urlscan.io logo urlscan.io
SecurityTrails logo

wegotthiscovered.com Open in urlscan Pro
104.22.52.76  Public Scan

Go To Rescan Add Verdict Report
URL: https://wegotthiscovered.com/
Submission: On December 05 via manual from AU — Scanned from AU
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 147 IPs in 14 countries across 145 domains to perform 728 HTTP transactions. The main IP is 104.22.52.76, located in and belongs to CLOUDFLARENET, US. The main domain is wegotthiscovered.com. The Cisco Umbrella rank of the primary domain is 103260.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 8th 2022. Valid for: a year.
This is the only time wegotthiscovered.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
84 104.22.52.76 13335 (CLOUDFLAR...)
9 172.217.194.94 15169 (GOOGLE)
5 8 104.16.124.175 13335 (CLOUDFLAR...)
2 13.35.19.109 16509 (AMAZON-02)
3 74.125.68.97 15169 (GOOGLE)
28 142.251.12.156 15169 (GOOGLE)
1 104.26.7.139 13335 (CLOUDFLAR...)
3 139.99.63.197 16276 (OVH)
13 172.217.194.156 15169 (GOOGLE)
4 157.240.235.1 32934 (FACEBOOK)
2 192.0.76.3 2635 (AUTOMATTIC)
20 74.125.24.132 15169 (GOOGLE)
2 104.17.24.14 13335 (CLOUDFLAR...)
1 151.139.128.10 20446 (STACKPATH...)
1 104.16.57.101 13335 (CLOUDFLAR...)
5 104.17.78.34 13335 (CLOUDFLAR...)
1 3 13.33.88.104 16509 (AMAZON-02)
1 18.155.68.100 16509 (AMAZON-02)
3 34.110.240.68 396982 (GOOGLE-CL...)
1 34.110.189.112 396982 (GOOGLE-CL...)
1 35.190.59.101 15169 (GOOGLE)
2 35.201.67.47 15169 (GOOGLE)
2 35.190.91.160 15169 (GOOGLE)
1 151.101.2.202 54113 (FASTLY)
2 54.157.29.40 14618 (AMAZON-AES)
2 34.120.157.206 396982 (GOOGLE-CL...)
7 142.250.4.154 15169 (GOOGLE)
3 142.250.4.101 15169 (GOOGLE)
1 18.218.39.25 16509 (AMAZON-02)
5 8 103.229.10.211 16509 (AMAZON-02)
2 5 13.33.39.40 16509 (AMAZON-02)
2 13.33.100.164 16509 (AMAZON-02)
3 23 209.191.163.208 32475 (SINGLEHOP...)
2 44.235.177.172 16509 (AMAZON-02)
2 2 145.40.89.200 54825 (PACKET)
28 34 104.254.151.36 29990 (ASN-APPNEX)
1 37.157.4.41 198622 (ADFORM)
36 36 35.213.12.39 15169 (GOOGLE)
1 5 162.19.138.116 16276 (OVH)
1 34.120.155.137 396982 (GOOGLE-CL...)
2 52.37.90.245 16509 (AMAZON-02)
1 104.18.158.234 13335 (CLOUDFLAR...)
12 13.250.173.68 16509 (AMAZON-02)
3 103.231.98.193 62713 (AS-PUBMATIC)
1 172.64.154.237 13335 (CLOUDFLAR...)
2 11 34.98.64.218 396982 (GOOGLE-CL...)
9 54.199.211.51 16509 (AMAZON-02)
1 184.25.221.62 16625 (AKAMAI-AS)
2 103.71.26.124 132134 (SPOTX-AS-...)
1 72.34.250.78 27630 (AS-XFERNET)
2 54.204.109.58 14618 (AMAZON-AES)
3 7 209.191.163.209 32475 (SINGLEHOP...)
1 69.173.158.65 26667 (RUBICONPR...)
1 34.107.148.139 396982 (GOOGLE-CL...)
5 34.149.20.76 15169 (GOOGLE)
4 54.179.155.191 16509 (AMAZON-02)
1 89.207.22.114 41041 (VCLK-EU-SE)
2 74.118.186.43 26120 (RHYTHMONE)
1 182.161.73.145 55569 (CRITEO-AS...)
6 5.135.209.97 16276 (OVH)
1 18.136.8.51 16509 (AMAZON-02)
1 142.251.10.113 15169 (GOOGLE)
2 13.107.246.59 8068 (MICROSOFT...)
1 172.67.202.192 13335 (CLOUDFLAR...)
1 18.164.174.23 16509 (AMAZON-02)
1 172.67.36.131 13335 (CLOUDFLAR...)
2 157.240.235.35 32934 (FACEBOOK)
2 216.239.36.181 15169 (GOOGLE)
13 27 13.35.8.105 16509 (AMAZON-02)
1 13.33.33.127 16509 (AMAZON-02)
2 74.125.24.155 15169 (GOOGLE)
2 142.251.10.154 15169 (GOOGLE)
3 172.217.194.132 15169 (GOOGLE)
2 142.251.12.157 15169 (GOOGLE)
1 142.251.12.154 15169 (GOOGLE)
1 13.33.88.60 16509 (AMAZON-02)
1 172.67.69.19 13335 (CLOUDFLAR...)
6 52.224.31.34 8075 (MICROSOFT...)
2 182.161.73.129 55569 (CRITEO-AS...)
2 13.33.79.163 16509 (AMAZON-02)
1 23.58.236.39 16625 (AKAMAI-AS)
1 13.33.33.86 16509 (AMAZON-02)
1 172.67.38.106 13335 (CLOUDFLAR...)
3 162.19.138.120 16276 (OVH)
1 54.192.81.74 16509 (AMAZON-02)
2 22 52.46.130.91 16509 (AMAZON-02)
1 3.1.230.20 16509 (AMAZON-02)
3 142.251.12.95 15169 (GOOGLE)
1 4 142.251.10.106 15169 (GOOGLE)
1 18.155.68.12 16509 (AMAZON-02)
47 47 18.155.68.15 16509 (AMAZON-02)
43 45 103.231.98.197 62713 (AS-PUBMATIC)
36 59 142.251.10.156 15169 (GOOGLE)
22 27 103.231.98.194 62713 (AS-PUBMATIC)
3 19 104.18.33.19 13335 (CLOUDFLAR...)
6 10 139.5.84.243 27381 (CASALE-MEDIA)
9 172.217.194.148 15169 (GOOGLE)
8 23.44.0.196 16625 (AKAMAI-AS)
4 34 23.106.127.52 59253 (LEASEWEB-...)
9 9 35.227.202.26 15169 (GOOGLE)
9 10 107.178.244.193 15169 (GOOGLE)
3 3 35.77.191.155 16509 (AMAZON-02)
8 8 35.214.223.115 15169 (GOOGLE)
19 20 35.71.131.137 16509 (AMAZON-02)
9 35 67.199.150.86 62713 (AS-PUBMATIC)
3 10 52.220.163.160 16509 (AMAZON-02)
6 13 52.223.2.229 16509 (AMAZON-02)
10 14 69.173.158.64 26667 (RUBICONPR...)
3 32 35.244.159.8 15169 (GOOGLE)
11 11 103.229.206.240 30419 (MEDIAMATH...)
4 7 52.74.13.196 16509 (AMAZON-02)
11 11 35.247.47.28 396982 (GOOGLE-CL...)
6 6 104.254.151.69 29990 (ASN-APPNEX)
2 2 34.203.60.99 14618 (AMAZON-AES)
2 2 184.25.248.23 16625 (AKAMAI-AS)
1 1 23.47.190.83 20940 (AKAMAI-ASN1)
4 4 80.77.87.163 46636 (NATCOWEB)
14 18.65.3.9 16509 (AMAZON-02)
1 1 202.232.238.37 2497 (IIJ Inter...)
1 1 104.45.178.220 8075 (MICROSOFT...)
1 6 18.139.75.61 16509 (AMAZON-02)
2 5 202.131.200.84 17941 (BIT-ISLE ...)
1 2 139.99.49.250 16276 (OVH)
1 1 13.115.65.60 16509 (AMAZON-02)
7 8 185.84.60.29 198622 (ADFORM)
3 3 124.146.215.50 2514 (INFOSPHER...)
8 8 50.31.142.223 23352 (SERVERCEN...)
1 3 23.199.246.27 16625 (AKAMAI-AS)
1 1 35.208.249.213 19527 (GOOGLE-2)
1 104.16.88.20 13335 (CLOUDFLAR...)
1 13.231.40.211 16509 (AMAZON-02)
2 2 13.33.88.107 16509 (AMAZON-02)
3 3 23.8.97.76 16625 (AKAMAI-AS)
7 13 52.221.159.176 16509 (AMAZON-02)
1 122.248.223.64 16509 (AMAZON-02)
14 23.15.148.136 16625 (AKAMAI-AS)
1 6 67.199.150.81 3257 (GTT-BACKB...)
2 3 182.161.73.146 55569 (CRITEO-AS...)
1 20 54.238.120.71 16509 (AMAZON-02)
4 4 34.202.12.145 14618 (AMAZON-AES)
17 19 74.118.186.45 26120 (RHYTHMONE)
2 2 74.214.196.131 19189 (PULSEPOINT)
3 4 38.133.127.191 22075 (AS-OUTBRAIN)
1 1 34.235.231.136 14618 (AMAZON-AES)
1 150.136.25.38 31898 (ORACLE-BM...)
6 169.197.150.7 398989 (DEEPINTENT)
2 2 13.251.166.115 16509 (AMAZON-02)
1 1 20.127.253.7 8075 (MICROSOFT...)
7 7 151.101.194.49 54113 (FASTLY)
1 3.92.104.91 14618 (AMAZON-AES)
3 3 185.184.8.90 204995 (RTB-HOUSE...)
4 4 23.58.244.87 16625 (AKAMAI-AS)
6 6 89.207.22.137 399104 (CNVR-APAC)
5 5 52.74.219.59 16509 (AMAZON-02)
3 3 3.126.17.61 16509 (AMAZON-02)
1 1 103.71.26.126 132134 (SPOTX-AS-...)
2 2 18.138.18.111 16509 (AMAZON-02)
2 2 172.104.45.159 63949 (LINODE-AP...)
2 4 35.186.193.173 15169 (GOOGLE)
3 3.113.156.50 16509 (AMAZON-02)
2 3 13.250.207.233 16509 (AMAZON-02)
1 3 104.18.25.173 13335 (CLOUDFLAR...)
2 195.5.165.20 44968 (IPROM-AS)
2 4 35.190.60.146 15169 (GOOGLE)
2 2 107.178.254.65 15169 (GOOGLE)
1 1 34.98.67.3 396982 (GOOGLE-CL...)
7 103.231.98.195 62713 (AS-PUBMATIC)
3 3 35.213.93.179 15169 (GOOGLE)
4 4 50.116.239.135 6336 (TURN-US-ASN)
2 2 34.102.253.54 396982 (GOOGLE-CL...)
3 3 69.173.151.100 26667 (RUBICONPR...)
2 3 13.107.42.14 8068 (MICROSOFT...)
1 54.239.33.159 16509 (AMAZON-02)
2 151.101.1.108 54113 (FASTLY)
2 2 13.33.88.71 16509 (AMAZON-02)
3 8 67.202.105.31 32748 (STEADFAST)
1 1 52.76.76.143 16509 (AMAZON-02)
1 34.96.105.8 396982 (GOOGLE-CL...)
1 1 18.177.11.95 16509 (AMAZON-02)
1 2 35.227.252.103 15169 (GOOGLE)
1 2 104.18.101.194 13335 (CLOUDFLAR...)
1 2 204.79.197.200 8068 (MICROSOFT...)
1 2 119.9.108.191 45187 (RACKSPACE...)
4 5 46.137.212.121 16509 (AMAZON-02)
6 6 13.115.124.23 16509 (AMAZON-02)
16 16 67.202.105.21 32748 (STEADFAST)
16 34.117.239.71 396982 (GOOGLE-CL...)
10 10 66.155.71.25 13768 (COGECO-PEER1)
2 2 23.108.103.8 59253 (LEASEWEB-...)
1 1 52.203.53.149 14618 (AMAZON-AES)
3 6 18.195.252.61 16509 (AMAZON-02)
1 1 52.9.91.153 16509 (AMAZON-02)
2 3 23.58.239.171 16625 (AKAMAI-AS)
4 4 18.176.162.247 16509 (AMAZON-02)
1 1 69.173.144.139 26667 (RUBICONPR...)
1 1 198.8.71.130 54312 (ROCKETFUEL)
1 1 18.179.95.204 16509 (AMAZON-02)
1 1 34.111.151.213 396982 (GOOGLE-CL...)
1 35.213.64.108 15169 (GOOGLE)
2 2 23.106.69.72 59253 (LEASEWEB-...)
1 1 51.255.68.171 ()
1 1 162.254.186.187 ()
1 2 52.231.207.240 ()
2 182.161.73.136 ()
728 147
84    104.22.52.76 (None, )

ASN13335 (CLOUDFLARENET, US)
wegotthiscovered.com
9    172.217.194.94 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f94.1e100.net
fonts.gstatic.com
www.google.com.au
8    104.16.124.175 (None, )

ASN13335 (CLOUDFLARENET, US)
unpkg.com
2    13.35.19.109 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-19-109.sin5.r.cloudfront.net
static.chartbeat.com
3    74.125.68.97 (United States)

ASN15169 (GOOGLE, US)
PTR: sc-in-f97.1e100.net
www.googletagmanager.com
28    142.251.12.156 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f156.1e100.net
pagead2.googlesyndication.com
www.googletagservices.com
googleads4.g.doubleclick.net
ade.googlesyndication.com
1    104.26.7.139 (United States)

ASN13335 (CLOUDFLARENET, US)
btloader.com
3    139.99.63.197 (Singapore, Singapore)

ASN16276 (OVH, FR)
PTR: ns5000585.ip-139-99-63.net
hb.vntsm.com
13    172.217.194.156 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f156.1e100.net
securepubads.g.doubleclick.net
stats.g.doubleclick.net
4    157.240.235.1 (Singapore, Singapore)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-04-sin6.fbcdn.net
connect.facebook.net
2    192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
stats.wp.com
pixel.wp.com
20    74.125.24.132 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f132.1e100.net
cdn.ampproject.org
tpc.googlesyndication.com
2    104.17.24.14 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    151.139.128.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map3.hwcdn.net
s.skimresources.com
1    104.16.57.101 (None, )

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
5    104.17.78.34 (None, )

ASN13335 (CLOUDFLARENET, US)
global.proper.io
abcheck.proper.io
eb.proper.io
3    13.33.88.104 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-88-104.sin2.r.cloudfront.net
sb.scorecardresearch.com
1    18.155.68.100 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-155-68-100.sin52.r.cloudfront.net
certify-js.alexametrics.com
3    34.110.240.68 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 68.240.110.34.bc.googleusercontent.com
superficialeyes.com
1    34.110.189.112 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 112.189.110.34.bc.googleusercontent.com
terrifictooth.com
1    35.190.59.101 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 101.59.190.35.bc.googleusercontent.com
r.skimresources.com
2    35.201.67.47 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 47.67.201.35.bc.googleusercontent.com
t.skimresources.com
2    35.190.91.160 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 160.91.190.35.bc.googleusercontent.com
p.skimresources.com
1    151.101.2.202 (United States)

ASN54113 (FASTLY, US)
mab.chartbeat.com
2    54.157.29.40 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-157-29-40.compute-1.amazonaws.com
ping.chartbeat.net
2    34.120.157.206 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 206.157.120.34.bc.googleusercontent.com
spc.wegotthiscovered.com
7    142.250.4.154 (United States)

ASN15169 (GOOGLE, US)
PTR: sm-in-f154.1e100.net
googleads.g.doubleclick.net
3    142.250.4.101 (United States)

ASN15169 (GOOGLE, US)
PTR: sm-in-f101.1e100.net
www.google-analytics.com
1    18.218.39.25 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-218-39-25.us-east-2.compute.amazonaws.com
redirect.prod.experiment.routing.cloudfront.aws.a2z.com
8    103.229.10.211 (Singapore)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
pixel.quantserve.com
cms.quantserve.com
5    13.33.39.40 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-39-40.sin2.r.cloudfront.net
c.amazon-adsystem.com
2    13.33.100.164 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-100-164.sin2.r.cloudfront.net
d3div1mtym39ic.cloudfront.net
23    209.191.163.208 (United States)

ASN32475 (SINGLEHOP-LLC, US)
ce.lijit.com
2    44.235.177.172 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-235-177-172.us-west-2.compute.amazonaws.com
usync.proper.io
2    145.40.89.200 (Ashburn, United States)

ASN54825 (PACKET, US)
prebid.a-mo.net
34    104.254.151.36 (Los Angeles, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 897.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
ib.adnxs.com
1    37.157.4.41 (Denmark)

ASN198622 (ADFORM, DK)
cm.adform.net
36    35.213.12.39 (Tokyo, Japan)

ASN15169 (GOOGLE, US)
PTR: 39.12.213.35.bc.googleusercontent.com
x.bidswitch.net
5    162.19.138.116 (France)

ASN16276 (OVH, FR)
PTR: ns31533567.ip-162-19-138.eu
id5-sync.com
1    34.120.155.137 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 137.155.120.34.bc.googleusercontent.com
api.rlcdn.com
2    52.37.90.245 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-37-90-245.us-west-2.compute.amazonaws.com
bids.proper.io
1    104.18.158.234 (None, )

ASN13335 (CLOUDFLARENET, US)
player.propervideo.io
12    13.250.173.68 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-250-173-68.ap-southeast-1.compute.amazonaws.com
c2shb.pubgw.yahoo.com
3    103.231.98.193 (Japan)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
1    172.64.154.237 (United States)

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
11    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
propermedia-d.openx.net
u.openx.net
primis-d.openx.net
us-u.openx.net
jp-u.openx.net
eu-u.openx.net
9    54.199.211.51 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-199-211-51.ap-northeast-1.compute.amazonaws.com
g2.gumgum.com
rtb.gumgum.com
1    184.25.221.62 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a184-25-221-62.deploy.static.akamaitechnologies.com
a.teads.tv
2    103.71.26.124 (Singapore, Singapore)

ASN132134 (SPOTX-AS-AP SpotXchange, Inc, US)
search.spotxchange.com
1    72.34.250.78 (Los Angeles, United States)

ASN27630 (AS-XFERNET, US)
apex.go.sonobi.com
2    54.204.109.58 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-204-109-58.compute-1.amazonaws.com
reachms.bfmio.com
7    209.191.163.209 (United States)

ASN32475 (SINGLEHOP-LLC, US)
ap.lijit.com
1    69.173.158.65 (Ashburn, United States)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
1    34.107.148.139 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 139.148.107.34.bc.googleusercontent.com
prebid.media.net
5    34.149.20.76 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 76.20.149.34.bc.googleusercontent.com
ssc.33across.com
4    54.179.155.191 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-179-155-191.ap-southeast-1.compute.amazonaws.com
btlr.sharethrough.com
1    89.207.22.114 (Singapore, Singapore)

ASN41041 (VCLK-EU-SE, US)
web.hb.ad.cpe.dotomi.com
2    74.118.186.43 (Serangoon, Singapore)

ASN26120 (RHYTHMONE, US)
tag.1rx.io
1    182.161.73.145 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
bidder.criteo.com
6    5.135.209.97 (France)

ASN16276 (OVH, FR)
PTR: ip97.ip-5-135-209.eu
prg.smartadserver.com
1    18.136.8.51 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-136-8-51.ap-southeast-1.compute.amazonaws.com
tlx.3lift.com
1    142.251.10.113 (United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f113.1e100.net
www.googleoptimize.com
2    13.107.246.59 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.clarity.ms
1    172.67.202.192 (United States)

ASN13335 (CLOUDFLARENET, US)
geoip.gamurs.workers.dev
1    18.164.174.23 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-174-23.lax53.r.cloudfront.net
static.adsafeprotected.com
1    172.67.36.131 (United States)

ASN13335 (CLOUDFLARENET, US)
hb.vntsm.io
2    157.240.235.35 (Singapore, Singapore)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-04-sin6.facebook.com
www.facebook.com
2    216.239.36.181 (United States)

ASN15169 (GOOGLE, US)
analytics.google.com
27    13.35.8.105 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-8-105.sin5.r.cloudfront.net
live.primis.tech
1    13.33.33.127 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-33-127.sin2.r.cloudfront.net
rules.quantcount.com
2    74.125.24.155 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f155.1e100.net
adservice.google.com.au
2    142.251.10.154 (United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f154.1e100.net
adservice.google.com
3    172.217.194.132 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f132.1e100.net
a6877dcf690d5719671ec6745f20d2cd.safeframe.googlesyndication.com
2    142.251.12.157 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f157.1e100.net
www.googletagservices.com
ade.googlesyndication.com
1    142.251.12.154 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f154.1e100.net
partner.googleadservices.com
1    13.33.88.60 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-88-60.sin2.r.cloudfront.net
ats.rlcdn.com
1    172.67.69.19 (United States)

ASN13335 (CLOUDFLARENET, US)
ad-delivery.net
6    52.224.31.34 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
h.clarity.ms
2    182.161.73.129 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
static.criteo.net
2    13.33.79.163 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-79-163.sin2.r.cloudfront.net
aax-dtb-cf.amazon-adsystem.com
1    23.58.236.39 (Cyberjaya, Malaysia)

ASN16625 (AKAMAI-AS, US)
PTR: a23-58-236-39.deploy.static.akamaitechnologies.com
secure.cdn.fastclick.net
1    13.33.33.86 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-33-86.sin2.r.cloudfront.net
tags.crwdcntrl.net
1    172.67.38.106 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.id5-sync.com
3    162.19.138.120 (France)

ASN16276 (OVH, FR)
PTR: ns31533571.ip-162-19-138.eu
lb.eu-1-id5-sync.com
lbs.eu-1-id5-sync.com
1    54.192.81.74 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-192-81-74.lax50.r.cloudfront.net
geo.privacymanager.io
22    52.46.130.91 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
1    3.1.230.20 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-1-230-20.ap-southeast-1.compute.amazonaws.com
bcp.crwdcntrl.net
3    142.251.12.95 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f95.1e100.net
fonts.googleapis.com
4    142.251.10.106 (United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f106.1e100.net
www.google.com
1    18.155.68.12 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-155-68-12.sin52.r.cloudfront.net
api.intentiq.com
47    18.155.68.15 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-155-68-15.sin52.r.cloudfront.net
sync.intentiq.com
sync1.intentiq.com
45    103.231.98.197 (Japan)

ASN62713 (AS-PUBMATIC, US)
image8.pubmatic.com
59    142.251.10.156 (United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f156.1e100.net
cm.g.doubleclick.net
27    103.231.98.194 (Japan)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
19    104.18.33.19 (None, )

ASN13335 (CLOUDFLARENET, US)
ssum-sec.casalemedia.com
10    139.5.84.243 (Canada)

ASN27381 (CASALE-MEDIA, CA)
dsum-sec.casalemedia.com
9    172.217.194.148 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f148.1e100.net
s0.2mdn.net
8    23.44.0.196 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-44-0-196.deploy.static.akamaitechnologies.com
ads.pubmatic.com
34    23.106.127.52 (Singapore, Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
ssbsync.smartadserver.com
rtb-csync.smartadserver.com
9    35.227.202.26 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 26.202.227.35.bc.googleusercontent.com
odr.mookie1.com
10    107.178.244.193 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 193.244.178.107.bc.googleusercontent.com
pixel.tapad.com
3    35.77.191.155 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-77-191-155.ap-northeast-1.compute.amazonaws.com
aa.agkn.com
8    35.214.223.115 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 115.223.214.35.bc.googleusercontent.com
csync.loopme.me
20    35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
data.adsrvr.org
35    67.199.150.86 (Los Angeles, United States)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
10    52.220.163.160 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-220-163-160.ap-southeast-1.compute.amazonaws.com
pr-bh.ybp.yahoo.com
13    52.223.2.229 (United States)

ASN16509 (AMAZON-02, US)
PTR: ade9ecc7904667038.awsglobalaccelerator.com
eb2.3lift.com
14    69.173.158.64 (Singapore, Singapore)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
pixel-apac.rubiconproject.com
token.rubiconproject.com
32    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
u.openx.net
us-u.openx.net
jp-u.openx.net
eu-u.openx.net
11    103.229.206.240 (Singapore)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
7    52.74.13.196 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-74-13-196.ap-southeast-1.compute.amazonaws.com
ups.analytics.yahoo.com
11    35.247.47.28 (The Dalles, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 28.47.247.35.bc.googleusercontent.com
um.simpli.fi
6    104.254.151.69 (Los Angeles, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 900.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
secure.adnxs.com
2    34.203.60.99 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-203-60-99.compute-1.amazonaws.com
mb9eo.publishers.tremorhub.com
2    184.25.248.23 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a184-25-248-23.deploy.static.akamaitechnologies.com
cs.media.net
1    23.47.190.83 (Singapore, Singapore)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-47-190-83.deploy.static.akamaitechnologies.com
ads.stickyadstv.com
4    80.77.87.163 (Clifton, United States)

ASN46636 (NATCOWEB, US)
cs.admanmedia.com
14    18.65.3.9 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-65-3-9.lax50.r.cloudfront.net
video.primis.tech
1    202.232.238.37 (Itabashi-ku, Japan)

ASN2497 (IIJ Internet Initiative Japan Inc., JP)
sync.fout.jp
1    104.45.178.220 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
mweb.ck.inmobi.com
6    18.139.75.61 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-139-75-61.ap-southeast-1.compute.amazonaws.com
ads.yieldmo.com
5    202.131.200.84 (Japan)

ASN17941 (BIT-ISLE Equinix Japan Enterprise K.K., JP)
sync-dsp.ad-m.asia
2    139.99.49.250 (Singapore, Singapore)

ASN16276 (OVH, FR)
PTR: ip250.ip-139-99-49.net
onetag-sys.com
1    13.115.65.60 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-115-65-60.ap-northeast-1.compute.amazonaws.com
v9999.adv.admeme.net
8    185.84.60.29 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
3    124.146.215.50 (Japan)

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)
tg.socdm.com
8    50.31.142.223 (Elmhurst, United States)

ASN23352 (SERVERCENTRAL, US)
PTR: chi.outbrain.com
b1sync.zemanta.com
3    23.199.246.27 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-199-246-27.deploy.static.akamaitechnologies.com
sync.teads.tv
1    35.208.249.213 (Council Bluffs, United States)

ASN19527 (GOOGLE-2, US)
PTR: 213.249.208.35.bc.googleusercontent.com
trace.mediago.io
1    104.16.88.20 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
1    13.231.40.211 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-231-40-211.ap-northeast-1.compute.amazonaws.com
prebid-server.rubiconproject.com
2    13.33.88.107 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-88-107.sin2.r.cloudfront.net
s.ad.smaato.net
3    23.8.97.76 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-8-97-76.deploy.static.akamaitechnologies.com
stags.bluekai.com
13    52.221.159.176 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-221-159-176.ap-southeast-1.compute.amazonaws.com
match.sharethrough.com
1    122.248.223.64 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-122-248-223-64.ap-southeast-1.compute.amazonaws.com
sync-amz.ads.yieldmo.com
14    23.15.148.136 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-15-148-136.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
6    67.199.150.81 (Los Angeles, United States)

ASN3257 (GTT-BACKBONE GTT, US)
image6.pubmatic.com
3    182.161.73.146 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
dis.criteo.com
20    54.238.120.71 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-238-120-71.ap-northeast-1.compute.amazonaws.com
usersync.gumgum.com
4    34.202.12.145 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-202-12-145.compute-1.amazonaws.com
sync.srv.stackadapt.com
19    74.118.186.45 (Serangoon, Singapore)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
sync.targeting.unrulymedia.com
2    74.214.196.131 (Sunnyvale, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
4    38.133.127.191 (United States)

ASN22075 (AS-OUTBRAIN, US)
sync.outbrain.com
1    34.235.231.136 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-235-231-136.compute-1.amazonaws.com
sync.ipredictive.com
1    150.136.25.38 (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)
sync.technoratimedia.com
6    169.197.150.7 (United States)

ASN398989 (DEEPINTENT, US)
PTR: g.deepintent.com
match.deepintent.com
apsoutheast-match.deepintent.com
2    13.251.166.115 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-251-166-115.ap-southeast-1.compute.amazonaws.com
ad.360yield.com
1    20.127.253.7 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
sync.inmobi.com
7    151.101.194.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    3.92.104.91 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-92-104-91.compute-1.amazonaws.com
cs.emxdgt.com
3    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
creativecdn.com
4    23.58.244.87 (Cyberjaya, Malaysia)

ASN16625 (AKAMAI-AS, US)
PTR: a23-58-244-87.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
6    89.207.22.137 (Singapore, Singapore)

ASN399104 (CNVR-APAC, US)
PTR: sin03-usadmm-ds.dotomi.com
yieldmo-match.dotomi.com
pubmatic-match.dotomi.com
openx2-match.dotomi.com
5    52.74.219.59 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-74-219-59.ap-southeast-1.compute.amazonaws.com
pm.w55c.net
3    3.126.17.61 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-17-61.eu-central-1.compute.amazonaws.com
rtb.mfadsrvr.com
1    103.71.26.126 (Singapore, Singapore)

ASN132134 (SPOTX-AS-AP SpotXchange, Inc, US)
sync.search.spotxchange.com
2    18.138.18.111 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-138-18-111.ap-southeast-1.compute.amazonaws.com
cm.ambientdsp.com
2    172.104.45.159 (Singapore, Singapore)

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li1625-159.members.linode.com
gocm.c.appier.net
4    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
ipac.ctnsnet.com
3    3.113.156.50 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-113-156-50.ap-northeast-1.compute.amazonaws.com
dps.jp.cinarra.com
3    13.250.207.233 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-250-207-233.ap-southeast-1.compute.amazonaws.com
cm.adgrx.com
3    104.18.25.173 (None, )

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
2    195.5.165.20 (Slovenia)

ASN44968 (IPROM-AS, SI)
core.iprom.net
4    35.190.60.146 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com
idsync.rlcdn.com
id.rlcdn.com
2    107.178.254.65 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 65.254.178.107.bc.googleusercontent.com
pippio.com
1    34.98.67.3 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 3.67.98.34.bc.googleusercontent.com
tags.rd.linksynergy.com
7    103.231.98.195 (Japan)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
simage4.pubmatic.com
3    35.213.93.179 (Tokyo, Japan)

ASN15169 (GOOGLE, US)
PTR: 179.93.213.35.bc.googleusercontent.com
a.sportradarserving.com
4    50.116.239.135 (United States)

ASN6336 (TURN-US-ASN, US)
ad.turn.com
d.turn.com
2    34.102.253.54 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 54.253.102.34.bc.googleusercontent.com
ads.playground.xyz
3    69.173.151.100 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel-us-east.rubiconproject.com
3    13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
1    54.239.33.159 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
2    151.101.1.108 (United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
2    13.33.88.71 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-88-71.sin2.r.cloudfront.net
cr-p3.ladsp.com
8    67.202.105.31 (Palos Park, United States)

ASN32748 (STEADFAST, US)
PTR: ip31.67-202-105.static.steadfastdns.net
de.tynt.com
1    52.76.76.143 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-76-76-143.ap-southeast-1.compute.amazonaws.com
i.w55c.net
1    34.96.105.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com
tr.blismedia.com
1    18.177.11.95 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-177-11-95.ap-northeast-1.compute.amazonaws.com
bk.r-ad.ne.jp
2    35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com
rtb.openx.net
2    104.18.101.194 (None, )

ASN13335 (CLOUDFLARENET, US)
p.adsymptotic.com
2    204.79.197.200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
PTR: a-0001.a-msedge.net
c.bing.com
2    119.9.108.191 (Hong Kong)

ASN45187 (RACKSPACE-AP Rackspace IT Hosting AS IT Hosting Provider Hong Kong, HK)
uipglob.semasio.net
5    46.137.212.121 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-46-137-212-121.ap-southeast-1.compute.amazonaws.com
sync.crwdcntrl.net
6    13.115.124.23 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-115-124-23.ap-northeast-1.compute.amazonaws.com
pool.admedo.com
16    67.202.105.21 (Palos Park, United States)

ASN32748 (STEADFAST, US)
PTR: ip21.67-202-105.static.steadfastdns.net
ssc-cms.33across.com
16    34.117.239.71 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 71.239.117.34.bc.googleusercontent.com
events-ssc.33across.com
10    66.155.71.25 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
2    23.108.103.8 (Singapore, Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
inv-nets.admixer.net
1    52.203.53.149 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-203-53-149.compute-1.amazonaws.com
a.audrte.com
6    18.195.252.61 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-252-61.eu-central-1.compute.amazonaws.com
j.mrpdata.net
1    52.9.91.153 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-9-91-153.us-west-1.compute.amazonaws.com
aorta.clickagy.com
3    23.58.239.171 (Cyberjaya, Malaysia)

ASN16625 (AKAMAI-AS, US)
PTR: a23-58-239-171.deploy.static.akamaitechnologies.com
px.owneriq.net
4    18.176.162.247 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-176-162-247.ap-northeast-1.compute.amazonaws.com
match.prod.bidr.io
1    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel-eu.rubiconproject.com
1    198.8.71.130 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
1    18.179.95.204 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-179-95-204.ap-northeast-1.compute.amazonaws.com
ds.uncn.jp
1    34.111.151.213 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 213.151.111.34.bc.googleusercontent.com
dmp.brand-display.com
1    35.213.64.108 (Tokyo, Japan)

ASN15169 (GOOGLE, US)
PTR: 108.64.213.35.bc.googleusercontent.com
e-jp.cmcd1.com
2    23.106.69.72 (Singapore, Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
gu.dyntrk.com
1    51.255.68.171 (None, )

ASN- ()
dsp.nrich.ai
1    162.254.186.187 (None, )

ASN- ()
demand.trafficroots.com
2    52.231.207.240 (None, )

ASN- ()
c.clarity.ms
2    182.161.73.136 (None, )

ASN- ()
gum.criteo.com
Apex Domain
Subdomains		 Transfer
131 pubmatic.com
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 504
image8.pubmatic.com — Cisco Umbrella Rank: 661
image2.pubmatic.com — Cisco Umbrella Rank: 1051
ads.pubmatic.com — Cisco Umbrella Rank: 533
simage2.pubmatic.com — Cisco Umbrella Rank: 723
image6.pubmatic.com — Cisco Umbrella Rank: 734
image4.pubmatic.com — Cisco Umbrella Rank: 982
simage4.pubmatic.com — Cisco Umbrella Rank: 1288
100 KB
86 wegotthiscovered.com
wegotthiscovered.com — Cisco Umbrella Rank: 103260
spc.wegotthiscovered.com — Cisco Umbrella Rank: 198116
2 MB
83 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 203
googleads.g.doubleclick.net — Cisco Umbrella Rank: 39
stats.g.doubleclick.net — Cisco Umbrella Rank: 98
cm.g.doubleclick.net — Cisco Umbrella Rank: 234
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 316
280 KB
48 intentiq.com
api.intentiq.com — Cisco Umbrella Rank: 1916
sync.intentiq.com — Cisco Umbrella Rank: 1385
sync1.intentiq.com — Cisco Umbrella Rank: 3649
60 KB
45 openx.net
propermedia-d.openx.net — Cisco Umbrella Rank: 13111
u.openx.net — Cisco Umbrella Rank: 738
primis-d.openx.net — Cisco Umbrella Rank: 11981
us-u.openx.net — Cisco Umbrella Rank: 468
jp-u.openx.net — Cisco Umbrella Rank: 8371
rtb.openx.net — Cisco Umbrella Rank: 1824
eu-u.openx.net — Cisco Umbrella Rank: 2393
7 KB
42 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 238
secure.adnxs.com — Cisco Umbrella Rank: 486
acdn.adnxs.com — Cisco Umbrella Rank: 627
73 KB
41 primis.tech
live.primis.tech — Cisco Umbrella Rank: 3511
video.primis.tech — Cisco Umbrella Rank: 6420
4 MB
40 smartadserver.com
prg.smartadserver.com — Cisco Umbrella Rank: 1555
ssbsync.smartadserver.com — Cisco Umbrella Rank: 1001
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 602
33 KB
39 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 109
a6877dcf690d5719671ec6745f20d2cd.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 144
ade.googlesyndication.com
656 KB
38 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 498
pixel.rubiconproject.com — Cisco Umbrella Rank: 351
prebid-server.rubiconproject.com — Cisco Umbrella Rank: 1059
eus.rubiconproject.com — Cisco Umbrella Rank: 587
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1032
pixel-apac.rubiconproject.com — Cisco Umbrella Rank: 32267
pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 1178
token.rubiconproject.com — Cisco Umbrella Rank: 615
pixel-eu.rubiconproject.com — Cisco Umbrella Rank: 2379
91 KB
37 33across.com
ssc.33across.com — Cisco Umbrella Rank: 2290
ssc-cms.33across.com — Cisco Umbrella Rank: 1060
events-ssc.33across.com — Cisco Umbrella Rank: 2400
13 KB
36 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 322
16 KB
30 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 539
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 467
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 588
23 KB
30 lijit.com
ce.lijit.com — Cisco Umbrella Rank: 1000
ap.lijit.com — Cisco Umbrella Rank: 635
60 KB
30 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 333
aax-dtb-cf.amazon-adsystem.com — Cisco Umbrella Rank: 552
s.amazon-adsystem.com — Cisco Umbrella Rank: 302
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1057
22 KB
29 gumgum.com
g2.gumgum.com — Cisco Umbrella Rank: 1425
rtb.gumgum.com — Cisco Umbrella Rank: 1693
usersync.gumgum.com — Cisco Umbrella Rank: 2277
18 KB
29 yahoo.com
c2shb.pubgw.yahoo.com — Cisco Umbrella Rank: 970
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 495
ups.analytics.yahoo.com — Cisco Umbrella Rank: 317
9 KB
20 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 364
data.adsrvr.org — Cisco Umbrella Rank: 5131
11 KB
17 sharethrough.com
btlr.sharethrough.com — Cisco Umbrella Rank: 1048
match.sharethrough.com — Cisco Umbrella Rank: 557
4 KB
15 1rx.io
tag.1rx.io — Cisco Umbrella Rank: 1496
sync.1rx.io — Cisco Umbrella Rank: 550
7 KB
14 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 562
eb2.3lift.com — Cisco Umbrella Rank: 404
6 KB
11 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 985
5 KB
11 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 509
6 KB
10 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 655
7 KB
10 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 496
1 KB
10 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 1399
h.clarity.ms — Cisco Umbrella Rank: 10214
c.clarity.ms
21 KB
9 mookie1.com
odr.mookie1.com — Cisco Umbrella Rank: 1148
927 B
9 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 288
250 KB
9 adform.net
cm.adform.net — Cisco Umbrella Rank: 1674
c1.adform.net — Cisco Umbrella Rank: 718
4 KB
9 proper.io
global.proper.io — Cisco Umbrella Rank: 9541
abcheck.proper.io — Cisco Umbrella Rank: 10283
usync.proper.io — Cisco Umbrella Rank: 15349
bids.proper.io — Cisco Umbrella Rank: 9861
eb.proper.io — Cisco Umbrella Rank: 13533
151 KB
8 tynt.com
de.tynt.com — Cisco Umbrella Rank: 1583
11 KB
8 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 617
5 KB
8 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 915
1 KB
8 google.com
analytics.google.com — Cisco Umbrella Rank: 405
adservice.google.com — Cisco Umbrella Rank: 87
www.google.com — Cisco Umbrella Rank: 2
2 KB
8 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 1113
pixel.quantserve.com — Cisco Umbrella Rank: 729
cms.quantserve.com — Cisco Umbrella Rank: 721
12 KB
8 unpkg.com
unpkg.com — Cisco Umbrella Rank: 926
48 KB
8 gstatic.com
fonts.gstatic.com
134 KB
7 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 638
2 KB
7 yieldmo.com
ads.yieldmo.com — Cisco Umbrella Rank: 700
sync-amz.ads.yieldmo.com — Cisco Umbrella Rank: 6386
4 KB
7 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 1271
bcp.crwdcntrl.net — Cisco Umbrella Rank: 1050
sync.crwdcntrl.net — Cisco Umbrella Rank: 930
12 KB
7 dotomi.com
web.hb.ad.cpe.dotomi.com — Cisco Umbrella Rank: 2421
yieldmo-match.dotomi.com — Cisco Umbrella Rank: 5157
pubmatic-match.dotomi.com — Cisco Umbrella Rank: 3848
openx2-match.dotomi.com — Cisco Umbrella Rank: 5592
3 KB
6 mrpdata.net
j.mrpdata.net — Cisco Umbrella Rank: 4110
2 KB
6 admedo.com
pool.admedo.com — Cisco Umbrella Rank: 5005
2 KB
6 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 886
i.w55c.net — Cisco Umbrella Rank: 1822
4 KB
6 deepintent.com
match.deepintent.com — Cisco Umbrella Rank: 1017
apsoutheast-match.deepintent.com — Cisco Umbrella Rank: 32897
193 B
6 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1124
3 KB
6 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 763
dis.criteo.com — Cisco Umbrella Rank: 752
gum.criteo.com
8 KB
6 rlcdn.com
api.rlcdn.com — Cisco Umbrella Rank: 929
ats.rlcdn.com — Cisco Umbrella Rank: 1881
idsync.rlcdn.com — Cisco Umbrella Rank: 392
id.rlcdn.com
37 KB
6 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 476
cdn.id5-sync.com — Cisco Umbrella Rank: 1107
22 KB
6 skimresources.com
s.skimresources.com — Cisco Umbrella Rank: 3869
r.skimresources.com — Cisco Umbrella Rank: 3653
t.skimresources.com — Cisco Umbrella Rank: 3841
p.skimresources.com — Cisco Umbrella Rank: 5068
20 KB
6 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 378
124 KB
5 ad-m.asia
sync-dsp.ad-m.asia — Cisco Umbrella Rank: 3679
2 KB
4 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 549
2 KB
4 turn.com
ad.turn.com — Cisco Umbrella Rank: 936
d.turn.com — Cisco Umbrella Rank: 1277
2 KB
4 ctnsnet.com
ipac.ctnsnet.com — Cisco Umbrella Rank: 5832
754 B
4 outbrain.com
sync.outbrain.com — Cisco Umbrella Rank: 820
1 KB
4 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 784
2 KB
4 admanmedia.com
cs.admanmedia.com — Cisco Umbrella Rank: 1259
3 KB
4 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 190
190 KB
4 teads.tv
a.teads.tv — Cisco Umbrella Rank: 1457
sync.teads.tv — Cisco Umbrella Rank: 1346
1 KB
4 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 152
198 KB
3 owneriq.net
px.owneriq.net — Cisco Umbrella Rank: 1169
1 KB
3 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 458
1 KB
3 sportradarserving.com
a.sportradarserving.com — Cisco Umbrella Rank: 2469
1 KB
3 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 975
s.tribalfusion.com — Cisco Umbrella Rank: 2229
2 KB
3 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 1521
1 KB
3 cinarra.com
dps.jp.cinarra.com — Cisco Umbrella Rank: 17638
660 B
3 mfadsrvr.com
rtb.mfadsrvr.com — Cisco Umbrella Rank: 1126
2 KB
3 creativecdn.com
creativecdn.com — Cisco Umbrella Rank: 598
976 B
3 bluekai.com
stags.bluekai.com — Cisco Umbrella Rank: 579
2 KB
3 socdm.com
tg.socdm.com — Cisco Umbrella Rank: 1052
3 KB
3 agkn.com
aa.agkn.com — Cisco Umbrella Rank: 507
2 KB
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 51
2 KB
3 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1209
lbs.eu-1-id5-sync.com — Cisco Umbrella Rank: 1431
1 KB
3 google.com.au
www.google.com.au — Cisco Umbrella Rank: 20965
adservice.google.com.au — Cisco Umbrella Rank: 71188
1 KB
3 media.net
prebid.media.net — Cisco Umbrella Rank: 1238
cs.media.net — Cisco Umbrella Rank: 1474
3 KB
3 spotxchange.com
search.spotxchange.com — Cisco Umbrella Rank: 547
sync.search.spotxchange.com — Cisco Umbrella Rank: 620
3 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 38
20 KB
3 superficialeyes.com
superficialeyes.com — Cisco Umbrella Rank: 88277
100 KB
3 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 167
3 KB
3 vntsm.com
hb.vntsm.com — Cisco Umbrella Rank: 24544
320 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 65
193 KB
3 chartbeat.com
static.chartbeat.com — Cisco Umbrella Rank: 1329
mab.chartbeat.com — Cisco Umbrella Rank: 2580
25 KB
2 dyntrk.com
gu.dyntrk.com — Cisco Umbrella Rank: 1173
1 KB
2 admixer.net
inv-nets.admixer.net — Cisco Umbrella Rank: 2903
1 KB
2 semasio.net
uipglob.semasio.net — Cisco Umbrella Rank: 1310
856 B
2 bing.com
c.bing.com — Cisco Umbrella Rank: 296
971 B
2 adsymptotic.com
p.adsymptotic.com — Cisco Umbrella Rank: 592
500 B
2 ladsp.com
cr-p3.ladsp.com — Cisco Umbrella Rank: 23013
1 KB
2 playground.xyz
ads.playground.xyz — Cisco Umbrella Rank: 3826
486 B
2 pippio.com
pippio.com — Cisco Umbrella Rank: 788
717 B
2 iprom.net
core.iprom.net — Cisco Umbrella Rank: 5648
554 B
2 appier.net
gocm.c.appier.net — Cisco Umbrella Rank: 2571
772 B
2 ambientdsp.com
cm.ambientdsp.com — Cisco Umbrella Rank: 21662
1 KB
2 360yield.com
ad.360yield.com — Cisco Umbrella Rank: 719
623 B
2 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 572
1 KB
2 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 733
1 KB
2 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 847
862 B
2 inmobi.com
mweb.ck.inmobi.com — Cisco Umbrella Rank: 3899
sync.inmobi.com — Cisco Umbrella Rank: 1722
1 KB
2 tremorhub.com
mb9eo.publishers.tremorhub.com — Cisco Umbrella Rank: 7249
735 B
2 criteo.net
static.criteo.net — Cisco Umbrella Rank: 675
58 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 116
216 B
2 bfmio.com
reachms.bfmio.com — Cisco Umbrella Rank: 7639
440 B
2 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 1033
1 KB
2 cloudfront.net
d3div1mtym39ic.cloudfront.net
89 KB
2 chartbeat.net
ping.chartbeat.net — Cisco Umbrella Rank: 1215
401 B
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 242
6 KB
2 wp.com
stats.wp.com — Cisco Umbrella Rank: 3051
pixel.wp.com — Cisco Umbrella Rank: 2711
3 KB
1 trafficroots.com
demand.trafficroots.com
633 B
1 nrich.ai
dsp.nrich.ai
531 B
1 cmcd1.com
e-jp.cmcd1.com — Cisco Umbrella Rank: 36286
82 B
1 brand-display.com
dmp.brand-display.com — Cisco Umbrella Rank: 1937
339 B
1 uncn.jp
ds.uncn.jp — Cisco Umbrella Rank: 27347
399 B
1 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 887
730 B
1 clickagy.com
aorta.clickagy.com — Cisco Umbrella Rank: 1884
427 B
1 audrte.com
a.audrte.com — Cisco Umbrella Rank: 2203
656 B
1 r-ad.ne.jp
bk.r-ad.ne.jp — Cisco Umbrella Rank: 28764
548 B
1 blismedia.com
tr.blismedia.com — Cisco Umbrella Rank: 2262
174 B
1 linksynergy.com
tags.rd.linksynergy.com — Cisco Umbrella Rank: 4508
390 B
1 emxdgt.com
cs.emxdgt.com — Cisco Umbrella Rank: 1216
67 B
1 technoratimedia.com
sync.technoratimedia.com — Cisco Umbrella Rank: 1397
294 B
1 ipredictive.com
sync.ipredictive.com — Cisco Umbrella Rank: 1101
465 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 435
2 KB
1 mediago.io
trace.mediago.io — Cisco Umbrella Rank: 1394
493 B
1 admeme.net
v9999.adv.admeme.net — Cisco Umbrella Rank: 167327
358 B
1 fout.jp
sync.fout.jp — Cisco Umbrella Rank: 70416
716 B
1 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 682
808 B
1 privacymanager.io
geo.privacymanager.io — Cisco Umbrella Rank: 1909
596 B
1 fastclick.net
secure.cdn.fastclick.net — Cisco Umbrella Rank: 1308
17 KB
1 ad-delivery.net
ad-delivery.net — Cisco Umbrella Rank: 1218
930 B
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 942
651 B
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 1022
2 KB
1 vntsm.io
hb.vntsm.io — Cisco Umbrella Rank: 33652
668 B
1 adsafeprotected.com
static.adsafeprotected.com — Cisco Umbrella Rank: 606
465 B
1 workers.dev
geoip.gamurs.workers.dev — Cisco Umbrella Rank: 74213
605 B
1 googleoptimize.com
www.googleoptimize.com — Cisco Umbrella Rank: 1071
43 KB
1 sonobi.com
apex.go.sonobi.com — Cisco Umbrella Rank: 1614
1 KB
1 propervideo.io
player.propervideo.io — Cisco Umbrella Rank: 26100
28 KB
1 a2z.com
redirect.prod.experiment.routing.cloudfront.aws.a2z.com
48 B
1 terrifictooth.com
terrifictooth.com — Cisco Umbrella Rank: 86709
6 KB
1 alexametrics.com
certify-js.alexametrics.com — Cisco Umbrella Rank: 11591
certify.alexametrics.com Failed
2 KB
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 1149
6 KB
1 btloader.com
btloader.com — Cisco Umbrella Rank: 1106
6 KB
0 rundsp.com Failed
match.rundsp.com Failed
0 nex8.net Failed
cs.nex8.net Failed
728 145
Domain Requested by
84 wegotthiscovered.com wegotthiscovered.com
hb.vntsm.com
59 cm.g.doubleclick.net 36 redirects googleads.g.doubleclick.net
a6877dcf690d5719671ec6745f20d2cd.safeframe.googlesyndication.com
rtb.gumgum.com
eus.rubiconproject.com
u.openx.net
eb2.3lift.com
ap.lijit.com
wegotthiscovered.com
46 sync.intentiq.com 46 redirects
45 image8.pubmatic.com 43 redirects rtb.gumgum.com
ads.pubmatic.com
36 x.bidswitch.net 36 redirects
35 simage2.pubmatic.com 9 redirects ads.pubmatic.com
wegotthiscovered.com
s.amazon-adsystem.com
us-u.openx.net
34 ib.adnxs.com 28 redirects global.proper.io
googleads.g.doubleclick.net
acdn.adnxs.com
32 rtb-csync.smartadserver.com 3 redirects ssbsync.smartadserver.com
wegotthiscovered.com
27 image2.pubmatic.com 22 redirects wegotthiscovered.com
ads.pubmatic.com
27 live.primis.tech 13 redirects wegotthiscovered.com
live.primis.tech
25 us-u.openx.net 1 redirects u.openx.net
jp-u.openx.net
de.tynt.com
us-u.openx.net
ap.lijit.com
23 ce.lijit.com 3 redirects ap.lijit.com
us-u.openx.net
ads.pubmatic.com
22 s.amazon-adsystem.com 2 redirects c.amazon-adsystem.com
s.amazon-adsystem.com
rtb.gumgum.com
sync-amz.ads.yieldmo.com
match.sharethrough.com
eus.rubiconproject.com
eb2.3lift.com
ads.pubmatic.com
us-u.openx.net
ap.lijit.com
20 usersync.gumgum.com 1 redirects rtb.gumgum.com
eus.rubiconproject.com
ads.pubmatic.com
20 pagead2.googlesyndication.com wegotthiscovered.com
pagead2.googlesyndication.com
a6877dcf690d5719671ec6745f20d2cd.safeframe.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
hb.vntsm.com
19 match.adsrvr.org 18 redirects live.primis.tech
19 ssum-sec.casalemedia.com 3 redirects wegotthiscovered.com
live.primis.tech
ssbsync.smartadserver.com
ads.pubmatic.com
16 events-ssc.33across.com de.tynt.com
eus.rubiconproject.com
us-u.openx.net
16 ssc-cms.33across.com 16 redirects
14 eus.rubiconproject.com s.amazon-adsystem.com
rtb.gumgum.com
eus.rubiconproject.com
global.proper.io
live.primis.tech
de.tynt.com
14 video.primis.tech wegotthiscovered.com
hb.vntsm.com
14 tpc.googlesyndication.com wegotthiscovered.com
a6877dcf690d5719671ec6745f20d2cd.safeframe.googlesyndication.com
tpc.googlesyndication.com
securepubads.g.doubleclick.net
13 sync.1rx.io 13 redirects
13 match.sharethrough.com 7 redirects s.amazon-adsystem.com
match.sharethrough.com
wegotthiscovered.com
13 eb2.3lift.com 6 redirects global.proper.io
eb2.3lift.com
12 c2shb.pubgw.yahoo.com global.proper.io
live.primis.tech
11 um.simpli.fi 11 redirects
11 sync.mathtag.com 11 redirects
11 securepubads.g.doubleclick.net wegotthiscovered.com
securepubads.g.doubleclick.net
www.googletagservices.com
hb.vntsm.com
10 pixel-sync.sitescout.com 10 redirects
10 pr-bh.ybp.yahoo.com 3 redirects wegotthiscovered.com
ads.pubmatic.com
jp-u.openx.net
10 pixel.tapad.com 9 redirects s.amazon-adsystem.com
10 dsum-sec.casalemedia.com 6 redirects googleads.g.doubleclick.net
9 pixel.rubiconproject.com 5 redirects wegotthiscovered.com
eus.rubiconproject.com
9 odr.mookie1.com 9 redirects
9 s0.2mdn.net wegotthiscovered.com
s0.2mdn.net
8 de.tynt.com 3 redirects global.proper.io
8 b1sync.zemanta.com 8 redirects
8 c1.adform.net 7 redirects ads.pubmatic.com
8 csync.loopme.me 8 redirects
8 ads.pubmatic.com live.primis.tech
s.amazon-adsystem.com
rtb.gumgum.com
wegotthiscovered.com
global.proper.io
ap.lijit.com
8 g2.gumgum.com global.proper.io
8 unpkg.com 5 redirects wegotthiscovered.com
8 fonts.gstatic.com wegotthiscovered.com
fonts.googleapis.com
7 sync-tm.everesttech.net 7 redirects
7 ups.analytics.yahoo.com 4 redirects us-u.openx.net
7 ap.lijit.com 3 redirects global.proper.io
ap.lijit.com
7 googleads.g.doubleclick.net pagead2.googlesyndication.com
a6877dcf690d5719671ec6745f20d2cd.safeframe.googlesyndication.com
wegotthiscovered.com
6 j.mrpdata.net 3 redirects us-u.openx.net
6 pool.admedo.com 6 redirects
6 jp-u.openx.net u.openx.net
global.proper.io
jp-u.openx.net
us-u.openx.net
6 sync.targeting.unrulymedia.com 4 redirects ads.pubmatic.com
ap.lijit.com
6 image6.pubmatic.com 1 redirects ads.pubmatic.com
6 ads.yieldmo.com 1 redirects sync-amz.ads.yieldmo.com
6 secure.adnxs.com 6 redirects
6 h.clarity.ms www.clarity.ms
hb.vntsm.com
6 prg.smartadserver.com global.proper.io
6 cdn.ampproject.org wegotthiscovered.com
securepubads.g.doubleclick.net
5 sync.crwdcntrl.net 4 redirects s.amazon-adsystem.com
5 cms.quantserve.com 5 redirects
5 pm.w55c.net 5 redirects
5 sync-dsp.ad-m.asia 2 redirects ads.pubmatic.com
jp-u.openx.net
5 ssc.33across.com global.proper.io
5 id5-sync.com 1 redirects global.proper.io
hb.vntsm.com
live.primis.tech
5 c.amazon-adsystem.com 2 redirects hb.vntsm.com
c.amazon-adsystem.com
4 match.prod.bidr.io 4 redirects
4 eu-u.openx.net 1 redirects us-u.openx.net
4 simage4.pubmatic.com ads.pubmatic.com
4 token.rubiconproject.com 4 redirects
4 ipac.ctnsnet.com 2 redirects ads.pubmatic.com
4 secure-assets.rubiconproject.com 4 redirects
4 sync.outbrain.com 3 redirects rtb.gumgum.com
4 sync.srv.stackadapt.com 4 redirects
4 googleads4.g.doubleclick.net wegotthiscovered.com
4 cs.admanmedia.com 4 redirects
4 u.openx.net 3 redirects live.primis.tech
4 www.google.com 1 redirects wegotthiscovered.com
a6877dcf690d5719671ec6745f20d2cd.safeframe.googlesyndication.com
tpc.googlesyndication.com
4 www.googletagservices.com securepubads.g.doubleclick.net
a6877dcf690d5719671ec6745f20d2cd.safeframe.googlesyndication.com
4 btlr.sharethrough.com global.proper.io
4 connect.facebook.net wegotthiscovered.com
connect.facebook.net
3 px.owneriq.net 2 redirects ap.lijit.com
3 openx2-match.dotomi.com 3 redirects
3 apsoutheast-match.deepintent.com us-u.openx.net
3 px.ads.linkedin.com 2 redirects eus.rubiconproject.com
3 pixel-us-east.rubiconproject.com 3 redirects
3 ad.turn.com 3 redirects
3 a.sportradarserving.com 3 redirects
3 image4.pubmatic.com wegotthiscovered.com
s.amazon-adsystem.com
3 idsync.rlcdn.com 2 redirects wegotthiscovered.com
3 cm.adgrx.com 2 redirects ads.pubmatic.com
3 dps.jp.cinarra.com ads.pubmatic.com
jp-u.openx.net
3 rtb.mfadsrvr.com 3 redirects
3 creativecdn.com 3 redirects
3 match.deepintent.com rtb.gumgum.com
ads.pubmatic.com
3 dis.criteo.com 2 redirects ads.pubmatic.com
3 stags.bluekai.com 3 redirects
3 sync.teads.tv 1 redirects a6877dcf690d5719671ec6745f20d2cd.safeframe.googlesyndication.com
global.proper.io
3 tg.socdm.com 3 redirects
3 aa.agkn.com 3 redirects
3 fonts.googleapis.com securepubads.g.doubleclick.net
wegotthiscovered.com
live.primis.tech
3 a6877dcf690d5719671ec6745f20d2cd.safeframe.googlesyndication.com securepubads.g.doubleclick.net
3 propermedia-d.openx.net global.proper.io
3 hbopenbid.pubmatic.com global.proper.io
live.primis.tech
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
wegotthiscovered.com
3 superficialeyes.com wegotthiscovered.com
superficialeyes.com
3 sb.scorecardresearch.com 1 redirects wegotthiscovered.com
3 hb.vntsm.com wegotthiscovered.com
hb.vntsm.com
3 www.googletagmanager.com wegotthiscovered.com
www.googletagmanager.com
2 gum.criteo.com static.criteo.net
gum.criteo.com
2 c.clarity.ms 1 redirects
2 ade.googlesyndication.com wegotthiscovered.com
2 gu.dyntrk.com 2 redirects
2 inv-nets.admixer.net 2 redirects
2 uipglob.semasio.net 1 redirects s.amazon-adsystem.com
2 c.bing.com 1 redirects eb2.3lift.com
2 p.adsymptotic.com 1 redirects eb2.3lift.com
2 rtb.openx.net 1 redirects jp-u.openx.net
2 cr-p3.ladsp.com 2 redirects
2 acdn.adnxs.com global.proper.io
2 ads.playground.xyz 2 redirects
2 pubmatic-match.dotomi.com 2 redirects
2 pippio.com 2 redirects
2 core.iprom.net ads.pubmatic.com
2 a.tribalfusion.com 1 redirects ads.pubmatic.com
2 gocm.c.appier.net 2 redirects
2 cm.ambientdsp.com 2 redirects
2 ad.360yield.com 2 redirects
2 bh.contextweb.com 2 redirects
2 s.ad.smaato.net 2 redirects
2 onetag-sys.com 1 redirects a6877dcf690d5719671ec6745f20d2cd.safeframe.googlesyndication.com
2 cs.media.net 2 redirects
2 mb9eo.publishers.tremorhub.com 2 redirects
2 ssbsync.smartadserver.com 1 redirects live.primis.tech
2 lb.eu-1-id5-sync.com hb.vntsm.com
live.primis.tech
2 pixel.quantserve.com wegotthiscovered.com
2 aax-dtb-cf.amazon-adsystem.com hb.vntsm.com
2 static.criteo.net global.proper.io
hb.vntsm.com
2 adservice.google.com securepubads.g.doubleclick.net
2 adservice.google.com.au securepubads.g.doubleclick.net
2 stats.g.doubleclick.net www.googletagmanager.com
www.google-analytics.com
2 analytics.google.com www.googletagmanager.com
2 www.facebook.com wegotthiscovered.com
2 www.clarity.ms www.googletagmanager.com
www.clarity.ms
2 tag.1rx.io global.proper.io
2 reachms.bfmio.com global.proper.io
2 search.spotxchange.com global.proper.io
2 bids.proper.io global.proper.io
hb.vntsm.com
2 prebid.a-mo.net 2 redirects
2 usync.proper.io wegotthiscovered.com
2 d3div1mtym39ic.cloudfront.net wegotthiscovered.com
2 spc.wegotthiscovered.com wegotthiscovered.com
2 abcheck.proper.io wegotthiscovered.com
2 ping.chartbeat.net wegotthiscovered.com
2 p.skimresources.com wegotthiscovered.com
2 t.skimresources.com wegotthiscovered.com
s.skimresources.com
2 global.proper.io wegotthiscovered.com
global.proper.io
2 cdnjs.cloudflare.com wegotthiscovered.com
2 static.chartbeat.com wegotthiscovered.com
1 id.rlcdn.com
1 demand.trafficroots.com 1 redirects
1 dsp.nrich.ai 1 redirects
1 e-jp.cmcd1.com us-u.openx.net
1 dmp.brand-display.com 1 redirects
1 ds.uncn.jp 1 redirects
1 d.turn.com 1 redirects
1 p.rfihub.com 1 redirects
1 pixel-eu.rubiconproject.com 1 redirects
1 aorta.clickagy.com 1 redirects
1 data.adsrvr.org 1 redirects
1 a.audrte.com 1 redirects
1 bk.r-ad.ne.jp 1 redirects
1 tr.blismedia.com jp-u.openx.net
1 i.w55c.net 1 redirects
1 aax-eu.amazon-adsystem.com eus.rubiconproject.com
1 tags.rd.linksynergy.com 1 redirects
1 s.tribalfusion.com ads.pubmatic.com
1 sync.search.spotxchange.com 1 redirects
1 pixel-apac.rubiconproject.com 1 redirects
1 yieldmo-match.dotomi.com 1 redirects
1 cs.emxdgt.com rtb.gumgum.com
1 sync.inmobi.com 1 redirects
1 sync.technoratimedia.com rtb.gumgum.com
1 sync.ipredictive.com 1 redirects
1 sync-amz.ads.yieldmo.com s.amazon-adsystem.com
1 rtb.gumgum.com s.amazon-adsystem.com
1 prebid-server.rubiconproject.com live.primis.tech
1 primis-d.openx.net live.primis.tech
1 cdn.jsdelivr.net live.primis.tech
1 trace.mediago.io 1 redirects
1 v9999.adv.admeme.net 1 redirects
1 mweb.ck.inmobi.com 1 redirects
1 sync.fout.jp 1 redirects
1 ads.stickyadstv.com 1 redirects
1 sync1.intentiq.com 1 redirects
1 api.intentiq.com live.primis.tech
1 bcp.crwdcntrl.net hb.vntsm.com
1 geo.privacymanager.io ats.rlcdn.com
1 lbs.eu-1-id5-sync.com hb.vntsm.com
1 cdn.id5-sync.com wegotthiscovered.com
1 tags.crwdcntrl.net wegotthiscovered.com
1 secure.cdn.fastclick.net wegotthiscovered.com
1 ad-delivery.net hb.vntsm.com
1 ats.rlcdn.com hb.vntsm.com
1 eb.proper.io global.proper.io
1 partner.googleadservices.com pagead2.googlesyndication.com
1 rules.quantcount.com secure.quantserve.com
1 www.google.com.au wegotthiscovered.com
1 hb.vntsm.io hb.vntsm.com
1 static.adsafeprotected.com superficialeyes.com
1 geoip.gamurs.workers.dev wegotthiscovered.com
1 www.googleoptimize.com www.googletagmanager.com
1 tlx.3lift.com global.proper.io
1 bidder.criteo.com global.proper.io
1 web.hb.ad.cpe.dotomi.com global.proper.io
1 prebid.media.net global.proper.io
1 fastlane.rubiconproject.com global.proper.io
1 apex.go.sonobi.com global.proper.io
1 a.teads.tv global.proper.io
1 htlb.casalemedia.com global.proper.io
1 player.propervideo.io global.proper.io
1 api.rlcdn.com global.proper.io
1 cm.adform.net wegotthiscovered.com
1 secure.quantserve.com global.proper.io
1 redirect.prod.experiment.routing.cloudfront.aws.a2z.com wegotthiscovered.com
1 pixel.wp.com wegotthiscovered.com
1 mab.chartbeat.com static.chartbeat.com
1 r.skimresources.com s.skimresources.com
1 terrifictooth.com wegotthiscovered.com
1 certify-js.alexametrics.com wegotthiscovered.com
1 static.cloudflareinsights.com wegotthiscovered.com
1 s.skimresources.com wegotthiscovered.com
1 stats.wp.com wegotthiscovered.com
1 btloader.com wegotthiscovered.com
0 match.rundsp.com Failed us-u.openx.net
0 cs.nex8.net Failed jp-u.openx.net
0 certify.alexametrics.com Failed wegotthiscovered.com
728 236

