Expires=Fri, 13 Aug 2021 14:07:46 GMT; Path=/sync; Domain=.3lift.com; SameSite=None; Secure tluid=12561668302868140987; Max-Age=7776000; Expires=Fri, 13 Aug 2021 14:07:46 GMT; Path=/; Domain=.3lift.com; SameSite=None; Secure
content-encoding
gzip
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
cache-control
no-cache, no-store, must-revalidate
check.html
biddr.brealtime.com/ Frame 3874 		926 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://biddr.brealtime.com/check.html
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160138/3986/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.17.120.107 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
868a78df4f3d0a21f89c48ccc709df44d3875f5fb33e22bf51ca8b5c28be4202

Request headers

Host
biddr.brealtime.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.wcnc.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.wcnc.com/

Response headers

Date
Sat, 15 May 2021 14:07:46 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
x-amz-id-2
CV2cii+M7Kzhpm1w4xgGep0dZXIVOwJJeiJOgdFk8jS4iKm4eSuYTqVEBPGzTM1Gbp5JMvO+Vx4=
x-amz-request-id
ZTNYJZQRSMNTQ1CX
Last-Modified
Tue, 08 Sep 2020 13:51:51 GMT
CF-Cache-Status
HIT
Age
6493
Expires
Sat, 15 May 2021 14:08:46 GMT
Cache-Control
public, max-age=60
cf-request-id
0a11f3db1000004e087607b000000001
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
Server
cloudflare
CF-RAY
64fcef3e7b934e08-FRA
Content-Encoding
gzip
ixmatch.html
js-sec.indexww.com/um/ Frame 709C 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160138/3986/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Host
js-sec.indexww.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.wcnc.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.wcnc.com/

Response headers

Server
Apache
Last-Modified
Thu, 11 Feb 2021 16:12:45 GMT
ETag
"e20015-90b-5bb11ca420f07"
Accept-Ranges
bytes
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Date
Sat, 15 May 2021 14:07:46 GMT
Content-Length
1151
Connection
keep-alive
showad.js
ads.pubmatic.com/AdServer/js/ Frame 9346 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160138/3986/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
1b95ffd8d5e131d47fa1a5ab65bca620eeef87328c413940cd60a9fbcedf4b74

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.wcnc.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.wcnc.com/

Response headers

Last-Modified
Tue, 11 May 2021 05:24:02 GMT
ETag
"13006b6-96ca-5c2071a26cca4"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
13964
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=110903
Expires
Sun, 16 May 2021 20:56:09 GMT
Date
Sat, 15 May 2021 14:07:46 GMT
Connection
keep-alive
Vary
Accept-Encoding
check.html
biddr.brealtime.com/ Frame AED0 		926 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://biddr.brealtime.com/check.html
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160138/3986/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.17.120.107 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
868a78df4f3d0a21f89c48ccc709df44d3875f5fb33e22bf51ca8b5c28be4202

Request headers

Host
biddr.brealtime.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.wcnc.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.wcnc.com/

Response headers

Date
Sat, 15 May 2021 14:07:46 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
x-amz-id-2
CV2cii+M7Kzhpm1w4xgGep0dZXIVOwJJeiJOgdFk8jS4iKm4eSuYTqVEBPGzTM1Gbp5JMvO+Vx4=
x-amz-request-id
ZTNYJZQRSMNTQ1CX
Last-Modified
Tue, 08 Sep 2020 13:51:51 GMT
CF-Cache-Status
HIT
Age
6493
Expires
Sat, 15 May 2021 14:08:46 GMT
Cache-Control
public, max-age=60
cf-request-id
0a11f3db1300004e0e7b9fc000000001
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
Server
cloudflare
CF-RAY
64fcef3e89594e0e-FRA
Content-Encoding
gzip
sodar
pagead2.googlesyndication.com/getconfig/ 		11 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021051001&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
80cc8323725faa458a94cbb1b608d609dbfa9735205481c9fd616480512c405d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.wcnc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 15 May 2021 14:07:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8218
x-xss-protection
0
usync.html
eus.rubiconproject.com/ Frame 6118
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=12776
  • https://eus.rubiconproject.com/usync.html?p=12776
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=12776
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?ccpa=1YNY
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-230-142.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://cdn.undertone.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://cdn.undertone.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 23 Feb 2021 20:47:52 GMT
ETag
"402b0-119-5bc0708346e00"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sat, 15 May 2021 14:07:47 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

Server
AkamaiGHost
Content-Length
0
Location
https://eus.rubiconproject.com/usync.html?p=12776
Date
Sat, 15 May 2021 14:07:47 GMT
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
getuidnb
ib.adnxs.com/ Frame 204F 		43 B
694 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/getuidnb?https://usr.undertone.com/userPixel/sync?partner=appnexus&uid=$UID
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?ccpa=1YNY
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.45 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 15 May 2021 14:07:47 GMT
X-Proxy-Origin
84.17.53.163; 84.17.53.163; 693.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.172.143:80
AN-X-Request-Uuid
e73983bf-4912-4f68-a00e-0264c113586f
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
usr.undertone.com/userPixel/ Frame 204F
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=fba3d144-1026-4d31-a758-943b9545e305&r=https://usr.undertone.com/userPixel/sync?partnerId=39&uid=
  • https://us-u.openx.net/w/1.0/cm?cc=1&id=fba3d144-1026-4d31-a758-943b9545e305&r=https://usr.undertone.com/userPixel/sync?partnerId=39&uid=
  • https://usr.undertone.com/userPixel/sync?partnerId=39&uid=2a14deb6-9097-4418-a189-ee0681936b44
0
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partnerId=39&uid=2a14deb6-9097-4418-a189-ee0681936b44
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?ccpa=1YNY
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.22.118.41 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 15 May 2021 14:07:50 GMT
x-envoy-upstream-service-time
0
server
istio-envoy
Connection
keep-alive
Content-Length
0

Redirect headers

date
Sat, 15 May 2021 14:07:47 GMT
content-encoding
gzip
server
OXGW/16.207.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://usr.undertone.com/userPixel/sync?partnerId=39&uid=2a14deb6-9097-4418-a189-ee0681936b44
content-type
image/gif
alt-svc
clear
content-length
0
via
1.1 google
sync
usr.undertone.com/userPixel/ Frame 204F
Redirect Chain
  • https://pixel.advertising.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true
  • https://pixel.advertising.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true&verify=true
  • https://ups.analytics.yahoo.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true&apid=UPeced1ec7-b586-11eb-a584-027eebdc813e
  • https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-fl0AMvtE2uG.103aWx2DXWsfVciNNuAd~A~UPeced1ec7-b586-11eb-a584-027eebdc813e
0
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-fl0AMvtE2uG.103aWx2DXWsfVciNNuAd~A~UPeced1ec7-b586-11eb-a584-027eebdc813e
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?ccpa=1YNY
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.22.118.41 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 15 May 2021 14:07:51 GMT
x-envoy-upstream-service-time
0
server
istio-envoy
Connection
keep-alive
Content-Length
0

Redirect headers

Date
Sat, 15 May 2021 14:07:48 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-fl0AMvtE2uG.103aWx2DXWsfVciNNuAd~A~UPeced1ec7-b586-11eb-a584-027eebdc813e
Connection
keep-alive
Content-Length
0
sync
usr.undertone.com/userPixel/ Frame 204F
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sirnsvg&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=sirnsvg&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://usr.undertone.com/userPixel/sync?partner=ttd&uid=4fafc8c5-3568-427c-95f5-00ac7edaf594&ttl=1623679667
0
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partner=ttd&uid=4fafc8c5-3568-427c-95f5-00ac7edaf594&ttl=1623679667
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?ccpa=1YNY
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.22.118.41 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 15 May 2021 14:07:50 GMT
x-envoy-upstream-service-time
1
server
istio-envoy
Connection
keep-alive
Content-Length
0

Redirect headers

pragma
no-cache
date
Sat, 15 May 2021 14:07:47 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://usr.undertone.com/userPixel/sync?partner=ttd&uid=4fafc8c5-3568-427c-95f5-00ac7edaf594&ttl=1623679667
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
247
sync
usr.undertone.com/userPixel/ Frame 204F
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=12776
  • https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=KOPTQPAB-1S-J4EJ
0
288 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=KOPTQPAB-1S-J4EJ
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?ccpa=1YNY
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.22.118.41 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 15 May 2021 14:07:50 GMT
x-envoy-upstream-service-time
1
server
istio-envoy
Connection
keep-alive
Content-Length
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=KOPTQPAB-1S-J4EJ
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
4b510f0cc5fcbc9800016ef543086418
Expires
0
sync
usr.undertone.com/userPixel/ Frame 204F
Redirect Chain
  • https://cs.admanmedia.com/sync/undertone?url=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3Fpartner%3Dacuityads%26uid%3D%24UID
  • https://usr.undertone.com/userPixel/sync?partner=acuityads&uid=78b56ae1795edf42942c0fa65f10a4095a40df2d
0
312 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partner=acuityads&uid=78b56ae1795edf42942c0fa65f10a4095a40df2d
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?ccpa=1YNY
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.22.118.41 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 15 May 2021 14:07:50 GMT
x-envoy-upstream-service-time
1
server
istio-envoy
Connection
keep-alive
Content-Length
0

Redirect headers

Location
https://usr.undertone.com/userPixel/sync?partner=acuityads&uid=78b56ae1795edf42942c0fa65f10a4095a40df2d
Date
Sat, 15 May 2021 14:07:47 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
PugMaster
image6.pubmatic.com/AdServer/ Frame 131D 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=11061900&p=160138&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1YNY
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
73727aa5267ebaeeaac9695d71a663f5f32b28c76b0717aae7d72b3d4eb5c1bc

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 15 May 2021 14:07:47 GMT
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
getuidnb
ib.adnxs.com/ Frame 60F6 		43 B
694 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/getuidnb?https://usr.undertone.com/userPixel/sync?partner=appnexus&uid=$UID
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?ccpa=1YNY
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.45 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 15 May 2021 14:07:47 GMT
X-Proxy-Origin
84.17.53.163; 84.17.53.163; 693.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.202:80
AN-X-Request-Uuid
3578a57a-59a4-42b7-b7ba-5e454768399c
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
usr.undertone.com/userPixel/ Frame 60F6
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=fba3d144-1026-4d31-a758-943b9545e305&r=https://usr.undertone.com/userPixel/sync?partnerId=39&uid=
  • https://us-u.openx.net/w/1.0/cm?cc=1&id=fba3d144-1026-4d31-a758-943b9545e305&r=https://usr.undertone.com/userPixel/sync?partnerId=39&uid=
  • https://usr.undertone.com/userPixel/sync?partnerId=39&uid=2a14deb6-9097-4418-a189-ee0681936b44
0
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partnerId=39&uid=2a14deb6-9097-4418-a189-ee0681936b44
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?ccpa=1YNY
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.22.118.41 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 15 May 2021 14:07:50 GMT
x-envoy-upstream-service-time
1
server
istio-envoy
Connection
keep-alive
Content-Length
0

Redirect headers

date
Sat, 15 May 2021 14:07:47 GMT
content-encoding
gzip
server
OXGW/16.207.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://usr.undertone.com/userPixel/sync?partnerId=39&uid=2a14deb6-9097-4418-a189-ee0681936b44
content-type
image/gif
alt-svc
clear
content-length
0
via
1.1 google
sync
usr.undertone.com/userPixel/ Frame 60F6
Redirect Chain
  • https://pixel.advertising.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true
  • https://pixel.advertising.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true&verify=true
  • https://ups.analytics.yahoo.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true&apid=UPeced1ec7-b586-11eb-a584-027eebdc813e
  • https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-fl0AMvtE2uG.103aWx2DXWsfVciNNuAd~A~UPeced1ec7-b586-11eb-a584-027eebdc813e
0
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-fl0AMvtE2uG.103aWx2DXWsfVciNNuAd~A~UPeced1ec7-b586-11eb-a584-027eebdc813e
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?ccpa=1YNY
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.22.118.41 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 15 May 2021 14:07:51 GMT
x-envoy-upstream-service-time
1
server
istio-envoy
Connection
keep-alive
Content-Length
0

Redirect headers

Date
Sat, 15 May 2021 14:07:48 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-fl0AMvtE2uG.103aWx2DXWsfVciNNuAd~A~UPeced1ec7-b586-11eb-a584-027eebdc813e
Connection
keep-alive
Content-Length
0
sync
usr.undertone.com/userPixel/ Frame 60F6
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sirnsvg&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=sirnsvg&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://usr.undertone.com/userPixel/sync?partner=ttd&uid=4fafc8c5-3568-427c-95f5-00ac7edaf594&ttl=1623679667
0
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partner=ttd&uid=4fafc8c5-3568-427c-95f5-00ac7edaf594&ttl=1623679667
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?ccpa=1YNY
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.22.118.41 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 15 May 2021 14:07:51 GMT
x-envoy-upstream-service-time
1
server
istio-envoy
Connection
keep-alive
Content-Length
0

Redirect headers

pragma
no-cache
date
Sat, 15 May 2021 14:07:47 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://usr.undertone.com/userPixel/sync?partner=ttd&uid=4fafc8c5-3568-427c-95f5-00ac7edaf594&ttl=1623679667
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
247
sync
usr.undertone.com/userPixel/ Frame 60F6
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=12776
  • https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=KOPTQPBZ-E-5OM
0
286 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=KOPTQPBZ-E-5OM
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?ccpa=1YNY
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.22.118.41 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 15 May 2021 14:07:50 GMT
x-envoy-upstream-service-time
1
server
istio-envoy
Connection
keep-alive
Content-Length
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=KOPTQPBZ-E-5OM
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
4b510f0cc5fcbc9800016ef543086418
Expires
0
sync
usr.undertone.com/userPixel/ Frame 60F6
Redirect Chain
  • https://cs.admanmedia.com/sync/undertone?url=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3Fpartner%3Dacuityads%26uid%3D%24UID
  • https://usr.undertone.com/userPixel/sync?partner=acuityads&uid=78b56ae1795edf42942c0fa65f10a4095a40df2d
0
312 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partner=acuityads&uid=78b56ae1795edf42942c0fa65f10a4095a40df2d
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?ccpa=1YNY
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.22.118.41 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 15 May 2021 14:07:51 GMT
x-envoy-upstream-service-time
1
server
istio-envoy
Connection
keep-alive
Content-Length
0

Redirect headers

Location
https://usr.undertone.com/userPixel/sync?partner=acuityads&uid=78b56ae1795edf42942c0fa65f10a4095a40df2d
Date
Sat, 15 May 2021 14:07:47 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
usync.html
eus.rubiconproject.com/ Frame 32F5
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=12776
  • https://eus.rubiconproject.com/usync.html?p=12776
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=12776
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?ccpa=1YNY
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-230-142.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://cdn.undertone.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://cdn.undertone.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 23 Feb 2021 20:47:52 GMT
ETag
"402b0-119-5bc0708346e00"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sat, 15 May 2021 14:07:47 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

Server
AkamaiGHost
Content-Length
0
Location
https://eus.rubiconproject.com/usync.html?p=12776
Date
Sat, 15 May 2021 14:07:47 GMT
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.wcnc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 15 May 2021 14:07:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1616005470650935"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6437
x-xss-protection
0
expires
Sat, 15 May 2021 14:07:46 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/222/ Frame 5F0D 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/222/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.wcnc.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.wcnc.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5022
date
Sat, 15 May 2021 13:27:14 GMT
expires
Sun, 15 May 2022 13:27:14 GMT
last-modified
Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
2432
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
DyQI0nSy6BUFz1wbhNnw1YMoJJCDSr_iJxDmlzQsBeQ.js
pagead2.googlesyndication.com/bg/ Frame 5F0D 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/DyQI0nSy6BUFz1wbhNnw1YMoJJCDSr_iJxDmlzQsBeQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0f2408d274b2e81505cf5c1b84d9f0d583282490834abfe22710e697342c05e4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 15 May 2021 14:00:41 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 06 May 2021 09:28:00 GMT
server
sffe
age
425
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5636
x-xss-protection
0
expires
Sun, 15 May 2022 14:00:41 GMT
Cookie set usermatch
ssum-sec.casalemedia.com/ Frame F8C5
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?d=https://www.wcnc.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
  • https://ssum-sec.casalemedia.com/usermatch?d=https://www.wcnc.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https://www.wcnc.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d56d2e1b7aca98e388871928ce00f3ca77ac75ea2f34cd2711e05a18237eda9a

Request headers

Host
ssum-sec.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://js-sec.indexww.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
CMPS=3246; CMPRO=1206; CMRUM3=2d609fd5b42760CAESEHXECxNww202qFlCrIofjD8; CMST=YJ-Vs2Cf1bQA; CMID=YJ-VtqD4k35q4F2v9CPKLQAA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://js-sec.indexww.com/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
241|39|230|73|3|105|88|130
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1707
Expires
Sat, 15 May 2021 14:07:51 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Sat, 15 May 2021 14:07:51 GMT
Connection
keep-alive
Set-Cookie
CMID=YJ-VtqD4k35q4F2v9CPKLQAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 15 May 2022 14:07:51 GMT CMPS=3246;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 13 Aug 2021 14:07:51 GMT CMPRO=1206;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 13 Aug 2021 14:07:51 GMT CMST=YJ-Vs2Cf1bcA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 16 May 2021 14:07:51 GMT CMRUM3=69609fd5b705a0&82609fd5b7a8c0&03609fd5b705a0&27609fd5b70b40&2d609fd5b42760CAESEHXECxNww202qFlCrIofjD8&e6609fd5b72760&49609fd5b705a0&f1609fd5b705a0&58609fd5b705a0;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 15 May 2022 14:07:51 GMT

Redirect headers

Server
Apache
Content-Length
335
Content-Type
text/html; charset=iso-8859-1
Location
https://ssum-sec.casalemedia.com/usermatch?d=https://www.wcnc.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires
Sat, 15 May 2021 14:07:50 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Sat, 15 May 2021 14:07:50 GMT
Connection
keep-alive
Set-Cookie
CMID=YJ-VtqD4k35q4F2v9CPKLQAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 15 May 2022 14:07:50 GMT CMPS=3246;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 13 Aug 2021 14:07:50 GMT
generic
match.adsrvr.org/track/cmf/ Frame 05E1 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=1&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1YNY&
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 15 May 2021 14:07:47 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
xuid
eb2.3lift.com/ Frame 05E1
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=1&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm=&google_sc=&gdpr=1&gdpr_consent=&google_tc=
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESECBHyIZCvMiryT0qTRhlBVI&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
37 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESECBHyIZCvMiryT0qTRhlBVI&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1YNY&
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.121.70.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 15 May 2021 14:07:47 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Sat, 15 May 2021 14:07:47 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESECBHyIZCvMiryT0qTRhlBVI&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
332
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 05E1
Redirect Chain
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=1&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTI1NjE2NjgzMDI4NjgxNDA5ODc%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTI1NjE2NjgzMDI4NjgxNDA5ODc%3D&google_tc=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTI1NjE2NjgzMDI4NjgxNDA5ODc%3D&google_tc=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1YNY&
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 15 May 2021 14:07:47 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 15 May 2021 14:07:47 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTI1NjE2NjgzMDI4NjgxNDA5ODc%3D&google_tc=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
358
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
c.gif
c.bing.com/ Frame 05E1 		42 B
467 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bing.com/c.gif?xid=12561668302868140987&Red3=TLMS_pd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1YNY&
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 15 May 2021 14:07:46 GMT
etag
"506f5bd17ad71:0"
last-modified
Tue, 23 Feb 2021 19:11:50 GMT
x-msedge-ref
Ref A: CCA0673640FE4C98AFFEFAB9B10B3C57 Ref B: FRAEDGE1215 Ref C: 2021-05-15T14:07:46Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-type
image/gif
content-length
42
xuid
eb2.3lift.com/ Frame 05E1
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/12561668302868140987?gdpr=1&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-zu2p7KVE2oSmGTy.rUTaSQ1p4bDpmDROEIKR4n6cBQ--~A&dongle=0883
37 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2662&xuid=y-zu2p7KVE2oSmGTy.rUTaSQ1p4bDpmDROEIKR4n6cBQ--~A&dongle=0883
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1YNY&
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.121.70.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 15 May 2021 14:07:47 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Sat, 15 May 2021 14:07:47 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://eb2.3lift.com/xuid?mid=2662&xuid=y-zu2p7KVE2oSmGTy.rUTaSQ1p4bDpmDROEIKR4n6cBQ--~A&dongle=0883
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
bounce
ib.adnxs.com/ Frame 05E1
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=1%26gdpr_consent=
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Feb2.3lift.com%252Fxuid%253Fmid%253D3335%2526xuid%253D%2524UID%2526dongle%253D4d58%2526gdpr%3D1%2526gdpr_consent%3D
0
0
iu3
s.amazon-adsystem.com/ Frame 05E1
Redirect Chain
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=1&gdpr_consent=&uid=12561668302868140987
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=12561668302868140987&dcc=t
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=12561668302868140987&dcc=t
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1YNY&
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.21.206.140 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
206-140.amazon.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

Pragma
no-cache
Date
Sat, 15 May 2021 14:07:47 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=12561668302868140987&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
xuid
eb2.3lift.com/ Frame 05E1
Redirect Chain
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=1&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1YNY&
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.121.70.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 15 May 2021 14:07:48 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

Location
https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Pragma
no-cache
Date
Sat, 15 May 2021 14:07:48 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Content-Length
95
Content-Type
text/html; charset=utf-8
setuid
ib.adnxs.com/prebid/ Frame 05E1 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=triplelift_native&gdpr=1&gdpr_consent=&uid=12561668302868140987
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1YNY&
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.45 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
setuid
ib.adnxs.com/prebid/ Frame 05E1 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=triplelift&gdpr=1&gdpr_consent=&uid=12561668302868140987
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1YNY&
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.45 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
generic
match.adsrvr.org/track/cmf/ Frame 55EC 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=1&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1YNY&
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 15 May 2021 14:07:47 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
xuid
eb2.3lift.com/ Frame 55EC
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=1&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm=&google_sc=&gdpr=1&gdpr_consent=&google_tc=
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEOYDxGHzIcB8ad3yulSHrtA&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
37 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEOYDxGHzIcB8ad3yulSHrtA&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1YNY&
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.121.70.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 15 May 2021 14:07:47 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Sat, 15 May 2021 14:07:47 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEOYDxGHzIcB8ad3yulSHrtA&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
332
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 55EC
Redirect Chain
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=1&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTI1NjE2NjgzMDI4NjgxNDA5ODc%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTI1NjE2NjgzMDI4NjgxNDA5ODc%3D&google_tc=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTI1NjE2NjgzMDI4NjgxNDA5ODc%3D&google_tc=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1YNY&
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 15 May 2021 14:07:47 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 15 May 2021 14:07:47 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTI1NjE2NjgzMDI4NjgxNDA5ODc%3D&google_tc=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
358
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
c.gif
c.bing.com/ Frame 55EC 		42 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bing.com/c.gif?xid=12561668302868140987&Red3=TLMS_pd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1YNY&
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 15 May 2021 14:07:46 GMT
etag
"506f5bd17ad71:0"
last-modified
Tue, 23 Feb 2021 19:11:50 GMT
x-msedge-ref
Ref A: 05BD04B07A0C43DA931242AF54280D4B Ref B: FRAEDGE1215 Ref C: 2021-05-15T14:07:46Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-type
image/gif
content-length
42
xuid
eb2.3lift.com/ Frame 55EC
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/12561668302868140987?gdpr=1&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-D_a..zxE2oQR4MlX.5OSx8vaDO6cr6xohslpXPRYHQ--~A&dongle=0883
37 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2662&xuid=y-D_a..zxE2oQR4MlX.5OSx8vaDO6cr6xohslpXPRYHQ--~A&dongle=0883
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1YNY&
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.121.70.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 15 May 2021 14:07:47 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Sat, 15 May 2021 14:07:47 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://eb2.3lift.com/xuid?mid=2662&xuid=y-D_a..zxE2oQR4MlX.5OSx8vaDO6cr6xohslpXPRYHQ--~A&dongle=0883
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
bounce
ib.adnxs.com/ Frame 55EC
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=1%26gdpr_consent=
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Feb2.3lift.com%252Fxuid%253Fmid%253D3335%2526xuid%253D%2524UID%2526dongle%253D4d58%2526gdpr%3D1%2526gdpr_consent%3D
0
0
iu3
s.amazon-adsystem.com/ Frame 55EC
Redirect Chain
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=1&gdpr_consent=&uid=12561668302868140987
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=12561668302868140987&dcc=t
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=12561668302868140987&dcc=t
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1YNY&
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.21.206.140 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
206-140.amazon.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

Pragma
no-cache
Date
Sat, 15 May 2021 14:07:48 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=12561668302868140987&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
xuid
eb2.3lift.com/ Frame 55EC
Redirect Chain
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=1&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1YNY&
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.121.70.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 15 May 2021 14:07:48 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

Location
https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Pragma
no-cache
Date
Sat, 15 May 2021 14:07:48 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Content-Length
95
Content-Type
text/html; charset=utf-8
setuid
ib.adnxs.com/prebid/ Frame 55EC 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=triplelift_native&gdpr=1&gdpr_consent=&uid=12561668302868140987
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1YNY&
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.45 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
setuid
ib.adnxs.com/prebid/ Frame 55EC 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=triplelift&gdpr=1&gdpr_consent=&uid=12561668302868140987
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1YNY&
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.45 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
Cookie set usermatch
ssum-sec.casalemedia.com/ Frame E071
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?d=https://www.wcnc.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
  • https://ssum-sec.casalemedia.com/usermatch?d=https://www.wcnc.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https://www.wcnc.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
1cd6da74853b21ba22d2e07cad0e7118be9fc9d0993619ec6c0c72be040abecf

Request headers

Host
ssum-sec.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://js-sec.indexww.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
CMPS=3246; CMPRO=1206; CMRUM3=2d609fd5b42760CAESEHXECxNww202qFlCrIofjD8; CMST=YJ-Vs2Cf1bQA; CMID=YJ-VtnC4xZ3A0roAgatBxAAA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://js-sec.indexww.com/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
230|39|241|46|4|3|105|188
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1576
Expires
Sat, 15 May 2021 14:07:51 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Sat, 15 May 2021 14:07:51 GMT
Connection
keep-alive
Set-Cookie
CMID=YJ-VtnC4xZ3A0roAgatBxAAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 15 May 2022 14:07:51 GMT CMPS=3246;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 13 Aug 2021 14:07:51 GMT CMPRO=1206;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 13 Aug 2021 14:07:51 GMT CMRUM3=69609fd5b705a0&03609fd5b705a0&2e609fd5b705a0&2d609fd5b42760CAESEHXECxNww202qFlCrIofjD8&27609fd5b70b40&bc609fd5b705a00&e6609fd5b72760&f1609fd5b705a0&04609fd5b705a0;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 15 May 2022 14:07:51 GMT CMST=YJ-Vs2Cf1bcA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 16 May 2021 14:07:51 GMT

Redirect headers

Server
Apache
Content-Length
335
Content-Type
text/html; charset=iso-8859-1
Location
https://ssum-sec.casalemedia.com/usermatch?d=https://www.wcnc.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires
Sat, 15 May 2021 14:07:50 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Sat, 15 May 2021 14:07:50 GMT
Connection
keep-alive
Set-Cookie
CMID=YJ-VtnC4xZ3A0roAgatBxAAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 15 May 2022 14:07:50 GMT CMPS=3246;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 13 Aug 2021 14:07:50 GMT
pr
aax-eu.amazon-adsystem.com/s/v3/ Frame 15F6 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-index_ox-db5_dm_n-smaato_pm-db5_ym_rbd_n-emx_n-vmg_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_ox-db5_dm_n-smaato_pm-db5_ym_rbd_n-emx_n-vmg_an-db5_sovrn_3lift&dcc=t
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.124.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
99971742b820a02c49becf8a6418259b71bed92b6b17d3013b24ab240a4449ae

Request headers

Host
aax-eu.amazon-adsystem.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_ox-db5_dm_n-smaato_pm-db5_ym_rbd_n-emx_n-vmg_an-db5_sovrn_3lift&dcc=t
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
ad-id=Axjk1NBQ1ESzg8z6gEhmDR4; ad-privacy=0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_ox-db5_dm_n-smaato_pm-db5_ym_rbd_n-emx_n-vmg_an-db5_sovrn_3lift&dcc=t

Response headers

Server
Server
Date
Sat, 15 May 2021 14:07:47 GMT
Content-Type
text/html;charset=ISO-8859-1
Content-Length
742
Connection
keep-alive
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Vary
Accept-Encoding,User-Agent
Content-Encoding
gzip
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gpt_2021051001&jk=4422469680201682&bg=!gIOlg8fNAAY59bwoOfU7ACkAdvg8WlMazDzYDfn587OM1rZ9_5q7WRXGvoAVF90cmXt9nFXoFR3M9wIAAABqUgAAABBoAQeZAjoGmnCaxpdupFcqjHB6XweE82_HMqvVNdz8TsGXf3Fu94i95jMhN2j-kCBUv9rWrOCOQ2dPaaMacfL3iooB6oM_vkoeLPS0MRQxVkwD7Q5ENDA9KbMFcKqvvw-2ig1ZnKnaOSWKTPBs-QfaCqq1TUxObEXH9CuwL6IZxWPhI6VSEyfrGYsfQ014bRlRq0NYJi2LBbmpbD0uSViVTGM-C1NM0wSf3DzaN3MmuTAqeT_ivOQiUrO-y8KYRsUpsrIyfYGSjmlrUYamZkNQF0B001yEQrgWIK80sla_18vOtdpJs_bZC3OfYnHbSq_EKBrMKu9PPJwlCN89m8IbcwyEeYT_7mOwJbp2KCkBDcOH1Dt64S7LsuqDP12wyyxCCkU66mUD0qTw66zliguNaSBpNYaE0kMglHSucQNzcPEq0Q-Z0qAIhfpTm5hoV0RAcb123TMFhfVz503YZoL2POpq2r8crscoNwCdcl61qFPqC0jbLTwvxkRHo4e-5dKuobetayFYSCguuA4BLXGExDYdw_fuN8FGwCENxByf3Jv4iHkf1AbG8zSlvagDu0Jed5q7_TkHBGGTKRwS4Z0aAS1CKMOwzOLlCfaxJUhyR_nErgTW_SxkgEHEO5UTzjs3RtDM211NvcXRtJt69tLeLR8mIXGThLwak3dUVHNKEizZeZMKJf3n3BPh1T7OclgxsT2ItAl7jhqGKT-aUmm5k3BVIE1_N2vdw36LCDNwRNitncvO1wbvGmKExcOX_yk
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.wcnc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 15 May 2021 14:07:47 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 15F6
Redirect Chain
  • https://s.ad.smaato.net/c/?adExInit=aps&redir=https%3A%2F%2Faax-eu.amazon-adsystem.com/s%2Fecm3%3Fex%3Dsmaato.com%26id%3D%24UID
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=smaato.com&id=901a44dee5888a4c9098
43 B
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=smaato.com&id=901a44dee5888a4c9098
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-index_ox-db5_dm_n-smaato_pm-db5_ym_rbd_n-emx_n-vmg_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.124.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 15 May 2021 14:07:47 GMT
Server
Server
Vary
User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date
Sat, 15 May 2021 14:07:47 GMT
via
1.1 a70d280cd058ea89c08954ea0ad67199.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
ZRH50-C1
x-cache
LambdaGeneratedResponse from cloudfront
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=smaato.com&id=901a44dee5888a4c9098
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
BH2xeHNnL3nNj2GuzMEMPcQzdNcmLaR6Btp0RG_04y3lAWqMu6xWag==
um
cs.emxdgt.com/ Frame 15F6 		0
22 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.emxdgt.com/um?redirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dbrealtime.com%26id%3D%24UID
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-index_ox-db5_dm_n-smaato_pm-db5_ym_rbd_n-emx_n-vmg_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.155.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 15 May 2021 14:07:50 GMT
content-length
0
content-type
text/html
amzns2s
rtb.gumgum.com/usync/ Frame A75D 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-index_ox-db5_dm_n-smaato_pm-db5_ym_rbd_n-emx_n-vmg_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.50.187.150 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
f42db70a89cc749e109ebd0a107b6bb25ee28868cc7eaf19e36fc33de1f28f8d

Request headers

:method
GET
:authority
rtb.gumgum.com
:scheme
https
:path
/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 15 May 2021 14:07:48 GMT
content-type
text/html;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
set-cookie
vst=e_dce08e88-3de6-4a2b-83f1-8ba4758af05d; Domain=.gumgum.com; Expires=Sun, 15-May-2022 14:07:48 GMT; Path=/; Secure; SameSite=None
etag
W/"0ec033939f677d7af7966faa4bae0ab2f"
timing-allow-origin
*
content-encoding
gzip
Cookie set usermatch
ssum-sec.casalemedia.com/ Frame FFD4
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-index_ox-db5_dm_n-smaato_pm-db5_ym_rbd_n-emx_n-vmg_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ae3bc574caeba3f2a2467d92c9108eedd80a426ff0508e0ea5ed96592a21fb19

Request headers

Host
ssum-sec.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
CMPS=3246; CMPRO=1206; CMRUM3=2d609fd5b42760CAESEHXECxNww202qFlCrIofjD8; CMST=YJ-Vs2Cf1bQA; CMID=YJ-Vt3C4xZ3A0roAgatBywAA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
241|39|230|46|47|51|57|130
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1590
Expires
Sat, 15 May 2021 14:07:51 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Sat, 15 May 2021 14:07:51 GMT
Connection
keep-alive
Set-Cookie
CMID=YJ-Vt3C4xZ3A0roAgatBywAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 15 May 2022 14:07:51 GMT CMPS=3246;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 13 Aug 2021 14:07:51 GMT CMPRO=1206;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 13 Aug 2021 14:07:51 GMT CMRUM3=33609fd5b705a0&2f609fd5b705a0&e6609fd5b72760&f1609fd5b705a0&39609fd5b705a0&2e609fd5b705a0&2d609fd5b42760CAESEHXECxNww202qFlCrIofjD8&27609fd5b70b40&82609fd5b7a8c0;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 15 May 2022 14:07:51 GMT CMST=YJ-Vs2Cf1bcA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 16 May 2021 14:07:51 GMT

Redirect headers

Server
Apache
Content-Length
333
Content-Type
text/html; charset=iso-8859-1
Location
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires
Sat, 15 May 2021 14:07:51 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Sat, 15 May 2021 14:07:51 GMT
Connection
keep-alive
Set-Cookie
CMID=YJ-Vt3C4xZ3A0roAgatBywAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 15 May 2022 14:07:51 GMT CMPS=3246;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 13 Aug 2021 14:07:51 GMT
cm
u.openx.net/w/1.0/ Frame 2BCE 		628 B
704 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-index_ox-db5_dm_n-smaato_pm-db5_ym_rbd_n-emx_n-vmg_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.207.0 /
Resource Hash
d4be344ce30962b27f30c1dcb5ca9f58799ba5aa418caa403f3cf73885c8b633

Request headers

:method
GET
:authority
u.openx.net
:scheme
https
:path
/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
i=b2d586c8-39bf-478c-91da-3929121878eb|1621087667
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

vary
Accept, Accept-Encoding
set-cookie
i=b2d586c8-39bf-478c-91da-3929121878eb|1621087667; Version=1; Expires=Sun, 15-May-2022 14:07:47 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1621087667|gen0vNiygu; Version=1; Expires=Sun, 30-May-2021 14:07:47 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server
OXGW/16.207.0
p3p
CP="CUR ADM OUR NOR STA NID"
date
Sat, 15 May 2021 14:07:47 GMT
content-type
text/html
content-length
393
content-encoding
gzip
via
1.1 google
alt-svc
clear
ecm3
aax-eu.amazon-adsystem.com/s/ Frame BE92
Redirect Chain
  • https://ib.adnxs.com/getuid?https://aax-eu.amazon-adsystem.com/s/ecm3?id=$UID&ex=districtm
  • https://aax-eu.amazon-adsystem.com/s/ecm3?id=402486458537699868&ex=districtm
43 B
344 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?id=402486458537699868&ex=districtm
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-index_ox-db5_dm_n-smaato_pm-db5_ym_rbd_n-emx_n-vmg_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.124.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Host
aax-eu.amazon-adsystem.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
ad-id=Axjk1NBQ1ESzg8z6gEhmDR4; ad-privacy=0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server
Server
Date
Sat, 15 May 2021 14:07:47 GMT
Content-Type
image/gif
Content-Length
43
Connection
keep-alive
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Vary
User-Agent

Redirect headers

Server
nginx/1.17.9
Date
Sat, 15 May 2021 14:07:47 GMT
Content-Type
text/html; charset=utf-8
Content-Length
0
Connection
keep-alive
Cache-Control
no-store, no-cache, private
Pragma
no-cache
Expires
Sat, 15 Nov 2008 16:00:00 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection
0
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Location
https://aax-eu.amazon-adsystem.com/s/ecm3?id=402486458537699868&ex=districtm
AN-X-Request-Uuid
db280637-4cfa-47f0-8248-b16d4db8f9bf
Set-Cookie
uuid2=402486458537699868; SameSite=None; Path=/; Max-Age=7776000; Expires=Fri, 13-Aug-2021 14:07:47 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin
84.17.53.163; 84.17.53.163; 693.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.206:80
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame B6AF 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156657&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-index_ox-db5_dm_n-smaato_pm-db5_ym_rbd_n-emx_n-vmg_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
23371b5319a53a0a2d3c59d738d679c384822c244ea4e791ef87a4110b8a291e

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KCCH=YES
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Last-Modified
Wed, 21 Oct 2020 18:57:29 GMT
ETag
"1300708-1f78-5b232eb4914bb"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
2654
Content-Type
text/html; charset=UTF-8
Cache-Control
max-age=69699
Expires
Sun, 16 May 2021 09:29:26 GMT
Date
Sat, 15 May 2021 14:07:47 GMT
Connection
keep-alive
Vary
Accept-Encoding
tamptsync
sync-amz.ads.yieldmo.com/ Frame 9388 		243 B
480 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-index_ox-db5_dm_n-smaato_pm-db5_ym_rbd_n-emx_n-vmg_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:7a00:0:70b1:7080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
833af9e4f4ffac431e9529e938dc5efef17cae26d29d2cf0fd8e0064432dd58f

Request headers

:method
GET
:authority
sync-amz.ads.yieldmo.com
:scheme
https
:path
/tamptsync?callback=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
application/xml
date
Sat, 15 May 2021 14:07:47 GMT
server
AmazonS3
x-cache
Hit from cloudfront
via
1.1 e1e056e45a0f8d6bc22b223900511170.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
vvJtkQZXQxW5XAkPLDjrf488uIZIub4Pt8KBSmWan0u2UbMG1Jgz7A==
usync.html
eus.rubiconproject.com/ Frame 8BF2 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-index_ox-db5_dm_n-smaato_pm-db5_ym_rbd_n-emx_n-vmg_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-230-142.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
khaos=KOPTQPBZ-E-5OM; audit=1|QVTghPzVMXTg4JapxHbxFH1n0rnSNMfV5b6CkuMhWaVX6Q/FbwZNy11Ie5LQz19EXQQQJrW9jtdYuqoIiPk057iLOlCEhdvdWANJa0iDiyUOlXCWuMvWGw3nKCLg06eG
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 23 Feb 2021 20:47:52 GMT
ETag
"402b0-119-5bc0708346e00"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sat, 15 May 2021 14:07:47 GMT
Connection
keep-alive
Vary
Accept-Encoding
ecm3
aax-eu.amazon-adsystem.com/s/ Frame E8AA
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58252/sync?redir=true
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=vmg.com&id=y-b0Tn4lV1l2OuhIgipoeE8iLgwHCAtBA-&
43 B
344 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=vmg.com&id=y-b0Tn4lV1l2OuhIgipoeE8iLgwHCAtBA-&
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-index_ox-db5_dm_n-smaato_pm-db5_ym_rbd_n-emx_n-vmg_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.124.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Host
aax-eu.amazon-adsystem.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
ad-id=Axjk1NBQ1ESzg8z6gEhmDR4; ad-privacy=0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server
Server
Date
Sat, 15 May 2021 14:07:48 GMT
Content-Type
image/gif
Content-Length
43
Connection
keep-alive
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Vary
User-Agent

Redirect headers

Date
Sat, 15 May 2021 14:07:48 GMT
Content-Length
0
Strict-Transport-Security
max-age=31536000
Set-Cookie
IDSYNC=18y4~1y52;Version=1;Domain=.analytics.yahoo.com;Path=/;Max-Age=31622400;Expires=Mon, 16-May-2022 14:07:48 GMT;Secure;SameSite=None A3=d=AQABBLPVn2ACEO28ucXylqb8JaDosKv_QFMFEgEBAQEnoWCpYAAAAAAA_eMAAA&S=AQAAAs8cVNKE0tblJanwtvDRh4o; Expires=Sun, 15 May 2022 20:07:48 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly B=56g7vldg9vldj&b=3&s=2g; Expires=Sun, 15 May 2022 20:07:48 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=vmg.com&id=y-b0Tn4lV1l2OuhIgipoeE8iLgwHCAtBA-&
Age
0
Connection
keep-alive
Server
ATS/7.1.2.128
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 8F8D
Redirect Chain
  • https://ib.adnxs.com/getuid?https://aax-eu.amazon-adsystem.com/s/ecm3?id=$UID&ex=appnexus.com
  • https://aax-eu.amazon-adsystem.com/s/ecm3?id=402486458537699868&ex=appnexus.com
43 B
344 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?id=402486458537699868&ex=appnexus.com
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-index_ox-db5_dm_n-smaato_pm-db5_ym_rbd_n-emx_n-vmg_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.124.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Host
aax-eu.amazon-adsystem.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
ad-id=Axjk1NBQ1ESzg8z6gEhmDR4; ad-privacy=0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server
Server
Date
Sat, 15 May 2021 14:07:47 GMT
Content-Type
image/gif
Content-Length
43
Connection
keep-alive
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Vary
User-Agent

Redirect headers

Server
nginx/1.17.9
Date
Sat, 15 May 2021 14:07:47 GMT
Content-Type
text/html; charset=utf-8
Content-Length
0
Connection
keep-alive
Cache-Control
no-store, no-cache, private
Pragma
no-cache
Expires
Sat, 15 Nov 2008 16:00:00 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection
0
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Location
https://aax-eu.amazon-adsystem.com/s/ecm3?id=402486458537699868&ex=appnexus.com
AN-X-Request-Uuid
c75c83e5-03a3-4e39-b218-8fa46d838200
Set-Cookie
uuid2=402486458537699868; SameSite=None; Path=/; Max-Age=7776000; Expires=Fri, 13-Aug-2021 14:07:47 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin
84.17.53.163; 84.17.53.163; 693.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.37:80
amazon
ap.lijit.com/beacon/ Frame FD5E 		0
0
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 6D53
Redirect Chain
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=3lift.com&id=12561668302868140987
43 B
344 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=3lift.com&id=12561668302868140987
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-index_ox-db5_dm_n-smaato_pm-db5_ym_rbd_n-emx_n-vmg_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.124.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Host
aax-eu.amazon-adsystem.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
ad-id=Axjk1NBQ1ESzg8z6gEhmDR4; ad-privacy=0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server
Server
Date
Sat, 15 May 2021 14:07:47 GMT
Content-Type
image/gif
Content-Length
43
Connection
keep-alive
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Vary
User-Agent

Redirect headers

date
Sat, 15 May 2021 14:07:47 GMT
content-length
0
location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=3lift.com&id=12561668302868140987
set-cookie
tluid=12561668302868140987; Max-Age=7776000; Expires=Fri, 13 Aug 2021 14:07:47 GMT; Path=/; Domain=.3lift.com; SameSite=None; Secure
cache-control
no-cache, no-store, must-revalidate
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
showad.js
ads.pubmatic.com/AdServer/js/ Frame D01F 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156657&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
1b95ffd8d5e131d47fa1a5ab65bca620eeef87328c413940cd60a9fbcedf4b74

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156657&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KCCH=YES
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156657&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID

Response headers

Last-Modified
Tue, 11 May 2021 05:24:02 GMT
ETag
"13006b6-96ca-5c2071a26cca4"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
13964
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=110902
Expires
Sun, 16 May 2021 20:56:09 GMT
Date
Sat, 15 May 2021 14:07:47 GMT
Connection
keep-alive
Vary
Accept-Encoding
usync.js
eus.rubiconproject.com/ Frame 6118 		30 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=12776
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-230-142.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
6cd44263214960e9d1e5422c57338590b2bb3af09777591ed10f7206bd206497

Request headers

Referer
https://eus.rubiconproject.com/usync.html?p=12776
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 15 May 2021 14:07:47 GMT
Content-Encoding
gzip
Last-Modified
Wed, 28 Apr 2021 21:43:33 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=61220
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9238
Expires
Sun, 16 May 2021 07:08:07 GMT
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 2BCE 		43 B
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=openx.com&id=39afc5ec-8c92-c381-0b02-73561e0c80f6
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.124.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 15 May 2021 14:07:47 GMT
Server
Server
Vary
User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 2BCE
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=nwaRmM0Dys2EBcqYkFKFyZpTzp2EB86dnQVBVlBq
43 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=nwaRmM0Dys2EBcqYkFKFyZpTzp2EB86dnQVBVlBq
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.207.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 15 May 2021 14:07:47 GMT
via
1.1 google
server
OXGW/16.207.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 15 May 2021 14:07:47 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=nwaRmM0Dys2EBcqYkFKFyZpTzp2EB86dnQVBVlBq
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame 2BCE
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=22
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=8299716750570129754
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=8299716750570129754
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.207.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 15 May 2021 14:07:48 GMT
via
1.1 google
server
OXGW/16.207.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 15 May 2021 14:07:48 GMT
server
nginx
location
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=8299716750570129754
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
openx
match.adsrvr.org/track/cmf/ Frame 2BCE 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/openx?oxid=6179b991-9038-787b-cb0c-f1c1763f4b16&gdpr=0
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 15 May 2021 14:07:47 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 2BCE 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NGQxNjZhNWItNTk0Zi0yNmRmLWRlZWMtYWI3OGJjZGQ4NTc2
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 15 May 2021 14:07:47 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 2BCE
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEAPLn6c06TSlJ1GHuIAow6w&google_cver=1
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEAPLn6c06TSlJ1GHuIAow6w&google_cver=1
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.207.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 15 May 2021 14:07:47 GMT
via
1.1 google
server
OXGW/16.207.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 15 May 2021 14:07:47 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEAPLn6c06TSlJ1GHuIAow6w&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame 32F5 		30 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=12776
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-230-142.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
6cd44263214960e9d1e5422c57338590b2bb3af09777591ed10f7206bd206497

Request headers

Referer
https://eus.rubiconproject.com/usync.html?p=12776
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 15 May 2021 14:07:47 GMT
Content-Encoding
gzip
Last-Modified
Wed, 28 Apr 2021 21:43:33 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=61220
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9238
Expires
Sun, 16 May 2021 07:08:07 GMT
usync.js
eus.rubiconproject.com/ Frame 8BF2 		30 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-230-142.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
6cd44263214960e9d1e5422c57338590b2bb3af09777591ed10f7206bd206497

Request headers

Referer
https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 15 May 2021 14:07:47 GMT
Content-Encoding
gzip
Last-Modified
Wed, 28 Apr 2021 21:43:33 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=61220
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9238
Expires
Sun, 16 May 2021 07:08:07 GMT
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012103020108001/ Frame 82D0 		190 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6e553b4e88ac4a1819d608fe9dcb46544ca5fb776d4e0c84d773f37b1df18211
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.wcnc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
103482
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
55046
x-xss-protection
0
server
sffe
date
Fri, 14 May 2021 09:23:05 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"aeaf363b1ad89b36"
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 14 May 2022 09:23:05 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012103020108001/v0/ Frame 82D0 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012103020108001/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8f9560479a05fb86854546c40ec030edc2bac692d4142391d69b16e5c033a185
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.wcnc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
103482
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4548
x-xss-protection
0
server
sffe
date
Fri, 14 May 2021 09:23:05 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"4eb73d471ab4cb2c"
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 14 May 2022 09:23:05 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012103020108001/v0/ Frame 82D0 		87 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012103020108001/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a6f768cbb894f2690011ee62662d3ac9480d12f5088fa46be57e650fcc4d835c
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.wcnc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
104153
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27208
x-xss-protection
0
server
sffe
date
Fri, 14 May 2021 09:11:54 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"22950e05e749846e"
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 14 May 2022 09:11:54 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012103020108001/v0/ Frame 82D0 		27 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012103020108001/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
21d45a4ed77653b3b1ee2b47a786a4dbb936a3b19fc56e1b44c16aed35eb80ee
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.wcnc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
104153
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9587
x-xss-protection
0
server
sffe
date
Fri, 14 May 2021 09:11:54 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"739644f32ad1483f"
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 14 May 2022 09:11:54 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012103020108001/v0/ Frame 82D0 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012103020108001/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4c6af60796cc240ad277098308cf363c2700f5296264ec1b43b4e1362763c439
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.wcnc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
104263
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12827
x-xss-protection
0
server
sffe
date
Fri, 14 May 2021 09:10:04 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"5cc8dcc2368726c7"
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 14 May 2022 09:10:04 GMT
truncated
/ Frame 82D0 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8de9ff8425707d951c51085405616e03416257c7882e3c65265d2d2dd093b9ff

Request headers

Referer
https://www.wcnc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
13728069672281919043
tpc.googlesyndication.com/simgad/ Frame 82D0 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/13728069672281919043?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qk0kRzPqaRTllqXDmIuHS8hsA9y-Q
Requested by
Host: www.wcnc.com
URL: https://www.wcnc.com/video/money/cash-up-for-grabs-in-federal-rebate-program/275-9d602892-bf91-4ee6-a82b-e811709425d4?jwsource=cl
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8926e4b99652d9bb3a5ee08fcccdda2a021ce181a69f747740bdd26ba2c9ae68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.wcnc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 07:08:50 GMT
x-content-type-options
nosniff
last-modified
Tue, 03 Nov 2020 21:31:35 GMT
server
sffe
age
284337
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26957
x-xss-protection
0
expires
Thu, 12 May 2022 07:08:50 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 82D0 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: www.wcnc.com
URL: https://www.wcnc.com/video/money/cash-up-for-grabs-in-federal-rebate-program/275-9d602892-bf91-4ee6-a82b-e811709425d4?jwsource=cl
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.wcnc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 15 May 2021 03:59:16 GMT
x-content-type-options
nosniff
server
cafe
age
36511
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Sun, 16 May 2021 03:59:16 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 82D0 		295 B
319 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: www.wcnc.com
URL: https://www.wcnc.com/video/money/cash-up-for-grabs-in-federal-rebate-program/275-9d602892-bf91-4ee6-a82b-e811709425d4?jwsource=cl
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.wcnc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 15 May 2021 05:03:57 GMT
x-content-type-options
nosniff
server
cafe
age
32630
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Sun, 16 May 2021 05:03:57 GMT
l
www.google.com/ads/measurement/ Frame 82D0 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSNBLlR_xo6ytcXCI9_YvPbP0nYwp8zzNt8-weTDc19OS9GlIb5lsCyhhyEeWknuNmv_YFN
Requested by
Host: www.wcnc.com
URL: https://www.wcnc.com/video/money/cash-up-for-grabs-in-federal-rebate-program/275-9d602892-bf91-4ee6-a82b-e811709425d4?jwsource=cl
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.wcnc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ Frame 82D0 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C_xuGstWfYN-xNu6LjuwP89-k2Ai58KzeYrXS1-rNDKGlxvj2HRABIKiqtSVglQKgAc3rqZwDyAEC4AIAqAMByAMIqgS-Ak_Q0aWssMZSwqUhNmFjRPCF-S-T3WmbWD8jJQhRJT2iDBb0iDQB8SZoWEYVoARtZ9cyeyUSUoh-RsBxU_aYZQ0QsRkhkBiH5nYmc69gKN_9jERUlDHsWqIFPZih79CMwuosER9cnbi4qcU43Cm17rMC0qW30Ikjr-ctRVI1vpPAVWEO3oH5PVplc34lWCHnhXe5Auew4sUF8p9ReAIRlJRgem5i4IT8Lcn3P7SmUL84_1p9yK2CFLKw1N0Lda25yzD0-pUhAcx7Yz3mNgSiissj3bYAg2KZNILpJ_-b5ii7aY3ZKExENQUSfks9dsGjuFdsyadkpb8BCvsIjgQNVh1fm2eyPtEGYw9u5aRLCjx--UwyVdUrWbabQvn4x9IjvwoVPMkndFITeGZg4pKWt6d4ceaSejkkSx0z-3DacsAEhOzV0boD4AQBkgUECAQYAZIFBAgFGASgBgKAB5uU1mOoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwHyBwQQitUN0ggJCIDhgFAQARgdgAoDyAsB2BMN0BUBgBcBshcaChgIABIUcHViLTM2ODY5ODE0MDc4Mzk2NDI&sigh=kMfZ5BUodRA
Requested by
Host: www.wcnc.com
URL: https://www.wcnc.com/video/money/cash-up-for-grabs-in-federal-rebate-program/275-9d602892-bf91-4ee6-a82b-e811709425d4?jwsource=cl
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.wcnc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
publishertag.prebid.js
static.criteo.net/js/ld/ 		82 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160138/3986/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
d6b7472f98f400d0f4c24dea8eb9a90afb003eda04b32f86f48fddaf56f78fbf

Request headers

Referer
https://www.wcnc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 15 May 2021 14:07:47 GMT
content-encoding
gzip
last-modified
Mon, 10 May 2021 10:39:22 GMT
server
nginx
etag
W/"60990d5a-14816"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 16 May 2021 14:07:47 GMT
sync
usr.undertone.com/userPixel/ Frame 6118
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=12776
  • https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=KOPTQPBZ-E-5OM
0
286 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=KOPTQPBZ-E-5OM
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?ccpa=1YNY
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.22.118.41 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 15 May 2021 14:07:51 GMT
x-envoy-upstream-service-time
0
server
istio-envoy
Connection
keep-alive
Content-Length
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=KOPTQPBZ-E-5OM
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
4b510f0cc5fcbc9800016ef543086418
Expires
0
sync
usr.undertone.com/userPixel/ Frame 32F5
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=12776
  • https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=KOPTQPBZ-E-5OM
0
286 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=KOPTQPBZ-E-5OM
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?ccpa=1YNY
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.22.118.41 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 15 May 2021 14:07:51 GMT
x-envoy-upstream-service-time
1
server
istio-envoy
Connection
keep-alive
Content-Length
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=KOPTQPBZ-E-5OM
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
4b510f0cc5fcbc9800016ef543086418
Expires
0
si
googleads.g.doubleclick.net/pagead/drt/ Frame 82D0
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: www.wcnc.com
URL: https://www.wcnc.com/video/money/cash-up-for-grabs-in-federal-rebate-program/275-9d602892-bf91-4ee6-a82b-e811709425d4?jwsource=cl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

date
Sat, 15 May 2021 14:07:47 GMT
x-content-type-options
nosniff
server
safe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
246
x-xss-protection
0
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 8BF2
Redirect Chain
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=a9eu
  • https://aax-eu.amazon-adsystem.com/s/ecm3?id=KOPTQPBZ-E-5OM&ex=d-rubiconproject.com&status=ok
43 B
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?id=KOPTQPBZ-E-5OM&ex=d-rubiconproject.com&status=ok
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-index_ox-db5_dm_n-smaato_pm-db5_ym_rbd_n-emx_n-vmg_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.124.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 15 May 2021 14:07:48 GMT
Server
Server
Vary
User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://aax-eu.amazon-adsystem.com/s/ecm3?id=KOPTQPBZ-E-5OM&ex=d-rubiconproject.com&status=ok
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
4b510f0cc5fcbc9800016ef543086418
Expires
0
btu4jd3a
sync-tm.everesttech.net/upi/pid/ Frame 6118 		0
0
pixel
cm.g.doubleclick.net/ Frame 6118
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NTI2NTIxMjA1YzVkY2IyZWFlNGMyOGUyOWE1MDdjMDdkYmEyMmZhOQ
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NTI2NTIxMjA1YzVkY2IyZWFlNGMyOGUyOWE1MDdjMDdkYmEyMmZhOQ
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?ccpa=1YNY
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 15 May 2021 14:07:50 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NTI2NTIxMjA1YzVkY2IyZWFlNGMyOGUyOWE1MDdjMDdkYmEyMmZhOQ
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
37b22a0c36bd84993dd2cda4a5e04b1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
709414.gif
id.rlcdn.com/ Frame 6118 		0
0
tap.php
pixel.rubiconproject.com/ Frame 6118
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D
  • https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=6a69609f-d5b4-4a00-bceb-72957059eeef
42 B
709 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=6a69609f-d5b4-4a00-bceb-72957059eeef
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?ccpa=1YNY
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
4b510f0cc5fcbc9800016ef543086418
Content-Type
image/gif

Redirect headers

Date
Sat, 15 May 2021 14:07:52 GMT
Server
MT3 3736 915c305 master zrh-pixel-x31
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=6a69609f-d5b4-4a00-bceb-72957059eeef
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Sat, 15 May 2021 14:07:51 GMT
tap.php
pixel.rubiconproject.com/ Frame 6118
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEAhBKUYmGl0cN6J9gJigXdI&google_cver=1
42 B
709 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEAhBKUYmGl0cN6J9gJigXdI&google_cver=1
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?ccpa=1YNY
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
4b510f0cc5fcbc9800016ef543086418
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Sat, 15 May 2021 14:07:47 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEAhBKUYmGl0cN6J9gJigXdI&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rubicon
match.adsrvr.org/track/cmf/ Frame 6118 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?ccpa=1YNY
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 15 May 2021 14:07:47 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
ecm3
s.amazon-adsystem.com/ Frame 6118
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=a9us
  • https://s.amazon-adsystem.com/ecm3?id=KOPTQPBZ-E-5OM&ex=d-rubiconproject.com&status=ok
43 B
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=KOPTQPBZ-E-5OM&ex=d-rubiconproject.com&status=ok
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?ccpa=1YNY
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.21.206.140 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
206-140.amazon.com
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 15 May 2021 14:07:48 GMT
Server
Server
Vary
User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://s.amazon-adsystem.com/ecm3?id=KOPTQPBZ-E-5OM&ex=d-rubiconproject.com&status=ok
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
4b510f0cc5fcbc9800016ef543086418
Expires
0
v1
ads.yahoo.com/cms/ Frame 6118
Redirect Chain
  • https://token.rubiconproject.com/token?pid=26594
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KOPTQPBZ-E-5OM&sigv=1&esig=2~53ff454a93eb0709a99220f3d0e4957f92dec867
0
445 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KOPTQPBZ-E-5OM&sigv=1&esig=2~53ff454a93eb0709a99220f3d0e4957f92dec867
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?ccpa=1YNY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:800::7001 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 15 May 2021 14:07:50 GMT
cache-control
no-store
x-content-type-options
nosniff
server
ATS
strict-transport-security
max-age=15552000
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection
1; mode=block

Redirect headers

Location
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KOPTQPBZ-E-5OM&sigv=1&esig=2~53ff454a93eb0709a99220f3d0e4957f92dec867
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
37b22a0c36bd84993dd2cda4a5e04b1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
syncframe
gum.criteo.com/ Frame C4DE 		0
326 B 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.wcnc.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:method
GET
:authority
gum.criteo.com
:scheme
https
:path
/syncframe?origin=publishertag&topUrl=www.wcnc.com
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.wcnc.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.wcnc.com/

Response headers

cache-control
private, max-age=0
content-type
text/html; charset=utf-8
strict-transport-security
max-age=31536000
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1585
set-cookie
uid=6704c4f7-5048-40af-8090-d6c0b1cd2ec9; expires=Sun, 15 May 2022 14:07:46 GMT; domain=.criteo.com; path=/; secure; samesite=none
date
Sat, 15 May 2021 14:07:47 GMT
content-length
0
publishertag.prebid.js
static.criteo.net/js/ld/ 		82 KB
27 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
d6b7472f98f400d0f4c24dea8eb9a90afb003eda04b32f86f48fddaf56f78fbf

Request headers

Referer
https://www.wcnc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 15 May 2021 14:07:47 GMT
content-encoding
gzip
last-modified
Mon, 10 May 2021 10:39:22 GMT
server
nginx
etag
W/"60990d5a-14816"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 16 May 2021 14:07:47 GMT
container.html
c70b44ee1a804784c16670da0322118d.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 737A 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://c70b44ee1a804784c16670da0322118d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
c70b44ee1a804784c16670da0322118d.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.wcnc.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.wcnc.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Sat, 15 May 2021 14:07:46 GMT
expires
Sun, 15 May 2022 14:07:46 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
osd.js
www.googletagservices.com/activeview/js/current/ 		73 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5195b5533eaad9e23ee9c1ad9dd017b4f0fca8d54921a3f045858eaf4145689d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.wcnc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 15 May 2021 14:07:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1620991985148764"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27994
x-xss-protection
0
expires
Sat, 15 May 2021 14:07:47 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame F30E 		478 B
253 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYkq_ClQEwAQ&v=APEucNWlqC1rJt8pBoVhczaiRF8mYwwfCcO9I5Zvu5ClTDrXFVRjghqH2gmvMM_pED0Ko1anKPKNuPMUXDGCy6MWMhPw5K9KeHVMzuJ_GZpTDZ_Wk_xLTvDHSSW1DUA5KPI9OZaJc4HQbbAOIX3myKBmKSTr6V5qtWlwlODnPyvtngCBoY7NS-1cqpmBjPB5V7ea_3sZ4YXUYU2BG3fjgx4obDi-i6figA
Requested by
Host: c70b44ee1a804784c16670da0322118d.safeframe.googlesyndication.com
URL: https://c70b44ee1a804784c16670da0322118d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0414d0221112224b4c926de91a6e316f9d9aba685aa8b05fd0654848d8fcdf55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/xbbe/pixel?d=CN-KGhCn9EsYkq_ClQEwAQ&v=APEucNWlqC1rJt8pBoVhczaiRF8mYwwfCcO9I5Zvu5ClTDrXFVRjghqH2gmvMM_pED0Ko1anKPKNuPMUXDGCy6MWMhPw5K9KeHVMzuJ_GZpTDZ_Wk_xLTvDHSSW1DUA5KPI9OZaJc4HQbbAOIX3myKBmKSTr6V5qtWlwlODnPyvtngCBoY7NS-1cqpmBjPB5V7ea_3sZ4YXUYU2BG3fjgx4obDi-i6figA
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://c70b44ee1a804784c16670da0322118d.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUl6K5ephsl6Hwf0s4DmdECIwOP3yo83XEQR1g4DU9Jk0jHR_ytfv351vEFoJGw; test_cookie=CheckForPermission; DSID=NO_DATA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://c70b44ee1a804784c16670da0322118d.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Sat, 15 May 2021 14:07:47 GMT
server
cafe
cache-control
private
content-length
230
x-xss-protection
0
set-cookie
test_cookie=; domain=.doubleclick.net; path=/; expires=Fri, 01-Aug-2008 22:45:55 GMT; SameSite=none; Secure
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sat, 15 May 2021 14:07:47 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 737A 		23 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Dbq1MozQu3YiL4fS1-wgThUZ0O_75H5W15a0_UwwAOjYkCmwXQ5_CsErX4a6dcr5e3x40ehCFhP-fG0yYGGhelotZHfxwKxSViqpqyIY-yusqC0czD9UKuCj4kdoRiRdxrU0YsTdlAvcmz0xuwaYIkt_zMYg&cry=1&dbm_d=AKAmf-BiXOnJX_epeo3f98tBcbvts4o6KksUR_WDsZPgYoi3nQnkRK4M2Rvi0kbGUAWBdkratELSqJPFJhLmnnbJmakMHjPDZ_uBa71LvHcBaLFVa1UFZCt9c-svOjeqiINwoNDDYfLZ17v7qrDR57MRA-FeYaR_YlcABawdOWKczRFDUJShEWfxpi093mWfeqVHB_pcDFTvICST6hg-92PSzvtJIHTuCSg5RiT7L15RRPZap_ALdT3cb8K46QJFBJbx9-VKWsMeY0SL3diuuE0CwmHtlgkBdgAQoPXfqfcMGn9p3f6cKOoApawyqbm3pT-KpY4B1B4NEBQF5XijAxhsx0l_jdm7Q4coTL9drILVrcGpA22oQeKvx32CzLG4rii2D7PtRsjyQY15X76UmLPgkIU_l4BqdGUT-l9bOF6BygTc96rFWOsNYm476Xrn8as4RAuajjgDPYtI52UutpClg9Q59FDe7rCUqNRxVSralTEXUQ1KSAjyz55sHVivP6lixfenIM-C1YCEhZn3861sJuiFReN3IUVKiMDZn4UWUS8sMTu_4tNecUYQAV7Xb9t_pN_d2i0tzQLp4AeYryJYmZgkT4GdY4PwxCPpLHUoUzgLQ1Ru2bDVOVEXjmRLKjW6dM9dMGGlBFJBa9jpWa9OFdjlycKDcTUGAyY2YSSLHrc21gS-x_sxzqa-GwW6Gu8-8JV_XC7-PnarO5OOY90NlxdfVWL3FJT2ZkFrjRkZhhQVNAxYyqpSRoW5oGhgl4KB6e3aGyKqRTukqueKzFSbS4Tnqtr72Rh3BIYn_OnMcq0QgA8UrxrKyvA0FYWfQQ1kcz4yFzwwUmYpqM556hRYuteay-CstXHpixpUjEJmKwGZkxe3gthrUwRTZZYDLwzhV0x3t0ZAWQGxg-jeAjzL9J5ZSnpGacwZjCz7_7oCNgX9C5ze43y5ueagbMi_OAw7X4DLPveOOTWPtPmnGFJd-ZLoaTwDQ7aewYOUerH8cOGzRWoGddLf8bQq-MzfacIYdtg2FZsy4iwyCWHC8EH6dVjPcS4ATkYz0s4q0okOJEE-u5YaD9xaAw_oiQRBUFmMzdM1lYiRcHju9VVjnh6N7uea4hd4kf9CaKg8ot7CVVilv3CTUXzhBQOMihMuhyQSGPb_5RgC52A1auYP3yhPwLPdb9kFkpfaftMaRrMa8Bnx3MMDBCOgmgVLyZWIdxvsl9Npum7E7cUBVAqZQNnlW9-MoonPNhW8K4-PL3kcmYUzsmFtGTNh9ZhQoQ8u5z67LaluHQpdlqFn-KhIsUmzi37cUx4Lg7hQUk9-JGoGrZK_IWMQltePExl4T4pTjnCg-eeE48jRwJTP4lBJz2DoNsR9d72KL_hTZs0BqwFQKDFYw2lVfY6dgNv0NkzS-onhrnJpCurVfA1aA2Rxt9M7V5EWECO9pCqoBbIfZb1snV7hTAH-n0zO2XHunIJyJJ5ESbykIY0_xqFfNShrd_3R3365V5QZcazgYr0pTwdQgDkqIjxVT2s8-cJh0vx0tv1ykapUSVYynK8hQ61q8DGzkpb7PVqm3XZ_lYbB0XinjVyCJSLJdcpAv18Um0Al6lKw34oobyzzqe6uiuAaPBZ_jalzy68RFoa4bHDWx3Sd0OeOWQt_bpo9-kzJSOAUM2CU20zhT5ksneqUm1PUcIOl5syinQ4SDImuozGnD5av8ucoce21FGeNRBMFQhNyck-pCMPL47jKbcTY0Y2lRJ4NOSxOCrKGI4y-AaTKHAvoKPkCzH6Y9sgQjRJBkUB2oaPmNCoeHb0GrEg1XzP5eki-drfEY3AWSe2vYlMxGhVWWHO402K0QSUDWxM6eiWsvvgYs39ohS9S3hUeAd98Slh_MMi2U3regv7qJ3kXluDEGcdjQCyK4UH5TunTFu0GElvve1nW2OpU8xupDPN2XxLK8el5B3CvZD__Js8hrh8fbSjImU4W15GAWYxxw1351WRa1JIJHdGXDxFEIRR3Oyy7fIHS_SGPkLq_vnNaZ1dSH0RFxKROykf9LAD9OEyp-4mRAGKL231TtDDWC_WBmlQCgLLu9I8NKMNH37Gfc0BdxAB4_HiMViB5Aho_WnmteonqnJL4vM7OdJmTtbYWSj4s43-2yXrKQ1vyDJkJN_H9ucz_cTxCjFEDIiDXkXfL2yZInwjJNKtPz8ATR2eaPZHA4tvsJM5cs05eWaasMS5orlszImXXQ8UIjDcV3QVmCJ5JZwDNfej-5v1TtpsU2zxCwktGuW3lBvMzrdRb5VvNlqV6Pwz5dQWgfgzLngjEz-C75_kN2gRgflsQg8EkFCDJtlROtU8s3QNVzjXq9WO3HNT5UdPHqnrc6wH1Np3wDaMRhTwuH4hmwDp8KF2lKxzRIFMByhEdTOCFOTzM0zb4OrULytjHuEqc7cpS_zcVteI74iknpAqE0hHQsjZntzhhQSIbsSdMnpqi579Er_y2iw0NZvicox6NBBgDhVcH0aKLVT3awm5i5z0X271d6LO2CK6DYcoFnzf6PZ78RKslj5Llp0_LD5cr3Snr4mHDy57Dzieqo7Amxa9Y2Vl28ZbG_kEP249Z0bHzDCW7_WbmoBZdPwg6kzrMA09N8rkkgTGBIsbEyH7kjunFo5Ruru6I-W3i6vxtFvZgKFSmm1mGRK-PRKqiDFc_uaxmsnSso6LXs6Qs8qQ3mQLX98aHgdnAYv8UkMB19HFQlc6QgILi9lZI0e5-JxcpRJCdpDp4esdpfKgHKGQuZNJhNINS8Rz61bqgr0iZP_xoecQwV-HR5Y2ChacXhDlILNZcAvUq9yQRM7k5rB1A-z1d6D4qwQggifDUVTKaiiwqZUnP_8Cnlm9hd0DK0ogKjodlBMGF1N_Ep3gc20aJ83FcR3BH0obEVx4E170UP1VpB6JN8FyDFyiK61gTSIUfOB51y-9nSArR1Tv8csg6bdVGjMmHpfEwH6vfKMqpJB5SN21kuE6GSEYLi0iasws4-6mvyGimKVA0kz-vtSEH6f5uypEH9rUTukvOfONqQ4ILZiBpMAIp5PCzPaM-Q0jJzyzJShDCjYrvB9l1Tj6I0Kteg1GXYximY42rSmfFLhuLqoI2HpQLqkNI6Fxlhm87jDeTWzF4jtfs52iExAEvMyPaDShQ0-jFayrH_BuHiNO7Z9jsS-Mt16mZPXaZWdAnahscHg344-M2BOMcS8KKyprTyTJUXc9GAQsopaVqhxwtsG7WL_OiG9Kd4evdBUW14Cuz5nLcy0Zp97E900cHXusr9Fn3uKXaE7qvnvpOmg&cid=CAASPeRot8htAZzJ28J5DtOeVubJqkpydsnr66jWZfJ9Ee-Fth26Fc75IrLzhOjlCvA2YHySaviyQ1IISouP3CA&rfl=1%2Chttps%253A%252F%252Fwww.wcnc.com%252F%240
Requested by
Host: www.wcnc.com
URL: https://www.wcnc.com/video/money/cash-up-for-grabs-in-federal-rebate-program/275-9d602892-bf91-4ee6-a82b-e811709425d4?jwsource=cl
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5a3f6efae9f5f4cc8e471390d381607391273deac801b3598b70212e5415444e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c70b44ee1a804784c16670da0322118d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 15 May 2021 14:07:47 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12085
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 737A 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DLjsGo4aJhOQOBjKL2I84eNWhZWbgXIkLul8kKv9JB_FYPcpwjUsgz4C_ftESnPpbtUcMF8-0_vefdpaLXNjwcdd0seGRAtyn0lqbipRE0NRcERKU
Requested by
Host: c70b44ee1a804784c16670da0322118d.safeframe.googlesyndication.com
URL: https://c70b44ee1a804784c16670da0322118d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c70b44ee1a804784c16670da0322118d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 15 May 2021 14:07:47 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210511/r20110914/client/ Frame 737A 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210511/r20110914/client/window_focus_fy2019.js
Requested by
Host: c70b44ee1a804784c16670da0322118d.safeframe.googlesyndication.com
URL: https://c70b44ee1a804784c16670da0322118d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c70b44ee1a804784c16670da0322118d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 15 May 2021 14:06:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
54
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1303
x-xss-protection
0
server
cafe
etag
14729628269804859526
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 29 May 2021 14:06:53 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 737A 		117 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: c70b44ee1a804784c16670da0322118d.safeframe.googlesyndication.com
URL: https://c70b44ee1a804784c16670da0322118d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
14a6bc9fca94f536d24da272cf684e3e900adaf170804cceda99f44c97c710c4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c70b44ee1a804784c16670da0322118d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 15 May 2021 14:07:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1620991973329016"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36585
x-xss-protection
0
expires
Sat, 15 May 2021 14:07:47 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210511/r20110914/client/ Frame 737A 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210511/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: c70b44ee1a804784c16670da0322118d.safeframe.googlesyndication.com
URL: https://c70b44ee1a804784c16670da0322118d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4821fcf9c6131b5e09c316f6946b187f0b3751d723a19b2ff9f2df396d232cbf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c70b44ee1a804784c16670da0322118d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 15 May 2021 14:06:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
48
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5621
x-xss-protection
0
server
cafe
etag
8169261014141303515
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 29 May 2021 14:06:59 GMT
l
www.google.com/ads/measurement/ Frame 737A 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTkYFSjaWjm067FW7Fixk_xDm6gzjL9ZroEzHfn1y6qPqhOu0feiuLts_BSBmOi198ZD222
Requested by
Host: c70b44ee1a804784c16670da0322118d.safeframe.googlesyndication.com
URL: https://c70b44ee1a804784c16670da0322118d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://c70b44ee1a804784c16670da0322118d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
pixel
cm.g.doubleclick.net/ Frame F30E 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_dbm
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYkq_ClQEwAQ&v=APEucNWlqC1rJt8pBoVhczaiRF8mYwwfCcO9I5Zvu5ClTDrXFVRjghqH2gmvMM_pED0Ko1anKPKNuPMUXDGCy6MWMhPw5K9KeHVMzuJ_GZpTDZ_Wk_xLTvDHSSW1DUA5KPI9OZaJc4HQbbAOIX3myKBmKSTr6V5qtWlwlODnPyvtngCBoY7NS-1cqpmBjPB5V7ea_3sZ4YXUYU2BG3fjgx4obDi-i6figA
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 15 May 2021 14:07:47 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame F30E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHXECxNww202qFlCrIofjD8&google_cver=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHXECxNww202qFlCrIofjD8&google_cver=1&C=1
43 B
1014 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHXECxNww202qFlCrIofjD8&google_cver=1&C=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYkq_ClQEwAQ&v=APEucNWlqC1rJt8pBoVhczaiRF8mYwwfCcO9I5Zvu5ClTDrXFVRjghqH2gmvMM_pED0Ko1anKPKNuPMUXDGCy6MWMhPw5K9KeHVMzuJ_GZpTDZ_Wk_xLTvDHSSW1DUA5KPI9OZaJc4HQbbAOIX3myKBmKSTr6V5qtWlwlODnPyvtngCBoY7NS-1cqpmBjPB5V7ea_3sZ4YXUYU2BG3fjgx4obDi-i6figA
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 15 May 2021 14:07:47 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 15 May 2021 14:07:47 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 15 May 2021 14:07:47 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHXECxNww202qFlCrIofjD8&google_cver=1&C=1
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
308
Expires
Sat, 15 May 2021 14:07:47 GMT
rum
dsum-sec.casalemedia.com/ Frame F30E
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YJ-Vs-yqZDaynDV.bjsLAwAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHXECxNww202qFlCrIofjD8&google_cver=1&google_hm=2
43 B
1014 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHXECxNww202qFlCrIofjD8&google_cver=1&google_hm=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYkq_ClQEwAQ&v=APEucNWlqC1rJt8pBoVhczaiRF8mYwwfCcO9I5Zvu5ClTDrXFVRjghqH2gmvMM_pED0Ko1anKPKNuPMUXDGCy6MWMhPw5K9KeHVMzuJ_GZpTDZ_Wk_xLTvDHSSW1DUA5KPI9OZaJc4HQbbAOIX3myKBmKSTr6V5qtWlwlODnPyvtngCBoY7NS-1cqpmBjPB5V7ea_3sZ4YXUYU2BG3fjgx4obDi-i6figA
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 15 May 2021 14:07:48 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 15 May 2021 14:07:48 GMT