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.youtube.com
instagram.com
adclick.g.doubleclick.net
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-05-08 -
2023-05-08		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.chartbeat.com
Thawte RSA CA 2018		 2022-05-06 -
2023-06-03		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.vntsm.com
Sectigo RSA Domain Validation Secure Server CA		 2022-03-14 -
2023-04-08		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-09-13 -
2022-12-12		 3 months crt.sh
*.wp.com
Sectigo ECC Domain Validation Secure Server CA		 2022-11-14 -
2023-12-15		 a year crt.sh
misc-sni.google.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.skimresources.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-10-25 -
2023-11-08		 a year crt.sh
proper.io
Cloudflare Inc ECC CA-3		 2022-05-07 -
2023-05-07		 a year crt.sh
*.scorecardresearch.com
Amazon		 2022-01-29 -
2023-02-27		 a year crt.sh
certify-js.alexametrics.com
Amazon		 2022-05-30 -
2023-06-27		 a year crt.sh
superficialeyes.com
R3		 2022-11-13 -
2023-02-11		 3 months crt.sh
terrifictooth.com
R3		 2022-11-16 -
2023-02-14		 3 months crt.sh
*.chartbeat.net
Thawte RSA CA 2018		 2021-12-01 -
2022-12-30		 a year crt.sh
spc.gamepur.com
GTS CA 1D4		 2022-11-20 -
2023-02-18		 3 months crt.sh
*.prod.experiment.routing.cloudfront.aws.a2z.com
Amazon		 2022-09-12 -
2023-10-11		 a year crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-09 -
2023-09-09		 a year crt.sh
*.id5-sync.com
R3		 2022-11-09 -
2023-02-07		 3 months crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2022-02-03 -
2023-02-25		 a year crt.sh
*.proper.io
Sectigo RSA Domain Validation Secure Server CA		 2022-01-10 -
2023-02-09		 a year crt.sh
web.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-08-02 -
2023-01-25		 6 months crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2022-06-13 -
2023-07-14		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
*.gumgum.com
Amazon		 2022-05-06 -
2023-06-04		 a year crt.sh
teads.tv
R3		 2022-10-27 -
2023-01-25		 3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
*.spotxchange.com
GeoTrust RSA CA 2018		 2022-03-11 -
2023-03-29		 a year crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2		 2021-12-08 -
2023-01-09		 a year crt.sh
*.bfmio.com
Amazon		 2022-04-16 -
2023-05-15		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2022-06-27 -
2023-06-05		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-08 -
2023-04-04		 a year crt.sh
*.media.net
Sectigo RSA Domain Validation Secure Server CA		 2022-04-06 -
2023-05-04		 a year crt.sh
ssc.33across.com
GTS CA 1D4		 2022-11-11 -
2023-02-09		 3 months crt.sh
*.sharethrough.com
Amazon		 2022-10-24 -
2023-11-21		 a year crt.sh
ad.cpe.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2022-05-31 -
2023-07-02		 a year crt.sh
*.1rx.io
Sectigo RSA Domain Validation Secure Server CA		 2022-06-28 -
2023-07-29		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-10-31 -
2023-01-26		 3 months crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-25 -
2023-01-25		 a year crt.sh
*.3lift.com
Amazon		 2022-05-13 -
2023-06-11		 a year crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1		 2022-12-01 -
2023-12-01		 a year crt.sh
static.adsafeprotected.com
Amazon		 2022-08-06 -
2023-09-04		 a year crt.sh
*.google.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.google.com.au
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.primis.tech
Amazon RSA 2048 M01		 2022-10-24 -
2023-11-22		 a year crt.sh
quantserve.com
R3		 2022-11-11 -
2023-02-09		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
a.clarity.ms
Microsoft Azure TLS Issuing CA 02		 2022-06-07 -
2023-06-02		 a year crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-11-08 -
2023-02-04		 3 months crt.sh
c.amazon-adsystem.com
Amazon		 2022-05-09 -
2023-04-18		 a year crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon		 2022-06-15 -
2023-06-15		 a year crt.sh
secure.cdn.fastclick.net
DigiCert SHA2 Secure Server CA		 2022-01-15 -
2023-01-17		 a year crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2		 2022-05-01 -
2023-06-02		 a year crt.sh
*.eu-1-id5-sync.com
R3		 2022-11-09 -
2023-02-07		 3 months crt.sh
*.privacymanager.io
Amazon		 2022-08-26 -
2023-09-24		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
s.amazon-adsystem.com
Amazon		 2022-05-09 -
2023-04-21		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.intentiq.com
Amazon		 2022-03-20 -
2023-04-17		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.ads.yieldmo.com
Amazon		 2022-04-25 -
2023-05-24		 a year crt.sh
*.technoratimedia.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-09-15 -
2023-09-15		 a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2022-05-02 -
2023-06-03		 a year crt.sh
*.ad-server.k8s.jp.ggops.com
Amazon		 2022-02-15 -
2023-03-16		 a year crt.sh
*.emxdgt.com
Amazon		 2022-06-03 -
2023-07-02		 a year crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-20 -
2023-09-20		 a year crt.sh
sync-dsp.ad-m.asia
GlobalSign GCC R3 DV TLS CA 2020		 2022-07-21 -
2023-08-22		 a year crt.sh
*.ctnsnet.com
DigiCert SHA2 Secure Server CA		 2022-09-27 -
2023-03-08		 5 months crt.sh
*.jp.cinarra.com
Sectigo RSA Domain Validation Secure Server CA		 2022-05-14 -
2023-06-13		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-11-08 -
2023-05-03		 6 months crt.sh
*.iprom.net
R3		 2022-09-13 -
2022-12-12		 3 months crt.sh
aax-eu.amazon-adsystem.com
Amazon		 2022-07-20 -
2023-07-19		 a year crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1		 2022-03-11 -
2023-04-11		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
*.tynt.com
Sectigo RSA Domain Validation Secure Server CA		 2022-09-07 -
2023-09-30		 a year crt.sh
tr.blismedia.com
GTS CA 1D4		 2022-10-16 -
2023-01-14		 3 months crt.sh
www.bing.com
Microsoft RSA TLS CA 02		 2022-11-25 -
2023-05-25		 6 months crt.sh
*.targeting.unrulymedia.com
Sectigo RSA Domain Validation Secure Server CA		 2022-05-09 -
2023-05-09		 a year crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA		 2022-03-01 -
2023-03-28		 a year crt.sh
events-ssc.33across.com
GTS CA 1D4		 2022-11-13 -
2023-02-11		 3 months crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-09-27 -
2023-03-22		 6 months crt.sh
e-jp.cmcd1.com
GTS CA 1D4		 2022-11-22 -
2023-02-20		 3 months crt.sh

This page contains 117 frames:

Primary Page: https://wegotthiscovered.com/
Frame ID: 7BCBF98D9745C5D5B663CF3B37AA287F
Requests: 303 HTTP requests in this frame

Frame: https://t.skimresources.com/api/v2/robots.txt?__skimjs_preflight__please_ignore__=true&rnd=0.014224673893084017
Frame ID: F0D3DF3079A36C99ABAE6A023E7460E2
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/zrt_lookup.html
Frame ID: 2017CE5EC9CD47EBE29E32E93BA4D7CC
Requests: 1 HTTP requests in this frame

Frame: https://a6877dcf690d5719671ec6745f20d2cd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 52168A2CAD2B75B69E34C58BC11696FE
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssVgCN3LMWIgi1i407uZvK-DLmX9kRXDFvnTLXq7vXs8kIY01MvnFd7QAMl3-HRmzpEumFDCbLxkbypOJxHhOl33vxk4TmL3M7FYEh4HRUTJa4dgesClY-WVX8VViH4smhKcqrG7tIGIc9zvJCi6MMnLryeVOqQnAji884RsEcToCciB9POxeLR0CqV2yJOn_eT112_AppaDoQB5EW1tp-Yu_tk1LhGK9KH0mY2FdUTSgmO4q_ITcg7NjRPHoMdj6btpQe4tdL0iqBldbShK-sT7TQVp5uyHI34HBfUgbPH7cVdhVqvB1D9UVXaMj_QaRPAhueCXA&sai=AMfl-YSoVRLVkrUd4LfpW7jBsCETVb8cMuXdYsLXv0V9_IV9s_YLfM_D1QPA6vxhwWrvbCvO3iGZQSdn3vyFZ4gvw02FRSE8WgmA4H8MdxIm7rYoOc5Vlghn19xpKrEy5_6L1cfMUOtHfz4DneHfdGelSA&sig=Cg0ArKJSzMhpzBQK23zXEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 388038268BAE44E9C30F2A3903FCCAC5
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-9356934496955375&output=html&adk=2018173897&adf=1110508544&lmt=1670212854&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2Fwegotthiscovered.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670212852801&bpp=4&bdt=1930&idt=1230&shv=r20221110&mjsv=m202211150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7d385100edddc740%3AT%3D1670212853%3AS%3DALNI_MZIcn1h3StIxnbTtKpBoT-3uCBKXA&gpic=UID%3D00000b89c71662ec%3AT%3D1670212853%3ART%3D1670212853%3AS%3DALNI_MaH85dljvtX8BZvPD1JIaims2EfWw&nras=1&correlator=2383072247600&frm=20&pv=2&ga_vid=981839477.1670212853&ga_sid=1670212854&ga_hid=733302740&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C44770880%2C21065724&oid=2&pvsid=723874549316057&tmod=1838308952&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=1247
Frame ID: 14A4D04A3F4F2EA7D78CD49B4EC55D34
Requests: 1 HTTP requests in this frame

Frame: https://live.primis.tech/live/liveView.php?s=108034&cbuster=%%CACHEBUSTER%%&playerApiId=primisPlayer&cbuster=1670212854&pubUrlAuto=https%3A%2F%2Fwegotthiscovered.com%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=&subId=default
Frame ID: 2D3959A52CED9F58CF12437E86AE6B38
Requests: 34 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=n-smaato_gg_n-mediagrid_n-sharethrough_n-LoopMe_pm-db5_ym_rbd_n-vmg_n-MediaNet_3lift_n-Outbrain&dcc=t
Frame ID: 1652F9D29AB236A628D114944F193975
Requests: 1 HTTP requests in this frame

Frame: https://a6877dcf690d5719671ec6745f20d2cd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: A0B71A1682A8B310CCA770D825172F92
Requests: 15 HTTP requests in this frame

Frame: https://a6877dcf690d5719671ec6745f20d2cd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 17B9E1877BD402DFDF4A728467A63468
Requests: 15 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsue3axicXrpRyI3e0cEwIlqdsoOkwfHnRUV-0UPdGquRyv0p3U6rM40Trb1vrpsu7oLxIFl5ZSIYCI1vXJQ95eDkHW2qHvByRl9waeckaYxnwLyNPGCJw8c63lyu_aeEn3Fh65quWtIZUlqjLIX608_4M5AZDe2pSU4DEuN8tawgZ4Oal6ckX9SECvUhUB4dViI2S93F0tH3tER3AiQ73vpY5do8ZizjeWKXfkXhwUUdCgK299okadWrHOmmsuKLdonvtIDn-B2CM1KuUQeytlpXcYh5mvMut593qliUwxxub3O9XQ4TKOvzRtI2rY9RjL9OAIqw_5SjgHvjEP1SFR2RbgVR7AsQ_fUpg&sai=AMfl-YSMWtfNzVNsUSrv4Fq4IoAAJ1ba1gO3j1That08_hhDhiXXxaGgUZF5B130FEiLADICrhXXJUFTZa6x4jX-fDOVJsvlYYzXP3vhUyyK7q_bKM5XtiQQAlUNt4n6Z6aV&sig=Cg0ArKJSzODZehZBvX2aEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: A2CD7D47A3D1BCE303CA08C56CD8F852
Requests: 4 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012211060024000/amp4ads-v0.mjs
Frame ID: BF120982EC2FBC0055E6AC18A803E77E
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIy1sAIQ94CW-gEYgoqE2wEwAQ&v=APEucNWaaoF0haKXCrO8Mu8mEtLKxCHxyylxrMir3QeNErvErbyIx4ps6hrqkEleS4xEDTz3nNIk2CUbFekHYYNtjvwiNZ0KK8q3YXN1P1UuGmuf7-9oObE
Frame ID: 79983EF33F880D7F67463807EC814BC8
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIy1sAIQ94CW-gEYg4SE2wEwAQ&v=APEucNWHCuIx4ZZLqV6YRVyMS16EUFCI6DmU-dkRjuNb_yE2Wlp5QEfLvbWtp5fb7TW_NKZbdLriZKcK4dilGFqENoI4-sW9rfeRG3QJqs9RTClT0AWFL74
Frame ID: DAA57E7E0A849F517173C648655A48BF
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: EE42A806F12DD34EC78C0A6AE133B81B
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 0347F5FD129242EBC25C839E68A32AA4
Requests: 9 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Roboto&display=swap
Frame ID: E5A02B6614945A333EB7B7FDE4F3A1B7
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Frame ID: 6B6276FCBEFF0154F774734FEBD2F196
Requests: 17 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatchredir?s=200547&cb=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D201339086%26mi%3D10%26csh%3D2023874098%3B1402230080%3B1709765917%26rnd%3D-1406022426%26pcid%3D__UID__
Frame ID: 2F85EB56480C8EF6B1701064D1A50DBF
Requests: 1 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?callerId=21&gdpr=0&gdpr_consent=
Frame ID: 69A58B54254C9B68B8D2A8EE6A66C6E9
Requests: 6 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_gg_n-mediagrid_n-sharethrough_n-LoopMe_pm-db5_ym_rbd_n-vmg_n-MediaNet_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Frame ID: 704E38AB030797CE1D16DB30016ED58A
Requests: 6 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: BB66036677864F4FA2F3C5683792DB72
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 792C8CF1DEFBFB4758815905839C3E20
Requests: 3 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Frame ID: 7F4286040AE1E04D5AEC2310596B08A9
Requests: 16 HTTP requests in this frame

Frame: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D%24UID&gdpr=0
Frame ID: A187C081AD26D12F76BA56A94B3B8656
Requests: 6 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID&gdpr=0
Frame ID: 66EC36E5BFECD2FC044A81C0C35E3561
Requests: 7 HTTP requests in this frame

Frame: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID&gdpr=0
Frame ID: 4231F35C33BCD92B99125634EF51C417
Requests: 7 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east&gdpr=0
Frame ID: 757D491A6F78E35BCE24910E158331DE
Requests: 11 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS1JaE5XdlRCRTJ1S0VSWlFkZFRLeXRSOHpRZ2wwWTJ6VH5B&gdpr=0&gdpr_consent=
Frame ID: 248353AE8152C7A464B46E8E2579046A
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=1745046129942590647047
Frame ID: 95880202D789CFEFCFEDCF8CF173A49D
Requests: 1 HTTP requests in this frame

Frame: https://s0.2mdn.net/9644752/1669691643177/index.html
Frame ID: B1676FF9423EFF24FBCE9BAF39D429BE
Requests: 5 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=inm&i=ID5-70f4PuUAu4pmvfx3KZegmeBpNoTigHzi6KrL0cfyAw
Frame ID: D8F5C9266D8E6485C6A2C3FA839FB330
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Frame ID: D5C93393A9E83B0C0651359068A3B239
Requests: 8 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=ttd&i=068165a1-9f84-469f-b0f4-06b7381834b8
Frame ID: E8C695FFB2F1E34DD4E120DDD995EC95
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=mmh&i=b565638d-6cfa-4500-a279-97497957dfff&gdpr=0&gdpr_consent=
Frame ID: 276592DFAB854EBCB7BAF59B409E48E7
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=atm&i=Y41s_QABnhlHqgAF&gdpr=0&gdpr_consent=&_test=Y41s_QABnhlHqgAF
Frame ID: 7BA35B58425816DB2CE2D0CFB1701658
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=YV85YjRlZjFjYi1kMTkwLTQwOGMtYTY4Ni1hZjkxZjkxZTQ2YWI=&gdpr=0&gdpr_consent=
Frame ID: 03E6001EAF5360C86471B3E5F373B79C
Requests: 1 HTTP requests in this frame

Frame: https://cs.emxdgt.com/um?redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID&gdpr=0&gdpr_consent=
Frame ID: 65092D754F7BA5611BC9F2934FDCEDE5
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=sus&i=Y41s.cCo8X4AADb2cVwAAAAA
Frame ID: 457B4BE9438F759DD042F9A93CEF92BF
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=iex&i=Y41s.eHz8VRrS6e3WWgVlgAA%264853
Frame ID: 0D5F9049104B2E6E7E0B1B76F29BF710
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=rth&i=XxuXOxblioyknFouUq7k&pi=gumgum&tc=1
Frame ID: 2EB8DC8BCCD76632D7E73A59A8C13345
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: F25DECA8CE38D19927254F0A9F1ED1CC
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/9644752/1669691686695/index.html
Frame ID: 42FCA5EA90983AFF53185DF0731FDE17
Requests: 3 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=5735DD26-16E9-40CB-8EFF-8A5983153CA5&gdpr=0&gdpr_consent=
Frame ID: B2D145CF7E5014A03397E3A593CFB6B2
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:f6d2638d-6cfa-4600-979d-bfef3a19d8ab&gdpr=0&gdpr_consent=
Frame ID: 5231A45604E85F227A62C1679216511D
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y41s_gAAAZViBgAp&gdpr=0&gdpr_consent=&_test=Y41s_gAAAZViBgAp
Frame ID: FFC5DF71D51AD6D387D712D697EAAADF
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatchredir?s=200547&cb=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D201339086%26mi%3D10%26csh%3D2023874098%3B1402230080%3B1709765917%26rnd%3D-883940829%26pcid%3D__UID__
Frame ID: C75EE23EA3D1F028984362DB66C5F171
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatchredir?s=200547&cb=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D201339086%26mi%3D10%26csh%3D2023874098%3B1402230080%3B1709765917%26rnd%3D-1526334505%26pcid%3D__UID__
Frame ID: 1A000687E770B0A5F46016963B6C9389
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=y2gqwq7qgks
Frame ID: 8EBD85D3D245F5C797EDBEB7B535BB3A
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: E17495E527BBEB2E72ED54A5A733B6AF
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=WdjVO0KjT7ZAjBdxTKHkrGfR_lM
Frame ID: F382E19077F0B6F968BED0080555429F
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=rfSoucguAf6m1BWJ-myNYw
Frame ID: 01948B33ED2C33BF11CE48A76792099C
Requests: 1 HTTP requests in this frame

Frame: https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=pubmatic&rd=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyNTMmdGw9MTI5NjAw%26piggybackCookie%3D
Frame ID: 381A1AB6FD8A09D53E64CC90D71C61DE
Requests: 1 HTTP requests in this frame

Frame: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Frame ID: 83DDD0E826D8FC01EBE0FCEBC7F60313
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=a2273aa33a5240feaece75fe068f72ad
Frame ID: 2F2F9ED6BBEF071AB858A0F5059349CF
Requests: 1 HTTP requests in this frame

Frame: https://dps.jp.cinarra.com/pxd?PLATFORM_ID=D&USER_ID=5735DD26-16E9-40CB-8EFF-8A5983153CA5
Frame ID: 6ABD63A8BC03B4B63673D6330A529701
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:D2890877A16842FBAB5E0498421370CE
Frame ID: 8B46AC66007447496F285880C8C93DFA
Requests: 1 HTTP requests in this frame

Frame: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Frame ID: 44006FC70A1BB5B8481EE0612330CECC
Requests: 1 HTTP requests in this frame

Frame: https://pr-bh.ybp.yahoo.com/sync/pubmatic/E0D49FB2-6484-443C-94BA-B894703FD7A2?gdpr=0&gdpr_consent=
Frame ID: 46950194A309C0C519458917FF9A4C27
Requests: 1 HTTP requests in this frame

Frame: https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Frame ID: 85C47B2A2141537AEDBA346FD79883A8
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 3FF9F08428D9BD815009410C2A63ED78
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Frame ID: 07861E05A7A578C0422492C24CB94C19
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={viewer_token}&gdpr=0
Frame ID: 50A977B9C46BCA226C9667EDFC1FCC7E
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatchredir?s=200547&cb=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D201339086%26mi%3D10%26csh%3D1402230080%3B1709765917%26rnd%3D1409321288%26pcid%3D__UID__
Frame ID: 2AD74BFF256E630B1F0E0294F8BF9760
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 1A5AE42EAB9C9BCE0FB7FBEB60A5A248
Requests: 3 HTTP requests in this frame

Frame: https://sync.teads.tv/iframe?gdprIab=%7B%22status%22%3A0%7D
Frame ID: 010B31E81D1BE1B185813A6C1298DC9C
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: ED71E93C2BA9A17A4E8416E2BBEC64D0
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?gdpr_consent=undefined
Frame ID: D644A146A4A4019ED82473D9C55F3508
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 99D84EBF32F4281870CBF05D648ABFA0
Requests: 2 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd?us_privacy=1---
Frame ID: 9DB8550A99614199B3CCFD5A2D05CA0D
Requests: 7 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156595&us_privacy=1---
Frame ID: 4112AB946C4D9B4F992CBFD7D7A4E4AF
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?us_privacy=1---
Frame ID: A72FEE561B4DBAD84D2C38B30706241D
Requests: 2 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: 7F72CDEB363BF1C53E3D74AFB86E4B18
Requests: 11 HTTP requests in this frame

Frame: https://de.tynt.com/deb/v2?m=xch&rt=html&id=ahOcs-0hSr66bCaKj0P0Le&gdpr_consent=undefined&us_privacy=undefined&b=1
Frame ID: C43A5D98D5D0F85799819F33E8DFB3DD
Requests: 5 HTTP requests in this frame

Frame: https://de.tynt.com/deb/v2?m=xch&rt=html&id=avU6sM0hSr66bCaKj0P0Le&gdpr_consent=undefined&us_privacy=undefined&b=1
Frame ID: A36D382F817A6005460850EE87DCB926
Requests: 5 HTTP requests in this frame

Frame: https://jp-u.openx.net/w/1.0/pd?plm=10&ph=d7066e05-92d3-4e83-b4f2-cbee552a2f6b&gdpr=0?gdpr=0&gdpr_consent=
Frame ID: EC49461FDBC6DFFFF4CC750E37D3FABE
Requests: 11 HTTP requests in this frame

Frame: https://de.tynt.com/deb/v2?m=xch&rt=html&id=ampQeC0hSr66bCaKj0P0Le&gdpr_consent=undefined&us_privacy=undefined&b=1
Frame ID: 1BDCE26E92BBB8FD9AC10C0D5ED0F4AC
Requests: 5 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:af57638d-6cfa-4600-8909-94e1f1deb2d9&gdpr=0&gdpr_consent=
Frame ID: 88C4E4DCFF7708B022A790A607ECA498
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y41s_gAAAZViBgAp&gdpr=0&gdpr_consent=
Frame ID: 562C23F9F5E85D1BEFE4D92EB3427D70
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6665481102401954734&gdpr=0&gdpr_consent=
Frame ID: 294D02684E6C0F64BB2D16C95791D887
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=418xauMPbzj4Cjk_sFUkPedaaD34Djo3sFhnxaeZ
Frame ID: 8A1EB27FB9ACA968281813A372393A98
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=y2gqwq7qgks
Frame ID: 83D5F0A3667AAAF560A09CF4559DEC54
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=PM_UIDE0D49FB2-6484-443C-94BA-B894703FD7A2
Frame ID: 4DC6D14BB56A603207ED95ED65AD8C3B
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Frame ID: 113E7B63D28ABA99A5D8189822F41D9F
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=228vAfxoQ_VeR2Hwba6UzWfR_lM
Frame ID: 6929C2886B1E043377C6C9186470ED32
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=rfSoucguAf6m1BWJ-myNYw
Frame ID: 366D3AF80943524BCF9C41433977B4AD
Requests: 1 HTTP requests in this frame

Frame: https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=pubmatic&rd=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyNTMmdGw9MTI5NjAw%26piggybackCookie%3D
Frame ID: BD719F7056BFC7164D8E9669A91AA4BA
Requests: 1 HTTP requests in this frame

Frame: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Frame ID: 2D3539C8E29F371D5359F93367777D2E
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=pbm&i=E0D49FB2-6484-443C-94BA-B894703FD7A2
Frame ID: BABA2D9235D76FA4FD511269E4B4B273
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Frame ID: 0FCB5AA726DBF59F0F8A63260CAB8A22
Requests: 3 HTTP requests in this frame

Frame: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Frame ID: A86F6D26A440442CBED5E9973CD41CAB
Requests: 12 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Frame ID: BC619984DF8A35AAAA40D4D273F63EFB
Requests: 2 HTTP requests in this frame

Frame: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Frame ID: 11C37FD4EE8A3A9D53ADA3FDA249E3D7
Requests: 12 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Frame ID: AB74DB3E050FEEBD8584FA495A4B01BC
Requests: 2 HTTP requests in this frame

Frame: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Frame ID: 34ADB4B915A30EB994446A628518FD8B
Requests: 12 HTTP requests in this frame

Frame: https://de.tynt.com/deb/v2?m=xch&rt=html&id=aq47yi0hSr66bCaKj0P0Le&gdpr_consent=undefined&us_privacy=undefined
Frame ID: 582A6A8A8B11FB1F738549E2260AC932
Requests: 1 HTTP requests in this frame

Frame: https://de.tynt.com/deb/v2?m=xch&rt=html&id=aARC5I0hSr66bCaKj0P0Le&gdpr_consent=undefined&us_privacy=undefined
Frame ID: 6EDECE9CBA1D78148EF1A8AEF9A5297E
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon?informer=13412165
Frame ID: 1E83725A72EFD6B63FEDA3EC8170F46C
Requests: 23 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=222be45c84fd46478d1c8288686c3634
Frame ID: 5FEE5434C3F5AF0C5F949C977B362F24
Requests: 1 HTTP requests in this frame

Frame: https://dps.jp.cinarra.com/pxd?PLATFORM_ID=D&USER_ID=E0D49FB2-6484-443C-94BA-B894703FD7A2
Frame ID: 6CB7A90B5673C6297A90C5B11C5A2964
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:cdLMNgQe1P22F45&gdpr=0&gdpr_consent=
Frame ID: 83336CE57959B4CCAA8A186886B0EFE0
Requests: 1 HTTP requests in this frame

Frame: https://sync.targeting.unrulymedia.com/csync/RX-41bfb3c0-28e7-4ac9-9b32-d4947a9f9983-004
Frame ID: 1D4936C80BCD8F656AF1E112D6AC175B
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: F2721979425CD220A74A4661CFAF3DBE
Requests: 1 HTTP requests in this frame

Frame: https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Frame ID: 3702E86CAFB1837FB0EA3D7AAC4165BA
Requests: 1 HTTP requests in this frame

Frame: https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: B171866BD877DB657004766B3A5592ED
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Frame ID: 0192FD92ED99F5B521A6C1F0E0D794E8
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={viewer_token}&gdpr=0
Frame ID: 6EE743D239584A576CACCFBD9E1505FD
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:D2890877A16842FBAB5E0498421370CE&gdpr=0&gdpr_consent=
Frame ID: E803F0F3C445D2B54F255F40517953E9
Requests: 1 HTTP requests in this frame

Frame: https://ce.lijit.com/merge?pid=1&3pid=3034912127337643283&gdpr=0&gdpr_consent=
Frame ID: 9FFB8360E6B4F28A8F708D93CC6E4589
Requests: 1 HTTP requests in this frame

Frame: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Frame ID: 68CA35A60FDC427F865DA444A19D6599
Requests: 8 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=1&gdpr_consent=ABCFETYFDJLNBFCV&gdpr=0&gdpr_consent=
Frame ID: 2A777457827AF2ADFCAE494C73129FEB
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Frame ID: 119E217B8854B78ECC5ED89D7CA1D075
Requests: 1 HTTP requests in this frame

Frame: https://ce.lijit.com/merge?pid=58&3pid=E0D49FB2-6484-443C-94BA-B894703FD7A2
Frame ID: 83FAACCCCCB964097995F2DE996BFCBE
Requests: 1 HTTP requests in this frame

Frame: https://ce.lijit.com/merge?pid=71&3pid=E0D49FB2-6484-443C-94BA-B894703FD7A2
Frame ID: 9651D5F26ACCA114DF0C889BAB4E0844
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=wegotthiscovered.com&gdpr=0&gdpr_consent=
Frame ID: 859983A80A73EF7363D4866E5330B24F
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 106DEF524EE55B7E526EEEE2CA711DA5
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 7DE48AEC486841DB883624D28F78DD27
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Movie News, Gaming News, Blu-Ray News, Music News, and TV News | We Got This CoveredArrow Left #1 IconArrow right #1 Icon

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • chartbeat\.js
Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googleoptimize\.com/optimize\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • ([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • \.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