Redirect headers

pragma
no-cache
date
Sat, 15 May 2021 14:07:48 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHXECxNww202qFlCrIofjD8&google_cver=1&google_hm=2
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
um
cs.emxdgt.com/ Frame 287D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cs.emxdgt.com/um?ssp=pbs&redirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D44%26userId%3D%24UID
Requested by
Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000210.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.155.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash

Request headers

:method
GET
:authority
cs.emxdgt.com
:scheme
https
:path
/um?ssp=pbs&redirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D44%26userId%3D%24UID
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/

Response headers

content-type
text/html
date
Sat, 15 May 2021 14:07:50 GMT
content-length
0
usync.html
eus.rubiconproject.com/ Frame 8688
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17632&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
Requested by
Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000210.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-230-142.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
khaos=KOPTQPBZ-E-5OM; pux=1512%3D99663%262249%3D99663%262307%3D99663%263778%3D99663%262249-DV360-Hosted%3D99663%26idl%3D99663%26a9us%3D99663%26brx%3D99663%26; audit=1|QVTghPzVMXTg4JapxHbxFH1n0rnSNMfV5b6CkuMhWaVX6Q/FbwZNy11Ie5LQz19EA9pmI9a/T95YuqoIiPk057iLOlCEhdvdWANJa0iDiyUOlXCWuMvWGw3nKCLg06eG
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 23 Feb 2021 20:47:52 GMT
ETag
"402b0-119-5bc0708346e00"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sat, 15 May 2021 14:07:47 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

Server
AkamaiGHost
Content-Length
0
Location
https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
Date
Sat, 15 May 2021 14:07:47 GMT
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cookie set uc.html
go.sonobi.com/ Frame A71D 		905 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://go.sonobi.com/uc.html?pubid=e55fb5d7c2
Requested by
Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000210.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.148 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
sonobi-go /
Resource Hash
a0d479849ec285e69a23f7d4b76f97109f98adbbd63fd55f478624bd1e138608
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Host
go.sonobi.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/

Response headers

Date
Sat, 15 May 2021 14:07:50 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Expires
Sat, 26 Jul 1997 05:00:00 GMT
Cache-Control
no-cache, no-store, private
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Pragma
no-cache
Tcn
Choice
Vary
negotiate,Accept-Encoding
X-Go-Server
go-ams-1-7-128
X-Xss-Protection
0
Set-Cookie
__uqc=1; expires=Sat, 15 May 2021 16:07:50 GMT; domain=.go.sonobi.com; path=/; secure; SameSite=None __uis=e40f7d4a-e993-4235-945f-3fe38afc1872; expires=Mon, 14 Jun 2021 14:07:50 GMT; domain=.go.sonobi.com; path=/; secure; SameSite=None __uir_td=1; expires=Sun, 16 May 2021 14:07:50 GMT; domain=.go.sonobi.com; path=/; secure; SameSite=None __uir_bw=1; expires=Sat, 15 May 2021 22:07:50 GMT; domain=.go.sonobi.com; path=/; secure; SameSite=None __uir_mm=1; expires=Sun, 30 May 2021 14:07:50 GMT; domain=.go.sonobi.com; path=/; secure; SameSite=None __uir_pp=1; expires=Fri, 28 May 2021 14:07:50 GMT; domain=.go.sonobi.com; path=/; secure; SameSite=None __uir_zt=1; expires=Fri, 28 May 2021 14:07:50 GMT; domain=.go.sonobi.com; path=/; secure; SameSite=None __uir_rx=1; expires=Sun, 30 May 2021 14:07:50 GMT; domain=.go.sonobi.com; path=/; secure; SameSite=None __uir_eb=1; expires=Fri, 28 May 2021 14:07:50 GMT; domain=.go.sonobi.com; path=/; secure; SameSite=None HAPLB5G=s57128|YJ/Vu; path=/; domain=.go.sonobi.com; SameSite=None; secure
Content-Encoding
gzip
Server
sonobi-go
cm
gift-connect-d.openx.net/w/1.0/ Frame 68A2 		707 B
723 B 		Document
General
Check archive.org
Download Go to
Full URL
https://gift-connect-d.openx.net/w/1.0/cm?id=fd531c74-f5ed-4e60-8874-939fb2acafa1&r=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D19%26userId%3D
Requested by
Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000210.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.207.0 /
Resource Hash
a738d4aa70c5269437e9c3452eadbb550dbdb75b173785d83ef2d29c9fcc85a9

Request headers

:method
GET
:authority
gift-connect-d.openx.net
:scheme
https
:path
/w/1.0/cm?id=fd531c74-f5ed-4e60-8874-939fb2acafa1&r=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D19%26userId%3D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
i=b2d586c8-39bf-478c-91da-3929121878eb|1621087667; pd=v2|1621087667|gen0vNiygu
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/

Response headers

vary
Accept, Accept-Encoding
set-cookie
i=b2d586c8-39bf-478c-91da-3929121878eb|1621087667; Version=1; Expires=Sun, 15-May-2022 14:07:47 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1621087667|kigqiysLommOgevNgunsn0; Version=1; Expires=Sun, 30-May-2021 14:07:47 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server
OXGW/16.207.0
p3p
CP="CUR ADM OUR NOR STA NID"
date
Sat, 15 May 2021 14:07:47 GMT
content-type
text/html
content-length
412
content-encoding
gzip
via
1.1 google
alt-svc
clear
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 3496 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&userIdMacro=PM_UID&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3DPM_UID
Requested by
Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000210.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
23371b5319a53a0a2d3c59d738d679c384822c244ea4e791ef87a4110b8a291e

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KCCH=YES
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/

Response headers

Last-Modified
Wed, 21 Oct 2020 18:57:29 GMT
ETag
"1300708-1f78-5b232eb4914bb"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
2654
Content-Type
text/html; charset=UTF-8
Cache-Control
max-age=69699
Expires
Sun, 16 May 2021 09:29:26 GMT
Date
Sat, 15 May 2021 14:07:47 GMT
Connection
keep-alive
Vary
Accept-Encoding
i.gif
e.serverbid.com/udb/9969/sync/ Frame C58B
Redirect Chain
  • https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D19%26userId%3D%24%7BUID%7D
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=19&userId=58a7365e-29a7-4b92-a080-31d4f764899b
0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=19&userId=58a7365e-29a7-4b92-a080-31d4f764899b
Requested by
Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000210.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
167.172.1.14 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 15 May 2021 14:07:48 GMT
content-length
0

Redirect headers

pragma
no-cache
date
Sat, 15 May 2021 14:07:48 GMT
via
1.1 google
server
Cowboy
access-control-allow-origin
null
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=19&userId=58a7365e-29a7-4b92-a080-31d4f764899b
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
content-length
0
x-request-id
9aks39hhktrd901s2cjdvfpgujbhj7fs
i.gif
e.serverbid.com/udb/9969/sync/ Frame C58B
Redirect Chain
  • https://sync.go.sonobi.com/usa?https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=38&userId=
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=38&userId=461620a2-a379-41b4-881f-3a878db5f2a7
0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=38&userId=461620a2-a379-41b4-881f-3a878db5f2a7
Requested by
Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000210.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
167.172.1.14 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 15 May 2021 14:07:52 GMT
content-length
0

Redirect headers

Pragma
no-cache
Date
Sat, 15 May 2021 14:07:52 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-129
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=38&userId=461620a2-a379-41b4-881f-3a878db5f2a7
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
text/plain; charset=utf8
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
getuid
ib.adnxs.com/ Frame C58B 		0
0
i.gif
e.serverbid.com/udb/9969/sync/ Frame C58B
Redirect Chain
  • https://pixel.advertising.com/ups/56621/occ
  • https://ups.analytics.yahoo.com/ups/56621/occ?apid=UPeced1ec7-b586-11eb-a584-027eebdc813e
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=29&userId=UPeced1ec7-b586-11eb-a584-027eebdc813e
0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=29&userId=UPeced1ec7-b586-11eb-a584-027eebdc813e
Requested by
Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000210.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
167.172.1.14 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 15 May 2021 14:07:48 GMT
content-length
0

Redirect headers

Date
Sat, 15 May 2021 14:07:48 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=29&userId=UPeced1ec7-b586-11eb-a584-027eebdc813e
Connection
keep-alive
Content-Length
0
i.gif
e.serverbid.com/udb/9969/sync/ Frame C58B
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=185073&cb=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D&s=185073&C=1
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=1&userId=YJ-Vt3C4xZ3A0roAgatB3wAA%261206
0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=1&userId=YJ-Vt3C4xZ3A0roAgatB3wAA%261206
Requested by
Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000210.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
167.172.1.14 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 15 May 2021 14:07:51 GMT
content-length
0

Redirect headers

Pragma
no-cache
Date
Sat, 15 May 2021 14:07:51 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=1&userId=YJ-Vt3C4xZ3A0roAgatB3wAA%261206
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
282
Expires
Sat, 15 May 2021 14:07:51 GMT
pixel
ap.lijit.com/ Frame C58B 		0
0
match
e.serverbid.com/udb/9969/ Frame C58B 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e.serverbid.com/udb/9969/match?redir=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dco%26nuid%3D
Requested by
Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000210.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
167.172.1.14 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 15 May 2021 14:07:47 GMT
content-length
0
match
e.serverbid.com/udb/9969/ Frame C58B 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e.serverbid.com/udb/9969/match?redir=https%3A%2F%2Fi.liadm.com%2Fs%2F56939%3Fbidder_id%3D203802%26bidder_uuid%3D
Requested by
Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000210.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
167.172.1.14 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 15 May 2021 14:07:47 GMT
content-length
0
match
e.serverbid.com/udb/9969/ Frame C58B 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e.serverbid.com/udb/9969/match?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0xJnR5cGU9MSZjb2RlPTM0MjAmdGw9MTU3NjgwMA%3D%3D%26piggybackCookie%3Dazk:
Requested by
Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000210.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
167.172.1.14 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 15 May 2021 14:07:47 GMT
content-length
0
sync
odr.mookie1.com/t/v2/ Frame C58B
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=consumable
  • https://x.bidswitch.net/ul_cb/sync?ssp=consumable
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=5f05b0dc-084b-4231-8048-48327283ddbc&ssp=consumable&gdpr=&gdpr_consent=
43 B
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=5f05b0dc-084b-4231-8048-48327283ddbc&ssp=consumable&gdpr=&gdpr_consent=
Requested by
Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000210.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Apache /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 15 May 2021 14:07:49 GMT
via
1.1 google
server
Apache
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif;charset=UTF-8
alt-svc
clear
content-length
43
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
//odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=5f05b0dc-084b-4231-8048-48327283ddbc&ssp=consumable&gdpr=&gdpr_consent=
date
Sat, 15 May 2021 14:07:47 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20210511/r20110914/ Frame 737A 		22 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210511/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Dbq1MozQu3YiL4fS1-wgThUZ0O_75H5W15a0_UwwAOjYkCmwXQ5_CsErX4a6dcr5e3x40ehCFhP-fG0yYGGhelotZHfxwKxSViqpqyIY-yusqC0czD9UKuCj4kdoRiRdxrU0YsTdlAvcmz0xuwaYIkt_zMYg&cry=1&dbm_d=AKAmf-BiXOnJX_epeo3f98tBcbvts4o6KksUR_WDsZPgYoi3nQnkRK4M2Rvi0kbGUAWBdkratELSqJPFJhLmnnbJmakMHjPDZ_uBa71LvHcBaLFVa1UFZCt9c-svOjeqiINwoNDDYfLZ17v7qrDR57MRA-FeYaR_YlcABawdOWKczRFDUJShEWfxpi093mWfeqVHB_pcDFTvICST6hg-92PSzvtJIHTuCSg5RiT7L15RRPZap_ALdT3cb8K46QJFBJbx9-VKWsMeY0SL3diuuE0CwmHtlgkBdgAQoPXfqfcMGn9p3f6cKOoApawyqbm3pT-KpY4B1B4NEBQF5XijAxhsx0l_jdm7Q4coTL9drILVrcGpA22oQeKvx32CzLG4rii2D7PtRsjyQY15X76UmLPgkIU_l4BqdGUT-l9bOF6BygTc96rFWOsNYm476Xrn8as4RAuajjgDPYtI52UutpClg9Q59FDe7rCUqNRxVSralTEXUQ1KSAjyz55sHVivP6lixfenIM-C1YCEhZn3861sJuiFReN3IUVKiMDZn4UWUS8sMTu_4tNecUYQAV7Xb9t_pN_d2i0tzQLp4AeYryJYmZgkT4GdY4PwxCPpLHUoUzgLQ1Ru2bDVOVEXjmRLKjW6dM9dMGGlBFJBa9jpWa9OFdjlycKDcTUGAyY2YSSLHrc21gS-x_sxzqa-GwW6Gu8-8JV_XC7-PnarO5OOY90NlxdfVWL3FJT2ZkFrjRkZhhQVNAxYyqpSRoW5oGhgl4KB6e3aGyKqRTukqueKzFSbS4Tnqtr72Rh3BIYn_OnMcq0QgA8UrxrKyvA0FYWfQQ1kcz4yFzwwUmYpqM556hRYuteay-CstXHpixpUjEJmKwGZkxe3gthrUwRTZZYDLwzhV0x3t0ZAWQGxg-jeAjzL9J5ZSnpGacwZjCz7_7oCNgX9C5ze43y5ueagbMi_OAw7X4DLPveOOTWPtPmnGFJd-ZLoaTwDQ7aewYOUerH8cOGzRWoGddLf8bQq-MzfacIYdtg2FZsy4iwyCWHC8EH6dVjPcS4ATkYz0s4q0okOJEE-u5YaD9xaAw_oiQRBUFmMzdM1lYiRcHju9VVjnh6N7uea4hd4kf9CaKg8ot7CVVilv3CTUXzhBQOMihMuhyQSGPb_5RgC52A1auYP3yhPwLPdb9kFkpfaftMaRrMa8Bnx3MMDBCOgmgVLyZWIdxvsl9Npum7E7cUBVAqZQNnlW9-MoonPNhW8K4-PL3kcmYUzsmFtGTNh9ZhQoQ8u5z67LaluHQpdlqFn-KhIsUmzi37cUx4Lg7hQUk9-JGoGrZK_IWMQltePExl4T4pTjnCg-eeE48jRwJTP4lBJz2DoNsR9d72KL_hTZs0BqwFQKDFYw2lVfY6dgNv0NkzS-onhrnJpCurVfA1aA2Rxt9M7V5EWECO9pCqoBbIfZb1snV7hTAH-n0zO2XHunIJyJJ5ESbykIY0_xqFfNShrd_3R3365V5QZcazgYr0pTwdQgDkqIjxVT2s8-cJh0vx0tv1ykapUSVYynK8hQ61q8DGzkpb7PVqm3XZ_lYbB0XinjVyCJSLJdcpAv18Um0Al6lKw34oobyzzqe6uiuAaPBZ_jalzy68RFoa4bHDWx3Sd0OeOWQt_bpo9-kzJSOAUM2CU20zhT5ksneqUm1PUcIOl5syinQ4SDImuozGnD5av8ucoce21FGeNRBMFQhNyck-pCMPL47jKbcTY0Y2lRJ4NOSxOCrKGI4y-AaTKHAvoKPkCzH6Y9sgQjRJBkUB2oaPmNCoeHb0GrEg1XzP5eki-drfEY3AWSe2vYlMxGhVWWHO402K0QSUDWxM6eiWsvvgYs39ohS9S3hUeAd98Slh_MMi2U3regv7qJ3kXluDEGcdjQCyK4UH5TunTFu0GElvve1nW2OpU8xupDPN2XxLK8el5B3CvZD__Js8hrh8fbSjImU4W15GAWYxxw1351WRa1JIJHdGXDxFEIRR3Oyy7fIHS_SGPkLq_vnNaZ1dSH0RFxKROykf9LAD9OEyp-4mRAGKL231TtDDWC_WBmlQCgLLu9I8NKMNH37Gfc0BdxAB4_HiMViB5Aho_WnmteonqnJL4vM7OdJmTtbYWSj4s43-2yXrKQ1vyDJkJN_H9ucz_cTxCjFEDIiDXkXfL2yZInwjJNKtPz8ATR2eaPZHA4tvsJM5cs05eWaasMS5orlszImXXQ8UIjDcV3QVmCJ5JZwDNfej-5v1TtpsU2zxCwktGuW3lBvMzrdRb5VvNlqV6Pwz5dQWgfgzLngjEz-C75_kN2gRgflsQg8EkFCDJtlROtU8s3QNVzjXq9WO3HNT5UdPHqnrc6wH1Np3wDaMRhTwuH4hmwDp8KF2lKxzRIFMByhEdTOCFOTzM0zb4OrULytjHuEqc7cpS_zcVteI74iknpAqE0hHQsjZntzhhQSIbsSdMnpqi579Er_y2iw0NZvicox6NBBgDhVcH0aKLVT3awm5i5z0X271d6LO2CK6DYcoFnzf6PZ78RKslj5Llp0_LD5cr3Snr4mHDy57Dzieqo7Amxa9Y2Vl28ZbG_kEP249Z0bHzDCW7_WbmoBZdPwg6kzrMA09N8rkkgTGBIsbEyH7kjunFo5Ruru6I-W3i6vxtFvZgKFSmm1mGRK-PRKqiDFc_uaxmsnSso6LXs6Qs8qQ3mQLX98aHgdnAYv8UkMB19HFQlc6QgILi9lZI0e5-JxcpRJCdpDp4esdpfKgHKGQuZNJhNINS8Rz61bqgr0iZP_xoecQwV-HR5Y2ChacXhDlILNZcAvUq9yQRM7k5rB1A-z1d6D4qwQggifDUVTKaiiwqZUnP_8Cnlm9hd0DK0ogKjodlBMGF1N_Ep3gc20aJ83FcR3BH0obEVx4E170UP1VpB6JN8FyDFyiK61gTSIUfOB51y-9nSArR1Tv8csg6bdVGjMmHpfEwH6vfKMqpJB5SN21kuE6GSEYLi0iasws4-6mvyGimKVA0kz-vtSEH6f5uypEH9rUTukvOfONqQ4ILZiBpMAIp5PCzPaM-Q0jJzyzJShDCjYrvB9l1Tj6I0Kteg1GXYximY42rSmfFLhuLqoI2HpQLqkNI6Fxlhm87jDeTWzF4jtfs52iExAEvMyPaDShQ0-jFayrH_BuHiNO7Z9jsS-Mt16mZPXaZWdAnahscHg344-M2BOMcS8KKyprTyTJUXc9GAQsopaVqhxwtsG7WL_OiG9Kd4evdBUW14Cuz5nLcy0Zp97E900cHXusr9Fn3uKXaE7qvnvpOmg&cid=CAASPeRot8htAZzJ28J5DtOeVubJqkpydsnr66jWZfJ9Ee-Fth26Fc75IrLzhOjlCvA2YHySaviyQ1IISouP3CA&rfl=1%2Chttps%253A%252F%252Fwww.wcnc.com%252F%240
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
259f01a4a83ad8a3ea4306becf97b5270bed9e5556f64ed6bde597f2f0601b39
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c70b44ee1a804784c16670da0322118d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 15 May 2021 14:03:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
282
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8628
x-xss-protection
0
server
cafe
etag
13108869059872076478
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 29 May 2021 14:03:05 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 737A 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Dbq1MozQu3YiL4fS1-wgThUZ0O_75H5W15a0_UwwAOjYkCmwXQ5_CsErX4a6dcr5e3x40ehCFhP-fG0yYGGhelotZHfxwKxSViqpqyIY-yusqC0czD9UKuCj4kdoRiRdxrU0YsTdlAvcmz0xuwaYIkt_zMYg&cry=1&dbm_d=AKAmf-BiXOnJX_epeo3f98tBcbvts4o6KksUR_WDsZPgYoi3nQnkRK4M2Rvi0kbGUAWBdkratELSqJPFJhLmnnbJmakMHjPDZ_uBa71LvHcBaLFVa1UFZCt9c-svOjeqiINwoNDDYfLZ17v7qrDR57MRA-FeYaR_YlcABawdOWKczRFDUJShEWfxpi093mWfeqVHB_pcDFTvICST6hg-92PSzvtJIHTuCSg5RiT7L15RRPZap_ALdT3cb8K46QJFBJbx9-VKWsMeY0SL3diuuE0CwmHtlgkBdgAQoPXfqfcMGn9p3f6cKOoApawyqbm3pT-KpY4B1B4NEBQF5XijAxhsx0l_jdm7Q4coTL9drILVrcGpA22oQeKvx32CzLG4rii2D7PtRsjyQY15X76UmLPgkIU_l4BqdGUT-l9bOF6BygTc96rFWOsNYm476Xrn8as4RAuajjgDPYtI52UutpClg9Q59FDe7rCUqNRxVSralTEXUQ1KSAjyz55sHVivP6lixfenIM-C1YCEhZn3861sJuiFReN3IUVKiMDZn4UWUS8sMTu_4tNecUYQAV7Xb9t_pN_d2i0tzQLp4AeYryJYmZgkT4GdY4PwxCPpLHUoUzgLQ1Ru2bDVOVEXjmRLKjW6dM9dMGGlBFJBa9jpWa9OFdjlycKDcTUGAyY2YSSLHrc21gS-x_sxzqa-GwW6Gu8-8JV_XC7-PnarO5OOY90NlxdfVWL3FJT2ZkFrjRkZhhQVNAxYyqpSRoW5oGhgl4KB6e3aGyKqRTukqueKzFSbS4Tnqtr72Rh3BIYn_OnMcq0QgA8UrxrKyvA0FYWfQQ1kcz4yFzwwUmYpqM556hRYuteay-CstXHpixpUjEJmKwGZkxe3gthrUwRTZZYDLwzhV0x3t0ZAWQGxg-jeAjzL9J5ZSnpGacwZjCz7_7oCNgX9C5ze43y5ueagbMi_OAw7X4DLPveOOTWPtPmnGFJd-ZLoaTwDQ7aewYOUerH8cOGzRWoGddLf8bQq-MzfacIYdtg2FZsy4iwyCWHC8EH6dVjPcS4ATkYz0s4q0okOJEE-u5YaD9xaAw_oiQRBUFmMzdM1lYiRcHju9VVjnh6N7uea4hd4kf9CaKg8ot7CVVilv3CTUXzhBQOMihMuhyQSGPb_5RgC52A1auYP3yhPwLPdb9kFkpfaftMaRrMa8Bnx3MMDBCOgmgVLyZWIdxvsl9Npum7E7cUBVAqZQNnlW9-MoonPNhW8K4-PL3kcmYUzsmFtGTNh9ZhQoQ8u5z67LaluHQpdlqFn-KhIsUmzi37cUx4Lg7hQUk9-JGoGrZK_IWMQltePExl4T4pTjnCg-eeE48jRwJTP4lBJz2DoNsR9d72KL_hTZs0BqwFQKDFYw2lVfY6dgNv0NkzS-onhrnJpCurVfA1aA2Rxt9M7V5EWECO9pCqoBbIfZb1snV7hTAH-n0zO2XHunIJyJJ5ESbykIY0_xqFfNShrd_3R3365V5QZcazgYr0pTwdQgDkqIjxVT2s8-cJh0vx0tv1ykapUSVYynK8hQ61q8DGzkpb7PVqm3XZ_lYbB0XinjVyCJSLJdcpAv18Um0Al6lKw34oobyzzqe6uiuAaPBZ_jalzy68RFoa4bHDWx3Sd0OeOWQt_bpo9-kzJSOAUM2CU20zhT5ksneqUm1PUcIOl5syinQ4SDImuozGnD5av8ucoce21FGeNRBMFQhNyck-pCMPL47jKbcTY0Y2lRJ4NOSxOCrKGI4y-AaTKHAvoKPkCzH6Y9sgQjRJBkUB2oaPmNCoeHb0GrEg1XzP5eki-drfEY3AWSe2vYlMxGhVWWHO402K0QSUDWxM6eiWsvvgYs39ohS9S3hUeAd98Slh_MMi2U3regv7qJ3kXluDEGcdjQCyK4UH5TunTFu0GElvve1nW2OpU8xupDPN2XxLK8el5B3CvZD__Js8hrh8fbSjImU4W15GAWYxxw1351WRa1JIJHdGXDxFEIRR3Oyy7fIHS_SGPkLq_vnNaZ1dSH0RFxKROykf9LAD9OEyp-4mRAGKL231TtDDWC_WBmlQCgLLu9I8NKMNH37Gfc0BdxAB4_HiMViB5Aho_WnmteonqnJL4vM7OdJmTtbYWSj4s43-2yXrKQ1vyDJkJN_H9ucz_cTxCjFEDIiDXkXfL2yZInwjJNKtPz8ATR2eaPZHA4tvsJM5cs05eWaasMS5orlszImXXQ8UIjDcV3QVmCJ5JZwDNfej-5v1TtpsU2zxCwktGuW3lBvMzrdRb5VvNlqV6Pwz5dQWgfgzLngjEz-C75_kN2gRgflsQg8EkFCDJtlROtU8s3QNVzjXq9WO3HNT5UdPHqnrc6wH1Np3wDaMRhTwuH4hmwDp8KF2lKxzRIFMByhEdTOCFOTzM0zb4OrULytjHuEqc7cpS_zcVteI74iknpAqE0hHQsjZntzhhQSIbsSdMnpqi579Er_y2iw0NZvicox6NBBgDhVcH0aKLVT3awm5i5z0X271d6LO2CK6DYcoFnzf6PZ78RKslj5Llp0_LD5cr3Snr4mHDy57Dzieqo7Amxa9Y2Vl28ZbG_kEP249Z0bHzDCW7_WbmoBZdPwg6kzrMA09N8rkkgTGBIsbEyH7kjunFo5Ruru6I-W3i6vxtFvZgKFSmm1mGRK-PRKqiDFc_uaxmsnSso6LXs6Qs8qQ3mQLX98aHgdnAYv8UkMB19HFQlc6QgILi9lZI0e5-JxcpRJCdpDp4esdpfKgHKGQuZNJhNINS8Rz61bqgr0iZP_xoecQwV-HR5Y2ChacXhDlILNZcAvUq9yQRM7k5rB1A-z1d6D4qwQggifDUVTKaiiwqZUnP_8Cnlm9hd0DK0ogKjodlBMGF1N_Ep3gc20aJ83FcR3BH0obEVx4E170UP1VpB6JN8FyDFyiK61gTSIUfOB51y-9nSArR1Tv8csg6bdVGjMmHpfEwH6vfKMqpJB5SN21kuE6GSEYLi0iasws4-6mvyGimKVA0kz-vtSEH6f5uypEH9rUTukvOfONqQ4ILZiBpMAIp5PCzPaM-Q0jJzyzJShDCjYrvB9l1Tj6I0Kteg1GXYximY42rSmfFLhuLqoI2HpQLqkNI6Fxlhm87jDeTWzF4jtfs52iExAEvMyPaDShQ0-jFayrH_BuHiNO7Z9jsS-Mt16mZPXaZWdAnahscHg344-M2BOMcS8KKyprTyTJUXc9GAQsopaVqhxwtsG7WL_OiG9Kd4evdBUW14Cuz5nLcy0Zp97E900cHXusr9Fn3uKXaE7qvnvpOmg&cid=CAASPeRot8htAZzJ28J5DtOeVubJqkpydsnr66jWZfJ9Ee-Fth26Fc75IrLzhOjlCvA2YHySaviyQ1IISouP3CA&rfl=1%2Chttps%253A%252F%252Fwww.wcnc.com%252F%240
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c70b44ee1a804784c16670da0322118d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 14 May 2021 08:16:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
107467
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 14 May 2022 08:16:40 GMT
l6x6viz526e4
hal9000.redintelligence.net/zone/ Frame 737A 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal9000.redintelligence.net/zone/l6x6viz526e4?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC0MQhstWfYKy5NdaKjuwPrOCS-AqP4PiGU6Wji6TKDPAuEAEgqKq1JWCVAsgBCakCzo_-MHRgtD6oAwGqBMsBT9AQpbJsq1BZKafspp6hZ03JqLHe22EnOT8O1EYlVzf-IkPEdavuHcPj9c1l0BfqhMX6wB4-LiahTByZJuchgP7VLb6cRR0LJ6KB64qDTXGpBCqx2zDDecXgLUOjKzrqQPYHGj7iJFIzzH29j11QhrKw3oMXmKWjZMdQNSwwKbSXClDDu-RFSQsW-tmD041MdltKuVm4LO-UO3qwFZiOZUqKAD4gY3QQBATGqrcrtMhXWMHBZ3ei83I0KcfwzE79J_WzaTnecX6MFOPABLvxqMDPAeAEA5AGAaAGTYAH6-foXqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfs1RuoB-6WsQKoB6a-G6gH7NUbqAfz0RuoB5bYG9gHANIICQiA4YBQEAEYHYAKA5gLAcgLAYAMAbATwpraCtATANgTA9gUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASPeRot8htAZzJ28J5DtOeVubJqkpydsnr66jWZfJ9Ee-Fth26Fc75IrLzhOjlCvA2YHySaviyQ1IISouP3CA%26sig%3DAOD64_1gGmmsCkSVI26BO5Tt-VctvVmnIA%26client%3Dca-pub-3686981407839642%26dbm_c%3DAKAmf-CnIOcuZz_6cPSXvLeeo66CuP9q9uzy8-_s45ScSH1jofMRCJhycE_I1sxymNRr5CWFC-vKy3MoOGRV1zR3OJAwq96xd9JiJgMxSNd7gL12Ta3TNqG3ojCqsYhW5aWqL_fbSBuo9wBgrCaaPqSp-DezC7pA3Q%26cry%3D1%26dbm_d%3DAKAmf-BW032aeW9d6dh5AbVobrEoUbWP6L6UEjs0X0DnEWjmkIdWwyTzk236PikaYO5CDVTOkjqR9DR8iLpakO2nvIchKyOmQj2D883pjqWs-SPdj-oDvbqXArMZwqAO1LqUvwPJ1WMlEB2Yn3dRBnyoH8gBPOo1xNvNjJ_n8VqHQZUI2Nei-2avaWf050MhJ5rAJZ6oOjtIxq9KK53W5JUco0c5q85k17omZPfc6nQd-pazDuxG8cau3q_UkPrMU9igLx45Jz8HikmHtJDHA_Z2zb_8caetc6StdgJvQaKYbaLS3RZHsjqmYjWpOb45Hmc9B0SJo3teBpbbU_4q8ltgl0SwUpegAi_rQx7XNEe9MYO2deJ2keLQ84uCMDjQDJNyCzHE8T1o8sy91EJzKS9JOPmNXkmtkbp51coH0WMd2pRh3G3py2egQqLZLqsIUI6dPWIHX5Z6R8lxfLVdnMpmfsj0MCbTaVRoMzFjFVu8bdnsCS3mYZhhXSvqkoezFtXbGA9o8RWx7U0qc4-V707bhH6zQB9TTlCiHdNEm4AKmVz7FzRwQ35uc3spMKTAUColvRBq5Z3t-rl147JTsAz-6NOIRsb9Tg%26adurl%3D
Requested by
Host: c70b44ee1a804784c16670da0322118d.safeframe.googlesyndication.com
URL: https://c70b44ee1a804784c16670da0322118d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
94.130.102.164 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
Apache /
Resource Hash
d6b40bbbf5600b019b308b2c37902e2bc8039f17d8aaff659959a2ab1690ba8e

Request headers

Referer
https://c70b44ee1a804784c16670da0322118d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 15 May 2021 14:07:48 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
4031
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 4F5A 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/Enqz_20U.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://c70b44ee1a804784c16670da0322118d.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://c70b44ee1a804784c16670da0322118d.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
8395
date
Fri, 14 May 2021 18:47:55 GMT
expires
Sat, 14 May 2022 18:47:55 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
69592
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
i.gif
e.serverbid.com/udb/9969/sync/ Frame C2A4
Redirect Chain
  • https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D19%26userId%3D%24%7BUID%7D
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=19&userId=58a7365e-29a7-4b92-a080-31d4f764899b
0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=19&userId=58a7365e-29a7-4b92-a080-31d4f764899b
Requested by
Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000210.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
167.172.1.14 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 15 May 2021 14:07:48 GMT
content-length
0

Redirect headers

pragma
no-cache
date
Sat, 15 May 2021 14:07:48 GMT
via
1.1 google
server
Cowboy
access-control-allow-origin
null
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=19&userId=58a7365e-29a7-4b92-a080-31d4f764899b
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
content-length
0
x-request-id
7c7tv5q28savetm0gerrs5kjjkjni4ap
i.gif
e.serverbid.com/udb/9969/sync/ Frame C2A4
Redirect Chain
  • https://sync.go.sonobi.com/usa?https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=38&userId=
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=38&userId=b98fbc0d-7f98-4892-9239-e2e1f1094a9a
0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=38&userId=b98fbc0d-7f98-4892-9239-e2e1f1094a9a
Requested by
Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000210.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
167.172.1.14 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 15 May 2021 14:07:52 GMT
content-length
0

Redirect headers

Pragma
no-cache
Date
Sat, 15 May 2021 14:07:52 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-9
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=38&userId=b98fbc0d-7f98-4892-9239-e2e1f1094a9a
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
text/plain; charset=utf8
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
getuid
ib.adnxs.com/ Frame C2A4 		0
0
i.gif
e.serverbid.com/udb/9969/sync/ Frame C2A4
Redirect Chain
  • https://pixel.advertising.com/ups/56621/occ
  • https://ups.analytics.yahoo.com/ups/56621/occ?apid=UPeced1ec7-b586-11eb-a584-027eebdc813e
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=29&userId=UPeced1ec7-b586-11eb-a584-027eebdc813e
0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=29&userId=UPeced1ec7-b586-11eb-a584-027eebdc813e
Requested by
Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000210.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
167.172.1.14 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 15 May 2021 14:07:48 GMT
content-length
0

Redirect headers

Date
Sat, 15 May 2021 14:07:48 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=29&userId=UPeced1ec7-b586-11eb-a584-027eebdc813e
Connection
keep-alive
Content-Length
0
i.gif
e.serverbid.com/udb/9969/sync/ Frame C2A4
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=185073&cb=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D&s=185073&C=1
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=1&userId=YJ-Vt3C4xZ3A0roAgatB6gAA%261206
0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=1&userId=YJ-Vt3C4xZ3A0roAgatB6gAA%261206
Requested by
Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000210.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
167.172.1.14 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 15 May 2021 14:07:51 GMT
content-length
0

Redirect headers

Pragma
no-cache
Date
Sat, 15 May 2021 14:07:51 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=1&userId=YJ-Vt3C4xZ3A0roAgatB6gAA%261206
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
282
Expires
Sat, 15 May 2021 14:07:51 GMT
pixel
ap.lijit.com/ Frame C2A4 		0
0
match
e.serverbid.com/udb/9969/ Frame C2A4 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e.serverbid.com/udb/9969/match?redir=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dco%26nuid%3D
Requested by
Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000210.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
167.172.1.14 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 15 May 2021 14:07:47 GMT
content-length
0
match
e.serverbid.com/udb/9969/ Frame C2A4 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e.serverbid.com/udb/9969/match?redir=https%3A%2F%2Fi.liadm.com%2Fs%2F56939%3Fbidder_id%3D203802%26bidder_uuid%3D
Requested by
Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000210.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
167.172.1.14 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 15 May 2021 14:07:47 GMT
content-length
0
match
e.serverbid.com/udb/9969/ Frame C2A4 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e.serverbid.com/udb/9969/match?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0xJnR5cGU9MSZjb2RlPTM0MjAmdGw9MTU3NjgwMA%3D%3D%26piggybackCookie%3Dazk:
Requested by
Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000210.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
167.172.1.14 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 15 May 2021 14:07:47 GMT
content-length
0
i.gif
e.serverbid.com/udb/9969/sync/ Frame C2A4
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=consumable
  • https://x.bidswitch.net/ul_cb/sync?ssp=consumable
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=consumable
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=consumable
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=2b4f9800-8b80-481e-8bac-4aa2ca6dfc37&ssp=consumable
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=52&userId=5f05b0dc-084b-4231-8048-48327283ddbc
0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=52&userId=5f05b0dc-084b-4231-8048-48327283ddbc
Requested by
Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000210.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
167.172.1.14 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 15 May 2021 14:07:49 GMT
content-length
0

Redirect headers

location
//e.serverbid.com/udb/9969/sync/i.gif?partnerId=52&userId=5f05b0dc-084b-4231-8048-48327283ddbc
date
Sat, 15 May 2021 14:07:49 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
um
cs.emxdgt.com/ Frame 7F6F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cs.emxdgt.com/um?ssp=pbs&redirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D44%26userId%3D%24UID
Requested by
Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000210.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.155.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash

Request headers

:method
GET
:authority
cs.emxdgt.com
:scheme
https
:path
/um?ssp=pbs&redirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D44%26userId%3D%24UID
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/

Response headers

content-type
text/html
date
Sat, 15 May 2021 14:07:50 GMT
content-length
0
usync.html
eus.rubiconproject.com/ Frame E97E
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17632&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
Requested by
Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000210.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-230-142.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
khaos=KOPTQPBZ-E-5OM; pux=1512%3D99663%262249%3D99663%262307%3D99663%263778%3D99663%262249-DV360-Hosted%3D99663%26idl%3D99663%26a9us%3D99663%26brx%3D99663%26; audit=1|QVTghPzVMXTg4JapxHbxFH1n0rnSNMfV5b6CkuMhWaVX6Q/FbwZNy11Ie5LQz19EA9pmI9a/T95YuqoIiPk057iLOlCEhdvdWANJa0iDiyUOlXCWuMvWGw3nKCLg06eG
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 23 Feb 2021 20:47:52 GMT
ETag
"402b0-119-5bc0708346e00"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sat, 15 May 2021 14:07:47 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

Server
AkamaiGHost
Content-Length
0
Location
https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
Date
Sat, 15 May 2021 14:07:47 GMT
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cookie set uc.html
go.sonobi.com/ Frame CF4F 		905 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://go.sonobi.com/uc.html?pubid=e55fb5d7c2
Requested by
Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000210.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.148 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
sonobi-go /
Resource Hash
301ebf38eea95b9d2767e7053c7a64f0cc692ea9ae16a9efe17e38d3c32b515f
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Host
go.sonobi.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/

Response headers

Date
Sat, 15 May 2021 14:07:50 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Expires
Sat, 26 Jul 1997 05:00:00 GMT
Cache-Control
no-cache, no-store, private
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Pragma
no-cache
Tcn
Choice
Vary
negotiate,Accept-Encoding
X-Go-Server
go-ams-1-7-128
X-Xss-Protection
0
Set-Cookie
__uqc=1; expires=Sat, 15 May 2021 16:07:50 GMT; domain=.go.sonobi.com; path=/; secure; SameSite=None __uis=5df5510e-5770-4638-95bb-a972153fc6ae; expires=Mon, 14 Jun 2021 14:07:50 GMT; domain=.go.sonobi.com; path=/; secure; SameSite=None __uir_td=1; expires=Sun, 16 May 2021 14:07:50 GMT; domain=.go.sonobi.com; path=/; secure; SameSite=None __uir_bw=1; expires=Sat, 15 May 2021 22:07:50 GMT; domain=.go.sonobi.com; path=/; secure; SameSite=None __uir_mm=1; expires=Sun, 30 May 2021 14:07:50 GMT; domain=.go.sonobi.com; path=/; secure; SameSite=None __uir_pp=1; expires=Fri, 28 May 2021 14:07:50 GMT; domain=.go.sonobi.com; path=/; secure; SameSite=None __uir_zt=1; expires=Fri, 28 May 2021 14:07:50 GMT; domain=.go.sonobi.com; path=/; secure; SameSite=None __uir_rx=1; expires=Sun, 30 May 2021 14:07:50 GMT; domain=.go.sonobi.com; path=/; secure; SameSite=None __uir_eb=1; expires=Fri, 28 May 2021 14:07:50 GMT; domain=.go.sonobi.com; path=/; secure; SameSite=None HAPLB5G=s57128|YJ/Vu; path=/; domain=.go.sonobi.com; SameSite=None; secure
Content-Encoding
gzip
Server
sonobi-go
cm
gift-connect-d.openx.net/w/1.0/ Frame D28C 		707 B
720 B 		Document
General
Check archive.org
Download Go to
Full URL
https://gift-connect-d.openx.net/w/1.0/cm?id=fd531c74-f5ed-4e60-8874-939fb2acafa1&r=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D19%26userId%3D
Requested by
Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000210.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.207.0 /
Resource Hash
a738d4aa70c5269437e9c3452eadbb550dbdb75b173785d83ef2d29c9fcc85a9

Request headers

:method
GET
:authority
gift-connect-d.openx.net
:scheme
https
:path
/w/1.0/cm?id=fd531c74-f5ed-4e60-8874-939fb2acafa1&r=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D19%26userId%3D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
i=b2d586c8-39bf-478c-91da-3929121878eb|1621087667; pd=v2|1621087667|gen0vNiygu
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/

Response headers

vary
Accept, Accept-Encoding
set-cookie
i=b2d586c8-39bf-478c-91da-3929121878eb|1621087667; Version=1; Expires=Sun, 15-May-2022 14:07:47 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1621087667|kigqiysLommOgevNgunsn0; Version=1; Expires=Sun, 30-May-2021 14:07:47 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server
OXGW/16.207.0
p3p
CP="CUR ADM OUR NOR STA NID"
date
Sat, 15 May 2021 14:07:47 GMT
content-type
text/html
content-length
412
content-encoding
gzip
via
1.1 google
alt-svc
clear
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame A616 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&userIdMacro=PM_UID&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3DPM_UID
Requested by
Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000210.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
23371b5319a53a0a2d3c59d738d679c384822c244ea4e791ef87a4110b8a291e

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KCCH=YES
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/

Response headers

Last-Modified
Wed, 21 Oct 2020 18:57:29 GMT
ETag
"1300708-1f78-5b232eb4914bb"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
2654
Content-Type
text/html; charset=UTF-8
Cache-Control
max-age=69699
Expires
Sun, 16 May 2021 09:29:26 GMT
Date
Sat, 15 May 2021 14:07:47 GMT
Connection
keep-alive
Vary
Accept-Encoding
DyQI0nSy6BUFz1wbhNnw1YMoJJCDSr_iJxDmlzQsBeQ.js
pagead2.googlesyndication.com/bg/ Frame 4F5A 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/DyQI0nSy6BUFz1wbhNnw1YMoJJCDSr_iJxDmlzQsBeQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0f2408d274b2e81505cf5c1b84d9f0d583282490834abfe22710e697342c05e4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 15 May 2021 14:00:41 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 06 May 2021 09:28:00 GMT
server
sffe
age
426
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5636
x-xss-protection
0
expires
Sun, 15 May 2022 14:00:41 GMT
showad.js
ads.pubmatic.com/AdServer/js/ Frame 6ADF 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&userIdMacro=PM_UID&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
1b95ffd8d5e131d47fa1a5ab65bca620eeef87328c413940cd60a9fbcedf4b74

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&userIdMacro=PM_UID&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3DPM_UID
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KCCH=YES
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&userIdMacro=PM_UID&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3DPM_UID

Response headers

Last-Modified
Tue, 11 May 2021 05:24:02 GMT
ETag
"13006b6-96ca-5c2071a26cca4"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
13964
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=110902
Expires
Sun, 16 May 2021 20:56:09 GMT
Date
Sat, 15 May 2021 14:07:47 GMT
Connection
keep-alive
Vary
Accept-Encoding
i.gif
e.serverbid.com/udb/9969/sync/ Frame 68A2 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=19&userId=2ce41386-755c-4749-8ea5-e9a2a67a27e0
Requested by
Host: gift-connect-d.openx.net
URL: https://gift-connect-d.openx.net/w/1.0/cm?id=fd531c74-f5ed-4e60-8874-939fb2acafa1&r=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D19%26userId%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
167.172.1.14 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://gift-connect-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 15 May 2021 14:07:47 GMT
content-length
0
dds
rtb.openx.net/sync/ Frame 68A2
Redirect Chain
  • https://rtb.openx.net/sync/dds
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=vi8zrTm-wVUteL12pSZxrA==&ox_sc=1&ox_init=1
  • https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
43 B
147 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
Requested by
Host: gift-connect-d.openx.net
URL: https://gift-connect-d.openx.net/w/1.0/cm?id=fd531c74-f5ed-4e60-8874-939fb2acafa1&r=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D19%26userId%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://gift-connect-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 15 May 2021 14:07:48 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
clear
content-length
43
x-request-id
l2vv4ev8rrrkro7fap36jdbk0hfh47gr

Redirect headers

pragma
no-cache
date
Sat, 15 May 2021 14:07:48 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
249
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
f5bedfd5-0094-ea32-fadb-e7348968865f
pr-bh.ybp.yahoo.com/sync/openx/ Frame 68A2 		43 B
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/openx/f5bedfd5-0094-ea32-fadb-e7348968865f?gdpr=0
Requested by
Host: gift-connect-d.openx.net
URL: https://gift-connect-d.openx.net/w/1.0/cm?id=fd531c74-f5ed-4e60-8874-939fb2acafa1&r=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D19%26userId%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://gift-connect-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 15 May 2021 14:07:47 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame 68A2
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
  • https://eu-u.openx.net/w/1.0/sd?id=537072979&val=HhprVPSH1LHUXl5
43 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537072979&val=HhprVPSH1LHUXl5
Requested by
Host: gift-connect-d.openx.net
URL: https://gift-connect-d.openx.net/w/1.0/cm?id=fd531c74-f5ed-4e60-8874-939fb2acafa1&r=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D19%26userId%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.207.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://gift-connect-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 15 May 2021 14:07:52 GMT
via
1.1 google
server
OXGW/16.207.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 15 May 2021 14:07:50 GMT
Server
PingMatch/v2.0.30-649-g03fe1b8#rel-ec2-master i-04527eea692282deb@eu-central-1b@dxedge-app-eu-central-1-prod-asg
P3P
policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Location
https://eu-u.openx.net/w/1.0/sd?id=537072979&val=HhprVPSH1LHUXl5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 68A2
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=openx
  • https://x.bidswitch.net/ul_cb/sync?ssp=openx
  • https://r.scoota.co/sync?ssp=bidswitch&bidswitch_ssp_id=openx
  • https://r.scoota.co/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=openx
  • https://x.bidswitch.net/sync?dsp_id=29&expires=30&user_id=a1e7f3d6-2c8b-4612-9061-5cbab3b758d6&ssp=openx
  • https://us-u.openx.net/w/1.0/sd?id=537072968&val=5f05b0dc-084b-4231-8048-48327283ddbc
43 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072968&val=5f05b0dc-084b-4231-8048-48327283ddbc
Requested by
Host: gift-connect-d.openx.net
URL: https://gift-connect-d.openx.net/w/1.0/cm?id=fd531c74-f5ed-4e60-8874-939fb2acafa1&r=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D19%26userId%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.207.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://gift-connect-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 15 May 2021 14:07:52 GMT
via
1.1 google
server
OXGW/16.207.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
//us-u.openx.net/w/1.0/sd?id=537072968&val=5f05b0dc-084b-4231-8048-48327283ddbc
date
Sat, 15 May 2021 14:07:51 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
adx
match.prod.bidr.io/cookie-sync/ Frame 68A2
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ox
  • https://match.prod.bidr.io/cookie-sync/ox?_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFDY2FrN0JQNnNBQUN1XzA0SXFrdw&bee_sync_partners=pm%2Cpp%2Csas%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&b...
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Cpp%2Csas%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1
43 B
430 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Cpp%2Csas%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1
Requested by
Host: gift-connect-d.openx.net
URL: https://gift-connect-d.openx.net/w/1.0/cm?id=fd531c74-f5ed-4e60-8874-939fb2acafa1&r=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D19%26userId%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.209.246.140 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Referer
https://gift-connect-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
Date
Sat, 15 May 2021 14:07:56 GMT
Server
nginx
strict-transport-security
max-age=2592000; includeSubDomains
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control
no-cache, must-revalidate
Connection
keep-alive
content-type
image/gif
Content-Length
43
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 15 May 2021 14:07:56 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Cpp%2Csas%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
360
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame 68A2
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=03b8609f-d5b4-4d00-99e2-4761e9de37b8
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=03b8609f-d5b4-4d00-99e2-4761e9de37b8
Requested by
Host: gift-connect-d.openx.net
URL: https://gift-connect-d.openx.net/w/1.0/cm?id=fd531c74-f5ed-4e60-8874-939fb2acafa1&r=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D19%26userId%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.207.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://gift-connect-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 15 May 2021 14:07:48 GMT
via
1.1 google
server
OXGW/16.207.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Sat, 15 May 2021 14:07:52 GMT
Server
MT3 3736 915c305 master zrh-pixel-x2
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=03b8609f-d5b4-4d00-99e2-4761e9de37b8
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Sat, 15 May 2021 14:07:51 GMT
usync.js
eus.rubiconproject.com/ Frame 8688 		30 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-230-142.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
6cd44263214960e9d1e5422c57338590b2bb3af09777591ed10f7206bd206497

Request headers

Referer
https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 15 May 2021 14:07:47 GMT
Content-Encoding
gzip
Last-Modified
Wed, 28 Apr 2021 21:43:33 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=61220
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9238
Expires
Sun, 16 May 2021 07:08:07 GMT
showad.js
ads.pubmatic.com/AdServer/js/ Frame 5528 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&userIdMacro=PM_UID&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
1b95ffd8d5e131d47fa1a5ab65bca620eeef87328c413940cd60a9fbcedf4b74

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&userIdMacro=PM_UID&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3DPM_UID
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KCCH=YES
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&userIdMacro=PM_UID&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3DPM_UID

Response headers

Last-Modified
Tue, 11 May 2021 05:24:02 GMT
ETag
"13006b6-96ca-5c2071a26cca4"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
13964
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=110902
Expires
Sun, 16 May 2021 20:56:09 GMT
Date
Sat, 15 May 2021 14:07:47 GMT
Connection
keep-alive
Vary
Accept-Encoding
i.gif
e.serverbid.com/udb/9969/sync/ Frame D28C 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=19&userId=2ce41386-755c-4749-8ea5-e9a2a67a27e0
Requested by
Host: gift-connect-d.openx.net
URL: https://gift-connect-d.openx.net/w/1.0/cm?id=fd531c74-f5ed-4e60-8874-939fb2acafa1&r=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D19%26userId%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
167.172.1.14 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://gift-connect-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 15 May 2021 14:07:47 GMT
content-length
0
dds
rtb.openx.net/sync/ Frame D28C
Redirect Chain
  • https://rtb.openx.net/sync/dds
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=vi8zrTm-wVUteL12pSZxrA==&ox_sc=1&ox_init=1
  • https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
43 B
134 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
Requested by
Host: gift-connect-d.openx.net
URL: https://gift-connect-d.openx.net/w/1.0/cm?id=fd531c74-f5ed-4e60-8874-939fb2acafa1&r=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D19%26userId%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://gift-connect-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 15 May 2021 14:07:48 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
clear
content-length
43
x-request-id
hs8462du3e9civt1jaloj5l3l36o3d9c

Redirect headers

pragma
no-cache
date
Sat, 15 May 2021 14:07:48 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
249
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
f5bedfd5-0094-ea32-fadb-e7348968865f
pr-bh.ybp.yahoo.com/sync/openx/ Frame D28C 		43 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/openx/f5bedfd5-0094-ea32-fadb-e7348968865f?gdpr=0
Requested by
Host: gift-connect-d.openx.net
URL: https://gift-connect-d.openx.net/w/1.0/cm?id=fd531c74-f5ed-4e60-8874-939fb2acafa1&r=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D19%26userId%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://gift-connect-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 15 May 2021 14:07:47 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame D28C
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
  • https://eu-u.openx.net/w/1.0/sd?id=537072979&val=Jy9EhQIJ1LHUXl5
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537072979&val=Jy9EhQIJ1LHUXl5
Requested by
Host: gift-connect-d.openx.net
URL: https://gift-connect-d.openx.net/w/1.0/cm?id=fd531c74-f5ed-4e60-8874-939fb2acafa1&r=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D19%26userId%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.207.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://gift-connect-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 15 May 2021 14:07:52 GMT
via
1.1 google
server
OXGW/16.207.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 15 May 2021 14:07:50 GMT
Server
PingMatch/v2.0.30-649-g03fe1b8#rel-ec2-master i-04527eea692282deb@eu-central-1b@dxedge-app-eu-central-1-prod-asg
P3P
policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Location
https://eu-u.openx.net/w/1.0/sd?id=537072979&val=Jy9EhQIJ1LHUXl5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame D28C
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=openx
  • https://x.bidswitch.net/ul_cb/sync?ssp=openx
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=D41B0D84-4DB7-4D9C-81CC-3A497DB5D0A6&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D354%26user_id%3D%24%24visitor_cookie%24%24%26ssp%3Dopenx%26bsw_param%3D...
  • https://x.bidswitch.net/sync?dsp_id=354&user_id=407ba03687fb4454a1ed292e891af0b0&ssp=openx&bsw_param=5f05b0dc-084b-4231-8048-48327283ddbc&gdpr=&consent=&gdpr_pd=
  • https://us-u.openx.net/w/1.0/sd?id=537072968&val=5f05b0dc-084b-4231-8048-48327283ddbc
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072968&val=5f05b0dc-084b-4231-8048-48327283ddbc
Requested by
Host: gift-connect-d.openx.net
URL: https://gift-connect-d.openx.net/w/1.0/cm?id=fd531c74-f5ed-4e60-8874-939fb2acafa1&r=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D19%26userId%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.207.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://gift-connect-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 15 May 2021 14:07:49 GMT
via
1.1 google
server
OXGW/16.207.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
//us-u.openx.net/w/1.0/sd?id=537072968&val=5f05b0dc-084b-4231-8048-48327283ddbc
date
Sat, 15 May 2021 14:07:49 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
cookie-sync
match.prod.bidr.io/ Frame D28C
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ox
  • https://match.prod.bidr.io/cookie-sync/ox?_bee_ppp=1
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AACm1k7BP6sAACsR04Iqkw&r=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3...
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=pp%2Csas%2Cox&bee_sync_current_partner=pm&bee_sync_initiator=ox&bee_sync_hop_count=1
43 B
430 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.prod.bidr.io/cookie-sync?bee_sync_partners=pp%2Csas%2Cox&bee_sync_current_partner=pm&bee_sync_initiator=ox&bee_sync_hop_count=1
Requested by
Host: gift-connect-d.openx.net
URL: https://gift-connect-d.openx.net/w/1.0/cm?id=fd531c74-f5ed-4e60-8874-939fb2acafa1&r=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D19%26userId%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.209.246.140 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Referer
https://gift-connect-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
Date
Sat, 15 May 2021 14:07:56 GMT
Server
nginx
strict-transport-security
max-age=2592000; includeSubDomains
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control
no-cache, must-revalidate
Connection
keep-alive
content-type
image/gif
Content-Length
43
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://match.prod.bidr.io/cookie-sync?bee_sync_partners=pp%2Csas%2Cox&bee_sync_current_partner=pm&bee_sync_initiator=ox&bee_sync_hop_count=1
date
Sat, 15 May 2021 14:07:55 GMT
cache-control
no-store, no-cache, private
x-lat
amspug005:0:362
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
sd
eu-u.openx.net/w/1.0/ Frame D28C
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=9e04609f-d5b4-4100-8850-64115907d4d8
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=9e04609f-d5b4-4100-8850-64115907d4d8
Requested by
Host: gift-connect-d.openx.net
URL: https://gift-connect-d.openx.net/w/1.0/cm?id=fd531c74-f5ed-4e60-8874-939fb2acafa1&r=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D19%26userId%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.207.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://gift-connect-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 15 May 2021 14:07:48 GMT
via
1.1 google
server
OXGW/16.207.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Sat, 15 May 2021 14:07:52 GMT
Server
MT3 3736 915c305 master zrh-pixel-x5
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=9e04609f-d5b4-4100-8850-64115907d4d8
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Sat, 15 May 2021 14:07:51 GMT
usync.js
eus.rubiconproject.com/ Frame E97E 		30 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-230-142.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
6cd44263214960e9d1e5422c57338590b2bb3af09777591ed10f7206bd206497

Request headers

Referer
https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 15 May 2021 14:07:47 GMT
Content-Encoding
gzip
Last-Modified
Wed, 28 Apr 2021 21:43:33 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=61220
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9238
Expires
Sun, 16 May 2021 07:08:07 GMT
i.gif
e.serverbid.com/udb/9969/sync/ Frame 8688
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=17632
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=40&userId=?uid=KOPTQPBZ-E-5OM
0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=40&userId=?uid=KOPTQPBZ-E-5OM
Requested by
Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000210.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
167.172.1.14 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 15 May 2021 14:07:48 GMT
content-length
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=40&userId=?uid=KOPTQPBZ-E-5OM
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
bd0f62a3fbacfef6a33ae6abaf6daf37
Expires
0
i.gif
e.serverbid.com/udb/9969/sync/ Frame E97E
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=17632
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=40&userId=?uid=KOPTQPBZ-E-5OM
0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=40&userId=?uid=KOPTQPBZ-E-5OM
Requested by
Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000210.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
167.172.1.14 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 15 May 2021 14:07:48 GMT
content-length
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=40&userId=?uid=KOPTQPBZ-E-5OM
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
bd0f62a3fbacfef6a33ae6abaf6daf37
Expires
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4F5A 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bm530s9WfYPGCKMCK7_UPjeaOWAAAAAA4AeAEAg&bg=!i4iliMzNAAY59bwoOfU7ACkAdvg8Wjr80tD8C9y4PXVcIeVd6FhVV62AhbNVIAx0ceETPOI8Ea2szAIAAACpUgAAAA1oAQcKAJ2t_TZ4pnHAq5bmzjv3E1Yg3DmJxzQgwkIbbQAzCygcI6T5LS_dS994NxKkwkFseFsoVBBV41F_la3r3_gGLUR_oKEUYtbKvXPuWDYivAunX7JXus-C3IQLf1szhO22lcqhNkTPrjfxLWIfImwOHTPiohqklf1h8VA_L4eeZnxj6EB2EFPYurxWNvbOdV4khwXyQhKp6PXltDAxnyq2mQKLA9OsI3zP4ivsG-bUuy_gjd01u7z9JHmbtCGIU7IB6fYZtTF7Y7smjSj1DizlKi5DsMcPEBOoxFjQNvLQLzFXyqLGjWJ9VoSR3G9_RTNjSkl3HuD66PXRBIRpXDoRxAh3CKbzBDwOcaMQaBMnulRDGkI11npcMtYvlsmmDrOE0FqQ90GW405sAE_zu42tYsLmlsOg0GhHQSdF6Lk7_h8xwVsCNlpuCkCNT8eH0QlNE2MGGSCwW9BOATEM9-HuYS00eVIcFY8jqLE0TTJtlPJWfKHu0r-vACgTKv78mfJS-FzYbZiO4sc3LrsCnoNVtjLfktgCNZCzMrTnbtkARGlgTcUf3S32lxS4TXqiBFTikc82j4pWUOIuMUVdPAsgXvwsWZuITCQK_HNzkLJ3zcpj4lDvvTzFG05-6rWInLfhAz4lJNfOEjmjEzb0xufktM1mfV1TsmxJSh9IqdGnJGto6s8JAWfmC1RaSOStybLVPxAxhg5OEpmblVQ7ZsIS2cAYWlxhx7q12lehjWDUHhW_2wUmw49MUbqvXHV3ItKFss0RoQnw9rKvX1G9AUIjc0vyYtkOh_q_gBbUkr9z8sRodhWZTG5_n1VpEv7f3myx3oay2NYs2G6VF-ErY_3v6W4axe6aa4PLLVkDgubJ-ROT8pbtXRVIAXdI5xzYfy0EBAvZycKmq5pyZ4eeoQiIPSK8kss-fFhlQG5CtXQObbDLrlXVomhmwtgdS0-82oGpIwq13cS20aEhn7edLsy49CBrGrceOHbmElB77wTynhUuxgPGtFIIQI4D56Qnjk4fVYEbXjO_ePULl9oTK_oOUII7HVLXzk_k5aWUXaE3yv0ZyMe9p0h8SBlNVk2U
Requested by
Host: c70b44ee1a804784c16670da0322118d.safeframe.googlesyndication.com
URL: https://c70b44ee1a804784c16670da0322118d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 15 May 2021 14:07:47 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
match
c1.adform.net/serving/cookie/ Frame 5F17
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&cid=D540C16B-877F-4C2D-94F1-B5EE9E22C7F9
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=D540C16B-877F-4C2D-94F1-B5EE9E22C7F9
35 B
468 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=D540C16B-877F-4C2D-94F1-B5EE9E22C7F9
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.241 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

:method
GET
:authority
c1.adform.net
:scheme
https
:path
/serving/cookie/match?CC=1&party=14&cid=D540C16B-877F-4C2D-94F1-B5EE9E22C7F9
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
C=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Sat, 15 May 2021 14:07:48 GMT
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, no-transform
pragma
no-cache
expires
-1
set-cookie
uid=7504820937010897407; expires=Wed, 14 Jul 2021 14:07:48 GMT; domain=adform.net; path=/; secure; samesite=none
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
strict-transport-security
max-age=31536000; includeSubDomains

Redirect headers

server
nginx
date
Sat, 15 May 2021 14:07:48 GMT
content-length
0
location
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=D540C16B-877F-4C2D-94F1-B5EE9E22C7F9
cache-control
no-cache, no-store, must-revalidate, no-transform
pragma
no-cache
expires
-1
set-cookie
C=1; expires=Tue, 15 Jun 2021 14:07:48 GMT; domain=adform.net; path=/; secure; samesite=none
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
strict-transport-security
max-age=31536000; includeSubDomains
Pug
image2.pubmatic.com/AdServer/ Frame 2B33
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=2925024269823890376
42 B
366 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=2925024269823890376
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method
GET
:authority
image2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=2925024269823890376
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Sat, 15 May 2021 14:07:54 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
KRTBCOOKIE_336=5844-2925024269823890376; domain=pubmatic.com; SameSite=None; secure; expires=Mon, 14-Jun-2021 14:07:54 GMT; path=/ PugT=1621087674; domain=pubmatic.com; SameSite=None; secure; expires=Mon, 14-Jun-2021 14:07:54 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Fri, 13-Aug-2021 14:07:54 GMT; path=/
x-lat
amspug014:0:263
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=2925024269823890376
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
Pug
simage2.pubmatic.com/AdServer/ Frame 2F43
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=
42 B
110 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method
GET
:authority
simage2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KADUSERCOOKIE=D540C16B-877F-4C2D-94F1-B5EE9E22C7F9; chkChromeAb67Sec=1; DPSync3=1622246400%3A201_197_219%7C1621123200%3A174; SyncRTB3=1622332800%3A35%7C1622246400%3A161_56_54_71_220_21_13_7_3
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Sat, 15 May 2021 14:07:49 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Fri, 13-Aug-2021 14:07:49 GMT; path=/
x-lat
lhrpug009:0:613
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

cache-control
no-cache
pragma
no-cache
content-type
text/html; charset=utf-8
expires
Sat, 15 May 2021 00:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=
server
Microsoft-IIS/10.0
x-errorlevel
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
server-processing-duration-in-ticks
19998
date
Sat, 15 May 2021 14:07:48 GMT
content-length
205
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 131D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=1UDBa4d_TC2U8bXuniLH-Q%3D%3D
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 15 May 2021 14:07:48 GMT
Content-Encoding
gzip
Last-Modified
Wed, 21 Oct 2020 18:57:29 GMT
Server
Apache/2.2.15 (CentOS)
ETag
"1300708-1f78-5b232eb4914bb"
Vary
Accept-Encoding
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
max-age=69698
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
text/html; charset=UTF-8
Content-Length
2654
Expires
Sun, 16 May 2021 09:29:26 GMT

Redirect headers

pragma
no-cache
date
Sat, 15 May 2021 14:07:48 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
272
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame 131D
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=283a609f-d5b4-4400-acb4-d2326147a215
0
418 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=283a609f-d5b4-4400-acb4-d2326147a215
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 15 May 2021 14:07:48 GMT
Cache-Control
no-store, no-cache, private
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Sat, 15 May 2021 14:07:52 GMT
Server
MT3 3736 915c305 master zrh-pixel-x24
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=283a609f-d5b4-4400-acb4-d2326147a215
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Sat, 15 May 2021 14:07:51 GMT
/
pixel.onaudience.com/ Frame 131D
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=D540C16B-877F-4C2D-94F1-B5EE9E22C7F9
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25&xl8blockcheck=1
  • https://pixel.onaudience.com/?partner=161&icm&cver&mapped=bdeb65403f377c554374b6e9dc60b1d3
35 B
248 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.onaudience.com/?partner=161&icm&cver&mapped=bdeb65403f377c554374b6e9dc60b1d3
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
146.59.148.16 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3181477.ip-146-59-148.eu
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-length
35
content-type
image/gif