728
Requests

70 %
HTTPS

0 %
IPv6

145
Domains

236
Subdomains

147
IPs

14
Countries

9382 kB
Transfer

16930 kB
Size

287
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 9
  • https://unpkg.com/swiper@8/swiper-bundle.min.css?ver=6.1.1 HTTP 302
  • https://unpkg.com/swiper@8/swiper-bundle.min.css HTTP 302
  • https://unpkg.com/swiper@8.4.5/swiper-bundle.min.css
Request Chain 14
  • https://unpkg.com/swiper@8/swiper-bundle.min.js?ver=6.1.1 HTTP 302
  • https://unpkg.com/swiper@8/swiper-bundle.min.js HTTP 302
  • https://unpkg.com/swiper@8.4.5/swiper-bundle.min.js
Request Chain 89
  • https://unpkg.com/web-vitals/dist/web-vitals.iife.js HTTP 302
  • https://unpkg.com/web-vitals@3.1.0/dist/web-vitals.iife.js
Request Chain 135
  • https://c.amazon-adsystem.com/aax2/apstag.js HTTP 301
  • https://d3div1mtym39ic.cloudfront.net/aax2/apstag.js
Request Chain 136
  • https://ce.lijit.com/merge?pid=263069&3pid=82fc80b8-8ecd-44cf-b189-b9a1bbbc2664&location=https%3A%2F%2Fusync.proper.io%2Fv1%2Fusersync%3Fbidder%3Dsovrn%26proper_uid%3D82fc80b8-8ecd-44cf-b189-b9a1bbbc2664%26uid%3D%5BSOVRNID%5D&&callback=window.proper_5ba389eb_037eb042_1 HTTP 302
  • https://ce.lijit.com/merge?pid=263069&3pid=82fc80b8-8ecd-44cf-b189-b9a1bbbc2664&location=https%3A%2F%2Fusync.proper.io%2Fv1%2Fusersync%3Fbidder%3Dsovrn%26proper_uid%3D82fc80b8-8ecd-44cf-b189-b9a1bbbc2664%26uid%3D%5BSOVRNID%5D&callback=window.proper_5ba389eb_037eb042_1&dnr=1 HTTP 302
  • https://usync.proper.io/v1/usersync?bidder=sovrn&proper_uid=82fc80b8-8ecd-44cf-b189-b9a1bbbc2664&uid=Fw2QCRZHu3v1r7TzQW6rTsLw
Request Chain 137
  • https://prebid.a-mo.net/cchain/0?cb=https%3A%2F%2Fusync.proper.io%2Fv1%2Fusersync%3Fbidder%3Dadaptmx%26proper_uid%3D82fc80b8-8ecd-44cf-b189-b9a1bbbc2664%26uid%3D&&callback=window.proper_7f387311_7ddc7d5b_2 HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F4471%3Fgdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26A%3Df33dd133-4dbf-4af7-844a-20b520c1ea9f%26bidder%3Dappnexus%26cbx%3DaHR0cHM6Ly91c3luYy5wcm9wZXIuaW8vdjEvdXNlcnN5bmM_YmlkZGVyPWFkYXB0bXgmcHJvcGVyX3VpZD04MmZjODBiOC04ZWNkLTQ0Y2YtYjE4OS1iOWExYmJiYzI2NjQmdWlkPQ%253D%253D%26uid%3D%24UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fprebid.a-mo.net%252Fcchain%252F0%252F4471%253Fgdpr%253D%2526gdpr_consent%253D%2526us_privacy%253D%2526A%253Df33dd133-4dbf-4af7-844a-20b520c1ea9f%2526bidder%253Dappnexus%2526cbx%253DaHR0cHM6Ly91c3luYy5wcm9wZXIuaW8vdjEvdXNlcnN5bmM_YmlkZGVyPWFkYXB0bXgmcHJvcGVyX3VpZD04MmZjODBiOC04ZWNkLTQ0Y2YtYjE4OS1iOWExYmJiYzI2NjQmdWlkPQ%25253D%25253D%2526uid%253D%2524UID HTTP 302
  • https://prebid.a-mo.net/cchain/0/4471?gdpr=&gdpr_consent=&us_privacy=&A=f33dd133-4dbf-4af7-844a-20b520c1ea9f&bidder=appnexus&cbx=aHR0cHM6Ly91c3luYy5wcm9wZXIuaW8vdjEvdXNlcnN5bmM_YmlkZGVyPWFkYXB0bXgmcHJvcGVyX3VpZD04MmZjODBiOC04ZWNkLTQ0Y2YtYjE4OS1iOWExYmJiYzI2NjQmdWlkPQ%3D%3D&uid=6665481102401954734 HTTP 302
  • https://cm.adform.net/cookie?gdpr=0&gdpr_consent=&redirect_url=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F1%2F4471%3Fgdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26A%3Df33dd133-4dbf-4af7-844a-20b520c1ea9f%26bidder%3Dadform%26cbx%3DaHR0cHM6Ly91c3luYy5wcm9wZXIuaW8vdjEvdXNlcnN5bmM_YmlkZGVyPWFkYXB0bXgmcHJvcGVyX3VpZD04MmZjODBiOC04ZWNkLTQ0Y2YtYjE4OS1iOWExYmJiYzI2NjQmdWlkPQ%253D%253D%26uid%3D%24UID
Request Chain 138
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fusync.proper.io%2Fv1%2Fusersync%3Fbidder%3Dmediagrid%26proper_uid%3D82fc80b8-8ecd-44cf-b189-b9a1bbbc2664%26uid%3D%24%7BBSW_UUID%7D?&callback=window.proper_e5affeb0_04c97d82_3 HTTP 302
  • https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fusync.proper.io%2Fv1%2Fusersync%3Fbidder%3Dmediagrid%26proper_uid%3D82fc80b8-8ecd-44cf-b189-b9a1bbbc2664%26uid%3D%24%7BBSW_UUID%7D?&callback=window.proper_e5affeb0_04c97d82_3 HTTP 302
  • https://usync.proper.io/v1/usersync?bidder=mediagrid&proper_uid=82fc80b8-8ecd-44cf-b189-b9a1bbbc2664&uid=80b35f2d-fa1a-47da-9010-64e13e84dcaf
Request Chain 202
  • https://sb.scorecardresearch.com/b?c1=2&c2=6035334&cs_it=b3&cv=3.8.0.210223&ns__t=1670212852878&ns_c=UTF-8&gdpr=0&gdpr_p1t=&gdpr_li=&gdpr_purps=&gdpr_pcc=&cs_cmp_nc=1&cs_cmp_id=9&cs_cmp_sv=4&cs_cmp_rt=405&c7=https%3A%2F%2Fwegotthiscovered.com%2F&c8=Movie%20News%2C%20Gaming%20News%2C%20Blu-Ray%20News%2C%20Music%20News%2C%20and%20TV%20News%20%7C%20We%20Got%20This%20Covered&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=2&c2=6035334&cs_it=b3&cv=3.8.0.210223&ns__t=1670212852878&ns_c=UTF-8&gdpr=0&gdpr_p1t=&gdpr_li=&gdpr_purps=&gdpr_pcc=&cs_cmp_nc=1&cs_cmp_id=9&cs_cmp_sv=4&cs_cmp_rt=405&c7=https%3A%2F%2Fwegotthiscovered.com%2F&c8=Movie%20News%2C%20Gaming%20News%2C%20Blu-Ray%20News%2C%20Music%20News%2C%20and%20TV%20News%20%7C%20We%20Got%20This%20Covered&c9=
Request Chain 253
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=n-smaato_gg_n-mediagrid_n-sharethrough_n-LoopMe_pm-db5_ym_rbd_n-vmg_n-MediaNet_3lift_n-Outbrain HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=n-smaato_gg_n-mediagrid_n-sharethrough_n-LoopMe_pm-db5_ym_rbd_n-vmg_n-MediaNet_3lift_n-Outbrain&dcc=t
Request Chain 281
  • https://c.amazon-adsystem.com/aax2/apstag.js HTTP 301
  • https://d3div1mtym39ic.cloudfront.net/aax2/apstag.js
Request Chain 283
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&secure=1&dpi=793790479&rnd=423642&iiqidtype=2&iiqpcid=d9309391-40b4-435b-8db6-eb3b97cdd1a6&iiqpciddate=1670212855908&tsrnd=605_1670212855909&fbp=1741815379&vrref=https%3A%2F%2Fwegotthiscovered.com%2F&jsver=5.09 HTTP 302
  • https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&secure=1&dpi=793790479&rnd=423642&iiqidtype=2&iiqpcid=d9309391-40b4-435b-8db6-eb3b97cdd1a6&iiqpciddate=1670212855908&tsrnd=605_1670212855909&fbp=1741815379&vrref=https%3A%2F%2Fwegotthiscovered.com%2F&jsver=5.09&ckls=true&ci=QnClFusBBa&nc=false&trid=323612366 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156872&pu=https%3A%2F%2Fsync1.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1402230080%26mi%3D10%26csh%3D793790479%26rnd%3D495666564%26pcid%3D%23PMUID HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156872&pu=https%3A%2F%2Fsync1.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1402230080%26mi%3D10%26csh%3D793790479%26rnd%3D495666564%26pcid%3D%23PMUID&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MUQ3MEFDOUEtRkVGNi00REI3LUExQUUtRUIyOTIyMTY1OEM0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEIIUZvUHDUlIqYn_08wlweU&google_cver=1 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=1402230080&mi=10&csh=2023874098&rnd=1738078019&pcid=E0D49FB2-6484-443C-94BA-B894703FD7A2 HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1709765917%26mi%3D10%26csh%3D2023874098%3B1402230080%26rnd%3D-1209231281&pcid=$UID HTTP 302
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=1709765917&mi=10&csh=2023874098;1402230080&rnd=-1209231281&pcid=6665481102401954734 HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=200547&cb=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D201339086%26mi%3D10%26csh%3D2023874098%3B1402230080%3B1709765917%26rnd%3D139110967%26pcid%3D__UID__
Request Chain 292
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm&gdpr=0 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECX_wRNbjOAbRH9pcM_qC-w&google_cver=1&gdpr=0 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECX_wRNbjOAbRH9pcM_qC-w&google_cver=1&gdpr=0&C=1
Request Chain 293
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&gdpr=0&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&gdpr=0&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y41s.exRswArRX4.re5XYwAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECX_wRNbjOAbRH9pcM_qC-w&google_cver=1&google_hm=2
Request Chain 294
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm&gdpr=0 HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESEKhNsvfUCCvLxT-K66ZLGmY&google_cver=1
Request Chain 295
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjY2NTQ4MTEwMjQwMTk1NDczNA%3D%3D
Request Chain 297
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm&gdpr=0 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECX_wRNbjOAbRH9pcM_qC-w&google_cver=1&gdpr=0 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECX_wRNbjOAbRH9pcM_qC-w&google_cver=1&gdpr=0&C=1
Request Chain 298
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&gdpr=0&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&gdpr=0&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y41s.exRswArRX4.re5XYwAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECX_wRNbjOAbRH9pcM_qC-w&google_cver=1&google_hm=2
Request Chain 299
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm&gdpr=0 HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESEKhNsvfUCCvLxT-K66ZLGmY&google_cver=1
Request Chain 300
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjY2NTQ4MTEwMjQwMTk1NDczNA%3D%3D
Request Chain 304
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 316
  • https://u.openx.net/w/1.0/cm?gdpr=0&gdpr_consent=&id=476b50d3-5ccf-49a1-89b8-1ddf8ea18042&r=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D98%26advUuid%3D HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&advId=98&advUuid=a6f55951-6b0c-43cb-af3a-e76a33d3568c HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=1486637409&pcid=a6f55951-6b0c-43cb-af3a-e76a33d3568c HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156872&pu=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1402230080%26mi%3D10%26csh%3D1486637409%26rnd%3D159942035%26pcid%3D%23PMUID HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156872&pu=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1402230080%26mi%3D10%26csh%3D1486637409%26rnd%3D159942035%26pcid%3D%23PMUID&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NkExNDFEQTItNjk3Qy00MTgwLUJDM0QtNTc2OTk1RkQ2Njk1&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEIIUZvUHDUlIqYn_08wlweU&google_cver=1 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=1402230080&mi=10&csh=2023874098&rnd=1738078019&pcid=E0D49FB2-6484-443C-94BA-B894703FD7A2 HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1709765917%26mi%3D10%26csh%3D2023874098%3B1402230080%26rnd%3D1637934543&pcid=$UID HTTP 302
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=1709765917&mi=10&csh=2023874098;1402230080&rnd=1637934543&pcid=6665481102401954734 HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=200547&cb=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D201339086%26mi%3D10%26csh%3D2023874098%3B1402230080%3B1709765917%26rnd%3D-1406022426%26pcid%3D__UID__
Request Chain 321
  • https://x.bidswitch.net/sync?ssp=sekindo&gdpr=0&gdpr_consent= HTTP 302
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=80b35f2d-fa1a-47da-9010-64e13e84dcaf&ssp=sekindo&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2910&partner_device_id=10524349382118821030&gdpr=0&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.visitorid%3D%24%7BTA_DEVICE_ID%7D%26ssp%3Dsekindo%26gdpr_consent%3D%26gdpr%3D0 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2910&partner_device_id=10524349382118821030&gdpr=0&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.visitorid%3D%24%7BTA_DEVICE_ID%7D%26ssp%3Dsekindo%26gdpr_consent%3D%26gdpr%3D0 HTTP 302
  • https://odr.mookie1.com/t/v2?tagid=V2_948118&src.visitorid=99425b1c-5be5-4b55-8e5e-c77148467017&ssp=sekindo&gdpr_consent=&gdpr=0 HTTP 302
  • https://aa.agkn.com/adscores/g.pixel?sid=9212302828&puid=10524349382118821030&ssp=sekindo&gdpr=0&gdpr_consent= HTTP 302
  • https://odr.mookie1.com/t/v2?tagid=V2_785409&src.visitorId=232363304356002906117&ssp=sekindo&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=419&user_id=10524349382118821030&ssp=sekindo&gdpr=0&gdpr_consent= HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&pixel=&advId=24830&advUuid=80b35f2d-fa1a-47da-9010-64e13e84dcaf
Request Chain 322
  • https://csync.loopme.me/?pubid=11280&gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D93%26advUuid%3D%7Bviewer_token%7D HTTP 307
  • https://live.primis.tech/live/liveCS.php?source=external&advId=93&advUuid=e58da24e-198f-4926-9b26-e3103003536e&gdpr_consent=null&gdpr=0
Request Chain 323
  • https://ssum-sec.casalemedia.com/usermatchredir?s=192962&gdpr=0&gdpr_consent=&cb=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D99%26advUuid%3D HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D99%26advUuid%3D&gdpr=0&gdpr_consent=&s=192962&C=1 HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&advId=99&advUuid=Y41s-W8AuuqXN2rCesl1hQAAFNsAAAIB HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=2023874098&pcid=Y41s-W8AuuqXN2rCesl1hQAAFNsAAAIB HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156872&pu=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1402230080%26mi%3D10%26csh%3D2023874098%26rnd%3D1738078019%26pcid%3D%23PMUID HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEIIUZvUHDUlIqYn_08wlweU&google_cver=1 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=068165a1-9f84-469f-b0f4-06b7381834b8&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/pubmatic/E0D49FB2-6484-443C-94BA-B894703FD7A2?gdpr=0&gdpr_consent=
Request Chain 324
  • https://eb2.3lift.com/getuid?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D121%26advUuid%3D%24UID HTTP 302
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D121%26advUuid%3D%24UID HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&advId=121&advUuid=96064650708096559124 HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=259151345&pcid=96064650708096559124 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156872&pu=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1402230080%26mi%3D10%26csh%3D259151345%26rnd%3D-809482575%26pcid%3D%23PMUID HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEIIUZvUHDUlIqYn_08wlweU&google_cver=1 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=1402230080&mi=10&csh=2023874098&rnd=1738078019&pcid=E0D49FB2-6484-443C-94BA-B894703FD7A2 HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1709765917%26mi%3D10%26csh%3D2023874098%3B1402230080%26rnd%3D1502683159&pcid=$UID HTTP 302
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=1709765917&mi=10&csh=2023874098;1402230080&rnd=1502683159&pcid=6665481102401954734 HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=200547&cb=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D201339086%26mi%3D10%26csh%3D2023874098%3B1402230080%3B1709765917%26rnd%3D-1222338856%26pcid%3D__UID__
Request Chain 325
  • https://pixel.rubiconproject.com/exchange/sync.php?p=primis&gdpr=0&gdpr_consent= HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&csuuid=618110e63fc8f&advId=100&advUuid=LBA9LY0O-6-E4O5&pixel=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26mi%3D10%26dpi%3D1725065545%26pcid%3DLBA9LY0O-6-E4O5&gdpr=0 HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=1725065545&pcid=LBA9LY0O-6-E4O5 HTTP 302
  • https://u.openx.net/w/1.0/cm?id=476b50d3-5ccf-49a1-89b8-1ddf8ea18042&r=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1486637409%26mi%3D10%26csh%3D1486637409%3B1725065545%26rnd%3D-1201165667%26pcid%3D HTTP 302
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=1486637409&mi=10&csh=1486637409;1725065545&rnd=-1201165667&pcid=a6f55951-6b0c-43cb-af3a-e76a33d3568c HTTP 302
  • https://ce.lijit.com/merge?pid=8101&3pid=QnClFusBBa&location=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D396218182%26mi%3D10%26csh%3D1486637409%3B1725065545%3B1486637409%26rnd%3D-1538460004%26pcid%3D%5BSOVRNID%5D HTTP 302
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=396218182&mi=10&csh=1486637409;1725065545;1486637409&rnd=-1538460004&pcid=Fw2QCRZHu3v1r7TzQW6rTsLw HTTP 302
  • https://sync.mathtag.com/sync/img?mt_exid=10019&redir=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1678944572%26mi%3D10%26csh%3D1486637409%3B1725065545%3B1486637409%3B396218182%26rnd%3D-664253552%26pcid=[MM_UUID] HTTP 302
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=1678944572&mi=10&csh=1486637409;1725065545;1486637409;396218182&rnd=-664253552&pcid=af57638d-6cfa-4600-8909-94e1f1deb2d9 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=12218&nid=2528&put=QnClFusBBa&expires=1825&rnd=301066420
Request Chain 326
  • https://ups.analytics.yahoo.com/ups/58627/occ?gdpr=0&gdpr_consent= HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&advId=128&advUuid=y-v0EYJxRE2uHs3QQDLifZlYI0zOFJ2DQHpwHE1wM-~A&gdpr=0&gdpr_consent= HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=1028935272&pcid=y-v0EYJxRE2uHs3QQDLifZlYI0zOFJ2DQHpwHE1wM-~A HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156872&pu=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1402230080%26mi%3D10%26csh%3D1028935272%26rnd%3D1280026963%26pcid%3D%23PMUID HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEIIUZvUHDUlIqYn_08wlweU&google_cver=1 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:D2890877A16842FBAB5E0498421370CE HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/pubmatic/E0D49FB2-6484-443C-94BA-B894703FD7A2?gdpr=0&gdpr_consent=
Request Chain 327
  • https://secure.adnxs.com/getuid?https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D105%26advUuid%3D%24UID HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&advId=105&advUuid=6665481102401954734 HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=1709765917&pcid=6665481102401954734 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156872&pu=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1402230080%26mi%3D10%26csh%3D1709765917%26rnd%3D1948751217%26pcid%3D%23PMUID HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEIIUZvUHDUlIqYn_08wlweU&google_cver=1 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=1402230080&mi=10&csh=2023874098&rnd=1738078019&pcid=E0D49FB2-6484-443C-94BA-B894703FD7A2 HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1709765917%26mi%3D10%26csh%3D2023874098%3B1402230080%26rnd%3D983590664&pcid=$UID HTTP 302
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=1709765917&mi=10&csh=2023874098;1402230080&rnd=983590664&pcid=6665481102401954734 HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=200547&cb=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D201339086%26mi%3D10%26csh%3D2023874098%3B1402230080%3B1709765917%26rnd%3D-102141521%26pcid%3D__UID__
Request Chain 328
  • https://mb9eo.publishers.tremorhub.com/pubsync?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D126%26advUuid%3D%5Btvid%5D HTTP 302
  • https://mb9eo.publishers.tremorhub.com/pubsync/verify?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D126%26advUuid%3D%5Btvid%5D HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&advId=126&advUuid=22ae6b029cf64a39a7db3a2f043fd035 HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=584182936&pcid=22ae6b029cf64a39a7db3a2f043fd035 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156872&pu=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1402230080%26mi%3D10%26csh%3D584182936%26rnd%3D1564411225%26pcid%3D%23PMUID HTTP 302
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:D2890877A16842FBAB5E0498421370CE HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/pubmatic/E0D49FB2-6484-443C-94BA-B894703FD7A2?gdpr=0&gdpr_consent=
Request Chain 329
  • https://cs.media.net/cksync?gdpr=0&gdpr_consent=&cs=34&type=pri&ovsid=638d6cf666bb7&redirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D127%26advUuid%3D%3Cvsid%3E HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&advId=127&advUuid=3132144571537998000V10 HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=1723987475&pcid=3132144571537998000V10 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156872&pu=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1402230080%26mi%3D10%26csh%3D1723987475%26rnd%3D704316134%26pcid%3D%23PMUID HTTP 302
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=1402230080&mi=10&csh=1723987475&rnd=704316134&pcid=E0D49FB2-6484-443C-94BA-B894703FD7A2 HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1709765917%26mi%3D10%26csh%3D1723987475%3B1402230080%26rnd%3D1689984886&pcid=$UID HTTP 302
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=1709765917&mi=10&csh=1723987475;1402230080&rnd=1689984886&pcid=6665481102401954734 HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=200547&cb=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D201339086%26mi%3D10%26csh%3D1723987475%3B1402230080%3B1709765917%26rnd%3D983007219%26pcid%3D__UID__
Request Chain 330
  • https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D130%26advUuid%3D%24UID HTTP 307
  • https://live.primis.tech/live/liveCS.php?source=external&advId=130&advUuid=Fw2QCRZHu3v1r7TzQW6rTsLw HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=396218182&pcid=Fw2QCRZHu3v1r7TzQW6rTsLw HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156872&pu=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1402230080%26mi%3D10%26csh%3D396218182%26rnd%3D1086430728%26pcid%3D%23PMUID HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RTBENDlGQjItNjQ4NC00NDNDLTk0QkEtQjg5NDcwM0ZEN0Ey&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 331
  • https://ads.stickyadstv.com/user-matching?id=3586&gdpr=0&gdpr_consent= HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&pixel=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26mi%3D10%26dpi%3D793790479%263rddpi%3D484859127%263rdpcid%3Daff08fbb323e9e876aa6076ba5230eb&advId=134&advUuid=aff08fbb323e9e876aa6076ba5230eb&gdpr_consent=&gdpr=0 HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=484859127&3rdpcid=aff08fbb323e9e876aa6076ba5230eb HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156872&pu=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1402230080%26mi%3D10%26csh%3D793790479%26rnd%3D-1246140210%26pcid%3D%23PMUID HTTP 302
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=1402230080&mi=10&csh=793790479&rnd=-1246140210&pcid=E0D49FB2-6484-443C-94BA-B894703FD7A2 HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1709765917%26mi%3D10%26csh%3D793790479%3B1402230080%26rnd%3D1745524679&pcid=$UID HTTP 302
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=1709765917&mi=10&csh=793790479;1402230080&rnd=1745524679&pcid=6665481102401954734 HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=200547&cb=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D201339086%26mi%3D10%26csh%3D793790479%3B1402230080%3B1709765917%26rnd%3D103526101%26pcid%3D__UID__
Request Chain 332
  • https://cs.admanmedia.com/3613a31b6329d1c17d5663d05b080db1.gif?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D138%26advUuid%3D%5BUID%5D HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&advId=138&advUuid=308e1982-4100-4e40-b524-dff1790fca25 HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=2136778551&pcid=308e1982-4100-4e40-b524-dff1790fca25 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156872&pu=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1402230080%26mi%3D10%26csh%3D2136778551%26rnd%3D-1266792756%26pcid%3D%23PMUID HTTP 302
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=1402230080&mi=10&csh=2136778551&rnd=-1266792756&pcid=E0D49FB2-6484-443C-94BA-B894703FD7A2 HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1709765917%26mi%3D10%26csh%3D2136778551%3B1402230080%26rnd%3D985129048&pcid=$UID HTTP 302
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=1709765917&mi=10&csh=2136778551;1402230080&rnd=985129048&pcid=6665481102401954734 HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=200547&cb=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D201339086%26mi%3D10%26csh%3D2136778551%3B1402230080%3B1709765917%26rnd%3D1363558109%26pcid%3D__UID__
Request Chain 344
  • https://um.simpli.fi/gp_match?google_gid=CAESEMVsZ2oYOZj5Ik4lJsMf6Tk&google_cver=1&google_push=ASkJ3Fb-RvcRgO2P_gqjt9udjNoavTyautF6hjnAG8Y2-Tmru_9o13thL-Vm0PWkDsl4I8xbhRn1pq3__ciDu_eKOLJUypUoGw3yc5qKcKtwZvoIU0Syw8NMdEzfRWsinBhx3-GucCBAF9QJCFmsJvrQxhE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=D2890877A16842FBAB5E0498421370CE&google_push=ASkJ3Fb-RvcRgO2P_gqjt9udjNoavTyautF6hjnAG8Y2-Tmru_9o13thL-Vm0PWkDsl4I8xbhRn1pq3__ciDu_eKOLJUypUoGw3yc5qKcKtwZvoIU0Syw8NMdEzfRWsinBhx3-GucCBAF9QJCFmsJvrQxhE
Request Chain 345
  • https://sync.fout.jp/sync?xid=googleadex&g_pixel=&google_gid=CAESENJBJrI6l6wA79TbNRtVXM0&google_cver=1&google_push=ASkJ3FYUdVe_lgTuJhsC1HfePS0H5moBaFtOXNryBHATXJNTsfAXt6kMiuDCbl6Izlm0cUqEu6wzeg4mywtBN8MwEt4yszgFL7Pxj9xPGJ_S4lOEByPeIgOoYOTf2Wti3xXxRbygcfboBpLlD19hzaXcVZ8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=freakout&google_push=ASkJ3FYUdVe_lgTuJhsC1HfePS0H5moBaFtOXNryBHATXJNTsfAXt6kMiuDCbl6Izlm0cUqEu6wzeg4mywtBN8MwEt4yszgFL7Pxj9xPGJ_S4lOEByPeIgOoYOTf2Wti3xXxRbygcfboBpLlD19hzaXcVZ8&google_hm=RDI0d2U4clRRdW5WbVdubFlfMmNLZGZZM3Rz&from_google=pc1
Request Chain 346
  • https://mweb.ck.inmobi.com/sync/3?redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dinmobi_pte_limited%26google_hm%3D%24DSP_CKID&google_gid=CAESELvOxYK-i9skI7il4YpST08&google_cver=1&google_push=ASkJ3FbLKCkbin-HUBLagPVwF1gINZiGa_zRwC7SW6kYy1ea-x-i8GOkEqB1BUOqaFPT5pCGKOzrE90D9IXHiIsakM0WPtCfGSV-pQqHT5C7Ti-_xno2EVBFRwvMJ1Riwfpb74LkeqMWNhIEXi6P3qZXOA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=MGNmZDFmYjktYTU1Mi00ZjVkLTg2MTctNWI3ZGVmYmRhNDE3&google_gid=CAESELvOxYK-i9skI7il4YpST08&google_cver=1&google_push=ASkJ3FbLKCkbin-HUBLagPVwF1gINZiGa_zRwC7SW6kYy1ea-x-i8GOkEqB1BUOqaFPT5pCGKOzrE90D9IXHiIsakM0WPtCfGSV-pQqHT5C7Ti-_xno2EVBFRwvMJ1Riwfpb74LkeqMWNhIEXi6P3qZXOA
Request Chain 347
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEMDvjHxofcoxf3knAj3BpIw&google_cver=1&google_push=ASkJ3FYi_FZVAIoVLsGcJP8bw66PMWpJFs3405X4PSqIuM7Cxkj49p8kpN-3rOCrQhtZTeRNY1gPaGYHbCmmdnsl3YlDfc9CISSCVnkGaGT-cO-KhUpcaeHGKYUT1_wTDZO2bcEfdRmpMpg9oxNxfBDRW18 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEJBOUxZME8tNi1FNE81&google_push=ASkJ3FYi_FZVAIoVLsGcJP8bw66PMWpJFs3405X4PSqIuM7Cxkj49p8kpN-3rOCrQhtZTeRNY1gPaGYHbCmmdnsl3YlDfc9CISSCVnkGaGT-cO-KhUpcaeHGKYUT1_wTDZO2bcEfdRmpMpg9oxNxfBDRW18
Request Chain 348
  • https://ads.yieldmo.com/exptsync?google_gid=CAESEPvcEAtCCbrBtEELtEFFkxA&google_cver=1&google_push=ASkJ3FYdc8xMckbh7KaArAy0KH9z2_xgGMMhVoyh9ITescleGPqbew0Qb7PwIGhE8nK1NZkKhua85vP2W7o0eOpImYab5txofouVNCfLeTkAhQaot2z6b4VrJn3rGDccGMAMX1LX3Dm_OGuOoo90-QmIZQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=ASkJ3FYdc8xMckbh7KaArAy0KH9z2_xgGMMhVoyh9ITescleGPqbew0Qb7PwIGhE8nK1NZkKhua85vP2W7o0eOpImYab5txofouVNCfLeTkAhQaot2z6b4VrJn3rGDccGMAMX1LX3Dm_OGuOoo90-QmIZQ&google_hm=Z2FkMzIzZmNhZTA4OWY2ZDg1MGE=
Request Chain 349
  • https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=google&pixel_match=y&google_gid=CAESEJLs-qsIjtoESDFe7o8_wvM&google_cver=1&google_push=ASkJ3Fb6hJ2FD8SVPP_WxfGJ37hoxOZ4A_6v_tqmn-VJPp70zKscapXKeCHSW6fiG0XCjeA2DPBqwmUruYawPex80ha0bNZd4_4QJJdIbX7B6XNpLgGhGlvJnh30etQtAMiaDjW_-B3xrWehXXEW2WEZoXzZ HTTP 302
  • https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=google&pixel_match=y&google_gid=CAESEJLs-qsIjtoESDFe7o8_wvM&google_cver=1&google_push=ASkJ3Fb6hJ2FD8SVPP_WxfGJ37hoxOZ4A_6v_tqmn-VJPp70zKscapXKeCHSW6fiG0XCjeA2DPBqwmUruYawPex80ha0bNZd4_4QJJdIbX7B6XNpLgGhGlvJnh30etQtAMiaDjW_-B3xrWehXXEW2WEZoXzZ&uid-set=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=admatrix_dsp&google_push=ASkJ3Fb6hJ2FD8SVPP_WxfGJ37hoxOZ4A_6v_tqmn-VJPp70zKscapXKeCHSW6fiG0XCjeA2DPBqwmUruYawPex80ha0bNZd4_4QJJdIbX7B6XNpLgGhGlvJnh30etQtAMiaDjW_-B3xrWehXXEW2WEZoXzZ&google_hm=NGZhc09BbDlXdUc=&suid-set=1
Request Chain 350
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEAL9euE2ZSGLtujGjAqLe8s&google_cver=1&google_push=ASkJ3FYa_eHoBZscgFIlTTFW_BXf7ybpTSR7ejeSxAdsinGNaHmmTiAx3KumOgsc7o6i4osUaFQ8G-A0Z3xFK2xVHnTmYF-waRjNWh7Z6yk0sq-hpUaz_8uLQNMfKnCj8C_rT3phNQtzOVSI06z2Oq-e3ubW HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABhOBxrkjba1uh_qAFP9xI4LV-KmkpsF-sqg&google_push=ASkJ3FYa_eHoBZscgFIlTTFW_BXf7ybpTSR7ejeSxAdsinGNaHmmTiAx3KumOgsc7o6i4osUaFQ8G-A0Z3xFK2xVHnTmYF-waRjNWh7Z6yk0sq-hpUaz_8uLQNMfKnCj8C_rT3phNQtzOVSI06z2Oq-e3ubW HTTP 302
  • https://onetag-sys.com/match/?int_id=19&google_error=5
Request Chain 355
  • https://v9999.adv.admeme.net/drtb/n?google_gid=CAESEHGwHnEhPiVN1tSAdTBMUW4&google_cver=1&google_push=ASkJ3FbmVUH7UfBpBIulh27wBAy5BAwKPvwLfj7FLeDKc0FeLXbUFTGyT6-j2IOO8Ryenqv3HD48mDPxRVACRBXHeRWWnoAMCed6jgZ5qwvAOBoyc_OwvSk25vWN3IX4pW81DL5G8ye-4WwfbBH5vLwuudk HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=kpis&google_push=ASkJ3FbmVUH7UfBpBIulh27wBAy5BAwKPvwLfj7FLeDKc0FeLXbUFTGyT6-j2IOO8Ryenqv3HD48mDPxRVACRBXHeRWWnoAMCed6jgZ5qwvAOBoyc_OwvSk25vWN3IX4pW81DL5G8ye-4WwfbBH5vLwuudk
Request Chain 356
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEP6f-ephM0AAEq0EuVyAHPw&google_cver=1&google_push=ASkJ3FZu2Sx3b_dqZwXeaBgea33dnhagWMnyZMaYwKqV_uVAPv2TtKsbtnpuCqQ4pAAoeoOyGzoYrthh_jKHttmG56v5PeP4y10Au7M1YbQd2guFpkdUBKv5-GNnxuIN25o9kg1qiUJl_YmBLiQLPm1MdQQ HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEP6f-ephM0AAEq0EuVyAHPw&google_cver=1&google_push=ASkJ3FZu2Sx3b_dqZwXeaBgea33dnhagWMnyZMaYwKqV_uVAPv2TtKsbtnpuCqQ4pAAoeoOyGzoYrthh_jKHttmG56v5PeP4y10Au7M1YbQd2guFpkdUBKv5-GNnxuIN25o9kg1qiUJl_YmBLiQLPm1MdQQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzE2MzUyMzgxODA5NzgyNDM1Mw&google_push=ASkJ3FZu2Sx3b_dqZwXeaBgea33dnhagWMnyZMaYwKqV_uVAPv2TtKsbtnpuCqQ4pAAoeoOyGzoYrthh_jKHttmG56v5PeP4y10Au7M1YbQd2guFpkdUBKv5-GNnxuIN25o9kg1qiUJl_YmBLiQLPm1MdQQ
Request Chain 357
  • https://tg.socdm.com/rtb/sync_before?proto=google_ebda&google_gid=CAESELRD02qtk1d-nY4oW3PAKM8&google_cver=1&google_push=ASkJ3FZLRXaVTGeDR7jY6GTg_B85GGzKkRucE3l7SoN1LW79nqgqjIwNOrwie6m30kC85ohD-mgbXvj6IorOgRWtB3Dw-g2DQHjqMj4PVRWGXv9AU1TfaHPl_rPOmb7dfag0hXN0FgDN65xeqSaBD5aR8w HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=ASkJ3FZLRXaVTGeDR7jY6GTg_B85GGzKkRucE3l7SoN1LW79nqgqjIwNOrwie6m30kC85ohD-mgbXvj6IorOgRWtB3Dw-g2DQHjqMj4PVRWGXv9AU1TfaHPl_rPOmb7dfag0hXN0FgDN65xeqSaBD5aR8w&google_hm=WTQxcy5jQ284WDRBQURiMmNVd0FBQUFB
Request Chain 358
  • https://b1sync.zemanta.com/usersync/googleopenbidding/?google_gid=CAESEEGAt21DEg4ifbH7gSX86PI&google_cver=1&google_push=ASkJ3FYp8ZpmQbrv3dOcDshkBQZdoCmRRmLMrHoIUt7eAtCZuXK2v5FEghpMrtUGCJXmPI-UluT5seV9YIhYc38PVtP1ZNj6SuRvz88ifbegIMF9aemIabpEbnLaUEmxNH2dAcJdgqH7eQVbA4Cc8wa5f6vB HTTP 302
  • https://b1sync.zemanta.com/usersync/googleopenbidding/?google_cver=1&google_gid=CAESEEGAt21DEg4ifbH7gSX86PI&google_push=ASkJ3FYp8ZpmQbrv3dOcDshkBQZdoCmRRmLMrHoIUt7eAtCZuXK2v5FEghpMrtUGCJXmPI-UluT5seV9YIhYc38PVtP1ZNj6SuRvz88ifbegIMF9aemIabpEbnLaUEmxNH2dAcJdgqH7eQVbA4Cc8wa5f6vB&s=2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=outbrain_eb&google_push=ASkJ3FYp8ZpmQbrv3dOcDshkBQZdoCmRRmLMrHoIUt7eAtCZuXK2v5FEghpMrtUGCJXmPI-UluT5seV9YIhYc38PVtP1ZNj6SuRvz88ifbegIMF9aemIabpEbnLaUEmxNH2dAcJdgqH7eQVbA4Cc8wa5f6vB&google_hm=LXZUdDNWeVEwNmM5MU5Ld0xlelA=
Request Chain 359
  • https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEIANxwiPamYgc8Qyqz7H1uk&google_cver=1&google_push=ASkJ3FaChepNFYC6UiqmCWZL9dDXtwNE2wQj_V1Cgq2_axIyo9AZf593NBuLbItCSAaoGbi0MZPMtbANaiv27vPrPbQ3scDRK4-ufJl7UeOyHy526Nb_ZKlEvweQjcoNyPUgrbKFSW1Dsh8OV2U6gzTeu0c HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=NTgwNjBmZjAtMjk1NC00OGRiLTliYTctZTc2NzI5NGYwMmEw&google_push=ASkJ3FaChepNFYC6UiqmCWZL9dDXtwNE2wQj_V1Cgq2_axIyo9AZf593NBuLbItCSAaoGbi0MZPMtbANaiv27vPrPbQ3scDRK4-ufJl7UeOyHy526Nb_ZKlEvweQjcoNyPUgrbKFSW1Dsh8OV2U6gzTeu0c HTTP 302
  • https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Request Chain 360
  • https://trace.mediago.io/cs/google?google_gid=CAESEN3oh-4XMsasCTZZWhP5Spg&google_cver=1&google_push=ASkJ3FZIk4q-QDqrURdrKXH81RiRn0dRRU6EPru3PwC4DNw-5FU40DObVKoyV75D_HwpPJse88ZhBnd7zod7bjjdhu5IVdx61_fBT2UAxLtt5UoAWMLScEEqZv9Who2_vTpgt6WN_7yJLeh8FxMdpYHPZ05G HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=ASkJ3FZIk4q-QDqrURdrKXH81RiRn0dRRU6EPru3PwC4DNw-5FU40DObVKoyV75D_HwpPJse88ZhBnd7zod7bjjdhu5IVdx61_fBT2UAxLtt5UoAWMLScEEqZv9Who2_vTpgt6WN_7yJLeh8FxMdpYHPZ05G&google_hm=8d2ebe8ec156ad2dab11ea44d8c7f47b
Request Chain 361
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEF7GSPDPQBun-o61dlSa8qI&google_cver=1&google_push=ASkJ3FZLKXO9own2D2Tqe6DZ8v9fbSgF7iJCQqacUSNuEnVndaDCxOPxE5o3D64KKSgWbWMoQe7Xh1g3APh32QhVtB948Ujh46eWH7hJYYYIHM6DhT-tSar4NXJ_jFlFyNUefox3zhy-pS5hphnVuXJbQCDJ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=80b35f2d-fa1a-47da-9010-64e13e84dcaf&%%GOOGLE_PUSH_PAIR%%
Request Chain 371
  • https://s.ad.smaato.net/c/?adExInit=aps&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsmaato.com%26id%3D%24UID HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=smaato.com&id=22dd4858
Request Chain 372
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dmediagrid.com%26id%3D%24%7BBSW_UUID%7D?gdpr=0 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=mediagrid.com&id=80b35f2d-fa1a-47da-9010-64e13e84dcaf
Request Chain 373
  • https://csync.loopme.me/?pubid=11405&redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dloopme.com%26id%3D%7Bviewer_token%7D&gdpr=0 HTTP 307
  • https://s.amazon-adsystem.com/ecm3?ex=loopme.com&id=14974ed4-eda2-4b38-a1a2-d8ae1b305010&gdpr=0
Request Chain 374
  • https://cs.media.net/cksync?cs=31&type=tam&redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dmedia.net%26id%3D%3Cvsid%3E&gdpr=0 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=media.net&id=3132144571537921000V10
Request Chain 375
  • https://b1sync.zemanta.com/usersync/amazon_tam/?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Doutbrain.com%26id%3D__ZUID__&gdpr=0 HTTP 302
  • https://stags.bluekai.com/site/23178?id=3q4wdJKpE7SyyOK3pyGA&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS64ZOMFWWC6TPNYWWCZDTPFZXIZLNFZRW63JPMVRW2MZ7MV4D233VORRHEYLJNYXGG33NEZSXQY3IMFXGOZJ5MFWWC6TPNZPXIYLNEZTWI4DSHUYCM2LEHUZXCNDXMRFEW4CFG5JXS6KPJMZXA6KHIE&gdpr=0 HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS64ZOMFWWC6TPNYWWCZDTPFZXIZLNFZRW63JPMVRW2MZ7MV4D233VORRHEYLJNYXGG33NEZSXQY3IMFXGOZJ5MFWWC6TPNZPXIYLNEZTWI4DSHUYCM2LEHUZXCNDXMRFEW4CFG5JXS6KPJMZXA6KHIE HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=outbrain.com&gdpr=0&id=3q4wdJKpE7SyyOK3pyGA
Request Chain 381
  • https://ups.analytics.yahoo.com/ups/58251/sync?redir=true&gdpr=0 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS1JaE5XdlRCRTJ1S0VSWlFkZFRLeXRSOHpRZ2wwWTJ6VH5B&gdpr=0&gdpr_consent=
Request Chain 382
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID&gdpr=0 HTTP 302
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=1745046129942590647047
Request Chain 389
  • https://live.primis.tech/live/liveCS.php?source=external&pixel=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26mi%3D10%26dpi%3D793790479%263rddpi%3D1881119486%263rdpcid%3D4849656571711328320&advId=140&advUuid=4849656571711328320&gdpr=0&gdpr_consent= HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1881119486&3rdpcid=4849656571711328320 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156872&pu=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1402230080%26mi%3D10%26csh%3D793790479%26rnd%3D207672170%26pcid%3D%23PMUID HTTP 302
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=1402230080&mi=10&csh=396218182&rnd=1086430728&pcid=E0D49FB2-6484-443C-94BA-B894703FD7A2 HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1709765917%26mi%3D10%26csh%3D396218182%3B1402230080%26rnd%3D-604892248&pcid=$UID HTTP 302
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=1709765917&mi=10&csh=396218182;1402230080&rnd=-604892248&pcid=6665481102401954734 HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=200547&cb=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D201339086%26mi%3D10%26csh%3D396218182%3B1402230080%3B1709765917%26rnd%3D617384117%26pcid%3D__UID__
Request Chain 390
  • https://dis.criteo.com/dis/usersync.aspx?r=30&p=273&cp=smartortb&cu=1&url=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D79%26partneruserid%3D%40%40CRITEO_USERID%40%40&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=79&partneruserid=59cfaa82-d4c8-4b80-86e4-227c36b490f8&gdpr=0&gdpr_consent=
Request Chain 391
  • https://secure.adnxs.com/getuid?https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D86%26partneruserid%3D$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=86&partneruserid=6665481102401954734&gdpr=0&gdpr_consent=
Request Chain 392
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=smart-adserver&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=smart-adserver&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=75&issi=1&partneruserid=068165a1-9f84-469f-b0f4-06b7381834b8&gdpr=0&gdpr_consent=
Request Chain 393
  • https://cs.admanmedia.com/sync/smartadserver?us_privacy=&coppa=&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=130&partneruserid=308e1982-4100-4e40-b524-dff1790fca25
Request Chain 394
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP 302
  • https://usersync.gumgum.com/usersync?b=apn&i=6665481102401954734
Request Chain 395
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=a_9b4ef1cb-d190-408c-a686-af91f91e46ab&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=gumgum2 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=70&user_id=5872975480053967565&ssp=gumgum2 HTTP 302
  • https://usersync.gumgum.com/usersync?b=bsw&i=80b35f2d-fa1a-47da-9010-64e13e84dcaf
Request Chain 396
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sta&i=0-9701ef15-7d91-4f0f-6e8d-a9d41f58c730$ip$103.209.254.83
Request Chain 397
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=a_9b4ef1cb-d190-408c-a686-af91f91e46ab&gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__ HTTP 302
  • https://stags.bluekai.com/site/23178?id=X83YzngJ6wHyGWGfYQxs&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2WBYGNMXU3THJI3HOSDZI5LUOZSZKF4HG&gdpr=0 HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2WBYGNMXU3THJI3HOSDZI5LUOZSZKF4HG HTTP 302
  • https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=X83YzngJ6wHyGWGfYQxs
Request Chain 398
  • https://sync.1rx.io/usersync2/floor6?gdpr=0&gdpr_consent=&dspret=1&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3D%5BRX_UUID%5D HTTP 302
  • https://sync.1rx.io/usersync2/floor6?zcc=1&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3D%5BRX_UUID%5D&cb=1670212858248 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=1056154669 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/068165a1-9f84-469f-b0f4-06b7381834b8 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-41bfb3c0-28e7-4ac9-9b32-d4947a9f9983-004?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%3D%26piggybackCookie%3DRX-41bfb3c0-28e7-4ac9-9b32-d4947a9f9983-004 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-41bfb3c0-28e7-4ac9-9b32-d4947a9f9983-004 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Request Chain 399
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
  • https://usersync.gumgum.com/usersync?b=pln&i=86xgmJnBwVKu&ev=1&pid=558355
Request Chain 400
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%28IOCV50xEu3Fg2RC6dnmJRNsBXbb3PioS4mlKbco284xwO2nFq0mzseKDq_RJk86v%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28IOCV50xEu3Fg2RC6dnmJRNsBXbb3PioS4mlKbco284xwO2nFq0mzseKDq_RJk86v%29 HTTP 302
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=a_9b4ef1cb-d190-408c-a686-af91f91e46ab&obuid=ENC(IOCV50xEu3Fg2RC6dnmJRNsBXbb3PioS4mlKbco284xwO2nFq0mzseKDq_RJk86v) HTTP 302
  • https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51 HTTP 302
  • https://u.openx.net/w/1.0/cm?id=00df9f64-6f67-4cae-aeb2-d951da52047c&r=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dopenx%26gdpr%3D%24GDPR_APPLIES%26gdpr_consent%3D%24CONSNT_STRING%26us_privacy%3D%24CCPA%26obUid%3DIOCV50xEu3Fg2RC6dnmJRNsBXbb3PioS4mlKbco284xwO2nFq0mzseKDq_RJk86v%26uid%3D HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=openx&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING&us_privacy=$CCPA&obUid=IOCV50xEu3Fg2RC6dnmJRNsBXbb3PioS4mlKbco284xwO2nFq0mzseKDq_RJk86v&uid=e14196e6-58a4-46c4-8830-23e46720d2b2
Request Chain 401
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=opx&i=a66d1b91-0f5f-436e-8c24-61a417cb14df
Request Chain 402
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=oth&i=y-lYuBz4pE2pd6kcrRRG_yyDnjPbn40.C3Uu9F~A
Request Chain 403
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=vnt&i=9d5687d6-919d-4b77-97c7-2b3fd3faba04
Request Chain 406
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=idi&i=cd598f42-a5b8-40e8-8d5f-5df0334cdb85
Request Chain 407
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sad&i=4849656571711328320
Request Chain 410
  • https://sync.inmobi.com/oRTB?gdpr_consent=&gdpr=0&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dinm%26i%3D%7BID5UID%7D HTTP 302
  • https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=0&callback=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dinm%26i%3D%7BID5UID%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=inm&i=ID5-70f4PuUAu4pmvfx3KZegmeBpNoTigHzi6KrL0cfyAw
Request Chain 412
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=ttd&i=068165a1-9f84-469f-b0f4-06b7381834b8
Request Chain 413
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2fusersync.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d HTTP 302
  • https://usersync.gumgum.com/usersync?b=mmh&i=b565638d-6cfa-4500-a279-97497957dfff&gdpr=0&gdpr_consent=
Request Chain 414
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=Y41s_QABnhlHqgAF HTTP 302
  • https://usersync.gumgum.com/usersync?b=atm&i=Y41s_QABnhlHqgAF&gdpr=0&gdpr_consent=&_test=Y41s_QABnhlHqgAF
Request Chain 417
  • https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
  • https://usersync.gumgum.com/usersync?b=sus&i=Y41s.cCo8X4AADb2cVwAAAAA
Request Chain 418
  • https://ssum-sec.casalemedia.com/usermatchredir?s=189872&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=iex&i=Y41s.eHz8VRrS6e3WWgVlgAA%264853
Request Chain 419
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1 HTTP 302
  • https://usersync.gumgum.com/usersync?b=rth&i=XxuXOxblioyknFouUq7k&pi=gumgum&tc=1
Request Chain 420
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=gumgum
Request Chain 427
  • https://yieldmo-match.dotomi.com/match/bounce/current?networkId=42851&version=1 HTTP 302
  • https://ads.yieldmo.com/sync?pn_id=eps&id=AQELAC3sQDkNZwIIf0aaAQEBAQE&expiration=1670299258
Request Chain 428
  • https://x.bidswitch.net/sync?ssp=yieldmo HTTP 302
  • https://pm.w55c.net/ping_match.gif?st=bidswitch&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D79%26user_id%3D_wfivefivec_%26expires%3D30%26ssp%3Dyieldmo%26bsw_param%3D80b35f2d-fa1a-47da-9010-64e13e84dcaf HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&st=bidswitch&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D79%26user_id%3D_wfivefivec_%26expires%3D30%26ssp%3Dyieldmo%26bsw_param%3D80b35f2d-fa1a-47da-9010-64e13e84dcaf HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=79&user_id=cdLMNgQe1P22F45&expires=30&ssp=yieldmo&bsw_param=80b35f2d-fa1a-47da-9010-64e13e84dcaf HTTP 302
  • https://ads.yieldmo.com/sync?userid=80b35f2d-fa1a-47da-9010-64e13e84dcaf&pn_id=bsw&extinit=&gdpr=&gdpr_consent=
Request Chain 429
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=yieldmo&ttd_tpi=1&ttd_puid=gd93c4265451b191a719 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=yieldmo&ttd_tpi=1&ttd_puid=gd93c4265451b191a719 HTTP 302
  • https://ads.yieldmo.com/v000/sync?tdid=5cf6b0ca-1cd5-485e-b82f-4f101a2389ad
Request Chain 430
  • https://pixel-apac.rubiconproject.com/exchange/sync.php?p=yieldmo HTTP 302
  • https://ads.yieldmo.com/sync?pn_id=rc&id=LBA9LY0O-6-E4O5
Request Chain 431
  • https://rtb.mfadsrvr.com/sync?ssp=yieldmo HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=yieldmo HTTP 302
  • https://ads.yieldmo.com/v000/sync?pn_id=mf&userid=3b5056a7-1fff-4313-ba69-a8208f0d3fb8&gdpr=&gdpr_pd=&gdpr_consent=
Request Chain 433
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=1 HTTP 302
  • https://sync.srv.stackadapt.com/sync?nid=15 HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=f832af09fdaea37e940528ab&source_user_id=0-db6f2f01-fc68-43f5-5e47-61f06dae94cd$ip$103.209.254.83
Request Chain 434
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=2 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=068165a1-9f84-469f-b0f4-06b7381834b8&gdpr=0&gdpr_consent=
Request Chain 435
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=3 HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=8499&redir=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3Dk1jJghvBi79yX1NZ2sM5fXrm%26source_user_id%3D%24SPOTX_USER_ID HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=k1jJghvBi79yX1NZ2sM5fXrm&source_user_id=6a0ea1e7-7451-11ed-a4dc-15930aea0007
Request Chain 436
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=4 HTTP 302
  • https://pixel.rubiconproject.com/exchange/sync.php?p=18694&gdpr=0&gdpr_consent= HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LBA9LY0O-6-E4O5&gdpr=0
Request Chain 438
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:f6d2638d-6cfa-4600-979d-bfef3a19d8ab&gdpr=0&gdpr_consent=
Request Chain 439
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=Y41s_gAAAZViBgAp HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y41s_gAAAZViBgAp&gdpr=0&gdpr_consent=&_test=Y41s_gAAAZViBgAp
Request Chain 440
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6665481102401954734&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEIIUZvUHDUlIqYn_08wlweU&google_cver=1 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=1402230080&mi=10&csh=2023874098&rnd=1738078019&pcid=E0D49FB2-6484-443C-94BA-B894703FD7A2 HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1709765917%26mi%3D10%26csh%3D2023874098%3B1402230080%26rnd%3D1577035710&pcid=$UID HTTP 302
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=1709765917&mi=10&csh=2023874098;1402230080&rnd=1577035710&pcid=6665481102401954734 HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=200547&cb=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D201339086%26mi%3D10%26csh%3D2023874098%3B1402230080%3B1709765917%26rnd%3D-883940829%26pcid%3D__UID__
Request Chain 441
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=418xauMPbzj4Cjk_sFUkPedaaD34Djo3sFhnxaeZ HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEIIUZvUHDUlIqYn_08wlweU&google_cver=1 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=1402230080&mi=10&csh=2023874098&rnd=1738078019&pcid=E0D49FB2-6484-443C-94BA-B894703FD7A2 HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1709765917%26mi%3D10%26csh%3D2023874098%3B1402230080%26rnd%3D-972834876&pcid=$UID HTTP 302
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=1709765917&mi=10&csh=2023874098;1402230080&rnd=-972834876&pcid=6665481102401954734 HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=200547&cb=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D201339086%26mi%3D10%26csh%3D2023874098%3B1402230080%3B1709765917%26rnd%3D-1526334505%26pcid%3D__UID__
Request Chain 442
  • https://cm.ambientdsp.com/cm/send?vc=pmj HTTP 301
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=y2gqwq7qgks
Request Chain 444
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=WdjVO0KjT7ZAjBdxTKHkrGfR_lM
Request Chain 445
  • https://gocm.c.appier.net/pubmatic HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=rfSoucguAf6m1BWJ-myNYw
Request Chain 448
  • https://ipac.ctnsnet.com/int/cm?exc=14&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA%3D%26piggybackCookie%3D%5Buser_id%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=a2273aa33a5240feaece75fe068f72ad
Request Chain 450
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:ZaOUeCgq1P22F45&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:D2890877A16842FBAB5E0498421370CE
Request Chain 451
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.1rx.io/usersync2/pubmatic?zcc=1&cb=1670212858248 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=1827403459 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/068165a1-9f84-469f-b0f4-06b7381834b8 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-41bfb3c0-28e7-4ac9-9b32-d4947a9f9983-004?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%3D%26piggybackCookie%3DRX-41bfb3c0-28e7-4ac9-9b32-d4947a9f9983-004 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-41bfb3c0-28e7-4ac9-9b32-d4947a9f9983-004 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Request Chain 452
  • https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.adgrx.com/bridge.gif?AG_PID=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=6ce4c71e-7451-11ed-bbbe-cf973f2c79ff HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:D2890877A16842FBAB5E0498421370CE HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/pubmatic/E0D49FB2-6484-443C-94BA-B894703FD7A2?gdpr=0&gdpr_consent=
Request Chain 454
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Request Chain 456
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}&gdpr=0&gdpr_consent= HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={viewer_token}&gdpr=0
Request Chain 457
  • https://live.primis.tech/live/liveCS.php?source=external&advId=91&advUuid=5735DD26-16E9-40CB-8EFF-8A5983153CA5 HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=1402230080&pcid=5735DD26-16E9-40CB-8EFF-8A5983153CA5 HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1709765917%26mi%3D10%26csh%3D1402230080%26rnd%3D-1340626951&pcid=$UID HTTP 302
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=1709765917&mi=10&csh=1402230080&rnd=-1340626951&pcid=6665481102401954734 HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=200547&cb=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D201339086%26mi%3D10%26csh%3D1402230080%3B1709765917%26rnd%3D1409321288%26pcid%3D__UID__
Request Chain 458
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=VzXdJhbpQMuO_4pZgxU8pQ%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 459
  • https://idsync.rlcdn.com/420486.gif?partner_uid=5735DD26-16E9-40CB-8EFF-8A5983153CA5 HTTP 307
  • https://idsync.rlcdn.com/1000.gif?memo=CIbVGRIwCiwIARCMowEaJDU3MzVERDI2LTE2RTktNDBDQi04RUZGLThBNTk4MzE1M0NBNRAAGg0I-tm1nAYSBQjoBxAAQgBKAA HTTP 307
  • https://pippio.com/api/sync?pid=5324&it=1&iv=181160e617ffde46af6591d0c49cb516234176405c4ddb3ed346b708a17f16a1791426b5417dce21&_=2 HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlAxODExNjBlNjE3ZmZkZTQ2YWY2NTkxZDBjNDljYjUxNjIzNDE3NjQwNWM0ZGRiM2VkMzQ2YjcwOGExN2YxNmExNzkxNDI2YjU0MTdkY2UyMRAAGgwI-9m1nAYSBAgCEABCAEoA HTTP 302
  • https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlAxODExNjBlNjE3ZmZkZTQ2YWY2NTkxZDBjNDljYjUxNjIzNDE3NjQwNWM0ZGRiM2VkMzQ2YjcwOGExN2YxNmExNzkxNDI2YjU0MTdkY2UyMRAAGgwI-9m1nAYSBAgCEABCAEoA&google_gid=CAESEIaOCrgEEg5q3fylEk40Uzs&google_cver=1 HTTP 307
  • https://tags.rd.linksynergy.com/rcs?ns=lr&uid3= HTTP 303
  • https://idsync.rlcdn.com/458249.gif?partner_uid=f59e36ba-68cc-456c-af9a-d2ce6d2a44ad
Request Chain 460
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=af57638d-6cfa-4600-8909-94e1f1deb2d9
Request Chain 461
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NTczNUREMjYtMTZFOS00MENCLThFRkYtOEE1OTgzMTUzQ0E1&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEIIUZvUHDUlIqYn_08wlweU&google_cver=1 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=1402230080&mi=10&csh=2023874098&rnd=1738078019&pcid=E0D49FB2-6484-443C-94BA-B894703FD7A2 HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1709765917%26mi%3D10%26csh%3D2023874098%3B1402230080%26rnd%3D-895941051&pcid=$UID HTTP 302
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=1709765917&mi=10&csh=2023874098;1402230080&rnd=-895941051&pcid=6665481102401954734 HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=200547&cb=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D201339086%26mi%3D10%26csh%3D2023874098%3B1402230080%3B1709765917%26rnd%3D-1715534168%26pcid%3D__UID__
Request Chain 462
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEIIUZvUHDUlIqYn_08wlweU&google_cver=1 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEIIUZvUHDUlIqYn_08wlweU&google_cver=1 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=068165a1-9f84-469f-b0f4-06b7381834b8&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/pubmatic/E0D49FB2-6484-443C-94BA-B894703FD7A2?gdpr=0&gdpr_consent=
Request Chain 463
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:D2890877A16842FBAB5E0498421370CE HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEIIUZvUHDUlIqYn_08wlweU&google_cver=1 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=1402230080&mi=10&csh=2023874098&rnd=1738078019&pcid=E0D49FB2-6484-443C-94BA-B894703FD7A2 HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1709765917%26mi%3D10%26csh%3D2023874098%3B1402230080%26rnd%3D-1813794918&pcid=$UID HTTP 302
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=1709765917&mi=10&csh=2023874098;1402230080&rnd=-1813794918&pcid=6665481102401954734 HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=200547&cb=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D201339086%26mi%3D10%26csh%3D2023874098%3B1402230080%3B1709765917%26rnd%3D-1764298501%26pcid%3D__UID__
Request Chain 465
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=068165a1-9f84-469f-b0f4-06b7381834b8&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEIIUZvUHDUlIqYn_08wlweU&google_cver=1 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=1402230080&mi=10&csh=2023874098&rnd=1738078019&pcid=E0D49FB2-6484-443C-94BA-B894703FD7A2 HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1709765917%26mi%3D10%26csh%3D2023874098%3B1402230080%26rnd%3D-223881882&pcid=$UID HTTP 302
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=1709765917&mi=10&csh=2023874098;1402230080&rnd=-223881882&pcid=6665481102401954734 HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=200547&cb=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D201339086%26mi%3D10%26csh%3D2023874098%3B1402230080%3B1709765917%26rnd%3D1412699242%26pcid%3D__UID__
Request Chain 466
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=5872975480053967565 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEIIUZvUHDUlIqYn_08wlweU&google_cver=1 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=1402230080&mi=10&csh=2023874098&rnd=1738078019&pcid=E0D49FB2-6484-443C-94BA-B894703FD7A2 HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1709765917%26mi%3D10%26csh%3D2023874098%3B1402230080%26rnd%3D-1288352802&pcid=$UID HTTP 302
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=1709765917&mi=10&csh=2023874098;1402230080&rnd=-1288352802&pcid=6665481102401954734 HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=200547&cb=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D201339086%26mi%3D10%26csh%3D2023874098%3B1402230080%3B1709765917%26rnd%3D604967299%26pcid%3D__UID__
Request Chain 467
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=5735DD26-16E9-40CB-8EFF-8A5983153CA5&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-jXnKUURE2uWSfjsi6cGASSv4d3RgAY4-~A&gdpr=0&gdpr_consent=
Request Chain 468
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic HTTP 302
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=029b5057-f717-47ce-a128-be417c5799c1&ssp=pubmatic HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=80b35f2d-fa1a-47da-9010-64e13e84dcaf&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 469
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3034912127337643283&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 470
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=5735DD26-16E9-40CB-8EFF-8A5983153CA5&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AQELAC3sQDkNZwIIf0aaAQEBAQE&expiration=1670299258&nuid=5735DD26-16E9-40CB-8EFF-8A5983153CA5&gdpr_consent=&gdpr=0
Request Chain 471
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=6665481102401954734
Request Chain 472
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=a9us&gdpr=0&gdpr=0&us_privacy=1---&khaos=LBA9LY0O-6-E4O5 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=LBA9LY0O-6-E4O5&ex=d-rubiconproject.com&status=ok&gdpr=0&us_privacy=1---
Request Chain 474
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=8-ni5WZXQs2aP-aytsmJew&rk=usync-na&gdpr=0 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=8-ni5WZXQs2aP-aytsmJew&gdpr=0
Request Chain 475
  • https://token.rubiconproject.com/token?pid=36584&gdpr=0&us_privacy=1--- HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LBA9LY0O-6-E4O5&gdpr=0&us_privacy=1---
Request Chain 476
  • https://match.adsrvr.org/track/cmf/rubicon?gdpr=0&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=068165a1-9f84-469f-b0f4-06b7381834b8&gdpr=0&gdpr_consent=&expires=30
Request Chain 477
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr=0&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESELftpVW2u1JHsUiyvWoChK0&google_cver=1
Request Chain 478
  • https://token.rubiconproject.com/token?pid=25470&gdpr=0&us_privacy=1--- HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEJBOUxZME8tNi1FNE81&gdpr=0&us_privacy=1---
Request Chain 479
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=0&us_privacy=1--- HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/ciJ83_Bh4G9NKcFDGLMQBA?csrc=&gdpr=0&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-1ZBPcCtE2oJLOcocx5JFiyQsbJBlVRD8ygqdnQ--~A
Request Chain 481
  • https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=0&us_privacy=1--- HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NzkyOTRjMmI4ZmY5MGE5ZjYyYTIzNTljZWQ3ZDdlZDlkMDYyZWE0ZQ&gdpr=0&us_privacy=1---
Request Chain 493
  • https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&gdpr_consent=undefined&gdpr=0&us_privacy=1---&khaos=LBA9LY0O-6-E4O5 HTTP 302
  • https://usersync.gumgum.com/usersync?b=mag&i=LBA9LY0O-6-E4O5&gdpr=0&gdpr_consent=undefined&us_privacy=1---
Request Chain 505
  • https://ad.turn.com/r/cs?pid=9&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=3034912127337643283&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 506
  • https://match.adsrvr.org/track/cmf/openx?oxid=5150bfe1-274a-7b38-eb5f-7149df9b1599&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=068165a1-9f84-469f-b0f4-06b7381834b8&ttd_puid=5150bfe1-274a-7b38-eb5f-7149df9b1599&gdpr=0&gdpr_consent=
Request Chain 507
  • https://tg.socdm.com/rtb/sync_before?proto=openx HTTP 302
  • https://jp-u.openx.net/w/1.0/sd?id=537072335&val=Y41s.cCo8X4AADb2cVwAAAAA
Request Chain 508
  • https://cr-p3.ladsp.com/cookiesender/3 HTTP 302
  • https://cr-p3.ladsp.com/cookiesender/3?cr=true HTTP 302
  • https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AYXO1Q6PrhK5ks8ADxwUw6ALE88AAAGE4HG5uA
Request Chain 510
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEN6Zezun9gVRIAzzmuzTOzY&google_cver=1
Request Chain 513
  • https://de.tynt.com/deb/v2?m=xch&rt=html&id=ahOcs-0hSr66bCaKj0P0Le&gdpr_consent=undefined&us_privacy=undefined HTTP 307
  • https://de.tynt.com/deb/v2?m=xch&rt=html&id=ahOcs-0hSr66bCaKj0P0Le&gdpr_consent=undefined&us_privacy=undefined&b=1
Request Chain 514
  • https://de.tynt.com/deb/v2?m=xch&rt=html&id=avU6sM0hSr66bCaKj0P0Le&gdpr_consent=undefined&us_privacy=undefined HTTP 307
  • https://de.tynt.com/deb/v2?m=xch&rt=html&id=avU6sM0hSr66bCaKj0P0Le&gdpr_consent=undefined&us_privacy=undefined&b=1
Request Chain 516
  • https://de.tynt.com/deb/v2?m=xch&rt=html&id=ampQeC0hSr66bCaKj0P0Le&gdpr_consent=undefined&us_privacy=undefined HTTP 307
  • https://de.tynt.com/deb/v2?m=xch&rt=html&id=ampQeC0hSr66bCaKj0P0Le&gdpr_consent=undefined&us_privacy=undefined&b=1
Request Chain 518
  • https://i.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072979&val=cdLMNgQe1P22F45
Request Chain 519
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=Y41s_gAAAZViBgAp
Request Chain 521
  • https://bk.r-ad.ne.jp/3/cs HTTP 302
  • https://jp-u.openx.net/w/1.0/sd?id=537097918&val=51n41001FBDGa007vg7D
Request Chain 525
  • https://rtb.openx.net/sync/dds HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=jgY13Y7MwhYNKz3-DIIvIw==&ox_sc=1&ox_init=1 HTTP 302
  • https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
Request Chain 527
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Fjp-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
  • https://jp-u.openx.net/w/1.0/sd?id=536872786&val=af57638d-6cfa-4600-8909-94e1f1deb2d9
Request Chain 528
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3658&xuid=068165a1-9f84-469f-b0f4-06b7381834b8&dongle=0cfd
Request Chain 529
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTc0NTA0NjEyOTk0MjU5MDY0NzA0Nw%3D%3D HTTP 302
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Request Chain 530
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESECu7iSt0IB-Er9lmTlqtlAc&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Request Chain 531
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTc0NTA0NjEyOTk0MjU5MDY0NzA0Nw%3D%3D
Request Chain 532
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=1745046129942590647047&dbredirect=true&gdpr=0&consent= HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=1745046129942590647047&dbredirect=true&gdpr=0&consent=&cookiesTest=true HTTP 302
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=03860c1b-ec57-440a-96ae-1c1814739080&_noobservation=1 HTTP 302
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=03860c1b-ec57-440a-96ae-1c1814739080&_noobservation=1&_expected_cookie=1d44c8a39722770ede66b8d4b97454b0
Request Chain 533
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=1745046129942590647047&gdpr=0&gdpr_consent= HTTP 302
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=triplelift HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=029b5057-f717-47ce-a128-be417c5799c1&ssp=triplelift HTTP 302
  • https://eb2.3lift.com/xuid?mid=2409&xuid=80b35f2d-fa1a-47da-9010-64e13e84dcaf&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 534
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/1745046129942590647047?gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-K3Pz_O5E2oSS5EU3Rl73wTmAO0adJgmaoYa5uX9RJg--~A&dongle=0883
Request Chain 537
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3335&xuid=6665481102401954734&dongle=4d58&gdpr=0&gdpr_consent=
Request Chain 542
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:af57638d-6cfa-4600-8909-94e1f1deb2d9&gdpr=0&gdpr_consent=
Request Chain 543
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y41s_gAAAZViBgAp&gdpr=0&gdpr_consent=
Request Chain 544
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6665481102401954734&gdpr=0&gdpr_consent=
Request Chain 545
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=418xauMPbzj4Cjk_sFUkPedaaD34Djo3sFhnxaeZ
Request Chain 546
  • https://cm.ambientdsp.com/cm/send?vc=pmj HTTP 301
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=y2gqwq7qgks
Request Chain 547
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=5872975480053967565
Request Chain 549
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=E0D49FB2-6484-443C-94BA-B894703FD7A2&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=E0D49FB2-6484-443C-94BA-B894703FD7A2&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 551
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=E0D49FB2-6484-443C-94BA-B894703FD7A2 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=99425b1c-5be5-4b55-8e5e-c77148467017%252C&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=068165a1-9f84-469f-b0f4-06b7381834b8&ttd_puid=99425b1c-5be5-4b55-8e5e-c77148467017%2C
Request Chain 554
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Request Chain 555
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=228vAfxoQ_VeR2Hwba6UzWfR_lM
Request Chain 556
  • https://gocm.c.appier.net/pubmatic HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=rfSoucguAf6m1BWJ-myNYw
Request Chain 558
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=6665481102401954734
Request Chain 561
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=E0D49FB2-6484-443C-94BA-B894703FD7A2&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-jXnKUURE2uWSfjsi6cGASSv4d3RgAY4-~A&gdpr=0&gdpr_consent=
Request Chain 562
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=80b35f2d-fa1a-47da-9010-64e13e84dcaf HTTP 302
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=80b35f2d-fa1a-47da-9010-64e13e84dcaf HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=20470e5d-92e1-47e0-8a10-72bf805a3624&user_group=1&ssp=pubmatic&bsw_param=80b35f2d-fa1a-47da-9010-64e13e84dcaf HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=80b35f2d-fa1a-47da-9010-64e13e84dcaf&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 563
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3034912127337643283&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 564
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=E0D49FB2-6484-443C-94BA-B894703FD7A2&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AQELAC3sQDkNZwIIf0aaAQEBAQE&expiration=1670299260&nuid=E0D49FB2-6484-443C-94BA-B894703FD7A2&gdpr_consent=&gdpr=0
Request Chain 565
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=33across&endpoint=us-east&us_privacy= HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Request Chain 566
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1670212860819.5&ri=70&ru=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fcm%3Fid%3Dc6a5ba0d-ce02-41bd-a1ea-842c68bd5108%26ph%3D8f5ed5d4-642c-4222-968a-d709c87ac3c8%26us_privacy%3D%24%7BUS_PRIVACY%7D%26r%3Dhttps%253A%252F%252Fevents-ssc.33across.com%252Fmatch%253Fliv%253Dg%2526us_privacy%253D%24%7BUS_PRIVACY%7D%2526bidder_id%253D70%2526external_user_id%253D HTTP 302
  • https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Request Chain 567
  • https://x.bidswitch.net/sync?ssp=the33across&us_privacy= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=the33across&bsw_param=80b35f2d-fa1a-47da-9010-64e13e84dcaf&google_hm=ODBiMzVmMmQtZmExYS00N2RhLTkwMTAtNjRlMTNlODRkY2Fm HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEJuheWNJR6sgxF2I_wa7HjA&google_cver=1&ssp=the33across&bsw_param=80b35f2d-fa1a-47da-9010-64e13e84dcaf HTTP 302
  • https://ssc-cms.33across.com/ps/?xi=10&us_privacy=&xu=80b35f2d-fa1a-47da-9010-64e13e84dcaf HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=10&external_user_id=80b35f2d-fa1a-47da-9010-64e13e84dcaf&ts=1670212862&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 568
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1670212860819.3&ri=1&ru=https%3A%2F%2Fsync.mathtag.com%2Fsync%2Fimg%3Fus_privacy%3D%24%7BUS_PRIVACY%7D%26mt_exid%3D73%26redir%3Dhttps%253A%252F%252Fevents-ssc.33across.com%252Fmatch%253Fliv%253Dg%2526us_privacy%253D%24%7BUS_PRIVACY%7D%2526bidder_id%253D1%2526external_user_id%253D%255BMM_UUID%255D HTTP 302
  • https://sync.mathtag.com/sync/img?us_privacy=&mt_exid=73&redir=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D1%26external_user_id%3D%5BMM_UUID%5D HTTP 302
  • https://events-ssc.33across.com/match?liv=g&us_privacy=&bidder_id=1&external_user_id=af57638d-6cfa-4600-8909-94e1f1deb2d9
Request Chain 569
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=104&us_privacy=&redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fus_privacy%3D%26xi%3D45%26xu%3D%7BuserId%7D HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=104&us_privacy=&redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fus_privacy%3D%26xi%3D45%26xu%3D%7BuserId%7D HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=590893b0-074c-4b82-8fa8-43a492b763bd-638d6cfd-4155&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3D590893b0-074c-4b82-8fa8-43a492b763bd-638d6cfd-4155%26partner_url%3Dhttps%253A%252F%252Fssc-cms.33across.com%252Fps%252F%253Fus_privacy%253D%2526xi%253D45%2526xu%253D590893b0-074c-4b82-8fa8-43a492b763bd-638d6cfd-4155 HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=590893b0-074c-4b82-8fa8-43a492b763bd-638d6cfd-4155&partner_url=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fus_privacy%3D%26xi%3D45%26xu%3D590893b0-074c-4b82-8fa8-43a492b763bd-638d6cfd-4155 HTTP 302
  • https://ssc-cms.33across.com/ps/?us_privacy=&xi=45&xu=590893b0-074c-4b82-8fa8-43a492b763bd-638d6cfd-4155 HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=45&external_user_id=590893b0-074c-4b82-8fa8-43a492b763bd-638d6cfd-4155&ts=1670212863&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 570
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1670212860819.6&ri=90&ru=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fevents-ssc.33across.com%252Fmatch%253Fliv%253Dg%2526us_privacy%253D%24%7BUS_PRIVACY%7D%2526bidder_id%253D90%2526external_user_id%253D%2524UID HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D90%26external_user_id%3D%24UID HTTP 302
  • https://events-ssc.33across.com/match?liv=g&us_privacy=&bidder_id=90&external_user_id=6665481102401954734
Request Chain 571
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=33across&endpoint=us-east&us_privacy= HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Request Chain 572
  • https://x.bidswitch.net/sync?ssp=the33across&us_privacy= HTTP 302
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=D41B0D84-4DB7-4D9C-81CC-3A497DB5D0A6&gdpr=&consent=&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D354%26user_id%3D%24%24visitor_cookie%24%24%26ssp%3Dthe33across%26bsw_param%3D80b35f2d-fa1a-47da-9010-64e13e84dcaf%26gdpr%3D%26consent%3D%26gdpr_pd%3D%26expires%3D7 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=354&user_id=79df575a921f4bf9ab94548f74082a5c&ssp=the33across&bsw_param=80b35f2d-fa1a-47da-9010-64e13e84dcaf&gdpr=&consent=&gdpr_pd=&expires=7 HTTP 302
  • https://ssc-cms.33across.com/ps/?xi=10&us_privacy=&xu=80b35f2d-fa1a-47da-9010-64e13e84dcaf HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=10&external_user_id=80b35f2d-fa1a-47da-9010-64e13e84dcaf&ts=1670212862&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 573
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1670212860819.3&ri=1&ru=https%3A%2F%2Fsync.mathtag.com%2Fsync%2Fimg%3Fus_privacy%3D%24%7BUS_PRIVACY%7D%26mt_exid%3D73%26redir%3Dhttps%253A%252F%252Fevents-ssc.33across.com%252Fmatch%253Fliv%253Dg%2526us_privacy%253D%24%7BUS_PRIVACY%7D%2526bidder_id%253D1%2526external_user_id%253D%255BMM_UUID%255D HTTP 302
  • https://sync.mathtag.com/sync/img?us_privacy=&mt_exid=73&redir=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D1%26external_user_id%3D%5BMM_UUID%5D HTTP 302
  • https://events-ssc.33across.com/match?liv=g&us_privacy=&bidder_id=1&external_user_id=af57638d-6cfa-4600-8909-94e1f1deb2d9
Request Chain 574
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=104&us_privacy=&redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fus_privacy%3D%26xi%3D45%26xu%3D%7BuserId%7D HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=104&us_privacy=&redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fus_privacy%3D%26xi%3D45%26xu%3D%7BuserId%7D HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=590893b0-074c-4b82-8fa8-43a492b763bd-638d6cfd-4155&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3D590893b0-074c-4b82-8fa8-43a492b763bd-638d6cfd-4155%26partner_url%3Dhttps%253A%252F%252Fssc-cms.33across.com%252Fps%252F%253Fus_privacy%253D%2526xi%253D45%2526xu%253D590893b0-074c-4b82-8fa8-43a492b763bd-638d6cfd-4155 HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=590893b0-074c-4b82-8fa8-43a492b763bd-638d6cfd-4155&partner_url=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fus_privacy%3D%26xi%3D45%26xu%3D590893b0-074c-4b82-8fa8-43a492b763bd-638d6cfd-4155 HTTP 302
  • https://ssc-cms.33across.com/ps/?us_privacy=&xi=45&xu=590893b0-074c-4b82-8fa8-43a492b763bd-638d6cfd-4155 HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=45&external_user_id=590893b0-074c-4b82-8fa8-43a492b763bd-638d6cfd-4155&ts=1670212863&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 575
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1670212860819.5&ri=70&ru=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fcm%3Fid%3Dc6a5ba0d-ce02-41bd-a1ea-842c68bd5108%26ph%3D8f5ed5d4-642c-4222-968a-d709c87ac3c8%26us_privacy%3D%24%7BUS_PRIVACY%7D%26r%3Dhttps%253A%252F%252Fevents-ssc.33across.com%252Fmatch%253Fliv%253Dg%2526us_privacy%253D%24%7BUS_PRIVACY%7D%2526bidder_id%253D70%2526external_user_id%253D HTTP 302
  • https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Request Chain 576
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1670212860819.6&ri=90&ru=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fevents-ssc.33across.com%252Fmatch%253Fliv%253Dg%2526us_privacy%253D%24%7BUS_PRIVACY%7D%2526bidder_id%253D90%2526external_user_id%253D%2524UID HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D90%26external_user_id%3D%24UID HTTP 302
  • https://events-ssc.33across.com/match?liv=g&us_privacy=&bidder_id=90&external_user_id=6665481102401954734
Request Chain 577
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=33across&endpoint=us-east&us_privacy= HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Request Chain 578
  • https://x.bidswitch.net/sync?ssp=the33across&us_privacy= HTTP 302
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=D41B0D84-4DB7-4D9C-81CC-3A497DB5D0A6&gdpr=&consent=&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D354%26user_id%3D%24%24visitor_cookie%24%24%26ssp%3Dthe33across%26bsw_param%3D80b35f2d-fa1a-47da-9010-64e13e84dcaf%26gdpr%3D%26consent%3D%26gdpr_pd%3D%26expires%3D7 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=354&user_id=028f615ab32c49f38075170b398047c2&ssp=the33across&bsw_param=80b35f2d-fa1a-47da-9010-64e13e84dcaf&gdpr=&consent=&gdpr_pd=&expires=7 HTTP 302
  • https://ssc-cms.33across.com/ps/?xi=10&us_privacy=&xu=80b35f2d-fa1a-47da-9010-64e13e84dcaf HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=10&external_user_id=80b35f2d-fa1a-47da-9010-64e13e84dcaf&ts=1670212862&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 579
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1670212860819.3&ri=1&ru=https%3A%2F%2Fsync.mathtag.com%2Fsync%2Fimg%3Fus_privacy%3D%24%7BUS_PRIVACY%7D%26mt_exid%3D73%26redir%3Dhttps%253A%252F%252Fevents-ssc.33across.com%252Fmatch%253Fliv%253Dg%2526us_privacy%253D%24%7BUS_PRIVACY%7D%2526bidder_id%253D1%2526external_user_id%253D%255BMM_UUID%255D HTTP 302
  • https://sync.mathtag.com/sync/img?us_privacy=&mt_exid=73&redir=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D1%26external_user_id%3D%5BMM_UUID%5D HTTP 302
  • https://events-ssc.33across.com/match?liv=g&us_privacy=&bidder_id=1&external_user_id=af57638d-6cfa-4600-8909-94e1f1deb2d9
Request Chain 580
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=104&us_privacy=&redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fus_privacy%3D%26xi%3D45%26xu%3D%7BuserId%7D HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=104&us_privacy=&redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fus_privacy%3D%26xi%3D45%26xu%3D%7BuserId%7D HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=590893b0-074c-4b82-8fa8-43a492b763bd-638d6cfd-4155&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3D590893b0-074c-4b82-8fa8-43a492b763bd-638d6cfd-4155%26partner_url%3Dhttps%253A%252F%252Fssc-cms.33across.com%252Fps%252F%253Fus_privacy%253D%2526xi%253D45%2526xu%253D590893b0-074c-4b82-8fa8-43a492b763bd-638d6cfd-4155 HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=590893b0-074c-4b82-8fa8-43a492b763bd-638d6cfd-4155&partner_url=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fus_privacy%3D%26xi%3D45%26xu%3D590893b0-074c-4b82-8fa8-43a492b763bd-638d6cfd-4155 HTTP 302
  • https://ssc-cms.33across.com/ps/?us_privacy=&xi=45&xu=590893b0-074c-4b82-8fa8-43a492b763bd-638d6cfd-4155 HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=45&external_user_id=590893b0-074c-4b82-8fa8-43a492b763bd-638d6cfd-4155&ts=1670212863&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 581
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1670212860819.5&ri=70&ru=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fcm%3Fid%3Dc6a5ba0d-ce02-41bd-a1ea-842c68bd5108%26ph%3D8f5ed5d4-642c-4222-968a-d709c87ac3c8%26us_privacy%3D%24%7BUS_PRIVACY%7D%26r%3Dhttps%253A%252F%252Fevents-ssc.33across.com%252Fmatch%253Fliv%253Dg%2526us_privacy%253D%24%7BUS_PRIVACY%7D%2526bidder_id%253D70%2526external_user_id%253D HTTP 302
  • https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Request Chain 582
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1670212860819.6&ri=90&ru=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fevents-ssc.33across.com%252Fmatch%253Fliv%253Dg%2526us_privacy%253D%24%7BUS_PRIVACY%7D%2526bidder_id%253D90%2526external_user_id%253D%2524UID HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D90%26external_user_id%3D%24UID HTTP 302
  • https://events-ssc.33across.com/match?liv=g&us_privacy=&bidder_id=90&external_user_id=6665481102401954734
Request Chain 586
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?&rd=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D91%26partneruserid%3D%23PM_USER_ID%26gdpr%3DPM_GDPR%26gdpr_consent%3DPM_CONSENT&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=91&partneruserid=E0D49FB2-6484-443C-94BA-B894703FD7A2&gdpr=0&gdpr_consent=
Request Chain 587
  • https://a.audrte.com/get?p=M501991648&r=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D141%26partneruserid%3D$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=141&partneruserid=35iFTJ3VRT3TCm-lsZTFLIa-w
Request Chain 589
  • https://ipac.ctnsnet.com/int/cm?exc=14&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA%3D%26piggybackCookie%3D%5Buser_id%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=222be45c84fd46478d1c8288686c3634
Request Chain 591
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:cdLMNgQe1P22F45&gdpr=0&gdpr_consent=
Request Chain 592
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-41bfb3c0-28e7-4ac9-9b32-d4947a9f9983-004&rndcb=7245116160 HTTP 302
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=adconductor&bsw_custom_parameter=80b35f2d-fa1a-47da-9010-64e13e84dcaf HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=20470e5d-92e1-47e0-8a10-72bf805a3624&user_group=1&ssp=adconductor&bsw_param=80b35f2d-fa1a-47da-9010-64e13e84dcaf HTTP 302
  • https://sync.1rx.io/usersync/bidswitch/80b35f2d-fa1a-47da-9010-64e13e84dcaf?gdpr=&gdpr_consent= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-41bfb3c0-28e7-4ac9-9b32-d4947a9f9983-004
Request Chain 597
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}&gdpr=0&gdpr_consent= HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={viewer_token}&gdpr=0
Request Chain 598
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:D2890877A16842FBAB5E0498421370CE&gdpr=0&gdpr_consent=
Request Chain 602
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=33across&us_privacy=&gdpr_consent=undefined&gdpr=0&us_privacy=1---&khaos=LBA9LY0O-6-E4O5 HTTP 302
  • https://ssc-cms.33across.com/ps/?xi=1&xu=LBA9LY0O-6-E4O5&gdpr=0&gdpr_consent=undefined HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=30&external_user_id=LBA9LY0O-6-E4O5&ts=1670212862&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 604
  • https://j.mrpdata.net/c.html?ex=OpenX HTTP 302
  • https://j.mrpdata.net/c.html?ac=1&test=1&pd=IiJDEhk64oNJNGE8hhJnLaIH&ex=OpenX
Request Chain 605
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=4&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072977&val=590893b0-074c-4b82-8fa8-43a492b763bd-638d6cfd-4155&gdpr=0&gdpr_consent=
Request Chain 606
  • https://csync.loopme.me/?redirect=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D539270434%26val%3D%7Bdevice_id%7D HTTP 307
  • https://eu-u.openx.net/w/1.0/sd?id=539270434&val=14974ed4-eda2-4b38-a1a2-d8ae1b305010
Request Chain 607
  • https://x.bidswitch.net/sync?ssp=openx HTTP 302
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=80b35f2d-fa1a-47da-9010-64e13e84dcaf&ssp=openx&gdpr=&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2910&partner_device_id=10524349382118821030&gdpr=&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.visitorid%3D%24%7BTA_DEVICE_ID%7D%26ssp%3Dopenx%26gdpr_consent%3D%26gdpr%3D HTTP 302
  • https://odr.mookie1.com/t/v2?tagid=V2_948118&src.visitorid=99425b1c-5be5-4b55-8e5e-c77148467017&ssp=openx&gdpr_consent=&gdpr= HTTP 302
  • https://aa.agkn.com/adscores/g.pixel?sid=9212302828&puid=10524349382118821030&ssp=openx&gdpr=&gdpr_consent= HTTP 302
  • https://odr.mookie1.com/t/v2?tagid=V2_785409&src.visitorId=232363304356002906117&ssp=openx&gdpr=&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=419&user_id=10524349382118821030&ssp=openx&gdpr=&gdpr_consent= HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072968&val=80b35f2d-fa1a-47da-9010-64e13e84dcaf&gdpr=&gdpr_consent=
Request Chain 609
  • https://openx2-match.dotomi.com/match/bounce/current?networkId=15900&version=1&nuid={OX_USER_ID} HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072954&val=AQELAC3sQDkNZwIIf0aaAQEBAQE&expiration=1670299262&nuid={OX_USER_ID}
Request Chain 611
  • https://um.simpli.fi/ox_match HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072966&val=D2890877A16842FBAB5E0498421370CE
Request Chain 615
  • https://j.mrpdata.net/c.html?ex=OpenX HTTP 302
  • https://j.mrpdata.net/c.html?ac=1&test=1&pd=IiJDEhk64oNJNGE8hhJnLaIH&ex=OpenX
Request Chain 616
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=4&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072977&val=590893b0-074c-4b82-8fa8-43a492b763bd-638d6cfd-4155&gdpr=0&gdpr_consent=
Request Chain 617
  • https://csync.loopme.me/?redirect=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D539270434%26val%3D%7Bdevice_id%7D HTTP 307
  • https://eu-u.openx.net/w/1.0/sd?id=539270434&val=14974ed4-eda2-4b38-a1a2-d8ae1b305010
Request Chain 618
  • https://x.bidswitch.net/sync?ssp=openx HTTP 302
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=80b35f2d-fa1a-47da-9010-64e13e84dcaf&ssp=openx&gdpr=&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2910&partner_device_id=10524349382118821030&gdpr=&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.visitorid%3D%24%7BTA_DEVICE_ID%7D%26ssp%3Dopenx%26gdpr_consent%3D%26gdpr%3D HTTP 302
  • https://odr.mookie1.com/t/v2?tagid=V2_948118&src.visitorid=99425b1c-5be5-4b55-8e5e-c77148467017&ssp=openx&gdpr_consent=&gdpr= HTTP 302
  • https://aa.agkn.com/adscores/g.pixel?sid=9212302828&puid=10524349382118821030&ssp=openx&gdpr=&gdpr_consent= HTTP 302
  • https://odr.mookie1.com/t/v2?tagid=V2_785409&src.visitorId=232363304356002906117&ssp=openx&gdpr=&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=419&user_id=10524349382118821030&ssp=openx&gdpr=&gdpr_consent= HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072968&val=80b35f2d-fa1a-47da-9010-64e13e84dcaf&gdpr=&gdpr_consent=
Request Chain 620
  • https://openx2-match.dotomi.com/match/bounce/current?networkId=15900&version=1&nuid={OX_USER_ID} HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072954&val=AQELAC3sQDkNZwIIf0aaAQEBAQE&expiration=1670299262&nuid={OX_USER_ID}
Request Chain 622
  • https://um.simpli.fi/ox_match HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072966&val=D2890877A16842FBAB5E0498421370CE
Request Chain 625
  • https://ap.lijit.com/dsp/google/cookiematch/dv?gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=RncyUUNSWkh1M3YxcjdUelFXNnJUc0x3&gdpr=0
Request Chain 626
  • https://bh.contextweb.com/bh/rtset?pid=558511&ev=1&rurl=https%3A%2F%2Fce.lijit.com/merge?pid=49&3pid=%%VGUID%%&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=49&3pid=86xgmJnBwVKu&ev=1&pid=558511&gdpr_consent=&gdpr=0
Request Chain 627
  • https://sync.mathtag.com/sync/img?mt_exid=17&mt_exuid=Fw2QCRZHu3v1r7TzQW6rTsLw&redirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D3%263pid%3D%5BUUID%5D&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=3&3pid=af57638d-6cfa-4600-8909-94e1f1deb2d9&gdpr=0&gdpr_consent=
Request Chain 628
  • https://um.simpli.fi/lj_match?r=1670212861976&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=2&3pid=D2890877A16842FBAB5E0498421370CE
Request Chain 629
  • https://data.adsrvr.org/track/cmf/generic?ttd_pid=federatedmedia&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=27&3pid=068165a1-9f84-469f-b0f4-06b7381834b8&gdpr=0&gdpr_consent=
Request Chain 630
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D12%263pid%3D%24UID&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=12&3pid=6665481102401954734&gdpr=0&gdpr_consent=
Request Chain 631
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=23&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=590893b0-074c-4b82-8fa8-43a492b763bd-638d6cfd-4155&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3D590893b0-074c-4b82-8fa8-43a492b763bd-638d6cfd-4155%26partner_url%3Dhttps%253A%252F%252Fce.lijit.com%252Fmerge%253Fpid%253D16%25263pid%253D590893b0-074c-4b82-8fa8-43a492b763bd-638d6cfd-4155%2526gdpr%253D0%2526gdpr_consent%253D HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=590893b0-074c-4b82-8fa8-43a492b763bd-638d6cfd-4155&partner_url=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D16%263pid%3D590893b0-074c-4b82-8fa8-43a492b763bd-638d6cfd-4155%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://ce.lijit.com/merge?pid=16&3pid=590893b0-074c-4b82-8fa8-43a492b763bd-638d6cfd-4155&gdpr=0&gdpr_consent=
Request Chain 632
  • https://sync.1rx.io/usersync2/sovrn?gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-41bfb3c0-28e7-4ac9-9b32-d4947a9f9983-004&rndcb=6549138848 HTTP 302
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=adconductor&bsw_custom_parameter=80b35f2d-fa1a-47da-9010-64e13e84dcaf HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=20470e5d-92e1-47e0-8a10-72bf805a3624&user_group=1&ssp=adconductor&bsw_param=80b35f2d-fa1a-47da-9010-64e13e84dcaf HTTP 302
  • https://sync.1rx.io/usersync/bidswitch/80b35f2d-fa1a-47da-9010-64e13e84dcaf?gdpr=&gdpr_consent= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-41bfb3c0-28e7-4ac9-9b32-d4947a9f9983-004
Request Chain 633
  • https://creativecdn.com/cm-notify?pi=sovrn&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=86&3pid=XxuXOxblioyknFouUq7k&pi=sovrn&gdpr=0&gdpr_consent=
Request Chain 634
  • https://ap.lijit.com/dsp/google/cookiematch/beacon?gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_hm=RncyUUNSWkh1M3YxcjdUelFXNnJUc0x3&gdpr=0 HTTP 302
  • https://ap.lijit.com/dsp/google/reporting?gdpr=0
Request Chain 635
  • https://aorta.clickagy.com/pixel.gif?ch=185&cm=Fw2QCRZHu3v1r7TzQW6rTsLw&redir=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D84%263pid%3D%7Bvisitor_id%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=84&3pid=c:a0c7fadee91ba15a5e773a980232689a
Request Chain 636
  • https://cms.quantserve.com/pixel/p-CXt61zNBpKUt1.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=43&gdpr=0&gdpr_consent=&us_privacy=&3pid=6N5L0uiOFYDzi0OHu9RehezbEoXzj0CPu9mUEabj
Request Chain 637
  • https://x.bidswitch.net/sync?ssp=fmx&gdpr=0&gdpr_consent= HTTP 302
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=fmx&bsw_custom_parameter=80b35f2d-fa1a-47da-9010-64e13e84dcaf HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=20470e5d-92e1-47e0-8a10-72bf805a3624&user_group=1&ssp=fmx&bsw_param=80b35f2d-fa1a-47da-9010-64e13e84dcaf HTTP 302
  • https://ce.lijit.com/merge?pid=26&3pid=80b35f2d-fa1a-47da-9010-64e13e84dcaf&gdpr=&gdpr_consent=
Request Chain 638
  • https://rtb.mfadsrvr.com/sync?ssp=sovrn&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=87&3pid=3b5056a7-1fff-4313-ba69-a8208f0d3fb8
Request Chain 639
  • https://px.owneriq.net/eucm/p/sv?gdpr=0&gdpr_consent= HTTP 302
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fpx.owneriq.net%2ffr%2fepx.gif&uid=Q7234992621378133737&ref=%2Feucm%2Fp%2Fsv HTTP 302
  • https://px.owneriq.net/fr/epx.gif
Request Chain 640
  • https://match.prod.bidr.io/cookie-sync/svr?gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/svr?gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
  • https://ce.lijit.com/merge?pid=85&3pid=AAGMF07HGtoAACAyHa_sQQ&gdpr=0
Request Chain 642
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D92%263pid%3D%24UID&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=92&3pid=6665481102401954734&gdpr=0&gdpr_consent=
Request Chain 644
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=sovrn-onscroll&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=83&3pid=LBA9LY0O-6-E4O5&gdpr=0
Request Chain 645
  • https://p.rfihub.com/cm?in=1&pub=1827&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=10&3pid=1976306190318009741
Request Chain 646
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=sovrn&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=80&3pid=LBA9LY0O-6-E4O5&gdpr=0
Request Chain 647
  • https://d.turn.com/r/dd/id/L21rdC8xMjcvY2lkLzI4NTUyOTczL3QvMg/url/https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D1%263pid%3D%24!%7BTURN_UUID%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=1&3pid=3034912127337643283&gdpr=0&gdpr_consent=
Request Chain 652
  • https://j.mrpdata.net/c.html?ex=OpenX HTTP 302
  • https://j.mrpdata.net/c.html?ac=1&test=1&pd=IiJDEhk64oNJNGE8hhJnLaIH&ex=OpenX
Request Chain 653
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=4&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072977&val=590893b0-074c-4b82-8fa8-43a492b763bd-638d6cfd-4155&gdpr=0&gdpr_consent=
Request Chain 654
  • https://csync.loopme.me/?redirect=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D539270434%26val%3D%7Bdevice_id%7D HTTP 307
  • https://eu-u.openx.net/w/1.0/sd?id=539270434&val=14974ed4-eda2-4b38-a1a2-d8ae1b305010
Request Chain 655
  • https://x.bidswitch.net/sync?ssp=openx HTTP 302
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=openx&bsw_custom_parameter=80b35f2d-fa1a-47da-9010-64e13e84dcaf HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=20470e5d-92e1-47e0-8a10-72bf805a3624&user_group=1&ssp=openx&bsw_param=80b35f2d-fa1a-47da-9010-64e13e84dcaf HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072968&val=80b35f2d-fa1a-47da-9010-64e13e84dcaf&gdpr=&gdpr_consent=
Request Chain 657
  • https://openx2-match.dotomi.com/match/bounce/current?networkId=15900&version=1&nuid={OX_USER_ID} HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072954&val=AQELAC3sQDkNZwIIf0aaAQEBAQE&expiration=1670299262&nuid={OX_USER_ID}
Request Chain 659
  • https://um.simpli.fi/ox_match HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072966&val=D2890877A16842FBAB5E0498421370CE
Request Chain 663
  • https://ds.uncn.jp/ox/0/sync HTTP 302
  • https://jp-u.openx.net/w/1.0/sd?id=540741011&val=v_0dce8faa-4cdd-410c-b678-5953b1007568
Request Chain 664
  • https://dmp.brand-display.com/cm/api/openx HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=539237773&val=f62db374-c74e-a7ba-314d4366
Request Chain 665
  • https://sync.1rx.io/usersync/openx/c266af83-5cff-4953-bbb2-28a1792359e5 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-41bfb3c0-28e7-4ac9-9b32-d4947a9f9983-004?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%3D%26piggybackCookie%3DRX-41bfb3c0-28e7-4ac9-9b32-d4947a9f9983-004 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-41bfb3c0-28e7-4ac9-9b32-d4947a9f9983-004
Request Chain 666
  • https://ib.adnxs.com/getuid?https://us-u.openx.net/w/1.0/sd?id=537072399&val=$UID HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072399&val=6665481102401954734
Request Chain 668
  • https://cms.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=SWxtq0k8M_lSOWX-GmZ4_E1pNPxSPWb2Gmsr2XDx
Request Chain 671
  • https://cs.admanmedia.com/sync/smartadserver?us_privacy=&coppa=&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=130&partneruserid=308e1982-4100-4e40-b524-dff1790fca25
Request Chain 672
  • https://sync.mathtag.com/sync/img?mt_exid=39&redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D25%26partneruserid%3D%5BMM_UUID%5D&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=25&partneruserid=af57638d-6cfa-4600-8909-94e1f1deb2d9&gdpr=0&gdpr_consent=
Request Chain 673
  • https://sync-tm.everesttech.net/upi/pid/gjIEMT18?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D94%26partneruserid%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=94&partneruserid=Y41s_gAAAZViBgAp&gdpr=0&gdpr_consent=
Request Chain 674
  • https://match.sharethrough.com/universal/v1?supply_id=v5hJK9Sl&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=147&partneruserid=ef621820-2851-42b3-b428-eba03b4951ed&gdpr=0
Request Chain 675
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=139&partneruserid=0&redirurl=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3D98KUz37ype9D3X2sf9ovgeTt%26source_user_id%3DSMART_USER_ID&gdpr=0&gdpr_consent= HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=98KUz37ype9D3X2sf9ovgeTt&source_user_id=4849656571711328320&gdpr=0&gdpr_consent=
Request Chain 680
  • https://b1sync.zemanta.com/usersync/smart/?cb=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D116%26partneruserid%3D__ZUID__&gdpr=0&gdpr_consent= HTTP 302
  • https://stags.bluekai.com/site/23178?id=-vTt3VyQ06c91NKwLezP&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS64TUMIWWG43ZNZRS443NMFZHIYLEONSXE5TFOIXGG33NF5ZGKZDJOIXT6ZLYMNUGC3THMU6XG3LBOJ2CMZ3EOBZD2MBGNFZXG2J5GETHAYLSORXGK4TJMQ6TCMJWEZYGC4TUNZSXE5LTMVZGSZB5FV3FI5BTKZ4VCMBWMM4TCTSLO5GGK6SQ&gdpr=0 HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS64TUMIWWG43ZNZRS443NMFZHIYLEONSXE5TFOIXGG33NF5ZGKZDJOIXT6ZLYMNUGC3THMU6XG3LBOJ2CMZ3EOBZD2MBGNFZXG2J5GETHAYLSORXGK4TJMQ6TCMJWEZYGC4TUNZSXE5LTMVZGSZB5FV3FI5BTKZ4VCMBWMM4TCTSLO5GGK6SQ HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?gdpr=0&issi=1&partnerid=116&partneruserid=-vTt3VyQ06c91NKwLezP
Request Chain 681
  • https://gu.dyntrk.com/adx/sma/us.php?dynk=sma4rt4bt4fg&sspurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D69%26partneruserid%3DPARTNER_USER_ID%26gdpr%3D$GDPR%26gdpr_consent%3D$GDPR_CONSENT&gdpr=0&gdpr_consent= HTTP 302
  • https://gu.dyntrk.com/adx/sma/us.php?dynk=sma4rt4bt4fg&sspurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D69%26partneruserid%3DPARTNER_USER_ID%26gdpr%3D$GDPR%26gdpr_consent%3D$GDPR_CONSENT&gdpr=0&gdpr_consent=&prevuid=07030002_638d6d00bfc3b&knw= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=69&partneruserid=07030002_638d6d00bfc3b&gdpr=0&gdpr_consent=
Request Chain 682
  • https://match.prod.bidr.io/cookie-sync/sas?gdpr=0&gdpr_consent= HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAGMF07HGtoAACAyHa_sQQ&gdpr=0
Request Chain 683
  • https://eu-u.openx.net/w/1.0/cm?id=a547219b-814b-4e3e-8a4f-35c044fa1891&ph=ec81d0b7-c42e-4a42-b97a-9305af647d30&r=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D100%26partneruserid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=100&partneruserid=44d92819-b688-4454-accd-cf75f988ce5f
Request Chain 691
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=smart-adserver&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=75&issi=1&partneruserid=068165a1-9f84-469f-b0f4-06b7381834b8&gdpr=0&gdpr_consent=
Request Chain 692
  • https://c1.adform.net/serving/cookie/match?party=10&sspurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D22%26partneruserid%3DYOUR_USER_ID&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=22&partneruserid=5872975480053967565&gdpr=0&gdpr_consent=
Request Chain 693
  • https://x.bidswitch.net/sync?ssp=smartadserver&gdpr=0&gdpr_consent= HTTP 302
  • https://dsp.nrich.ai/bidswitch/sync?bidswitch_ssp_id=smartadserver&bsw_custom_parameter=80b35f2d-fa1a-47da-9010-64e13e84dcaf&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=283&user_id=a30bf635-4782-4800-a6f9-1aa79954b75b&expires=1&user_group=5&ssp=smartadserver&bsw_param=80b35f2d-fa1a-47da-9010-64e13e84dcaf HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=31&partneruserid=80b35f2d-fa1a-47da-9010-64e13e84dcaf&gdpr=&gdpr_consent=
Request Chain 694
  • https://s.ad.smaato.net/c/?adExInit=sas&redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D133%26partneruserid%3D$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=133&partneruserid=22dd4858
Request Chain 695
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=76&partneruserid=GOOGLE_HOSTED_SI&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmartrtb_dbm%26google_cm%26google_sc%26google_hm%3DSMART_USER_ID_B64&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smartrtb_dbm&google_cm&google_sc&google_hm=NDg0OTY1NjU3MTcxMTMyODMyMA==&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEGgZpVvSjzOCbiT6Hyk-ML8&gdpr=0&gdpr_consent=&google_cver=1
Request Chain 700
  • https://match.sharethrough.com/universal/v1?supply_id=v5hJK9Sl&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=147&partneruserid=ef621820-2851-42b3-b428-eba03b4951ed&gdpr=0
Request Chain 701
  • https://c1.adform.net/serving/cookie/match?party=10&sspurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D22%26partneruserid%3DYOUR_USER_ID&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=22&partneruserid=5872975480053967565&gdpr=0&gdpr_consent=
Request Chain 702
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=134&partneruserid=OB_OK&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmart_adserver_eb%26google_hm%3DSMART_USER_ID_B64&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_hm=NDg0OTY1NjU3MTcxMTMyODMyMA==&gdpr=0&gdpr_consent=
Request Chain 703
  • https://csync.loopme.me/?redirect=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D124%26partneruserid%3D%7Bdevice_id%7D&gdpr=0&gdpr_consent= HTTP 307
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=124&partneruserid=14974ed4-eda2-4b38-a1a2-d8ae1b305010&gdpr_consent=null&gdpr=0
Request Chain 704
  • https://sync.1rx.io/usersync2/smartadserver?gdpr=0&gdpr_consent= HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Fappnexus%2F2075%2F%24UID%3Fzcc%3D0%26sspret%3D1&rndcb=4803545878 HTTP 302
  • https://sync.1rx.io/usersync3/appnexus/2075/6665481102401954734?zcc=0&sspret=1&rndcb=4803545878 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-41bfb3c0-28e7-4ac9-9b32-d4947a9f9983-004?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fpartnerid%3D113%26partneruserid%3DRX-41bfb3c0-28e7-4ac9-9b32-d4947a9f9983-004 HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=113&partneruserid=RX-41bfb3c0-28e7-4ac9-9b32-d4947a9f9983-004
Request Chain 706
  • https://match.sharethrough.com/universal/v1?supply_id=v5hJK9Sl&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=147&partneruserid=ef621820-2851-42b3-b428-eba03b4951ed&gdpr=0
Request Chain 707
  • https://cs.admanmedia.com/sync/smartadserver?us_privacy=&coppa=&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=130&partneruserid=308e1982-4100-4e40-b524-dff1790fca25
Request Chain 708
  • https://match.prod.bidr.io/cookie-sync/sas?gdpr=0&gdpr_consent= HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAGMF07HGtoAACAyHa_sQQ&gdpr=0
Request Chain 709
  • https://demand.trafficroots.com/sync.php?partner=3379&redirect=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D137%26partneruserid%3D%7Btrafficroots_id%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=137&partneruserid=041d0c26d3&gdpr=0&gdpr_consent=
Request Chain 710
  • https://cms.quantserve.com/pixel/p-EtBqU4Lj3YbAv.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=80&gdpr=0&partneruserid=EbdISBHnFhoK4kAdQr1dHxWyER8K5kMVQrAmWmDU
Request Chain 714
  • https://c.clarity.ms/c.gif HTTP 302
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=8F9DD180F5424B4AB6DCC84E5F31667B&RedC=c.clarity.ms&MXFR=083CBDF5EAD86FED18D8AF84EED86170 HTTP 302
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=8F9DD180F5424B4AB6DCC84E5F31667B&MUID=364D75AA93EF600D195967DB928F61B4
Request Chain 720
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=smart-adserver&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=75&issi=1&partneruserid=068165a1-9f84-469f-b0f4-06b7381834b8&gdpr=0&gdpr_consent=
Request Chain 722
  • https://sync.adotmob.com/cookie/smart?r=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D66%26partneruserid%3D%7Bamob_user_id%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=66&partneruserid=087422040022369f79e4bc57&gdpr=0&gdpr_consent=

728 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
wegotthiscovered.com/ 		136 KB
25 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.52.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / WordPress VIP <https://wpvip.com>
Resource Hash
48820a19d18fa2b2e58662f993bbca5a69e59cd14d1ddbd26f06ba0dc6ae445d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
0
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=300, must-revalidate
cf-apo-via
origin,no-cache
cf-cache-status
BYPASS
cf-edge-cache
cache,platform=wordpress
cf-ray
7749e0881e22a880-SYD
content-encoding
br
content-type
text/html; charset=UTF-8
date
Mon, 05 Dec 2022 04:00:50 GMT
host-header
a9130478a60e5f9135f765b23f26593b
link
<https://wegotthiscovered.com/wp-json/>; rel="https://api.w.org/"
server
cloudflare
vary
Accept-Encoding
x-cache
miss
x-hacker
If you're reading this, you should visit wpvip.com/careers and apply to join the fun, mention this header.
x-powered-by
WordPress VIP <https://wpvip.com>
x-rq
syd3 0 4 9980
z7NFdQDnbTkabZAIOl9il_O6KJj73e7Ff0GmDuXMRw.woff2
fonts.gstatic.com/s/opensanscondensed/v15/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensanscondensed/v15/z7NFdQDnbTkabZAIOl9il_O6KJj73e7Ff0GmDuXMRw.woff2
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f94.1e100.net
Software
sffe /
Resource Hash
68116287d6b99feff98ad41fa01cdc251f12b52e253bab507ed2eaa7a363e2b5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wegotthiscovered.com/
Origin
https://wegotthiscovered.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Fri, 02 Dec 2022 11:17:33 GMT
x-content-type-options
nosniff
age
232998
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16256
x-xss-protection
0
last-modified
Thu, 10 Sep 2020 17:04:37 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 02 Dec 2023 11:17:33 GMT
z7NFdQDnbTkabZAIOl9il_O6KJj73e7Ff1GhDuXMRw.woff2
fonts.gstatic.com/s/opensanscondensed/v15/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensanscondensed/v15/z7NFdQDnbTkabZAIOl9il_O6KJj73e7Ff1GhDuXMRw.woff2
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f94.1e100.net
Software
sffe /
Resource Hash
d39403de1ec71ed2f8605a302c8255f0a13f426e05c7cfa4ecaf40aadb27c665
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wegotthiscovered.com/
Origin
https://wegotthiscovered.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 18:43:34 GMT
x-content-type-options
nosniff
age
33437
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14872
x-xss-protection
0
last-modified
Thu, 10 Sep 2020 17:02:50 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 04 Dec 2023 18:43:34 GMT
mem5YaGs126MiZpBA-UN_r8OUuhp.woff2
fonts.gstatic.com/s/opensans/v18/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UN_r8OUuhp.woff2
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f94.1e100.net
Software
sffe /
Resource Hash
f677ee2d82dfb11f08175f673cf3f065b0d5e491b4485e01259a492715c746e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wegotthiscovered.com/
Origin
https://wegotthiscovered.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 11:32:33 GMT
x-content-type-options
nosniff
age
577698
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14932
x-xss-protection
0
last-modified
Tue, 15 Sep 2020 18:09:21 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 28 Nov 2023 11:32:33 GMT
mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v18/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFVZ0b.woff2
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f94.1e100.net
Software
sffe /
Resource Hash
9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wegotthiscovered.com/
Origin
https://wegotthiscovered.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Thu, 01 Dec 2022 05:05:45 GMT
x-content-type-options
nosniff
age
341706
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14380
x-xss-protection
0
last-modified
Tue, 15 Sep 2020 18:09:22 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 01 Dec 2023 05:05:45 GMT
mem5YaGs126MiZpBA-UNirkOUuhp.woff2
fonts.gstatic.com/s/opensans/v18/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UNirkOUuhp.woff2
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f94.1e100.net
Software
sffe /
Resource Hash
1491de1b31182d38593bcf660c99bc6018af8e192d91663f67ec9d045a3b5ccc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wegotthiscovered.com/
Origin
https://wegotthiscovered.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 00:10:22 GMT
x-content-type-options
nosniff
age
186629
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14880
x-xss-protection
0
last-modified
Tue, 15 Sep 2020 18:09:47 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 03 Dec 2023 00:10:22 GMT
TK3IWkUHHAIjg75cFRf3bXL8LICs13Fv40pKlN4NNSeSASwcEWlWHYg.woff2
fonts.gstatic.com/s/oswald/v36/ 		23 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/oswald/v36/TK3IWkUHHAIjg75cFRf3bXL8LICs13Fv40pKlN4NNSeSASwcEWlWHYg.woff2
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f94.1e100.net
Software
sffe /
Resource Hash
81b683dd9d42cd417d7d9b29ab60b1d30c8f3b6d0cd6dde6587725805559a7d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wegotthiscovered.com/
Origin
https://wegotthiscovered.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 01:45:04 GMT
x-content-type-options
nosniff
age
526547
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24052
x-xss-protection
0
last-modified
Thu, 28 Jan 2021 20:31:25 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 29 Nov 2023 01:45:04 GMT
/
wegotthiscovered.com/_static/ 		98 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://wegotthiscovered.com/_static/??/wp-includes/css/dist/block-library/style.min.css,/wp-content/plugins/dotesports-gutenberg-blocks/build/style-index.css?m=1670011959
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.52.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
00b41ce5405f76a61dac043edc9fc8635a1f4f6498efa64f03ea2157f5215c1b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 04:00:51 GMT
x-rq
yyz1 0 4 9980
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 02 Dec 2022 20:12:39 GMT
cf-bgj
minify
server
cloudflare
age
200350
vary
Accept-Encoding
x-cache
miss
content-type
text/css;charset=utf-8
cache-control
max-age=31536000
cf-apo-via
tcache
cf-ray
7749e08fa825a880-SYD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
/
wegotthiscovered.com/_static/ 		16 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://wegotthiscovered.com/_static/??-eJx9jsEOwjAMQ3+ILttliAPiW0oabYW0q+pMaH9P4YCYhDg69otNj+JiZl2DgG6gJCF6UUmSbSeK+k2qU5k8b12KuWPgQP/w5n3rHcRLtnfF6oquU8wgiK88k6iHRS5VAAoRRo2h2s4mwZUFBnfVhe8Otqng95YXw+0TIjubW/8nd0nnYTz2/TCcxv4Jk49fGA==
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.52.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a8245304d559698c5788e5a75fd94974adfaade8522376c86458f41356480279

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 04:00:51 GMT
content-encoding
br
cf-cache-status
HIT
age
200350
cf-polished
origSize=15959
x-cache
miss
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-rq
yyz1 0 4 9980
last-modified
Fri, 02 Dec 2022 20:12:40 GMT
cf-bgj
minify
server
cloudflare
vary
Accept-Encoding
content-type
text/css;charset=utf-8
cache-control
max-age=31536000
cf-apo-via
tcache
cf-ray
7749e08fa826a880-SYD
style.css
wegotthiscovered.com/wp-content/plugins/author-hreview/style/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://wegotthiscovered.com/wp-content/plugins/author-hreview/style/style.css?m=1669169251g
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.52.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fbcc6b13cee9c1b9b9b97f4070d9127a7dafc3a725b1b0cd80ebd3e1096e7668

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 04:00:51 GMT
content-encoding
br
cf-cache-status
HIT
age
876287
cf-polished
origSize=5919
x-cache
miss
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-rq
yyz1 0 4 9980
cf-bgj
minify
last-modified
Wed, 23 Nov 2022 02:07:31 GMT
server
cloudflare
etag
W/"637d8063-171f"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=31536000
cf-ray
7749e08fa827a880-SYD
expires
Sat, 25 Nov 2023 00:12:38 GMT
swiper-bundle.min.css
unpkg.com/swiper@8.4.5/
Redirect Chain
  • https://unpkg.com/swiper@8/swiper-bundle.min.css?ver=6.1.1
  • https://unpkg.com/swiper@8/swiper-bundle.min.css
  • https://unpkg.com/swiper@8.4.5/swiper-bundle.min.css
16 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/swiper@8.4.5/swiper-bundle.min.css
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Server
104.16.124.175 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82ef200ece01e84b0387a394dd784b93e1a677f8b2efed9d6b79f61d3084121a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 04:00:51 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
1179064
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01GJD2MZSVH6EHWSGSB56VPSK7-syd
server
cloudflare
etag
W/"4056-knQFLPhd7qTFS8igAGqEi45G1Ug"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
7749e0924be23778-MEL

Redirect headers

date
Mon, 05 Dec 2022 04:00:51 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
fly-request-id
01GKG705KKJ9R37NG94QYCYBYZ-syd
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
98
vary
Accept, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
location
/swiper@8.4.5/swiper-bundle.min.css
cache-control
public, s-maxage=600, max-age=60
cf-ray
7749e0919abe3778-MEL
styles.css
wegotthiscovered.com/wp-content/plugins/wegotthiscovered-gallery-plugin/frontend/css/ 		2 KB
695 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://wegotthiscovered.com/wp-content/plugins/wegotthiscovered-gallery-plugin/frontend/css/styles.css?m=1669169251g
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.52.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
85c96fbb69c7238228745f7653c4c883a1055b6503b7dd5ef2811315afd35c8d

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 04:00:51 GMT
content-encoding
br
cf-cache-status
HIT
age
874092
cf-polished
origSize=2044
x-cache
miss
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-rq
yyz1 0 4 9980
cf-bgj
minify
last-modified
Tue, 22 Nov 2022 22:58:34 GMT
server
cloudflare
etag
W/"637d541a-7fc"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=31536000
cf-ray
7749e08fa829a880-SYD
expires
Sat, 25 Nov 2023 00:12:38 GMT
064646ee46ad6e39.css
wegotthiscovered.com/wp-content/uploads/hurrytimer/css/ 		2 KB
926 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://wegotthiscovered.com/wp-content/uploads/hurrytimer/css/064646ee46ad6e39.css?ver=6.1.1
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.52.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
57ba6e1bdb4acee34e54dc147acabd1d0573218dbe12fc0fdf9148d45eacbbed

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 04:00:51 GMT
content-encoding
br
cf-cache-status
HIT
age
17601
cf-polished
origSize=2782
x-cache
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-rq
yyz1 80 86 443
cf-bgj
minify
last-modified
Sun, 04 Dec 2022 22:08:46 GMT
server
cloudflare
etag
W/"23dbf62fe84f00a8"
vary
Accept-Encoding
content-type
text/css;charset=utf-8
cache-control
max-age=2592000
cf-ray
7749e08fa82aa880-SYD
expires
Mon, 04 Dec 2023 22:08:55 GMT
/
wegotthiscovered.com/_static/ 		140 KB
23 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://wegotthiscovered.com/_static/??-eJyNj9EOwiAMRX9IbDBxyR6M34KMTZJCG1pc/Hu7PfnIC5dy72kL7OwiVU1VgbFvuQrs1BZuScQxccfQTEUFgkgyiWIR5qvpBf5wfaeSBAgXt28a3VmD6BfTYNZmMlXJn1Gg8xJ0NJzNts2Ph/M6iB3fLeiEYg7oXl3VWGOQ2tpxsMlq7nkc+Wd5+Gma/TTf7v4HapqP+g==
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.52.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
925b41942342b99e4fa069f40103f35a3dc23b3ba25a01621394935b27205aae

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 04:00:51 GMT
content-encoding
br
cf-cache-status
HIT
age
268972
cf-polished
status=cannot_optimize
x-cache
hit
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-rq
yyz1 0 4 9980
last-modified
Wed, 23 Nov 2022 02:07:31 GMT
cf-bgj
minify
server
cloudflare
vary
Accept-Encoding
content-type
text/css;charset=utf-8
cache-control
max-age=31536000
cf-apo-via
tcache
cf-ray
7749e08fa82ba880-SYD
/
wegotthiscovered.com/_static/ 		166 KB
26 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://wegotthiscovered.com/_static/??/wp-content/plugins/aawp/assets/dist/css/main.css,/wp-content/mu-plugins/jetpack-11.5/css/jetpack.css?m=1669751908
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.52.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a0708e45fd895ddb761c50d5cf27da6d38314058bc42e9529d0e79c50718d9e2

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 04:00:51 GMT
content-encoding
br
cf-cache-status
HIT
age
268972
cf-polished
origSize=169729
x-cache
hit
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-rq
yyz1 0 4 9980
last-modified
Tue, 29 Nov 2022 19:58:28 GMT
cf-bgj
minify
server
cloudflare
vary
Accept-Encoding
content-type
text/css;charset=utf-8
cache-control
max-age=31536000
cf-apo-via
tcache
cf-ray
7749e08fb83ba880-SYD
swiper-bundle.min.js
unpkg.com/swiper@8.4.5/
Redirect Chain
  • https://unpkg.com/swiper@8/swiper-bundle.min.js?ver=6.1.1
  • https://unpkg.com/swiper@8/swiper-bundle.min.js
  • https://unpkg.com/swiper@8.4.5/swiper-bundle.min.js
140 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/swiper@8.4.5/swiper-bundle.min.js
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Server
104.16.124.175 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b08cc9bd79f873cbf3a9468010074bd1c2ede4524d993a1f42edb1778fa3657a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 04:00:51 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
1179051
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01GJD2NCR2RCB2KKHHZQF778Q1-syd
server
cloudflare
etag
W/"2315b-t5sVkS+OMbzdHrTZGoTsEiXqNM4"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
7749e0923bcc3778-MEL

Redirect headers

date
Mon, 05 Dec 2022 04:00:51 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
fly-request-id
01GKG6PH27SHD3ZN6NTHSKC7DY-syd
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
414
vary
Accept, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
location
/swiper@8.4.5/swiper-bundle.min.js
cache-control
public, s-maxage=600, max-age=60
cf-ray
7749e0918aac3778-MEL
/
wegotthiscovered.com/_static/ 		99 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wegotthiscovered.com/_static/??-eJzTLy/QzcxLzilNSS3WzwKiwtLUokoopZebmaeXVayjj0+Rbm5melFiSSpUsX2uraGZuYGBoaGlmUEWAK9AIhc=
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.52.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7374a169b675ad5c3ac6167edda9c8fe05fe5315b6728815db2f091cc7712af6

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 04:00:51 GMT
content-encoding
br
cf-cache-status
HIT
age
200350
cf-polished
origSize=100912
x-cache
miss
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-rq
yyz1 0 4 9980
last-modified
Fri, 02 Dec 2022 20:12:40 GMT
cf-bgj
minify
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000
cf-apo-via
tcache
cf-ray
7749e08fb83ea880-SYD
wpp.min.js
wegotthiscovered.com/wp-content/plugins/wordpress-popular-posts/assets/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wegotthiscovered.com/wp-content/plugins/wordpress-popular-posts/assets/js/wpp.min.js?ver=5.4.2
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.52.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ace4208545fb0ff5ea87fbe1470d3bf0af8e73d7d52fea869966c4b9d8c78a60

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 04:00:51 GMT
x-rq
yyz1 0 4 9980
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 08 Nov 2022 04:53:57 GMT
server
cloudflare
age
1538490
etag
W/"6369e0e5-bc3"
vary
Accept-Encoding
x-cache
hit
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
7749e08fb840a880-SYD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Fri, 17 Nov 2023 08:39:12 GMT
chartbeat_mab.js
static.chartbeat.com/js/ 		23 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.chartbeat.com/js/chartbeat_mab.js
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.19.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-19-109.sin5.r.cloudfront.net
Software
nginx /
Resource Hash
5da042d5812f163384470df8b5fbca46e8364922c47407a8dbdcf114066fc6ab

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 03:55:00 GMT
content-encoding
gzip
via
1.1 fb176da9df72832dd488674f28c0a880.cloudfront.net (CloudFront)
last-modified
Wed, 20 Jul 2022 00:57:56 GMT
server
nginx
x-amz-cf-pop
SIN5-C1
age
352
etag
W/"62d75314-5d6b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
max-age=7200
cross-origin-resource-policy
cross-origin
x-amz-cf-id
uwMg_QRNi_yi9yOVCdvYi6rUnF-KLROlEO2iYqc7hyLG1frkMC_nQQ==
expires
Mon, 05 Dec 2022 05:55:00 GMT
js
www.googletagmanager.com/gtag/ 		112 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-17178859-1
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
80e30a26dc70d625989d0f39f9cf4985b96c1285abd6e20c79a94893b0c59a18
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 04:00:52 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
44677
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Mon, 05 Dec 2022 04:00:52 GMT
ads-prebid-banner-proper-outbrain.js
wegotthiscovered.com/wp-content/themes/old-wgtc-theme/js/ 		25 B
141 B 		Script
General
Check archive.org
Download Go to
Full URL
https://wegotthiscovered.com/wp-content/themes/old-wgtc-theme/js/ads-prebid-banner-proper-outbrain.js
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.52.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
de0b6a85183e77b27669137f81e9807c2f1c35fd0c1b3012055e3cf0da2f16fa

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 04:00:51 GMT
cf-cache-status
HIT
age
1538490
cf-polished
origSize=27
x-cache
hit
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
25
x-rq
yyz1 0 4 9980
cf-bgj
minify
last-modified
Tue, 08 Nov 2022 04:53:58 GMT
server
cloudflare
etag
"6369e0e6-1b"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
7749e08fb843a880-SYD
expires
Fri, 17 Nov 2023 08:39:12 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		142 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9356934496955375
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f156.1e100.net
Software
cafe /
Resource Hash
2a114299cb24353e87e03256fc7aedce9fec79070dd6c4ef058f6dd6eb5ecb7d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wegotthiscovered.com/
Origin
https://wegotthiscovered.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 04:00:52 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48955
x-xss-protection
0
server
cafe
etag
5242095285242226955
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 05 Dec 2022 04:00:52 GMT
tag
btloader.com/ 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://btloader.com/tag?o=5645585240555520&upapi=true
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.7.139 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ced3b2cefe662b12854b774e447fc7916f2886fee99c61865a0f78893ded2dd0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 04:00:52 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 05 Dec 2022 03:49:52 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
647
etag
W/"225c0bcf8623a2a4fd2b1d6d0b1e58b3"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HOxo6idyaCJ%2BLn8gFu2iGi%2BdPplKKxYlpeND3ppYWRfRUOkCtJe8762VcgTiweQ4zuULLTtp%2F3pqkWJqy3lZfx2xBcdR9WmMOLA8aywNm6rMmyHYB9%2FTC3gtftHKPQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=300, must-revalidate, stale-if-error=86400
cf-ray
7749e0953d09a8c5-SYD
ad-manager.min.js
hb.vntsm.com/v3/live/ 		1 MB
317 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.vntsm.com/v3/live/ad-manager.min.js
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
139.99.63.197 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ns5000585.ip-139-99-63.net
Software
BunnyCDN-SG21-744 /
Resource Hash
4ae7a6c76ef4f3b2c72e647be807ca60d4fedf43b6609a210c46919693fbfdfb

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 04:00:52 GMT
content-encoding
br
cdn-edgestorageid
744
cdn-cachedat
12/02/2022 16:22:52
cdn-pullzone
131999
last-modified
Tue, 29 Nov 2022 14:02:27 GMT
server
BunnyCDN-SG21-744
cdn-proxyver
1.03
cdn-requestpullcode
200
etag
W/"30001e84dfb055aa1a8069fb6ded2fe3"
vary
Accept-Encoding, Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
5d6cd18c-1b61-4922-947b-91a6b9ea7b00
access-control-expose-headers
x-geo-subdivision,X-Geo,cdn-requestcountrycode,Content-Type,x-bl
cache-control
public, max-age=86400
x-bl
0
cdn-requestid
a1215f0086180cb21c8e75db5286edf0
cdn-requestcountrycode
AU
access-control-allow-headers
cdn-requestcountrycode,Content-Type,x-bl,ref_url
cdn-status
200
cdn-requestpullsuccess
True
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
sffe /
Resource Hash
c4a235e60d29399532a4bf25010afc9b2037088dc123d60f2b3a65ac70103da4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 04:00:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27505
x-xss-protection
0
server
sffe
etag
"1412 / 91 of 1000 / last-modified: 1670022376"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 05 Dec 2022 04:00:52 GMT
logo.png
wegotthiscovered.com/wp-content/themes/old-wgtc-theme/img/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/themes/old-wgtc-theme/img/logo.png
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.52.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2f95a880e5801bccf9bd22a13baeae155794995fdbabfe419427757ecdaa1449

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 04:00:51 GMT
cf-cache-status
HIT
age
1538490
cf-polished
origFmt=png, origSize=4277
x-cache
hit
content-disposition
inline; filename="logo.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3710
x-rq
yyz1 0 4 9980
cf-bgj
imgq:100,h2pri
last-modified
Tue, 08 Nov 2022 04:53:58 GMT
server
cloudflare
etag
W/"6369e0e6-10b5"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
7749e093c989a8b0-SYD
expires
Fri, 17 Nov 2023 08:39:13 GMT
deadpool-daredevil.jpg
wegotthiscovered.com/wp-content/uploads/2022/12/ 		72 KB
72 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/12/deadpool-daredevil.jpg?w=650&h=350&crop=1
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.52.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c76355a6a939c817ee83f8293fb23c463ceb323ee656892091936b15c386c8ab

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 04:00:52 GMT
x-rq
yyz1 80 86 443
cf-cache-status
HIT
last-modified
Mon, 05 Dec 2022 04:00:40 GMT
server
cloudflare
etag
"5b21828aef32bbbc"
vary
Accept, Accept-Encoding
x-cache
MISS
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
7749e093c98ba8b0-SYD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
73224
expires
Tue, 05 Dec 2023 04:00:40 GMT
Featured-image-of-Blonde.jpg
wegotthiscovered.com/wp-content/uploads/2022/10/ 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/10/Featured-image-of-Blonde.jpg?w=325&h=190&crop=1
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.52.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
28da092b33499c87f72013ce83f2950bf4f52f9b7c7d3fb5231ed80ac423a3cd

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 04:00:52 GMT
x-rq
yyz1 80 86 443
cf-cache-status
HIT
last-modified
Mon, 05 Dec 2022 04:00:40 GMT
server
cloudflare
etag
"e135113facc48801"
vary
Accept, Accept-Encoding
x-cache
MISS
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
7749e093c98da8b0-SYD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
29670
expires
Tue, 05 Dec 2023 04:00:40 GMT
Peter-Quill-aka-Star-Lord-Chris-Pratt-in-Guardians-of-the-Galaxy-Vol.-3.jpg
wegotthiscovered.com/wp-content/uploads/2022/12/ 		71 KB
72 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/12/Peter-Quill-aka-Star-Lord-Chris-Pratt-in-Guardians-of-the-Galaxy-Vol.-3.jpg?w=325&h=190&crop=1
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.52.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
645ab6337a55814ca5c4bedda9359debc1f395495b4b7b3c7be9b29bdf41c322

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 04:00:52 GMT
x-rq
yyz1 87 203 443
cf-cache-status
HIT
last-modified
Mon, 05 Dec 2022 03:59:49 GMT
server
cloudflare
etag
"1a2255ee85f922e9"
vary
Accept, Accept-Encoding
x-cache
MISS
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
7749e093c98ea8b0-SYD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
72976
expires
Tue, 05 Dec 2023 03:59:49 GMT
Wheel-of-Time-header.jpg
wegotthiscovered.com/wp-content/uploads/2022/05/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/05/Wheel-of-Time-header.jpg?w=225&h=135&crop=1
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.52.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
66a69687066acc0ccf5806aaf68098f0b97393b2e4ad8550f6b3eee918b95674

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 04:00:52 GMT
x-rq
yyz1 80 130 443
cf-cache-status
HIT
last-modified
Wed, 16 Nov 2022 22:31:56 GMT
server
cloudflare
etag
"d456d3ab3a8f676d"
vary
Accept, Accept-Encoding
x-cache
HIT
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
7749e093c98fa8b0-SYD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
7452
expires
Thu, 16 Nov 2023 22:31:56 GMT
violent-night.jpg
wegotthiscovered.com/wp-content/uploads/2022/12/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/12/violent-night.jpg?w=225&h=135&crop=1
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.52.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
45a39d5fa47e140b1f3acf392447d15aa8117fcfed91eabdcffd9fb2dc4f2652

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 04:00:51 GMT
cf-cache-status
HIT
age
127573
x-cache
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
16352
x-rq
yyz1 80 130 443
last-modified
Sat, 03 Dec 2022 16:14:54 GMT
server
cloudflare
etag
"ea45b02ad8454fff"
vary
Accept, Accept-Encoding
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
7749e093c991a8b0-SYD
expires
Sun, 03 Dec 2023 16:14:54 GMT
john-wick-the-continental.jpg
wegotthiscovered.com/wp-content/uploads/2022/11/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/11/john-wick-the-continental.jpg?w=225&h=135&crop=1
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.52.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bbdb1bc1d54833eb7c46e9f7c5d65fd7e329209d803670692066b98074046710

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 04:00:51 GMT
cf-cache-status
HIT
age
9393
x-cache
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
5082
x-rq
yyz1 80 86 443
last-modified
Fri, 25 Nov 2022 11:16:44 GMT
server
cloudflare
etag
"f8cf168dd5f1f393"
vary
Accept, Accept-Encoding
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
7749e093c993a8b0-SYD
expires
Sat, 25 Nov 2023 11:16:44 GMT
avatar-last-airbender-avatar-james-cameron.jpg
wegotthiscovered.com/wp-content/uploads/2022/12/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/12/avatar-last-airbender-avatar-james-cameron.jpg?w=225&h=135&crop=1
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.52.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
17501b2e2ef5481d400850242a6fedc076b0b016594a05beac581b88780fe6bf

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 04:00:51 GMT
cf-cache-status
HIT
age
9392
cf-polished
origSize=8188, status=vary_header_present
x-cache
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
8035
x-rq
yyz1 86 83 443
cf-bgj
imgq:100,h2pri
last-modified
Mon, 05 Dec 2022 00:44:14 GMT
server
cloudflare
etag
"c7664e36159a4448"
vary
Accept, Accept-Encoding
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
7749e093c995a8b0-SYD
expires
Tue, 05 Dec 2023 00:44:14 GMT
Lady-Chatterleys-Lover.jpg
wegotthiscovered.com/wp-content/uploads/2022/12/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/12/Lady-Chatterleys-Lover.jpg?w=225&h=135&crop=1
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.52.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5944c9a55a4aeda9bc651c1ea13b1c2308f516ddab2cf567046bf4fd3c896766

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 04:00:51 GMT
cf-cache-status
HIT
age
9391
x-cache
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
10614
x-rq
yyz1 87 107 443
last-modified
Sun, 04 Dec 2022 19:03:29 GMT
server
cloudflare
etag
"29007cc474e01ca9"
vary
Accept, Accept-Encoding
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
7749e093c996a8b0-SYD
expires
Mon, 04 Dec 2023 19:03:29 GMT
dark-city.jpg
wegotthiscovered.com/wp-content/uploads/2022/12/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/12/dark-city.jpg?w=225&h=135&crop=1
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.52.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f1fcbf1b326bdc97388e929fc5f2ec582501cbb9438d91a26066473868034acc

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 04:00:51 GMT
cf-cache-status
HIT
age
9477
x-cache
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
16900
x-rq
yyz1 80 130 443
last-modified
Sun, 04 Dec 2022 18:44:12 GMT
server
cloudflare
etag
"eee25a6170db79fd"
vary
Accept, Accept-Encoding
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
7749e093c997a8b0-SYD
expires
Mon, 04 Dec 2023 18:44:12 GMT
Christmas-1.jpg
wegotthiscovered.com/wp-content/uploads/2022/11/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/11/Christmas-1.jpg?w=225&h=135&crop=1
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.52.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b6a14933a29d1a00a9c74cd1b8f896434cbcff24a446e097ea4cf9ca179ddff1

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 04:00:51 GMT
cf-cache-status
HIT
age
198961
x-cache
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
14604
x-rq
yyz1 87 95 443
last-modified
Fri, 02 Dec 2022 19:16:33 GMT
server
cloudflare
etag
"877dde4d0b0cb9eb"
vary
Accept, Accept-Encoding
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
7749e093c998a8b0-SYD
expires
Sat, 02 Dec 2023 19:16:33 GMT
The-Fabelmans-Steven-Spielberg.jpg
wegotthiscovered.com/wp-content/uploads/2022/11/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/11/The-Fabelmans-Steven-Spielberg.jpg?w=225&h=135&crop=1
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.52.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ede05a356f8001316785c390ed3c62b8a47a3b882a53d1061ca6c6f6939cf18d

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 04:00:51 GMT
cf-cache-status
HIT
age
494834
cf-polished
origSize=8765, status=vary_header_present
x-cache
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
8638
x-rq
yyz1 86 83 443
cf-bgj
imgq:100,h2pri
last-modified
Tue, 29 Nov 2022 06:21:56 GMT
server
cloudflare
etag
"f7a5ef4ead1bd97e"
vary
Accept, Accept-Encoding
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
7749e093c99aa8b0-SYD
expires
Wed, 29 Nov 2023 06:21:56 GMT
nanny.jpg
wegotthiscovered.com/wp-content/uploads/2022/11/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/11/nanny.jpg?w=225&h=135&crop=1
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.52.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
74c08fcfefc984ee892bef518a4970082f1afca27e9de5249210a5a63e705a9a

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 04:00:51 GMT
cf-cache-status
HIT
age
495414
x-cache
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
10600
x-rq
yyz1 80 130 443
last-modified
Tue, 29 Nov 2022 10:11:51 GMT
server
cloudflare
etag
"39796f56a0c2c23f"
vary
Accept, Accept-Encoding
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
7749e093c99ba8b0-SYD
expires
Wed, 29 Nov 2023 10:11:51 GMT
jenna-ortega-wednesday-moosa-mostafa-eugene.png
wegotthiscovered.com/wp-content/uploads/2022/11/ 		69 KB
69 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/11/jenna-ortega-wednesday-moosa-mostafa-eugene.png?w=325&h=190&crop=1
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.52.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
032e86283c62e14d0c9c9db04db6f056cf5c2662282d456e2b8cc945eb1befcd

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 04:00:52 GMT
x-rq
yyz1 80 130 443
cf-cache-status
MISS
last-modified
Mon, 05 Dec 2022 04:00:52 GMT
server
cloudflare
etag
"c54d71dd95dc1a95"
vary
Accept, Accept-Encoding
x-cache
MISS
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
7749e093c99ca8b0-SYD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
70172
expires
Tue, 05 Dec 2023 04:00:52 GMT
Wheel-of-Time-header.jpg
wegotthiscovered.com/wp-content/uploads/2022/05/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/05/Wheel-of-Time-header.jpg?w=325&h=190&crop=1
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.52.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
878397a60d22342567cbeb8cbd3e512f37cc4a271d4ae91d29f09b263a698e3a

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 04:00:51 GMT
cf-cache-status
HIT
age
198
x-cache
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
11146
x-rq
yyz1 80 130 443
last-modified
Mon, 05 Dec 2022 03:05:37 GMT
server
cloudflare
etag
"6cc92850b0084980"
vary
Accept, Accept-Encoding
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
7749e093c99da8b0-SYD
expires
Tue, 05 Dec 2023 03:05:37 GMT
Bob-McGrath-Sesame-Street.jpg
wegotthiscovered.com/wp-content/uploads/2022/12/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/12/Bob-McGrath-Sesame-Street.jpg?w=225&h=135&crop=1
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.52.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a90572a4e039aa99c39d536741700c639e1701c6c6cb412f39603c32094d6591

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 04:00:52 GMT
x-rq
yyz1 80 86 443
cf-cache-status
HIT
last-modified
Mon, 05 Dec 2022 02:51:22 GMT
server
cloudflare
etag
"366eb5e14a88b6e5"
vary
Accept, Accept-Encoding
x-cache
MISS
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
7749e093c99ea8b0-SYD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
16968
expires
Tue, 05 Dec 2023 02:51:22 GMT
841D39B7-7259-48D2-802C-77571DF9597E-scaled.jpeg
wegotthiscovered.com/wp-content/uploads/2022/10/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/10/841D39B7-7259-48D2-802C-77571DF9597E-scaled.jpeg?w=225&h=135&crop=1
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.52.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
771093e1694f623315f5b7106918d7a44fc5f4bcaa874942faf3cab21ed7f4c9

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 04:00:51 GMT
cf-cache-status
HIT
age
7925
x-cache
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
5266
x-rq
yyz1 87 107 443
last-modified
Tue, 29 Nov 2022 06:05:40 GMT
server
cloudflare
etag
"6bf48392f5e5c998"
vary
Accept, Accept-Encoding
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
7749e093c99fa8b0-SYD
expires
Wed, 29 Nov 2023 06:05:40 GMT
VideoScreenshot-YouTube-WednesdayAddamsDanceSceneNetflix-045.jpg
wegotthiscovered.com/wp-content/uploads/2022/12/ 		26 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/12/VideoScreenshot-YouTube-WednesdayAddamsDanceSceneNetflix-045.jpg?w=225&h=135&crop=1
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.52.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
176f4538c1764c03b69fb2701b61264f68b3e49eceb5bacb9f4cb18e3c654019

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 04:00:51 GMT
cf-cache-status
HIT
age
196
x-cache
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
27070
x-rq
yyz1 80 86 443
last-modified
Mon, 05 Dec 2022 01:32:51 GMT
server
cloudflare
etag
"d2f42218cddadb48"
vary
Accept, Accept-Encoding
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
7749e093c9a0a8b0-SYD
expires
Tue, 05 Dec 2023 01:32:51 GMT
Irreverent-2.jpg
wegotthiscovered.com/wp-content/uploads/2022/11/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/11/Irreverent-2.jpg?w=225&h=135&crop=1
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.52.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6246712a8a5a655792a7fbebee30b3c65997db297c614e628bed1d37d50271a4

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 04:00:51 GMT
cf-cache-status
HIT
age
279159
x-cache
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
11256
x-rq
yyz1 80 130 443
last-modified
Wed, 30 Nov 2022 09:57:08 GMT
server
cloudflare
etag
"14aedf116e68e00f"
vary
Accept, Accept-Encoding
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
7749e093c9a1a8b0-SYD
expires
Thu, 30 Nov 2023 09:57:08 GMT
Kanye_West_skims-e1669994977555.jpg
wegotthiscovered.com/wp-content/uploads/2022/12/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/12/Kanye_West_skims-e1669994977555.jpg?w=650&h=350&crop=1
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.52.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd73a6b7b2f159a029f55a14d43abd6a022242e4cf6d22d1718baa527d3ccc0b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 04:00:51 GMT
cf-cache-status
HIT
age
196
x-cache
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
15852
x-rq
yyz1 86 215 443
last-modified
Mon, 05 Dec 2022 03:27:26 GMT
server
cloudflare
etag
"5b6ccc2989a29773"
vary
Accept, Accept-Encoding
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
7749e093c9a3a8b0-SYD
expires
Tue, 05 Dec 2023 03:27:26 GMT
GettyImages-dolly-parton.jpg
wegotthiscovered.com/wp-content/uploads/2022/12/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/12/GettyImages-dolly-parton.jpg?w=325&h=190&crop=1
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.52.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
13f29f38fc50cc65f3762d35f72b32c18b43699457af0dfa65c9d1413cab74d7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 04:00:51 GMT
cf-cache-status
HIT
age
196
x-cache
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
14326
x-rq
yyz1 87 95 443
last-modified
Mon, 05 Dec 2022 03:27:28 GMT
server
cloudflare
etag
"e76a89909cb1be26"
vary
Accept, Accept-Encoding
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
7749e093c9a4a8b0-SYD
expires
Tue, 05 Dec 2023 03:27:28 GMT
Bob-McGrath-Sesame-Street.jpg
wegotthiscovered.com/wp-content/uploads/2022/12/ 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/12/Bob-McGrath-Sesame-Street.jpg?w=325&h=190&crop=1
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.52.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d52e99522753413b2c78b32c66cc4628ec79291e50a88413eea585b7e746af5b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 04:00:51 GMT
cf-cache-status
HIT
age
197
x-cache
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
30738
x-rq
yyz1 80 86 443
last-modified
Mon, 05 Dec 2022 03:05:38 GMT
server
cloudflare
etag
"d1e53ce48035f3eb"
vary
Accept, Accept-Encoding
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
7749e093c9a6a8b0-SYD
expires
Tue, 05 Dec 2023 03:05:38 GMT
Al-Strobel-Twin-Peaks.jpg
wegotthiscovered.com/wp-content/uploads/2022/12/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/12/Al-Strobel-Twin-Peaks.jpg?w=225&h=135&crop=1
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.52.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f40798a86ddd1c78e6462f011855fb774ff580687d37f19f403fd1d406d57af4

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 04:00:51 GMT
cf-cache-status
HIT
age
9392
x-cache
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
13274
x-rq
yyz1 80 130 443
last-modified
Mon, 05 Dec 2022 00:29:13 GMT
server
cloudflare
etag
"1d3d7f24ca53f18c"
vary
Accept, Accept-Encoding
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
7749e093c9a7a8b0-SYD
expires
Tue, 05 Dec 2023 00:29:13 GMT
blair-white.png
wegotthiscovered.com/wp-content/uploads/2022/12/ 		58 KB
59 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/12/blair-white.png?w=225&h=135&crop=1
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.52.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7735c234473a327e0cd8f02d866ae594efedba2aa4d0cc146251ab606fe395b5

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 04:00:51 GMT
cf-cache-status
HIT
age
9392
cf-polished
status=not_needed
x-cache
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
59858
x-rq
yyz1 80 86 443
cf-bgj
imgq:100,h2pri
last-modified
Sun, 04 Dec 2022 23:05:24 GMT
server
cloudflare
etag
"e9ff34e038d54f65"
vary
Accept, Accept-Encoding
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
7749e093c9a8a8b0-SYD
expires
Mon, 04 Dec 2023 23:05:24 GMT
v-bts-getty-images.jpg
wegotthiscovered.com/wp-content/uploads/2022/12/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/12/v-bts-getty-images.jpg?w=225&h=135&crop=1
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.52.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6da1dab741a3f2779804d4b9a6234fd658e831b523c7086fb65cefd3ff7a5bd1

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 04:00:51 GMT
cf-cache-status
HIT
age
9392
x-cache
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
10680
x-rq
yyz1 80 130 443
last-modified
Sun, 04 Dec 2022 22:40:37 GMT
server
cloudflare
etag
"52a527500f61f919"
vary
Accept, Accept-Encoding
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
7749e093c9a9a8b0-SYD
expires
Mon, 04 Dec 2023 22:40:37 GMT
James-Gunn-1.jpg
wegotthiscovered.com/wp-content/uploads/2022/12/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/12/James-Gunn-1.jpg?w=650&h=350&crop=1
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.52.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6c1c7f67a0266e34d2f3678b97e8effa698d9315642e79b0a4c1184d0ec628c3

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 04:00:51 GMT
cf-cache-status
HIT
age
101050
x-cache
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
15884
x-rq
yyz1 87 131 443
last-modified
Sat, 03 Dec 2022 22:39:11 GMT
server
cloudflare
etag
"00eb0d05a8ff9c16"
vary
Accept, Accept-Encoding
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
7749e093c9aba8b0-SYD
expires
Sun, 03 Dec 2023 22:39:11 GMT
Guardians-of-the-Galaxy-Among-Us1.jpg
wegotthiscovered.com/wp-content/uploads/2022/12/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/12/Guardians-of-the-Galaxy-Among-Us1.jpg?w=325&h=190&crop=1
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.52.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e41d3eb7172ebf89a4cbf9c6e1d87408ae1f488e4eb451feb9d32158b0123761

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 04:00:51 GMT
cf-cache-status
HIT
age
179236
x-cache
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
17690
x-rq
yyz1 86 45 443
last-modified
Fri, 02 Dec 2022 23:55:08 GMT
server
cloudflare
etag
"a36cfee68fa845be"
vary
Accept, Accept-Encoding
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
7749e093c9ada8b0-SYD
expires
Sat, 02 Dec 2023 23:55:08 GMT
Gamora-Guardians-of-the-Galaxy-Vol.-3.jpg
wegotthiscovered.com/wp-content/uploads/2022/12/ 		75 KB
76 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/12/Gamora-Guardians-of-the-Galaxy-Vol.-3.jpg?w=325&h=190&crop=1
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.52.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6b23455fef4a9d5e25f65875ad223e123e45ff11d28e6f8d304a0e557c60c8fe

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 04:00:51 GMT
cf-cache-status
HIT
age
271718
x-cache
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
77164
x-rq
yyz1 80 130 443
last-modified
Fri, 02 Dec 2022 00:02:35 GMT
server
cloudflare
etag
"f5ad500e84b51987"
vary
Accept, Accept-Encoding
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
7749e093c9afa8b0-SYD
expires
Sat, 02 Dec 2023 00:02:35 GMT
the-guardians-of-the-galaxy-holiday-special-2-1-1.jpg
wegotthiscovered.com/wp-content/uploads/2022/11/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/11/the-guardians-of-the-galaxy-holiday-special-2-1-1.jpg?w=225&h=135&crop=1
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.52.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c4ed63fd82336bdbf00126aecf1da73961222a5b6fd28dc25cd6e240159a9a5f

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 04:00:51 GMT
cf-cache-status
HIT
age
101050
x-cache
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
10062
x-rq
yyz1 86 237 443
last-modified
Thu, 24 Nov 2022 04:00:38 GMT
server
cloudflare
etag
"ed005fbd45d95e91"
vary
Accept, Accept-Encoding
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
7749e093c9b1a8b0-SYD
expires
Fri, 24 Nov 2023 04:00:38 GMT
image-185.jpg
wegotthiscovered.com/wp-content/uploads/2022/06/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/06/image-185.jpg?w=225&h=135&crop=1
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.52.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
134aab2f403c424ea40a0eacd511c774cf70dad4a67299bc3b1bd422fc8e3d28

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 04:00:51 GMT
cf-cache-status
HIT
age
257798
x-cache
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
10364
x-rq
yyz1 80 130 443
last-modified
Fri, 25 Nov 2022 06:23:10 GMT
server
cloudflare
etag
"8f00b6e546e5847f"
vary
Accept, Accept-Encoding
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
7749e093c9b2a8b0-SYD
expires
Sat, 25 Nov 2023 06:23:10 GMT
black-adam.jpg
wegotthiscovered.com/wp-content/uploads/2022/10/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/10/black-adam.jpg?w=225&h=135&crop=1
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.52.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2e78caada297b81617e1621a15b8da25ea6bc91b6c8d5267b1c469c362cfa61a

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 04:00:51 GMT
cf-cache-status
HIT
age
272595
x-cache
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
18054
x-rq
yyz1 87 203 443
last-modified
Wed, 16 Nov 2022 22:31:08 GMT
server
cloudflare
etag
"935df702b9baebd6"
vary
Accept, Accept-Encoding
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
7749e093c9b3a8b0-SYD
expires
Thu, 16 Nov 2023 22:31:08 GMT
geralt-of-rivia-fortnite.png
wegotthiscovered.com/wp-content/uploads/2022/12/ 		246 KB
247 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/12/geralt-of-rivia-fortnite.png?w=650&h=350&crop=1
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.52.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9d7bbb525bb6a5ac08fdd7ae5b31ff6c012b48bd38a471d990342b6c512478cd

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 04:00:51 GMT
cf-cache-status
HIT
age
9477
x-cache
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
252160
x-rq
yyz1 91 52 443
last-modified
Sun, 04 Dec 2022 23:47:23 GMT
server
cloudflare
etag
"5d286fb90ed31c42"
vary
Accept, Accept-Encoding
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
7749e093c9b4a8b0-SYD
expires
Mon, 04 Dec 2023 23:47:23 GMT
elder-scrolls-skyrim.jpg
wegotthiscovered.com/wp-content/uploads/2022/12/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/12/elder-scrolls-skyrim.jpg?w=325&h=190&crop=1
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.52.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3983a6e70201c87528a8742172dc1580eb2098d2857682a8f1a84bb8429450aa

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 04:00:51 GMT
cf-cache-status
HIT
age
9477
x-cache
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
11208
x-rq
yyz1 80 86 443
last-modified
Sun, 04 Dec 2022 23:47:23 GMT
server
cloudflare
etag
"65ca7a708715f62d"
vary
Accept, Accept-Encoding
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
7749e093c9b5a8b0-SYD
expires
Mon, 04 Dec 2023 23:47:23 GMT
the-last-of-us-teaser.png
wegotthiscovered.com/wp-content/uploads/2022/09/ 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/09/the-last-of-us-teaser.png?w=325&h=190&crop=1
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.52.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
46a9dc23f2b4b485c6ac6657aa287e6927d2a83c90344572e7ba2bc9d879603a

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 04:00:51 GMT
cf-cache-status
HIT
age
83056
x-cache
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44794
x-rq
yyz1 80 86 443
last-modified
Thu, 01 Dec 2022 05:04:45 GMT
server
cloudflare
etag
"9e8d90d68eb90069"
vary
Accept, Accept-Encoding
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
7749e093c9b7a8b0-SYD
expires
Fri, 01 Dec 2023 05:04:45 GMT
GettyImages-1185775421.jpg
wegotthiscovered.com/wp-content/uploads/2022/12/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/12/GettyImages-1185775421.jpg?w=225&h=135&crop=1
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.52.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
456b9b39be4fc43af92c93b73c146192c7ae1c11a4217dc8a7700afa101628d6

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 04:00:51 GMT
cf-cache-status
HIT
age
9477
cf-polished
origSize=6239, status=vary_header_present
x-cache
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6074
x-rq
yyz1 80 86 443
cf-bgj
imgq:100,h2pri
last-modified
Fri, 02 Dec 2022 11:12:15 GMT
server
cloudflare
etag
"b20a5633dcca1b35"
vary
Accept, Accept-Encoding
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
7749e093c9baa8b0-SYD
expires
Sat, 02 Dec 2023 11:12:15 GMT
Star-WArs-Battlefront-2.jpg
wegotthiscovered.com/wp-content/uploads/2022/07/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/07/Star-WArs-Battlefront-2.jpg?w=225&h=135&crop=1
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.52.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
38012049996f1f46f378c3d067d00e5538e98ae3fc2807d69e499346124bc276

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 04:00:51 GMT
cf-cache-status
HIT
age
82160
x-cache
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
21520
x-rq
yyz1 80 86 443
last-modified
Fri, 02 Dec 2022 05:00:27 GMT
server
cloudflare
etag
"4c43e7783d0f31d2"
vary
Accept, Accept-Encoding
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
7749e093c9bba8b0-SYD
expires
Sat, 02 Dec 2023 05:00:27 GMT
the-mask-god-of-war.png
wegotthiscovered.com/wp-content/uploads/2022/11/ 		45 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/11/the-mask-god-of-war.png?w=225&h=135&crop=1
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.52.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a730c7b06d85c790631820e819fe869e0e7c833b57d2ac05ed38d3d8662bd474

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 04:00:51 GMT
cf-cache-status
HIT
age
101050
x-cache
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
45598
x-rq
yyz1 86 215 443
last-modified
Thu, 01 Dec 2022 05:05:22 GMT
server
cloudflare
etag
"7f6fb032bb74f58a"
vary
Accept, Accept-Encoding
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
7749e093c9bea8b0-SYD
expires
Fri, 01 Dec 2023 05:05:22 GMT
the-last-of-us-teaser.png
wegotthiscovered.com/wp-content/uploads/2022/09/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/09/the-last-of-us-teaser.png?w=225&h=135&crop=1
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.52.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
232f07c5f3799e1c7a3c7934b2a5b4c7d646eab2a761ea404f6e928db7a05243

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 04:00:51 GMT
cf-cache-status
HIT
age
233045
x-cache
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
25126
x-rq
yyz1 80 86 443
last-modified
Wed, 30 Nov 2022 18:38:10 GMT
server
cloudflare
etag
"33946faa8d125900"
vary
Accept, Accept-Encoding
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
7749e093c9bfa8b0-SYD
expires
Thu, 30 Nov 2023 18:38:10 GMT
Pokemon-scarlet-and-violet-4.jpg
wegotthiscovered.com/wp-content/uploads/2022/11/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/11/Pokemon-scarlet-and-violet-4.jpg?w=225&h=135&crop=1
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.52.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db1c2b662ffc9e6309d4eadf7f80f63ba929159c46e91b9ab7d9a6f2d86e04c4

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 04:00:51 GMT
cf-cache-status
HIT
age
248414
x-cache
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
10228
x-rq
yyz1 80 86 443
last-modified
Thu, 01 Dec 2022 04:17:41 GMT
server
cloudflare
etag
"16a691f69e862cef"
vary
Accept, Accept-Encoding
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
7749e093c9c0a8b0-SYD
expires
Fri, 01 Dec 2023 04:17:41 GMT
the-last-of-us-trailer1.jpg
wegotthiscovered.com/wp-content/uploads/2022/09/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/09/the-last-of-us-trailer1.jpg?w=225&h=135&crop=1
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.52.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e664f939b16da5937eaf17e634fc13aa705a69b18e7e8a8cdb3b4a52608bfe7e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 04:00:51 GMT
cf-cache-status
HIT
age
368106
cf-polished
origSize=18409, status=vary_header_present
x-cache
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
18282
x-rq
jnb1 109 196 443
cf-bgj
imgq:100,h2pri
last-modified
Wed, 30 Nov 2022 21:26:05 GMT
server
cloudflare
etag
"86cfe9d86f8eb167"
vary
Accept, Accept-Encoding
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
7749e093c9c2a8b0-SYD
expires
Thu, 30 Nov 2023 21:26:05 GMT
the-last-of-us-teaser.png
wegotthiscovered.com/wp-content/uploads/2022/09/ 		135 KB
135 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/09/the-last-of-us-teaser.png?w=650&h=350&crop=1
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.52.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
804937eb9f6c40328d98457f04893b924e1926435c0feedb55a72f58c1e77469

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 04:00:51 GMT
cf-cache-status
HIT
age
106515
x-cache
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
138084
x-rq
yyz1 80 86 443
last-modified
Thu, 01 Dec 2022 05:01:03 GMT
server
cloudflare
etag
"f6e8c49e03bbe6b4"
vary
Accept, Accept-Encoding
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
7749e093c9c5a8b0-SYD
expires
Fri, 01 Dec 2023 05:01:03 GMT
super-mario-bros-movie-peach.jpg
wegotthiscovered.com/wp-content/uploads/2022/11/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/11/super-mario-bros-movie-peach.jpg?w=325&h=190&crop=1
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.52.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
157f268930de1c101f99eed8ba5f230c705a44e53d015156dd43f38c2364f0aa

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 04:00:51 GMT
cf-cache-status
HIT
age
101050
cf-polished
origSize=15699, status=vary_header_present
x-cache
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
15610
x-rq
yyz1 80 86 443
cf-bgj
imgq:100,h2pri
last-modified
Sat, 03 Dec 2022 08:02:59 GMT
server
cloudflare
etag
"b23fe98bdb4d3dd8"
vary
Accept, Accept-Encoding
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
7749e093c9c6a8b0-SYD
expires
Sun, 03 Dec 2023 08:02:59 GMT
ajax-loader.gif
wegotthiscovered.com/wp-content/themes/old-wgtc-theme/img/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/themes/old-wgtc-theme/img/ajax-loader.gif
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.52.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9003eb7e3040cdb9591230348da3f8342778da4f6ba8b2ce9deafa8970caba4a

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 04:00:51 GMT
cf-cache-status
HIT
age
1537453
cf-polished
origSize=1737, status=webp_bigger
x-cache
hit
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1669
x-rq
yyz1 0 4 9980
cf-bgj
imgq:100,h2pri
last-modified
Tue, 08 Nov 2022 04:53:57 GMT
server
cloudflare
etag
W/"6369e0e5-6c9"
vary
Accept-Encoding
content-type
image/gif
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
7749e093c9c8a8b0-SYD
expires
Fri, 17 Nov 2023 08:39:41 GMT
/
wegotthiscovered.com/_static/ 		48 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wegotthiscovered.com/_static/??-eJydkdFOwzAMRX+INK2QhvaA+JYscROX1B6xs2p/T9ZtmoQoCB4d+x773tjlaJB8rgHETmJxdhEkswsQuhmpm+TJthnPpEBqj7lGJLGj8/DclCMSKhjxhXM2165tQJvx0IAfFcrZoJN/c6aNmW6s5BWZNtELRFZNKJ5PUCCY6HK+nHOjj2UVhMuKJaq/97d4qZZyVpyhWCcCuublmd8RfkrqW9k1mM5zJQ280J8Bj8evMk0wt7/kHMzqaq1/87gpuh16cCY5ST45ine3b/PrsHvp+2HY7/rpE4D63MQ=
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.52.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6448fd1cb28f03fc7d7523861e09bcaa77dd33544175456ff60e130f7a3e1605

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 04:00:51 GMT
content-encoding
br
cf-cache-status
HIT
age
200350
cf-polished
origSize=65747
x-cache
miss
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-rq
yyz1 0 4 9980
last-modified
Fri, 02 Dec 2022 20:12:40 GMT
cf-bgj
minify
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000
cf-apo-via
tcache
cf-ray
7749e093b950a8b0-SYD
all.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/all.js?ver=6.1.1
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.235.1 Singapore, Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-04-sin6.fbcdn.net
Software
/
Resource Hash
fe1987c174a68a8f21d577e6c2557d2e5dd9389ada66bcaa99bbaa247212a72c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 05 Dec 2022 04:00:52 GMT
content-md5
zXEp4E65ke2Y6WgJ+7yhQg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1685
x-fb-rlafr
0
x-fb-debug
oJixlEQh88KL1KWyYtn88y9pRcaw+7s7T1l9D7F83SkcMzob5+NeHkFnK1NGleuRN7abBgzzd8G/1frdopuVOA==
x-fb-trip-id
548340344
x-fb-content-md5
ac4ba9a98ae81d8c6213383e5f4d0b86
cross-origin-opener-policy
same-origin-allow-popups
etag
"05b1b36a5d59596d54803cbf4ead26a5"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin
*
priority
u=3,i
expires
Mon, 05 Dec 2022 04:19:12 GMT
main.js
wegotthiscovered.com/wp-content/plugins/aawp/assets/dist/js/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wegotthiscovered.com/wp-content/plugins/aawp/assets/dist/js/main.js?m=1669169251g
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.52.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
324229580a277a2f43dabaa9aee2042c1e8197bcf0a8e2fe6fc5aa077f0d14e8

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 04:00:51 GMT
content-encoding
br
cf-cache-status
HIT
age
876286
cf-polished
origSize=6293
x-cache
miss
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-rq
yyz1 0 4 9980
cf-bgj
minify
last-modified
Wed, 23 Nov 2022 02:07:31 GMT
server
cloudflare
etag
W/"637d8063-1895"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
7749e093c976a8b0-SYD
expires
Sat, 25 Nov 2023 00:12:38 GMT
e-202249.js
stats.wp.com/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stats.wp.com/e-202249.js
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

x-nc
HIT syd
date
Mon, 05 Dec 2022 04:00:52 GMT
content-encoding
br
server
nginx
etag
W/"61adb0c2-3508"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
expires
Sun, 26 Nov 2023 18:15:08 GMT
popup.js
wegotthiscovered.com/wp-content/themes/old-wgtc-theme/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wegotthiscovered.com/wp-content/themes/old-wgtc-theme/js/popup.js?v=2
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.52.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2eff9682459cdf09edbdc26d40a2ebe4ebe9a89398676952d0b06c1630452789

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 04:00:51 GMT
content-encoding
br
cf-cache-status
HIT
age
1538489
cf-polished
origSize=6341
x-cache
hit
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-rq
yyz1 0 4 9980
cf-bgj
minify
last-modified
Tue, 08 Nov 2022 04:53:58 GMT
server
cloudflare
etag
W/"6369e0e6-18c5"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
7749e093c978a8b0-SYD
expires
Fri, 17 Nov 2023 08:39:13 GMT
jquery.cookie.js
wegotthiscovered.com/wp-content/themes/old-wgtc-theme/js/jquery/ 		1 KB
986 B 		Script
General
Check archive.org
Download Go to
Full URL
https://wegotthiscovered.com/wp-content/themes/old-wgtc-theme/js/jquery/jquery.cookie.js
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.52.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c3f05412b273a3c32bf550bf721db6302d8c8c8692d25b847f278ef67693195d

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 04:00:51 GMT
content-encoding
br
cf-cache-status
HIT
age
1538489
cf-polished
origSize=1838
x-cache
miss
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-rq
yyz1 0 4 9980
cf-bgj
minify
last-modified
Thu, 10 Nov 2022 05:09:29 GMT
server
cloudflare
etag
W/"636c8789-72e"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
7749e093c97aa8b0-SYD
expires
Fri, 17 Nov 2023 08:39:13 GMT
jquery.tweet.js
wegotthiscovered.com/wp-content/themes/old-wgtc-theme/js/jquery/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wegotthiscovered.com/wp-content/themes/old-wgtc-theme/js/jquery/jquery.tweet.js
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.52.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d7f23b706c2051cd14bbfdc75b158a623e575846b2a34cf308709793fb72f5e8