Redirect headers

date
Sat, 15 May 2021 14:07:50 GMT
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location
https://pixel.onaudience.com/?partner=161&icm&cver&mapped=bdeb65403f377c554374b6e9dc60b1d3
cache-control
no-cache
access-control-allow-credentials
true
content-type
text/html
content-length
0
Pug
image2.pubmatic.com/AdServer/ Frame 131D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RDU0MEMxNkItODc3Ri00QzJELTk0RjEtQjVFRTlFMjJDN0Y5&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
187 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 15 May 2021 14:07:49 GMT
cache-control
no-store, no-cache, private
x-lat
amspug020:0:459
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sat, 15 May 2021 14:07:48 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 131D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEG66q0w5DA8bwSTeVqWYJ60&google_cver=1
42 B
282 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEG66q0w5DA8bwSTeVqWYJ60&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 15 May 2021 14:07:50 GMT
cache-control
no-store, no-cache, private
x-lat
amspug012:0:361
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sat, 15 May 2021 14:07:48 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEG66q0w5DA8bwSTeVqWYJ60&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame 131D 		43 B
609 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.253.128.183 Amsterdam, Netherlands, ASN36351 (SOFTLAYER, US),
Reverse DNS
b7.80.fd9f.ip4.static.sl-reverse.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 15 May 2021 14:07:49 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Fri, 14 May 2021 14:07:49 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 131D
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=292259784037434447
42 B
233 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=292259784037434447
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 15 May 2021 14:07:49 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug008:0:409
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sat, 15 May 2021 14:07:48 GMT
server
nginx
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=292259784037434447
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
Pug
simage2.pubmatic.com/AdServer/ Frame 131D
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:586a609f-d5b4-4f00-8892-27043b19ce9e&gdpr=0&gdpr_consent=
42 B
652 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:586a609f-d5b4-4f00-8892-27043b19ce9e&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 15 May 2021 14:07:49 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug004:0:457
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Sat, 15 May 2021 14:07:52 GMT
Server
MT3 3736 915c305 master zrh-pixel-x11
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:586a609f-d5b4-4f00-8892-27043b19ce9e&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Sat, 15 May 2021 14:07:51 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 131D
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=4fafc8c5-3568-427c-95f5-00ac7edaf594
42 B
293 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=4fafc8c5-3568-427c-95f5-00ac7edaf594
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 15 May 2021 14:07:49 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug007:0:601
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sat, 15 May 2021 14:07:48 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=4fafc8c5-3568-427c-95f5-00ac7edaf594
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
313
getuid
ib.adnxs.com/ Frame 131D 		0
0
D540C16B-877F-4C2D-94F1-B5EE9E22C7F9
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 131D 		43 B
193 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/D540C16B-877F-4C2D-94F1-B5EE9E22C7F9?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 15 May 2021 14:07:48 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 82D0 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuLRPWODJAaB3kjLtehn0OrabpkLuOY9eTZArThm8wzzizXE0A9J1WeUUu_JTZVT-7iFIjv36whDw4a3uKve-Ejdzg4bhFa035XU0EIy7FgZ86mIH7cuaiUZU0qWw&sai=AMfl-YS8tVfDfhlR2cYqlb1dJndV-ERRvHstnWS5Kt_-GmBf1WqLFADFA-LwXoUYhTLBaZfYW0yYHTAJlgCaNTjxswbALXsswSxwh2_O5X6F0OzRqotjTHOgBs2bt4cPiiw&sig=Cg0ArKJSzPt3XzQ76c6kEAE&cid=CAASPeRottIeVnJs9gVov0-XJhEWi5ADuvPpluGUf8bYa5eyPXWxu7WMVuSjhTgN_gVV10vZmOW0XnDk_6q1axA&id=ampim&o=1040,175&d=300,250&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=163&tls=1163&g=100&h=100&tt=1163&r=v&avms=ampa&adk=3190145751
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.wcnc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 15 May 2021 14:07:48 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usersync
rtb.gumgum.com/ Frame A75D
Redirect Chain
  • https://secure.adnxs.com/getuid?https://rtb.gumgum.com/usersync?b=apn&i=$UID
  • https://rtb.gumgum.com/usersync?b=apn&i=5387147243252771319
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=apn&i=5387147243252771319
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.50.187.150 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 15 May 2021 14:07:54 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Pragma
no-cache
Date
Sat, 15 May 2021 14:07:54 GMT
X-Proxy-Origin
84.17.53.163; 84.17.53.163; 728.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.49:80
AN-X-Request-Uuid
dfd753c6-ed73-4bee-aed2-b086107f95b0
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://rtb.gumgum.com/usersync?b=apn&i=5387147243252771319
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usersync
rtb.gumgum.com/ Frame A75D
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_dce08e88-3de6-4a2b-83f1-8ba4758af05d&gdpr=&gdpr_consent=&us_privacy=
  • https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dgumgum2
  • https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dgumgum2
  • https://x.bidswitch.net/sync?dsp_id=59&user_id=55514f0f-3568-444a-af1c-6bab35b7a7d0&ssp=gumgum2
  • https://rtb.gumgum.com/usersync?b=bsw&i=5f05b0dc-084b-4231-8048-48327283ddbc
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=bsw&i=5f05b0dc-084b-4231-8048-48327283ddbc
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.50.187.150 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 15 May 2021 14:07:50 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

location
//rtb.gumgum.com/usersync?b=bsw&i=5f05b0dc-084b-4231-8048-48327283ddbc
date
Sat, 15 May 2021 14:07:50 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
usersync
rtb.gumgum.com/ Frame A75D
Redirect Chain
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=&gdprConsent=&platformRdUrl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D
  • https://rtb.gumgum.com/usersync?b=obn&i=ENC%28nisUHhIQAJbi8bEKMsJpobT8207p8gErsbFwM_7a_j9T4KGxcZ4oIq6AAUP-dUTK%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26pla...
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=obn&i=ENC%28nisUHhIQAJbi8bEKMsJpobT8207p8gErsbFwM_7a_j9T4KGxcZ4oIq6AAUP-dUTK%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28nisUHhIQAJbi8bEKMsJpobT8207p8gErsbFwM_7a_j9T4KGxcZ4oIq6AAUP-dUTK%29
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.50.187.150 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 15 May 2021 14:07:57 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

location
https://rtb.gumgum.com/usersync?b=obn&i=ENC%28nisUHhIQAJbi8bEKMsJpobT8207p8gErsbFwM_7a_j9T4KGxcZ4oIq6AAUP-dUTK%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28nisUHhIQAJbi8bEKMsJpobT8207p8gErsbFwM_7a_j9T4KGxcZ4oIq6AAUP-dUTK%29
Date
Sat, 15 May 2021 14:07:57 GMT
Connection
close
X-TraceId
8470812e94ec1f3d998456abb540725e
Content-Length
0
usersync
rtb.gumgum.com/ Frame A75D
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://rtb.gumgum.com/usersync?b=opx&i=96441de1-b82d-402d-ac77-e12cbe6f4a50
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=opx&i=96441de1-b82d-402d-ac77-e12cbe6f4a50
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.50.187.150 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 15 May 2021 14:07:48 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

date
Sat, 15 May 2021 14:07:48 GMT
content-encoding
gzip
server
OXGW/16.207.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://rtb.gumgum.com/usersync?b=opx&i=96441de1-b82d-402d-ac77-e12cbe6f4a50
content-type
image/gif
alt-svc
clear
content-length
0
via
1.1 google
usersync
rtb.gumgum.com/ Frame A75D
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=&gdpr_consent=
  • https://rtb.gumgum.com/usersync?b=sta&i=0-2c7ac487-01d1-49fb-7e82-c466053d4aef$ip$84.17.53.163
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=sta&i=0-2c7ac487-01d1-49fb-7e82-c466053d4aef$ip$84.17.53.163
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.50.187.150 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 15 May 2021 14:07:50 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Location
https://rtb.gumgum.com/usersync?b=sta&i=0-2c7ac487-01d1-49fb-7e82-c466053d4aef$ip$84.17.53.163
Date
Sat, 15 May 2021 14:07:50 GMT
Connection
keep-alive
Content-Length
121
Content-Type
text/html; charset=utf-8
usersync
rtb.gumgum.com/ Frame A75D
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=&gdpr_consent=
  • https://rtb.gumgum.com/usersync?b=oth&i=y-vZn0rDJE2pfrCAJLJP_34o7OAKZa7BAYUrpY~A
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=oth&i=y-vZn0rDJE2pfrCAJLJP_34o7OAKZa7BAYUrpY~A
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.50.187.150 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 15 May 2021 14:07:48 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

date
Sat, 15 May 2021 14:07:48 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://rtb.gumgum.com/usersync?b=oth&i=y-vZn0rDJE2pfrCAJLJP_34o7OAKZa7BAYUrpY~A
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
usersync
rtb.gumgum.com/ Frame A75D
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3...
  • https://rtb.gumgum.com/usersync?b=vnt&i=f104c9eb-b586-11eb-a6b9-17b4684426da
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=vnt&i=f104c9eb-b586-11eb-a6b9-17b4684426da
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.50.187.150 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 15 May 2021 14:07:53 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Location
https://rtb.gumgum.com/usersync?b=vnt&i=f104c9eb-b586-11eb-a6b9-17b4684426da
Date
Sat, 15 May 2021 14:07:53 GMT
Server
Apache-Coyote/1.1
Connection
keep-alive
Content-Length
0
X-CI-RTID
f104c9ec-b586-11eb-a6b9-17b4684426da
services
sync.technoratimedia.com/ Frame A75D 		0
294 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=&cb=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
150.136.25.38 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 15 May 2021 14:07:53 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
1050459118
access-control-allow-origin
https://rtb.gumgum.com/
access-control-allow-credentials
true
142
match.deepintent.com/usersync/ Frame A75D 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/142?redir=http%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
Software
b /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 15 May 2021 14:07:53 GMT
content-length
0
server
b
usersync
rtb.gumgum.com/ Frame A75D
Redirect Chain
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_dce08e88-3de6-4a2b-83f1-8ba4758af05d&gdpr=&gdpr_consent=&us_privacy=
  • https://rtb.gumgum.com/usersync?b=zem&i=
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=zem&i=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.50.187.150 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 15 May 2021 14:07:48 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Location
https://rtb.gumgum.com/usersync?b=zem&i=
Pragma
no-cache
Date
Sat, 15 May 2021 14:07:48 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Content-Length
67
Content-Type
text/html; charset=utf-8
usersync
rtb.gumgum.com/ Frame A75D
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://rtb.gumgum.com/usersync?b=idi&i=59f48738-8a52-4198-8002-27cec8711bde
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=idi&i=59f48738-8a52-4198-8002-27cec8711bde
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.50.187.150 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 15 May 2021 14:07:57 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

location
https://rtb.gumgum.com/usersync?b=idi&i=59f48738-8a52-4198-8002-27cec8711bde
date
Sat, 15 May 2021 14:07:57 GMT
access-control-allow-origin
*
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
floor6&gdpr=&gdpr_consent=
sync.1rx.io/usersync2/ Frame A75D 		0
0
usersync
rtb.gumgum.com/ Frame A75D
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
  • https://rtb.gumgum.com/usersync?b=pln&i=jWkQZtWpwNuS&ev=1&pid=558355
35 B
238 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=pln&i=jWkQZtWpwNuS&ev=1&pid=558355
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.50.187.150 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 15 May 2021 14:07:51 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language
en-US
location
https://rtb.gumgum.com/usersync?b=pln&i=jWkQZtWpwNuS&ev=1&pid=558355
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-7c488d4f5b-kx42z
expires
-1
ecm3
aax-eu.amazon-adsystem.com/s/ Frame A75D 		43 B
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=gg.com&id=e_dce08e88-3de6-4a2b-83f1-8ba4758af05d
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.124.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 15 May 2021 14:07:48 GMT
Server
Server
Vary
User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
usersync
rtb.gumgum.com/ Frame 9029
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=&gdpr_consent=&redir=https%3a%2f%2frtb.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d
  • https://rtb.gumgum.com/usersync?b=mmh&i=2e1f609f-d5b4-4f00-927a-25d1ade8a3b9&gdpr=&gdpr_consent=
35 B
237 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=mmh&i=2e1f609f-d5b4-4f00-927a-25d1ade8a3b9&gdpr=&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.50.187.150 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method
GET
:authority
rtb.gumgum.com
:scheme
https
:path
/usersync?b=mmh&i=2e1f609f-d5b4-4f00-927a-25d1ade8a3b9&gdpr=&gdpr_consent=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rtb.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
vst=e_dce08e88-3de6-4a2b-83f1-8ba4758af05d
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

date
Sat, 15 May 2021 14:07:48 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

Date
Sat, 15 May 2021 14:07:52 GMT
Content-Type
image/gif
Content-Length
0
Connection
keep-alive
Keep-Alive
timeout=360
Server
MT3 3736 915c305 master zrh-pixel-x29
Cache-Control
no-cache
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
set-cookie
uuid=2e1f609f-d5b4-4f00-927a-25d1ade8a3b9; domain=.mathtag.com; path=/; expires=Sun, 12-Jun-2022 14:07:48 GMT; SameSite=None; Secure
location
https://rtb.gumgum.com/usersync?b=mmh&i=2e1f609f-d5b4-4f00-927a-25d1ade8a3b9&gdpr=&gdpr_consent=
Expires
Sat, 15 May 2021 14:07:51 GMT
URnmbSKM
sync-tm.everesttech.net/upi/pid/ Frame 3E96 		0
0
pixel
cm.g.doubleclick.net/ Frame D4B2 		170 B
188 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV9kY2UwOGU4OC0zZGU2LTRhMmItODNmMS04YmE0NzU4YWYwNWQ=&gdpr=&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

:method
GET
:authority
cm.g.doubleclick.net
:scheme
https
:path
/pixel?google_nid=gumgum_dbm&google_hm=ZV9kY2UwOGU4OC0zZGU2LTRhMmItODNmMS04YmE0NzU4YWYwNWQ=&gdpr=&gdpr_consent=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rtb.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUl6K5ephsl6Hwf0s4DmdECIwOP3yo83XEQR1g4DU9Jk0jHR_ytfv351vEFoJGw; DSID=NO_DATA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

content-type
image/png
date
Sat, 15 May 2021 14:07:48 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
server
HTTP server (unknown)
content-length
170
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 6768 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
23371b5319a53a0a2d3c59d738d679c384822c244ea4e791ef87a4110b8a291e

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://rtb.gumgum.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KCCH=YES; KADUSERCOOKIE=D540C16B-877F-4C2D-94F1-B5EE9E22C7F9; chkChromeAb67Sec=1; DPSync3=1622246400%3A201_197_219%7C1621123200%3A174; SyncRTB3=1622332800%3A35%7C1622246400%3A161_56_54_71_220_21_13_7_3
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

Last-Modified
Wed, 21 Oct 2020 18:57:29 GMT
ETag
"1300708-1f78-5b232eb4914bb"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
2654
Content-Type
text/html; charset=UTF-8
Cache-Control
max-age=69696
Expires
Sun, 16 May 2021 09:29:26 GMT
Date
Sat, 15 May 2021 14:07:50 GMT
Connection
keep-alive
Vary
Accept-Encoding
/
ssc-cms.33across.com/ps/ Frame D152 		0
0
usersync
rtb.gumgum.com/ Frame A767
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent=
  • https://rtb.gumgum.com/usersync?b=ttd&i=4fafc8c5-3568-427c-95f5-00ac7edaf594&t=1623679668
35 B
237 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=ttd&i=4fafc8c5-3568-427c-95f5-00ac7edaf594&t=1623679668
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.50.187.150 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method
GET
:authority
rtb.gumgum.com
:scheme
https
:path
/usersync?b=ttd&i=4fafc8c5-3568-427c-95f5-00ac7edaf594&t=1623679668
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rtb.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
vst=e_dce08e88-3de6-4a2b-83f1-8ba4758af05d
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

date
Sat, 15 May 2021 14:07:48 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

date
Sat, 15 May 2021 14:07:48 GMT
content-type
text/html
content-length
209
location
https://rtb.gumgum.com/usersync?b=ttd&i=4fafc8c5-3568-427c-95f5-00ac7edaf594&t=1623679668
cache-control
private,no-cache, must-revalidate
pragma
no-cache
x-aspnet-version
4.0.30319
set-cookie
TDID=4fafc8c5-3568-427c-95f5-00ac7edaf594; domain=.adsrvr.org; expires=Sun, 15-May-2022 14:07:48 GMT; path=/; secure; SameSite=None TDCPM=CAEYASABKAIyCwjWxafTse3LORAFOAFaBmd1bWd1bWAC; domain=.adsrvr.org; expires=Sun, 15-May-2022 14:07:48 GMT; path=/; secure; SameSite=None
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
um
cs.emxdgt.com/ Frame A595 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cs.emxdgt.com/um?redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.155.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash

Request headers

:method
GET
:authority
cs.emxdgt.com
:scheme
https
:path
/um?redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rtb.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

content-type
text/html
date
Sat, 15 May 2021 14:07:50 GMT
content-length
0
idsync
tg.socdm.com/aux/ Frame E22C 		0
0
usersync
rtb.gumgum.com/ Frame A8CC
Redirect Chain
  • https://p.rfihub.com/cm?pub=42796&in=1
  • https://rtb.gumgum.com/usersync?b=zet&i=1871878970063020701
35 B
237 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=zet&i=1871878970063020701
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.50.187.150 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method
GET
:authority
rtb.gumgum.com
:scheme
https
:path
/usersync?b=zet&i=1871878970063020701
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rtb.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

date
Sat, 15 May 2021 14:07:54 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

Date
Sat, 15 May 2021 14:07:54 GMT
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Set-Cookie
rud=H4sIAAAAAAAAAOMSNrQwByILS3MDAzNjAyMDcwNDIT5DXUf_gIA0F2-z8jzDACleQzMjQwMLczNzE0NjIwAuI6drNAAAAA; Path=/; Domain=.rfihub.com; Expires=Thu, 9 Jun 2022 14:07:54 GMT; Secure; SameSite=None eud=H4sIAAAAAAAAAFslxmtoZmRoYGFuZm5iaGwEAIKnx-YQAAAA; Path=/; Domain=.rfihub.com; Expires=Thu, 9 Jun 2022 14:07:54 GMT; Secure; SameSite=None ruds=H4sIAAAAAAAAAOMSNrQwByILS3MDAzNjAyMDcwNDIT5DXUf_gIA0F2-z8jzDAADI52rcJQAAAA; Path=/; Domain=.rfihub.com; Secure; SameSite=None
Location
https://rtb.gumgum.com/usersync?b=zet&i=1871878970063020701
Content-Length
0
Server
Jetty(9.3.29.v20201019)
usersync
rtb.gumgum.com/ Frame 2164
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1
  • https://rtb.gumgum.com/usersync?b=rth&i=HRAdFLpsreMG2EpF9xFc&pi=gumgum&tc=1
35 B
237 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=rth&i=HRAdFLpsreMG2EpF9xFc&pi=gumgum&tc=1
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.50.187.150 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method
GET
:authority
rtb.gumgum.com
:scheme
https
:path
/usersync?b=rth&i=HRAdFLpsreMG2EpF9xFc&pi=gumgum&tc=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rtb.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
vst=e_dce08e88-3de6-4a2b-83f1-8ba4758af05d
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

date
Sat, 15 May 2021 14:07:49 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

date
Sat, 15 May 2021 14:07:49 GMT Sat, 15 May 2021 14:07:49 GMT
location
https://rtb.gumgum.com/usersync?b=rth&i=HRAdFLpsreMG2EpF9xFc&pi=gumgum&tc=1
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
pragma
no-cache
expires
Thu, 01 Jan 1970 00:00:00 GMT
content-length
0
wl
t.pubmatic.com/ 		17 B
331 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.pubmatic.com/wl?pubid=160138
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160138/3986/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.64.189.244 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer
https://www.wcnc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Pragma
no-cache
Date
Sat, 15 May 2021 14:07:49 GMT
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
https://www.wcnc.com
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
17
Expires
0
wl
t.pubmatic.com/ 		17 B
331 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.pubmatic.com/wl?pubid=160138
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160138/3986/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.64.189.244 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer
https://www.wcnc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Pragma
no-cache
Date
Sat, 15 May 2021 14:07:49 GMT
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
https://www.wcnc.com
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
17
Expires
0
request.php
hal90002.redintelligence.net/ Frame 737A
Redirect Chain
  • https://hal90002.redintelligence.net/request.php?zone=l6x6viz526e4&nw=20&renderingType=javascript&namespace=fe59fcdb36&subid=&uid=a39ce6157ff2a80e&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...
  • https://hal90002.redintelligence.net/request.php?zone=l6x6viz526e4&nw=20&renderingType=javascript&namespace=fe59fcdb36&subid=&uid=a39ce6157ff2a80e&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...
612 B
936 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal90002.redintelligence.net/request.php?zone=l6x6viz526e4&nw=20&renderingType=javascript&namespace=fe59fcdb36&subid=&uid=a39ce6157ff2a80e&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x18&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC0MQhstWfYKy5NdaKjuwPrOCS-AqP4PiGU6Wji6TKDPAuEAEgqKq1JWCVAsgBCakCzo_-MHRgtD6oAwGqBMsBT9AQpbJsq1BZKafspp6hZ03JqLHe22EnOT8O1EYlVzf-IkPEdavuHcPj9c1l0BfqhMX6wB4-LiahTByZJuchgP7VLb6cRR0LJ6KB64qDTXGpBCqx2zDDecXgLUOjKzrqQPYHGj7iJFIzzH29j11QhrKw3oMXmKWjZMdQNSwwKbSXClDDu-RFSQsW-tmD041MdltKuVm4LO-UO3qwFZiOZUqKAD4gY3QQBATGqrcrtMhXWMHBZ3ei83I0KcfwzE79J_WzaTnecX6MFOPABLvxqMDPAeAEA5AGAaAGTYAH6-foXqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfs1RuoB-6WsQKoB6a-G6gH7NUbqAfz0RuoB5bYG9gHANIICQiA4YBQEAEYHYAKA5gLAcgLAYAMAbATwpraCtATANgTA9gUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASPeRot8htAZzJ28J5DtOeVubJqkpydsnr66jWZfJ9Ee-Fth26Fc75IrLzhOjlCvA2YHySaviyQ1IISouP3CA%26sig%3DAOD64_1gGmmsCkSVI26BO5Tt-VctvVmnIA%26client%3Dca-pub-3686981407839642%26dbm_c%3DAKAmf-CnIOcuZz_6cPSXvLeeo66CuP9q9uzy8-_s45ScSH1jofMRCJhycE_I1sxymNRr5CWFC-vKy3MoOGRV1zR3OJAwq96xd9JiJgMxSNd7gL12Ta3TNqG3ojCqsYhW5aWqL_fbSBuo9wBgrCaaPqSp-DezC7pA3Q%26cry%3D1%26dbm_d%3DAKAmf-BW032aeW9d6dh5AbVobrEoUbWP6L6UEjs0X0DnEWjmkIdWwyTzk236PikaYO5CDVTOkjqR9DR8iLpakO2nvIchKyOmQj2D883pjqWs-SPdj-oDvbqXArMZwqAO1LqUvwPJ1WMlEB2Yn3dRBnyoH8gBPOo1xNvNjJ_n8VqHQZUI2Nei-2avaWf050MhJ5rAJZ6oOjtIxq9KK53W5JUco0c5q85k17omZPfc6nQd-pazDuxG8cau3q_UkPrMU9igLx45Jz8HikmHtJDHA_Z2zb_8caetc6StdgJvQaKYbaLS3RZHsjqmYjWpOb45Hmc9B0SJo3teBpbbU_4q8ltgl0SwUpegAi_rQx7XNEe9MYO2deJ2keLQ84uCMDjQDJNyCzHE8T1o8sy91EJzKS9JOPmNXkmtkbp51coH0WMd2pRh3G3py2egQqLZLqsIUI6dPWIHX5Z6R8lxfLVdnMpmfsj0MCbTaVRoMzFjFVu8bdnsCS3mYZhhXSvqkoezFtXbGA9o8RWx7U0qc4-V707bhH6zQB9TTlCiHdNEm4AKmVz7FzRwQ35uc3spMKTAUColvRBq5Z3t-rl147JTsAz-6NOIRsb9Tg%26adurl%3D&documentReferer=https%3A%2F%2Fwww.wcnc.com%2F&ancestorOrigins=https%3A%2F%2Fwww.wcnc.com&random=4264959743072&isIframe=1&container=&adPos=0x14&adPosCheck=1x15&adtagId=0&uidRedirect=1
Requested by
Host: c70b44ee1a804784c16670da0322118d.safeframe.googlesyndication.com
URL: https://c70b44ee1a804784c16670da0322118d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
46.4.10.47 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.47.10.4.46.clients.your-server.de
Software
Apache /
Resource Hash
39dfcb1fe6bb42657e7965e68514c7227189bd9cbea5a973a6403effcfd0b64c

Request headers

Referer
https://c70b44ee1a804784c16670da0322118d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 15 May 2021 14:07:52 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId
41818000086747400710594011595002
Connection
close
Content-Type
application/x-javascript; charset=utf-8
Content-Length
330
Expires
Sat, 15 May 2021 15:07:52 +0200

Redirect headers

Pragma
no-cache
Date
Sat, 15 May 2021 14:07:49 GMT
Server
Apache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location
request.php?zone=l6x6viz526e4&nw=20&renderingType=javascript&namespace=fe59fcdb36&subid=&uid=a39ce6157ff2a80e&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x18&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC0MQhstWfYKy5NdaKjuwPrOCS-AqP4PiGU6Wji6TKDPAuEAEgqKq1JWCVAsgBCakCzo_-MHRgtD6oAwGqBMsBT9AQpbJsq1BZKafspp6hZ03JqLHe22EnOT8O1EYlVzf-IkPEdavuHcPj9c1l0BfqhMX6wB4-LiahTByZJuchgP7VLb6cRR0LJ6KB64qDTXGpBCqx2zDDecXgLUOjKzrqQPYHGj7iJFIzzH29j11QhrKw3oMXmKWjZMdQNSwwKbSXClDDu-RFSQsW-tmD041MdltKuVm4LO-UO3qwFZiOZUqKAD4gY3QQBATGqrcrtMhXWMHBZ3ei83I0KcfwzE79J_WzaTnecX6MFOPABLvxqMDPAeAEA5AGAaAGTYAH6-foXqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfs1RuoB-6WsQKoB6a-G6gH7NUbqAfz0RuoB5bYG9gHANIICQiA4YBQEAEYHYAKA5gLAcgLAYAMAbATwpraCtATANgTA9gUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASPeRot8htAZzJ28J5DtOeVubJqkpydsnr66jWZfJ9Ee-Fth26Fc75IrLzhOjlCvA2YHySaviyQ1IISouP3CA%26sig%3DAOD64_1gGmmsCkSVI26BO5Tt-VctvVmnIA%26client%3Dca-pub-3686981407839642%26dbm_c%3DAKAmf-CnIOcuZz_6cPSXvLeeo66CuP9q9uzy8-_s45ScSH1jofMRCJhycE_I1sxymNRr5CWFC-vKy3MoOGRV1zR3OJAwq96xd9JiJgMxSNd7gL12Ta3TNqG3ojCqsYhW5aWqL_fbSBuo9wBgrCaaPqSp-DezC7pA3Q%26cry%3D1%26dbm_d%3DAKAmf-BW032aeW9d6dh5AbVobrEoUbWP6L6UEjs0X0DnEWjmkIdWwyTzk236PikaYO5CDVTOkjqR9DR8iLpakO2nvIchKyOmQj2D883pjqWs-SPdj-oDvbqXArMZwqAO1LqUvwPJ1WMlEB2Yn3dRBnyoH8gBPOo1xNvNjJ_n8VqHQZUI2Nei-2avaWf050MhJ5rAJZ6oOjtIxq9KK53W5JUco0c5q85k17omZPfc6nQd-pazDuxG8cau3q_UkPrMU9igLx45Jz8HikmHtJDHA_Z2zb_8caetc6StdgJvQaKYbaLS3RZHsjqmYjWpOb45Hmc9B0SJo3teBpbbU_4q8ltgl0SwUpegAi_rQx7XNEe9MYO2deJ2keLQ84uCMDjQDJNyCzHE8T1o8sy91EJzKS9JOPmNXkmtkbp51coH0WMd2pRh3G3py2egQqLZLqsIUI6dPWIHX5Z6R8lxfLVdnMpmfsj0MCbTaVRoMzFjFVu8bdnsCS3mYZhhXSvqkoezFtXbGA9o8RWx7U0qc4-V707bhH6zQB9TTlCiHdNEm4AKmVz7FzRwQ35uc3spMKTAUColvRBq5Z3t-rl147JTsAz-6NOIRsb9Tg%26adurl%3D&documentReferer=https%3A%2F%2Fwww.wcnc.com%2F&ancestorOrigins=https%3A%2F%2Fwww.wcnc.com&random=4264959743072&isIframe=1&container=&adPos=0x14&adPosCheck=1x15&adtagId=0&uidRedirect=1
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Type
text/html; charset=UTF-8
Content-Length
0
Expires
Sat, 15 May 2021 15:07:49 +0200
showad.js
ads.pubmatic.com/AdServer/js/ Frame 9346 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
1b95ffd8d5e131d47fa1a5ab65bca620eeef87328c413940cd60a9fbcedf4b74

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/AdServer/js/showad.js
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KADUSERCOOKIE=D540C16B-877F-4C2D-94F1-B5EE9E22C7F9; chkChromeAb67Sec=1; DPSync3=1622246400%3A201_197_219%7C1621123200%3A174; SyncRTB3=1622332800%3A35%7C1622246400%3A161_56_54_71_220_21_13_7_3; KRTBCOOKIE_27=16735-uid:586a609f-d5b4-4f00-8892-27043b19ce9e&KRTB&16736-uid:586a609f-d5b4-4f00-8892-27043b19ce9e&KRTB&23019-uid:586a609f-d5b4-4f00-8892-27043b19ce9e&KRTB&23114-uid:586a609f-d5b4-4f00-8892-27043b19ce9e; PugT=1621087669; PUBMDCID=3; KRTBCOOKIE_391=22924-292259784037434447&KRTB&23263-292259784037434447; KRTBCOOKIE_377=6810-4fafc8c5-3568-427c-95f5-00ac7edaf594&KRTB&22918-4fafc8c5-3568-427c-95f5-00ac7edaf594&KRTB&23031-4fafc8c5-3568-427c-95f5-00ac7edaf594; SPugT=1621087668; repi=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/AdServer/js/showad.js

Response headers

Last-Modified
Tue, 11 May 2021 05:24:02 GMT
ETag
"13006b6-96ca-5c2071a26cca4"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
13964
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=110898
Expires
Sun, 16 May 2021 20:56:09 GMT
Date
Sat, 15 May 2021 14:07:51 GMT
Connection
keep-alive
Vary
Accept-Encoding
SPug
simage4.pubmatic.com/AdServer/ Frame 131D 		0
418 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=160138&gdpr=0&gdpr_consent=&us_privacy=1YNY
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 15 May 2021 12:46:59 GMT
Cache-Control
no-store, no-cache, private
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
showad.js
ads.pubmatic.com/AdServer/js/ Frame D01F 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
1b95ffd8d5e131d47fa1a5ab65bca620eeef87328c413940cd60a9fbcedf4b74

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/AdServer/js/showad.js
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KADUSERCOOKIE=D540C16B-877F-4C2D-94F1-B5EE9E22C7F9; chkChromeAb67Sec=1; DPSync3=1622246400%3A201_197_219%7C1621123200%3A174; SyncRTB3=1622332800%3A35%7C1622246400%3A161_56_54_71_220_21_13_7_3; KRTBCOOKIE_27=16735-uid:586a609f-d5b4-4f00-8892-27043b19ce9e&KRTB&16736-uid:586a609f-d5b4-4f00-8892-27043b19ce9e&KRTB&23019-uid:586a609f-d5b4-4f00-8892-27043b19ce9e&KRTB&23114-uid:586a609f-d5b4-4f00-8892-27043b19ce9e; PugT=1621087669; PUBMDCID=3; KRTBCOOKIE_391=22924-292259784037434447&KRTB&23263-292259784037434447; KRTBCOOKIE_377=6810-4fafc8c5-3568-427c-95f5-00ac7edaf594&KRTB&22918-4fafc8c5-3568-427c-95f5-00ac7edaf594&KRTB&23031-4fafc8c5-3568-427c-95f5-00ac7edaf594; SPugT=1621087668; repi=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/AdServer/js/showad.js

Response headers

Last-Modified
Tue, 11 May 2021 05:24:02 GMT
ETag
"13006b6-96ca-5c2071a26cca4"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
13964
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=110898
Expires
Sun, 16 May 2021 20:56:09 GMT
Date
Sat, 15 May 2021 14:07:51 GMT
Connection
keep-alive
Vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame 6ADF 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
1b95ffd8d5e131d47fa1a5ab65bca620eeef87328c413940cd60a9fbcedf4b74

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/AdServer/js/showad.js
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KADUSERCOOKIE=D540C16B-877F-4C2D-94F1-B5EE9E22C7F9; chkChromeAb67Sec=1; DPSync3=1622246400%3A201_197_219%7C1621123200%3A174; SyncRTB3=1622332800%3A35%7C1622246400%3A161_56_54_71_220_21_13_7_3; KRTBCOOKIE_27=16735-uid:586a609f-d5b4-4f00-8892-27043b19ce9e&KRTB&16736-uid:586a609f-d5b4-4f00-8892-27043b19ce9e&KRTB&23019-uid:586a609f-d5b4-4f00-8892-27043b19ce9e&KRTB&23114-uid:586a609f-d5b4-4f00-8892-27043b19ce9e; PugT=1621087669; PUBMDCID=3; KRTBCOOKIE_391=22924-292259784037434447&KRTB&23263-292259784037434447; KRTBCOOKIE_377=6810-4fafc8c5-3568-427c-95f5-00ac7edaf594&KRTB&22918-4fafc8c5-3568-427c-95f5-00ac7edaf594&KRTB&23031-4fafc8c5-3568-427c-95f5-00ac7edaf594; SPugT=1621087668; repi=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/AdServer/js/showad.js

Response headers

Last-Modified
Tue, 11 May 2021 05:24:02 GMT
ETag
"13006b6-96ca-5c2071a26cca4"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
13964
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=110898
Expires
Sun, 16 May 2021 20:56:09 GMT
Date
Sat, 15 May 2021 14:07:51 GMT
Connection
keep-alive
Vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame 5528 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
1b95ffd8d5e131d47fa1a5ab65bca620eeef87328c413940cd60a9fbcedf4b74

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/AdServer/js/showad.js
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KADUSERCOOKIE=D540C16B-877F-4C2D-94F1-B5EE9E22C7F9; chkChromeAb67Sec=1; DPSync3=1622246400%3A201_197_219%7C1621123200%3A174; SyncRTB3=1622332800%3A35%7C1622246400%3A161_56_54_71_220_21_13_7_3; KRTBCOOKIE_27=16735-uid:586a609f-d5b4-4f00-8892-27043b19ce9e&KRTB&16736-uid:586a609f-d5b4-4f00-8892-27043b19ce9e&KRTB&23019-uid:586a609f-d5b4-4f00-8892-27043b19ce9e&KRTB&23114-uid:586a609f-d5b4-4f00-8892-27043b19ce9e; PugT=1621087669; PUBMDCID=3; KRTBCOOKIE_391=22924-292259784037434447&KRTB&23263-292259784037434447; KRTBCOOKIE_377=6810-4fafc8c5-3568-427c-95f5-00ac7edaf594&KRTB&22918-4fafc8c5-3568-427c-95f5-00ac7edaf594&KRTB&23031-4fafc8c5-3568-427c-95f5-00ac7edaf594; SPugT=1621087668; repi=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/AdServer/js/showad.js