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 04:00:51 GMT
content-encoding
br
cf-cache-status
HIT
age
1538489
cf-polished
origSize=14391
x-cache
hit
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-rq
yyz1 0 4 9980
cf-bgj
minify
last-modified
Tue, 08 Nov 2022 04:53:58 GMT
server
cloudflare
etag
W/"6369e0e6-3837"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
7749e093c97da8b0-SYD
expires
Fri, 17 Nov 2023 08:39:13 GMT
jquery.localscroll.js
wegotthiscovered.com/wp-content/themes/old-wgtc-theme/js/jquery/ 		1 KB
918 B 		Script
General
Check archive.org
Download Go to
Full URL
https://wegotthiscovered.com/wp-content/themes/old-wgtc-theme/js/jquery/jquery.localscroll.js
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.52.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3c0a69d6de03571afb770c25f2216665c272ff731e3699ca3a2caf80d730f93

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 04:00:51 GMT
content-encoding
br
cf-cache-status
HIT
age
1538489
cf-polished
origSize=1552
x-cache
miss
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-rq
yyz1 0 4 9980
cf-bgj
minify
last-modified
Thu, 10 Nov 2022 05:09:29 GMT
server
cloudflare
etag
W/"636c8789-610"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
7749e093c97fa8b0-SYD
expires
Fri, 17 Nov 2023 08:39:13 GMT
jquery.bxslider.css
wegotthiscovered.com/wp-content/themes/old-wgtc-theme/js/jquery/bxslider4.2.5/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://wegotthiscovered.com/wp-content/themes/old-wgtc-theme/js/jquery/bxslider4.2.5/jquery.bxslider.css
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.52.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7952a34f886e3cef6c4522009e3abebb3b7f8254955848f6ef064a915fa9ed23

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 04:00:51 GMT
content-encoding
br
cf-cache-status
HIT
age
1538489
cf-polished
origSize=4102
x-cache
miss
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-rq
yyz1 0 4 9980
cf-bgj
minify
last-modified
Thu, 10 Nov 2022 05:09:29 GMT
server
cloudflare
etag
W/"636c8789-1006"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=31536000
cf-ray
7749e093c980a8b0-SYD
expires
Fri, 17 Nov 2023 08:39:13 GMT
search.js
wegotthiscovered.com/wp-content/themes/old-wgtc-theme/js/ 		554 B
507 B 		Script
General
Check archive.org
Download Go to
Full URL
https://wegotthiscovered.com/wp-content/themes/old-wgtc-theme/js/search.js
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.52.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
507c27740d49f6b21e854adb09f4f2b4e482ce1e2d043e3d71d25a652543465d

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 04:00:51 GMT
content-encoding
br
cf-cache-status
HIT
age
1538489
cf-polished
origSize=720
x-cache
miss
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-rq
yyz1 0 4 9980
cf-bgj
minify
last-modified
Thu, 10 Nov 2022 05:09:29 GMT
server
cloudflare
etag
W/"636c8789-2d0"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
7749e093c981a8b0-SYD
expires
Fri, 17 Nov 2023 08:39:13 GMT
jquery.bxslider.js
wegotthiscovered.com/wp-content/themes/old-wgtc-theme/js/jquery/bxslider4.2.5/ 		33 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wegotthiscovered.com/wp-content/themes/old-wgtc-theme/js/jquery/bxslider4.2.5/jquery.bxslider.js?=4
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.52.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
51308cfc2cee270e6819ae124d2eb4eec815637c9ac20f0b4a44b20ff0c41689

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 04:00:51 GMT
content-encoding
br
cf-cache-status
HIT
age
1538489
cf-polished
origSize=65727
x-cache
hit
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-rq
yyz1 0 4 9980
cf-bgj
minify
last-modified
Tue, 08 Nov 2022 04:53:58 GMT
server
cloudflare
etag
W/"6369e0e6-100bf"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
7749e093c982a8b0-SYD
expires
Fri, 17 Nov 2023 08:39:13 GMT
lazyload.min.js
wegotthiscovered.com/wp-content/themes/old-wgtc-theme/js/lazyload/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wegotthiscovered.com/wp-content/themes/old-wgtc-theme/js/lazyload/lazyload.min.js
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.52.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e576f12e82c468567e420386b68476ff7045815976395bc6baad1a822c7368a7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 04:00:51 GMT
x-rq
yyz1 0 4 9980
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 10 Nov 2022 05:09:29 GMT
server
cloudflare
age
1538489
etag
W/"636c8789-d35"
vary
Accept-Encoding
x-cache
miss
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
7749e093c985a8b0-SYD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Fri, 17 Nov 2023 08:39:13 GMT
jquery.jcarousel-core.min.js
wegotthiscovered.com/wp-content/themes/old-wgtc-theme/js/jquery/ 		17 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wegotthiscovered.com/wp-content/themes/old-wgtc-theme/js/jquery/jquery.jcarousel-core.min.js
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.52.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d8ba6e00e79f5d4ffc5e3f634123c36823648e601c5d6465d27c65e7797d2807

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 04:00:51 GMT
x-rq
yyz1 0 4 9980
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 08 Nov 2022 04:53:58 GMT
server
cloudflare
age
1538489
etag
W/"6369e0e6-4435"
vary
Accept-Encoding
x-cache
hit
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
7749e093c986a8b0-SYD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Fri, 17 Nov 2023 08:39:13 GMT
jquery.viewport.js
wegotthiscovered.com/wp-content/themes/old-wgtc-theme/js/jquery/ 		1 KB
599 B 		Script
General
Check archive.org
Download Go to
Full URL
https://wegotthiscovered.com/wp-content/themes/old-wgtc-theme/js/jquery/jquery.viewport.js
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.52.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c51fffe2be6f1a72b6d297c12af42ddea28f64b60d1d75a7fe774114dd6942a3

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 04:00:51 GMT
content-encoding
br
cf-cache-status
HIT
age
1538489
x-cache
miss
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-rq
yyz1 0 4 9980
cf-bgj
minify
last-modified
Thu, 10 Nov 2022 05:09:29 GMT
server
cloudflare
etag
W/"636c8789-4b2"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
7749e093c987a8b0-SYD
expires
Fri, 17 Nov 2023 08:39:13 GMT
amp-form-0.1.js
cdn.ampproject.org/v0/ 		49 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-form-0.1.js
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
ba265c4a139c5ea673f32664fa85d066d95471c65a62a25aa7ea2394c022d89c
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Mon, 05 Dec 2022 04:00:52 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14978
x-xss-protection
0
server
sffe
etag
"a7247b2521b76921"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Mon, 05 Dec 2022 04:00:52 GMT
face3.js
wegotthiscovered.com/wp-content/themes/old-wgtc-theme/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wegotthiscovered.com/wp-content/themes/old-wgtc-theme/js/face3.js?v=4.90
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.52.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d709873b2dd3058fdb02f9325eb522bd13420e9aa57fa9d1c99723ce6947e517

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 04:00:51 GMT
content-encoding
br
cf-cache-status
HIT
age
1538489
cf-polished
origSize=5006
x-cache
miss
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-rq
yyz1 0 4 9980
cf-bgj
minify
last-modified
Thu, 10 Nov 2022 05:09:29 GMT
server
cloudflare
etag
W/"636c8789-138e"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
7749e093c988a8b0-SYD
expires
Fri, 17 Nov 2023 08:39:13 GMT
selectivizr-min.js
cdnjs.cloudflare.com/ajax/libs/selectivizr/1.0.2/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/selectivizr/1.0.2/selectivizr-min.js
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f1f17fea7cee4a9ae74981b2930b10a3aafd713f4564080def24e5fb8342a338
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 04:00:52 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
20322695
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2152
last-modified
Mon, 04 May 2020 16:16:11 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03fcb-12e4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jimE2ViSP0Aqutc0kCmn7aQoR1qnAaXfi13vqdX7k31bI2m1%2B3QjQwHLy03fuD9FCGtvCbRZrJyl%2BiEDrOV8SPBpSMx69Gj3kz5HFOsDCtOjTRIzBZPV8GeV%2F%2BGdOrEGVUnyXxzp"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7749e094fc695a9c-MEL
expires
Sat, 25 Nov 2023 04:00:52 GMT
modernizr-1.7.min.js
cdnjs.cloudflare.com/ajax/libs/modernizr/1.7/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/modernizr/1.7/modernizr-1.7.min.js
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
954e385ecd6ed2ab0cb91dc0333ea1b3cf1bdcfe309d4857e7181324cb8dc25b
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 04:00:52 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
453418
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3215
last-modified
Mon, 04 May 2020 16:13:26 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03f26-233d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e%2BYz7b12Q43KwDm9ndRY3F4CxmA48XzII5X29SP8tSccsjAD3WGqjOrzblUKF5CJ0JyR0cHlq5yJsabFSmsKUKunie5rI4eVloiOSD1NtgmdeTZKKLqZ1F4qNF0gwJnbnYJ4ouCH"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7749e094fc6b5a9c-MEL
expires
Sat, 25 Nov 2023 04:00:52 GMT
114526X1684673.skimlinks.js
s.skimresources.com/js/ 		49 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.skimresources.com/js/114526X1684673.skimlinks.js
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
AmazonS3 /
Resource Hash
10b9d688509666bd9712e877a397c9ea8354cf3725397f7d41cee8be1371829d

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 04:00:51 GMT
content-encoding
gzip
x-sp-metadata
HS256.CIP2tZwGEokBCiRiNzEyN2E2ZC1jZDQ1LTQ0MWUtOWU5OS05NzcwNzNmZTQ4MTcQsNrb5pK18AIaBgjz2bWcBiIOMTAzLjIwOS4yNTQuODMogKkDMAM4BEIWVExTX0FFU18xMjhfR0NNX1NIQTI1NlogM2U5YjIwNjEwMDk4YjZjOWJmZjk1Mzg1NmU1ODAxNmEaLAgBEiQxNDg0YmY2OS0zZmM4LTQzNGItOWY5Ni1lM2MxNTI5ZjZlYTYYspMB.NCOYQ83qpx2rTv8eZcD9BQgAlc0f8PJ1JS3qtrSE1yc=
last-modified
Tue, 30 Aug 2022 08:52:23 GMT
server
AmazonS3
x-amz-request-id
A0B6GMDQJKKNSQ3E
etag
"38e23d336c5a4e230698b2c54d1268e4"
x-hw
1670212851.cds004.me1.hn,1670212851.cds005.me1.c
content-type
application/octet-stream
cache-control
max-age=3600
accept-ranges
bytes
content-length
18866
x-amz-id-2
jMtl15nzZaQk8bfi0iqJqBvDxI+dv+YN307Zwc0hBr8PiFsRAyOKBPoFH8gVFrpCWqu5sj8EkUI=
vaafb692b2aea4879b33c060e79fe94621666317369993
static.cloudflareinsights.com/beacon.min.js/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.57.101 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0f48c5678ce459a596423b0e55344e7ad8eb3d3b1b27c54cd76a9d4cee7dd6c3

Request headers

Referer
https://wegotthiscovered.com/
Origin
https://wegotthiscovered.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 04:00:52 GMT
content-encoding
gzip
last-modified
Fri, 21 Oct 2022 01:56:09 GMT
server
cloudflare
etag
W/2022.10.1
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
7749e0972d1d3773-MEL
chartbeat.js
static.chartbeat.com/js/ 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.chartbeat.com/js/chartbeat.js
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.19.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-19-109.sin5.r.cloudfront.net
Software
nginx /
Resource Hash
cf5fe2149d8b73f111851ba945205c53ef4cb07e26ac3f2873265491aefa9bac

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 03:37:48 GMT
content-encoding
gzip
via
1.1 fb176da9df72832dd488674f28c0a880.cloudfront.net (CloudFront)
last-modified
Wed, 30 Nov 2022 01:35:48 GMT
server
nginx
x-amz-cf-pop
SIN5-C1
age
1384
etag
W/"6386b374-9343"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
max-age=7200
cross-origin-resource-policy
cross-origin
x-amz-cf-id
PmfGBXw-ufsIjHdmYYXxvDw5beJpRPu9mHJLFCIAcuUxTFM6x_4kaw==
expires
Mon, 05 Dec 2022 05:37:48 GMT
plow.lite.js
wegotthiscovered.com/ 		40 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wegotthiscovered.com/plow.lite.js
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.52.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f2b68c2435eda0b3e644072ac97ee5a6ba8314656c025612ca4226c5695789d5

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 04:00:51 GMT
content-encoding
br
server
cloudflare
cf-ray
7749e093c9caa8b0-SYD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
vary
Accept-Encoding
content-type
text/plain;charset=UTF-8
web-vitals.iife.js
unpkg.com/web-vitals@3.1.0/dist/
Redirect Chain
  • https://unpkg.com/web-vitals/dist/web-vitals.iife.js
  • https://unpkg.com/web-vitals@3.1.0/dist/web-vitals.iife.js
7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/web-vitals@3.1.0/dist/web-vitals.iife.js
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Server
104.16.124.175 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48c97b0cfa2e71392fa58921505b2b8aad8f7496cd049ba4331fca8e8db8c485
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 04:00:51 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
1651059
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01GHZ0GTQWW0WKVCBJ2SMV7R1Y-syd
server
cloudflare
etag
W/"1b9c-Ooy//WAzbji1e0z3xvTKf9F/+q0"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
7749e0947f353778-MEL

Redirect headers

date
Mon, 05 Dec 2022 04:00:51 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
fly-request-id
01GKG713XVRBHNSK5FMMKMF2FB-syd
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
67
vary
Accept, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
location
/web-vitals@3.1.0/dist/web-vitals.iife.js
cache-control
public, s-maxage=600, max-age=60
cf-ray
7749e093ce1d3778-MEL
gtm.js
www.googletagmanager.com/ 		220 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NWJQJXJ
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
6bf8bb7a4ff87c9951cc6ae6090eb35c99ab7e3a88a2876b06a27ad710a126c2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 04:00:52 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
75197
x-xss-protection
0
last-modified
Mon, 05 Dec 2022 03:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 05 Dec 2022 04:00:52 GMT
wegotthiscovered.min.js
global.proper.io/ 		36 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://global.proper.io/wegotthiscovered.min.js
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.78.34 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
654b64587ba484cd7a2e650fe5f94f707c6922c971f5342b5da7709d773a4cbe

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 04:00:52 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 23 Nov 2022 23:19:37 GMT
server
cloudflare
age
967199
etag
W/"637eaa89-9098"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=300
cf-ray
7749e098883adf9d-MEL
expires
Mon, 05 Dec 2022 04:05:52 GMT
beacon.js
sb.scorecardresearch.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-104.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 13:11:29 GMT
content-encoding
gzip
via
1.1 31d603b763553e4238110d07f30c186e.cloudfront.net (CloudFront)
last-modified
Tue, 28 Jun 2022 13:19:23 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P2
age
53375
x-amz-server-side-encryption
AES256
etag
W/"eaf85c1c6758e84acfe134efd70e9373"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
Kv04E_wtMmQaA66DVtZly_rErQDnHKrvGwt4mEDjnLrzR2GYhP1q0w==
atrk.js
certify-js.alexametrics.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://certify-js.alexametrics.com/atrk.js
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.155.68.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-155-68-100.sin52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5e84ce936bc3e3844a5d9efb3ac7d28107fa17234fa2a6c2bf3491fc284f0d4f

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date
Fri, 29 Apr 2022 18:31:32 GMT
Content-Encoding
gzip
Via
1.1 4376bdbc2156cdc5e55ce044165e0424.cloudfront.net (CloudFront)
Last-Modified
Tue, 27 Apr 2021 18:03:54 GMT
Server
AmazonS3
X-Amz-Cf-Pop
SIN52-P1
Age
18955761
ETag
W/"d89453438fbf10dcf4c13265c40d5160"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
X-Cache
Hit from cloudfront
Cache-Control
max-age=26920000
Connection
keep-alive
X-Amz-Cf-Id
YneIy9Iec0jcVuW82JCUG027phxZb9V_rL4BB9Y6p462chKXNStpyA==
fbevents.js
connect.facebook.net/en_US/ 		103 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.235.1 Singapore, Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-04-sin6.fbcdn.net
Software
/
Resource Hash
d5c905d7ce4679b183eb11f7c6811682ddffbf0f037590360ae2b1a84a51ef1b
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 05 Dec 2022 04:00:52 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27340
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
q+fTlcqMBeFvJ+a6IkVSlU6T20AjAL9aW0pec7bDSffiZ4/6ZeyrU864Nk1Z86w3ECOvVXfnf1oImSvJ5Qwitw==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
v2vrjgGqflcUvVGu3AjyLMOGAXT0bOhD9RGWW2u9n587yFk4ET7PnHt8X11-C5AsE
superficialeyes.com/ 		582 KB
100 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://superficialeyes.com/v2vrjgGqflcUvVGu3AjyLMOGAXT0bOhD9RGWW2u9n587yFk4ET7PnHt8X11-C5AsE
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.110.240.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
68.240.110.34.bc.googleusercontent.com
Software
/
Resource Hash
d51a01cb8bd93423b23bd54de6bde16242423fa25201e4cfe619d84db85f0793
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; preload
content-encoding
br
via
1.1 google
date
Mon, 05 Dec 2022 04:00:52 GMT
x-datacenter
gce-asia-east1
etag
"d03498bdc6a4e71bc94ede9c28bec2231b1fe79e9ac0a4c394d0ac7ce56d37bc"
x-buildname
hoothoot
vary
Accept-Encoding, Accept-Language
x-hostname
fen-hoothoot-asia-east1-spot-csvq
content-type
text/javascript; charset=utf-8
cache-control
private, must-revalidate, max-age=21600
x-buildnumber
694373797
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
v2jltJrHqG_ZP_OW2oPEQQcRZfkj9fqNRmQkea3mD7AYbCHJcxNiuERHPUOQvux6fk4xk5IkOGcpr5tMUUA
terrifictooth.com/ 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://terrifictooth.com/v2jltJrHqG_ZP_OW2oPEQQcRZfkj9fqNRmQkea3mD7AYbCHJcxNiuERHPUOQvux6fk4xk5IkOGcpr5tMUUA
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.110.189.112 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
112.189.110.34.bc.googleusercontent.com
Software
/
Resource Hash
ee1b9dfb4546d28ca1d25011350c95eac305f784d03c4de17fa799f7f3f94c31
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; preload
content-encoding
gzip
via
1.1 google
date
Mon, 05 Dec 2022 04:00:52 GMT
x-datacenter
gce-asia-east1
etag
"b56513cb97c3c8bcf640c2e07465663729546a0817d077fdf3524209544d8a96"
x-buildname
hoothoot
vary
Accept-Encoding, Accept-Language
x-hostname
fen-hoothoot-asia-east1-spot-csvq
content-type
text/javascript; charset=utf-8
cache-control
private, must-revalidate, max-age=21600
x-buildnumber
694373797
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
TK3IWkUHHAIjg75cFRf3bXL8LICs13Fv40pKlN4NNSeSASwcEWlWHYg.woff2
wegotthiscovered.com/fonts.gstatic.com/s/oswald/v49/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://wegotthiscovered.com/fonts.gstatic.com/s/oswald/v49/TK3IWkUHHAIjg75cFRf3bXL8LICs13Fv40pKlN4NNSeSASwcEWlWHYg.woff2
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.52.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
24559cb630d9fc7ad4c9c2ceb19663a2dacdc44af12c572d7f08a28e1e74218a

Request headers

Referer
https://wegotthiscovered.com/
Origin
https://wegotthiscovered.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 04:00:51 GMT
cf-cache-status
HIT
last-modified
Mon, 18 Jul 2022 19:23:35 GMT
server
cloudflare
age
1538313
vary
Accept-Encoding
content-type
font/woff2
cache-control
public, max-age=31536000
cf-apo-via
proxy
accept-ranges
bytes
cf-ray
7749e093c9cba8b0-SYD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
17928
expires
Wed, 15 Nov 2023 09:03:27 GMT
wgtc.woff2
wegotthiscovered.com/wp-content/themes/old-wgtc-theme/font/icons/ 		4 KB
4 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://wegotthiscovered.com/wp-content/themes/old-wgtc-theme/font/icons/wgtc.woff2?15410951
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.52.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c57c4d05d08dad65bc6935b48f240ba3b7a31897805b4def998917a8dcb6ad7

Request headers

Referer
https://wegotthiscovered.com/
Origin
https://wegotthiscovered.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 04:00:51 GMT
cf-cache-status
HIT
age
1538469
x-cache
hit
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-rq
yyz1 0 4 9980
last-modified
Tue, 15 Nov 2022 04:58:14 GMT
server
cloudflare
etag
W/"63731c66-10d0"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
max-age=31536000
cf-ray
7749e093c9cfa8b0-SYD
expires
Fri, 17 Nov 2023 08:39:13 GMT
z7NFdQDnbTkabZAIOl9il_O6KJj73e7Ff1GhDuXMRw.woff2
wegotthiscovered.com/fonts.gstatic.com/s/opensanscondensed/v23/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://wegotthiscovered.com/fonts.gstatic.com/s/opensanscondensed/v23/z7NFdQDnbTkabZAIOl9il_O6KJj73e7Ff1GhDuXMRw.woff2
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.52.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6b0b111ca14c2147a0f0cb51f1317290eb5ec19b4a9bea595a5ad7ffb7d9661a

Request headers

Referer
https://wegotthiscovered.com/
Origin
https://wegotthiscovered.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 04:00:51 GMT
cf-cache-status
HIT
last-modified
Tue, 19 Apr 2022 18:08:11 GMT
server
cloudflare
age
1538313
vary
Accept-Encoding
content-type
font/woff2
cache-control
public, max-age=31536000
cf-apo-via
proxy
accept-ranges
bytes
cf-ray
7749e093c9d0a8b0-SYD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
14964
expires
Wed, 15 Nov 2023 23:03:46 GMT
main-sprite.svg
wegotthiscovered.com/wp-content/themes/old-wgtc-theme/img/ 		8 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/themes/old-wgtc-theme/img/main-sprite.svg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/_static/??-eJyNj9EOwiAMRX9IbDBxyR6M34KMTZJCG1pc/Hu7PfnIC5dy72kL7OwiVU1VgbFvuQrs1BZuScQxccfQTEUFgkgyiWIR5qvpBf5wfaeSBAgXt28a3VmD6BfTYNZmMlXJn1Gg8xJ0NJzNts2Ph/M6iB3fLeiEYg7oXl3VWGOQ2tpxsMlq7nkc+Wd5+Gma/TTf7v4HapqP+g==
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.52.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a63e5cadd935b4e0f99d4e3813d01b5c71f7348fa8ada43d7e46ac9caa57939a

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/_static/??-eJyNj9EOwiAMRX9IbDBxyR6M34KMTZJCG1pc/Hu7PfnIC5dy72kL7OwiVU1VgbFvuQrs1BZuScQxccfQTEUFgkgyiWIR5qvpBf5wfaeSBAgXt28a3VmD6BfTYNZmMlXJn1Gg8xJ0NJzNts2Ph/M6iB3fLeiEYg7oXl3VWGOQ2tpxsMlq7nkc+Wd5+Gma/TTf7v4HapqP+g==
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 04:00:51 GMT
x-rq
yyz1 0 4 9980
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 15 Nov 2022 04:58:14 GMT
server
cloudflare
age
1538343
etag
W/"63731c66-1e33"
vary
Accept-Encoding
x-cache
hit
content-type
image/svg+xml
cache-control
max-age=31536000
cf-ray
7749e093f9d5a8b0-SYD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Fri, 17 Nov 2023 08:39:16 GMT
z7NFdQDnbTkabZAIOl9il_O6KJj73e7Ff0GmDuXMRw.woff2
wegotthiscovered.com/fonts.gstatic.com/s/opensanscondensed/v23/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://wegotthiscovered.com/fonts.gstatic.com/s/opensanscondensed/v23/z7NFdQDnbTkabZAIOl9il_O6KJj73e7Ff0GmDuXMRw.woff2
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.52.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0aa6a7045a55ddcb25bbee4d1edcb864081cf59f7fc9bdc1ada22a32ed4ad3ad

Request headers

Referer
https://wegotthiscovered.com/
Origin
https://wegotthiscovered.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 04:00:51 GMT
cf-cache-status
HIT
last-modified
Tue, 19 Apr 2022 18:08:32 GMT
server
cloudflare
age
1538313
vary
Accept-Encoding
content-type
font/woff2
cache-control
public, max-age=31536000
cf-apo-via
proxy
accept-ranges
bytes
cf-ray
7749e093f9dba8b0-SYD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
16324
expires
Wed, 15 Nov 2023 23:27:59 GMT
Kanye-Ye-West-Getty.jpg
wegotthiscovered.com/wp-content/uploads/2022/12/ 		86 KB
86 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/12/Kanye-Ye-West-Getty.jpg?w=900
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.52.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
04221e821cad47e91fc4e565c605b2a1be5096ca14a82ea9d1cb632004f43f90

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 04:00:51 GMT
cf-cache-status
HIT
age
9476
x-cache
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
87622
x-rq
yyz1 86 45 443
last-modified
Mon, 05 Dec 2022 00:04:49 GMT
server
cloudflare
etag
"f4163c86095090e5"
vary
Accept, Accept-Encoding
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
7749e09419e9a8b0-SYD
expires
Tue, 05 Dec 2023 00:04:49 GMT
Lady-Chatterleys-Lover.jpg
wegotthiscovered.com/wp-content/uploads/2022/12/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/12/Lady-Chatterleys-Lover.jpg?w=325&h=190&crop=1
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.52.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5a3f127c394608f08000422ae1fda55ea74a923675337c217bffd474027eaea0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 04:00:51 GMT
cf-cache-status
HIT
age
10757
x-cache
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
17934
x-rq
yyz1 87 107 443
last-modified
Sun, 04 Dec 2022 19:02:39 GMT
server
cloudflare
etag
"3fcccedea5257fce"
vary
Accept, Accept-Encoding
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
7749e09419eaa8b0-SYD
expires
Mon, 04 Dec 2023 19:02:39 GMT
geralt-of-rivia-fortnite.png
wegotthiscovered.com/wp-content/uploads/2022/12/ 		74 KB
75 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/12/geralt-of-rivia-fortnite.png?w=325&h=190&crop=1
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.52.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
19069d69ed1a6767e490923c9cbc08c18466583f0dfa9ab000942c77843b0e96

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 04:00:51 GMT
cf-cache-status
HIT
age
9476
x-cache
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
76050
x-rq
yyz1 91 52 443
last-modified
Mon, 05 Dec 2022 00:04:57 GMT
server
cloudflare
etag
"22f59bc739e5e76d"
vary
Accept, Accept-Encoding
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
7749e09419eda8b0-SYD
expires
Tue, 05 Dec 2023 00:04:57 GMT
blair-white.png
wegotthiscovered.com/wp-content/uploads/2022/12/ 		82 KB
83 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/12/blair-white.png?w=325&h=190&crop=1
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.52.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
66bedd8addee8463085b2f3dad53b4e44edc803af61577c7f6134d6b5f960eb6

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 04:00:51 GMT
cf-cache-status
HIT
age
10800
x-cache
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
84314
x-rq
yyz1 80 86 443
last-modified
Mon, 05 Dec 2022 00:15:50 GMT
server
cloudflare
etag
"aa0c451b939ff934"
vary
Accept, Accept-Encoding
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
7749e09419efa8b0-SYD
expires
Tue, 05 Dec 2023 00:15:50 GMT
daredevil-she-hulk.jpg
wegotthiscovered.com/wp-content/uploads/2022/12/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/12/daredevil-she-hulk.jpg?w=325&h=190&crop=1
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.52.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c985c8da99184f16fec592565784fc4fd1cc7c0b20b95ee3560c973420c0215

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 04:00:51 GMT
cf-cache-status
HIT
age
9476
x-cache
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
23532
x-rq
yyz1 80 130 443
last-modified
Sun, 04 Dec 2022 18:13:11 GMT
server
cloudflare
etag
"bb0a9f2a64726c58"
vary
Accept, Accept-Encoding
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
7749e09419f0a8b0-SYD
expires
Mon, 04 Dec 2023 18:13:11 GMT
dark-city.jpg
wegotthiscovered.com/wp-content/uploads/2022/12/ 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/12/dark-city.jpg?w=325&h=190&crop=1
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.52.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c13ab9c30909f332c35d43db8e9601d6eae5eb3dddadaf402a4ee21113d9a1a5

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 04:00:51 GMT
cf-cache-status
HIT
age
10801
x-cache
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
30616
x-rq
yyz1 80 130 443
last-modified
Sun, 04 Dec 2022 19:01:25 GMT
server
cloudflare
etag
"579b9f40681a9ee7"
vary
Accept, Accept-Encoding
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
7749e09419f1a8b0-SYD
expires
Mon, 04 Dec 2023 19:01:25 GMT
Reese-Witherspoon.jpg
wegotthiscovered.com/wp-content/uploads/2022/12/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/12/Reese-Witherspoon.jpg?w=325&h=190&crop=1
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.52.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c1344ac197d8708cbf3e03217434e4e284a17e7388a334743d5fca0a95edf0f4

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 04:00:51 GMT
cf-cache-status
HIT
age
9476
x-cache
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
13134
x-rq
yyz1 80 130 443
last-modified
Mon, 05 Dec 2022 00:15:50 GMT
server
cloudflare
etag
"1083df9c1f1e13ab"
vary
Accept, Accept-Encoding
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
7749e09419f2a8b0-SYD
expires
Tue, 05 Dec 2023 00:15:50 GMT
/
r.skimresources.com/api/ 		150 B
377 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://r.skimresources.com/api/
Requested by
Host: s.skimresources.com
URL: https://s.skimresources.com/js/114526X1684673.skimlinks.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.59.101 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
101.59.190.35.bc.googleusercontent.com
Software
openresty/1.19.9.1 /
Resource Hash
759dd846c7e5976373fc1fa9cde0bb0bb84435eb364957c53d324630ef6744e0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://wegotthiscovered.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Mon, 05 Dec 2022 04:00:52 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-encoding
gzip
server
openresty/1.19.9.1
via
1.1 google
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://wegotthiscovered.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
robots.txt
t.skimresources.com/api/v2/ Frame F0D3 		0
134 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.skimresources.com/api/v2/robots.txt?__skimjs_preflight__please_ignore__=true&rnd=0.014224673893084017
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.67.47 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
47.67.201.35.bc.googleusercontent.com
Software
Python/3.10 aiohttp/3.8.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 04:00:52 GMT
via
1.1 google
server
Python/3.10 aiohttp/3.8.3
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/plain charset=UTF-8
px.gif
p.skimresources.com/ 		43 B
276 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.skimresources.com/px.gif?ch=1&rn=1.0079773514382786
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.91.160 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
160.91.190.35.bc.googleusercontent.com
Software
Skimlinks Pixel 1.0 /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

p3p
policyref="http://skimlinks.com/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
date
Mon, 05 Dec 2022 04:00:52 GMT
via
1.1 google
server
Skimlinks Pixel 1.0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
content-type
image/gif
px.gif
p.skimresources.com/ 		43 B
102 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.skimresources.com/px.gif?ch=2&rn=1.0079773514382786
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.91.160 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
160.91.190.35.bc.googleusercontent.com
Software
Skimlinks Pixel 1.0 /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

p3p
policyref="http://skimlinks.com/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
date
Mon, 05 Dec 2022 04:00:52 GMT
via
1.1 google
server
Skimlinks Pixel 1.0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
content-type
image/gif
all.js
connect.facebook.net/en_US/ 		302 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/all.js?hash=e197c21540cdc3ed14b0bb2ccd9d702d
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js?ver=6.1.1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.235.1 Singapore, Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-04-sin6.fbcdn.net
Software
/
Resource Hash
bf3682135bca4b0c9662fd870a4eeb212edb93acf9452b028daf5361ca74659a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://wegotthiscovered.com/
Origin
https://wegotthiscovered.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 05 Dec 2022 04:00:52 GMT
content-md5
OSoNX/pj906hb02IqP0Hbg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
86738
x-fb-rlafr
0
x-fb-debug
djwTt6ep8xC9l60F3LrBdNwQIR/wcrmqs6nLZT9y7VjpfeOQi/F7ZFl3tFbNFvrGL2fqlgL+hXYOt2OejaPQaA==
x-fb-content-md5
db91f846d52c5c0b9006f5fc24fb1da7
cross-origin-opener-policy
same-origin-allow-popups
etag
"3b059371c1dcfc92e68d6ad5b678f3c0"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin
*
priority
u=3,i
expires
Tue, 05 Dec 2023 03:41:37 GMT
/
mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/ 		171 B
484 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/?host=wegotthiscovered.com&domain=wegotthiscovered.com&path=%2F
Requested by
Host: static.chartbeat.com
URL: https://static.chartbeat.com/js/chartbeat_mab.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.202 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d350d82a519c5fac452e82405846a81ec7a521c645567be99070ca8d613ac1ce

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

x-cache-hits
0
date
Mon, 05 Dec 2022 04:00:52 GMT
content-encoding
gzip
via
1.1 varnish (Varnish/6.0), 1.1 varnish
age
0
x-cache
MISS
cross-origin-resource-policy
cross-origin
content-length
130
x-served-by
cache-mel11230-MEL
x-timer
S1670212853.584954,VS0,VE246
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, s-maxage=0
accept-ranges
bytes
expires
Sat, 03 Dec 2022 04:00:52 GMT
ping
ping.chartbeat.net/ 		43 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ping.chartbeat.net/ping?h=wegotthiscovered.com&p=%2F&u=DsIiPMCGfG2qZ3Yfh&d=wegotthiscovered.com&g=66987&g0=No%20Section&g1=No%20Author&n=1&f=00001&c=0&x=0&m=0&y=8450&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=2743&t=C5zmK7BO7e9J3pGE5CMqop3BYoial&V=137&i=Movie%20News%2C%20Gaming%20News%2C%20Blu-Ray%20News%2C%20Music%20News%2C%20and%20TV%20News%20%7C%20We%20Got%20This%20Covered&tz=0&sn=1&sv=BuSEIKBkxyvyCM2FC_0l2s7DDILXe&sd=1&im=067b0fff&_
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.157.29.40 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-157-29-40.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 05 Dec 2022 04:00:53 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
g.gif
pixel.wp.com/ 		50 B
93 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.wp.com/g.gif?v=ext&blog=210963106&post=0&tz=-5&srv=wegotthiscovered.com&hp=vip&j=1%3A11.5.1&host=wegotthiscovered.com&ref=&fcp=2104&rand=0.45067366834566625
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 05 Dec 2022 04:00:52 GMT
cache-control
no-cache
server
nginx
content-length
50
content-type
image/gif
ajax-loader-2.gif
wegotthiscovered.com/wp-content/themes/old-wgtc-theme/img/ 		613 B
925 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/themes/old-wgtc-theme/img/ajax-loader-2.gif
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/_static/??-eJyNj9EOwiAMRX9IbDBxyR6M34KMTZJCG1pc/Hu7PfnIC5dy72kL7OwiVU1VgbFvuQrs1BZuScQxccfQTEUFgkgyiWIR5qvpBf5wfaeSBAgXt28a3VmD6BfTYNZmMlXJn1Gg8xJ0NJzNts2Ph/M6iB3fLeiEYg7oXl3VWGOQ2tpxsMlq7nkc+Wd5+Gma/TTf7v4HapqP+g==
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.52.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5e9e8ae4b52da14c2647bcd0d9697ccb862c5e8cf6f617bbecb1153beb33e950

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/_static/??-eJyNj9EOwiAMRX9IbDBxyR6M34KMTZJCG1pc/Hu7PfnIC5dy72kL7OwiVU1VgbFvuQrs1BZuScQxccfQTEUFgkgyiWIR5qvpBf5wfaeSBAgXt28a3VmD6BfTYNZmMlXJn1Gg8xJ0NJzNts2Ph/M6iB3fLeiEYg7oXl3VWGOQ2tpxsMlq7nkc+Wd5+Gma/TTf7v4HapqP+g==
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 04:00:52 GMT
cf-cache-status
HIT
age
1537453
cf-polished
origSize=673, status=webp_bigger
x-cache
hit
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
613
x-rq
yyz1 0 4 9980
cf-bgj
imgq:100,h2pri
last-modified
Tue, 08 Nov 2022 04:53:57 GMT
server
cloudflare
etag
W/"6369e0e5-2a1"
vary
Accept-Encoding
content-type
image/gif
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
7749e0985e79a8b0-SYD
expires
Fri, 17 Nov 2023 08:39:55 GMT
carousel-ctrls.svg
wegotthiscovered.com/wp-content/themes/old-wgtc-theme/img/ 		750 B
692 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/themes/old-wgtc-theme/img/carousel-ctrls.svg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/_static/??-eJyNj9EOwiAMRX9IbDBxyR6M34KMTZJCG1pc/Hu7PfnIC5dy72kL7OwiVU1VgbFvuQrs1BZuScQxccfQTEUFgkgyiWIR5qvpBf5wfaeSBAgXt28a3VmD6BfTYNZmMlXJn1Gg8xJ0NJzNts2Ph/M6iB3fLeiEYg7oXl3VWGOQ2tpxsMlq7nkc+Wd5+Gma/TTf7v4HapqP+g==
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.52.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3cbfa45685b4ad91c14f3256742155082ef47dc59fb6838faff5329877c5ad9d

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/_static/??-eJyNj9EOwiAMRX9IbDBxyR6M34KMTZJCG1pc/Hu7PfnIC5dy72kL7OwiVU1VgbFvuQrs1BZuScQxccfQTEUFgkgyiWIR5qvpBf5wfaeSBAgXt28a3VmD6BfTYNZmMlXJn1Gg8xJ0NJzNts2Ph/M6iB3fLeiEYg7oXl3VWGOQ2tpxsMlq7nkc+Wd5+Gma/TTf7v4HapqP+g==
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 04:00:52 GMT
x-rq
yyz1 0 4 9980
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 15 Nov 2022 04:58:14 GMT
server
cloudflare
age
1537453
etag
W/"63731c66-2ee"
vary
Accept-Encoding
x-cache
hit
content-type
image/svg+xml
cache-control
max-age=31536000
cf-ray
7749e0985e83a8b0-SYD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Fri, 17 Nov 2023 08:39:55 GMT
page
t.skimresources.com/api/v2/ 		22 B
343 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.skimresources.com/api/v2/page
Requested by
Host: s.skimresources.com
URL: https://s.skimresources.com/js/114526X1684673.skimlinks.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.67.47 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
47.67.201.35.bc.googleusercontent.com
Software
Python/3.10 aiohttp/3.8.3 /
Resource Hash
fcc83a5b6aef86420c1ad553167106df96bd0ff4192ffe52b1647599948edbcf
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://wegotthiscovered.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Mon, 05 Dec 2022 04:00:52 GMT
via
1.1 google
x-content-type-options
nosniff
server
Python/3.10 aiohttp/3.8.3
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain; charset=utf-8, application/javascript
access-control-allow-origin
https://wegotthiscovered.com
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
content-length
22
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
latest.js
global.proper.io/payloads/ 		553 KB
139 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://global.proper.io/payloads/latest.js
Requested by
Host: global.proper.io
URL: https://global.proper.io/wegotthiscovered.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.78.34 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
859a885aa32847000c002c0bce5c07ff72d2958242524ce7e42796965f2f6166

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 04:00:52 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 22 Nov 2022 17:09:31 GMT
server
cloudflare
age
1071205
etag
W/"637d024b-8a3ec"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=300
cf-ray
7749e099795ddf9d-MEL
expires
Mon, 05 Dec 2022 04:05:52 GMT
px.gif
abcheck.proper.io/ 		842 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://abcheck.proper.io/px.gif?ch=1&rn=9.11723503635853
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.78.34 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48d611c460406f0653185a1447f5bf797eec3afa7c080b74205f4a8ea2729f3c

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 04:00:53 GMT
cf-cache-status
MISS
last-modified
Thu, 06 Jan 2022 18:51:44 GMT
server
cloudflare
x-amz-request-id
GZV4V86NNV5BBX8A
etag
"04b36c8411ae7bf7a8c369fa94b30e56"
vary
Accept-Encoding
content-type
image/gif
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
7749e09adb42df9d-MEL
content-length
842
x-amz-id-2
XyM35V6+VPoilHUeBL13OPv/y5C5ke5uYvCBnK6d1MDryJta/da9BdYHqgO51TJhwdChj+eHKMA=
expires
Mon, 05 Dec 2022 08:00:53 GMT
px.gif
abcheck.proper.io/ 		842 B
982 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://abcheck.proper.io/px.gif?ch=2&rn=9.11723503635853
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.78.34 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48d611c460406f0653185a1447f5bf797eec3afa7c080b74205f4a8ea2729f3c

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 04:00:53 GMT
cf-cache-status
MISS
last-modified
Thu, 06 Jan 2022 18:51:44 GMT
server
cloudflare
x-amz-request-id
GZV2PC733BJRCXKT
etag
"04b36c8411ae7bf7a8c369fa94b30e56"
vary
Accept-Encoding
content-type
image/gif
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
7749e09b0b73df9d-MEL
content-length
842
x-amz-id-2
6ZxpIHjDuDK+bXush/jtSlcfWIEm3I1/bJEkicAx9dyzrfRB+ZMwNnlwG9xOoXtw3nL5QDyV66k=
expires
Mon, 05 Dec 2022 08:00:53 GMT
pubads_impl_2022112901.js
securepubads.g.doubleclick.net/gpt/ 		384 KB
130 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022112901.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
sffe /
Resource Hash
7ec70108a49369dc3f73734dacf94050c28049d32fe708c968782483ae8cabda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 15:54:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
129954
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
133261
x-xss-protection
0
last-modified
Tue, 29 Nov 2022 09:37:49 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 03 Dec 2023 15:54:59 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		436 B
198 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=wegotthiscovered.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
cafe /
Resource Hash
6a2e81445d96198a101d10b8e84f27f0d5e393efe23ef8c18514a6369ff5f0d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 04:00:53 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
173
x-xss-protection
0
expires
Mon, 05 Dec 2022 04:00:53 GMT
tp2
spc.wegotthiscovered.com//com.snowplowanalytics.snowplow/ 		2 B
20 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://spc.wegotthiscovered.com//com.snowplowanalytics.snowplow/tp2
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/plow.lite.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.157.206 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
206.157.120.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://wegotthiscovered.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

date
Mon, 05 Dec 2022 04:00:53 GMT
via
1.1 google
server
Google Frontend
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-origin
https://wegotthiscovered.com
x-cloud-trace-context
c09e735cd7881c4eaf13517845663e2e
access-control-allow-credentials
true
content-type
text/plain; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
tp2
spc.wegotthiscovered.com//com.snowplowanalytics.snowplow/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://spc.wegotthiscovered.com//com.snowplowanalytics.snowplow/tp2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.157.206 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
206.157.120.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://wegotthiscovered.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, SP-Anonymous
access-control-allow-origin
https://wegotthiscovered.com
access-control-max-age
5
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Mon, 05 Dec 2022 04:00:53 GMT
server
Google Frontend
via
1.1 google
x-cloud-trace-context
2ae91ff739c27b5a12f76cec9b36e8fa
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211150101/ 		354 KB
116 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211150101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9356934496955375
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f156.1e100.net
Software
cafe /
Resource Hash
761c8f2cf9cd5684baccb1d915d895566f11d67878ef27c62eab106fa77600ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 04:00:53 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119170
x-xss-protection
0
server
cafe
etag
6873720482102716235
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Mon, 05 Dec 2022 04:00:53 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/ Frame 2017 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9356934496955375
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f154.1e100.net
Software
cafe /
Resource Hash
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wegotthiscovered.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
10245
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
br
content-length
4242
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 05 Dec 2022 01:10:08 GMT
etag
10353107486223812946
expires
Mon, 19 Dec 2022 01:10:08 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
js
www.googletagmanager.com/gtag/ 		216 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-VRDHJCSX1H&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-17178859-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
75bf480ea6d50239a3dbdceb0f5dcea88a5bfd1aeddf485898d9f9d470916bb4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 04:00:53 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
76900
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Mon, 05 Dec 2022 04:00:53 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-17178859-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.101 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f101.1e100.net
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 05 Dec 2022 02:39:11 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
4902
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Mon, 05 Dec 2022 04:39:11 GMT
226866098399083
connect.facebook.net/signals/config/ 		293 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/226866098399083?v=2.9.89&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.235.1 Singapore, Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-04-sin6.fbcdn.net
Software
/
Resource Hash
147115ce7aa4a4b2960cc9a0272e384211f1ab74f80b4125b986c6c6061d8d74
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 05 Dec 2022 04:00:53 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
86061
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
UvVW0LJ5b+FF2gA3fB47D6sTXfE7/OeKDKKHyHO6D9/CLRo1nTGO8ukk7cH2aXFAQKVMJ87Nbo2gCsgHlDFQDQ==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
atrk.gif
certify.alexametrics.com/ 		0
0
x.png
redirect.prod.experiment.routing.cloudfront.aws.a2z.com/ 		0
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://redirect.prod.experiment.routing.cloudfront.aws.a2z.com/x.png
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.218.39.25 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-218-39-25.us-east-2.compute.amazonaws.com
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 04:00:53 GMT
server
Server
quant.js
secure.quantserve.com/ 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.229.10.211 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
275094aa5d73cd24d848e78f0c41c33d9fd61a09d97b9976e5e707dfd24ada00

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 04:00:53 GMT
content-encoding
gzip
etag
"nAbmxtqHqaYrwBiADJAeFg=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Mon, 12 Dec 2022 04:00:53 GMT
apstag.js
d3div1mtym39ic.cloudfront.net/aax2/
Redirect Chain
  • https://c.amazon-adsystem.com/aax2/apstag.js
  • https://d3div1mtym39ic.cloudfront.net/aax2/apstag.js
178 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3div1mtym39ic.cloudfront.net/aax2/apstag.js
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Server
13.33.100.164 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-100-164.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c77c73031f12ad805be49f065989e35ee84cdeaba71e1b64c650732c921409df

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 03:37:09 GMT
content-encoding
gzip
via
1.1 f376d87611123aa47c006262522a6a94.cloudfront.net (CloudFront)
last-modified
Wed, 09 Nov 2022 20:51:50 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P2
age
1426
x-amz-server-side-encryption
AES256
etag
W/"fa24fe2b94a2fc864b1ec67f32e8db32"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-id
TSnik6U07ZWvhAbaljh9agb_6VzHum6sSAagE6qUNPArDR2z6gxTmQ==

Redirect headers

date
Sun, 04 Dec 2022 22:47:38 GMT
via
1.1 26d217ae6e701acdff710e730b58288a.cloudfront.net (CloudFront), 1.1 daab5b369e744b6004b3b934cdef659c.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
SIN2-P2, SIN2-P1
age
18795
x-cache
Hit from cloudfront
content-type
text/html
location
https://d3div1mtym39ic.cloudfront.net/aax2/apstag.js
content-length
167
x-amz-cf-id
1wHDr7UABTWCCJvCG2baFNGJQ7cV84ZtuK1jENm7O2UXMmwFMUVXFg==
usersync
usync.proper.io/v1/
Redirect Chain
  • https://ce.lijit.com/merge?pid=263069&3pid=82fc80b8-8ecd-44cf-b189-b9a1bbbc2664&location=https%3A%2F%2Fusync.proper.io%2Fv1%2Fusersync%3Fbidder%3Dsovrn%26proper_uid%3D82fc80b8-8ecd-44cf-b189-b9a1bb...
  • https://ce.lijit.com/merge?pid=263069&3pid=82fc80b8-8ecd-44cf-b189-b9a1bbbc2664&location=https%3A%2F%2Fusync.proper.io%2Fv1%2Fusersync%3Fbidder%3Dsovrn%26proper_uid%3D82fc80b8-8ecd-44cf-b189-b9a1bb...
  • https://usync.proper.io/v1/usersync?bidder=sovrn&proper_uid=82fc80b8-8ecd-44cf-b189-b9a1bbbc2664&uid=Fw2QCRZHu3v1r7TzQW6rTsLw
167 B
361 B 		Script
General
Check archive.org
Download Go to
Full URL
https://usync.proper.io/v1/usersync?bidder=sovrn&proper_uid=82fc80b8-8ecd-44cf-b189-b9a1bbbc2664&uid=Fw2QCRZHu3v1r7TzQW6rTsLw
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Server
44.235.177.172 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-235-177-172.us-west-2.compute.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
1e0b113b4cf760f1956e7f788e46afd93c62744845aade722ed12163d0fba897

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 05 Dec 2022 04:00:54 GMT
server
nginx/1.18.0
content-length
167
content-type
text/javascript

Redirect headers

Pragma
no-cache
Date
Mon, 05 Dec 2022 04:00:53 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Location
https://usync.proper.io/v1/usersync?bidder=sovrn&proper_uid=82fc80b8-8ecd-44cf-b189-b9a1bbbc2664&uid=Fw2QCRZHu3v1r7TzQW6rTsLw
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2sfo1
Content-Length
0
Expires
Fri, 20 Mar 2009 00:00:00 GMT
cookie
cm.adform.net/
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?cb=https%3A%2F%2Fusync.proper.io%2Fv1%2Fusersync%3Fbidder%3Dadaptmx%26proper_uid%3D82fc80b8-8ecd-44cf-b189-b9a1bbbc2664%26uid%3D&&callback=window.proper_7f387311_7d...
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F4471%3Fgdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26A%3Df33dd133-4dbf-4af7-844a-20b520c1ea9f%26bidder%3Dappnexus%26cbx%3DaHR0...
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fprebid.a-mo.net%252Fcchain%252F0%252F4471%253Fgdpr%253D%2526gdpr_consent%253D%2526us_privacy%253D%2526A%253Df33dd133-4dbf-4af7-844a-20b52...
  • https://prebid.a-mo.net/cchain/0/4471?gdpr=&gdpr_consent=&us_privacy=&A=f33dd133-4dbf-4af7-844a-20b520c1ea9f&bidder=appnexus&cbx=aHR0cHM6Ly91c3luYy5wcm9wZXIuaW8vdjEvdXNlcnN5bmM_YmlkZGVyPWFkYXB0bXgm...
  • https://cm.adform.net/cookie?gdpr=0&gdpr_consent=&redirect_url=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F1%2F4471%3Fgdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26A%3Df33dd133-4dbf-4af7-844a-20b520c1ea...
43 B
106 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cm.adform.net/cookie?gdpr=0&gdpr_consent=&redirect_url=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F1%2F4471%3Fgdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26A%3Df33dd133-4dbf-4af7-844a-20b520c1ea9f%26bidder%3Dadform%26cbx%3DaHR0cHM6Ly91c3luYy5wcm9wZXIuaW8vdjEvdXNlcnN5bmM_YmlkZGVyPWFkYXB0bXgmcHJvcGVyX3VpZD04MmZjODBiOC04ZWNkLTQ0Y2YtYjE4OS1iOWExYmJiYzI2NjQmdWlkPQ%253D%253D%26uid%3D%24UID
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Server
37.157.4.41 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
f4eef8263281c0b26486637831251059757bc3fdc4c3a48045a8ef8646b36e8f

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 04:00:55 GMT
server
nginx
content-length
43
content-type
image/gif

Redirect headers

location
https://cm.adform.net/cookie?gdpr=0&gdpr_consent=&redirect_url=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F1%2F4471%3Fgdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26A%3Df33dd133-4dbf-4af7-844a-20b520c1ea9f%26bidder%3Dadform%26cbx%3DaHR0cHM6Ly91c3luYy5wcm9wZXIuaW8vdjEvdXNlcnN5bmM_YmlkZGVyPWFkYXB0bXgmcHJvcGVyX3VpZD04MmZjODBiOC04ZWNkLTQ0Y2YtYjE4OS1iOWExYmJiYzI2NjQmdWlkPQ%253D%253D%26uid%3D%24UID
date
Mon, 05 Dec 2022 04:00:54 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
6
server
envoy
content-length
0
usersync
usync.proper.io/v1/
Redirect Chain
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fusync.proper.io%2Fv1%2Fusersync%3Fbidder%3Dmediagrid%26proper_uid%3D82fc80b8-8ecd-44cf-b189-b9a1bbbc2664%26uid%3D%24%7BBSW_UUID%7D?&callback=window....
  • https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fusync.proper.io%2Fv1%2Fusersync%3Fbidder%3Dmediagrid%26proper_uid%3D82fc80b8-8ecd-44cf-b189-b9a1bbbc2664%26uid%3D%24%7BBSW_UUID%7D?&callback=w...
  • https://usync.proper.io/v1/usersync?bidder=mediagrid&proper_uid=82fc80b8-8ecd-44cf-b189-b9a1bbbc2664&uid=80b35f2d-fa1a-47da-9010-64e13e84dcaf
183 B
386 B 		Script
General
Check archive.org
Download Go to
Full URL
https://usync.proper.io/v1/usersync?bidder=mediagrid&proper_uid=82fc80b8-8ecd-44cf-b189-b9a1bbbc2664&uid=80b35f2d-fa1a-47da-9010-64e13e84dcaf
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Server
44.235.177.172 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-235-177-172.us-west-2.compute.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
2c31481264886d365d646d49ee106192996e226f0198ffb81a5beab367afc8c7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 05 Dec 2022 04:00:54 GMT
server
nginx/1.18.0
content-length
183
content-type
text/javascript

Redirect headers

Location
https://usync.proper.io/v1/usersync?bidder=mediagrid&proper_uid=82fc80b8-8ecd-44cf-b189-b9a1bbbc2664&uid=80b35f2d-fa1a-47da-9010-64e13e84dcaf
Date
Mon, 05 Dec 2022 04:00:53 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
445.json
id5-sync.com/g/v2/ 		461 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/445.json
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.116 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533567.ip-162-19-138.eu
Software
/
Resource Hash
f8e873797c0f7edb197ed1d8c9747a14287f064f81f8c955b71f4397570b5cb3
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://wegotthiscovered.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 05 Dec 2022 04:00:53 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://wegotthiscovered.com
p3p
CP="CAO PSA OUR"
access-control-allow-credentials
true
envelope
api.rlcdn.com/api/identity/ 		0
256 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.rlcdn.com/api/identity/envelope?pid=72
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.155.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
137.155.120.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 04:00:53 GMT
via
1.1 google
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://wegotthiscovered.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-headers
Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
content-length
0
bidding
bids.proper.io/api/ 		0
171 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bids.proper.io/api/bidding
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.37.90.245 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-37-90-245.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://wegotthiscovered.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 05 Dec 2022 04:00:54 GMT
Connection
keep-alive
Content-Length
0
Content-Type
application/octet-stream
main.js
player.propervideo.io/new_rtp/ 		125 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.propervideo.io/new_rtp/main.js
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.158.234 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
66eec5ff1f5907c3bfb3d9fc41b7a9dba1cb34f81ee6cd1dc5f07da29ba5e977

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 04:00:53 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Tue, 06 Sep 2022 22:53:16 GMT
server
cloudflare
age
463347
cf-polished
origSize=191558
etag
W/"6317cf5c-2ec46"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=300
cf-ray
7749e09f681adf81-MEL
expires
Mon, 05 Dec 2022 04:05:53 GMT
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.250.173.68 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-250-173-68.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://wegotthiscovered.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://wegotthiscovered.com
access-control-max-age
600
age
0
content-length
0
date
Mon, 05 Dec 2022 04:00:53 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.250.173.68 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-250-173-68.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://wegotthiscovered.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://wegotthiscovered.com
access-control-max-age
600
age
0
content-length
0
date
Mon, 05 Dec 2022 04:00:53 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.250.173.68 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-250-173-68.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://wegotthiscovered.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://wegotthiscovered.com
access-control-max-age
600
age
0
content-length
0
date
Mon, 05 Dec 2022 04:00:53 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.250.173.68 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-250-173-68.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://wegotthiscovered.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://wegotthiscovered.com
access-control-max-age
600
age
0
content-length
0
date
Mon, 05 Dec 2022 04:00:53 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.250.173.68 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-250-173-68.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://wegotthiscovered.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://wegotthiscovered.com
access-control-max-age
600
age
0
content-length
0
date
Mon, 05 Dec 2022 04:00:53 GMT
server
ATS/9.1.10.25
translator
hbopenbid.pubmatic.com/ 		0
63 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.193 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://wegotthiscovered.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://wegotthiscovered.com
date
Mon, 05 Dec 2022 04:00:53 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cygnus
htlb.casalemedia.com/ 		58 B
610 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=684068&r=%7B%22id%22%3A%22cf3f2401-b788-4853-8f50-74d47d71b520%22%2C%22site%22%3A%7B%22ref%22%3A%22%22%2C%22page%22%3A%22https%3A%2F%2Fwegotthiscovered.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22sn%22%3A0%2C%22ls%22%3Atrue%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22728x90-1-wtoTs%22%2C%22bidfloor%22%3A0.1%2C%22bidfloorcur%22%3A%22USD%22%2C%22ext%22%3A%7B%22sid%22%3A%22728x90-1-wtoTs%22%2C%22siteID%22%3A%22684068%22%7D%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22bidfloor%22%3A0.1%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%22728x90-2-QW8uo%22%2C%22bidfloor%22%3A0.1%2C%22bidfloorcur%22%3A%22USD%22%2C%22ext%22%3A%7B%22sid%22%3A%22728x90-2-QW8uo%22%2C%22siteID%22%3A%22684068%22%7D%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22bidfloor%22%3A0.1%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%22970x90-1-1jfru%22%2C%22bidfloor%22%3A0.1%2C%22bidfloorcur%22%3A%22USD%22%2C%22ext%22%3A%7B%22sid%22%3A%22970x90-1-1jfru%22%2C%22siteID%22%3A%22684068%22%7D%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A970%2C%22h%22%3A90%2C%22ext%22%3A%7B%22bidfloor%22%3A0.1%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%22300x250-1-nDrq3%22%2C%22bidfloor%22%3A0.1%2C%22bidfloorcur%22%3A%22USD%22%2C%22ext%22%3A%7B%22sid%22%3A%22300x250-1-nDrq3%22%2C%22siteID%22%3A%22684068%22%7D%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22bidfloor%22%3A0.1%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%22300x250-2-1fv1S%22%2C%22bidfloor%22%3A0.1%2C%22bidfloorcur%22%3A%22USD%22%2C%22ext%22%3A%7B%22sid%22%3A%22300x250-2-1fv1S%22%2C%22siteID%22%3A%22684068%22%7D%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22bidfloor%22%3A0.1%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%22300x250-3-w2fsk%22%2C%22bidfloor%22%3A0.1%2C%22bidfloorcur%22%3A%22USD%22%2C%22ext%22%3A%7B%22sid%22%3A%22300x250-3-w2fsk%22%2C%22siteID%22%3A%22684068%22%7D%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22bidfloor%22%3A0.1%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%22300x250-4-HK0VC%22%2C%22bidfloor%22%3A0.1%2C%22bidfloorcur%22%3A%22USD%22%2C%22ext%22%3A%7B%22sid%22%3A%22300x250-4-HK0VC%22%2C%22siteID%22%3A%22684068%22%7D%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22bidfloor%22%3A0.1%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%22300x600-1-4YBM6%22%2C%22bidfloor%22%3A1%2C%22bidfloorcur%22%3A%22USD%22%2C%22ext%22%3A%7B%22sid%22%3A%22300x600-1-4YBM6%22%2C%22siteID%22%3A%22684068%22%7D%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A600%2C%22ext%22%3A%7B%22bidfloor%22%3A1%7D%7D%5D%7D%7D%5D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2282fc80b8-8ecd-44cf-b189-b9a1bbbc2664%22%7D%5D%7D%5D%7D%2C%22source%22%3A%7B%22tid%22%3A%22deff781b-042b-4603-9a9b-7a89662aa8aa%22%2C%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22nodes%22%3A%5B%7B%22hp%22%3A1%2C%22asi%22%3A%22proper.io%22%2C%22sid%22%3A%2209983aa5-787b-11eb-8272-06ef03bc0096%22%7D%5D%2C%22complete%22%3A1%7D%7D%7D%7D&v=7.2&ac=j&sd=1
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1358406cab97e777be8c5affde570ff240af3aec862103e913011338b66ba7f7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Dec 2022 04:00:53 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CiLc3yVQAxXC5oQ1NiEeUP4Uja5De6KHtkOmkmVTBBtvwKHTuOoO%2B5pQEeVhtLe0tRTmG%2BUVrqZE3B5567U9ARsPnj1qGhNKNOTEdHyWGcnJsSE4IWZxoLJlWIb2lpaHO6pr8XBN"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://wegotthiscovered.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7749e09daeed5a8b-MEL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
0
avjp
propermedia-d.openx.net/v/1.0/ 		106 B
296 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://propermedia-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwegotthiscovered.com%2F&ch=UTF-8&res=1600x1200x24&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=ca7d873f-25be-4d3b-a6da-9f65c5155025&pubcid=82fc80b8-8ecd-44cf-b189-b9a1bbbc2664&nocache=1670212853137&auid=557731210&aumfs=1000&vwd=400&vht=300&vmimes=video%2Fmp4%2Capplication%2Fjavascript&openrtb=%5Bobject%20Object%5D&vos=101&schain=1.0%2C1!proper.io%2C09983aa5-787b-11eb-8272-06ef03bc0096%2C1&x_gdpr_f=1&_pubcid=82fc80b8-8ecd-44cf-b189-b9a1bbbc2664
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Dec 2022 04:00:53 GMT
via
1.1 google
server
OXGW/0.0.0
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://wegotthiscovered.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
avjp
propermedia-d.openx.net/v/1.0/ 		106 B
510 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://propermedia-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwegotthiscovered.com%2F&ch=UTF-8&res=1600x1200x24&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=c33c245c-5cf1-446b-8ee7-c7dfd575f5cb&pubcid=82fc80b8-8ecd-44cf-b189-b9a1bbbc2664&nocache=1670212853138&auid=557731212&aumfs=1000&vwd=400&vht=300&vmimes=video%2Fmp4%2Capplication%2Fjavascript&openrtb=%5Bobject%20Object%5D&vos=101&schain=1.0%2C1!proper.io%2C09983aa5-787b-11eb-8272-06ef03bc0096%2C1&x_gdpr_f=1&_pubcid=82fc80b8-8ecd-44cf-b189-b9a1bbbc2664
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Dec 2022 04:00:53 GMT
via
1.1 google
server
OXGW/0.0.0
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://wegotthiscovered.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
468 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.250.173.68 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-250-173-68.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
745f607e6360daa1987c11a41b787694cb546f5705b76721d9ae434c90e7cefd

Request headers

Referer
https://wegotthiscovered.com/
x-openrtb-version
2.5
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 05 Dec 2022 04:00:54 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://wegotthiscovered.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
264 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.250.173.68 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-250-173-68.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
745f607e6360daa1987c11a41b787694cb546f5705b76721d9ae434c90e7cefd

Request headers

Referer
https://wegotthiscovered.com/
x-openrtb-version
2.5
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 05 Dec 2022 04:00:54 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://wegotthiscovered.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
264 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.250.173.68 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-250-173-68.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
745f607e6360daa1987c11a41b787694cb546f5705b76721d9ae434c90e7cefd

Request headers

Referer
https://wegotthiscovered.com/
x-openrtb-version
2.5
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 05 Dec 2022 04:00:54 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://wegotthiscovered.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
265 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.250.173.68 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-250-173-68.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
745f607e6360daa1987c11a41b787694cb546f5705b76721d9ae434c90e7cefd

Request headers

Referer
https://wegotthiscovered.com/
x-openrtb-version
2.5
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 05 Dec 2022 04:00:54 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://wegotthiscovered.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
264 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.250.173.68 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-250-173-68.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
745f607e6360daa1987c11a41b787694cb546f5705b76721d9ae434c90e7cefd

Request headers

Referer
https://wegotthiscovered.com/
x-openrtb-version
2.5
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 05 Dec 2022 04:00:54 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://wegotthiscovered.com
access-control-allow-credentials
true
content-length
66
imp
g2.gumgum.com/hbid/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?pi=3&lt=1670212853144&t=mluwmihh&maxw=728&maxh=90&si=302235&bf=728x90&fp=0.1&fpc=USD&pubcid=82fc80b8-8ecd-44cf-b189-b9a1bbbc2664&schain=1.0%2C1!proper.io%2C09983aa5-787b-11eb-8272-06ef03bc0096%2C1%2C5fee5b27-a8ff-4036-801c-17a4672e8cb4%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwegotthiscovered.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%227.22.0%22%7D&ogu=https%3A%2F%2Fwegotthiscovered.com%2F&ns=9626&_t=Mon%20Dec%2005%202022%2004:00:53%20GMT+0000%20(GMT)
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.199.211.51 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-199-211-51.ap-northeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
ae78d17708323caaf2efe8257ae5bcb3b73554e3b4d49014141fd5aef375b5fc

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Dec 2022 04:00:53 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://wegotthiscovered.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
imp
g2.gumgum.com/hbid/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?pi=3&lt=1670212853145&t=mluwmihh&maxw=728&maxh=90&si=302236&bf=728x90&fp=0.1&fpc=USD&pubcid=82fc80b8-8ecd-44cf-b189-b9a1bbbc2664&schain=1.0%2C1!proper.io%2C09983aa5-787b-11eb-8272-06ef03bc0096%2C1%2C5fee5b27-a8ff-4036-801c-17a4672e8cb4%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwegotthiscovered.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%227.22.0%22%7D&ogu=https%3A%2F%2Fwegotthiscovered.com%2F&ns=9626&_t=Mon%20Dec%2005%202022%2004:00:53%20GMT+0000%20(GMT)
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.199.211.51 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-199-211-51.ap-northeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
a33a192e33e85088f82b75303dfe28944c0753f77898bb4efa3f39b000befc2f