Response headers

Last-Modified
Tue, 11 May 2021 05:24:02 GMT
ETag
"13006b6-96ca-5c2071a26cca4"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
13964
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=110898
Expires
Sun, 16 May 2021 20:56:09 GMT
Date
Sat, 15 May 2021 14:07:51 GMT
Connection
keep-alive
Vary
Accept-Encoding
us.gif
sync.go.sonobi.com/ Frame A71D
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sonobi&ttd_tpi=1&ttd_puid=e55fb5d7c2&gdpr=0&gdpr_consent=
  • https://sync.go.sonobi.com/us.gif?nw=td&nuid=4fafc8c5-3568-427c-95f5-00ac7edaf594&pubid=e55fb5d7c2
49 B
927 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=td&nuid=4fafc8c5-3568-427c-95f5-00ac7edaf594&pubid=e55fb5d7c2
Requested by
Host: go.sonobi.com
URL: https://go.sonobi.com/uc.html?pubid=e55fb5d7c2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://go.sonobi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 15 May 2021 14:07:52 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-9
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
image/gif
Content-Length
49
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 15 May 2021 14:07:50 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://sync.go.sonobi.com/us.gif?nw=td&nuid=4fafc8c5-3568-427c-95f5-00ac7edaf594&pubid=e55fb5d7c2
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
227
us.gif
sync.go.sonobi.com/ Frame A71D
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=sonobi&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=sonobi&bsw_param=5f05b0dc-084b-4231-8048-48327283ddbc&google_hm=NWYwNWIwZGMtMDg0Yi00MjMxLTgwNDgtNDgzMjcyODNkZGJj
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESENrJCVXgP1YFoQw-PQ6mxa0&google_cver=1&ssp=sonobi&bsw_param=5f05b0dc-084b-4231-8048-48327283ddbc
  • https://sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=5f05b0dc-084b-4231-8048-48327283ddbc
49 B
931 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=5f05b0dc-084b-4231-8048-48327283ddbc
Requested by
Host: go.sonobi.com
URL: https://go.sonobi.com/uc.html?pubid=e55fb5d7c2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://go.sonobi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 15 May 2021 14:07:52 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-129
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
image/gif
Content-Length
49
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
//sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=5f05b0dc-084b-4231-8048-48327283ddbc
date
Sat, 15 May 2021 14:07:51 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
us.gif
sync.go.sonobi.com/ Frame A71D
Redirect Chain
  • https://sync.mathtag.com/sync/img?cs_wd_sy=1&dp=43&redir=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dmediamath%26nuid%3D[MM_UUID]
  • https://sync.go.sonobi.com/us.gif?nw=mediamath&nuid=586a609f-d5b4-4f00-8892-27043b19ce9e
49 B
927 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=mediamath&nuid=586a609f-d5b4-4f00-8892-27043b19ce9e
Requested by
Host: go.sonobi.com
URL: https://go.sonobi.com/uc.html?pubid=e55fb5d7c2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://go.sonobi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 15 May 2021 14:07:52 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-9
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
image/gif
Content-Length
49
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Sat, 15 May 2021 14:07:54 GMT
Server
MT3 3736 915c305 master zrh-pixel-x12
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://sync.go.sonobi.com/us.gif?nw=mediamath&nuid=586a609f-d5b4-4f00-8892-27043b19ce9e
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Sat, 15 May 2021 14:07:53 GMT
rtset
bh.contextweb.com/bh/ Frame A71D
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?do=add&pid=560606&ev=e40f7d4a-e993-4235-945f-3fe38afc1872&daaqp=1&rurl=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dpp%26nuid%3D%25%25VGUID%25%25
  • https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=NUdHZFJvZTJsZWJPUUpkS0xKT05lQQ&gdpr=&gdpr_consent=
  • https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=&gdpr_consent=&ev=CAESEKX2zbSqK1ijq6SS63jg2MA&google_cver=1
49 B
678 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=&gdpr_consent=&ev=CAESEKX2zbSqK1ijq6SS63jg2MA&google_cver=1
Requested by
Host: go.sonobi.com
URL: https://go.sonobi.com/uc.html?pubid=e55fb5d7c2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.148.27.139 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
Jetty(9.4.14.v20181114) /
Resource Hash
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://go.sonobi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
content-language
en-US
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
content-type
image/gif;charset=iso-8859-1
cw-server
bh-deployment-7c488d4f5b-v4bt6
expires
-1

Redirect headers

pragma
no-cache
date
Sat, 15 May 2021 14:07:51 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=&gdpr_consent=&ev=CAESEKX2zbSqK1ijq6SS63jg2MA&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
334
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
us.gif
sync.go.sonobi.com/ Frame A71D
Redirect Chain
  • https://p.rfihub.com/cm?pub=35683&in=1
  • https://sync.go.sonobi.com/us.gif?nw=zt&nuid=1870471595136783395
49 B
513 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=zt&nuid=1870471595136783395
Requested by
Host: go.sonobi.com
URL: https://go.sonobi.com/uc.html?pubid=e55fb5d7c2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://go.sonobi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 15 May 2021 14:07:54 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-129
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
image/gif
Content-Length
49
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
https://sync.go.sonobi.com/us.gif?nw=zt&nuid=1870471595136783395
Date
Sat, 15 May 2021 14:07:54 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
sonobi&gdpr=0&gdpr_consent=
sync.1rx.io/usersync2/ Frame A71D 		0
0
usg.gif
sync.go.sonobi.com/ Frame A71D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_cm&google_hm=ZTQwZjdkNGEtZTk5My00MjM1LTk0NWYtM2ZlMzhhZmMxODcy
  • https://sync.go.sonobi.com/usg.gif?google_gid=CAESEF4kjgsK_AFnvUkGfA3fWIA&google_cver=1
49 B
925 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/usg.gif?google_gid=CAESEF4kjgsK_AFnvUkGfA3fWIA&google_cver=1
Requested by
Host: go.sonobi.com
URL: https://go.sonobi.com/uc.html?pubid=e55fb5d7c2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://go.sonobi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 15 May 2021 14:07:52 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-129
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
image/gif
Content-Length
49
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 15 May 2021 14:07:50 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://sync.go.sonobi.com/usg.gif?google_gid=CAESEF4kjgsK_AFnvUkGfA3fWIA&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
288
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
us.gif
sync.go.sonobi.com/ Frame CF4F
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sonobi&ttd_tpi=1&ttd_puid=e55fb5d7c2&gdpr=0&gdpr_consent=
  • https://sync.go.sonobi.com/us.gif?nw=td&nuid=4fafc8c5-3568-427c-95f5-00ac7edaf594&pubid=e55fb5d7c2
49 B
927 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=td&nuid=4fafc8c5-3568-427c-95f5-00ac7edaf594&pubid=e55fb5d7c2
Requested by
Host: go.sonobi.com
URL: https://go.sonobi.com/uc.html?pubid=e55fb5d7c2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://go.sonobi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 15 May 2021 14:07:52 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-9
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
image/gif
Content-Length
49
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 15 May 2021 14:07:51 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://sync.go.sonobi.com/us.gif?nw=td&nuid=4fafc8c5-3568-427c-95f5-00ac7edaf594&pubid=e55fb5d7c2
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
227
us.gif
sync.go.sonobi.com/ Frame CF4F
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=sonobi&gdpr=0&gdpr_consent=
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=sonobi&bsw_custom_parameter=5f05b0dc-084b-4231-8048-48327283ddbc
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=sonobi&bsw_custom_parameter=5f05b0dc-084b-4231-8048-48327283ddbc
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=05b266af-de57-4e3a-b329-1b285379ac9f&ssp=sonobi&expires=30&user_group=5&bsw_param=5f05b0dc-084b-4231-8048-48327283ddbc
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=4&user_id=05b266af-de57-4e3a-b329-1b285379ac9f&ssp=sonobi&expires=30&user_group=5&bsw_param=5f05b0dc-084b-4231-8048-48327283ddbc
  • https://sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=27e178c2-47d5-4ac3-b145-1c24936660d7
49 B
509 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=27e178c2-47d5-4ac3-b145-1c24936660d7
Requested by
Host: go.sonobi.com
URL: https://go.sonobi.com/uc.html?pubid=e55fb5d7c2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://go.sonobi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 15 May 2021 14:07:55 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-9
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
image/gif
Content-Length
49
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
//sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=27e178c2-47d5-4ac3-b145-1c24936660d7
date
Sat, 15 May 2021 14:07:54 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
us.gif
sync.go.sonobi.com/ Frame CF4F
Redirect Chain
  • https://sync.mathtag.com/sync/img?cs_wd_sy=1&dp=43&redir=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dmediamath%26nuid%3D[MM_UUID]
  • https://sync.go.sonobi.com/us.gif?nw=mediamath&nuid=586a609f-d5b4-4f00-8892-27043b19ce9e
49 B
927 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=mediamath&nuid=586a609f-d5b4-4f00-8892-27043b19ce9e
Requested by
Host: go.sonobi.com
URL: https://go.sonobi.com/uc.html?pubid=e55fb5d7c2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://go.sonobi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 15 May 2021 14:07:52 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-9
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
image/gif
Content-Length
49
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Sat, 15 May 2021 14:07:54 GMT
Server
MT3 3736 915c305 master zrh-pixel-x26
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://sync.go.sonobi.com/us.gif?nw=mediamath&nuid=586a609f-d5b4-4f00-8892-27043b19ce9e
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Sat, 15 May 2021 14:07:53 GMT
us.gif
sync.go.sonobi.com/ Frame CF4F
Redirect Chain
  • https://p.rfihub.com/cm?pub=35683&in=1
  • https://sync.go.sonobi.com/us.gif?nw=zt&nuid=1871597495090835748
49 B
513 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=zt&nuid=1871597495090835748
Requested by
Host: go.sonobi.com
URL: https://go.sonobi.com/uc.html?pubid=e55fb5d7c2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://go.sonobi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 15 May 2021 14:07:54 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-129
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
image/gif
Content-Length
49
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
https://sync.go.sonobi.com/us.gif?nw=zt&nuid=1871597495090835748
Date
Sat, 15 May 2021 14:07:54 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
sonobi&gdpr=0&gdpr_consent=
sync.1rx.io/usersync2/ Frame CF4F 		0
0
us.gif
sync.go.sonobi.com/ Frame CF4F
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?do=add&pid=560606&ev=5df5510e-5770-4638-95bb-a972153fc6ae&daaqp=1&rurl=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dpp%26nuid%3D%25%25VGUID%25%25
  • https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=NENwVlZkNTdmUG16ZFJXcGxtZzRlUQ&gdpr=&gdpr_consent=
  • https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=&gdpr_consent=&ev=CAESEKX2zbSqK1ijq6SS63jg2MA&google_cver=1
  • https://sync.go.sonobi.com/us.gif?nw=pp&nuid=Bg7SVgFnuOcE
49 B
903 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=pp&nuid=Bg7SVgFnuOcE
Requested by
Host: go.sonobi.com
URL: https://go.sonobi.com/uc.html?pubid=e55fb5d7c2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://go.sonobi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 15 May 2021 14:07:52 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-9
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
image/gif
Content-Length
49
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language
en-US
location
https://sync.go.sonobi.com/us.gif?nw=pp&nuid=Bg7SVgFnuOcE
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-7c488d4f5b-v4bt6
expires
-1
usg.gif
sync.go.sonobi.com/ Frame CF4F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_cm&google_hm=NWRmNTUxMGUtNTc3MC00NjM4LTk1YmItYTk3MjE1M2ZjNmFl
  • https://sync.go.sonobi.com/usg.gif?google_gid=CAESEF4kjgsK_AFnvUkGfA3fWIA&google_cver=1
49 B
925 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/usg.gif?google_gid=CAESEF4kjgsK_AFnvUkGfA3fWIA&google_cver=1
Requested by
Host: go.sonobi.com
URL: https://go.sonobi.com/uc.html?pubid=e55fb5d7c2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://go.sonobi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 15 May 2021 14:07:52 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-129
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
image/gif
Content-Length
49
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 15 May 2021 14:07:51 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://sync.go.sonobi.com/usg.gif?google_gid=CAESEF4kjgsK_AFnvUkGfA3fWIA&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
288
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
showad.js
ads.pubmatic.com/AdServer/js/ Frame AB0C 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
1b95ffd8d5e131d47fa1a5ab65bca620eeef87328c413940cd60a9fbcedf4b74

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KADUSERCOOKIE=D540C16B-877F-4C2D-94F1-B5EE9E22C7F9; chkChromeAb67Sec=1; DPSync3=1622246400%3A201_197_219%7C1621123200%3A174; SyncRTB3=1622332800%3A35%7C1622246400%3A161_56_54_71_220_21_13_7_3; KRTBCOOKIE_27=16735-uid:586a609f-d5b4-4f00-8892-27043b19ce9e&KRTB&16736-uid:586a609f-d5b4-4f00-8892-27043b19ce9e&KRTB&23019-uid:586a609f-d5b4-4f00-8892-27043b19ce9e&KRTB&23114-uid:586a609f-d5b4-4f00-8892-27043b19ce9e; PugT=1621087669; PUBMDCID=3; KRTBCOOKIE_391=22924-292259784037434447&KRTB&23263-292259784037434447; KRTBCOOKIE_377=6810-4fafc8c5-3568-427c-95f5-00ac7edaf594&KRTB&22918-4fafc8c5-3568-427c-95f5-00ac7edaf594&KRTB&23031-4fafc8c5-3568-427c-95f5-00ac7edaf594; SPugT=1621087668; repi=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=

Response headers

Last-Modified
Tue, 11 May 2021 05:24:02 GMT
ETag
"13006b6-96ca-5c2071a26cca4"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
13964
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=110898
Expires
Sun, 16 May 2021 20:56:09 GMT
Date
Sat, 15 May 2021 14:07:51 GMT
Connection
keep-alive
Vary
Accept-Encoding
PugMaster
image6.pubmatic.com/AdServer/ Frame 9346 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=58345384&p=160138&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1YNY
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
9950075601b299a1bde9cc56280eda417b5c610deb9d47b584ef0bb1b9011f94

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 15 May 2021 14:07:51 GMT
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
adx
match.prod.bidr.io/cookie-sync/ Frame 4DAE
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFDbTFrN0JQNnNBQUNzUjA0SXFrdw&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sy...
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
43 B
430 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.209.246.140 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Host
match.prod.bidr.io
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
bito=AACm1k7BP6sAACsR04Iqkw; bitoIsSecure=ok; checkForPermission=ok
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

cache-control
no-cache, must-revalidate
content-type
image/gif
Date
Sat, 15 May 2021 14:07:55 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
pragma
no-cache
Server
nginx
strict-transport-security
max-age=2592000; includeSubDomains
Content-Length
43
Connection
keep-alive

Redirect headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
date
Sat, 15 May 2021 14:07:55 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
server
HTTP server (unknown)
content-length
355
x-xss-protection
0
set-cookie
IDE=AHWqTUm_XKU1WRMB7te2lSPWDyhTD-_fIgGllFdTTbyE4TI4vNF3N9b5b15uSH3bGYo; expires=Thu, 09-Jun-2022 14:07:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
/
dsp.adfarm1.adition.com/cookie/ Frame 35D9 		0
0
p.gif
visitor.fiftyt.com/ Frame 9346 		0
0
info
uipglob.semasio.net/pubmatic/1/ Frame 9346 		0
0
mw
mwzeom.zeotap.com/ Frame 9346 		95 B
490 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=D540C16B-877F-4C2D-94F1-B5EE9E22C7F9
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 15 May 2021 14:07:51 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
64fcef589cb02b29-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
0a11f3eb5f00002b29ec36d000000001
/
loadm.exelator.com/load/ Frame 9346 		0
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://loadm.exelator.com/load/?p=204&g=71&buid=D540C16B-877F-4C2D-94F1-B5EE9E22C7F9&gdpr=0&gdpr_consent=&j=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.198.69.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx / Undertow/1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 15 May 2021 14:07:52 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
SPug
image4.pubmatic.com/AdServer/ Frame 9346
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=D540C16B-877F-4C2D-94F1-B5EE9E22C7F9&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-nDdfiWhE2uUcqxL0lEenL2_nWVJ7SYQ-~A&gdpr=0&gdpr_consent=
0
418 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-nDdfiWhE2uUcqxL0lEenL2_nWVJ7SYQ-~A&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 15 May 2021 14:07:55 GMT
Cache-Control
no-store, no-cache, private
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Sat, 15 May 2021 14:07:51 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-nDdfiWhE2uUcqxL0lEenL2_nWVJ7SYQ-~A&gdpr=0&gdpr_consent=
Connection
keep-alive
Content-Length
0
sync
sonata-notifications.taptapnetworks.com/web/cookie/bidswitch/ Frame 9346
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://sonata-notifications.taptapnetworks.com/web/cookie/bidswitch/sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=5f05b0dc-084b-4231-8048-48327283ddbc&gdpr=0&gdpr_consent=&gdpr_pd=
0
0
Pug
image2.pubmatic.com/AdServer/ Frame 9346
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=kj5ieMA7OS2JPTl4nWp2KZdrPX2JPz19kD3cGPn2
42 B
581 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=kj5ieMA7OS2JPTl4nWp2KZdrPX2JPz19kD3cGPn2
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 15 May 2021 14:07:50 GMT
cache-control
no-store, no-cache, private
x-lat
amspug005:0:372
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sat, 15 May 2021 14:07:51 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=kj5ieMA7OS2JPTl4nWp2KZdrPX2JPz19kD3cGPn2
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 9346
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2582984913978891341&gdpr=0&gdpr_consent=&us_privacy=
1 B
478 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2582984913978891341&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 15 May 2021 14:07:52 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug014:0:420
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2582984913978891341&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Sat, 15 May 2021 14:07:50 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
b9pj45k4
sync-tm.everesttech.net/upi/pid/ Frame 9346 		0
0
pubmaticmatch
match.adsby.bidtheatre.com/ Frame 9346 		0
0
current
pubmatic-match.dotomi.com/match/bounce/ Frame 9346 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=D540C16B-877F-4C2D-94F1-B5EE9E22C7F9&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:12::1400 , United States, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 15 May 2021 14:07:51 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
Pug
image2.pubmatic.com/AdServer/ Frame 9346
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
42 B
203 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 15 May 2021 14:07:50 GMT
cache-control
no-store, no-cache, private
x-lat
amspug011:0:399
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sat, 15 May 2021 14:07:50 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
loader.js
cdn.taboola.com/libtrc/tegna-network1/ 		0
0
utag.js
tags.tiqcdn.com/utag/tegna/wcnc-redesign-desktop/prod/ 		121 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/tegna/wcnc-redesign-desktop/prod/utag.js
Requested by
Host: www.wcnc.com
URL: https://www.wcnc.com/video/money/cash-up-for-grabs-in-federal-rebate-program/275-9d602892-bf91-4ee6-a82b-e811709425d4?jwsource=cl
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.109.77.38 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-77-38.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
0c906eac80f38d39fc40910a1311e9e881ec17ad19f3cac1f1a82ba0c67ae6e9

Request headers

Referer
https://www.wcnc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 15 May 2021 14:07:52 GMT
content-encoding
gzip
last-modified
Thu, 21 Jan 2021 19:13:23 GMT
server
AkamaiNetStorage
etag
"6ecc4bdd5b201ca8d22cb965f03fe121:1611256403.492142"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=300
accept-ranges
bytes
content-length
33642
expires
Sat, 15 May 2021 14:12:52 GMT
dcm
s.amazon-adsystem.com/ Frame F8C5 		43 B
720 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YJ_VtqD4k35q4F2v9CPKLQAABLYAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.wcnc.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.21.206.140 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
206-140.amazon.com
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 15 May 2021 14:07:54 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame F8C5 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_dsp_id=70&cm_user_id=YJ-VtqD4k35q4F2v9CPKLQAA
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.wcnc.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 15 May 2021 14:07:51 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
usermatchredir
ssum-sec.casalemedia.com/ Frame F8C5
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YJ_VtqD4k35q4F2v9CPKLQAABLYAAAAB&gdpr_consent=&us_privacy=&gdpr=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEEz3Rtb6UeF5HRZBP1nK3z0&google_cver=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEEz3Rtb6UeF5HRZBP1nK3z0&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.wcnc.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 15 May 2021 14:07:51 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Sat, 15 May 2021 14:07:51 GMT

Redirect headers

pragma
no-cache
date
Sat, 15 May 2021 14:07:51 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEEz3Rtb6UeF5HRZBP1nK3z0&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
YJ_VtqD4k35q4F2v9CPKLQAABLYAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame F8C5 		43 B
918 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/YJ_VtqD4k35q4F2v9CPKLQAABLYAAAAB?gdpr_consent=&us_privacy=&gdpr=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.wcnc.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 15 May 2021 14:07:51 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame F8C5
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=586a609f-d5b4-4f00-8892-27043b19ce9e
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=586a609f-d5b4-4f00-8892-27043b19ce9e
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.wcnc.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 15 May 2021 14:07:55 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 15 May 2021 14:07:55 GMT

Redirect headers

Date
Sat, 15 May 2021 14:07:58 GMT
Server
MT3 3736 915c305 master zrh-pixel-x26
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=586a609f-d5b4-4f00-8892-27043b19ce9e
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Sat, 15 May 2021 14:07:57 GMT
ssp
d.adroll.com/cm/index/ Frame F8C5 		0
0
ZMAwryCI
sync-tm.everesttech.net/upi/pid/ Frame F8C5 		0
0
ie
match.prod.bidr.io/cookie-sync/ Frame F8C5 		43 B
430 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.prod.bidr.io/cookie-sync/ie
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.wcnc.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.209.246.140 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
Date
Sat, 15 May 2021 14:07:55 GMT
Server
nginx
strict-transport-security
max-age=2592000; includeSubDomains
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control
no-cache, must-revalidate
Connection
keep-alive
content-type
image/gif
Content-Length
43
expires
Fri, 01 Jan 1990 00:00:00 GMT
htw-pixel.gif
js-sec.indexww.com/ht/ Frame F8C5 		0
0
usermatchredir
ssum-sec.casalemedia.com/ Frame E071
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YJ_VtnC4xZ3A0roAgatBxAAABLYAAAAB&gdpr_consent=&us_privacy=&gdpr=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEEz3Rtb6UeF5HRZBP1nK3z0&google_cver=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEEz3Rtb6UeF5HRZBP1nK3z0&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.wcnc.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 15 May 2021 14:07:51 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Sat, 15 May 2021 14:07:51 GMT

Redirect headers

pragma
no-cache
date
Sat, 15 May 2021 14:07:51 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEEz3Rtb6UeF5HRZBP1nK3z0&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame E071 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_dsp_id=70&cm_user_id=YJ-VtnC4xZ3A0roAgatBxAAA
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.wcnc.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 15 May 2021 14:07:51 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
dcm
s.amazon-adsystem.com/ Frame E071 		43 B
720 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YJ_VtnC4xZ3A0roAgatBxAAABLYAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.wcnc.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.21.206.140 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
206-140.amazon.com
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 15 May 2021 14:07:54 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame E071
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=5387147243252771319
43 B
920 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=5387147243252771319
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.wcnc.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 15 May 2021 14:07:54 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 15 May 2021 14:07:54 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 15 May 2021 14:07:54 GMT
X-Proxy-Origin
84.17.53.163; 84.17.53.163; 728.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.223.42:80
AN-X-Request-Uuid
83a62729-bd85-4514-ae2d-7007b2e7323e
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=5387147243252771319
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame E071
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2582984913978891341
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2582984913978891341
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.wcnc.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 15 May 2021 14:07:51 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 15 May 2021 14:07:51 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2582984913978891341
pragma
no-cache
date
Sat, 15 May 2021 14:07:50 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
crum
dsum-sec.casalemedia.com/ Frame E071
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=586a609f-d5b4-4f00-8892-27043b19ce9e
43 B
971 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=586a609f-d5b4-4f00-8892-27043b19ce9e
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.wcnc.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 15 May 2021 14:07:55 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 15 May 2021 14:07:55 GMT

Redirect headers

Date
Sat, 15 May 2021 14:07:58 GMT
Server
MT3 3736 915c305 master zrh-pixel-x30
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=586a609f-d5b4-4f00-8892-27043b19ce9e
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Sat, 15 May 2021 14:07:57 GMT
ssp
d.adroll.com/cm/index/ Frame E071 		0
0
CookieIndex
rtb.adentifi.com/ Frame E071 		0
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieIndex
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.wcnc.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.236.227.29 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Connection
keep-alive
Content-Length
0
Content-Type
text/plain
htw-pixel.gif
js-sec.indexww.com/ht/ Frame E071 		0
0
dcm
s.amazon-adsystem.com/ Frame FFD4 		43 B
720 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YJ_Vt3C4xZ3A0roAgatBywAABLYAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.21.206.140 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
206-140.amazon.com
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 15 May 2021 14:07:54 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame FFD4 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_dsp_id=70&cm_user_id=YJ-Vt3C4xZ3A0roAgatBywAA
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 15 May 2021 14:07:51 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
usermatchredir
ssum-sec.casalemedia.com/ Frame FFD4
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YJ_Vt3C4xZ3A0roAgatBywAABLYAAAIB&gdpr_consent=&us_privacy=&gdpr=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEEz3Rtb6UeF5HRZBP1nK3z0&google_cver=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEEz3Rtb6UeF5HRZBP1nK3z0&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 15 May 2021 14:07:51 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Sat, 15 May 2021 14:07:51 GMT

Redirect headers

pragma
no-cache
date
Sat, 15 May 2021 14:07:51 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEEz3Rtb6UeF5HRZBP1nK3z0&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame FFD4
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=5387147243252771319
43 B
920 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=5387147243252771319
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 15 May 2021 14:07:54 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 15 May 2021 14:07:54 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 15 May 2021 14:07:54 GMT
X-Proxy-Origin
84.17.53.163; 84.17.53.163; 728.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.221.83:80
AN-X-Request-Uuid
b222f218-361a-4a2a-8237-0a861e1ac5ae
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=5387147243252771319
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame FFD4
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=Jy9EhQIJ1LHUXl5
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=Jy9EhQIJ1LHUXl5
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 15 May 2021 14:07:51 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 15 May 2021 14:07:51 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 15 May 2021 14:07:50 GMT
Server
PingMatch/v2.0.30-649-g03fe1b8#rel-ec2-master i-04527eea692282deb@eu-central-1b@dxedge-app-eu-central-1-prod-asg
P3P
policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=Jy9EhQIJ1LHUXl5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum.casalemedia.com/ Frame FFD4
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=index
  • https://r.scoota.co/sync?ssp=bidswitch&bidswitch_ssp_id=index
  • https://r.scoota.co/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=index
  • https://x.bidswitch.net/sync?dsp_id=29&expires=30&user_id=4eafec04-c0f8-40eb-9be3-51564ff61b1c&ssp=index
  • https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=5f05b0dc-084b-4231-8048-48327283ddbc
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=5f05b0dc-084b-4231-8048-48327283ddbc
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 15 May 2021 14:07:51 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 15 May 2021 14:07:51 GMT

Redirect headers

location
//dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=5f05b0dc-084b-4231-8048-48327283ddbc
date
Sat, 15 May 2021 14:07:51 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
crum
dsum-sec.casalemedia.com/ Frame FFD4
Redirect Chain
  • https://p.rfihub.com/cm?in=1&pub=2079
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=1870471595136783427
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=1870471595136783427&C=1
43 B
1006 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=1870471595136783427&C=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 15 May 2021 14:07:54 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 15 May 2021 14:07:54 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 15 May 2021 14:07:54 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=1870471595136783427&C=1
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
283
Expires
Sat, 15 May 2021 14:07:54 GMT
ie
match.prod.bidr.io/cookie-sync/ Frame FFD4 		43 B
430 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.prod.bidr.io/cookie-sync/ie
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.209.246.140 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
Date
Sat, 15 May 2021 14:07:55 GMT
Server
nginx
strict-transport-security
max-age=2592000; includeSubDomains
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control
no-cache, must-revalidate
Connection
keep-alive
content-type
image/gif
Content-Length
43
expires
Fri, 01 Jan 1990 00:00:00 GMT
ecm3
aax-eu.amazon-adsystem.com/s/ Frame FFD4 		0
0
analytics.js
www.google-analytics.com/ 		48 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/tegna/wcnc-redesign-desktop/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.wcnc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 09 Apr 2021 23:59:54 GMT
server
Golfe2
age
6060
date
Sat, 15 May 2021 12:26:52 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19569
expires
Sat, 15 May 2021 14:26:52 GMT
805bcdd0-79bd-0137-60ad-067f653fa718
tag.simpli.fi/sifitag/ 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.simpli.fi/sifitag/805bcdd0-79bd-0137-60ad-067f653fa718
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/tegna/wcnc-redesign-desktop/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
169.50.137.176 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
b0.89.32a9.ip4.static.sl-reverse.com
Software
/
Resource Hash
eb34ecd9efdc80d264d94b84c79c178ae16cf9fbcebb5af2d89f687f36a34719
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.wcnc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache, no-cache
date
Sat, 15 May 2021 14:07:52 GMT
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=0, private, must-revalidate, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
3101
x-request-id
Fn9CpjrPcKpzynkFo9Ih
expires
Thu, 01 Jan 1970 00:00:00 GMT, Thu, 01 Jan 1970 00:00:00 GMT
alphpixel.js
js.alpixtrack.com/ 		5 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.alpixtrack.com/alphpixel.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/tegna/wcnc-redesign-desktop/prod/utag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
130.211.141.45 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
nginx/1.20.0 /
Resource Hash
75ebbcbd4583af52a30628a4ded7a6634a8682f119d539c3b5669e1c6ef2702b

Request headers

Referer
https://www.wcnc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 15 May 2021 14:07:55 GMT
Last-Modified
Fri, 25 Sep 2020 06:15:04 GMT
Server
nginx/1.20.0
ETag
"5f6d8ae8-1350"
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400, public, no-transform
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4944
Expires
Sun, 16 May 2021 14:07:55 GMT
83f86750-c91c-0137-ec97-06a9ed4ca31b
tag.simpli.fi/sifitag/ 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.simpli.fi/sifitag/83f86750-c91c-0137-ec97-06a9ed4ca31b
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/tegna/wcnc-redesign-desktop/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
169.50.137.176 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
b0.89.32a9.ip4.static.sl-reverse.com
Software
/
Resource Hash
c2bdf133eb56b80b1575d63192fe56210fbb630887500877555c1eba9adda239
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.wcnc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache, no-cache
date
Sat, 15 May 2021 14:07:52 GMT
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=0, private, must-revalidate, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
3101
x-request-id
Fn9CpjrRghQXHD0CLEVi
expires
Thu, 01 Jan 1970 00:00:00 GMT, Thu, 01 Jan 1970 00:00:00 GMT
utag.v.js
tags.tiqcdn.com/utag/tiqapp/ 		2 B
202 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=tegna/wcnc-redesign-desktop/202101211913&cb=1621087672473
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/tegna/wcnc-redesign-desktop/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.109.77.38 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-77-38.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb

Request headers

Referer
https://www.wcnc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 15 May 2021 14:07:52 GMT
last-modified
Thu, 14 Apr 2016 16:57:51 GMT
server
AkamaiNetStorage
etag
"7bc0ee636b3b83484fc3b9348863bd22:1460653071"
content-type
application/x-javascript
cache-control
max-age=600
accept-ranges
bytes
content-length
2
expires
Sat, 15 May 2021 14:17:52 GMT
cs.js
sb.scorecardresearch.com/internal-c2/default/
Redirect Chain
  • https://sb.scorecardresearch.com/c2/19962895/cs.js
  • https://sb.scorecardresearch.com/internal-c2/default/cs.js
0
350 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/internal-c2/default/cs.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.95.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-95-46.zrh50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.wcnc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 15 May 2021 13:41:34 GMT
via
1.1 d7147e532e5cf73689fcb39fa760bcf3.cloudfront.net (CloudFront)
etag
"d41d8cd98f00b204e9800998ecf8427e"
last-modified
Mon, 01 Mar 2021 20:42:20 GMT
server
AmazonS3
age
1580
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-pop
ZRH50-C1
accept-ranges
bytes
content-length
0
x-amz-cf-id
OTgHhYpPeAdG6GfAC9ZJOakPR28qXmTv3hUCtS4_ulRf5AcLvSR0gg==

Redirect headers

date
Sat, 15 May 2021 14:07:53 GMT
via
1.1 d7147e532e5cf73689fcb39fa760bcf3.cloudfront.net (CloudFront)
x-amz-cf-pop
ZRH50-C1
vary
Accept
x-cache
Miss from cloudfront
content-type
text/plain; charset=utf-8
location
/internal-c2/default/cs.js
content-length
48
x-amz-cf-id
-vBqhTlzm0rm7ZgQKPCjcQ0uAeWrGz-VRf2F1FeDuQTHpUf9rzhyrw==
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=2&c2=19962895&ns__t=1621087672477&ns_c=UTF-8&c8=Cash%20up%20for%20grabs%20in%20federal%20rebate%20program%20%7C%20wcnc.com&c7=https%3A%2F%2Fwww.wcnc.com%2Fvide...
  • https://sb.scorecardresearch.com/b2?c1=2&c2=19962895&ns__t=1621087672477&ns_c=UTF-8&c8=Cash%20up%20for%20grabs%20in%20federal%20rebate%20program%20%7C%20wcnc.com&c7=https%3A%2F%2Fwww.wcnc.com%2Fvid...
64 B
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=2&c2=19962895&ns__t=1621087672477&ns_c=UTF-8&c8=Cash%20up%20for%20grabs%20in%20federal%20rebate%20program%20%7C%20wcnc.com&c7=https%3A%2F%2Fwww.wcnc.com%2Fvideo%2Fmoney%2Fcash-up-for-grabs-in-federal-rebate-program%2F275-9d602892-bf91-4ee6-a82b-e811709425d4%3Fjwsource%3Dcl&c9=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.95.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-95-46.zrh50.r.cloudfront.net
Software
/
Resource Hash
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Referer
https://www.wcnc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 15 May 2021 14:07:53 GMT
via
1.1 d7147e532e5cf73689fcb39fa760bcf3.cloudfront.net (CloudFront)
x-amz-cf-pop
ZRH50-C1
etag
W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache
Miss from cloudfront
content-type
image/gif; charset=utf-8
content-length
64
x-amz-cf-id
MXSHmQyMGfrjlE0WfwbbanT_1iaS9SjL7XJwgWvPqX-addFlI1R46A==

Redirect headers

date
Sat, 15 May 2021 14:07:53 GMT
via
1.1 d7147e532e5cf73689fcb39fa760bcf3.cloudfront.net (CloudFront)
x-amz-cf-pop
ZRH50-C1
vary
Accept
x-cache
Miss from cloudfront
content-type
text/plain; charset=utf-8
location
https://sb.scorecardresearch.com/b2?c1=2&c2=19962895&ns__t=1621087672477&ns_c=UTF-8&c8=Cash%20up%20for%20grabs%20in%20federal%20rebate%20program%20%7C%20wcnc.com&c7=https%3A%2F%2Fwww.wcnc.com%2Fvideo%2Fmoney%2Fcash-up-for-grabs-in-federal-rebate-program%2F275-9d602892-bf91-4ee6-a82b-e811709425d4%3Fjwsource%3Dcl&c9=
content-length
338
x-amz-cf-id
QJCR6tJpxuxwSgYJpNSNUVVwNUt985VhMrnvb0HSWeNLVvIrMFAS4w==
chartbeat_mab.js
static.chartbeat.com/js/ 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.chartbeat.com/js/chartbeat_mab.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/tegna/wcnc-redesign-desktop/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206e:a000:18:1fcd:34e:d2a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
bdbb3b88367e0dc7f2af34b3bb701fe2523c8653a48cdfd8aaf67c2d1e18b76d

Request headers

Referer
https://www.wcnc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 14 May 2021 15:51:39 GMT
content-encoding
gzip
last-modified
Wed, 02 Dec 2020 01:43:44 GMT
server
nginx
age
80172
etag
W/"5fc6f150-5976"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
via
1.1 93f2a781416975f99355acc4c81d60d2.cloudfront.net (CloudFront)
cache-control
max-age=86400
x-amz-cf-pop
VIE50-C1
x-amz-cf-id
GJT03GsbLAJ1-57oQgrq8gJJkmkMWre4F-Yk-_657Sy0gbIxJFXokw==
expires
Sat, 15 May 2021 15:51:39 GMT
request_content.php
hal90002.redintelligence.net/ Frame 8970 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hal90002.redintelligence.net/request_content.php?s=41818000086747400710594011595002&a=df9fae95
Requested by
Host: hal90002.redintelligence.net
URL: https://hal90002.redintelligence.net/request.php?zone=l6x6viz526e4&nw=20&renderingType=javascript&namespace=fe59fcdb36&subid=&uid=a39ce6157ff2a80e&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x18&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC0MQhstWfYKy5NdaKjuwPrOCS-AqP4PiGU6Wji6TKDPAuEAEgqKq1JWCVAsgBCakCzo_-MHRgtD6oAwGqBMsBT9AQpbJsq1BZKafspp6hZ03JqLHe22EnOT8O1EYlVzf-IkPEdavuHcPj9c1l0BfqhMX6wB4-LiahTByZJuchgP7VLb6cRR0LJ6KB64qDTXGpBCqx2zDDecXgLUOjKzrqQPYHGj7iJFIzzH29j11QhrKw3oMXmKWjZMdQNSwwKbSXClDDu-RFSQsW-tmD041MdltKuVm4LO-UO3qwFZiOZUqKAD4gY3QQBATGqrcrtMhXWMHBZ3ei83I0KcfwzE79J_WzaTnecX6MFOPABLvxqMDPAeAEA5AGAaAGTYAH6-foXqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfs1RuoB-6WsQKoB6a-G6gH7NUbqAfz0RuoB5bYG9gHANIICQiA4YBQEAEYHYAKA5gLAcgLAYAMAbATwpraCtATANgTA9gUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASPeRot8htAZzJ28J5DtOeVubJqkpydsnr66jWZfJ9Ee-Fth26Fc75IrLzhOjlCvA2YHySaviyQ1IISouP3CA%26sig%3DAOD64_1gGmmsCkSVI26BO5Tt-VctvVmnIA%26client%3Dca-pub-3686981407839642%26dbm_c%3DAKAmf-CnIOcuZz_6cPSXvLeeo66CuP9q9uzy8-_s45ScSH1jofMRCJhycE_I1sxymNRr5CWFC-vKy3MoOGRV1zR3OJAwq96xd9JiJgMxSNd7gL12Ta3TNqG3ojCqsYhW5aWqL_fbSBuo9wBgrCaaPqSp-DezC7pA3Q%26cry%3D1%26dbm_d%3DAKAmf-BW032aeW9d6dh5AbVobrEoUbWP6L6UEjs0X0DnEWjmkIdWwyTzk236PikaYO5CDVTOkjqR9DR8iLpakO2nvIchKyOmQj2D883pjqWs-SPdj-oDvbqXArMZwqAO1LqUvwPJ1WMlEB2Yn3dRBnyoH8gBPOo1xNvNjJ_n8VqHQZUI2Nei-2avaWf050MhJ5rAJZ6oOjtIxq9KK53W5JUco0c5q85k17omZPfc6nQd-pazDuxG8cau3q_UkPrMU9igLx45Jz8HikmHtJDHA_Z2zb_8caetc6StdgJvQaKYbaLS3RZHsjqmYjWpOb45Hmc9B0SJo3teBpbbU_4q8ltgl0SwUpegAi_rQx7XNEe9MYO2deJ2keLQ84uCMDjQDJNyCzHE8T1o8sy91EJzKS9JOPmNXkmtkbp51coH0WMd2pRh3G3py2egQqLZLqsIUI6dPWIHX5Z6R8lxfLVdnMpmfsj0MCbTaVRoMzFjFVu8bdnsCS3mYZhhXSvqkoezFtXbGA9o8RWx7U0qc4-V707bhH6zQB9TTlCiHdNEm4AKmVz7FzRwQ35uc3spMKTAUColvRBq5Z3t-rl147JTsAz-6NOIRsb9Tg%26adurl%3D&documentReferer=https%3A%2F%2Fwww.wcnc.com%2F&ancestorOrigins=https%3A%2F%2Fwww.wcnc.com&random=4264959743072&isIframe=1&container=&adPos=0x14&adPosCheck=1x15&adtagId=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
46.4.10.47 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.47.10.4.46.clients.your-server.de
Software
Apache /
Resource Hash
36141846150edfd265b1229bff6b9168c1ec6ff52df8fa322ab8221ce4dd5d48

Request headers

Host
hal90002.redintelligence.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://c70b44ee1a804784c16670da0322118d.safeframe.googlesyndication.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
8lcfmzhxc8d6_uid=7abd9c793cb5c47b
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://c70b44ee1a804784c16670da0322118d.safeframe.googlesyndication.com/

Response headers

Date
Sat, 15 May 2021 14:07:53 GMT
Server
Apache
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Expires
Sat, 15 May 2021 15:07:53 +0200
Pragma
no-cache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
1234
Connection
close
Content-Type
text/html; charset=utf-8
truncated
/ Frame 737A 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
eae49f3e5949d58399688b1dfc2b8fdb7148f9e79764f4e2825ee7b5ce1e1f8b

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
collect
stats.g.doubleclick.net/j/ 		4 B
444 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-74215927-1&cid=1370277086.1621087667&jid=975998738&gjid=2062735444&_gid=1745223331.1621087673&_u=YChAgAABBAAAAE~&z=1534054711
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.wcnc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Sat, 15 May 2021 14:07:52 GMT
content-type
text/plain
access-control-allow-origin
https://www.wcnc.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j90&a=1284077479&t=pageview&_s=1&dl=https%3A%2F%2Fwww.wcnc.com%2Fvideo%2Fmoney%2Fcash-up-for-grabs-in-federal-rebate-program%2F275-9d602892-bf91-4ee6-a82b-e811709425d4%3Fjwsource%3Dcl&ul=en-us&de=UTF-8&dt=Cash%20up%20for%20grabs%20in%20federal%20rebate%20program%20%7C%20wcnc.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YChAgAABB~&jid=975998738&gjid=2062735444&cid=1370277086.1621087667&tid=UA-74215927-1&_gid=1745223331.1621087673&cd1=9d602892-bf91-4ee6-a82b-e811709425d4&cd3=money%2Cnews&cd4=Cash%20up%20for%20grabs%20in%20federal%20rebate%20program&cd5=video&cd6=money&cd10=https%3A%2F%2Fwww.wcnc.com%2Fvideo%2Fmoney%2Fcash-up-for-grabs-in-federal-rebate-program%2F275-9d602892-bf91-4ee6-a82b-e811709425d4%3Fjwsource%3Dcl&cd12=0&cd13=WCNC%2C%20Charlotte%2C%20news%2C%20local%20news%2C%20breaking%20news%2C%20traffic%2C%20weather%2C%20sports%2C%20events&cd14=Charlotte%2C%20NC&cd15=Cash%20up%20for%20grabs%20in%20federal%20rebate%20program%20%7C%20wcnc.com&cd16=false&cd19=money&cd21=None&cd27=true&cd33=desktop&cd35=https%3A%2F%2Fwww.wcnc.com%2Fvideo%2Fmoney%2Fcash-up-for-grabs-in-federal-rebate-program%2F275-9d602892-bf91-4ee6-a82b-e811709425d4&cd36=video&cd37=wcnc-redesign-desktop&cd39=false&cd45=Cash%20up%20for%20grabs%20in%20federal%20rebate%20program&cd49=WCNC&z=952268406
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.wcnc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 14 May 2021 15:44:47 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
80585
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
chartbeat_video.js
static.chartbeat.com/js/ 		69 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.chartbeat.com/js/chartbeat_video.js
Requested by
Host: www.wcnc.com
URL: https://www.wcnc.com/jquery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206e:a000:18:1fcd:34e:d2a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
59bf4920a322377c761eec2dba5b7de57b64267e82b0d3a7e9fafcfd4a954e34

Request headers

Referer
https://www.wcnc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 14 May 2021 16:56:46 GMT
content-encoding
gzip
last-modified
Fri, 02 Apr 2021 00:06:15 GMT
server
nginx
age
76266
etag
W/"60665ff7-11377"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
via
1.1 93f2a781416975f99355acc4c81d60d2.cloudfront.net (CloudFront)
cache-control
max-age=86400
x-amz-cf-pop
VIE50-C1
x-amz-cf-id
Jgs0v9fBiGRpjmlqmzi6qiZQiuKrRDI7g6llzVPJI0ZOC24Xq46f8g==
expires
Sat, 15 May 2021 16:56:46 GMT
/
mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/ 		246 B
515 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/?host=wcnc.com&domain=wcnc.com&path=%2Fvideo%2Fmoney%2Fcash-up-for-grabs-in-federal-rebate-program%2F275-9d602892-bf91-4ee6-a82b-e811709425d4
Requested by
Host: static.chartbeat.com
URL: https://static.chartbeat.com/js/chartbeat_mab.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::714 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
69fd8b1fc178e1a3074f4339ce3feff819eabe2ccdc8f574d5e9593cce379ef0

Request headers

Referer
https://www.wcnc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 15 May 2021 14:07:52 GMT
content-encoding
gzip
age
0
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
x-cache
MISS
content-type
application/json
access-control-allow-origin
*
expires
Thu, 13 May 2021 14:07:52 GMT
cache-control
no-store, no-cache, must-revalidate, max-age=0, s-maxage=0
x-cache-hits
1
accept-ranges
bytes
x-timer
S1621087673.604502,VS0,VE104
content-length
194
via
1.1 varnish (Varnish/6.0), 1.1 varnish
x-served-by
cache-hhn4080-HHN
/
mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/ 		246 B
262 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/?host=wcnc.com&domain=wcnc.com&path=%2Fvideo%2Fmoney%2Fcash-up-for-grabs-in-federal-rebate-program%2F275-9d602892-bf91-4ee6-a82b-e811709425d4
Requested by
Host: static.chartbeat.com
URL: https://static.chartbeat.com/js/chartbeat_mab.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::714 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
69fd8b1fc178e1a3074f4339ce3feff819eabe2ccdc8f574d5e9593cce379ef0

Request headers

Referer
https://www.wcnc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 15 May 2021 14:07:52 GMT
content-encoding
gzip
age
0
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
x-cache
HIT
content-type
application/json
access-control-allow-origin
*
expires
Thu, 13 May 2021 14:07:52 GMT
cache-control
no-store, no-cache, must-revalidate, max-age=0, s-maxage=0
x-cache-hits
1
accept-ranges
bytes
x-timer
S1621087673.604495,VS0,VE104
content-length
194
via
1.1 varnish (Varnish/6.0), 1.1 varnish
x-served-by
cache-hhn4080-HHN
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j90&a=1284077479&t=timing&_s=2&dl=https%3A%2F%2Fwww.wcnc.com%2Fvideo%2Fmoney%2Fcash-up-for-grabs-in-federal-rebate-program%2F275-9d602892-bf91-4ee6-a82b-e811709425d4%3Fjwsource%3Dcl&ul=en-us&de=UTF-8&dt=Cash%20up%20for%20grabs%20in%20federal%20rebate%20program%20%7C%20wcnc.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&plt=2185&pdt=58&dns=2&rrt=0&srt=1171&tcp=84&dit=1377&clt=1377&_gst=8148&_gbt=8244&_u=YChAgAABBAAAAE~&jid=&gjid=&cid=1370277086.1621087667&tid=UA-74215927-1&_gid=1745223331.1621087673&cd1=9d602892-bf91-4ee6-a82b-e811709425d4&cd3=money%2Cnews&cd4=Cash%20up%20for%20grabs%20in%20federal%20rebate%20program&cd5=video&cd6=money&cd10=https%3A%2F%2Fwww.wcnc.com%2Fvideo%2Fmoney%2Fcash-up-for-grabs-in-federal-rebate-program%2F275-9d602892-bf91-4ee6-a82b-e811709425d4%3Fjwsource%3Dcl&cd12=0&cd13=WCNC%2C%20Charlotte%2C%20news%2C%20local%20news%2C%20breaking%20news%2C%20traffic%2C%20weather%2C%20sports%2C%20events&cd14=Charlotte%2C%20NC&cd15=Cash%20up%20for%20grabs%20in%20federal%20rebate%20program%20%7C%20wcnc.com&cd16=false&cd19=money&cd21=None&cd27=true&cd33=desktop&cd35=https%3A%2F%2Fwww.wcnc.com%2Fvideo%2Fmoney%2Fcash-up-for-grabs-in-federal-rebate-program%2F275-9d602892-bf91-4ee6-a82b-e811709425d4&cd36=video&cd37=wcnc-redesign-desktop&cd39=false&cd45=Cash%20up%20for%20grabs%20in%20federal%20rebate%20program&cd49=WCNC&z=734778411
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.wcnc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 14 May 2021 15:44:47 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
80585
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
ping
ping.chartbeat.net/ 		43 B
169 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ping.chartbeat.net/ping?h=wcnc.com&p=%2Fvideo%2Fmoney%2Fcash-up-for-grabs-in-federal-rebate-program%2F275-9d602892-bf91-4ee6-a82b-e811709425d4&u=P9NvCB673TnW7WOw&d=wcnc.com&g=47635&g0=money&g1=No%20Author&n=1&f=00001&c=0&x=0&m=0&y=1511&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=2185&t=DrErmzBlWysSip71-B-ip6rCFRY45&V=126&i=Cash%20up%20for%20grabs%20in%20federal%20rebate%20program%20%7C%20wcnc.com&tz=-120&sn=1&sv=xciXfIMdsJD5MU4RC889w__KM2v&sd=1&im=067b0ef3&_
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.224.142.75 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://www.wcnc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 15 May 2021 14:07:54 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
43
expires
0
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-74215927-1&cid=1370277086.1621087667&jid=975998738&_u=YChAgAABBAAAAE~&z=1332017373
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.wcnc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 15 May 2021 14:07:52 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
505 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-74215927-1&cid=1370277086.1621087667&jid=975998738&_u=YChAgAABBAAAAE~&z=1332017373
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.wcnc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 15 May 2021 14:07:52 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
p
i.simpli.fi/ 		746 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://i.simpli.fi/p?cid=212300&cb=sifi_att_42656._hp
Requested by
Host: tag.simpli.fi
URL: https://tag.simpli.fi/sifitag/805bcdd0-79bd-0137-60ad-067f653fa718
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
169.50.137.176 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
b0.89.32a9.ip4.static.sl-reverse.com
Software
/
Resource Hash
3c2990e613b9b13e8a30c470da9e9b39e598f5f79812593b313c54878942ed35
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.wcnc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache, no-cache
date
Sat, 15 May 2021 14:07:52 GMT
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Thu, 01 Jan 1970 00:00:00 GMT, Thu, 01 Jan 1970 00:00:00 GMT
sync
simplifi.partners.tremorhub.com/
Redirect Chain
  • https://um.simpli.fi/telaria_p
  • https://simplifi.partners.tremorhub.com/sync?UISF=7EC3F4EC11504FE1A29FA76509B1F1E1
43 B
183 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simplifi.partners.tremorhub.com/sync?UISF=7EC3F4EC11504FE1A29FA76509B1F1E1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4232:3a2c:3c86:af1b:2715 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://www.wcnc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 15 May 2021 14:07:53 GMT
server
Apache-Coyote/1.1
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type
image/gif

Redirect headers

date
Sat, 15 May 2021 14:07:52 GMT
x-content-type-options
nosniff
server
nginx
location
https://simplifi.partners.tremorhub.com/sync?UISF=7EC3F4EC11504FE1A29FA76509B1F1E1
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
154
expires
Fri, 14 May 2021 14:07:52 GMT
receive
pixel.tapad.com/idsync/ex/
Redirect Chain
  • https://um.simpli.fi/tapad
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2305&partner_device_id=7EC3F4EC11504FE1A29FA76509B1F1E1
0
0
aa_px
um.simpli.fi/
Redirect Chain
  • https://um.simpli.fi/ad_advisor
  • https://aa.agkn.com/adscores/g.pixel?sid=9201915418&sifi_uid=7EC3F4EC11504FE1A29FA76509B1F1E1
  • https://d.agkn.com/pixel/10751/?che=1621087673&ip=84.17.53.163&l1=https%3A%2F%2Fum.simpli.fi%2Faa_px%3Fsk%3D164950803787000555741
  • https://um.simpli.fi/aa_px?sk=164950803787000555741
43 B
609 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/aa_px?sk=164950803787000555741
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.253.128.183 Amsterdam, Netherlands, ASN36351 (SOFTLAYER, US),
Reverse DNS
b7.80.fd9f.ip4.static.sl-reverse.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.wcnc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 15 May 2021 14:07:54 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Fri, 14 May 2021 14:07:54 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 15 May 2021 14:07:53 GMT
Server
Apache-Coyote/1.1
P3P
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://um.simpli.fi/aa_px?sk=164950803787000555741
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Sat, 01 Jan 2000 00:00:00 GMT
nexage
um.simpli.fi/ 		43 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/nexage
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.253.128.183 Amsterdam, Netherlands, ASN36351 (SOFTLAYER, US),
Reverse DNS
b7.80.fd9f.ip4.static.sl-reverse.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.wcnc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 15 May 2021 14:07:52 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Fri, 14 May 2021 14:07:52 GMT
ProfilesEngineServlet
sync.intentiq.com/profiles_engine/
Redirect Chain
  • https://um.simpli.fi/intentiq
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=7EC3F4EC11504FE1A29FA76509B1F1E1
0
0
pubmatic
um.simpli.fi/ 		43 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.253.128.183 Amsterdam, Netherlands, ASN36351 (SOFTLAYER, US),
Reverse DNS
b7.80.fd9f.ip4.static.sl-reverse.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.wcnc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 15 May 2021 14:07:52 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Fri, 14 May 2021 14:07:52 GMT
freewheel
um.simpli.fi/ 		43 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/freewheel
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.253.128.183 Amsterdam, Netherlands, ASN36351 (SOFTLAYER, US),
Reverse DNS
b7.80.fd9f.ip4.static.sl-reverse.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.wcnc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 15 May 2021 14:07:52 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Fri, 14 May 2021 14:07:52 GMT
398696.gif
idsync.rlcdn.com/
Redirect Chain
  • https://um.simpli.fi/dtnx
  • https://fei.pro-market.net/engine?du=24;csync=7EC3F4EC11504FE1A29FA76509B1F1E1;mimetype=img;
  • https://fei.pro-market.net/engine?du=24;csync=7EC3F4EC11504FE1A29FA76509B1F1E1;mimetype=img;sr
  • https://idsync.rlcdn.com/398696.gif?partner_uid=6533944442443220034
0
42 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/398696.gif?partner_uid=6533944442443220034
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.wcnc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 15 May 2021 14:07:56 GMT
via
1.1 google
alt-svc
clear
content-length
0

Redirect headers

pragma
no-cache
date
Sat, 15 May 2021 14:07:52 GMT
via
1.1 google
server
Apache-Coyote/1.1
access-control-allow-origin
*
anserver
gapp-eu-5.c.datonics-gcp-01.internal
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
location
https://idsync.rlcdn.com/398696.gif?partner_uid=6533944442443220034
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
alt-svc
clear
content-length
0
expires
Mon, 1 Jan 1990 0:0:0 GMT
/
loadm.exelator.com/load/
Redirect Chain
  • https://um.simpli.fi/exelatem
  • https://loadm.exelator.com/load/?p=204&g=2191&simid=7EC3F4EC11504FE1A29FA76509B1F1E1&j=0
0
604 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://loadm.exelator.com/load/?p=204&g=2191&simid=7EC3F4EC11504FE1A29FA76509B1F1E1&j=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.198.69.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx / Undertow/1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.wcnc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 15 May 2021 14:07:52 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

Redirect headers

date
Sat, 15 May 2021 14:07:52 GMT
x-content-type-options
nosniff
server
nginx
location
https://loadm.exelator.com/load/?p=204&g=2191&simid=7EC3F4EC11504FE1A29FA76509B1F1E1&j=0
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
154
expires
Fri, 14 May 2021 14:07:52 GMT
yahoo
um.simpli.fi/ 		43 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/yahoo
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.253.128.183 Amsterdam, Netherlands, ASN36351 (SOFTLAYER, US),
Reverse DNS
b7.80.fd9f.ip4.static.sl-reverse.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.wcnc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 15 May 2021 14:07:52 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Fri, 14 May 2021 14:07:52 GMT
sync
sync.bfmio.com/
Redirect Chain
  • https://um.simpli.fi/beachfront
  • https://sync.bfmio.com/sync?pid=141&uid=7EC3F4EC11504FE1A29FA76509B1F1E1
0
421 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.bfmio.com/sync?pid=141&uid=7EC3F4EC11504FE1A29FA76509B1F1E1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.22.84.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.wcnc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Connection
keep-alive
Date
Sat, 15 May 2021 14:07:52 GMT

Redirect headers

date
Sat, 15 May 2021 14:07:52 GMT
x-content-type-options
nosniff
server
nginx
location
https://sync.bfmio.com/sync?pid=141&uid=7EC3F4EC11504FE1A29FA76509B1F1E1
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
154
expires
Fri, 14 May 2021 14:07:52 GMT
29931
stags.bluekai.com/site/
Redirect Chain
  • https://um.simpli.fi/bluekai
  • https://stags.bluekai.com/site/29931?id=7EC3F4EC11504FE1A29FA76509B1F1E1
62 B
745 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stags.bluekai.com/site/29931?id=7EC3F4EC11504FE1A29FA76509B1F1E1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.45.99.241 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-45-99-241.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Referer
https://www.wcnc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 15 May 2021 14:07:53 GMT
Connection
keep-alive
P3P
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Content-Length
62
BK-Server
b732
Content-Type
image/gif

Redirect headers

date
Sat, 15 May 2021 14:07:52 GMT
x-content-type-options
nosniff
server
nginx
location
https://stags.bluekai.com/site/29931?id=7EC3F4EC11504FE1A29FA76509B1F1E1
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
154
expires
Fri, 14 May 2021 14:07:52 GMT
tpid=7EC3F4EC11504FE1A29FA76509B1F1E1
bcp.crwdcntrl.net/map/c=7625/tp=SIMP/
Redirect Chain
  • https://um.simpli.fi/crwdcntrl
  • https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=7EC3F4EC11504FE1A29FA76509B1F1E1
0
0
merge
ce.lijit.com/
Redirect Chain
  • https://um.simpli.fi/lj_match
  • https://ce.lijit.com/merge?pid=2&3pid=7EC3F4EC11504FE1A29FA76509B1F1E1
0
0
419566.gif
idsync.rlcdn.com/
Redirect Chain
  • https://um.simpli.fi/liveramp_match
  • https://idsync.rlcdn.com/419566.gif?partner_uid=7EC3F4EC11504FE1A29FA76509B1F1E1
0
66 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/419566.gif?partner_uid=7EC3F4EC11504FE1A29FA76509B1F1E1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.wcnc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 15 May 2021 14:07:56 GMT
via
1.1 google
alt-svc
clear
content-length
0

Redirect headers

date
Sat, 15 May 2021 14:07:52 GMT
x-content-type-options
nosniff
server
nginx
location
https://idsync.rlcdn.com/419566.gif?partner_uid=7EC3F4EC11504FE1A29FA76509B1F1E1
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
154
expires
Fri, 14 May 2021 14:07:52 GMT
/
www.google.de/pagead/1p-conversion/1026675585/
Redirect Chain
  • https://www.googleadservices.com/pagead/conversion/1026675585/?random=1621087672682&cv=7&fst=1621087672682&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1026675585/?random=527333577&cv=7&fst=1621087672682&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cooki...
  • https://www.google.com/pagead/1p-conversion/1026675585/?random=527333577&cv=7&fst=1621087672682&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte...
  • https://www.google.de/pagead/1p-conversion/1026675585/?random=527333577&cv=7&fst=1621087672682&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=...
42 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-conversion/1026675585/?random=527333577&cv=7&fst=1621087672682&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=vNWfYK6VCenD7_UPmqK7iAc&cid=CAQSKQCNIrLM8D23bDeWjhgoi4nSR0gIWkNfYtdUgXweaq6_4QVnsUKA2YaM&random=1840009844&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.wcnc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 15 May 2021 14:07:56 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 15 May 2021 14:07:56 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/gif
location
https://www.google.de/pagead/1p-conversion/1026675585/?random=527333577&cv=7&fst=1621087672682&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=vNWfYK6VCenD7_UPmqK7iAc&cid=CAQSKQCNIrLM8D23bDeWjhgoi4nSR0gIWkNfYtdUgXweaq6_4QVnsUKA2YaM&random=1840009844&ipr=y
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
partner
sync.search.spotxchange.com/
Redirect Chain
  • https://um.simpli.fi/spotx_match
  • https://sync.search.spotxchange.com/partner?adv_id=7797&uid=7EC3F4EC11504FE1A29FA76509B1F1E1
0
0
setuid
ib.adnxs.com/
Redirect Chain
  • https://um.simpli.fi/an
  • https://ib.adnxs.com/setuid?entity=66&code=7EC3F4EC11504FE1A29FA76509B1F1E1
0
0
tap.php
pixel.rubiconproject.com/
Redirect Chain
  • https://um.simpli.fi/rb_match
  • https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=7EC3F4EC11504FE1A29FA76509B1F1E1&expires=365
0
0
sd
us-u.openx.net/w/1.0/
Redirect Chain
  • https://um.simpli.fi/ox_match
  • https://us-u.openx.net/w/1.0/sd?id=537072966&val=7EC3F4EC11504FE1A29FA76509B1F1E1
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072966&val=7EC3F4EC11504FE1A29FA76509B1F1E1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.207.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://www.wcnc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 15 May 2021 14:07:52 GMT
via
1.1 google
server
OXGW/16.207.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date
Sat, 15 May 2021 14:07:52 GMT
x-content-type-options
nosniff
server
nginx
location
https://us-u.openx.net/w/1.0/sd?id=537072966&val=7EC3F4EC11504FE1A29FA76509B1F1E1
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
154
expires
Fri, 14 May 2021 14:07:52 GMT
g_match
um.simpli.fi/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm&google_sc
  • https://um.simpli.fi/g_match?id=&google_gid=CAESEOlhmF22Pq9fcKdG8iWyQIo&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=7EC3F4EC11504FE1A29FA76509B1F1E1
  • https://um.simpli.fi/g_match?id=
0
320 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/g_match?id=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.253.128.183 Amsterdam, Netherlands, ASN36351 (SOFTLAYER, US),
Reverse DNS
b7.80.fd9f.ip4.static.sl-reverse.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.wcnc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 15 May 2021 14:07:52 GMT
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Fri, 14 May 2021 14:07:52 GMT

Redirect headers

pragma
no-cache
date
Sat, 15 May 2021 14:07:52 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://um.simpli.fi/g_match?id=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
229
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame 9346 		0
418 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=160138&gdpr=0&gdpr_consent=&us_privacy=1YNY
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 15 May 2021 12:47:08 GMT
Cache-Control
no-store, no-cache, private
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
activeview
pagead2.googlesyndication.com/pcs/ Frame 737A 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvaFsA78R9561asC_Esa0IKJYX-7yv5dO2Z0ck3rpH3BRqHuaAQgN4Ds2lbS2sIaWl9IkvYS80qqK404scw9v0uoCaSknSJhTPRAGOkytxnWQoq&sai=AMfl-YSM9BFwf8pzRnafelEwIdCTgztvq7_UBO8LvSAzmhHKFhG9ENN4B_3-4CIsIWbdbbPt55HTM8ZD7GIj5H9-kUm3m4TjrzB74-BKaR9uVCK18JqQXVWHiNfoUSSd5lE&sig=Cg0ArKJSzF_FSbJWRqVpEAE&cid=CAASPeRot8htAZzJ28J5DtOeVubJqkpydsnr66jWZfJ9Ee-Fth26Fc75IrLzhOjlCvA2YHySaviyQ1IISouP3CA&id=lidar2&mcvt=1000&p=30,315,284,1285&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20210514&bin=7&avms=nio&bs=0,0&mc=0.98&if=1&app=0&itpl=20&adk=2159144634&rs=4&met=mue&la=1&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ%3D%3D&vs=4&rst=1621087667577&dlt=26&rpt=4982&isd=0&msd=0&r=v&fum=1
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c70b44ee1a804784c16670da0322118d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 15 May 2021 14:07:53 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
office-970x250.jpg
cdn.contentspread.net/24i/advertiser/32995/creativesup/ Frame 8970 		49 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.contentspread.net/24i/advertiser/32995/creativesup/office-970x250.jpg
Requested by
Host: hal90002.redintelligence.net
URL: https://hal90002.redintelligence.net/request_content.php?s=41818000086747400710594011595002&a=df9fae95
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
85.114.131.234 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software
nginx /
Resource Hash
c2c0438345e8266d1c5bfb3c5d2e6a4969ff4b714300e4e2a40dc2bf8bae4fef

Request headers

Referer
https://hal90002.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 15 May 2021 14:07:53 GMT
Last-Modified
Thu, 23 Jun 2016 13:50:03 GMT
Server
nginx
ETag
"576be90b-c36d"
Content-Type
image/jpeg
Connection
close
Accept-Ranges
bytes
Content-Length
50029
viewability
hal90002.redintelligence.net/ Frame 8970 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal90002.redintelligence.net/viewability?s=41818000086747400710594011595002&a=dda8ca5d&vb=m
Requested by
Host: hal90002.redintelligence.net
URL: https://hal90002.redintelligence.net/request_content.php?s=41818000086747400710594011595002&a=df9fae95
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
46.4.10.47 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.47.10.4.46.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://hal90002.redintelligence.net/request_content.php?s=41818000086747400710594011595002&a=df9fae95
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 15 May 2021 14:07:53 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
truncated
/ Frame 8970 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
bid
c.amazon-adsystem.com/e/dtb/ 		176 B
539 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=3276&u=https%3A%2F%2Fwww.wcnc.com%2Fvideo%2Fmoney%2Fcash-up-for-grabs-in-federal-rebate-program%2F275-9d602892-bf91-4ee6-a82b-e811709425d4%3Fjwsource%3Dcl&pid=5zy5rFen3ThlJ&cb=3&ws=1600x1200&v=7.64.00&t=1000&slots=%5B%7B%22sd%22%3A%223%22%2C%22s%22%3A%5B%221x1%22%5D%2C%22sn%22%3A%22%2F32805352%2Fnc-charlotte-WCNC-B3352_DesktopTablet%2Fexit_interstitial%2Fmoney%22%7D%5D&pj=%7B%22us_privacy%22%3A%221---%22%7D&cfgv=0&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.5.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-5-125.vie50.r.cloudfront.net
Software
Server /
Resource Hash
937c72e68912eafca477e3a7e416f0cb43de0ffe717d4778b624e6fb477752b1

Request headers

Referer
https://www.wcnc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 15 May 2021 14:07:54 GMT
content-encoding
gzip
server
Server
x-amz-cf-pop
VIE50-C2
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.wcnc.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
163
via
1.1 e544866f1454c4458d3a6644b47d065f.cloudfront.net (CloudFront)
x-amz-cf-id
iLc41JhMLVYhvMD1Yn8RPqlS0M5piyldCq6mtMLu5UgqUWgFFUcjOw==
viewability
hal90002.redintelligence.net/ Frame 8970 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal90002.redintelligence.net/viewability?s=41818000086747400710594011595002&a=dda8ca5d&vb=v
Requested by
Host: hal90002.redintelligence.net
URL: https://hal90002.redintelligence.net/request_content.php?s=41818000086747400710594011595002&a=df9fae95
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
46.4.10.47 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.47.10.4.46.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://hal90002.redintelligence.net/request_content.php?s=41818000086747400710594011595002&a=df9fae95
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 15 May 2021 14:07:55 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
integrator.js
adservice.google.de/adsid/ 		107 B
799 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.wcnc.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.wcnc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 15 May 2021 14:07:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
553 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.wcnc.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.wcnc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 15 May 2021 14:07:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		488 B
1003 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4422469680201682&correlator=8402501814006&output=ldjh&impl=fifs&eid=31060842%2C21064365%2C21068030%2C31060990&vrg=2021051001&ptt=17&sc=1&sfv=1-0-38&ecs=20210515&iu_parts=32805352%2Cnc-charlotte-WCNC-B3352_DesktopTablet%2Cexit_interstitial%2Cmoney&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=1x1&prev_scp=amznbid%3D2%26amznsz%3D0x0%26amznp%3D2&eri=1&cust_params=video_included%3DTrue%26ttid%3D9d602892-bf91-4ee6-a82b-e811709425d4%26pgtype%3Dvideo%26topic_section%3D%26url%3Dhttps%253A%252F%252Fwww.wcnc.com%252Fvideo%252Fmoney%252Fcash-up-for-grabs-in-federal-rebate-program%252F275-9d602892-bf91-4ee6-a82b-e811709425d4%253Fjwsource%253Dcl&cookie_enabled=1&bc=31&abxe=1&lmt=1621087674&dt=1621087674946&dlt=1621087665585&idt=507&frm=20&biw=1600&bih=1200&oid=3&adxs=800&adys=1529&adks=2269006952&ucis=4&ifi=4&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.wcnc.com%2Fvideo%2Fmoney%2Fcash-up-for-grabs-in-federal-rebate-program%2F275-9d602892-bf91-4ee6-a82b-e811709425d4%3Fjwsource%3Dcl&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x18&msz=0x0&psts=AGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=1370277086.1621087667&ga_sid=1621087667&ga_hid=1284077479&ga_fc=false&fws=4&ohw=1600&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
76fc38c5e927964bceed0bfee21444f715b16be9a57655d56adb058206ad0027
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.wcnc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 15 May 2021 14:07:55 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
266
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.wcnc.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
ib.adnxs.com
URL
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Feb2.3lift.com%252Fxuid%253Fmid%253D3335%2526xuid%253D%2524UID%2526dongle%253D4d58%2526gdpr%3D1%2526gdpr_consent%3D
Domain
ib.adnxs.com
URL
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Feb2.3lift.com%252Fxuid%253Fmid%253D3335%2526xuid%253D%2524UID%2526dongle%253D4d58%2526gdpr%3D1%2526gdpr_consent%3D
Domain
ap.lijit.com
URL
https://ap.lijit.com/beacon/amazon?url=https://aax-eu.amazon-adsystem.com%2Fs/ecm3?id=$UID&ex=sovrn.com
Domain
sync-tm.everesttech.net
URL
https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D
Domain
id.rlcdn.com
URL
https://id.rlcdn.com/709414.gif
Domain
ib.adnxs.com
URL
https://ib.adnxs.com/getuid?https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D28%26userId%3D%24UID
Domain
ap.lijit.com
URL
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D24%26userId%3D%24UID
Domain
ib.adnxs.com
URL
https://ib.adnxs.com/getuid?https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D28%26userId%3D%24UID
Domain
ap.lijit.com
URL
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D24%26userId%3D%24UID
Domain
ib.adnxs.com
URL
https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
Domain
sync.1rx.io
URL
https://sync.1rx.io/usersync2/floor6&gdpr=&gdpr_consent=
Domain
sync-tm.everesttech.net
URL
https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=&gdpr_consent=
Domain
ssc-cms.33across.com
URL
https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0013300001r0t9mAAA&ru=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dtta%26i%3D33XUSERID33X
Domain
tg.socdm.com
URL
https://tg.socdm.com/aux/idsync?proto=gumgum
Domain
sync.1rx.io
URL
https://sync.1rx.io/usersync2/sonobi&gdpr=0&gdpr_consent=
Domain
sync.1rx.io
URL
https://sync.1rx.io/usersync2/sonobi&gdpr=0&gdpr_consent=
Domain
dsp.adfarm1.adition.com
URL
https://dsp.adfarm1.adition.com/cookie/?ssp=9
Domain
visitor.fiftyt.com
URL
https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=D540C16B-877F-4C2D-94F1-B5EE9E22C7F9&gdpr=
Domain
uipglob.semasio.net
URL
https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=D540C16B-877F-4C2D-94F1-B5EE9E22C7F9&sInitiator=external&gdpr=0&gdpr_consent=
Domain
sonata-notifications.taptapnetworks.com
URL
https://sonata-notifications.taptapnetworks.com/web/cookie/bidswitch/sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=5f05b0dc-084b-4231-8048-48327283ddbc&gdpr=0&gdpr_consent=&gdpr_pd=
Domain
sync-tm.everesttech.net
URL
https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D
Domain
match.adsby.bidtheatre.com
URL
https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Domain
cdn.taboola.com
URL
https://cdn.taboola.com/libtrc/tegna-network1/loader.js
Domain
d.adroll.com
URL
https://d.adroll.com/cm/index/ssp
Domain
sync-tm.everesttech.net
URL
https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
Domain
js-sec.indexww.com
URL
https://js-sec.indexww.com/ht/htw-pixel.gif?YJ-VtqD4k35q4F2v9CPKLQAA%261206
Domain
d.adroll.com
URL
https://d.adroll.com/cm/index/ssp
Domain
js-sec.indexww.com
URL
https://js-sec.indexww.com/ht/htw-pixel.gif?YJ-VtnC4xZ3A0roAgatBxAAA%261206
Domain
aax-eu.amazon-adsystem.com
URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=index.com&id=YJ_Vt3C4xZ3A0roAgatBywAABLYAAAIB
Domain
pixel.tapad.com
URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=2305&partner_device_id=7EC3F4EC11504FE1A29FA76509B1F1E1
Domain
sync.intentiq.com
URL
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=7EC3F4EC11504FE1A29FA76509B1F1E1
Domain
bcp.crwdcntrl.net
URL
https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=7EC3F4EC11504FE1A29FA76509B1F1E1
Domain
ce.lijit.com
URL
https://ce.lijit.com/merge?pid=2&3pid=7EC3F4EC11504FE1A29FA76509B1F1E1
Domain
sync.search.spotxchange.com
URL
https://sync.search.spotxchange.com/partner?adv_id=7797&uid=7EC3F4EC11504FE1A29FA76509B1F1E1
Domain
ib.adnxs.com
URL
https://ib.adnxs.com/setuid?entity=66&code=7EC3F4EC11504FE1A29FA76509B1F1E1
Domain
pixel.rubiconproject.com
URL
https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=7EC3F4EC11504FE1A29FA76509B1F1E1&expires=365