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Dec 2022 04:00:53 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://wegotthiscovered.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
imp
g2.gumgum.com/hbid/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?pi=3&lt=1670212853145&t=mluwmihh&maxw=970&maxh=90&si=302229&bf=970x90&fp=0.1&fpc=USD&pubcid=82fc80b8-8ecd-44cf-b189-b9a1bbbc2664&schain=1.0%2C1!proper.io%2C09983aa5-787b-11eb-8272-06ef03bc0096%2C1%2C5fee5b27-a8ff-4036-801c-17a4672e8cb4%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwegotthiscovered.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%227.22.0%22%7D&ogu=https%3A%2F%2Fwegotthiscovered.com%2F&ns=9626&_t=Mon%20Dec%2005%202022%2004:00:53%20GMT+0000%20(GMT)
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.199.211.51 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-199-211-51.ap-northeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
0fd2c65795c29d6e60c327e78939a448d9fd58d92ce477af1a436f4ab4387d3c

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Dec 2022 04:00:53 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://wegotthiscovered.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
imp
g2.gumgum.com/hbid/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?pi=3&lt=1670212853146&t=mluwmihh&maxw=300&maxh=250&si=302230&bf=300x250&fp=0.1&fpc=USD&pubcid=82fc80b8-8ecd-44cf-b189-b9a1bbbc2664&schain=1.0%2C1!proper.io%2C09983aa5-787b-11eb-8272-06ef03bc0096%2C1%2C5fee5b27-a8ff-4036-801c-17a4672e8cb4%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwegotthiscovered.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%227.22.0%22%7D&ogu=https%3A%2F%2Fwegotthiscovered.com%2F&ns=9626&_t=Mon%20Dec%2005%202022%2004:00:53%20GMT+0000%20(GMT)
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.199.211.51 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-199-211-51.ap-northeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
183cc0e95052ec40453d70b96380671c93ef240220c5816514ee9c188f50852f

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Dec 2022 04:00:53 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://wegotthiscovered.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
imp
g2.gumgum.com/hbid/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?pi=3&lt=1670212853146&t=mluwmihh&maxw=300&maxh=250&si=302231&bf=300x250&fp=0.1&fpc=USD&pubcid=82fc80b8-8ecd-44cf-b189-b9a1bbbc2664&schain=1.0%2C1!proper.io%2C09983aa5-787b-11eb-8272-06ef03bc0096%2C1%2C5fee5b27-a8ff-4036-801c-17a4672e8cb4%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwegotthiscovered.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%227.22.0%22%7D&ogu=https%3A%2F%2Fwegotthiscovered.com%2F&ns=9626&_t=Mon%20Dec%2005%202022%2004:00:53%20GMT+0000%20(GMT)
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.199.211.51 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-199-211-51.ap-northeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
3b25b7b320cf3ea75d6219e35c6894a39b1fca98bbc45e20dbfe54cfbbb35281

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Dec 2022 04:00:53 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://wegotthiscovered.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
imp
g2.gumgum.com/hbid/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?pi=3&lt=1670212853147&t=mluwmihh&maxw=300&maxh=250&si=302232&bf=300x250&fp=0.1&fpc=USD&pubcid=82fc80b8-8ecd-44cf-b189-b9a1bbbc2664&schain=1.0%2C1!proper.io%2C09983aa5-787b-11eb-8272-06ef03bc0096%2C1%2C5fee5b27-a8ff-4036-801c-17a4672e8cb4%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwegotthiscovered.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%227.22.0%22%7D&ogu=https%3A%2F%2Fwegotthiscovered.com%2F&ns=9626&_t=Mon%20Dec%2005%202022%2004:00:53%20GMT+0000%20(GMT)
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.199.211.51 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-199-211-51.ap-northeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
a82086bffbea2b1ba0cb1c931a3045c55bcaec75104009c2d7693c7bec03adab

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Dec 2022 04:00:53 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://wegotthiscovered.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
imp
g2.gumgum.com/hbid/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?pi=3&lt=1670212853147&t=mluwmihh&maxw=300&maxh=250&si=302233&bf=300x250&fp=0.1&fpc=USD&pubcid=82fc80b8-8ecd-44cf-b189-b9a1bbbc2664&schain=1.0%2C1!proper.io%2C09983aa5-787b-11eb-8272-06ef03bc0096%2C1%2C5fee5b27-a8ff-4036-801c-17a4672e8cb4%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwegotthiscovered.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%227.22.0%22%7D&ogu=https%3A%2F%2Fwegotthiscovered.com%2F&ns=9626&_t=Mon%20Dec%2005%202022%2004:00:53%20GMT+0000%20(GMT)
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.199.211.51 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-199-211-51.ap-northeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
c530c3949769a068f1d54a12b46dc7a29024d81bb360c8c4f0966df30099df9b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Dec 2022 04:00:53 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://wegotthiscovered.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
imp
g2.gumgum.com/hbid/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?pi=3&lt=1670212853148&t=mluwmihh&maxw=300&maxh=600&si=302223&bf=300x600&fp=1&fpc=USD&pubcid=82fc80b8-8ecd-44cf-b189-b9a1bbbc2664&schain=1.0%2C1!proper.io%2C09983aa5-787b-11eb-8272-06ef03bc0096%2C1%2C5fee5b27-a8ff-4036-801c-17a4672e8cb4%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwegotthiscovered.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%227.22.0%22%7D&ogu=https%3A%2F%2Fwegotthiscovered.com%2F&ns=9626&_t=Mon%20Dec%2005%202022%2004:00:53%20GMT+0000%20(GMT)
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.199.211.51 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-199-211-51.ap-northeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
10ea06fc411398f73cfb5fb063835592fdcc1b58f5c8802c60c72c4d3d38a260

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Dec 2022 04:00:53 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://wegotthiscovered.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
bid-request
a.teads.tv/hb/ 		16 B
508 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.25.221.62 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-25-221-62.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://wegotthiscovered.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 05 Dec 2022 04:00:53 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://wegotthiscovered.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Mon, 05 Dec 2022 04:00:53 GMT
prebid
ib.adnxs.com/ut/v3/ 		598 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.151.36 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
897.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
0d69193d1987f491fcfc9e87d995b618ef60a9c88b40d24ad99483067c76a11f
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://wegotthiscovered.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Mon, 05 Dec 2022 04:00:54 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
103.209.254.83; 103.209.254.83; 897.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
e0e0fba2-952a-4f32-a415-e1cff79a35d8
Server
nginx/1.21.3
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://wegotthiscovered.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
328786
search.spotxchange.com/openrtb/2.3/dados/ 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/328786
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.71.26.124 Singapore, Singapore, ASN132134 (SPOTX-AS-AP SpotXchange, Inc, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://wegotthiscovered.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Mon, 05 Dec 2022 04:00:53 GMT
X-SpotX-Timing-SpotMarket-Primary
0.002927
X-SpotX-Timing-Transform
0.000371
X-SpotX-Timing-SpotMarket
0.002927
X-SpotX-Timing-Page-Require
0.000372
X-fe
037
Connection
keep-alive
X-SpotX-Timing-Page-Misc
0.004775
X-SpotX-Timing-Page-Cookie
0.000022
X-SpotX-Timing-Page
0.009882
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000284
Last-Modified
Mon, 05 Dec 2022 04:00:53 GMT
Server
nginx
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://wegotthiscovered.com
X-SpotX-Timing-Page-Exception
0.000001
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Credentials
true
X-SpotX-Timing-Page-URI
0.000011
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-Mux
0.001119
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
328786
search.spotxchange.com/openrtb/2.3/dados/ 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/328786
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.71.26.124 Singapore, Singapore, ASN132134 (SPOTX-AS-AP SpotXchange, Inc, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://wegotthiscovered.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Mon, 05 Dec 2022 04:00:53 GMT
X-SpotX-Timing-SpotMarket-Primary
0.002396
X-SpotX-Timing-Transform
0.000285
X-SpotX-Timing-SpotMarket
0.002396
X-SpotX-Timing-Page-Require
0.000371
X-fe
090
Connection
keep-alive
X-SpotX-Timing-Page-Misc
0.002204
X-SpotX-Timing-Page-Cookie
0.000030
X-SpotX-Timing-Page
0.006379
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000282
Last-Modified
Mon, 05 Dec 2022 04:00:53 GMT
Server
nginx
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://wegotthiscovered.com
X-SpotX-Timing-Page-Exception
0.000001
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Credentials
true
X-SpotX-Timing-Page-URI
0.000012
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-Mux
0.000798
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
translator
hbopenbid.pubmatic.com/ 		0
119 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.193 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://wegotthiscovered.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://wegotthiscovered.com
date
Mon, 05 Dec 2022 04:00:52 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
trinity.json
apex.go.sonobi.com/ 		256 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%222c7f33dec4dac1aef181%22%3A%222c7f33dec4dac1aef181%7C728x90%7C0.1%22%2C%22d3a5634c22c38b36c65c%22%3A%22d3a5634c22c38b36c65c%7C728x90%7C0.1%22%2C%22703655e503a7d7375380%22%3A%22703655e503a7d7375380%7C300x250%7C0.1%22%2C%22f9db147c25e11d5b246b%22%3A%22f9db147c25e11d5b246b%7C300x250%7C0.1%22%2C%228be984380e9d3e24214d%22%3A%228be984380e9d3e24214d%7C300x250%7C0.1%22%2C%22e75905403a42ff80ec58%22%3A%22e75905403a42ff80ec58%7C300x250%7C0.1%22%2C%22915ace92796b2155a77c%22%3A%22915ace92796b2155a77c%7C300x600%7C1%22%7D&ref=https%3A%2F%2Fwegotthiscovered.com%2F&s=da1b976f-81b8-4d0d-9248-85cd00ad72d4&pv=5c194e0e-09ff-4010-a0a8-0244c7e0484c&vp=desktop&lib_name=prebid&lib_v=7.22.0&us=1&ius=1&userid=%7B%22pubcid%22%3A%2282fc80b8-8ecd-44cf-b189-b9a1bbbc2664%22%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2282fc80b8-8ecd-44cf-b189-b9a1bbbc2664%22%2C%22atype%22%3A1%7D%5D%7D%5D&schain=%7B%22ver%22%3A%221.0%22%2C%22nodes%22%3A%5B%7B%22hp%22%3A1%2C%22asi%22%3A%22proper.io%22%2C%22sid%22%3A%2209983aa5-787b-11eb-8272-06ef03bc0096%22%2C%22rid%22%3A%225fee5b27-a8ff-4036-801c-17a4672e8cb4%22%7D%5D%2C%22complete%22%3A1%7D
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.34.250.78 Los Angeles, United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
ff1b840b83fb98a6576b9a78591ed399eba5ebcecab7f0638729acb1f76a8064
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 05 Dec 2022 04:00:53 GMT
Content-Encoding
gzip
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-lax-1-5-69
Content-Type
application/json
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
https://wegotthiscovered.com
Cache-Control
no-cache, no-store, private
Access-Control-Allow-Credentials
true
Tcn
Choice
Content-Length
197
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
bid.json
reachms.bfmio.com/ 		0
219 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://reachms.bfmio.com/bid.json?exchange_id=eb1985cf-693d-419b-ee26-3d1a81c96314
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.204.109.58 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-204-109-58.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://wegotthiscovered.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://wegotthiscovered.com
date
Mon, 05 Dec 2022 04:00:54 GMT
access-control-expose-headers
location
access-control-allow-credentials
true
vary
Origin
expires
Thu, 01 Jan 1970 00:00:00 GMT
bid.json
reachms.bfmio.com/ 		0
221 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://reachms.bfmio.com/bid.json?exchange_id=eb1985cf-693d-419b-ee26-3d1a81c96314
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.204.109.58 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-204-109-58.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://wegotthiscovered.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://wegotthiscovered.com
date
Mon, 05 Dec 2022 04:00:53 GMT
access-control-expose-headers
location
access-control-allow-credentials
true
vary
Origin
expires
Thu, 01 Jan 1970 00:00:00 GMT
arj
propermedia-d.openx.net/w/1.0/ 		174 B
383 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://propermedia-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwegotthiscovered.com%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tws=1600x1200&aus=728x90%2C300x250%7C728x90%7C300x250%7C300x250%7C300x250%2C300x600&auid=544108942%2C544108943%2C544108949%2C544108950%2C544108953&aumfs=100%2C100%2C100%2C100%2C100&dddid=8079c03f-8c78-48ad-af23-adf5d366e106%2C1add46d7-473f-43f7-8bb6-236b357fbff4%2C3fbe243e-9823-450d-b100-b694bd9bddd7%2C710fcad5-3486-412a-ab95-aec5d40a4d79%2C6822d811-c53b-4e93-baca-c6b81a98874a&divIds=openx-ce18027a-dd0f-4bdc-8b46-e8ec4300c3bb%2Copenx-877faee7-f8fb-495b-b956-a3d2ef6268d1%2Copenx-7117ec80-42bc-4440-a442-c6808898e330%2Copenx-00a796ec-b682-48f9-ba26-4999d08c5605%2Copenx-a8912fc1-880b-429b-85e0-ba15052044a8&be=1&bc=hb_pb_3.0.1&nocache=1670212853158&schain=1.0%2C1!proper.io%2C09983aa5-787b-11eb-8272-06ef03bc0096%2C1&x_gdpr_f=1&pubcid=82fc80b8-8ecd-44cf-b189-b9a1bbbc2664
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
c642adbdfb7d17e2072b6f357079f3af67602df784ea938b4085a74b72a8b1e0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Dec 2022 04:00:53 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://wegotthiscovered.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
165
expires
Mon, 26 Jul 1997 05:00:00 GMT
bid
ap.lijit.com/rtb/ 		115 B
761 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.22.0
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
209.191.163.209 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
6585917f907eafe9c7cd98fc36ad1b3e0b386deab1d8433ee96b3ad9e7bb4105

Request headers

Referer
https://wegotthiscovered.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Mon, 05 Dec 2022 04:00:53 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://wegotthiscovered.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap3sfo1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
111
fastlane.json
fastlane.rubiconproject.com/a/api/ 		711 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=8777&site_id=378212&zone_id=2088034&size_id=15%3B2%3B15%3B15%3B15&alt_size_ids=2%3B%3B%3B%3B10&rp_floor=0.1&rp_secure=1&tk_flint=pbjs_lite_v3.2.0&x_source.tid=87a8188b-ed75-456a-b9c9-ea7dfffc1a73%3Bc83ff918-99a9-4ba3-a76d-eedfaca301a2%3B37e7da32-3b38-4176-8a67-5d5a332a3bd9%3B9a604db9-07fa-4ced-917b-f52ba8d69a5f%3Ba0de11dc-45fe-4b76-ba8f-267847243d54&p_screen_res=1600x1200&tg_fl.eid=2088034-4%3B2088034-5%3B2088034-1%3B2088034-2%3B2088034-3&rf=https%3A%2F%2Fwegotthiscovered.com%2F&x_source.pchain=proper.io%3A09983aa5-787b-11eb-8272-06ef03bc0096&ppuid=82fc80b8-8ecd-44cf-b189-b9a1bbbc2664&eid_pubcid.org=82fc80b8-8ecd-44cf-b189-b9a1bbbc2664%5E1&rp_schain=1.0%2C1!proper.io%2C09983aa5-787b-11eb-8272-06ef03bc0096%2C1&slots=5&rand=0.9740029491663238
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.173.158.65 Ashburn, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
174a239c0ca6c6c5cba1b3037153e50413db377a34bf3daeaa36fa8644dd6e99

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Dec 2022 04:00:53 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://wegotthiscovered.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
prebid.media.net/rtb/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUW4K2MG
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
ee73c73e4071b7a4d21e7b9132e230961ba08033858a5737963550b342723619

Request headers

Referer
https://wegotthiscovered.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 05 Dec 2022 04:00:53 GMT
content-encoding
gzip
via
1.1 google
server
nginx
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://wegotthiscovered.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
109
alt-svc
clear
expires
Mon, 05 Dec 2022 04:00:53 GMT
hb
ssc.33across.com/api/v1/ 		139 B
218 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
aff15379a48ef8e15c2c70a7b0eda7ba8976bb50116fd15afdddc1a0037824a0

Request headers

Referer
https://wegotthiscovered.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 05 Dec 2022 04:00:53 GMT
content-encoding
gzip
via
1.1 google
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
status
200 OK
access-control-allow-origin
https://wegotthiscovered.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
hb
ssc.33across.com/api/v1/ 		139 B
211 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
e179e95a429c819ed11563c9e76d36e8159b6a670e03a3c71a0b932638085ef7

Request headers

Referer
https://wegotthiscovered.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 05 Dec 2022 04:00:53 GMT
content-encoding
gzip
via
1.1 google
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
status
200 OK
access-control-allow-origin
https://wegotthiscovered.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
hb
ssc.33across.com/api/v1/ 		139 B
395 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
1333bf077104679a1e7eb28fd2cfd9931b9b348dae056963156a707f07f15b0b

Request headers

Referer
https://wegotthiscovered.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 05 Dec 2022 04:00:53 GMT
content-encoding
gzip
via
1.1 google
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
status
200 OK
access-control-allow-origin
https://wegotthiscovered.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
hb
ssc.33across.com/api/v1/ 		139 B
219 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
942fb8cf0e6046ca52efa912010d060d127ef30f696bdb6ce65e4693be0a3386

Request headers

Referer
https://wegotthiscovered.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 05 Dec 2022 04:00:53 GMT
content-encoding
gzip
via
1.1 google
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
status
200 OK
access-control-allow-origin
https://wegotthiscovered.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
hb
ssc.33across.com/api/v1/ 		139 B
220 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
1d6ef69e7cf814bb371ce419679b477527ab7b97b0d04919f9ec5089e0aa6d61

Request headers

Referer
https://wegotthiscovered.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 05 Dec 2022 04:00:53 GMT
content-encoding
gzip
via
1.1 google
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
status
200 OK
access-control-allow-origin
https://wegotthiscovered.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
161 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=52Yh7Ui7pc8ss6U6rL4I8hAR&bidId=52Yh7Ui7pc8ss6U6rL4I8hAR&bidfloor=0.1&instant_play_capable=true&hbSource=prebid&hbVersion=3.0.0&strVersion=3.2.0&shduid=82fc80b8-8ecd-44cf-b189-b9a1bbbc2664&pubcid=82fc80b8-8ecd-44cf-b189-b9a1bbbc2664&schain=%7B%22ver%22%3A%221.0%22%2C%22nodes%22%3A%5B%7B%22hp%22%3A1%2C%22asi%22%3A%22proper.io%22%2C%22sid%22%3A%2209983aa5-787b-11eb-8272-06ef03bc0096%22%2C%22rid%22%3A%225fee5b27-a8ff-4036-801c-17a4672e8cb4%22%7D%5D%2C%22complete%22%3A1%7D
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.179.155.191 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-179-155-191.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

access-control-allow-origin
https://wegotthiscovered.com
date
Mon, 05 Dec 2022 04:00:53 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
160 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=P0jqdJh1F5oblGVOhUmtzsOJ&bidId=P0jqdJh1F5oblGVOhUmtzsOJ&bidfloor=0.1&instant_play_capable=true&hbSource=prebid&hbVersion=3.0.0&strVersion=3.2.0&shduid=82fc80b8-8ecd-44cf-b189-b9a1bbbc2664&pubcid=82fc80b8-8ecd-44cf-b189-b9a1bbbc2664&schain=%7B%22ver%22%3A%221.0%22%2C%22nodes%22%3A%5B%7B%22hp%22%3A1%2C%22asi%22%3A%22proper.io%22%2C%22sid%22%3A%2209983aa5-787b-11eb-8272-06ef03bc0096%22%2C%22rid%22%3A%225fee5b27-a8ff-4036-801c-17a4672e8cb4%22%7D%5D%2C%22complete%22%3A1%7D
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.179.155.191 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-179-155-191.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

access-control-allow-origin
https://wegotthiscovered.com
date
Mon, 05 Dec 2022 04:00:53 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
160 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=4odmH6fmUmDvYMQLfkysCZmO&bidId=4odmH6fmUmDvYMQLfkysCZmO&bidfloor=0.1&instant_play_capable=true&hbSource=prebid&hbVersion=3.0.0&strVersion=3.2.0&shduid=82fc80b8-8ecd-44cf-b189-b9a1bbbc2664&pubcid=82fc80b8-8ecd-44cf-b189-b9a1bbbc2664&schain=%7B%22ver%22%3A%221.0%22%2C%22nodes%22%3A%5B%7B%22hp%22%3A1%2C%22asi%22%3A%22proper.io%22%2C%22sid%22%3A%2209983aa5-787b-11eb-8272-06ef03bc0096%22%2C%22rid%22%3A%225fee5b27-a8ff-4036-801c-17a4672e8cb4%22%7D%5D%2C%22complete%22%3A1%7D
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.179.155.191 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-179-155-191.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

access-control-allow-origin
https://wegotthiscovered.com
date
Mon, 05 Dec 2022 04:00:53 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
160 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=d1yhXU1BdmCwBzRjjNpeSjw9&bidId=d1yhXU1BdmCwBzRjjNpeSjw9&bidfloor=0.1&instant_play_capable=true&hbSource=prebid&hbVersion=3.0.0&strVersion=3.2.0&shduid=82fc80b8-8ecd-44cf-b189-b9a1bbbc2664&pubcid=82fc80b8-8ecd-44cf-b189-b9a1bbbc2664&schain=%7B%22ver%22%3A%221.0%22%2C%22nodes%22%3A%5B%7B%22hp%22%3A1%2C%22asi%22%3A%22proper.io%22%2C%22sid%22%3A%2209983aa5-787b-11eb-8272-06ef03bc0096%22%2C%22rid%22%3A%225fee5b27-a8ff-4036-801c-17a4672e8cb4%22%7D%5D%2C%22complete%22%3A1%7D
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.179.155.191 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-179-155-191.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

access-control-allow-origin
https://wegotthiscovered.com
date
Mon, 05 Dec 2022 04:00:53 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
24
web.hb.ad.cpe.dotomi.com/s2s/header/ 		589 B
888 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://web.hb.ad.cpe.dotomi.com/s2s/header/24
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
89.207.22.114 Singapore, Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
fb65745d7c8a3c3be646a4e5fad4f4911ef6549bd87648cb457bb54fc0a0fce7

Request headers

Referer
https://wegotthiscovered.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 05 Dec 2022 04:00:53 GMT
server
nginx
content-type
application/json
access-control-allow-origin
https://wegotthiscovered.com
cache-control
no-cache
access-control-allow-credentials
true
content-length
589
expires
0
prebid
ib.adnxs.com/ut/v3/ 		256 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.151.36 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
897.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
0f35fdbba04218112d4d190abbe93a7676e285c34a69cb1c197fb06b601745c0
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://wegotthiscovered.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Mon, 05 Dec 2022 04:00:54 GMT
AN-X-Request-Uuid
308e6a83-47c9-4dac-864d-12d6c8407231
Server
nginx/1.21.3
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://wegotthiscovered.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
103.209.254.83; 103.209.254.83; 897.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
256
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
mvo
tag.1rx.io/rmp/251630/0/ 		0
167 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.1rx.io/rmp/251630/0/mvo?z=1r&hbv=7.22,2.1
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
74.118.186.43 Serangoon, Singapore, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://wegotthiscovered.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://wegotthiscovered.com
pragma
no-cache
date
Mon, 05 Dec 2022 04:00:53 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
mvo
tag.1rx.io/rmp/251629/0/ 		0
168 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.1rx.io/rmp/251629/0/mvo?z=1r&hbv=7.22,2.1
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
74.118.186.43 Serangoon, Singapore, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://wegotthiscovered.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://wegotthiscovered.com
pragma
no-cache
date
Mon, 05 Dec 2022 04:00:53 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
cdb
bidder.criteo.com/ 		0
222 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.22.0&cb=63595989750&im=1
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.145 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://wegotthiscovered.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 05 Dec 2022 04:00:52 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://wegotthiscovered.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
v1
prg.smartadserver.com/prebid/ 		851 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
5.135.209.97 , France, ASN16276 (OVH, FR),
Reverse DNS
ip97.ip-5-135-209.eu
Software
/
Resource Hash
9c0c77262d966ff2ec2d4ac5a45de324d044f37fdecac564cb0e9391c44f604b

Request headers

Referer
https://wegotthiscovered.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 05 Dec 2022 04:00:54 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://wegotthiscovered.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
v1
prg.smartadserver.com/prebid/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
5.135.209.97 , France, ASN16276 (OVH, FR),
Reverse DNS
ip97.ip-5-135-209.eu
Software
/
Resource Hash
76fecf61beba427caa9f1e132cba36585e4c56a1757cd8b632df3672c17e0de3

Request headers

Referer
https://wegotthiscovered.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 05 Dec 2022 04:00:54 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://wegotthiscovered.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
v1
prg.smartadserver.com/prebid/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
5.135.209.97 , France, ASN16276 (OVH, FR),
Reverse DNS
ip97.ip-5-135-209.eu
Software
/
Resource Hash
31878cb4da521009771e933a2055c14611e982bf4032e8471e154646eeff4bb8

Request headers

Referer
https://wegotthiscovered.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 05 Dec 2022 04:00:54 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://wegotthiscovered.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
v1
prg.smartadserver.com/prebid/ 		790 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
5.135.209.97 , France, ASN16276 (OVH, FR),
Reverse DNS
ip97.ip-5-135-209.eu
Software
/
Resource Hash
2672d25e2e1eae5faaed7af1cfec73a8cbb155a1b6e52748817bac879fa23368

Request headers

Referer
https://wegotthiscovered.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 05 Dec 2022 04:00:53 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://wegotthiscovered.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
v1
prg.smartadserver.com/prebid/ 		766 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
5.135.209.97 , France, ASN16276 (OVH, FR),
Reverse DNS
ip97.ip-5-135-209.eu
Software
/
Resource Hash
0929f510ca5abcc390c07a48317ee269fef705edac1c4d14c994ac855d14cd7d

Request headers

Referer
https://wegotthiscovered.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 05 Dec 2022 04:00:53 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://wegotthiscovered.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
v1
prg.smartadserver.com/prebid/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
5.135.209.97 , France, ASN16276 (OVH, FR),
Reverse DNS
ip97.ip-5-135-209.eu
Software
/
Resource Hash
8063368e3f5b0333df27c3796a4dccc0ea145b013186f3872f86aff9e92e5ac3

Request headers

Referer
https://wegotthiscovered.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 05 Dec 2022 04:00:54 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://wegotthiscovered.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
auction
tlx.3lift.com/header/ 		19 B
510 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=7.22.0&referrer=https%3A%2F%2Fwegotthiscovered.com%2F&tmax=550
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.136.8.51 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-136-8-51.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://wegotthiscovered.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 05 Dec 2022 04:00:53 GMT
accept-ch
sec-ch-ua-arch,sec-ch-ua,sec-ch-ua-bitness,sec-ch-prefers-color-scheme,sec-ch-width,sec-ch-ect,user-agent,sec-ch-downlink,sec-ch-ua-mobile,sec-ch-save-data,sec-ch-device-memory,sec-ch-dpr,sec-ch-ua-full-version,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-viewport-width,sec-ch-ua-platform,sec-ch-viewport-height,sec-ch-rtt
content-type
application/json; charset=utf-8
access-control-allow-origin
https://wegotthiscovered.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
optimize.js
www.googleoptimize.com/ 		109 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleoptimize.com/optimize.js?id=OPT-T7VG35Z
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NWJQJXJ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f113.1e100.net
Software
Google Tag Manager /
Resource Hash
0ba917f5ffe95fbb9d9dc91b941eebdb365f8645883ab5d1e7ff0a1f07dd0c7b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 04:00:53 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43946
x-xss-protection
0
last-modified
Mon, 05 Dec 2022 03:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 05 Dec 2022 04:00:53 GMT
cgl7jat8wh
www.clarity.ms/tag/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/tag/cgl7jat8wh?ref=gtm
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NWJQJXJ
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.246.59 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
7ba5521768346424aa762b47755936d37a920b92e4ce3946d92367cd6e43ef6e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-type
application/x-javascript
date
Mon, 05 Dec 2022 04:00:53 GMT
cache-control
no-cache, no-store
expires
-1
x-azure-ref
09WyNYwAAAADUNdRpf64ZTLxB+3d9PZH0TUVMMDFFREdFMjAwOQA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache
CONFIG_NOCACHE
request-context
appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d
/
geoip.gamurs.workers.dev/ 		245 B
605 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://geoip.gamurs.workers.dev/
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.202.192 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0acd8ae8b70a3eca02fde62b59dd2ec048d11eb76c7cbcb0c7f9bea268674b89

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 04:00:53 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oKhQq3GX4nSrmz97GUoYWB3yaUY1xse5xoiV%2FivIFIq4tUPLxY%2FkajMiPA5f97uUQxaPqkRctAQgE36LHTRHd7Ybvkh4Re6XLDfc94TeOh6zNzxcmrZ2NWBfz6vsP1j5RGzjPNwV7PbDaw0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
*
cf-ray
7749e09e7ecfa8b6-SYD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
skeleton.js
static.adsafeprotected.com/ 		17 B
465 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/skeleton.js
Requested by
Host: superficialeyes.com
URL: https://superficialeyes.com/v2vrjgGqflcUvVGu3AjyLMOGAXT0bOhD9RGWW2u9n587yFk4ET7PnHt8X11-C5AsE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.174.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-174-23.lax53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 13:19:03 GMT
x-amz-version-id
nylqTweorRThFHMBJSrf_fHcWx3KVKN3
via
1.1 7f7457f2e97a4388e352d433568e7af8.cloudfront.net (CloudFront)
x-amz-cf-pop
LAX53-P4
age
7569712
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
17
last-modified
Mon, 17 Aug 2020 23:54:35 GMT
server
AmazonS3
etag
"53fab767ecbd3bf07990b10246befbd4"
content-type
application/javascript
cache-control
max-age=315360000
accept-ranges
bytes
x-amz-cf-id
BSoQNjnyL6qY-9ZaL6L5euLMW--gc-APjtnINeYNHnUnkDV9giqWgQ==
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=2&c2=6035334&cs_it=b3&cv=3.8.0.210223&ns__t=1670212852878&ns_c=UTF-8&gdpr=0&gdpr_p1t=&gdpr_li=&gdpr_purps=&gdpr_pcc=&cs_cmp_nc=1&cs_cmp_id=9&cs_cmp_sv=4&cs_cmp...
  • https://sb.scorecardresearch.com/b2?c1=2&c2=6035334&cs_it=b3&cv=3.8.0.210223&ns__t=1670212852878&ns_c=UTF-8&gdpr=0&gdpr_p1t=&gdpr_li=&gdpr_purps=&gdpr_pcc=&cs_cmp_nc=1&cs_cmp_id=9&cs_cmp_sv=4&cs_cm...
0
189 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=2&c2=6035334&cs_it=b3&cv=3.8.0.210223&ns__t=1670212852878&ns_c=UTF-8&gdpr=0&gdpr_p1t=&gdpr_li=&gdpr_purps=&gdpr_pcc=&cs_cmp_nc=1&cs_cmp_id=9&cs_cmp_sv=4&cs_cmp_rt=405&c7=https%3A%2F%2Fwegotthiscovered.com%2F&c8=Movie%20News%2C%20Gaming%20News%2C%20Blu-Ray%20News%2C%20Music%20News%2C%20and%20TV%20News%20%7C%20We%20Got%20This%20Covered&c9=
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Server
13.33.88.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-104.sin2.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 04:00:53 GMT
via
1.1 31d603b763553e4238110d07f30c186e.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN2-P2
x-amz-cf-id
YJhY9rC4RzlpXKXgf9DHMsn8Bb2uKx6xI-Bac3jAeLu3mkiLHiO3tg==
x-cache
Miss from cloudfront

Redirect headers

location
/b2?c1=2&c2=6035334&cs_it=b3&cv=3.8.0.210223&ns__t=1670212852878&ns_c=UTF-8&gdpr=0&gdpr_p1t=&gdpr_li=&gdpr_purps=&gdpr_pcc=&cs_cmp_nc=1&cs_cmp_id=9&cs_cmp_sv=4&cs_cmp_rt=405&c7=https%3A%2F%2Fwegotthiscovered.com%2F&c8=Movie%20News%2C%20Gaming%20News%2C%20Blu-Ray%20News%2C%20Music%20News%2C%20and%20TV%20News%20%7C%20We%20Got%20This%20Covered&c9=
date
Mon, 05 Dec 2022 04:00:53 GMT
via
1.1 31d603b763553e4238110d07f30c186e.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN2-P2
content-length
0
x-amz-cf-id
RvldOejACCpI4aPmVRXb_5dHIWPG_gg8jI5n5goSKp02lxqryNpJhg==
x-cache
Miss from cloudfront
6218c65ecebca94c45e3c774.enc
hb.vntsm.com/v2/live/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://hb.vntsm.com/v2/live/6218c65ecebca94c45e3c774.enc
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
139.99.63.197 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ns5000585.ip-139-99-63.net
Software
BunnyCDN-SG21-744 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
ref_url
Access-Control-Request-Method
GET
Origin
https://wegotthiscovered.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

access-control-allow-headers
cdn-requestcountrycode,Content-Type,x-bl,ref_url
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
*
access-control-expose-headers
x-geo-subdivision,X-Geo,cdn-requestcountrycode,Content-Type,x-bl
cache-control
public, max-age=86400
cdn-cache
HIT
cdn-pullzone
131999
cdn-requestcountrycode
AU
cdn-requestid
43317a73919e309740ba4af15dd7b2de
cdn-uid
5d6cd18c-1b61-4922-947b-91a6b9ea7b00
content-type
application/octet-stream
date
Mon, 05 Dec 2022 04:00:53 GMT
server
BunnyCDN-SG21-744
x-bl
0
content.html
hb.vntsm.io/ 		32 B
668 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hb.vntsm.io/content.html
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.36.131 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce8368e5b8e9f2f066acc6284578c00021aea742c4c7c7ec2836c232a5f8b1f8

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 04:00:53 GMT
cf-cache-status
HIT
x-amz-request-id
3FJ2BS91Q377RX0X
age
6606
content-length
32
x-amz-id-2
wZ4f7idNdqQfpSpnWiVIXOF2Lsm5+j5Vwg6sCeETsfm7Kdm+3Ak7RWii4a4e9BH0EKlJVX8z1yU=
last-modified
Thu, 14 Oct 2021 10:47:47 GMT
server
cloudflare
etag
"2f58b9ff601fd509249a9e7628a21c33"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
content-type
text/html
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin, origin, Origin
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7749e09f3915a868-SYD
6218c65ecebca94c45e3c774.enc
hb.vntsm.com/v2/live/ 		8 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.vntsm.com/v2/live/6218c65ecebca94c45e3c774.enc
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
139.99.63.197 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ns5000585.ip-139-99-63.net
Software
BunnyCDN-SG21-744 /
Resource Hash
b5cf3c1e88f1fa0dbbcf17a91699d3b05da3ac779dcc160deb9f1160781365b4

Request headers

Referer
https://wegotthiscovered.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
ref_url
aHR0cHM6Ly93ZWdvdHRoaXNjb3ZlcmVkLmNvbS8=

Response headers

date
Mon, 05 Dec 2022 04:00:54 GMT
content-encoding
br
cdn-edgestorageid
744
cdn-cachedat
12/02/2022 16:23:33
cdn-pullzone
131999
last-modified
Wed, 29 Jun 2022 12:35:47 GMT
server
BunnyCDN-SG21-744
cdn-proxyver
1.03
cdn-requestpullcode
200
etag
W/"c73b6e4cf93f120c13d96afbf7dd90d3"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
text/plain
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
5d6cd18c-1b61-4922-947b-91a6b9ea7b00
access-control-expose-headers
x-geo-subdivision,X-Geo,cdn-requestcountrycode,Content-Type,x-bl
access-control-allow-credentials
true
x-bl
0
cache-control
public, max-age=86400
cdn-requestid
54a3325e5f4cdace423c1cd573b1167f
cdn-requestcountrycode
AU
access-control-allow-headers
cdn-requestcountrycode,Content-Type,x-bl,ref_url
cdn-status
200
cdn-requestpullsuccess
True
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=226866098399083&ev=PageView&dl=https%3A%2F%2Fwegotthiscovered.com%2F&rl=&if=false&ts=1670212853405&sw=1600&sh=1200&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1670212853404.1986962759&it=1670212852932&coo=false&rqm=GET
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.235.35 Singapore, Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-04-sin6.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Mon, 05 Dec 2022 04:00:54 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
collect
analytics.google.com/g/ 		0
350 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-VRDHJCSX1H&gtm=2oebu0&_p=733302740&_gaz=1&cid=981839477.1670212853&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1670212853&sct=1&seg=0&dl=https%3A%2F%2Fwegotthiscovered.com%2F&dt=Movie%20News%2C%20Gaming%20News%2C%20Blu-Ray%20News%2C%20Music%20News%2C%20and%20TV%20News%20%7C%20We%20Got%20This%20Covered&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VRDHJCSX1H&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.36.181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Dec 2022 04:00:54 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://wegotthiscovered.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
47 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-VRDHJCSX1H&cid=981839477.1670212853&gtm=2oebu0&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VRDHJCSX1H&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Dec 2022 04:00:54 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://wegotthiscovered.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com.au/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com.au/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-VRDHJCSX1H&cid=981839477.1670212853&gtm=2oebu0&aip=1&z=2113289689
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f94.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Dec 2022 04:00:54 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
liveView.php
live.primis.tech/live/ 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveView.php?s=108034&cbuster=%%CACHEBUSTER%%&playerApiId=primisPlayer
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.8.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-8-105.sin5.r.cloudfront.net
Software
nginx /
Resource Hash
ffda3b10a6859baeb930feedcb801563e29cf97e96acb7014a19604ddd95cbf8

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Dec 2022 04:00:54 GMT
content-encoding
gzip
via
1.1 884565e44bd03047bbadc5b86c50509c.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
SIN5-C1
age
0
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store
x-amz-cf-id
l3cw5CySKgCIJV_ffYJzNyD2ut4Drq0X6QL89CZGp_Z94-3Enh6mrA==
rules-p-mEzuYq24VEJ-3.js
rules.quantcount.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-mEzuYq24VEJ-3.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-127.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2541943eb1b759367d198f4b470134d85aadc1bf18a48da5e49de3c61b9a59ac

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 03:13:55 GMT
content-encoding
gzip
via
1.1 8b193b33626543d66ce5f5750c8af41a.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN2-P1
age
2820
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
last-modified
Fri, 14 Oct 2022 00:52:56 GMT
server
AmazonS3
etag
W/"bc35b7c476efec25f5c48ba8fb7b9906"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
x-amz-cf-id
6wGmq0fWyHlsDAalZYKEjWD6CvqPTlGk3NNWfhdGmZmxgOrNMk_KBQ==
integrator.js
adservice.google.com.au/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com.au/adsid/integrator.js?domain=wegotthiscovered.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022112901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 04:00:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=wegotthiscovered.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022112901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f154.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 04:00:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		28 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=723874549316057&correlator=1670897708536396&eid=31070919%2C21065724&output=ldjh&gdfp_req=1&vrg=2022112901&ptt=17&impl=fifs&gdpr=0&us_privacy=1---&iu_parts=143457427%2Cwgtc_pskin&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=2&adks=36737190&didk=391414628&sfv=1-0-40&sc=1&cookie_enabled=1&arp=1&abxe=1&dt=1670212853720&lmt=1670212853&dlt=1670212850871&idt=2812&adxs=55&adys=10612&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwegotthiscovered.com%2F&frm=20&vis=1&psz=1600x10712&msz=1490x0&fws=0&ohw=0&ga_vid=981839477.1670212853&ga_sid=1670212854&ga_hid=733302740&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022112901.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
cafe /
Resource Hash
683792c85f0e326254a6578668f03cf729462af0691dc3dce35df863cbb88e7f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 04:00:53 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10976
x-xss-protection
0
google-lineitem-id
6168480405
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138414684434
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://wegotthiscovered.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
a6877dcf690d5719671ec6745f20d2cd.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 5216 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://a6877dcf690d5719671ec6745f20d2cd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022112901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wegotthiscovered.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 05 Dec 2022 04:00:54 GMT
expires
Tue, 05 Dec 2023 04:00:54 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
collect
www.google-analytics.com/j/ 		2 B
210 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=733302740&t=pageview&_s=1&dl=https%3A%2F%2Fwegotthiscovered.com%2F&ul=en-us&de=UTF-8&dt=Movie%20News%2C%20Gaming%20News%2C%20Blu-Ray%20News%2C%20Music%20News%2C%20and%20TV%20News%20%7C%20We%20Got%20This%20Covered&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABQAAAACAAI~&jid=1016561094&gjid=1547405420&cid=981839477.1670212853&tid=UA-17178859-1&_gid=1386242268.1670212854&_r=1&gtm=2oubu0&z=1886893972
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.101 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f101.1e100.net
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://wegotthiscovered.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 05 Dec 2022 04:00:54 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://wegotthiscovered.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
132 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j98&a=733302740&t=event&ni=1&_s=2&dl=https%3A%2F%2Fwegotthiscovered.com%2F&ul=en-us&de=UTF-8&dt=Movie%20News%2C%20Gaming%20News%2C%20Blu-Ray%20News%2C%20Music%20News%2C%20and%20TV%20News%20%7C%20We%20Got%20This%20Covered&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ad%20Block&ea=Allowed&_u=YADAAUABQAAAACAAI~&jid=&gjid=&cid=981839477.1670212853&tid=UA-17178859-1&_gid=1386242268.1670212854&gtm=2oubu0&z=1060112651
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.101 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f101.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Dec 2022 05:14:54 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
81960
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		0
31 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=226866098399083&ev=Microdata&dl=https%3A%2F%2Fwegotthiscovered.com%2F&rl=&if=false&ts=1670212853908&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Movie%20News%2C%20Gaming%20News%2C%20Blu-Ray%20News%2C%20Music%20News%2C%20and%20TV%20News%20%7C%20We%20Got%20This%20Covered%22%2C%22meta%3Akeywords%22%3A%22%22%2C%22meta%3Adescription%22%3A%22All%20the%20latest%20news%2C%20trailers%20%26%20reviews%20for%20movies%2C%20video%20games%2C%20music%20and%20TV.%22%7D&cd[OpenGraph]=%7B%22og%3Alocale%22%3A%22en_US%22%2C%22og%3Atype%22%3A%22article%22%2C%22og%3Atitle%22%3A%22We%20Got%20This%20Covered%22%2C%22og%3Adescription%22%3A%22All%20the%20latest%20news%2C%20trailers%20%26%20reviews%20for%20movies%2C%20video%20games%2C%20music%20and%20TV.%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fwegotthiscovered.com%2F%22%2C%22og%3Asite_name%22%3A%22We%20Got%20This%20Covered%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5B%7B%22%40context%22%3A%22https%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Organization%22%2C%22%40id%22%3A%22https%3A%2F%2Fwegotthiscovered.com%23Organization%22%2C%22name%22%3A%22We%20Got%20This%20Covered%22%2C%22url%22%3A%22https%3A%2F%2Fwegotthiscovered.com%22%2C%22sameAs%22%3A%5B%5D%2C%22logo%22%3A%7B%22%40type%22%3A%22ImageObject%22%2C%22url%22%3A%22https%3A%2F%2Fwegotthiscovered.com%2Fwp-content%2Fuploads%2F2022%2F03%2FWGTC-Featured-Image-Logo.png%22%2C%22width%22%3A%221200%22%2C%22height%22%3A%22675%22%7D%7D%5D%2C%7B%22%40context%22%3A%22https%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22WebSite%22%2C%22url%22%3A%22https%3A%2F%2Fwegotthiscovered.com%22%2C%22potentialAction%22%3A%7B%22%40type%22%3A%22SearchAction%22%2C%22target%22%3A%22https%3A%2F%2Fwegotthiscovered.com%2F%3Fs%3D%7Bsearch_term_string%7D%26submit%3D%22%2C%22query-input%22%3A%22required%20name%3Dsearch_term_string%22%7D%7D%5D&sw=1600&sh=1200&v=2.9.89&r=stable&ec=1&o=30&fbp=fb.1.1670212853404.1986962759&it=1670212852932&coo=false&es=automatic&tm=3&rqm=GET
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.235.35 Singapore, Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-04-sin6.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Mon, 05 Dec 2022 04:00:54 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
view
securepubads.g.doubleclick.net/pcs/ Frame 3880 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssVgCN3LMWIgi1i407uZvK-DLmX9kRXDFvnTLXq7vXs8kIY01MvnFd7QAMl3-HRmzpEumFDCbLxkbypOJxHhOl33vxk4TmL3M7FYEh4HRUTJa4dgesClY-WVX8VViH4smhKcqrG7tIGIc9zvJCi6MMnLryeVOqQnAji884RsEcToCciB9POxeLR0CqV2yJOn_eT112_AppaDoQB5EW1tp-Yu_tk1LhGK9KH0mY2FdUTSgmO4q_ITcg7NjRPHoMdj6btpQe4tdL0iqBldbShK-sT7TQVp5uyHI34HBfUgbPH7cVdhVqvB1D9UVXaMj_QaRPAhueCXA&sai=AMfl-YSoVRLVkrUd4LfpW7jBsCETVb8cMuXdYsLXv0V9_IV9s_YLfM_D1QPA6vxhwWrvbCvO3iGZQSdn3vyFZ4gvw02FRSE8WgmA4H8MdxIm7rYoOc5Vlghn19xpKrEy5_6L1cfMUOtHfz4DneHfdGelSA&sig=Cg0ArKJSzMhpzBQK23zXEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 04:00:54 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Mon, 05 Dec 2022 04:00:54 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 3880 		155 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022112901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f157.1e100.net
Software
sffe /
Resource Hash
302e69dd5cd67c33a01a5d0308c1ead25d5967bd0810b0c073f9fe18124de7bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 04:00:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48508
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1669811598765935"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 05 Dec 2022 04:00:54 GMT
cookie.js
partner.googleadservices.com/gampad/ 		224 B
651 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=wegotthiscovered.com&callback=_gfp_s_&client=ca-pub-9356934496955375&cookie=ID%3D7d385100edddc740%3AT%3D1670212853%3AS%3DALNI_MZIcn1h3StIxnbTtKpBoT-3uCBKXA&gpic=UID%3D00000b89c71662ec%3AT%3D1670212853%3ART%3D1670212853%3AS%3DALNI_MaH85dljvtX8BZvPD1JIaims2EfWw&gpid_exp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211150101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
cafe /
Resource Hash
ef90592d22153fb1cb1534cbc57c637d1268171d949700bcf8f8b8c826706415
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 04:00:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
207
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fwegotthiscovered.com%2F&tn=DIV&id=mainHeader&cls=header%20sticky&ign=false&pw=1600&ph=1200&x=0&y=0
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f156.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Dec 2022 04:00:54 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 14A4 		0
314 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-9356934496955375&output=html&adk=2018173897&adf=1110508544&lmt=1670212854&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2Fwegotthiscovered.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670212852801&bpp=4&bdt=1930&idt=1230&shv=r20221110&mjsv=m202211150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7d385100edddc740%3AT%3D1670212853%3AS%3DALNI_MZIcn1h3StIxnbTtKpBoT-3uCBKXA&gpic=UID%3D00000b89c71662ec%3AT%3D1670212853%3ART%3D1670212853%3AS%3DALNI_MaH85dljvtX8BZvPD1JIaims2EfWw&nras=1&correlator=2383072247600&frm=20&pv=2&ga_vid=981839477.1670212853&ga_sid=1670212854&ga_hid=733302740&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C44770880%2C21065724&oid=2&pvsid=723874549316057&tmod=1838308952&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=1247
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211150101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f154.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wegotthiscovered.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 05 Dec 2022 04:00:54 GMT
expires
Mon, 05 Dec 2022 04:00:54 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
s2s
eb.proper.io/ 		267 B
627 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://eb.proper.io/s2s
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.78.34 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
125934618e2193d744ce3940dcab6a6d7b85bfd57342fefda2daf7eee701ccea

Request headers

Referer
https://wegotthiscovered.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 05 Dec 2022 04:00:54 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://wegotthiscovered.com
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-timing
dur:357
cf-ray
7749e0a23d2bdf9d-MEL
expires
-1
ats.js
ats.rlcdn.com/ 		109 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ats.rlcdn.com/ats.js
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-60.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4b05d7f4339a505c65d2fcb1b21addd2a13a0c155ddf7ca766d1e7203b2b6cae

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

x-amz-version-id
qhkEQKrW4Gg_gxbK41emvSsDXWYdvDMl
content-encoding
br
via
1.1 31d603b763553e4238110d07f30c186e.cloudfront.net (CloudFront)
date
Sun, 04 Dec 2022 16:51:54 GMT
x-amz-cf-pop
SIN2-P2
age
40346
x-amz-server-side-encryption
AES256
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:eu-west-1:469675294282:build/ATSLibrary-prod:598424ed-c6de-48e8-8068-45662e39c3ce
x-cache
Hit from cloudfront
x-amz-meta-codebuild-content-md5
58acf9e97c03c481f490be71338f7f57
last-modified
Tue, 17 May 2022 11:35:33 GMT
server
AmazonS3
etag
W/"148e21f812b555a13b2a9c6b616141f4"
vary
Accept-Encoding
content-type
application/x-javascript
x-amz-meta-codebuild-content-sha256
57180e34d853b9e6be67670dae22a049fb237e6bca37c60f7ba138272a8487cc
cache-control
must-revalidate,public,max-age=86400
x-amz-cf-id
Afo1hVHQ5mhQbQ87atPpQclnZtj4-Xg8u_QQFB9l42zQU__1iTwkUw==
clarity.js
www.clarity.ms/eus-c/s/0.6.43/ 		54 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/eus-c/s/0.6.43/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/cgl7jat8wh?ref=gtm
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.246.59 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
cc8a16ce849d72f106bd67187e4b60c20da3093375202bf0b53f23e8f40a8b11

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 04:00:53 GMT
content-encoding
br
last-modified
Wed, 01 Jun 2022 12:22:22 GMT
server
Microsoft-IIS/10.0
etag
"1d9026a431ead4c"
x-azure-ref
09myNYwAAAAAalp5OU3VKS55APDOqFG9yTUVMMDFFREdFMjAwOQA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache
TCP_HIT
content-type
application/javascript;charset=utf-8
cache-control
public,max-age=86400
accept-ranges
bytes
request-context
appId=cid-v1:b1d896b3-bec7-448b-b764-240152e813e8
px.gif
ad-delivery.net/ 		43 B
930 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad-delivery.net/px.gif?ch=2
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 04:00:54 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1098330
x-guploader-uploadid
ADPycdtP78QOqWlqKrpES-Y2L_ARUOBOIhUK0POgV6-2SBbKuu8hk_cMXYw_7zv9RtYUOzuijx4S_yVC5fgeuiX_CVEvFpuyFTYc
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
x-goog-generation
1620242732037093
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers
*, Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GrzwNTYSsb0svIoqc%2BTlaziMdF7wyOBrnH%2FZpptj1wBnCwnln4TkSy9n1zbHT9Fq2No13O44WJdglhkfiBklPt4fq1IOrV3d3jE7zGKSwe4nb6CzLDnTp9FIAqqwec%2BadA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
7749e0a42fe7a886-SYD
expires
Tue, 22 Nov 2022 11:23:40 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
249 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-17178859-1&cid=981839477.1670212853&jid=1016561094&gjid=1547405420&_gid=1386242268.1670212854&_u=YADAAUAAQAAAACAAI~&z=1577600893
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://wegotthiscovered.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Mon, 05 Dec 2022 04:00:54 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://wegotthiscovered.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
h.clarity.ms/ 		0
168 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://h.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/eus-c/s/0.6.43/clarity.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.224.31.34 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://wegotthiscovered.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

access-control-allow-origin
https://wegotthiscovered.com
date
Mon, 05 Dec 2022 04:00:55 GMT
access-control-allow-credentials
true
server
Microsoft-IIS/10.0
vary
Origin
request-context
appId=cid-v1:b1d896b3-bec7-448b-b764-240152e813e8
ads
securepubads.g.doubleclick.net/gampad/ 		106 KB
32 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=723874549316057&correlator=3648124209495862&eid=31070919%2C21065724&output=ldjh&gdfp_req=1&vrg=2022112901&ptt=17&impl=fifs&gdpr=0&us_privacy=1---&tfcd=0&iu_parts=5376056%3A143457427%2Cwegotthiscovered_side_1%2Cdynamic_1%2Cwegotthiscovered_side_2%2Cwegotthiscovered_side_3%2Cwegotthiscovered_sticky_1&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F3%2F2%2C%2F0%2F4%2F2%2C%2F0%2F5&prev_iu_szs=1x1%7C300x250%7C300x50%7C300x100%2C1x1%7C300x250%7C300x50%7C300x100%2C1x1%7C300x250%7C300x600%7C300x50%7C300x100%2C1x1%7C728x90%7C970x90%7C320x50%7C300x50&ifi=3&adks=3702255727%2C1390808738%2C3366092902%2C2087247537&didk=1365886904~1365898040~1365909473~1126633514&sfv=1-0-40&prev_scp=proper_slot%3D2.01%26proper_floor%3D0.10%26proper_bidder%3Dwegotthiscovered_floor%26proper_bid%3D0.10%26refresh_count%3D0%7Cproper_slot%3D3.01%26proper_floor%3D0.10%26proper_bidder%3Dwegotthiscovered_floor%26proper_bid%3D0.10%26refresh_count%3D0%7Cproper_slot%3D4.01%26proper_floor_300x600%3D1.00%26proper_floor_400x300%3D1.00%26proper_floor%3D0.10%26proper_bidder%3Dwegotthiscovered_floor%26proper_bid%3D1.00%26refresh_count%3D0%7Cproper_slot%3D20%26proper_sticky%3Dtrue%26proper_floor%3D0.10%26proper_bidder%3Dwegotthiscovered_floor%26proper_bid%3D0.10%26refresh_count%3D0&eri=1&cust_params=post_id%3Dunknown%26member%3Dno%26category%3D%26split_version%3D19126%26proper_site%3Dwegotthiscovered%26proper_page%3D1%26s_depth%3D1%26tags%3Dhome-page&ppid=82fc80b8-8ecd-44cf-b189-b9a1bbbc2664&sc=1&cookie=ID%3D7d385100edddc740%3AT%3D1670212853%3AS%3DALNI_MZIcn1h3StIxnbTtKpBoT-3uCBKXA&gpic=UID%3D00000b89c71662ec%3AT%3D1670212853%3ART%3D1670212853%3AS%3DALNI_MaH85dljvtX8BZvPD1JIaims2EfWw&arp=1&abxe=1&dt=1670212854390&lmt=1670212854&dlt=1670212850871&idt=2812&adxs=1049%2C1049%2C1049%2C-12245933&adys=875%2C1165%2C1455%2C-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C2%7C-1&ucis=2%7C3%7C4%7C5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwegotthiscovered.com%2F&frm=20&vis=1&psz=302x-1%7C302x-1%7C302x-1%7C0x-1&msz=300x-1%7C300x-1%7C300x-1%7C0x-1&fws=516%2C516%2C516%2C640&ohw=342%2C342%2C342%2C0&ga_vid=981839477.1670212853&ga_sid=1670212854&ga_hid=733302740&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022112901.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
cafe /
Resource Hash
6dbe9a41d66683628f91a1a4048737288291ec567ea3e31a0012403e68ef39d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 04:00:55 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33122
x-xss-protection
0
google-lineitem-id
-1,-1,941646136,-1
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-1,-1,132197347456,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://wegotthiscovered.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
publishertag.prebid.130.js
static.criteo.net/js/ld/ 		88 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.130.js
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a26695adab8d7538059dd2a25948c481f5a8fffefee171985a305f9fea9dd628
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 04:00:54 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Sat, 17 Sep 2022 19:59:55 GMT
server
nginx
etag
W/"6326273b-16120"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 06 Dec 2022 04:00:54 GMT
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.39.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-39-40.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

x-amz-version-id
vkCJAv2LVCiDvkjoOZrS5s9fefeFFUOq
content-encoding
gzip
via
1.1 0f7e4995783c21b04a0e0537b8737dde.cloudfront.net (CloudFront)
date
Sun, 04 Dec 2022 20:28:39 GMT
x-amz-cf-pop
SIN2-P1
age
27136
x-cache
Hit from cloudfront
last-modified
Fri, 18 Nov 2022 03:05:15 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
C9vZE9JIve7XGBx2-HBKvm6__piEmR1MshBZE_WY21HNbKKKZUJ1ZA==
config
c.amazon-adsystem.com/cdn/prod/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwegotthiscovered.com&pubid=cb3b5777-430d-4622-b7fc-358cfa27d518
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.39.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-39-40.sin2.r.cloudfront.net
Software
Server /
Resource Hash
0e9c1e427a5e80c2866377d7efcf372713fe8de95427f06e0fcfedfe1e3cd12a

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 02:12:28 GMT
via
1.1 daab5b369e744b6004b3b934cdef659c.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
SIN2-P1
age
6506
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://wegotthiscovered.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
1378
x-amz-cf-id
RCrAPS_kWKyCGKF_DtuJU-xB2ybdEEE13_6yNg9s81OB9zIIjn9qAQ==
bid
aax-dtb-cf.amazon-adsystem.com/e/dtb/ 		197 B
533 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwegotthiscovered.com%2F&pid=0uUfq5jO1dVu8&cb=0&ws=1600x1200&v=22.1107.1609&t=550&slots=%5B%7B%22sd%22%3A%22desktop-4%22%2C%22s%22%3A%5B%22728x90%22%2C%22300x250%22%5D%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A10%7D%2C%7B%22sd%22%3A%22desktop-5%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A10%7D%2C%7B%22sd%22%3A%22desktop-7%22%2C%22s%22%3A%5B%22970x90%22%5D%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A10%7D%2C%7B%22sd%22%3A%22desktop-1%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A10%7D%2C%7B%22sd%22%3A%22desktop-2%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A10%7D%2C%7B%22sd%22%3A%22desktop-3%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A10%7D%5D&schain=1.0%2C1!proper.io%2C09983aa5-787b-11eb-8272-06ef03bc0096%2C1%2C5fee5b27-a8ff-4036-801c-17a4672e8cb4%2C%2C&pubid=cb3b5777-430d-4622-b7fc-358cfa27d518&gdpre=0&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.79.163 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-79-163.sin2.r.cloudfront.net
Software
Server /
Resource Hash
6a7233280a2e726d9ae0b56ae30bc42d002fc4861447fe27b5b1e4bfc0116e08

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 04:00:54 GMT
via
1.1 73a569eafe77b39b17f3e8ef76c14c7c.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
SIN2-P2
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://wegotthiscovered.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
197
x-amz-cf-id
mpAekaj84M41bX-HZ5OTZ2bO-CcuborLNfWoKUG-uBcvJOHFldfTzg==
bid
aax-dtb-cf.amazon-adsystem.com/e/dtb/ 		197 B
535 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwegotthiscovered.com%2F&pid=0uUfq5jO1dVu8&cb=1&ws=1600x1200&v=22.1107.1609&t=550&slots=%5B%7B%22fc%22%3A%22USD%22%2C%22fp%22%3A100%2C%22id%22%3A%22Outstream_400x300%22%2C%22mt%22%3A%22v%22%7D%2C%7B%22fc%22%3A%22USD%22%2C%22fp%22%3A100%2C%22id%22%3A%22Outstream_400x300%22%2C%22mt%22%3A%22v%22%7D%5D&schain=1.0%2C1!proper.io%2C09983aa5-787b-11eb-8272-06ef03bc0096%2C1%2C5fee5b27-a8ff-4036-801c-17a4672e8cb4%2C%2C&pubid=cb3b5777-430d-4622-b7fc-358cfa27d518&gdpre=0&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.79.163 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-79-163.sin2.r.cloudfront.net
Software
Server /
Resource Hash
65565783d0087210366e3cc44cb91174d9a30814ef5977e2126ef99bb8ea3650

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 04:00:54 GMT
via
1.1 73a569eafe77b39b17f3e8ef76c14c7c.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
SIN2-P2
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://wegotthiscovered.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
197
x-amz-cf-id
NyM9TSdHJHrnARCH7y3-MC7SbZqC8u9l7bl6ith3RnONXSjurldgOg==
v2guf6-g9fjjstEkageRZT4_ujlXZ1ljRoybIyFU69cSrKYc-DKHetQCR-E2WH4PU6yBCTwvM
superficialeyes.com/ 		187 B
214 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://superficialeyes.com/v2guf6-g9fjjstEkageRZT4_ujlXZ1ljRoybIyFU69cSrKYc-DKHetQCR-E2WH4PU6yBCTwvM
Requested by
Host: superficialeyes.com
URL: https://superficialeyes.com/v2vrjgGqflcUvVGu3AjyLMOGAXT0bOhD9RGWW2u9n587yFk4ET7PnHt8X11-C5AsE
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.110.240.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
68.240.110.34.bc.googleusercontent.com
Software
/
Resource Hash
ca966385451988c5c3e18c1364f3851d9439eb3647115c7db4a482efde3367e6
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://wegotthiscovered.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
date
Mon, 05 Dec 2022 04:00:54 GMT
via
1.1 google
x-buildnumber
694373797
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
187
x-datacenter
gce-asia-east1
x-buildname
hoothoot
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://wegotthiscovered.com
x-hostname
fen-hoothoot-asia-east1-spot-csvq
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
expires
Mon, 05 Dec 2022 04:00:53 GMT
liveView.php
live.primis.tech/live/ Frame 2D39 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveView.php?s=108034&cbuster=%%CACHEBUSTER%%&playerApiId=primisPlayer&cbuster=1670212854&pubUrlAuto=https%3A%2F%2Fwegotthiscovered.com%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=&subId=default
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=108034&cbuster=%%CACHEBUSTER%%&playerApiId=primisPlayer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.8.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-8-105.sin5.r.cloudfront.net
Software
nginx /
Resource Hash
3f71cc81bff30c9268948c0c2c85fbee14f895a3d63a8225bbfa638efad82bc9

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Dec 2022 04:00:54 GMT
content-encoding
gzip
via
1.1 884565e44bd03047bbadc5b86c50509c.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
SIN5-C1
age
0
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store
x-amz-cf-id
rbye6Y8HTVCUDAeMbpIUix_2fbD6FTu0hhn9lwtv_hLTiiSqQH3aAQ==
pubcid.min.js
secure.cdn.fastclick.net/js/pubcid/latest/ 		53 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.58.236.39 Cyberjaya, Malaysia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-58-236-39.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
0767c070293f17944c5246f47d8c610131ee16556a032dc3b5820bdac5ec725f

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 04:00:55 GMT
content-encoding
gzip
last-modified
Thu, 13 Oct 2022 18:14:48 GMT
server
Apache
etag
"d4ed-5eaee7c12df48-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
17131
expires
Mon, 05 Dec 2022 04:15:55 GMT
sync.min.js
tags.crwdcntrl.net/lt/c/16576/ 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-86.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c7ad2fb033696f6b193dc1e4ef7d353c1d9a4d4a39772bdd0b44175704986ef8