Verdicts & Comments Add Verdict or Comment

156 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| tegna function| loadCSS function| applyFocusVisiblePolyfill object| OneTrustStub string| OnetrustActiveGroups string| OptanonActiveGroups object| dataLayer function| OptanonWrapper function| addUspapiFrame function| optOutMsgHandler function| __uspapi object| usPrivacyCookie object| gamoo object| otCcpaOptOut function| dnsfeed object| apstag object| googletag object| utag_data function| recaptchaCallback object| _taboola object| jwplayer function| requirejs function| require function| define object| script object| firstScriptTag undefined| gtag object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| __otccpaooLocation object| ggeac object| google_js_reporting_queue object| recaptcha boolean| apstagLOADED object| firebase object| webpackChunkgroundcontrol function| bootAd object| Audit object| STR function| $ function| jQuery object| otStubData object| webpackJsonpjwplayer function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter undefined| google_measure_js_timing object| modal object| Optanon object| OneTrust object| _google_rum_ns_ object| google_persistent_state_async number| google_global_correlator number| google_srt function| mb function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList object| module$contents$ima$CompanionAdSelectionSettings_CompanionAdSelectionSettings object| ima object| module$contents$ima$AdsRenderingSettings_AdsRenderingSettings object| module$contents$ima$AdCuePoints_AdCuePoints object| module$contents$ima$AdError_AdError object| module$contents$ima$AdErrorEvent_AdErrorEvent object| module$contents$ima$AdEvent_AdEvent object| module$contents$ima$AdsManagerLoadedEvent_AdsManagerLoadedEvent object| google object| closure_lm_355635 object| ns_ function| owpbjsChunk object| owpbjs object| _pbjsGlobals object| ucTag object| PWT object| OWT object| Criteo object| closure_lm_33719 object| googleToken object| googleIMState function| processGoogleToken number| __google_ad_urls_id number| google_unique_id object| gaGlobal object| GoogleGcLKhOms object| google_image_requests object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| criteo_pubtag object| criteo_pubtag_prebid_107 object| Criteo_prebid_107 object| __google_ad_urls boolean| google_osd_loaded boolean| google_onload_fired object| ampInaboxIframes object| ampInaboxPendingMessages object| msgData function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb boolean| utag_condload object| utag function| udm_ function| ns_order function| ns_onclick boolean| __tealium_twc_switch object| _sf_async_config string| GoogleAnalyticsObject function| ga object| g object| ns_p number| _sf_startpt object| google_tag_data object| gaplugins object| gaData object| _cb_shared object| pSUPERFLY_mab object| _cbq object| pSUPERFLY object| pSUPERFLY_video object| _cbv_strategies object| _cbv object| sifi_att_42656 object| _cbm

2 Cookies

Domain/Path Name / Value
.www.wcnc.com/ Name: OptanonConsent
Value: isIABGlobal=false&datestamp=Sat+May+15+2021+16%3A07%3A46+GMT%2B0200+(Central+European+Summer+Time)&version=6.4.0&hosts=&consentId=48d6e218-6191-4894-9d63-3e25f78fec5e&interactionCount=0&landingPath=https%3A%2F%2Fwww.wcnc.com%2Fvideo%2Fmoney%2Fcash-up-for-grabs-in-federal-rebate-program%2F275-9d602892-bf91-4ee6-a82b-e811709425d4%3Fjwsource%3Dcl&groups=C0003%3A1%2CC0001%3A1%2CC0004%3A1%2CC0002%3A1%2CBG1%3A1
www.wcnc.com/ Name: usprivacy
Value: 1YNY

61 Console Messages

Source Level URL
Text
console-api log URL: https://www.wcnc.com/video/money/cash-up-for-grabs-in-federal-rebate-program/275-9d602892-bf91-4ee6-a82b-e811709425d4?jwsource=cl(Line 80)
Message:
recaptcha is ready
console-api info URL: https://www.wcnc.com/assets/js-libs/signalr/signalr.min.js(Line 16)
Message:
[2021-05-15T14:07:46.103Z] Information: Normalizing '/tgnaMessage' to 'https://www.wcnc.com/tgnaMessage'.
console-api warning URL: https://ads.pubmatic.com/AdServer/js/pwt/160138/3986/pwt.js(Line 1)
Message:
fun-hooks: referenced 'registerAdserver' but it was never created
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/160138/3986/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/160138/3986/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/160138/3986/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/160138/3986/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/160138/3986/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/160138/3986/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/160138/3986/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/160138/3986/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/160138/3986/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/160138/3986/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/160138/3986/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/160138/3986/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/160138/3986/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/160138/3986/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/160138/3986/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/160138/3986/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/160138/3986/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/160138/3986/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/160138/3986/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/160138/3986/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/160138/3986/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/160138/3986/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/160138/3986/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/160138/3986/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://cdn.cookielaw.org/opt-out/otCCPAiab.js(Line 96)
Message:
received a request for uspapi
console-api log URL: https://cdn.cookielaw.org/opt-out/otCCPAiab.js(Line 96)
Message:
received a request for uspapi
console-api log URL: https://cdn.cookielaw.org/opt-out/otCCPAiab.js(Line 96)
Message:
received a request for uspapi
console-api log URL: https://cdn.cookielaw.org/opt-out/otCCPAiab.js(Line 96)
Message:
received a request for uspapi
console-api warning URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051001.js(Line 6)
Message:
This ad's html cannot be accessed using the getHtml method on googletag.Slot. Returning the empty string instead.
console-api log URL: https://cdn.cookielaw.org/opt-out/otCCPAiab.js(Line 96)
Message:
received a request for uspapi
console-api log URL: https://cdn.cookielaw.org/opt-out/otCCPAiab.js(Line 96)
Message:
received a request for uspapi
console-api info URL: https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs(Line 10)
Message:
Powered by AMP ⚡ HTML – Version 2103020108001 https://www.wcnc.com/video/money/cash-up-for-grabs-in-federal-rebate-program/275-9d602892-bf91-4ee6-a82b-e811709425d4?jwsource=cl
console-api log URL: https://cdn.cookielaw.org/opt-out/otCCPAiab.js(Line 96)
Message:
received a request for uspapi
console-api warning URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051001.js(Line 6)
Message:
This ad's html cannot be accessed using the getHtml method on googletag.Slot. Returning the empty string instead.
console-api log URL: https://cdn.cookielaw.org/opt-out/otCCPAiab.js(Line 96)
Message:
received a request for uspapi
console-api log URL: https://cdn.cookielaw.org/opt-out/otCCPAiab.js(Line 96)
Message:
received a request for uspapi
console-api log URL: https://cdn.cookielaw.org/opt-out/otCCPAiab.js(Line 96)
Message:
received a request for uspapi
console-api log URL: https://cdn.cookielaw.org/opt-out/otCCPAiab.js(Line 96)
Message:
received a request for uspapi
console-api log URL: https://cdn.cookielaw.org/opt-out/otCCPAiab.js(Line 96)
Message:
received a request for uspapi
console-api log URL: https://cdn.cookielaw.org/opt-out/otCCPAiab.js(Line 96)
Message:
received a request for uspapi
console-api info URL: https://www.wcnc.com/assets/js-libs/signalr/signalr.min.js(Line 16)
Message:
[2021-05-15T14:07:48.660Z] Information: WebSocket connected to wss://tgna-ux-ctrl.service.signalr.net/client/?hub=tegnaonemessage&asrs.op=%2FtgnaMessage&asrs_request_id=CcJ3h2gjAAA%3D&id=w59tOBh2S5KuoT7QkQ7H1Qaf6ad3741&access_token=eyJhbGciOiJIUzI1NiIsImtpZCI6IjQ2OTIwNjEyNyIsInR5cCI6IkpXVCJ9.eyJuYmYiOjE2MjEwODY5MDcsImV4cCI6MTYyMTA5MDUwNywiaWF0IjoxNjIxMDg2OTA3LCJhdWQiOiJodHRwczovL3RnbmEtdXgtY3RybC5zZXJ2aWNlLnNpZ25hbHIubmV0L2NsaWVudC8_aHViPXRlZ25hb25lbWVzc2FnZSJ9.ogp4Q-_xdykCw7kiCPC9OxFvAFvTZ6dAkgbXbLLnASo.
console-api info URL: https://www.wcnc.com/assets/js-libs/signalr/signalr.min.js(Line 16)
Message:
[2021-05-15T14:07:48.660Z] Information: Using HubProtocol 'json'.
console-api log URL: https://cdn.cookielaw.org/opt-out/otCCPAiab.js(Line 96)
Message:
received a request for uspapi
console-api log URL: https://cdn.cookielaw.org/opt-out/otCCPAiab.js(Line 96)
Message:
received a request for uspapi
console-api log URL: https://cdn.cookielaw.org/opt-out/otCCPAiab.js(Line 96)
Message:
received a request for uspapi
console-api log URL: https://cdn.cookielaw.org/opt-out/otCCPAiab.js(Line 96)
Message:
received a request for uspapi
console-api log URL: https://cdn.cookielaw.org/opt-out/otCCPAiab.js(Line 96)
Message:
received a request for uspapi
console-api log URL: https://cdn.cookielaw.org/opt-out/otCCPAiab.js(Line 96)
Message:
received a request for uspapi
console-api log URL: https://tags.tiqcdn.com/utag/tegna/wcnc-redesign-desktop/prod/utag.js(Line 68)
Message:
[_utag] readyForTagRequests undefined
console-api log URL: https://tags.tiqcdn.com/utag/tegna/wcnc-redesign-desktop/prod/utag.js(Line 212)
Message:
[tealium] Loading Taboola
console-api log URL: https://tags.tiqcdn.com/utag/tegna/wcnc-redesign-desktop/prod/utag.js(Line 73)
Message:
[_utag] tealiumTagRequested [object Object]
console-api log URL: https://tags.tiqcdn.com/utag/tegna/wcnc-redesign-desktop/prod/utag.js(Line 68)
Message:
[_utag] readyForTagRequests undefined
console-api log URL: https://tags.tiqcdn.com/utag/tegna/wcnc-redesign-desktop/prod/utag.js(Line 73)
Message:
[_utag] tealiumTagRequested [object Object]
console-api log URL: https://tags.tiqcdn.com/utag/tegna/wcnc-redesign-desktop/prod/utag.js(Line 68)
Message:
[_utag] readyForTagRequests undefined
console-api log URL: https://tags.tiqcdn.com/utag/tegna/wcnc-redesign-desktop/prod/utag.js(Line 73)
Message:
[_utag] tealiumTagRequested [object Object]
console-api log URL: https://tags.tiqcdn.com/utag/tegna/wcnc-redesign-desktop/prod/utag.js(Line 68)
Message:
[_utag] readyForTagRequests undefined
console-api log URL: https://tags.tiqcdn.com/utag/tegna/wcnc-redesign-desktop/prod/utag.js(Line 106)
Message:
chartbeat loaded
console-api log URL: https://tags.tiqcdn.com/utag/tegna/wcnc-redesign-desktop/prod/utag.js(Line 106)
Message:
chartbeat loaded

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.sportradarserving.com
aa.agkn.com
aax-eu.amazon-adsystem.com
ad.360yield.com
ad.turn.com
ads.avct.cloud
ads.creative-serving.com
ads.pubmatic.com
ads.yahoo.com
adservice.google.com
adservice.google.de
ap.lijit.com
b1sync.zemanta.com
bcp.crwdcntrl.net
bh.contextweb.com
bidder.criteo.com
biddr.brealtime.com
btlr.sharethrough.com
c.amazon-adsystem.com
c.bing.com
c1.adform.net
c70b44ee1a804784c16670da0322118d.safeframe.googlesyndication.com
cdn.ampproject.org
cdn.contentspread.net
cdn.cookielaw.org
cdn.taboola.com
cdn.undertone.com
ce.lijit.com
cm.g.doubleclick.net
creativecdn.com
cs.admanmedia.com
cs.emxdgt.com
d.adroll.com
d.agkn.com
d5p.de17a.com
dis.criteo.com
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
e.serverbid.com
eb2.3lift.com
entitlements.jwplayer.com
eu-u.openx.net
eus.rubiconproject.com
fei.pro-market.net
geolocation.onetrust.com
gift-connect-d.openx.net
go.sonobi.com
googleads.g.doubleclick.net
gum.criteo.com
hal9000.redintelligence.net
hal90002.redintelligence.net
hb.emxdgt.com
hb.undertone.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
i.simpli.fi
ib.adnxs.com
id.rlcdn.com
idsync.rlcdn.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
imasdk.googleapis.com
inv-nets.admixer.net
js-sec.indexww.com
js.alpixtrack.com
loada.exelator.com
loadm.exelator.com
mab.chartbeat.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
media.wcnc.com
mwzeom.zeotap.com
native.sharethrough.com
odr.mookie1.com
p.rfihub.com
pagead2.googlesyndication.com
ping-meta-prd.jwpltx.com
ping.chartbeat.net
pixel-eu.rubiconproject.com
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel.advertising.com
pixel.onaudience.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.tapad.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prd.jwpltx.com
pubmatic-match.dotomi.com
r.scoota.co
rtb.adentifi.com
rtb.gumgum.com
rtb.openx.net
s.ad.smaato.net
s.amazon-adsystem.com
s0.2mdn.net
sb.scorecardresearch.com
secure-assets.rubiconproject.com
secure.adnxs.com
securepubads.g.doubleclick.net
serverbid-sync.nyc3.cdn.digitaloceanspaces.com
simage2.pubmatic.com
simage4.pubmatic.com
simplifi.partners.tremorhub.com
sonata-notifications.taptapnetworks.com
ssc-cms.33across.com
ssl.p.jwpcdn.com
ssum-sec.casalemedia.com
stags.bluekai.com
static.chartbeat.com
static.criteo.net
stats.g.doubleclick.net
sync-amz.ads.yieldmo.com
sync-tm.everesttech.net
sync.1rx.io
sync.bfmio.com
sync.go.sonobi.com
sync.intentiq.com
sync.ipredictive.com
sync.mathtag.com
sync.outbrain.com
sync.search.spotxchange.com
sync.serverbid.com
sync.srv.stackadapt.com
sync.technoratimedia.com
t.pubmatic.com
tag.simpli.fi
tags.tiqcdn.com
tg.socdm.com
tgna-ux-ctrl.service.signalr.net
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
u.openx.net
uipglob.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
usr.undertone.com
visitor.fiftyt.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagservices.com
www.gstatic.com
www.wcnc.com
x.bidswitch.net
aax-eu.amazon-adsystem.com
ap.lijit.com
bcp.crwdcntrl.net
cdn.taboola.com
ce.lijit.com
d.adroll.com
dsp.adfarm1.adition.com
ib.adnxs.com
id.rlcdn.com
js-sec.indexww.com
match.adsby.bidtheatre.com
pixel.rubiconproject.com
pixel.tapad.com
sonata-notifications.taptapnetworks.com
ssc-cms.33across.com
sync-tm.everesttech.net
sync.1rx.io
sync.intentiq.com
sync.search.spotxchange.com
tg.socdm.com
uipglob.semasio.net
visitor.fiftyt.com
104.109.77.38
104.111.230.142
104.17.120.107
13.224.95.11
13.224.95.128
13.224.95.46
13.248.242.197
13.32.5.125
13.89.175.133
130.211.141.45
142.250.181.226
142.250.186.98
146.0.227.110
146.59.148.16
150.136.25.38
152.199.22.243
159.253.128.183
167.172.1.14
169.197.150.7
169.50.137.176
172.217.18.98
178.128.135.80
178.162.133.148
178.162.133.149
178.250.0.163
178.250.2.131
18.156.0.31
18.158.167.137
18.193.131.224
18.193.144.52
18.194.113.221
18.195.155.181
18.196.230.57
18.198.69.109
184.25.114.127
184.25.115.31
184.30.18.234
185.184.8.30
185.29.133.199
185.33.221.50
185.64.189.110
185.64.189.112
185.64.189.114
185.64.189.244
185.64.190.78
185.64.190.80
185.64.190.81
193.0.160.128
198.148.27.139
2.18.233.180
2.18.234.21
2001:678:cb4:bbbb::11
205.185.216.10
213.155.156.185
23.45.99.241
23.79.143.124
2600:1901:0:8eee::
2600:1f18:612b:4232:3a2c:3c86:af1b:2715
2600:9000:206e:a000:18:1fcd:34e:d2a1
2600:9000:211a:9800:1f:df94:f9c0:93a1
2600:9000:2190:c000:1f:2473:9080:93a1
2600:9000:21f3:7a00:0:70b1:7080:93a1
2606:4700:10::6814:b944
2606:4700:10::ac43:db6
2606:4700::6810:9440
2620:116:800d:21:5a23:9c4e:e774:96c1
2620:1ec:c11::200
2a00:1288:110:c305::8000
2a00:1288:80:800::7001
2a00:1450:4001:803::2001
2a00:1450:4001:808::2004
2a00:1450:4001:80e::2002
2a00:1450:4001:810::2002
2a00:1450:4001:811::2001
2a00:1450:4001:811::2002
2a00:1450:4001:812::2006
2a00:1450:4001:828::200e
2a00:1450:4001:829::2003
2a00:1450:4001:829::200a
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2001
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::2003
2a00:1450:4001:831::2004
2a00:1450:400c:c0c::9b
2a02:2638::1c
2a02:2638::3
2a02:fa8:8806:12::1400
2a04:4e42:1b::626
2a04:4e42:1b::714
3.120.52.76
3.121.70.57
3.125.137.77
3.127.52.31
34.203.138.195
34.224.142.75
34.240.2.137
34.98.67.61
35.156.153.71
35.186.253.211
35.244.159.8
35.244.174.68
37.157.6.241
37.252.172.45
46.4.10.47
52.209.246.140
52.22.118.41
52.22.84.205
52.28.33.202
52.29.213.60
52.50.187.150
52.95.124.165
54.171.74.241
54.236.227.29
54.81.207.173
66.155.71.149
69.173.144.138
69.173.144.139
70.42.32.191
72.21.206.140
8.43.72.97
85.114.131.234
88.214.206.142
94.130.102.164
010e128b57dec050c1a5a238e8d18f42ba3b66f4fc52cc83cdd392c230263544
02e50d4e14196629bed86e260ca3a288e723001492bc60ece4b4e6ccd1b3998a
0414d0221112224b4c926de91a6e316f9d9aba685aa8b05fd0654848d8fcdf55
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
05a4fb803e2982bbc2b71afad4bd921bc3389ed80e0d0374ad0d5ec97212c75d
05b1936a5e4229dc34d8e5fcfc22ce024634ea618687f37e31857402b27c4dba
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
081fe081ca1a1c7857c829ef147d17156961a29cbe66e56b31bb6fbefee16310
082b3365410bcf2809a6b106bdf14befbce73034be5bca2255cfc4721ed594d8
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c906eac80f38d39fc40910a1311e9e881ec17ad19f3cac1f1a82ba0c67ae6e9
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5
0f2408d274b2e81505cf5c1b84d9f0d583282490834abfe22710e697342c05e4
11f4aadee3909cceae05a18baab645ad7d97329919241076a61cb6f3f95f8fd2
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
1425c2cb6889b51138bd22417d62f500dcac0e9ad39a5af51094627724529e03
14a6bc9fca94f536d24da272cf684e3e900adaf170804cceda99f44c97c710c4
15d7102dce5c29b9671e9ae90fd839d5e3f4d1f578a1473b4981cbdd01d9aa59
1679dc5c49eba59bea7493931643016631cc4f452bb03541743c12907346f275
174ab6f83cfd4d727ecefe5da9c2f806c971bff23694858be705db16c633b556
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1b95ffd8d5e131d47fa1a5ab65bca620eeef87328c413940cd60a9fbcedf4b74
1ca7c4da6020839f3e0f6312ad36447f9003ac913dea63bc14a66e9731498835
1cd6da74853b21ba22d2e07cad0e7118be9fc9d0993619ec6c0c72be040abecf
1d3b44733db0c0167cafb64ccb0e74572c7795a436ee472eaa88f5a6089ba894
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4
202a9cabd46d72d09eabd4600ce3c0b3f793c460ff6d4240f8fb216f36581cd6
21d45a4ed77653b3b1ee2b47a786a4dbb936a3b19fc56e1b44c16aed35eb80ee
21d46bb0a238b8c1b0ab5ea12b5fa6cab58b90e30ca08727321e1e40e2970046
23371b5319a53a0a2d3c59d738d679c384822c244ea4e791ef87a4110b8a291e
2405bd02584cae91a0a4c434fec3e72f392d07e1bedc993c3b16baa7800bbdfd
24a58ecfdf6d4195a94c1723223b86ad271756c59c609f1913fd7d3838b56a49
259f01a4a83ad8a3ea4306becf97b5270bed9e5556f64ed6bde597f2f0601b39
2774640b1d27c3aa4e178db75e4a77fd9ae7d9b01fa15e29de0a05bc21d3d829
282c429b052baa13bf3c496b5484d4bec616db46fb7505a487fa86e97a3e652f
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
2f5bf5edcefe950e16d287cdcb9c28690952439098ee0639f4a960fe268ae231
301ebf38eea95b9d2767e7053c7a64f0cc692ea9ae16a9efe17e38d3c32b515f
306542149b29e0d8a5e1da83fb88f244bedf946a24bfeaf94d1012f92b2f09db
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
36141846150edfd265b1229bff6b9168c1ec6ff52df8fa322ab8221ce4dd5d48
36213828ced246a1cf0a48bd06cc47a85ab14362cd629c02bd1afdebfc76873d
394fbee3f40224fe0d37a0987ea217e45e2019289ac8b895715fde9fec2c6d5d
39dfcb1fe6bb42657e7965e68514c7227189bd9cbea5a973a6403effcfd0b64c
3a1b8041b461cc76efe8b2e53dfe10b3d12f06cb71504c0a6601ea86205d3034
3c2990e613b9b13e8a30c470da9e9b39e598f5f79812593b313c54878942ed35
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fc7323b2e13107147cac7f90cce221e7efb2c7588f60911bc322a4722d88e6d
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
40f12e335914950b4f2058dbcbbee727f3f7542399ec6b2e98256480ea91aa49
47322e807cfc93f44b01789c1fc54f8518857b3777b4943b0313e04cda925635
4821fcf9c6131b5e09c316f6946b187f0b3751d723a19b2ff9f2df396d232cbf
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4bf63af61eae56517944f32094187ba6082c7d29cfaac60064142769f57af1c5
4c616b0445de7236c857bbcff63e3236985202ead1d6676dd74b6151a5d88800
4c6af60796cc240ad277098308cf363c2700f5296264ec1b43b4e1362763c439
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e09b68632588396c28cfadd6fda5f86b0bd0e0119c955ea0ba8121c34c0fa37
4f46b50281cc387a202816e26b329a1b40045904544f09dcce50d920777d72da
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
5195b5533eaad9e23ee9c1ad9dd017b4f0fca8d54921a3f045858eaf4145689d
52ed72317198b4732b86870171988d5945d7db405e14c117a48d63de2340b8ac
58a14ba2e3e773324e8b8aeadcd988bdd177f68e6bf65c5fcdd339032e536e61
59bf4920a322377c761eec2dba5b7de57b64267e82b0d3a7e9fafcfd4a954e34
5a3f6efae9f5f4cc8e471390d381607391273deac801b3598b70212e5415444e
5d56dc4c445b469402d99527d6961ad842b73d46c2bbee3c465478ecb7ac741f
60ae8e358a5baa13dc2222a458efebfab53bffc351789f13602cd5bba9dc0d24
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda
61f60917f730662b6783589f1421f56d262279847c2c27490023b3257914c3eb
66c15b23dbfcb2e4c295844c69e32656ea8960e816c20745c4263a2daa268511
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
6960fb9bc57f47f44b11ebcdf875771e8532e09d5cec00ba6e52ac3aca476b05
69888638e9ff0c81c3441d6647ad23d5569bf7a1d1d31678665584b94bcc5c62
69fd8b1fc178e1a3074f4339ce3feff819eabe2ccdc8f574d5e9593cce379ef0
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b1a95aed3687521fcbf654063d65a3facbe97c96c888c9016bbe8d1c719637f
6cd44263214960e9d1e5422c57338590b2bb3af09777591ed10f7206bd206497
6e553b4e88ac4a1819d608fe9dcb46544ca5fb776d4e0c84d773f37b1df18211
72cb96ad9f56b86ddfd5059f2af37740efc99f08949b662c3badc807445aebce
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
73727aa5267ebaeeaac9695d71a663f5f32b28c76b0717aae7d72b3d4eb5c1bc
75ebbcbd4583af52a30628a4ded7a6634a8682f119d539c3b5669e1c6ef2702b
76fc38c5e927964bceed0bfee21444f715b16be9a57655d56adb058206ad0027
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
80cc8323725faa458a94cbb1b608d609dbfa9735205481c9fd616480512c405d
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
833af9e4f4ffac431e9529e938dc5efef17cae26d29d2cf0fd8e0064432dd58f
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
860c031c10a03384b13a4278e6843498d5f334b112952f818278aada03b3650c
868a78df4f3d0a21f89c48ccc709df44d3875f5fb33e22bf51ca8b5c28be4202
8926e4b99652d9bb3a5ee08fcccdda2a021ce181a69f747740bdd26ba2c9ae68
8adf835b297f18aa78975306db085e99a6518696fa8faed144ef25e8024d9038
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8de9ff8425707d951c51085405616e03416257c7882e3c65265d2d2dd093b9ff
8f11f2d65d3a1594a57625e5a9457a1beb87c6a0399172cab062d50263ae388b
8f4ad4651d303f2ba96e415554e247770276cbf7a9165d3ae1d3fd8fcaed5f41
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
8f9560479a05fb86854546c40ec030edc2bac692d4142391d69b16e5c033a185
903eb8f1cc364e01930ba03579f049a72794aa91d1a5842a2edb6365e436bb7c
937c72e68912eafca477e3a7e416f0cb43de0ffe717d4778b624e6fb477752b1
9950075601b299a1bde9cc56280eda417b5c610deb9d47b584ef0bb1b9011f94
99971742b820a02c49becf8a6418259b71bed92b6b17d3013b24ab240a4449ae
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9b39120936e9a362eaa60c69de188339baac5739f3f0f960e6eb247c55cfb684
9c03faa7f1a0782e916dbae897b96d443ed450df44e01b4cd3f5b0f1720af494
9d67345f2b7684ed471d46c1042687a3cda65323d00aef597c11e9f261800d0f
9dc239c6f331ca10ed94790e3f3af7d432a8d004806e0bf76fc855ffffc621a2
9e41ff7f2f9527f9f68e87e21f6fcea9a2f380999869354e71c6d45e9482812d
a060c61decc8daa80d700f95cdcab86e1f2fed93e4817df8757009a68fe0ac6e
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d479849ec285e69a23f7d4b76f97109f98adbbd63fd55f478624bd1e138608
a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
a4638d140c7a66cf9be9a72a4297037ebafd5465e1f1e7ea44df31fb5ecb4b68
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a6f768cbb894f2690011ee62662d3ac9480d12f5088fa46be57e650fcc4d835c
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a738d4aa70c5269437e9c3452eadbb550dbdb75b173785d83ef2d29c9fcc85a9
ad37a015854eb03f58c6e08603fe8bfac057484f94a2113a10116991623e4abb
ae3bc574caeba3f2a2467d92c9108eedd80a426ff0508e0ea5ed96592a21fb19
ae407e415a45b6c720d8d61fef8c28756883d0f546a64e7a2969d6174c669951
af75f0d21261526a056032dec44c7dac8e5812515bf253e1f877da38d45faee6
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b19865c2e8366fc6cef8f869b9447b23243e4917d73591e554f1b697a1f8da9a
b701ed69b573de149226a5753983df7fbc11f5e834a7f8e0d4038be8b7c51864
b772d9b544e76e60f9304d449812c8bc4f67b8b67dafa5a089d82c982d6c9e44
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bbe1cfe6b7fe12d43da69aea0739595957376986c1b3f86e91871e0b5531a69f
bc902768c2ec3a51106337c1b7b7ee9d0994a21f795b879db7cd24029edd33c7
bcd981b09aa80b5744acece2246e71309f2a7825b01603e49e55d8f83e828b03
bda5b27b7c31ac6ef9f7260e2b46ddcb02e659df1b0614c191a85b0f1165461f
bdbb3b88367e0dc7f2af34b3bb701fe2523c8653a48cdfd8aaf67c2d1e18b76d
c1fdbb51cd82b45ed2f8ffe288f9cdb9e00d3c6398c1b1bbde936f751a73e613
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c24734b740915380b22b08f6f5bd88e5cfdce76cffbbd48fe9cfba9636c00d48
c2bdf133eb56b80b1575d63192fe56210fbb630887500877555c1eba9adda239
c2c0438345e8266d1c5bfb3c5d2e6a4969ff4b714300e4e2a40dc2bf8bae4fef
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
c682f11f436b09c0f49e0f3c6ad3525000bec52c72754afa5692c16c9ece776f
c718cd3280f67258b227f705c8088e07c1b396c376d0984a954338f2004323e8
cafbd551d674da240212f6c44988757a728b9dc8cbc2a6c8dcf53c0d9159c323
cdaeb0ef01928c88da8f7022878a69a8dfa43f78963a0a9a5d17c4adbc336f4a
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d165f84e466f4d1c4e4840e7bddf5e6e0114e114cf2c555078c40719498430dc
d25e0020e619e93bc1c3bd099646f505ff81224bcb664a7ba211e81d4818183e
d3cc6a23eb5853b54cfb653bf511d55bdcd62368a8c3627d6ebfe6678fe5217b
d4be344ce30962b27f30c1dcb5ca9f58799ba5aa418caa403f3cf73885c8b633
d56d2e1b7aca98e388871928ce00f3ca77ac75ea2f34cd2711e05a18237eda9a
d6b40bbbf5600b019b308b2c37902e2bc8039f17d8aaff659959a2ab1690ba8e
d6b7472f98f400d0f4c24dea8eb9a90afb003eda04b32f86f48fddaf56f78fbf
d70e3039202264152b0c58cc609fdd12fa198fd2fcb9046ad42106525627afa2
da53b4b3093ed7f6928654e5ee2c1820e875451aab8a25d98b70ad708c1213e9
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dfa05a5964f7993f83a296584170a7e49ace63db0891f1e53add0635e022bf6b
dfeb7783a538aaf85df056bf149c808937dccdb3e3af5714d6fba017054e2f94
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5fe75940ef4f7d560b70139c1a0219793d3c21cfd690760e0831774f65aa1d0
e97111aafb20d4a147b62e17a52d1205a6eec10de56f79cbcecb74b792d868dd
eae49f3e5949d58399688b1dfc2b8fdb7148f9e79764f4e2825ee7b5ce1e1f8b
eb34ecd9efdc80d264d94b84c79c178ae16cf9fbcebb5af2d89f687f36a34719
ecb0101a1af3ee3c1f9c3a1007e43df4f2e75e8c737d724c2b373d361578edde
ecf31d03b0335b2099411a2b2ffe02cb9272db8ee1878e7f693b9f07caf12af1
ee4f42803bae67f5ae3497bc48edf72f31553aefee6c1a5662aef645182fafb7
ee8f2a6ea8c02259b3f4d068d0607f92ba9cd2a6f06d915ca317b75a39676932
eeddf3677f094ef1f1d550ee477db1334e751427ed120fedda94b2a13f9c9b4d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efae70b6766292613f92f988f2ecd58f4a7a6167bb70c090437fc5189859f791
f154c12a052caec9aa9c1e5f7bcf9106a1b650798cfbc5d891172a243c96e27c
f19e9316ce9a7698f51e07bda20607b8488b16c7145b7892050a8c2148643ba0
f21ef21977e18adbfb6a24300c330bedd64ea698312f70ac94ff6a36c6fb05bc
f2952aeb4901aea0ec5383db704749906494f762738b2020ce306c4bd8e7cd8b
f42db70a89cc749e109ebd0a107b6bb25ee28868cc7eaf19e36fc33de1f28f8d
f74bdfeec83247edd199110ac967f48433637c2cd8dcac06c4de540abb3393e8
f848a64faf6e20ee11b1299965bfb230499b3e96743ab6fee80b5fa5e1941d7f
fbddb5dc71dbc432fe3c0882955fd4942934d931ea1cf8ed3107b6f8e8f6c7c8
ff1127808426d5f023799a1f1ddb8d9b8edcd711fbb74084bc664566879071ad