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 14:16:24 GMT
content-encoding
gzip
via
1.1 475d669d6a669094dfa09def007f90d6.cloudfront.net (CloudFront)
last-modified
Mon, 21 Nov 2022 18:55:24 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P1
age
54339
x-amz-server-side-encryption
AES256
etag
W/"51c5af7d71728569b41d03503fff2de7"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age: 86400
x-amz-cf-id
o1cF3arf8zgsC5csHfiK7vlic4W7Q6RtVEbLnzqxUPRuqWsjYmcFPQ==
id5-api.js
cdn.id5-sync.com/api/1.0/ 		57 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.38.106 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
39fae3dc476aaaa594e2c963401633dd5d02eccb3c175eda03912cfe0f91c92e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 04:00:54 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 24 Nov 2022 12:48:29 GMT
server
cloudflare
x-amz-request-id
ZEFRP9MDBRZY2GGC
age
2248
etag
W/"9ee82d693d1e83b3a37ee20226716f78"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
7749e0a7a81ea87a-SYD
x-amz-id-2
7Ps8oYuNSV2woceheiiCzZHjbO7U6EXZQUeFd+Lzh1Ga3/Ovgv1+gRYbMV+QytEeZlHhkAx7eOs=
pixel;r=960870204;labels=type.article;rf=0;a=p-mEzuYq24VEJ-3;url=https%3A%2F%2Fwegotthiscovered.com%2F;uht=2;fpan=1;fpa=P0-150791004-1670212853616;pbc=;ns=0;ce=1;qjs=1;qv=48c6ea86-20221121114006;cm...
pixel.quantserve.com/ 		35 B
372 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=960870204;labels=type.article;rf=0;a=p-mEzuYq24VEJ-3;url=https%3A%2F%2Fwegotthiscovered.com%2F;uht=2;fpan=1;fpa=P0-150791004-1670212853616;pbc=;ns=0;ce=1;qjs=1;qv=48c6ea86-20221121114006;cm=;gdpr=0;us_privacy=1---;ref=;d=wegotthiscovered.com;dst=0;et=1670212854711;tzo=0;ogl=locale.en_US%2Ctype.article%2Ctitle.We%20Got%20This%20Covered%2Cdescription.All%20the%20latest%20news%252C%20trailers%20%26%20reviews%20for%20movies%252C%20video%20games%252C%20music%20and%20TV%252E%2Curl.https%3A%2F%2Fwegotthiscovered%252Ecom%2F%2Csite_name.We%20Got%20This%20Covered;ses=9b5d4ab2-b65f-4d71-b0ca-97dfdb062d73
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.229.10.211 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Dec 2022 04:00:54 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
hls.0.12.4_3.min.js
live.primis.tech/content/video/hls/ Frame 2D39 		258 KB
118 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/content/video/hls/hls.0.12.4_3.min.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=108034&cbuster=%%CACHEBUSTER%%&playerApiId=primisPlayer&cbuster=1670212854&pubUrlAuto=https%3A%2F%2Fwegotthiscovered.com%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=&subId=default
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.8.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-8-105.sin5.r.cloudfront.net
Software
nginx /
Resource Hash
a20010b26bce05ea3cfc83cf3a162b7c16b5d2fa2bcf2253b0394b0eb322347a

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 04:00:54 GMT
content-encoding
gzip
via
1.1 884565e44bd03047bbadc5b86c50509c.cloudfront.net (CloudFront)
last-modified
Wed, 23 Mar 2022 12:48:40 GMT
server
nginx
x-amz-cf-pop
SIN5-C1
etag
W/"623b1728-409bc"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
cache-control
max-age=31536000, public
accept-ranges
bytes
x-amz-cf-id
E8XrmuNhrfGxzC18746k9mnAS0Qw8ghxRuWz7MmUN6DwBvmCijE2Ww==
expires
Tue, 05 Dec 2023 04:00:54 GMT
prebidVid.7.16.0_4.min.js
live.primis.tech/content/prebid/ Frame 2D39 		510 KB
261 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/content/prebid/prebidVid.7.16.0_4.min.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=108034&cbuster=%%CACHEBUSTER%%&playerApiId=primisPlayer&cbuster=1670212854&pubUrlAuto=https%3A%2F%2Fwegotthiscovered.com%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=&subId=default
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.8.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-8-105.sin5.r.cloudfront.net
Software
nginx /
Resource Hash
f4961a18ce15e6ac3cc8a3583a62b84118879492071f3501e6a57fee6b89cf96

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 04:00:54 GMT
content-encoding
gzip
via
1.1 884565e44bd03047bbadc5b86c50509c.cloudfront.net (CloudFront)
last-modified
Mon, 31 Oct 2022 08:19:21 GMT
server
nginx
x-amz-cf-pop
SIN5-C1
etag
W/"635f8509-7f9a4"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
cache-control
max-age=31536000, public
accept-ranges
bytes
x-amz-cf-id
5jUKhDaCRxc5KzdReTC1fpAYlp1ThE0LvXeD3tX4qtv4b_hv9p0Itg==
expires
Tue, 05 Dec 2023 04:00:54 GMT
liveVideo.php
live.primis.tech/live/ Frame 2D39 		632 KB
252 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D31322D30355F30367D7B7331363635343432387D7B4337377D7B536432566E6233523061476C7A593239325A584A6C5A43356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583630307D7B593430307D7B66317D7B4C31313033347DFEFE&userIpAddr=103.209.254.83&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F108.0.5359.94+Safari%2F537.36&debugInformation=&isWePassGdpr=1&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&sdkv=&isSinglePageFloatSupport=0&isAmpIframe=0&csuuid=638d6cf666bb7&debugInfo=16654428_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16654428&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2810upwijyhl&secondaryContent=&x=600&y=400&pubUrl=https%3A%2F%2Fwegotthiscovered.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=1&flow_bottomOffset=50&impGap=1&flow_width=340&flow_height=192&videoType=flow&gdpr=0&gdprConsent=&contentFeedId=&geoLati=-37.8372&geoLong=144.9354&vpTemplate=11034&flowMode=below&isRealPreroll=0&playerApiId=primisPlayer&isApp=0&ccpa=0&ccpaConsent=&subId=default
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=108034&cbuster=%%CACHEBUSTER%%&playerApiId=primisPlayer&cbuster=1670212854&pubUrlAuto=https%3A%2F%2Fwegotthiscovered.com%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=&subId=default
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.8.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-8-105.sin5.r.cloudfront.net
Software
nginx /
Resource Hash
5542faba1b71b675241345b49ed0e9eeb3647734a7ef67d56f1aff4b25c45036

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 04:00:54 GMT
content-encoding
gzip
via
1.1 884565e44bd03047bbadc5b86c50509c.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
SIN5-C1
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/html; charset=UTF-8
x-amz-cf-id
xz5RMBkDKY_pCQSDxaVI_t1e3ian_5NeuCsuJvxZjyPuwD2Jlfg2Sw==
v2evtO_rVesMocYcBKksoVAd3_IbHhT2XB_1sQefIG1mUudYwXA1l-nrogaaJZORVxY4XzjIk
superficialeyes.com/ 		3 B
27 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://superficialeyes.com/v2evtO_rVesMocYcBKksoVAd3_IbHhT2XB_1sQefIG1mUudYwXA1l-nrogaaJZORVxY4XzjIk
Requested by
Host: superficialeyes.com
URL: https://superficialeyes.com/v2vrjgGqflcUvVGu3AjyLMOGAXT0bOhD9RGWW2u9n587yFk4ET7PnHt8X11-C5AsE
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.110.240.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
68.240.110.34.bc.googleusercontent.com
Software
/
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://wegotthiscovered.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
date
Mon, 05 Dec 2022 04:00:55 GMT
via
1.1 google
x-buildnumber
694373797
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
x-datacenter
gce-asia-east1
x-buildname
hoothoot
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://wegotthiscovered.com
x-hostname
fen-hoothoot-asia-east1-spot-csvq
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
v1
lb.eu-1-id5-sync.com/lb/ 		33 B
407 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.120 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533571.ip-162-19-138.eu
Software
/
Resource Hash
eeb59fd0df9b67d0489c4bc353b1c0087b8d02eb2af05cebad6cd0eb3265d301
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://wegotthiscovered.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://wegotthiscovered.com
date
Mon, 05 Dec 2022 04:00:55 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
v1
lbs.eu-1-id5-sync.com/lbs/ 		34 B
287 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lbs.eu-1-id5-sync.com/lbs/v1
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.120 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533571.ip-162-19-138.eu
Software
/
Resource Hash
e86b2df786db9badb8478c2a7adb8b1db7a8dad1fabc2911f599b8c68760f075
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://wegotthiscovered.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://wegotthiscovered.com
date
Mon, 5 Dec 2022 04:00:55 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-length
34
vary
Origin
content-type
application/json
/
geo.privacymanager.io/ 		31 B
596 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://geo.privacymanager.io/
Requested by
Host: ats.rlcdn.com
URL: https://ats.rlcdn.com/ats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.81.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-81-74.lax50.r.cloudfront.net
Software
/
Resource Hash
9a421d7cf16a54029a14eeee9dfe3cba2293bfb393d90a06cb44a71fa80aa626

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 10:00:08 GMT
via
1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 23778afe44768b6b840e47943699b46c.cloudfront.net (CloudFront)
x-amz-cf-pop
HIO50-C1, LAX50-P2
age
64847
x-amzn-requestid
be90bfcd-66d9-4595-b1d2-ddb9ad93255a
x-amzn-trace-id
Root=1-638c6fa8-4ae92c0937320c745f44e9ba;Sampled=0
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type
application/json
access-control-allow-origin
*
x-cache
Hit from cloudfront
x-amz-apigw-id
cnZiUFJLDoEFtDg=
content-length
31
x-amz-cf-id
FUaiTxlEvOf0hV4CeC04foDCzJ9fphFJqmm-Kor17tcQg6tvTXLd8A==
access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
4971712807690091454
tpc.googlesyndication.com/simgad/ 		316 KB
317 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/4971712807690091454?
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
177eba7b005421e3a266913745502d461dcbba122b22cc599c3b63a1f87cf589
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 04:00:55 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
323731
x-xss-protection
0
last-modified
Thu, 01 Dec 2022 00:19:12 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 05 Dec 2023 04:00:55 GMT
truncated
/ Frame 3880 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
243aa4e590286a301c88779fa7ae4433721c07caeb63a0a7752c035855b3b357

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 3880 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssnPzHSaHMgcNkOLw68Fduq-0RsSkSu9sk7s6wTwukSvCFQ-jwsvOtUN65Jc89S--txjZbsd2SwQ-6DHOijpabcCSrFcz4b9G3MHjHggRXRB9nkyPe8xS0p-f2ysu4QeLvuZECY3OBTFC7t1S9C-mfw6yj76R6OotAHooJO7cczMJJOrZtWvqwJHnFZiH-DW5dUGgT6i98gBU08FQ8IlK175TIp3R6uKhOqkKS4OAFZ5Ul6fWLzoN8JeRXcPivlkTjWSHjatmOV6ubf8mIIu9FoC9zSiyc6DDJ1LzL9Xwk1NlelDgaMzIEgd1_lcoM6LWgPnMp_PiZ1&sai=AMfl-YQ-5y08cFcJADUBraIqAQ_hfWt-qeiBcnlaW7jOiiqBqoqqwRAkwnmm7K44eiv2YGdItHmqNrQ7wg6qe9CBHMowvxltu7dpELYxclVPHSVi9xrtE8g21tpPQun7K7gDkLXdh4bG3KDlQD5TNMAgVw&sig=Cg0ArKJSzLVwI-O8ExeiEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 04:00:55 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Mon, 05 Dec 2022 04:00:55 GMT
publishertag.prebid.js
static.criteo.net/js/ld/ 		89 KB
29 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
61c1317e433c125a2ebbbdaf22fc3a0b3606bcb0c9cfea151425adf7b5195f48
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 04:00:55 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Mon, 24 Oct 2022 11:21:19 GMT
server
nginx
etag
W/"6356752f-16294"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 06 Dec 2022 04:00:55 GMT
iu3
s.amazon-adsystem.com/ Frame 1652
Redirect Chain
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=n-smaato_gg_n-mediagrid_n-sharethrough_n-LoopMe_pm-db5_ym_rbd_n-vmg_n-MediaNet_3lift_n-Outbrain
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=n-smaato_gg_n-mediagrid_n-sharethrough_n-LoopMe_pm-db5_ym_rbd_n-vmg_n-MediaNet_3lift_n-Outbrain&dcc=t
367 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=n-smaato_gg_n-mediagrid_n-sharethrough_n-LoopMe_pm-db5_ym_rbd_n-vmg_n-MediaNet_3lift_n-Outbrain&dcc=t
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
6f2ebea39f445400b5d4ad13527ceb329d4a88d49a4cb1e22ce13906e2210d19
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://wegotthiscovered.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
367
Content-Type
text/html;charset=ISO-8859-1
Date
Mon, 05 Dec 2022 04:00:56 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
Q4CS9WTBYBZ3WT6NGS1W

Redirect headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Date
Mon, 05 Dec 2022 04:00:56 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=n-smaato_gg_n-mediagrid_n-sharethrough_n-LoopMe_pm-db5_ym_rbd_n-vmg_n-MediaNet_3lift_n-Outbrain&dcc=t
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
E7ZX01H31MR4784YKME6
container.html
a6877dcf690d5719671ec6745f20d2cd.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame A0B7 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://a6877dcf690d5719671ec6745f20d2cd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022112901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wegotthiscovered.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 05 Dec 2022 04:00:54 GMT
expires
Tue, 05 Dec 2023 04:00:54 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
a6877dcf690d5719671ec6745f20d2cd.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 17B9 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://a6877dcf690d5719671ec6745f20d2cd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022112901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wegotthiscovered.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 05 Dec 2022 04:00:54 GMT
expires
Tue, 05 Dec 2023 04:00:54 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame A2CD 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsue3axicXrpRyI3e0cEwIlqdsoOkwfHnRUV-0UPdGquRyv0p3U6rM40Trb1vrpsu7oLxIFl5ZSIYCI1vXJQ95eDkHW2qHvByRl9waeckaYxnwLyNPGCJw8c63lyu_aeEn3Fh65quWtIZUlqjLIX608_4M5AZDe2pSU4DEuN8tawgZ4Oal6ckX9SECvUhUB4dViI2S93F0tH3tER3AiQ73vpY5do8ZizjeWKXfkXhwUUdCgK299okadWrHOmmsuKLdonvtIDn-B2CM1KuUQeytlpXcYh5mvMut593qliUwxxub3O9XQ4TKOvzRtI2rY9RjL9OAIqw_5SjgHvjEP1SFR2RbgVR7AsQ_fUpg&sai=AMfl-YSMWtfNzVNsUSrv4Fq4IoAAJ1ba1gO3j1That08_hhDhiXXxaGgUZF5B130FEiLADICrhXXJUFTZa6x4jX-fDOVJsvlYYzXP3vhUyyK7q_bKM5XtiQQAlUNt4n6Z6aV&sig=Cg0ArKJSzODZehZBvX2aEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 04:00:55 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame A2CD 		155 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022112901.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f156.1e100.net
Software
sffe /
Resource Hash
302e69dd5cd67c33a01a5d0308c1ead25d5967bd0810b0c073f9fe18124de7bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 04:00:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48508
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1669811598765935"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 05 Dec 2022 04:00:55 GMT
collect
h.clarity.ms/ 		0
25 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://h.clarity.ms/collect
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.224.31.34 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://wegotthiscovered.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

access-control-allow-origin
https://wegotthiscovered.com
date
Mon, 05 Dec 2022 04:00:55 GMT
access-control-allow-credentials
true
server
Microsoft-IIS/10.0
vary
Origin
request-context
appId=cid-v1:b1d896b3-bec7-448b-b764-240152e813e8
map
bcp.crwdcntrl.net/6/ 		156 B
617 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.1.230.20 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-1-230-20.ap-southeast-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
9f4aa60e5ea65e2f692a0a529e7085fa669a0077424da6bf580881140a5d3219

Request headers

Referer
https://wegotthiscovered.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 05 Dec 2022 04:00:55 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://wegotthiscovered.com
cache-control
no-cache
x-server
10.42.27.215
access-control-allow-credentials
true
content-length
156
expires
0
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012211060024000/ Frame BF12 		221 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012211060024000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022112901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
a01f9f2f5ba1812441a49f7f1dc0b04fb56a18b486005289b8df4212381f10ce
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 29 Nov 2022 17:06:18 GMT
age
471277
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
61592
x-xss-protection
0
server
sffe
etag
"a2fca7132416d151"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 29 Nov 2023 17:06:18 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012211060024000/v0/ Frame BF12 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012211060024000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022112901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
d89cb9800cc62dcc44a0ba866b4a080ad06f735f60a6afecbd6d691d2e8939dd
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 30 Nov 2022 05:58:03 GMT
age
424972
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5218
x-xss-protection
0
server
sffe
etag
"abd4378f71571d78"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 30 Nov 2023 05:58:03 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012211060024000/v0/ Frame BF12 		94 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012211060024000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022112901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
8ee5f53d3752309af021002b2199a06523b1fd03f3ea1cdaf5d59e911d4d8178
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 02 Dec 2022 03:33:02 GMT
age
260873
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28809
x-xss-protection
0
server
sffe
etag
"dd6615029de85e23"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 02 Dec 2023 03:33:02 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012211060024000/v0/ Frame BF12 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012211060024000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022112901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
c3f73b989e0620a4d2e12ed57a0d538e4580b8fefaa1fefbad73e0abad6d227f
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sun, 04 Dec 2022 01:07:18 GMT
age
96817
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1913
x-xss-protection
0
server
sffe
etag
"403438c4d550ee88"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Mon, 04 Dec 2023 01:07:18 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012211060024000/v0/ Frame BF12 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012211060024000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022112901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
1b1c3ea8b3d9fec1913ac70c81c83f2172acc41988e747bd24d22bf779fd19a0
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 02 Dec 2022 14:04:28 GMT
age
222987
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12946
x-xss-protection
0
server
sffe
etag
"0bacd3f1ce38a7db"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 02 Dec 2023 14:04:28 GMT
css
fonts.googleapis.com/ Frame BF12 		8 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022112901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f95.1e100.net
Software
ESF /
Resource Hash
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 05 Dec 2022 04:00:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 05 Dec 2022 02:13:57 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 05 Dec 2022 04:00:55 GMT
en.png
tpc.googlesyndication.com/pagead/images/abg/ Frame BF12 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/en.png
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
cafe /
Resource Hash
85a64faec356c3a72f249a98a037317adc730ec6d38e47653cd53be5485d80a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 16:07:07 GMT
x-content-type-options
nosniff
server
cafe
age
42828
etag
15880770647744369592
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2982
x-xss-protection
0
expires
Mon, 05 Dec 2022 16:07:07 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame BF12 		344 B
807 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 04:11:11 GMT
x-content-type-options
nosniff
server
cafe
age
85784
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
344
x-xss-protection
0
expires
Mon, 05 Dec 2022 04:11:11 GMT
l
www.google.com/ads/measurement/ Frame BF12 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTSaA6e_a4SyNZbDHD_Vj2G2-qpn5OG7OA7TyuSW1bgyW0A7IeS_je-3DeVYiRAx9DBZwgP1QBGzM7UCac7tqhq1Fuo1g
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f106.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ Frame BF12 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CQ9Er9myNY7zdIcCD3LUPrt-3-AfkrrTlbf_jyZe2EZHc6L3sNxABINjqtiBgpcCjgKQBoAGBkruhKMgBBqkCTvo0l8fIpj7gAgCoAwGqBPsBT9DRsfqaNgWhEUQVTqVDAAzI0Cr6WeDxdFlxuuMHz9oN5FqsFLr7oU7v5CC5IlsOpcK4CY7pNMhVYGidpUNpMEeERCHhXiFTr2iPdAsLmHJagYYTANnZC-ZH2gw5um7-VPED3Sj9bTd1SBLKEBX_ldHEZ2qzUrZSvyHjDdujecESs6sFltpwOFkUA2UAd0EHK_0ikiU53nUbiDtw_ZHdXUDkeq3XhjRE518fBCvBRtHD3lMnvGfjPWloQKi4FHcpEXhskqUWjd-swvOwC58aXh7GHlhs1VmtPTBIkWr5o7iv2iZ1S3YTp-XpPoGuKvbM8hUl0vI_KTZjB_3ABK_l_p2TBOAEAZIFBAgEGAGSBQQIBRgEgAeByouBA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEMm_JNIIDwiAYRABGB0yAooCOgKAQPIIG2FkeC1zdWJzeW4tNTUzNTUyMTc3Njg4NjcyOYAKA8gLAdgTCtAVAZgWAYAXAbIXHgocCAASFHB1Yi02ODk3OTAyMTkxNzE0ODMzGNCcEg&sigh=Yko_fzIFAXc&uach_m=[UACH]&cid=CAQSOwDq26N9H0wT5ceVPoDx37mVXebNSVFrLzCgBZjnzfw81joLxKhgzDXDXc0gLPdVv0JuBjkjXrvwdQPjGAEgEw&template_id=492
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers
truncated
/ Frame BF12 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
af9fdf82c6453a8916b00a725915136209e20015a8375a4b483ad4f1d36e9496

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type
image/png
bidding
bids.proper.io/api/ 		0
171 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bids.proper.io/api/bidding
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.37.90.245 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-37-90-245.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://wegotthiscovered.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 05 Dec 2022 04:00:55 GMT
Connection
keep-alive
Content-Length
0
Content-Type
application/octet-stream
truncated
/ Frame A2CD 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
639966fde1c8c288f7d8a48d8bcc34849d461da65f61cf7231b608572068dd98

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame A2CD 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstvgzHaPjT2iBrzP-ADYffvgrZI8nzYUoVhBVsATGVZMwsRCkfhBTImM5a8Jtqm_MrBhbb5nLX-CpeQJnPtp1kS6s2JcSET9RSM6Wm17oVcKy-VluJsDuZmvZwDg3IEraMCOLChwo1fXGxMsL9EE5FIMvTJKoXclrba8pzD5OlZPGdNtLC45f7YNLH4zpKk47qiv8Pza5EyZGbu3-Iys1Q0K-5oZ8ube0xAerwmPgYsHhs7tN57dLBITE0t_0Wo8_eo4bwh72t9gnPnmUh90Nk3UZ2bLIOAbPGYuDtLwYUxfsycFvEiqSxlGA3QnsJlyv_1y7KPoZOdn7UtEqdT0xFj_XshYO6v-_YHhiC6&sai=AMfl-YR8d7kl2zYbTjvu1wPm6SiFGki4b0tP93suUrgBMa0xnIn-EXRH0tlzuT5Cx_lMxs0F6Hffj_sVheLyq6pju_FXRV1QlfdyHmugPgYZNv1uhg4y7ByMGsK7qiaVZUsE&sig=Cg0ArKJSzCNmXR9wBDzpEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 04:00:55 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Mon, 05 Dec 2022 04:00:55 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 7998 		645 B
254 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CIy1sAIQ94CW-gEYgoqE2wEwAQ&v=APEucNWaaoF0haKXCrO8Mu8mEtLKxCHxyylxrMir3QeNErvErbyIx4ps6hrqkEleS4xEDTz3nNIk2CUbFekHYYNtjvwiNZ0KK8q3YXN1P1UuGmuf7-9oObE
Requested by
Host: a6877dcf690d5719671ec6745f20d2cd.safeframe.googlesyndication.com
URL: https://a6877dcf690d5719671ec6745f20d2cd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f154.1e100.net
Software
cafe /
Resource Hash
a08acd55bb001aa85ced7f4f93a4a1446ca18a17689e872b59a9da81ebe0cd45
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://a6877dcf690d5719671ec6745f20d2cd.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
234
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 05 Dec 2022 04:00:55 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame A0B7 		80 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-ArHW2Kr7Erh4w9ri0dGsF3nKT3RPCDKh-HwPlPtHnD9AFXaAQk5bG-9RuATc9gWTI2FyU2OLZTITUGMO_BcWfowTVZJSkXlgIZYy7_4-fFBfWz9f-fyvvIK-Ydtnm90NOhRGG0z5n-O5CVXTomCEH3DD04LtkOidhptcFWbrUTYcBQZIE&dbm_d=AKAmf-DJDZ6kqFjirAUZwFujcxA5Q_BsXvtJIb1DOGnU5qgoFN-SPK8qmLGdtENnpwrd5UeXlLOuPXb1GlPFPxSce4eMMraAGbf34jtA5ihnkPevPczQragtJs4Djfz23_s8Uu_LB-APtY_1cmIp2C2zT-a8ZrOKzuN0P0G9breMufgGFqD8C4UiR-PmofAQ8vrikCMnNYcsylurxD2zHFko2OzsibKjJyoyXO4dNOKUFCDCOrXyHZzUp1nLwchKBR273E0fyBvWSFgYL_PO0hQKC6X5bf66vKpotpm1sMGwIDd0qphm8IQkUzsUB8O2SzHSzii6NeeWjwVz0kF1oPywSYyI89Gqv5MYdqegKGiz9LkJs7v8dezEVXz1xbJfDJcbNMDv3tOiURV7SVV_M0F0TgKzUc4TxzwR2NbbLTVyzMU6e7vQCsikl9NjeKKcyuKx7ECdspP8iYChDyGkNHuKKiet2KQDVt9r2UPmMJnw2bLAmpqalcx3j6pnaREYFL7Bg72K-4YC1s_lokSLEHKvKpczV9k4s1A5vxl9AsTd_20Y1_0J7P3BDlMpGFpBvH45lnt2Wu3_EszJSH8c4ny6gy5xbhftqfhIP08eEXpN4K2d6TDIUaGgRVr8sHtIwO1_L_244MQ1baON2QIOaIwt00B8C0CIBxW05Yennd3FGymb2ChDguPjloOG1_G2WAEtTYxAlCL7TNRTbcYsfY2lxIrqasGlE7_7d2d_n75Mh41-ktrIYfQUGOGd4Kvf4I_fPfOX4lz6SaZ4-xRLLSV3dAO3e3EaAdZoKDtqrCOQfSBA7soCxLm5MtGMIbFjTMqmNnmI-iKtK-r7J8soaDKLDM4rRGSMVuTP1K4RV6xFEWF_rz8iL88loaOdZ9jd2jVsyKupfBW5tX-cKIihYWjRAcXj3f7vLtyKVUAE4iGl6PM41fm3PtTaBWHp2PYQl3XKmdX85e8bw5k2suzcdPbRuxUo2dWYuBJOP_15qNf15Z9nRniE0dJEm1s5GxYs-Jue-JulcWSMmNcIoWzHQtDSQea6wmTfDVHT43MRqrqo0ZR2XufZOWSFV5a2lotYuRM-Isq3DZWRHf4VivD59mAHgcaMEN9e7wHxYOzG1gzFsvSClRsi4g2ZAf33LwUgAUtgZX4e1C8A4_mzvkwDFpcJy5bTrXDWjmMeJYTVplMVZgD-x1lA2oAW1W2wIzWM9xEpJnM5bji1_4DdXWw3VWtxE9kIl8hUY63EReNPJNc2pO2XWEmA-LhWEKNQaOB2WEcuW_W8jAjcKgK9jOjO4jqbhbnJXCgb7tUeajclkfUP2-H3t1AeDlc2v8g-w84txLO1p8291wN20m_LrNZ-OudeED1jadkrSqoWdtzZoGmFAQrMibVFlk6s60TBWSysa44aOtzO7JDZXXwM_ydNL-yAbxlLeGxXAR_4adVfRx0Cet87CYvwY2DKEDf3ijJHFmF86JPT9xmIxmdIdvh2tR_V4qWtF62TcJg2z7Rs9hlhdBnRRAH7B1dOaRPfXqdFPJ0n46D3KjWXepmpTP6NEfmBohqSWIradPcLcayPQL2AQKmqpKnERNpgfwxMGyI6OoV4iyPNjdX363JZZus-rENfeLHw5HrJyCmvmON0itvlhXA4is6kKWVg80NlmwNvcWQ66xPRJg-IFZwbih9dHn8V23BJ6O1YnMOcvAMJ0YMfGIlRNuFKjNg7Ef6XuCMhT09ZN4Gce6wz0F79Du3BAlPimKtBzfwwOnrlf4eRaEr0LxIUS49ZPoMztfo103WVgqVnerh6LtE4KnlmLfNtyaM1IOCysjoBlWnI7mlGMyGvhzoDlSeavMkcW03ZsH0CSoKFBLCNjKqEw3TWZPyBLSCkscT9MM8_dPe321KeV-4DNw0PzHQfrFwo3GNwIs37cHlnatTKqZKF4JxOmP_kYLQ0bhbCyR6hGKn3SU3zjV3XQweBiSqgpVZNdNo3lQN9ekAQjpA-vXfjXyJoQf96rsgY0RcGCtdxAGoiPtVTJeKds5OZwEtZ0B4rfONtqUDzvHfLVIhmbDOSgBcRvlF0qS3cNNmPS2j-2S2zJdgD1Z7fPcYB58jcicOrkyd59JXq_RHxNtkx6XqKO2OmMhKXIZb7ZbWsPbtXFuTB_aHZUg5do3H8o1w3SN2ncMtz76uL72EgBxQ_oHjYj40qRNr1skhus-NKsiVPnaF03qyrEPsgeivpr_Az1J0BWd4Tv7NfpliFNO1TFVtL9zodK0kHbNDrGic7Pe0mj08HiDNaRA7tPxvROad6-yyZ00JrtngUOZlUr0pkLPJyhQYbfMzyWN-PvDfjQ75rsSd8BWEGG3f8qMMO7lcwWH-Hc3UPc7zLw0SAYMeAQcUEt-Bq465-T98jsMJDSfT_s0RB6ZLXq-iSqqMm5dIBhKqoUTIyV6YxGRolO9tOxcjoEm6Gcnfe1Dh-_HJbxgA7zM0orSCuutf2Y71QflE1HWx_xtmgO90ST2F-2qqtK8nNef4CCC9cjviv32d3XvHwbWXvVEgvKfBXqPupWUgo1unc8yxZSF7RPEpER5grpByk6vI9J85yOsX50lnFgMq5PBrIT5edPRrEIIaCZKbPSWh5Ck5Muk9G77Wlq_o95WdefBlEJlANNnzZ_viIilpLKpo48zDvsNHMwFFP17GLVvU1yDClzY3HuEJyOgRxqOMFNp2nl1DboTy4601FmQHR0LPct_VWB126y9PXbIiI1KF89XJsEfaTAHKhosw7ZohsqyGUgcIinUA7VxW9TfOe1mAoxTLF_ryr4IU6emDzIuoxk-CZV-Cv-r_Sa5J5oT6C__7WS79eE02G9qr3vD5z0g2CT9jXKTvwtBXrmRnVP3D0pTMykd6Us_qxDKkYTpUiTT6qN8aIyx7JhZ4FD1F9HDaapJlYyQZxdygmdwzcz3UcceXwp9D3lGYFavkV0MJc805GocGSwEvyIDPqbcjeihdvGl1RUvNMwsUNK32qBK39UB4ihjqyRWTLWD-OtVvxQbY97VHRUW3nOGE-pgko03c2OTnkoeGb4VmS69UCi44ktXEcVZGRFwqJovBJ3TzVFJSmGwzeyzoyJExp4-Hue-7rRq9DtScyLKthh3PVq1npqmzyDZGT5a0Pf-kDfJS782NSifIVHfTofmSsgp0jyvAPqxOUFuxrKcGmaG5sOZ_7hJGEsIMGyCcxU5_5hiQcl7dwF4S8_B7XYMOFKZMtGjcwifIkXPZGPe8vDT69ZAXautoOknW73EeSFS3mqhRdBepg_hDiW8I9V_3NOsrglZd93NZpBg8Hg3h0wCun-w22jXxbUZZ5gjd65PbeK8puwKtS6EQlUJL3hqe1qaIPayq92U0vueoXWyVpyjcwf1QVcKqlFmdy8pjG8-1XFL-q&cid=CAQSOwDq26N9H0wT5ceVPoDx37mVXebNSVFrLzCgBZjnzfw81joLxKhgzDXDXc0gLPdVv0JuBjkjXrvwdQPjGAEgEw&rfl=1%2Chttps%253A%252F%252Fwegotthiscovered.com%252F%240
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f154.1e100.net
Software
cafe /
Resource Hash
b0dd6a6d3593b5bbb952522e13d6b85af3da1b5f92c2ace9d5076ebfdee27a37
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://a6877dcf690d5719671ec6745f20d2cd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Dec 2022 04:00:55 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34814
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame A0B7 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-De6Hi7aPdGAqJv5RSpzjDQgl3OZjDPzTJrMcDc8zfVaJUraX28Ehu1qay33-sUwcEwgVTK_saDKvuWl4PnbRGYJJYbWkn8MVteliP15h4Cmg_HtXU
Requested by
Host: a6877dcf690d5719671ec6745f20d2cd.safeframe.googlesyndication.com
URL: https://a6877dcf690d5719671ec6745f20d2cd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f156.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://a6877dcf690d5719671ec6745f20d2cd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Dec 2022 04:00:55 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame A0B7 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js
Requested by
Host: a6877dcf690d5719671ec6745f20d2cd.safeframe.googlesyndication.com
URL: https://a6877dcf690d5719671ec6745f20d2cd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://a6877dcf690d5719671ec6745f20d2cd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 10:20:37 GMT
content-encoding
br
x-content-type-options
nosniff
age
63618
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 18 Dec 2022 10:20:37 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame A0B7 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: a6877dcf690d5719671ec6745f20d2cd.safeframe.googlesyndication.com
URL: https://a6877dcf690d5719671ec6745f20d2cd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
cafe /
Resource Hash
78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://a6877dcf690d5719671ec6745f20d2cd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 10:20:36 GMT
content-encoding
br
x-content-type-options
nosniff
age
63619
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7458
x-xss-protection
0
server
cafe
etag
16870613375306414947
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 18 Dec 2022 10:20:36 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame A0B7 		155 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: a6877dcf690d5719671ec6745f20d2cd.safeframe.googlesyndication.com
URL: https://a6877dcf690d5719671ec6745f20d2cd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f156.1e100.net
Software
sffe /
Resource Hash
302e69dd5cd67c33a01a5d0308c1ead25d5967bd0810b0c073f9fe18124de7bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://a6877dcf690d5719671ec6745f20d2cd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 04:00:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48508
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1669811598765935"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 05 Dec 2022 04:00:55 GMT
primisslate.css
live.primis.tech/content/video/css/ 		18 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/content/video/css/primisslate.css
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D31322D30355F30367D7B7331363635343432387D7B4337377D7B536432566E6233523061476C7A593239325A584A6C5A43356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583630307D7B593430307D7B66317D7B4C31313033347DFEFE&userIpAddr=103.209.254.83&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F108.0.5359.94+Safari%2F537.36&debugInformation=&isWePassGdpr=1&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&sdkv=&isSinglePageFloatSupport=0&isAmpIframe=0&csuuid=638d6cf666bb7&debugInfo=16654428_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16654428&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2810upwijyhl&secondaryContent=&x=600&y=400&pubUrl=https%3A%2F%2Fwegotthiscovered.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=1&flow_bottomOffset=50&impGap=1&flow_width=340&flow_height=192&videoType=flow&gdpr=0&gdprConsent=&contentFeedId=&geoLati=-37.8372&geoLong=144.9354&vpTemplate=11034&flowMode=below&isRealPreroll=0&playerApiId=primisPlayer&isApp=0&ccpa=0&ccpaConsent=&subId=default
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.8.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-8-105.sin5.r.cloudfront.net
Software
nginx /
Resource Hash
616f41fbbcf44ba72bb9c97132871526164c81d78f56a15e04ece1a44eb5606a

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 04:00:55 GMT
content-encoding
gzip
via
1.1 884565e44bd03047bbadc5b86c50509c.cloudfront.net (CloudFront)
last-modified
Wed, 09 Feb 2022 07:06:35 GMT
server
nginx
x-amz-cf-pop
SIN5-C1
etag
W/"620367fb-465a"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/css
accept-ranges
bytes
x-amz-cf-id
x0VpIGNcfsck5plLLnaDOkFv91GK3uAzFnrfz6xxIHoqCYBmZVDSzA==
apstag.js
d3div1mtym39ic.cloudfront.net/aax2/ Frame 2D39
Redirect Chain
  • https://c.amazon-adsystem.com/aax2/apstag.js
  • https://d3div1mtym39ic.cloudfront.net/aax2/apstag.js
178 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3div1mtym39ic.cloudfront.net/aax2/apstag.js
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Server
13.33.100.164 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-100-164.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c77c73031f12ad805be49f065989e35ee84cdeaba71e1b64c650732c921409df

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 03:37:09 GMT
content-encoding
gzip
via
1.1 f376d87611123aa47c006262522a6a94.cloudfront.net (CloudFront)
last-modified
Wed, 09 Nov 2022 20:51:50 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P2
age
1428
x-amz-server-side-encryption
AES256
etag
W/"fa24fe2b94a2fc864b1ec67f32e8db32"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-id
IFOoKWF-Pd44jp5XCGZikoh1Ct1vcP5QgJYnM9NsAFVfSecVWj8PWA==

Redirect headers

date
Sun, 04 Dec 2022 22:47:38 GMT
via
1.1 26d217ae6e701acdff710e730b58288a.cloudfront.net (CloudFront), 1.1 daab5b369e744b6004b3b934cdef659c.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
SIN2-P2, SIN2-P1
age
18797
x-cache
Hit from cloudfront
content-type
text/html
location
https://d3div1mtym39ic.cloudfront.net/aax2/apstag.js
content-length
167
x-amz-cf-id
eszm7xj9nGr2cgR4a_S_PpxG5u-TX7agIsU3jSjxCKTU2Rz8CL8Tog==
ProfilesEngineServlet
api.intentiq.com/profiles_engine/ Frame 2D39 		93 B
907 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=39&mi=10&dpi=793790479&pt=17&dpn=1&jsver=5.09&iiqidtype=2&iiqpcid=d9309391-40b4-435b-8db6-eb3b97cdd1a6&iiqpciddate=1670212855908&iiqcallcount=0&iiqfailcount=0&iiqnodata=false&iiqlocalstorageenabled=true&tsrnd=309_1670212855908&fbp=1741815379&cttl=43200000&rrtt=0&dud=0&abtg=A&iiqppcc=0&vrref=https%3A%2F%2Fwegotthiscovered.com%2F&ref=wegotthiscovered.com
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D31322D30355F30367D7B7331363635343432387D7B4337377D7B536432566E6233523061476C7A593239325A584A6C5A43356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583630307D7B593430307D7B66317D7B4C31313033347DFEFE&userIpAddr=103.209.254.83&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F108.0.5359.94+Safari%2F537.36&debugInformation=&isWePassGdpr=1&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&sdkv=&isSinglePageFloatSupport=0&isAmpIframe=0&csuuid=638d6cf666bb7&debugInfo=16654428_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16654428&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2810upwijyhl&secondaryContent=&x=600&y=400&pubUrl=https%3A%2F%2Fwegotthiscovered.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=1&flow_bottomOffset=50&impGap=1&flow_width=340&flow_height=192&videoType=flow&gdpr=0&gdprConsent=&contentFeedId=&geoLati=-37.8372&geoLong=144.9354&vpTemplate=11034&flowMode=below&isRealPreroll=0&playerApiId=primisPlayer&isApp=0&ccpa=0&ccpaConsent=&subId=default
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.155.68.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-155-68-12.sin52.r.cloudfront.net
Software
Apache-Coyote/1.1 /
Resource Hash
100cb6165570b3968be23ab06f803bafd1ec6b404182fb222025b301a1d319d4

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 04:00:56 GMT
via
1.1 740fccc7c62d49696904618862f889f8.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN52-P1
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
patent
https://www.almondnet.com/ip
pragma
no-cache
server
Apache-Coyote/1.1
vary
Origin
access-control-allow-methods
POST, GET
content-type
text/html
access-control-allow-origin
https://wegotthiscovered.com
access-control-max-age
3600
access-control-allow-credentials
true
cache-control
no-cache, no-store, must-revalidate
access-control-allow-headers
Content-Type, Accept, X-Requested-With, remember-me
x-amz-cf-id
xYR_HS3CV2XJZ2NwXsT5Lw9JRJIOj2UtVxIQUOoWhG4ptd13DNewhA==
expires
Thu, 01 Jan 1970 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame 2D39
Redirect Chain
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&secure=1&dpi=793790479&rnd=423642&iiqidtype=2&iiqpcid=d9309391-40b4-435b-8db6-eb3b97cdd1a6&iiqpciddate=1670212855908&tsrn...
  • https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&secure=1&dpi=793790479&rnd=423642&iiqidtype=2&iiqpcid=d9309391-40b4-435b-8db6-eb3b97cdd1a6&iiqpciddate=1670212855908&tsr...
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156872&pu=https%3A%2F%2Fsync1.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1402230080%26mi%3D10%26csh%3D793790479%26rnd%3D...
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156872&pu=https%3A%2F%2Fsync1.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1402230080%26mi%3D10%26csh%3D793790479%26rnd%3D...
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MUQ3MEFDOUEtRkVGNi00REI3LUExQUUtRUIyOTIyMTY1OEM0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEIIUZvUHDUlIqYn_08wlweU&google_cver=1
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=1402230080&mi=10&csh=2023874098&rnd=1738078019&pcid=E0D49FB2-6484-443C-94BA-B894703FD7A2
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1709765917%26mi%3D10%26csh%3D2023874098%3B1402230080%26rnd%3D-1209231281&pcid...
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=1709765917&mi=10&csh=2023874098;1402230080&rnd=-1209231281&pcid=6665481102401954734
  • https://ssum-sec.casalemedia.com/usermatchredir?s=200547&cb=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D201339086%26mi%3D10%26csh%3D2023874098%3B1402...
43 B
851 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=200547&cb=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D201339086%26mi%3D10%26csh%3D2023874098%3B1402230080%3B1709765917%26rnd%3D139110967%26pcid%3D__UID__
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Dec 2022 04:01:01 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lvvwCQ5%2FvZceqdLJqpIPuY7%2BPdcOvu9wukzeIWyFnwjIrG5dMUUhN6n1rEHvXLwrYfywf3X%2B%2FbUBLLpb8iZp%2BBDMn2OjkxZzwo4uab9%2FloM0fkWVAWL3LbK0tgC%2FVATpquBZ%2Fv%2BhlQB3vQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
7749e0cd694a17c9-MEL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 05 Dec 2022 04:01:00 GMT
via
1.1 0baa68530535d25b0fce15971fbb91e8.cloudfront.net (CloudFront)
server
Apache-Coyote/1.1
x-amz-cf-pop
SIN52-P1
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=200547&cb=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D201339086%26mi%3D10%26csh%3D2023874098%3B1402230080%3B1709765917%26rnd%3D139110967%26pcid%3D__UID__
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
patent
https://www.almondnet.com/ip
content-length
43
x-amz-cf-id
yGOIxnZorvCkuluomNlB_s2K0EsBnKDdtH0M0-VsGwNlbczoHLvnZw==
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame DAA5 		645 B
254 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CIy1sAIQ94CW-gEYg4SE2wEwAQ&v=APEucNWHCuIx4ZZLqV6YRVyMS16EUFCI6DmU-dkRjuNb_yE2Wlp5QEfLvbWtp5fb7TW_NKZbdLriZKcK4dilGFqENoI4-sW9rfeRG3QJqs9RTClT0AWFL74
Requested by
Host: a6877dcf690d5719671ec6745f20d2cd.safeframe.googlesyndication.com
URL: https://a6877dcf690d5719671ec6745f20d2cd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f154.1e100.net
Software
cafe /
Resource Hash
a08acd55bb001aa85ced7f4f93a4a1446ca18a17689e872b59a9da81ebe0cd45
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://a6877dcf690d5719671ec6745f20d2cd.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
234
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 05 Dec 2022 04:00:56 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame 17B9 		80 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BoCmbcfiVIWgyqAY_Pp562Q2DgaiFXsfMy5kVNYCuiLulHn-7poT6UKD1agLt_1IV6aab1lhjFa_ihdsR_OCLeLXKDRpX7ooFMR7qKGQgg825rISPQ1FGQrfqxG-0PfF51_-p0MQ3EuoBbZJmobiug70jVCE3AQ7DK8agCokQGSERFjrM&dbm_d=AKAmf-BTNg4Th-nCIgCgXZDB9WSFqMWIoqzwyF79KdiBUVxHVLGI-2fz1A4nrFJ6kxvl7rQ9p3iaKHsUQwRVbEFMYoQR2oPTdYgWtdxeDbgpWcE695iMfPJszyHiLOsJ6LuhZGlxMD1IRQWoL-03UhlidbNEAsFBJSodgdJ6kNhTxvE2ALz-mKt7YWP3GaA7hsLIilpCHuYyL1YH_M8kNPo0A5GRAjawiB7JJXK0RNZDLoJBx7Fd6mxL8_EeSP5P1w-_NSiII_7eBwI3vonOXmpVgLpM7wU9cLGNQO1tEutW4MI0C8zBx92jpZGGJkaE-XdSZuFeSvGfy623PXi9w4McpYslPUIEWAgFRdAe2LUqpa40HARjatwiZGFbGv-tj5HEDVtFIyinXyFAgk2xQVIjXrd3URaAdZTIZCX5bSI3dPrP14vy87iVXXaXiCWADC1dSJVCHL1hSaUOkl9p18n_hwjHkco4fgZG0VUy-3-ljZBkYu630pwqxcOoiNabW9Xr14PiWAF4jLioL8b0QW3PTVPEQ9uFmm3oVbJixbeW5gHwi5K-41SXt9dRjDm4Pi-yDaP3fObJgMHFoUL1BbrgVM5YDobn8dbpyPuaeV1yKrm-jNW9FPAyWcymX_K1KcN2CcEnb3zWa3HIlMoB2QVwQmPAseXdO_UrdQA7JRMaxFpAodpdinFsjxuVuhK_vLigu0Dcn54wk7em4E1Fc2l0EWU35194e1Z9GpuyvyJBo7RBDfrAR1CPcfF76qX9LyXL3CgqpSJPoqMkDgR2sHLGJzEOKI0zKeWhDgrNhplsKadTrQXPiQgsjPSamqpJYNRJmCZLzZDHx6kmbBZensDUd2OCGfttQU0IzyxLKQREGDec8GdK70vOohxqjj98qwdTnyQeUILlrG5UeUcyK7EC__idhZNaNLqJj80p5YWG7JY6uLUjCH8bjHq_G90UYRByzM-shxpTK4c2Z8c9VfwI5uS5phIyTdMt7hNFqQtQBOejh7gBXz77lwGDjpKUQ27cMDFJ7hCj88cccASy00TgJ4CDZGeWFkuRP5EiAx9wm-utJ4cn9C9e_BV_h18Tefn7-nWIBd152ZFMOEltaRbLF6306y3SEg04YMQwAM--FGNsoH3BYwVn8JHqrPOysLY_HvnAQk8kbxvEz49jY9_xWN304OHl_k0XJ5EtFs9YQsmlCDNSV2EkEm1WFCBdJpQFC-KVpevtkKCCaU3oi4cTwmHqWSHOY48Qla5uFt4YlbnWs70CzXSRZQ6ILsnJ5VGeIbtQXlGsqQ9uTsQcFxsnjQD_YM1l_qy1OFb5x2IrW7gtUJDR0aePoAKrjt4vK99QwRBoe4vs416jU7AzHHxxG4Gr7CO9IrtCaZZAuA46D4hzfWGM_4OdpUi0ceFTeSjZ0sPWQaReuKaasc5pz6Yo0zILWlhtnBfTF2qaGTf0xsG-XyAWrLM3JlyRiD-FFq5ZURLBTtubGEuwa-N2PHdUPG9FOduvoa64e_ihVL1vAhKtRsU8EmNohflLjQ9rupAJLH3miFhoW8_FCD7bsJ98EpZGHHvdSd6oHRtYfZYDLd8v13qG0DDxZtsHybxP9z4zdlIh-AO1Exfjox4PJybyjSuI5dLUBesz6z2ADosmApM6ucJq3AHMs1TrEE_z1x5Xo_gQoIEJxF_BjuExNtEwPTmZzCpyt3Smg1lEMynP8pQkxA0bIV3IRGpsFJyHkXCLtkDm-hqkr5qNb0JDMZgs_zQW1PzkPhZrG_mtdUJuWr4r25Ti-QNR9a2EqPYNoBniEQqyMThqBjQnK-1YMMwtTZ3pHyTigiTDMsKDdR9nkghguRKPixUh1mHyRshPT8jFc7ymBil4zAdAsNc9NJc2JH8eZKRMvU9yzDonU0Xp-GwoyUjPZsxNtrZY4jKCb7z8Z29JF13rZsjp2URK8J5KhkvpbxJXWhT9ylhtelRO3nk-iys3Ceix47VtY3bZJ5iemIbgWdDzSM5Y8ceij3_K4SV6lCLROQ0lgAuuZqNeS-eGHKPoqOQpTmvdgxN05Iqf5QLF2Dp7hZTBfZbOVhedqXwGvpLWth_sgasiBQkBLaQJ8kKpPzESmXzbifszEZa5ZxWEMGU10imqapFmGmSWEtFEmAiY5F-wEdqzbNV-Gs1Aw16ESqiY6UGI7Os_w_k5LIRaFXuzqB82NZp5g6nZJrlkPcVDTQB9MI8L__96UT29KQ1NNvH07mzcoJhtdcTp5fMlDG0EbcC4MmK9bYTTzAoAtkb_wVBisH7cZpNG3SnYRSF7uANuuliniibEtTp9cO3Mu2U_3EDUIJnwU73ydpp1X6NB_fFaUTgRaNPbB9fiqvk8BJVIzO--yPAeNIsdqxYqXni85QtuUw5trkDbPwJqxtYEUS_SOzshSulNpLrFmLPZsqCWo11SPY8Otj2oa1tKZ_J72mGFPsywarPeb5Y7uTgQRwfX0vn7D5mDnfmkEsrylI73AJkCbZlR_uQI8iNtNCRLmmO634fJ5EftVFqeyBMRoUKRGYAVHNqabZ-5xJdpjbNTwYdRrWtFV6K-2a5rU-1MBv_Qee12MDSQSLc_aHicCqkkp4qDI9F7IxMqZF8n3ASFRX0m2QJa7lQwE1ByGLvVacxjVnvvi28aAPx4eSX6XEUPZqr2mEETkwSGPKWZe1Z4rVzH4DBAAzJclb5W8vVAywnzKjpnJiCLwMrSxCCWFHGVepEUsaLNhGJiPONam2GUaq-tHdWLWUm5HU2ybRDqF4rND6z8I1YmxCLu-ZP50CJdrrZ_z14Y_eyTog73-GmyIVSXdSyW8VsQbfAzUdnif0LJhca6IW2HWVvhwxe7jb_tSmxw9Ewq_pjJsUdQ90Jyz-l4Y0OIjgp4uNWGFaYZccfpkH2MXOeQBJNAesSFbAaOm6ebBFFBTT7gq8zeaIKq7lviHpLjt5cNmz6eCYT1gssP80OqyfzwF9wdUVTLxYpKYlrirjXVbAXZ-LkGlXLSyVqaCB1DiW_veVSdKrCan4DQBgH2_7VXp25cYz55J9WMt5wjw6qFCimvIaUzpxala9HfqiZ6OtwmsXLazbODV9lAbSDvHMR8RFRHYNRVOGL3L4-3AbM3d4i3LzrnbS46phRGbuEUfWH4QNF1ak3ox06WIp7d_1xyX2DMfq1A9jwnARYXI_tBgpfSmSYO1EvXkGMoln3YDsckHv7J6vveS0HFL3wN90Pz8uCtxIytki3nxK_Yj_KuSfIpTx9tfTUGgSCjiLegl2VBz03cuvOnUvJGcLSl5GMv85ZbFwvvANoUdoNDZlvcBkT-MeIZa1WMuNnKNo8XoY9v9prrnayq-Ga4EyEy2H0PxERq-FJnZwr_-fTvoW7gHcFcpiNQaMBlkjf3cxP6faKiADFVYaFB&cid=CAQSOwDq26N9H0wT5ceVPoDx37mVXebNSVFrLzCgBZjnzfw81joLxKhgzDXDXc0gLPdVv0JuBjkjXrvwdQPjGAEgEw&rfl=1%2Chttps%253A%252F%252Fwegotthiscovered.com%252F%240
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f154.1e100.net
Software
cafe /
Resource Hash
109a9bdc6b8dab426645aeec2eebda6ef3a200e3abc4e4a79c4707bc7f6073c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://a6877dcf690d5719671ec6745f20d2cd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Dec 2022 04:00:56 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34787
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 17B9 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CijFcaQjXz7vseBWvuCH7xTylyZSZMQ-TmiqD8Iw78r6CUIQCCL4Uh0Bh5SyPv7uQPNEaXhMO-F5GibOhuDr7n2Lz_w5Yqg3GAavnxeOEBg0CXB5k
Requested by
Host: a6877dcf690d5719671ec6745f20d2cd.safeframe.googlesyndication.com
URL: https://a6877dcf690d5719671ec6745f20d2cd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f156.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://a6877dcf690d5719671ec6745f20d2cd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Dec 2022 04:00:56 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 17B9 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js
Requested by
Host: a6877dcf690d5719671ec6745f20d2cd.safeframe.googlesyndication.com
URL: https://a6877dcf690d5719671ec6745f20d2cd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://a6877dcf690d5719671ec6745f20d2cd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 10:20:37 GMT
content-encoding
br
x-content-type-options
nosniff
age
63619
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 18 Dec 2022 10:20:37 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 17B9 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: a6877dcf690d5719671ec6745f20d2cd.safeframe.googlesyndication.com
URL: https://a6877dcf690d5719671ec6745f20d2cd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
cafe /
Resource Hash
78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://a6877dcf690d5719671ec6745f20d2cd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 10:20:36 GMT
content-encoding
br
x-content-type-options
nosniff
age
63620
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7458
x-xss-protection
0
server
cafe
etag
16870613375306414947
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 18 Dec 2022 10:20:36 GMT
l
www.google.com/ads/measurement/ Frame 17B9 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTeLOO3sKONT642TttrRbjQrno6GRPjVx2iziNIgXNRZ93PANzGXxHpvmvU3ceeQxS_0DST8n4RDPah5y_PpQhgzSU06g
Requested by
Host: a6877dcf690d5719671ec6745f20d2cd.safeframe.googlesyndication.com
URL: https://a6877dcf690d5719671ec6745f20d2cd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f106.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://a6877dcf690d5719671ec6745f20d2cd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 17B9 		155 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: a6877dcf690d5719671ec6745f20d2cd.safeframe.googlesyndication.com
URL: https://a6877dcf690d5719671ec6745f20d2cd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f156.1e100.net
Software
sffe /
Resource Hash
302e69dd5cd67c33a01a5d0308c1ead25d5967bd0810b0c073f9fe18124de7bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://a6877dcf690d5719671ec6745f20d2cd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 04:00:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48508
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1669811598765935"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 05 Dec 2022 04:00:56 GMT
445.json
id5-sync.com/g/v2/ 		456 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/445.json
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.116 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533567.ip-162-19-138.eu
Software
/
Resource Hash
9e1f20b28bb28036c9fb747a427557bb17632deb4de587cd4de4645cfbad8bdf
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://wegotthiscovered.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 05 Dec 2022 04:00:55 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://wegotthiscovered.com
p3p
CP="CAO PSA OUR"
access-control-allow-credentials
true
rum
dsum-sec.casalemedia.com/ Frame 7998
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm&gdpr=0
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECX_wRNbjOAbRH9pcM_qC-w&google_cver=1&gdpr=0
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECX_wRNbjOAbRH9pcM_qC-w&google_cver=1&gdpr=0&C=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECX_wRNbjOAbRH9pcM_qC-w&google_cver=1&gdpr=0&C=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIy1sAIQ94CW-gEYgoqE2wEwAQ&v=APEucNWaaoF0haKXCrO8Mu8mEtLKxCHxyylxrMir3QeNErvErbyIx4ps6hrqkEleS4xEDTz3nNIk2CUbFekHYYNtjvwiNZ0KK8q3YXN1P1UuGmuf7-9oObE
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 05 Dec 2022 04:00:57 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

Pragma
no-cache
Date
Mon, 05 Dec 2022 04:00:57 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
/rum?cm_dsp_id=45&external_user_id=CAESECX_wRNbjOAbRH9pcM_qC-w&google_cver=1&gdpr=0&C=1
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
0
Expires
0
rum
dsum-sec.casalemedia.com/ Frame 7998
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&gdpr=0&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&gdpr=0&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y41s.exRswArRX4.re5XYwAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECX_wRNbjOAbRH9pcM_qC-w&google_cver=1&google_hm=2
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECX_wRNbjOAbRH9pcM_qC-w&google_cver=1&google_hm=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIy1sAIQ94CW-gEYgoqE2wEwAQ&v=APEucNWaaoF0haKXCrO8Mu8mEtLKxCHxyylxrMir3QeNErvErbyIx4ps6hrqkEleS4xEDTz3nNIk2CUbFekHYYNtjvwiNZ0KK8q3YXN1P1UuGmuf7-9oObE
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 05 Dec 2022 04:00:58 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Mon, 05 Dec 2022 04:00:57 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECX_wRNbjOAbRH9pcM_qC-w&google_cver=1&google_hm=2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 7998
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm&gdpr=0
  • https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESEKhNsvfUCCvLxT-K66ZLGmY&google_cver=1
43 B
1018 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESEKhNsvfUCCvLxT-K66ZLGmY&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIy1sAIQ94CW-gEYgoqE2wEwAQ&v=APEucNWaaoF0haKXCrO8Mu8mEtLKxCHxyylxrMir3QeNErvErbyIx4ps6hrqkEleS4xEDTz3nNIk2CUbFekHYYNtjvwiNZ0KK8q3YXN1P1UuGmuf7-9oObE
Protocol
HTTP/1.1
Server
104.254.151.36 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
897.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 05 Dec 2022 04:00:56 GMT
AN-X-Request-Uuid
b03a9119-4561-43f2-8566-5b41c6ddfd39
Server
nginx/1.21.3
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
103.209.254.83; 103.209.254.83; 897.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 05 Dec 2022 04:00:56 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESEKhNsvfUCCvLxT-K66ZLGmY&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 7998
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjY2NTQ4MTEwMjQwMTk1NDczNA%3D%3D
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjY2NTQ4MTEwMjQwMTk1NDczNA%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIy1sAIQ94CW-gEYgoqE2wEwAQ&v=APEucNWaaoF0haKXCrO8Mu8mEtLKxCHxyylxrMir3QeNErvErbyIx4ps6hrqkEleS4xEDTz3nNIk2CUbFekHYYNtjvwiNZ0KK8q3YXN1P1UuGmuf7-9oObE
Protocol
H2
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Dec 2022 04:00:56 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 05 Dec 2022 04:00:56 GMT
AN-X-Request-Uuid
111c5087-d341-4061-8709-5293d19410f7
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjY2NTQ4MTEwMjQwMTk1NDczNA%3D%3D
Connection
keep-alive
X-Proxy-Origin
103.209.254.83; 103.209.254.83; 897.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame BF12 		28 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f94.1e100.net
Software
sffe /
Resource Hash
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://wegotthiscovered.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Fri, 02 Dec 2022 10:17:26 GMT
x-content-type-options
nosniff
age
236610
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28288
x-xss-protection
0
last-modified
Wed, 01 Jun 2022 19:05:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 02 Dec 2023 10:17:26 GMT
rum
dsum-sec.casalemedia.com/ Frame DAA5
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm&gdpr=0
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECX_wRNbjOAbRH9pcM_qC-w&google_cver=1&gdpr=0
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECX_wRNbjOAbRH9pcM_qC-w&google_cver=1&gdpr=0&C=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECX_wRNbjOAbRH9pcM_qC-w&google_cver=1&gdpr=0&C=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIy1sAIQ94CW-gEYg4SE2wEwAQ&v=APEucNWHCuIx4ZZLqV6YRVyMS16EUFCI6DmU-dkRjuNb_yE2Wlp5QEfLvbWtp5fb7TW_NKZbdLriZKcK4dilGFqENoI4-sW9rfeRG3QJqs9RTClT0AWFL74
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 05 Dec 2022 04:00:57 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

Pragma
no-cache
Date
Mon, 05 Dec 2022 04:00:57 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
/rum?cm_dsp_id=45&external_user_id=CAESECX_wRNbjOAbRH9pcM_qC-w&google_cver=1&gdpr=0&C=1
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
0
Expires
0
rum
dsum-sec.casalemedia.com/ Frame DAA5
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&gdpr=0&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&gdpr=0&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y41s.exRswArRX4.re5XYwAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECX_wRNbjOAbRH9pcM_qC-w&google_cver=1&google_hm=2
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECX_wRNbjOAbRH9pcM_qC-w&google_cver=1&google_hm=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIy1sAIQ94CW-gEYg4SE2wEwAQ&v=APEucNWHCuIx4ZZLqV6YRVyMS16EUFCI6DmU-dkRjuNb_yE2Wlp5QEfLvbWtp5fb7TW_NKZbdLriZKcK4dilGFqENoI4-sW9rfeRG3QJqs9RTClT0AWFL74
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 05 Dec 2022 04:00:58 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Mon, 05 Dec 2022 04:00:57 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECX_wRNbjOAbRH9pcM_qC-w&google_cver=1&google_hm=2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame DAA5
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm&gdpr=0
  • https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESEKhNsvfUCCvLxT-K66ZLGmY&google_cver=1
43 B
1018 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESEKhNsvfUCCvLxT-K66ZLGmY&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIy1sAIQ94CW-gEYg4SE2wEwAQ&v=APEucNWHCuIx4ZZLqV6YRVyMS16EUFCI6DmU-dkRjuNb_yE2Wlp5QEfLvbWtp5fb7TW_NKZbdLriZKcK4dilGFqENoI4-sW9rfeRG3QJqs9RTClT0AWFL74
Protocol
HTTP/1.1
Server
104.254.151.36 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
897.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 05 Dec 2022 04:00:56 GMT
AN-X-Request-Uuid
fa14700e-ad96-453a-a493-7feb111ddda2
Server
nginx/1.21.3
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
103.209.254.83; 103.209.254.83; 897.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 05 Dec 2022 04:00:56 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESEKhNsvfUCCvLxT-K66ZLGmY&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame DAA5
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjY2NTQ4MTEwMjQwMTk1NDczNA%3D%3D
170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjY2NTQ4MTEwMjQwMTk1NDczNA%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIy1sAIQ94CW-gEYg4SE2wEwAQ&v=APEucNWHCuIx4ZZLqV6YRVyMS16EUFCI6DmU-dkRjuNb_yE2Wlp5QEfLvbWtp5fb7TW_NKZbdLriZKcK4dilGFqENoI4-sW9rfeRG3QJqs9RTClT0AWFL74
Protocol
H2
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Dec 2022 04:00:56 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 05 Dec 2022 04:00:56 GMT
AN-X-Request-Uuid
bddf5e1d-d5fd-4917-8301-1d18c86f55a0
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjY2NTQ4MTEwMjQwMTk1NDczNA%3D%3D
Connection
keep-alive
X-Proxy-Origin
103.209.254.83; 103.209.254.83; 897.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
express_html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame A0B7 		106 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f148.1e100.net
Software
sffe /
Resource Hash
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://a6877dcf690d5719671ec6745f20d2cd.safeframe.googlesyndication.com/
Origin
https://a6877dcf690d5719671ec6745f20d2cd.safeframe.googlesyndication.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 09:20:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
67251
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37872
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 05 Dec 2022 09:20:05 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20221110/r20110914/elements/html/ Frame A0B7 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20221110/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-ArHW2Kr7Erh4w9ri0dGsF3nKT3RPCDKh-HwPlPtHnD9AFXaAQk5bG-9RuATc9gWTI2FyU2OLZTITUGMO_BcWfowTVZJSkXlgIZYy7_4-fFBfWz9f-fyvvIK-Ydtnm90NOhRGG0z5n-O5CVXTomCEH3DD04LtkOidhptcFWbrUTYcBQZIE&dbm_d=AKAmf-DJDZ6kqFjirAUZwFujcxA5Q_BsXvtJIb1DOGnU5qgoFN-SPK8qmLGdtENnpwrd5UeXlLOuPXb1GlPFPxSce4eMMraAGbf34jtA5ihnkPevPczQragtJs4Djfz23_s8Uu_LB-APtY_1cmIp2C2zT-a8ZrOKzuN0P0G9breMufgGFqD8C4UiR-PmofAQ8vrikCMnNYcsylurxD2zHFko2OzsibKjJyoyXO4dNOKUFCDCOrXyHZzUp1nLwchKBR273E0fyBvWSFgYL_PO0hQKC6X5bf66vKpotpm1sMGwIDd0qphm8IQkUzsUB8O2SzHSzii6NeeWjwVz0kF1oPywSYyI89Gqv5MYdqegKGiz9LkJs7v8dezEVXz1xbJfDJcbNMDv3tOiURV7SVV_M0F0TgKzUc4TxzwR2NbbLTVyzMU6e7vQCsikl9NjeKKcyuKx7ECdspP8iYChDyGkNHuKKiet2KQDVt9r2UPmMJnw2bLAmpqalcx3j6pnaREYFL7Bg72K-4YC1s_lokSLEHKvKpczV9k4s1A5vxl9AsTd_20Y1_0J7P3BDlMpGFpBvH45lnt2Wu3_EszJSH8c4ny6gy5xbhftqfhIP08eEXpN4K2d6TDIUaGgRVr8sHtIwO1_L_244MQ1baON2QIOaIwt00B8C0CIBxW05Yennd3FGymb2ChDguPjloOG1_G2WAEtTYxAlCL7TNRTbcYsfY2lxIrqasGlE7_7d2d_n75Mh41-ktrIYfQUGOGd4Kvf4I_fPfOX4lz6SaZ4-xRLLSV3dAO3e3EaAdZoKDtqrCOQfSBA7soCxLm5MtGMIbFjTMqmNnmI-iKtK-r7J8soaDKLDM4rRGSMVuTP1K4RV6xFEWF_rz8iL88loaOdZ9jd2jVsyKupfBW5tX-cKIihYWjRAcXj3f7vLtyKVUAE4iGl6PM41fm3PtTaBWHp2PYQl3XKmdX85e8bw5k2suzcdPbRuxUo2dWYuBJOP_15qNf15Z9nRniE0dJEm1s5GxYs-Jue-JulcWSMmNcIoWzHQtDSQea6wmTfDVHT43MRqrqo0ZR2XufZOWSFV5a2lotYuRM-Isq3DZWRHf4VivD59mAHgcaMEN9e7wHxYOzG1gzFsvSClRsi4g2ZAf33LwUgAUtgZX4e1C8A4_mzvkwDFpcJy5bTrXDWjmMeJYTVplMVZgD-x1lA2oAW1W2wIzWM9xEpJnM5bji1_4DdXWw3VWtxE9kIl8hUY63EReNPJNc2pO2XWEmA-LhWEKNQaOB2WEcuW_W8jAjcKgK9jOjO4jqbhbnJXCgb7tUeajclkfUP2-H3t1AeDlc2v8g-w84txLO1p8291wN20m_LrNZ-OudeED1jadkrSqoWdtzZoGmFAQrMibVFlk6s60TBWSysa44aOtzO7JDZXXwM_ydNL-yAbxlLeGxXAR_4adVfRx0Cet87CYvwY2DKEDf3ijJHFmF86JPT9xmIxmdIdvh2tR_V4qWtF62TcJg2z7Rs9hlhdBnRRAH7B1dOaRPfXqdFPJ0n46D3KjWXepmpTP6NEfmBohqSWIradPcLcayPQL2AQKmqpKnERNpgfwxMGyI6OoV4iyPNjdX363JZZus-rENfeLHw5HrJyCmvmON0itvlhXA4is6kKWVg80NlmwNvcWQ66xPRJg-IFZwbih9dHn8V23BJ6O1YnMOcvAMJ0YMfGIlRNuFKjNg7Ef6XuCMhT09ZN4Gce6wz0F79Du3BAlPimKtBzfwwOnrlf4eRaEr0LxIUS49ZPoMztfo103WVgqVnerh6LtE4KnlmLfNtyaM1IOCysjoBlWnI7mlGMyGvhzoDlSeavMkcW03ZsH0CSoKFBLCNjKqEw3TWZPyBLSCkscT9MM8_dPe321KeV-4DNw0PzHQfrFwo3GNwIs37cHlnatTKqZKF4JxOmP_kYLQ0bhbCyR6hGKn3SU3zjV3XQweBiSqgpVZNdNo3lQN9ekAQjpA-vXfjXyJoQf96rsgY0RcGCtdxAGoiPtVTJeKds5OZwEtZ0B4rfONtqUDzvHfLVIhmbDOSgBcRvlF0qS3cNNmPS2j-2S2zJdgD1Z7fPcYB58jcicOrkyd59JXq_RHxNtkx6XqKO2OmMhKXIZb7ZbWsPbtXFuTB_aHZUg5do3H8o1w3SN2ncMtz76uL72EgBxQ_oHjYj40qRNr1skhus-NKsiVPnaF03qyrEPsgeivpr_Az1J0BWd4Tv7NfpliFNO1TFVtL9zodK0kHbNDrGic7Pe0mj08HiDNaRA7tPxvROad6-yyZ00JrtngUOZlUr0pkLPJyhQYbfMzyWN-PvDfjQ75rsSd8BWEGG3f8qMMO7lcwWH-Hc3UPc7zLw0SAYMeAQcUEt-Bq465-T98jsMJDSfT_s0RB6ZLXq-iSqqMm5dIBhKqoUTIyV6YxGRolO9tOxcjoEm6Gcnfe1Dh-_HJbxgA7zM0orSCuutf2Y71QflE1HWx_xtmgO90ST2F-2qqtK8nNef4CCC9cjviv32d3XvHwbWXvVEgvKfBXqPupWUgo1unc8yxZSF7RPEpER5grpByk6vI9J85yOsX50lnFgMq5PBrIT5edPRrEIIaCZKbPSWh5Ck5Muk9G77Wlq_o95WdefBlEJlANNnzZ_viIilpLKpo48zDvsNHMwFFP17GLVvU1yDClzY3HuEJyOgRxqOMFNp2nl1DboTy4601FmQHR0LPct_VWB126y9PXbIiI1KF89XJsEfaTAHKhosw7ZohsqyGUgcIinUA7VxW9TfOe1mAoxTLF_ryr4IU6emDzIuoxk-CZV-Cv-r_Sa5J5oT6C__7WS79eE02G9qr3vD5z0g2CT9jXKTvwtBXrmRnVP3D0pTMykd6Us_qxDKkYTpUiTT6qN8aIyx7JhZ4FD1F9HDaapJlYyQZxdygmdwzcz3UcceXwp9D3lGYFavkV0MJc805GocGSwEvyIDPqbcjeihdvGl1RUvNMwsUNK32qBK39UB4ihjqyRWTLWD-OtVvxQbY97VHRUW3nOGE-pgko03c2OTnkoeGb4VmS69UCi44ktXEcVZGRFwqJovBJ3TzVFJSmGwzeyzoyJExp4-Hue-7rRq9DtScyLKthh3PVq1npqmzyDZGT5a0Pf-kDfJS782NSifIVHfTofmSsgp0jyvAPqxOUFuxrKcGmaG5sOZ_7hJGEsIMGyCcxU5_5hiQcl7dwF4S8_B7XYMOFKZMtGjcwifIkXPZGPe8vDT69ZAXautoOknW73EeSFS3mqhRdBepg_hDiW8I9V_3NOsrglZd93NZpBg8Hg3h0wCun-w22jXxbUZZ5gjd65PbeK8puwKtS6EQlUJL3hqe1qaIPayq92U0vueoXWyVpyjcwf1QVcKqlFmdy8pjG8-1XFL-q&cid=CAQSOwDq26N9H0wT5ceVPoDx37mVXebNSVFrLzCgBZjnzfw81joLxKhgzDXDXc0gLPdVv0JuBjkjXrvwdQPjGAEgEw&rfl=1%2Chttps%253A%252F%252Fwegotthiscovered.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f156.1e100.net
Software
cafe /
Resource Hash
1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://a6877dcf690d5719671ec6745f20d2cd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 11:59:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
57708
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2986
x-xss-protection
0
server
cafe
etag
3296546412363819624
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 18 Dec 2022 11:59:08 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20221110/r20110914/ Frame A0B7 		29 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20221110/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-ArHW2Kr7Erh4w9ri0dGsF3nKT3RPCDKh-HwPlPtHnD9AFXaAQk5bG-9RuATc9gWTI2FyU2OLZTITUGMO_BcWfowTVZJSkXlgIZYy7_4-fFBfWz9f-fyvvIK-Ydtnm90NOhRGG0z5n-O5CVXTomCEH3DD04LtkOidhptcFWbrUTYcBQZIE&dbm_d=AKAmf-DJDZ6kqFjirAUZwFujcxA5Q_BsXvtJIb1DOGnU5qgoFN-SPK8qmLGdtENnpwrd5UeXlLOuPXb1GlPFPxSce4eMMraAGbf34jtA5ihnkPevPczQragtJs4Djfz23_s8Uu_LB-APtY_1cmIp2C2zT-a8ZrOKzuN0P0G9breMufgGFqD8C4UiR-PmofAQ8vrikCMnNYcsylurxD2zHFko2OzsibKjJyoyXO4dNOKUFCDCOrXyHZzUp1nLwchKBR273E0fyBvWSFgYL_PO0hQKC6X5bf66vKpotpm1sMGwIDd0qphm8IQkUzsUB8O2SzHSzii6NeeWjwVz0kF1oPywSYyI89Gqv5MYdqegKGiz9LkJs7v8dezEVXz1xbJfDJcbNMDv3tOiURV7SVV_M0F0TgKzUc4TxzwR2NbbLTVyzMU6e7vQCsikl9NjeKKcyuKx7ECdspP8iYChDyGkNHuKKiet2KQDVt9r2UPmMJnw2bLAmpqalcx3j6pnaREYFL7Bg72K-4YC1s_lokSLEHKvKpczV9k4s1A5vxl9AsTd_20Y1_0J7P3BDlMpGFpBvH45lnt2Wu3_EszJSH8c4ny6gy5xbhftqfhIP08eEXpN4K2d6TDIUaGgRVr8sHtIwO1_L_244MQ1baON2QIOaIwt00B8C0CIBxW05Yennd3FGymb2ChDguPjloOG1_G2WAEtTYxAlCL7TNRTbcYsfY2lxIrqasGlE7_7d2d_n75Mh41-ktrIYfQUGOGd4Kvf4I_fPfOX4lz6SaZ4-xRLLSV3dAO3e3EaAdZoKDtqrCOQfSBA7soCxLm5MtGMIbFjTMqmNnmI-iKtK-r7J8soaDKLDM4rRGSMVuTP1K4RV6xFEWF_rz8iL88loaOdZ9jd2jVsyKupfBW5tX-cKIihYWjRAcXj3f7vLtyKVUAE4iGl6PM41fm3PtTaBWHp2PYQl3XKmdX85e8bw5k2suzcdPbRuxUo2dWYuBJOP_15qNf15Z9nRniE0dJEm1s5GxYs-Jue-JulcWSMmNcIoWzHQtDSQea6wmTfDVHT43MRqrqo0ZR2XufZOWSFV5a2lotYuRM-Isq3DZWRHf4VivD59mAHgcaMEN9e7wHxYOzG1gzFsvSClRsi4g2ZAf33LwUgAUtgZX4e1C8A4_mzvkwDFpcJy5bTrXDWjmMeJYTVplMVZgD-x1lA2oAW1W2wIzWM9xEpJnM5bji1_4DdXWw3VWtxE9kIl8hUY63EReNPJNc2pO2XWEmA-LhWEKNQaOB2WEcuW_W8jAjcKgK9jOjO4jqbhbnJXCgb7tUeajclkfUP2-H3t1AeDlc2v8g-w84txLO1p8291wN20m_LrNZ-OudeED1jadkrSqoWdtzZoGmFAQrMibVFlk6s60TBWSysa44aOtzO7JDZXXwM_ydNL-yAbxlLeGxXAR_4adVfRx0Cet87CYvwY2DKEDf3ijJHFmF86JPT9xmIxmdIdvh2tR_V4qWtF62TcJg2z7Rs9hlhdBnRRAH7B1dOaRPfXqdFPJ0n46D3KjWXepmpTP6NEfmBohqSWIradPcLcayPQL2AQKmqpKnERNpgfwxMGyI6OoV4iyPNjdX363JZZus-rENfeLHw5HrJyCmvmON0itvlhXA4is6kKWVg80NlmwNvcWQ66xPRJg-IFZwbih9dHn8V23BJ6O1YnMOcvAMJ0YMfGIlRNuFKjNg7Ef6XuCMhT09ZN4Gce6wz0F79Du3BAlPimKtBzfwwOnrlf4eRaEr0LxIUS49ZPoMztfo103WVgqVnerh6LtE4KnlmLfNtyaM1IOCysjoBlWnI7mlGMyGvhzoDlSeavMkcW03ZsH0CSoKFBLCNjKqEw3TWZPyBLSCkscT9MM8_dPe321KeV-4DNw0PzHQfrFwo3GNwIs37cHlnatTKqZKF4JxOmP_kYLQ0bhbCyR6hGKn3SU3zjV3XQweBiSqgpVZNdNo3lQN9ekAQjpA-vXfjXyJoQf96rsgY0RcGCtdxAGoiPtVTJeKds5OZwEtZ0B4rfONtqUDzvHfLVIhmbDOSgBcRvlF0qS3cNNmPS2j-2S2zJdgD1Z7fPcYB58jcicOrkyd59JXq_RHxNtkx6XqKO2OmMhKXIZb7ZbWsPbtXFuTB_aHZUg5do3H8o1w3SN2ncMtz76uL72EgBxQ_oHjYj40qRNr1skhus-NKsiVPnaF03qyrEPsgeivpr_Az1J0BWd4Tv7NfpliFNO1TFVtL9zodK0kHbNDrGic7Pe0mj08HiDNaRA7tPxvROad6-yyZ00JrtngUOZlUr0pkLPJyhQYbfMzyWN-PvDfjQ75rsSd8BWEGG3f8qMMO7lcwWH-Hc3UPc7zLw0SAYMeAQcUEt-Bq465-T98jsMJDSfT_s0RB6ZLXq-iSqqMm5dIBhKqoUTIyV6YxGRolO9tOxcjoEm6Gcnfe1Dh-_HJbxgA7zM0orSCuutf2Y71QflE1HWx_xtmgO90ST2F-2qqtK8nNef4CCC9cjviv32d3XvHwbWXvVEgvKfBXqPupWUgo1unc8yxZSF7RPEpER5grpByk6vI9J85yOsX50lnFgMq5PBrIT5edPRrEIIaCZKbPSWh5Ck5Muk9G77Wlq_o95WdefBlEJlANNnzZ_viIilpLKpo48zDvsNHMwFFP17GLVvU1yDClzY3HuEJyOgRxqOMFNp2nl1DboTy4601FmQHR0LPct_VWB126y9PXbIiI1KF89XJsEfaTAHKhosw7ZohsqyGUgcIinUA7VxW9TfOe1mAoxTLF_ryr4IU6emDzIuoxk-CZV-Cv-r_Sa5J5oT6C__7WS79eE02G9qr3vD5z0g2CT9jXKTvwtBXrmRnVP3D0pTMykd6Us_qxDKkYTpUiTT6qN8aIyx7JhZ4FD1F9HDaapJlYyQZxdygmdwzcz3UcceXwp9D3lGYFavkV0MJc805GocGSwEvyIDPqbcjeihdvGl1RUvNMwsUNK32qBK39UB4ihjqyRWTLWD-OtVvxQbY97VHRUW3nOGE-pgko03c2OTnkoeGb4VmS69UCi44ktXEcVZGRFwqJovBJ3TzVFJSmGwzeyzoyJExp4-Hue-7rRq9DtScyLKthh3PVq1npqmzyDZGT5a0Pf-kDfJS782NSifIVHfTofmSsgp0jyvAPqxOUFuxrKcGmaG5sOZ_7hJGEsIMGyCcxU5_5hiQcl7dwF4S8_B7XYMOFKZMtGjcwifIkXPZGPe8vDT69ZAXautoOknW73EeSFS3mqhRdBepg_hDiW8I9V_3NOsrglZd93NZpBg8Hg3h0wCun-w22jXxbUZZ5gjd65PbeK8puwKtS6EQlUJL3hqe1qaIPayq92U0vueoXWyVpyjcwf1QVcKqlFmdy8pjG8-1XFL-q&cid=CAQSOwDq26N9H0wT5ceVPoDx37mVXebNSVFrLzCgBZjnzfw81joLxKhgzDXDXc0gLPdVv0JuBjkjXrvwdQPjGAEgEw&rfl=1%2Chttps%253A%252F%252Fwegotthiscovered.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f156.1e100.net
Software
cafe /
Resource Hash
2c19d105106bf6f55dd15da3523b88f88921e03cf54e1efaa138922fc12397c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://a6877dcf690d5719671ec6745f20d2cd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 19:55:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
29112
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11206
x-xss-protection
0
server
cafe
etag
16690196781007480285
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 18 Dec 2022 19:55:44 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame BF12
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Server
142.250.4.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f154.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Redirect headers

date
Mon, 05 Dec 2022 04:00:56 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 2D39 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.39.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-39-40.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

x-amz-version-id
vkCJAv2LVCiDvkjoOZrS5s9fefeFFUOq
content-encoding
gzip
via
1.1 0f7e4995783c21b04a0e0537b8737dde.cloudfront.net (CloudFront)
date
Sun, 04 Dec 2022 20:28:39 GMT
x-amz-cf-pop
SIN2-P1
age
27138
x-cache
Hit from cloudfront
last-modified
Fri, 18 Nov 2022 03:05:15 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
5xVLnFbEGa_rCkh7ug8PGXkUPSJEfiz3PnYlQJgdGSOghSwrRie-rA==
express_html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame 17B9 		106 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f148.1e100.net
Software
sffe /
Resource Hash
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://a6877dcf690d5719671ec6745f20d2cd.safeframe.googlesyndication.com/
Origin
https://a6877dcf690d5719671ec6745f20d2cd.safeframe.googlesyndication.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 09:20:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
67251
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37872
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 05 Dec 2022 09:20:05 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20221110/r20110914/elements/html/ Frame 17B9 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20221110/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BoCmbcfiVIWgyqAY_Pp562Q2DgaiFXsfMy5kVNYCuiLulHn-7poT6UKD1agLt_1IV6aab1lhjFa_ihdsR_OCLeLXKDRpX7ooFMR7qKGQgg825rISPQ1FGQrfqxG-0PfF51_-p0MQ3EuoBbZJmobiug70jVCE3AQ7DK8agCokQGSERFjrM&dbm_d=AKAmf-BTNg4Th-nCIgCgXZDB9WSFqMWIoqzwyF79KdiBUVxHVLGI-2fz1A4nrFJ6kxvl7rQ9p3iaKHsUQwRVbEFMYoQR2oPTdYgWtdxeDbgpWcE695iMfPJszyHiLOsJ6LuhZGlxMD1IRQWoL-03UhlidbNEAsFBJSodgdJ6kNhTxvE2ALz-mKt7YWP3GaA7hsLIilpCHuYyL1YH_M8kNPo0A5GRAjawiB7JJXK0RNZDLoJBx7Fd6mxL8_EeSP5P1w-_NSiII_7eBwI3vonOXmpVgLpM7wU9cLGNQO1tEutW4MI0C8zBx92jpZGGJkaE-XdSZuFeSvGfy623PXi9w4McpYslPUIEWAgFRdAe2LUqpa40HARjatwiZGFbGv-tj5HEDVtFIyinXyFAgk2xQVIjXrd3URaAdZTIZCX5bSI3dPrP14vy87iVXXaXiCWADC1dSJVCHL1hSaUOkl9p18n_hwjHkco4fgZG0VUy-3-ljZBkYu630pwqxcOoiNabW9Xr14PiWAF4jLioL8b0QW3PTVPEQ9uFmm3oVbJixbeW5gHwi5K-41SXt9dRjDm4Pi-yDaP3fObJgMHFoUL1BbrgVM5YDobn8dbpyPuaeV1yKrm-jNW9FPAyWcymX_K1KcN2CcEnb3zWa3HIlMoB2QVwQmPAseXdO_UrdQA7JRMaxFpAodpdinFsjxuVuhK_vLigu0Dcn54wk7em4E1Fc2l0EWU35194e1Z9GpuyvyJBo7RBDfrAR1CPcfF76qX9LyXL3CgqpSJPoqMkDgR2sHLGJzEOKI0zKeWhDgrNhplsKadTrQXPiQgsjPSamqpJYNRJmCZLzZDHx6kmbBZensDUd2OCGfttQU0IzyxLKQREGDec8GdK70vOohxqjj98qwdTnyQeUILlrG5UeUcyK7EC__idhZNaNLqJj80p5YWG7JY6uLUjCH8bjHq_G90UYRByzM-shxpTK4c2Z8c9VfwI5uS5phIyTdMt7hNFqQtQBOejh7gBXz77lwGDjpKUQ27cMDFJ7hCj88cccASy00TgJ4CDZGeWFkuRP5EiAx9wm-utJ4cn9C9e_BV_h18Tefn7-nWIBd152ZFMOEltaRbLF6306y3SEg04YMQwAM--FGNsoH3BYwVn8JHqrPOysLY_HvnAQk8kbxvEz49jY9_xWN304OHl_k0XJ5EtFs9YQsmlCDNSV2EkEm1WFCBdJpQFC-KVpevtkKCCaU3oi4cTwmHqWSHOY48Qla5uFt4YlbnWs70CzXSRZQ6ILsnJ5VGeIbtQXlGsqQ9uTsQcFxsnjQD_YM1l_qy1OFb5x2IrW7gtUJDR0aePoAKrjt4vK99QwRBoe4vs416jU7AzHHxxG4Gr7CO9IrtCaZZAuA46D4hzfWGM_4OdpUi0ceFTeSjZ0sPWQaReuKaasc5pz6Yo0zILWlhtnBfTF2qaGTf0xsG-XyAWrLM3JlyRiD-FFq5ZURLBTtubGEuwa-N2PHdUPG9FOduvoa64e_ihVL1vAhKtRsU8EmNohflLjQ9rupAJLH3miFhoW8_FCD7bsJ98EpZGHHvdSd6oHRtYfZYDLd8v13qG0DDxZtsHybxP9z4zdlIh-AO1Exfjox4PJybyjSuI5dLUBesz6z2ADosmApM6ucJq3AHMs1TrEE_z1x5Xo_gQoIEJxF_BjuExNtEwPTmZzCpyt3Smg1lEMynP8pQkxA0bIV3IRGpsFJyHkXCLtkDm-hqkr5qNb0JDMZgs_zQW1PzkPhZrG_mtdUJuWr4r25Ti-QNR9a2EqPYNoBniEQqyMThqBjQnK-1YMMwtTZ3pHyTigiTDMsKDdR9nkghguRKPixUh1mHyRshPT8jFc7ymBil4zAdAsNc9NJc2JH8eZKRMvU9yzDonU0Xp-GwoyUjPZsxNtrZY4jKCb7z8Z29JF13rZsjp2URK8J5KhkvpbxJXWhT9ylhtelRO3nk-iys3Ceix47VtY3bZJ5iemIbgWdDzSM5Y8ceij3_K4SV6lCLROQ0lgAuuZqNeS-eGHKPoqOQpTmvdgxN05Iqf5QLF2Dp7hZTBfZbOVhedqXwGvpLWth_sgasiBQkBLaQJ8kKpPzESmXzbifszEZa5ZxWEMGU10imqapFmGmSWEtFEmAiY5F-wEdqzbNV-Gs1Aw16ESqiY6UGI7Os_w_k5LIRaFXuzqB82NZp5g6nZJrlkPcVDTQB9MI8L__96UT29KQ1NNvH07mzcoJhtdcTp5fMlDG0EbcC4MmK9bYTTzAoAtkb_wVBisH7cZpNG3SnYRSF7uANuuliniibEtTp9cO3Mu2U_3EDUIJnwU73ydpp1X6NB_fFaUTgRaNPbB9fiqvk8BJVIzO--yPAeNIsdqxYqXni85QtuUw5trkDbPwJqxtYEUS_SOzshSulNpLrFmLPZsqCWo11SPY8Otj2oa1tKZ_J72mGFPsywarPeb5Y7uTgQRwfX0vn7D5mDnfmkEsrylI73AJkCbZlR_uQI8iNtNCRLmmO634fJ5EftVFqeyBMRoUKRGYAVHNqabZ-5xJdpjbNTwYdRrWtFV6K-2a5rU-1MBv_Qee12MDSQSLc_aHicCqkkp4qDI9F7IxMqZF8n3ASFRX0m2QJa7lQwE1ByGLvVacxjVnvvi28aAPx4eSX6XEUPZqr2mEETkwSGPKWZe1Z4rVzH4DBAAzJclb5W8vVAywnzKjpnJiCLwMrSxCCWFHGVepEUsaLNhGJiPONam2GUaq-tHdWLWUm5HU2ybRDqF4rND6z8I1YmxCLu-ZP50CJdrrZ_z14Y_eyTog73-GmyIVSXdSyW8VsQbfAzUdnif0LJhca6IW2HWVvhwxe7jb_tSmxw9Ewq_pjJsUdQ90Jyz-l4Y0OIjgp4uNWGFaYZccfpkH2MXOeQBJNAesSFbAaOm6ebBFFBTT7gq8zeaIKq7lviHpLjt5cNmz6eCYT1gssP80OqyfzwF9wdUVTLxYpKYlrirjXVbAXZ-LkGlXLSyVqaCB1DiW_veVSdKrCan4DQBgH2_7VXp25cYz55J9WMt5wjw6qFCimvIaUzpxala9HfqiZ6OtwmsXLazbODV9lAbSDvHMR8RFRHYNRVOGL3L4-3AbM3d4i3LzrnbS46phRGbuEUfWH4QNF1ak3ox06WIp7d_1xyX2DMfq1A9jwnARYXI_tBgpfSmSYO1EvXkGMoln3YDsckHv7J6vveS0HFL3wN90Pz8uCtxIytki3nxK_Yj_KuSfIpTx9tfTUGgSCjiLegl2VBz03cuvOnUvJGcLSl5GMv85ZbFwvvANoUdoNDZlvcBkT-MeIZa1WMuNnKNo8XoY9v9prrnayq-Ga4EyEy2H0PxERq-FJnZwr_-fTvoW7gHcFcpiNQaMBlkjf3cxP6faKiADFVYaFB&cid=CAQSOwDq26N9H0wT5ceVPoDx37mVXebNSVFrLzCgBZjnzfw81joLxKhgzDXDXc0gLPdVv0JuBjkjXrvwdQPjGAEgEw&rfl=1%2Chttps%253A%252F%252Fwegotthiscovered.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f156.1e100.net
Software
cafe /
Resource Hash
1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://a6877dcf690d5719671ec6745f20d2cd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 11:59:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
57708
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2986
x-xss-protection
0
server
cafe
etag
3296546412363819624
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 18 Dec 2022 11:59:08 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20221110/r20110914/ Frame 17B9 		29 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20221110/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BoCmbcfiVIWgyqAY_Pp562Q2DgaiFXsfMy5kVNYCuiLulHn-7poT6UKD1agLt_1IV6aab1lhjFa_ihdsR_OCLeLXKDRpX7ooFMR7qKGQgg825rISPQ1FGQrfqxG-0PfF51_-p0MQ3EuoBbZJmobiug70jVCE3AQ7DK8agCokQGSERFjrM&dbm_d=AKAmf-BTNg4Th-nCIgCgXZDB9WSFqMWIoqzwyF79KdiBUVxHVLGI-2fz1A4nrFJ6kxvl7rQ9p3iaKHsUQwRVbEFMYoQR2oPTdYgWtdxeDbgpWcE695iMfPJszyHiLOsJ6LuhZGlxMD1IRQWoL-03UhlidbNEAsFBJSodgdJ6kNhTxvE2ALz-mKt7YWP3GaA7hsLIilpCHuYyL1YH_M8kNPo0A5GRAjawiB7JJXK0RNZDLoJBx7Fd6mxL8_EeSP5P1w-_NSiII_7eBwI3vonOXmpVgLpM7wU9cLGNQO1tEutW4MI0C8zBx92jpZGGJkaE-XdSZuFeSvGfy623PXi9w4McpYslPUIEWAgFRdAe2LUqpa40HARjatwiZGFbGv-tj5HEDVtFIyinXyFAgk2xQVIjXrd3URaAdZTIZCX5bSI3dPrP14vy87iVXXaXiCWADC1dSJVCHL1hSaUOkl9p18n_hwjHkco4fgZG0VUy-3-ljZBkYu630pwqxcOoiNabW9Xr14PiWAF4jLioL8b0QW3PTVPEQ9uFmm3oVbJixbeW5gHwi5K-41SXt9dRjDm4Pi-yDaP3fObJgMHFoUL1BbrgVM5YDobn8dbpyPuaeV1yKrm-jNW9FPAyWcymX_K1KcN2CcEnb3zWa3HIlMoB2QVwQmPAseXdO_UrdQA7JRMaxFpAodpdinFsjxuVuhK_vLigu0Dcn54wk7em4E1Fc2l0EWU35194e1Z9GpuyvyJBo7RBDfrAR1CPcfF76qX9LyXL3CgqpSJPoqMkDgR2sHLGJzEOKI0zKeWhDgrNhplsKadTrQXPiQgsjPSamqpJYNRJmCZLzZDHx6kmbBZensDUd2OCGfttQU0IzyxLKQREGDec8GdK70vOohxqjj98qwdTnyQeUILlrG5UeUcyK7EC__idhZNaNLqJj80p5YWG7JY6uLUjCH8bjHq_G90UYRByzM-shxpTK4c2Z8c9VfwI5uS5phIyTdMt7hNFqQtQBOejh7gBXz77lwGDjpKUQ27cMDFJ7hCj88cccASy00TgJ4CDZGeWFkuRP5EiAx9wm-utJ4cn9C9e_BV_h18Tefn7-nWIBd152ZFMOEltaRbLF6306y3SEg04YMQwAM--FGNsoH3BYwVn8JHqrPOysLY_HvnAQk8kbxvEz49jY9_xWN304OHl_k0XJ5EtFs9YQsmlCDNSV2EkEm1WFCBdJpQFC-KVpevtkKCCaU3oi4cTwmHqWSHOY48Qla5uFt4YlbnWs70CzXSRZQ6ILsnJ5VGeIbtQXlGsqQ9uTsQcFxsnjQD_YM1l_qy1OFb5x2IrW7gtUJDR0aePoAKrjt4vK99QwRBoe4vs416jU7AzHHxxG4Gr7CO9IrtCaZZAuA46D4hzfWGM_4OdpUi0ceFTeSjZ0sPWQaReuKaasc5pz6Yo0zILWlhtnBfTF2qaGTf0xsG-XyAWrLM3JlyRiD-FFq5ZURLBTtubGEuwa-N2PHdUPG9FOduvoa64e_ihVL1vAhKtRsU8EmNohflLjQ9rupAJLH3miFhoW8_FCD7bsJ98EpZGHHvdSd6oHRtYfZYDLd8v13qG0DDxZtsHybxP9z4zdlIh-AO1Exfjox4PJybyjSuI5dLUBesz6z2ADosmApM6ucJq3AHMs1TrEE_z1x5Xo_gQoIEJxF_BjuExNtEwPTmZzCpyt3Smg1lEMynP8pQkxA0bIV3IRGpsFJyHkXCLtkDm-hqkr5qNb0JDMZgs_zQW1PzkPhZrG_mtdUJuWr4r25Ti-QNR9a2EqPYNoBniEQqyMThqBjQnK-1YMMwtTZ3pHyTigiTDMsKDdR9nkghguRKPixUh1mHyRshPT8jFc7ymBil4zAdAsNc9NJc2JH8eZKRMvU9yzDonU0Xp-GwoyUjPZsxNtrZY4jKCb7z8Z29JF13rZsjp2URK8J5KhkvpbxJXWhT9ylhtelRO3nk-iys3Ceix47VtY3bZJ5iemIbgWdDzSM5Y8ceij3_K4SV6lCLROQ0lgAuuZqNeS-eGHKPoqOQpTmvdgxN05Iqf5QLF2Dp7hZTBfZbOVhedqXwGvpLWth_sgasiBQkBLaQJ8kKpPzESmXzbifszEZa5ZxWEMGU10imqapFmGmSWEtFEmAiY5F-wEdqzbNV-Gs1Aw16ESqiY6UGI7Os_w_k5LIRaFXuzqB82NZp5g6nZJrlkPcVDTQB9MI8L__96UT29KQ1NNvH07mzcoJhtdcTp5fMlDG0EbcC4MmK9bYTTzAoAtkb_wVBisH7cZpNG3SnYRSF7uANuuliniibEtTp9cO3Mu2U_3EDUIJnwU73ydpp1X6NB_fFaUTgRaNPbB9fiqvk8BJVIzO--yPAeNIsdqxYqXni85QtuUw5trkDbPwJqxtYEUS_SOzshSulNpLrFmLPZsqCWo11SPY8Otj2oa1tKZ_J72mGFPsywarPeb5Y7uTgQRwfX0vn7D5mDnfmkEsrylI73AJkCbZlR_uQI8iNtNCRLmmO634fJ5EftVFqeyBMRoUKRGYAVHNqabZ-5xJdpjbNTwYdRrWtFV6K-2a5rU-1MBv_Qee12MDSQSLc_aHicCqkkp4qDI9F7IxMqZF8n3ASFRX0m2QJa7lQwE1ByGLvVacxjVnvvi28aAPx4eSX6XEUPZqr2mEETkwSGPKWZe1Z4rVzH4DBAAzJclb5W8vVAywnzKjpnJiCLwMrSxCCWFHGVepEUsaLNhGJiPONam2GUaq-tHdWLWUm5HU2ybRDqF4rND6z8I1YmxCLu-ZP50CJdrrZ_z14Y_eyTog73-GmyIVSXdSyW8VsQbfAzUdnif0LJhca6IW2HWVvhwxe7jb_tSmxw9Ewq_pjJsUdQ90Jyz-l4Y0OIjgp4uNWGFaYZccfpkH2MXOeQBJNAesSFbAaOm6ebBFFBTT7gq8zeaIKq7lviHpLjt5cNmz6eCYT1gssP80OqyfzwF9wdUVTLxYpKYlrirjXVbAXZ-LkGlXLSyVqaCB1DiW_veVSdKrCan4DQBgH2_7VXp25cYz55J9WMt5wjw6qFCimvIaUzpxala9HfqiZ6OtwmsXLazbODV9lAbSDvHMR8RFRHYNRVOGL3L4-3AbM3d4i3LzrnbS46phRGbuEUfWH4QNF1ak3ox06WIp7d_1xyX2DMfq1A9jwnARYXI_tBgpfSmSYO1EvXkGMoln3YDsckHv7J6vveS0HFL3wN90Pz8uCtxIytki3nxK_Yj_KuSfIpTx9tfTUGgSCjiLegl2VBz03cuvOnUvJGcLSl5GMv85ZbFwvvANoUdoNDZlvcBkT-MeIZa1WMuNnKNo8XoY9v9prrnayq-Ga4EyEy2H0PxERq-FJnZwr_-fTvoW7gHcFcpiNQaMBlkjf3cxP6faKiADFVYaFB&cid=CAQSOwDq26N9H0wT5ceVPoDx37mVXebNSVFrLzCgBZjnzfw81joLxKhgzDXDXc0gLPdVv0JuBjkjXrvwdQPjGAEgEw&rfl=1%2Chttps%253A%252F%252Fwegotthiscovered.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f156.1e100.net
Software
cafe /
Resource Hash
2c19d105106bf6f55dd15da3523b88f88921e03cf54e1efaa138922fc12397c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://a6877dcf690d5719671ec6745f20d2cd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 19:55:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
29112
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11206
x-xss-protection
0
server
cafe
etag
16690196781007480285
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 18 Dec 2022 19:55:44 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame A0B7 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: a6877dcf690d5719671ec6745f20d2cd.safeframe.googlesyndication.com
URL: https://a6877dcf690d5719671ec6745f20d2cd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://a6877dcf690d5719671ec6745f20d2cd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 23:37:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
15831
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 04 Dec 2023 23:37:05 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame EE42 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: a6877dcf690d5719671ec6745f20d2cd.safeframe.googlesyndication.com
URL: https://a6877dcf690d5719671ec6745f20d2cd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f156.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://a6877dcf690d5719671ec6745f20d2cd.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
30847
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 04 Dec 2022 19:26:49 GMT
etag
48472445140208031
expires
Mon, 05 Dec 2022 19:26:49 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 17B9 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: a6877dcf690d5719671ec6745f20d2cd.safeframe.googlesyndication.com
URL: https://a6877dcf690d5719671ec6745f20d2cd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://a6877dcf690d5719671ec6745f20d2cd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 23:37:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
15831
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 04 Dec 2023 23:37:05 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 0347 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: a6877dcf690d5719671ec6745f20d2cd.safeframe.googlesyndication.com
URL: https://a6877dcf690d5719671ec6745f20d2cd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f156.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://a6877dcf690d5719671ec6745f20d2cd.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
30847
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 04 Dec 2022 19:26:49 GMT
etag
48472445140208031
expires
Mon, 05 Dec 2022 19:26:49 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
css
fonts.googleapis.com/ Frame E5A0 		2 KB
648 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto&display=swap
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f95.1e100.net
Software
ESF /
Resource Hash
df3ba57c1234e50c05735a0dedc033f43d5e638a97d5c51583cac8411d2ea34f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 05 Dec 2022 04:00:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 05 Dec 2022 02:26:42 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 05 Dec 2022 04:00:57 GMT
css
fonts.googleapis.com/ 		1 KB
505 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Poppins&display=swap
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D31322D30355F30367D7B7331363635343432387D7B4337377D7B536432566E6233523061476C7A593239325A584A6C5A43356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583630307D7B593430307D7B66317D7B4C31313033347DFEFE&userIpAddr=103.209.254.83&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F108.0.5359.94+Safari%2F537.36&debugInformation=&isWePassGdpr=1&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&sdkv=&isSinglePageFloatSupport=0&isAmpIframe=0&csuuid=638d6cf666bb7&debugInfo=16654428_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16654428&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2810upwijyhl&secondaryContent=&x=600&y=400&pubUrl=https%3A%2F%2Fwegotthiscovered.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=1&flow_bottomOffset=50&impGap=1&flow_width=340&flow_height=192&videoType=flow&gdpr=0&gdprConsent=&contentFeedId=&geoLati=-37.8372&geoLong=144.9354&vpTemplate=11034&flowMode=below&isRealPreroll=0&playerApiId=primisPlayer&isApp=0&ccpa=0&ccpaConsent=&subId=default
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f95.1e100.net
Software
ESF /
Resource Hash
0dabde244ca54751439b42b2bc6754887cf48d7d13835c2ed1fa37b253a4731a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 05 Dec 2022 04:00:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 05 Dec 2022 02:33:41 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 05 Dec 2022 04:00:57 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 6B62 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D31322D30355F30367D7B7331363635343432387D7B4337377D7B536432566E6233523061476C7A593239325A584A6C5A43356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583630307D7B593430307D7B66317D7B4C31313033347DFEFE&userIpAddr=103.209.254.83&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F108.0.5359.94+Safari%2F537.36&debugInformation=&isWePassGdpr=1&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&sdkv=&isSinglePageFloatSupport=0&isAmpIframe=0&csuuid=638d6cf666bb7&debugInfo=16654428_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16654428&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2810upwijyhl&secondaryContent=&x=600&y=400&pubUrl=https%3A%2F%2Fwegotthiscovered.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=1&flow_bottomOffset=50&impGap=1&flow_width=340&flow_height=192&videoType=flow&gdpr=0&gdprConsent=&contentFeedId=&geoLati=-37.8372&geoLong=144.9354&vpTemplate=11034&flowMode=below&isRealPreroll=0&playerApiId=primisPlayer&isApp=0&ccpa=0&ccpaConsent=&subId=default
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.44.0.196 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-44-0-196.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://wegotthiscovered.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=24022
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Mon, 05 Dec 2022 04:00:57 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Mon, 05 Dec 2022 10:41:19 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
usermatchredir
ssum-sec.casalemedia.com/ Frame 2F85
Redirect Chain
  • https://u.openx.net/w/1.0/cm?gdpr=0&gdpr_consent=&id=476b50d3-5ccf-49a1-89b8-1ddf8ea18042&r=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D98%26advUuid%3D
  • https://live.primis.tech/live/liveCS.php?source=external&advId=98&advUuid=a6f55951-6b0c-43cb-af3a-e76a33d3568c
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=1486637409&pcid=a6f55951-6b0c-43cb-af3a-e76a33d3568c
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156872&pu=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1402230080%26mi%3D10%26csh%3D1486637409%26rnd%3D...
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156872&pu=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1402230080%26mi%3D10%26csh%3D1486637409%26rnd%3D...
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NkExNDFEQTItNjk3Qy00MTgwLUJDM0QtNTc2OTk1RkQ2Njk1&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEIIUZvUHDUlIqYn_08wlweU&google_cver=1
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=1402230080&mi=10&csh=2023874098&rnd=1738078019&pcid=E0D49FB2-6484-443C-94BA-B894703FD7A2
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1709765917%26mi%3D10%26csh%3D2023874098%3B1402230080%26rnd%3D1637934543&pcid=...
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=1709765917&mi=10&csh=2023874098;1402230080&rnd=1637934543&pcid=6665481102401954734
  • https://ssum-sec.casalemedia.com/usermatchredir?s=200547&cb=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D201339086%26mi%3D10%26csh%3D2023874098%3B1402...
43 B
847 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=200547&cb=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D201339086%26mi%3D10%26csh%3D2023874098%3B1402230080%3B1709765917%26rnd%3D-1406022426%26pcid%3D__UID__
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D31322D30355F30367D7B7331363635343432387D7B4337377D7B536432566E6233523061476C7A593239325A584A6C5A43356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583630307D7B593430307D7B66317D7B4C31313033347DFEFE&userIpAddr=103.209.254.83&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F108.0.5359.94+Safari%2F537.36&debugInformation=&isWePassGdpr=1&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&sdkv=&isSinglePageFloatSupport=0&isAmpIframe=0&csuuid=638d6cf666bb7&debugInfo=16654428_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16654428&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2810upwijyhl&secondaryContent=&x=600&y=400&pubUrl=https%3A%2F%2Fwegotthiscovered.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=1&flow_bottomOffset=50&impGap=1&flow_width=340&flow_height=192&videoType=flow&gdpr=0&gdprConsent=&contentFeedId=&geoLati=-37.8372&geoLong=144.9354&vpTemplate=11034&flowMode=below&isRealPreroll=0&playerApiId=primisPlayer&isApp=0&ccpa=0&ccpaConsent=&subId=default
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://wegotthiscovered.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
7749e0cd694b17c9-MEL
content-length
43
content-type
image/gif
date
Mon, 05 Dec 2022 04:01:01 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Au427%2Fly3yh13z%2BCPTXzUI3%2F%2BryT%2F1DR2Zq29e941%2FLMIiV9TW8pXN1xYVQZLHzkrYVUSKmZnowTZB1mpWrIphccbpN6XLUScTbEatU0BkuYDC%2F8caZ1wux0UhZt3dqqfkVAJjTkoLsxEQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
date
Mon, 05 Dec 2022 04:01:00 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://ssum-sec.casalemedia.com/usermatchredir?s=200547&cb=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D201339086%26mi%3D10%26csh%3D2023874098%3B1402230080%3B1709765917%26rnd%3D-1406022426%26pcid%3D__UID__
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
patent
https://www.almondnet.com/ip
pragma
no-cache
server
Apache-Coyote/1.1
via
1.1 0baa68530535d25b0fce15971fbb91e8.cloudfront.net (CloudFront)
x-amz-cf-id
m4Diy6ZPgnPpcYz9liZYdHl-avEpSzoSTJWLPuUCrkHnCwlCH1sRtA==
x-amz-cf-pop
SIN52-P1
x-cache
Miss from cloudfront
sync
ssbsync.smartadserver.com/api/ Frame 69A5 		951 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=21&gdpr=0&gdpr_consent=
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D31322D30355F30367D7B7331363635343432387D7B4337377D7B536432566E6233523061476C7A593239325A584A6C5A43356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583630307D7B593430307D7B66317D7B4C31313033347DFEFE&userIpAddr=103.209.254.83&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F108.0.5359.94+Safari%2F537.36&debugInformation=&isWePassGdpr=1&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&sdkv=&isSinglePageFloatSupport=0&isAmpIframe=0&csuuid=638d6cf666bb7&debugInfo=16654428_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16654428&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2810upwijyhl&secondaryContent=&x=600&y=400&pubUrl=https%3A%2F%2Fwegotthiscovered.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=1&flow_bottomOffset=50&impGap=1&flow_width=340&flow_height=192&videoType=flow&gdpr=0&gdprConsent=&contentFeedId=&geoLati=-37.8372&geoLong=144.9354&vpTemplate=11034&flowMode=below&isRealPreroll=0&playerApiId=primisPlayer&isApp=0&ccpa=0&ccpaConsent=&subId=default
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.106.127.52 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
39a31792bbbdb895b3784ef6cd435260a6d1e7fff467f934e4d5bea5543a743f

Request headers

Referer
https://wegotthiscovered.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

content-length
951
content-type
text/html
date
Mon, 05 Dec 2022 04:00:56 GMT
liveView.php
live.primis.tech/live/ Frame 2D39 		26 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveView.php?hash=pm01ODA1NlZ2nWRsqzFmqFRcoWViqXQ9LTEzqzyxX3Zup3RUrXByPTMzqzyxX3BfYXyypyZypw0mLwEhMCZ2nWRsqzyyq2FvnWkcqHyTqGF0ZT0jJaZcZF9wo250ZW50X3VloD1bqHRjplUmQSUlRvUlRaZcZGViLaBlnW1cpl50ZWNbJTJGqXBfo2FxplUlRzNhMTYyMxZ2nWRyolUlRaVmZXJmJTJGo3JcZ2yhJTJGMwx1NwxyMxZ2nWRyo182MTxlNwYlY2NxNWZvODM5NmQmMwEkJTJGqzyxNwM3MmFyZzE3ODI2Mwt5MTp1Nwt5MC5gpDQyM0Z0o2fyM0Ryq29aSUNBZ0ygRaNnrUx2SUNKSVV6STFOnUymQ2yBZ0yDQWyxSGk3SWciZ0yepFuWQ0yLZyEhZXqiZ0yDQWqJoWk6Y3yJNxyDSyFwoWk0YVuNnUkBo2qJQ0FaSW5OMVycSTZJQ0y2ZFuCp2IlRzgwrTydYzcFMxjmWaBnR1Z2TDNWrycYSacMMwy5YVqxpGJcOHyPVFUlT1M5MzFXUzkvMTtlTVRerU5dWXyZMx5eTyqnnU9ETTVOryF6TWcFrEjmWaBnRFy6TacNrFcXWzuOrzq5TzcJNE9URTNOVFx0T1RBqWJYQTBJnXqLSUNBZ0yDSaVZoVycT2yBrE5dY3qNVGg4TWcBq0kBo2qJQ0FaSW1WNGNDSTZJREUlTacBrx9EZ3cNREFLZyEhMyyWp1ReOGqJV2Ygn2qFo01TZ0JQNy92oE1JWx1CnFNBX1VgWwRaOTqholZ2nWRsY29hqGVhqF9cZD0lNwt3MwQ4JaZcZF9wo250ZW50X2Ryp2M9TG9lY2FhK0Zcoz5yZ2FhK3RuoGgmKlUlN05iY2VvolUlNlZ2nWRsY29hqGVhqF90nXRfZT1Mo3JwYW4eRzyhozVaYW4eqGFfn3MeJTI3Tz9wZWJiJTI3JaZcZF9wo250ZW50X2R1pzF0nW9hPTU5MCZxZWJ1Z0yhZz9loWF0nW9hPSZ4PTYjMCZ5PTQjMCZjqWJVpzj9nHR0pHMyM0EyMxYyMxZ3ZWqiqHRbnXNwo3ZypzVxLzNioSUlRvZlnT02QmY5NmY2NTUmNmQ2MTp0NmM3QmpmNxImMTqCNTQmMDqEN0I2NDMlMmAmMwMlMxQmMTMlMxQmMDM1NUYmMDM2N0Q3QwpmMmEmNwM2MmUmNDM0MmImODqEN0I0MmM3Mmp3RDqCNTM2NDMlNTY2RTYlMmM1MwMjNwE0NmZDN0E1OTMlMmxmMwVBNTt0QTZDNUE0MmM1NxE2MwMlMmAmRDqEN0I2MwYmNwt3MwZGNxQ2NTqEN0I3MTY0NwU3MmZCNmQ2RwpjN0Q3QwZGNmp2OTZFNwQ2Rwp3NmM3RDqCNTtmNwMjMmA3RDqCNTxmNDMjMmA3RDqCNwYmMTqEN0I0QmMkMmEmMDMmMmQ3REZFRxUznXNBpHA9MCZmZGg2PSZaZW9MYXRcPS0mNl44MmplJzqyo0kiozp9MTQ0LwxmNTQzqXNypxyjQWRxpw0kMDMhMwA5LwI1NC44MlZ1p2VlVUE9TW96nWkfYSUlRwUhMCfyMwuXnW5xo3qmK05UKmEjLwAyM0IeV2yhNwQyM0IerDY0JTI5K0FjpGkyV2VvS2y0JTJGNTM3LwM2KlUlOEgIVE1MJTJDK2kcn2UeR2Vwn28yMwxeQ2ulo21yJTJGMTA4LwAhNTM1OS45NCgTYWZupzxyMxY1MmphMmYzpGkurWVlQXBcSWQ9pHJcoWymUGkurWVlJzNmqXVcZD02MmuxNzNzNwY2YzI3JzNvqXN0ZXI9MTY3MDIkMwt1Nwp1Mj==
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D31322D30355F30367D7B7331363635343432387D7B4337377D7B536432566E6233523061476C7A593239325A584A6C5A43356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583630307D7B593430307D7B66317D7B4C31313033347DFEFE&userIpAddr=103.209.254.83&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F108.0.5359.94+Safari%2F537.36&debugInformation=&isWePassGdpr=1&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&sdkv=&isSinglePageFloatSupport=0&isAmpIframe=0&csuuid=638d6cf666bb7&debugInfo=16654428_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16654428&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2810upwijyhl&secondaryContent=&x=600&y=400&pubUrl=https%3A%2F%2Fwegotthiscovered.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=1&flow_bottomOffset=50&impGap=1&flow_width=340&flow_height=192&videoType=flow&gdpr=0&gdprConsent=&contentFeedId=&geoLati=-37.8372&geoLong=144.9354&vpTemplate=11034&flowMode=below&isRealPreroll=0&playerApiId=primisPlayer&isApp=0&ccpa=0&ccpaConsent=&subId=default
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.8.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-8-105.sin5.r.cloudfront.net
Software
nginx /
Resource Hash
9f1928345c63629e189227c2bc06f5ebe67035d3471f472e0e912cfcbb93620c

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Dec 2022 04:00:56 GMT
content-encoding
gzip
via
1.1 884565e44bd03047bbadc5b86c50509c.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
SIN5-C1
age
0
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
https://wegotthiscovered.com
content-type
application/json; charset=utf-8
cache-control
no-store
access-control-allow-credentials
true
content-length
5113
x-amz-cf-id
bXn3pyUc6g-pah6b56nt83r4yyK-b9xa8a3vv9qIcDrZhyL2ZILivQ==
liveView.php
live.primis.tech/live/ 		0
418 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveView.php?hash=ozcmPTEznXRiPTEzqzyxX2V2ZW50PTUjJaNypaZypyRcoWU9MTY3MDIkMwt1NSZ2nWRspGkurWVlVzVlPTMhMS4jJaM9MTA4MDM0JaN0YT0jJat9NwAjJax9NDAjJaZcZF9jYXNmRG9gYWyhPXqyZ290qGucp2NiqzVlZWQhY29gJaN1YxyxPXqyZ290qGucp2NiqzVlZWQhY29gJzRyYaVaSW5zo3JgYXRco249JzymQXBjPTAzp2Reqw0zpzx9NxM2OTp2NwU1Mmp0NwE3NDpmN0M3MmZCMmE3QwU0MmA3RDqCNwQmMwMjMmImMwJEMmEmMwJEMmAmNTVGMmAmNwqEN0I3MmMkMmYmNwM1MmQmNDMlMmt3RDqCNDMmNmM3N0Q3QwUmNwQmMwU2NxU2MwMmNTImMDYkNDp2QmqBNTxmMwM5MmI1QTU4NEE2QmVBNDMmNTZBNwImMwMjM0Q3RDqCNwI2MmY4NmI2RwZENwU3RDqCNmE2NDY1NmM2Qwp0NxY3MDqEN0I2Rwp3Nwx2RTY0NxY3NmpmN0Q3QwU4MmYmMDMjN0Q3QwU5MmQmMDMjN0Q3QwY2MmE3RDqCNEMmMTMkMmAmMmM0N0RGRUZFJzRcYWyxPSZ1p2VlSXBBZGRlPTEjMl4lMDxhMwU0LwtmJaVmZXJVQT1No3ccoGkuJTJGNS4jJTIjJTI4V2yhZG93plUlME5UJTIjMTAhMCUmQvUlMFqcowY0JTNCJTIjrDY0JTI5JTIjQXBjoGVXZWJLnXQyMxY1MmphMmYyMwAyMwuLSFRNTCUlQlUlMGkcn2UyMwBHZWNeolUlOSUlMENbpz9gZSUlRwEjOC4jLwUmNTxhOTQyMwBTYWZupzxyMxY1MmphMmYzY3N1qWyxPTYmOGQ2Y2Y2NwZvYwpzY29hqGVhqEZcoGVJZD0jJz1yZGyuUGkurUkcp3RJZD0jJz1yZGyuTGymqEyxPTAzZ2Rjpw0jJzqxpHJDo25mZW50PSZcp1qyUGFmp0qxpHI9MSZwY3BuPTAzY2NjYUNioaNyoaQ9JzNvqXN0ZXI9MTY3MDIkMwt1NwpmMlZ1nWQ9U2VenW5xo1NQoGF5ZXI2MmuxNzNzNmFxYmU1JaB1YyVloD1bqHRjplUmQSUlRvUlRaqyZ290qGucp2NiqzVlZWQhY29gJTJGJzZfo2F0U3RuqHVmPWZuoHNyJzVcZHNjPWycpQ==
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.8.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-8-105.sin5.r.cloudfront.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Dec 2022 04:00:56 GMT
content-encoding
gzip
via
1.1 884565e44bd03047bbadc5b86c50509c.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
SIN5-C1
age
0
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store
x-amz-cf-id
z0vusVe0UiG8dX_ehlFTPKiz2DY40nrNwv12IUYU-Q-3-Y0xJHb2VA==
p-1ZHFxK2kGG5Cz.gif
pixel.quantserve.com/pixel/ Frame 2D39 		35 B
210 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel/p-1ZHFxK2kGG5Cz.gif?labels=publisher.29569.space.108034,adsize.600x400
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.229.10.211 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 05 Dec 2022 04:00:56 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
strict-transport-security
max-age=86400
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
liveCS.php
live.primis.tech/live/ Frame 2D39
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=sekindo&gdpr=0&gdpr_consent=
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=80b35f2d-fa1a-47da-9010-64e13e84dcaf&ssp=sekindo&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2910&partner_device_id=10524349382118821030&gdpr=0&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.vi...
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2910&partner_device_id=10524349382118821030&gdpr=0&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26...
  • https://odr.mookie1.com/t/v2?tagid=V2_948118&src.visitorid=99425b1c-5be5-4b55-8e5e-c77148467017&ssp=sekindo&gdpr_consent=&gdpr=0
  • https://aa.agkn.com/adscores/g.pixel?sid=9212302828&puid=10524349382118821030&ssp=sekindo&gdpr=0&gdpr_consent=
  • https://odr.mookie1.com/t/v2?tagid=V2_785409&src.visitorId=232363304356002906117&ssp=sekindo&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=419&user_id=10524349382118821030&ssp=sekindo&gdpr=0&gdpr_consent=
  • https://live.primis.tech/live/liveCS.php?source=external&pixel=&advId=24830&advUuid=80b35f2d-fa1a-47da-9010-64e13e84dcaf
0
500 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveCS.php?source=external&pixel=&advId=24830&advUuid=80b35f2d-fa1a-47da-9010-64e13e84dcaf
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Server
13.35.8.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-8-105.sin5.r.cloudfront.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Dec 2022 04:00:59 GMT
content-encoding
gzip
via
1.1 884565e44bd03047bbadc5b86c50509c.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
SIN5-C1
age
0
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/html; charset=utf-8
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store
x-amz-cf-id
y2Pr6tH1BxrIiBXsh1YvLuUwsuCUrMqVat8kjk94T0HoNRbJOepxgg==

Redirect headers

Location
//live.primis.tech/live/liveCS.php?source=external&pixel=&advId=24830&advUuid=80b35f2d-fa1a-47da-9010-64e13e84dcaf
Date
Mon, 05 Dec 2022 04:00:59 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
liveCS.php
live.primis.tech/live/ Frame 2D39
Redirect Chain
  • https://csync.loopme.me/?pubid=11280&gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D93%26advUuid%3D%7Bviewer_token%7D
  • https://live.primis.tech/live/liveCS.php?source=external&advId=93&advUuid=e58da24e-198f-4926-9b26-e3103003536e&gdpr_consent=null&gdpr=0
0
500 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveCS.php?source=external&advId=93&advUuid=e58da24e-198f-4926-9b26-e3103003536e&gdpr_consent=null&gdpr=0
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Server
13.35.8.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-8-105.sin5.r.cloudfront.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Dec 2022 04:00:57 GMT
content-encoding
gzip
via
1.1 884565e44bd03047bbadc5b86c50509c.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
SIN5-C1
age
0
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/html; charset=utf-8
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store
x-amz-cf-id
dUXZ_vtcubERKEsv_a66F5vGxudUdJFv11rAdURJcevUuXlEr4QE8Q==

Redirect headers

location
https://live.primis.tech/live/liveCS.php?source=external&advId=93&advUuid=e58da24e-198f-4926-9b26-e3103003536e&gdpr_consent=null&gdpr=0
date
Mon, 05 Dec 2022 04:00:57 GMT
server
_
content-length
0
E0D49FB2-6484-443C-94BA-B894703FD7A2
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 2D39
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=192962&gdpr=0&gdpr_consent=&cb=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D99%26advUuid%3D
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D99%26advUuid%3D&gdpr=0&gdpr_consent=&s=192962&C=1
  • https://live.primis.tech/live/liveCS.php?source=external&advId=99&advUuid=Y41s-W8AuuqXN2rCesl1hQAAFNsAAAIB
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=2023874098&pcid=Y41s-W8AuuqXN2rCesl1hQAAFNsAAAIB
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156872&pu=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1402230080%26mi%3D10%26csh%3D2023874098%26rnd%3D...
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEIIUZvUHDUlIqYn_08wlweU&google_cver=1
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=068165a1-9f84-469f-b0f4-06b7381834b8&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://pr-bh.ybp.yahoo.com/sync/pubmatic/E0D49FB2-6484-443C-94BA-B894703FD7A2?gdpr=0&gdpr_consent=
43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/E0D49FB2-6484-443C-94BA-B894703FD7A2?gdpr=0&gdpr_consent=
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Server
52.220.163.160 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-220-163-160.ap-southeast-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 04:01:00 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43

Redirect headers

location
https://pr-bh.ybp.yahoo.com/sync/pubmatic/E0D49FB2-6484-443C-94BA-B894703FD7A2?gdpr=0&gdpr_consent=
date
Mon, 05 Dec 2022 04:00:59 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
126
content-type
text/html; charset=utf-8
usermatchredir
ssum-sec.casalemedia.com/ Frame 2D39
Redirect Chain
  • https://eb2.3lift.com/getuid?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D121%26advUuid%3D%24UID
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D121%26advUuid%3D%24UID
  • https://live.primis.tech/live/liveCS.php?source=external&advId=121&advUuid=96064650708096559124
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=259151345&pcid=96064650708096559124
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156872&pu=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1402230080%26mi%3D10%26csh%3D259151345%26rnd%3D-...
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEIIUZvUHDUlIqYn_08wlweU&google_cver=1
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=1402230080&mi=10&csh=2023874098&rnd=1738078019&pcid=E0D49FB2-6484-443C-94BA-B894703FD7A2
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1709765917%26mi%3D10%26csh%3D2023874098%3B1402230080%26rnd%3D1502683159&pcid=...
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=1709765917&mi=10&csh=2023874098;1402230080&rnd=1502683159&pcid=6665481102401954734
  • https://ssum-sec.casalemedia.com/usermatchredir?s=200547&cb=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D201339086%26mi%3D10%26csh%3D2023874098%3B1402...
43 B
849 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=200547&cb=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D201339086%26mi%3D10%26csh%3D2023874098%3B1402230080%3B1709765917%26rnd%3D-1222338856%26pcid%3D__UID__
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Dec 2022 04:01:01 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gU3CK%2FkEZqLK5aWxm0VB8WhvZrONwcM%2Fz2HjJdEsKr%2F4rciMvRmnFWjxioM%2BS4AxNapWUFwbTYe8VsfM2aBhtrV3Q6UyVy%2FyHY%2BGf3rPo2VSKtqGyxCYCuV1kcqMFJdRTvWKI0%2B1Hwc%2BEQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
7749e0ce2a8617c9-MEL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 05 Dec 2022 04:01:00 GMT
via
1.1 0baa68530535d25b0fce15971fbb91e8.cloudfront.net (CloudFront)
server
Apache-Coyote/1.1
x-amz-cf-pop
SIN52-P1
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=200547&cb=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D201339086%26mi%3D10%26csh%3D2023874098%3B1402230080%3B1709765917%26rnd%3D-1222338856%26pcid%3D__UID__
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
patent
https://www.almondnet.com/ip
content-length
43
x-amz-cf-id
8i5Eh-x11ALzSFWq31Skj5PEUKpqwUjqS6xW1MVcNKXqE0tAeduDLg==
expires
Thu, 01 Jan 1970 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 2D39
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=primis&gdpr=0&gdpr_consent=
  • https://live.primis.tech/live/liveCS.php?source=external&csuuid=618110e63fc8f&advId=100&advUuid=LBA9LY0O-6-E4O5&pixel=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%...
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=1725065545&pcid=LBA9LY0O-6-E4O5
  • https://u.openx.net/w/1.0/cm?id=476b50d3-5ccf-49a1-89b8-1ddf8ea18042&r=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1486637409%26mi%3D10%26csh%3D14866...
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=1486637409&mi=10&csh=1486637409;1725065545&rnd=-1201165667&pcid=a6f55951-6b0c-43cb-af3a-e76a33d3568c
  • https://ce.lijit.com/merge?pid=8101&3pid=QnClFusBBa&location=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D396218182%26mi%3D10%26csh%3D1486637409%3B172...
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=396218182&mi=10&csh=1486637409;1725065545;1486637409&rnd=-1538460004&pcid=Fw2QCRZHu3v1r7TzQW6rTsLw
  • https://sync.mathtag.com/sync/img?mt_exid=10019&redir=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1678944572%26mi%3D10%26csh%3D1486637409%3B172506554...
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=1678944572&mi=10&csh=1486637409;1725065545;1486637409;396218182&rnd=-664253552&pcid=af57638d-6cfa-4600-8909-94e1f1deb2d9
  • https://pixel.rubiconproject.com/tap.php?v=12218&nid=2528&put=QnClFusBBa&expires=1825&rnd=301066420
42 B
708 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=12218&nid=2528&put=QnClFusBBa&expires=1825&rnd=301066420
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
HTTP/1.1
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
4b9b5fe4fdc8ed94e0f7cdc225df187a
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Mon, 05 Dec 2022 04:01:01 GMT
via
1.1 0baa68530535d25b0fce15971fbb91e8.cloudfront.net (CloudFront)
server
Apache-Coyote/1.1
x-amz-cf-pop
SIN52-P1
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
location
https://pixel.rubiconproject.com/tap.php?v=12218&nid=2528&put=QnClFusBBa&expires=1825&rnd=301066420
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
patent
https://www.almondnet.com/ip
content-length
43
x-amz-cf-id
ZUVPIdqguhDS5weNdiReSyBtRkmxUVqC-p3-L0YDPoos7MqNCzfohg==
expires
Thu, 01 Jan 1970 00:00:00 GMT
E0D49FB2-6484-443C-94BA-B894703FD7A2
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 2D39
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58627/occ?gdpr=0&gdpr_consent=
  • https://live.primis.tech/live/liveCS.php?source=external&advId=128&advUuid=y-v0EYJxRE2uHs3QQDLifZlYI0zOFJ2DQHpwHE1wM-~A&gdpr=0&gdpr_consent=
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=1028935272&pcid=y-v0EYJxRE2uHs3QQDLifZlYI0zOFJ2DQHpwHE1wM-~A
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156872&pu=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1402230080%26mi%3D10%26csh%3D1028935272%26rnd%3D...
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEIIUZvUHDUlIqYn_08wlweU&google_cver=1
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:D2890877A16842FBAB5E0498421370CE
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://pr-bh.ybp.yahoo.com/sync/pubmatic/E0D49FB2-6484-443C-94BA-B894703FD7A2?gdpr=0&gdpr_consent=
43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/E0D49FB2-6484-443C-94BA-B894703FD7A2?gdpr=0&gdpr_consent=
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Server
52.220.163.160 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-220-163-160.ap-southeast-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 04:01:00 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43

Redirect headers

location
https://pr-bh.ybp.yahoo.com/sync/pubmatic/E0D49FB2-6484-443C-94BA-B894703FD7A2?gdpr=0&gdpr_consent=
date
Mon, 05 Dec 2022 04:00:59 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
126
content-type
text/html; charset=utf-8
usermatchredir
ssum-sec.casalemedia.com/ Frame 2D39
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D105%26advUuid%3D%24UID
  • https://live.primis.tech/live/liveCS.php?source=external&advId=105&advUuid=6665481102401954734
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=1709765917&pcid=6665481102401954734
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156872&pu=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1402230080%26mi%3D10%26csh%3D1709765917%26rnd%3D...
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEIIUZvUHDUlIqYn_08wlweU&google_cver=1
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=1402230080&mi=10&csh=2023874098&rnd=1738078019&pcid=E0D49FB2-6484-443C-94BA-B894703FD7A2
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1709765917%26mi%3D10%26csh%3D2023874098%3B1402230080%26rnd%3D983590664&pcid=$UID
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=1709765917&mi=10&csh=2023874098;1402230080&rnd=983590664&pcid=6665481102401954734
  • https://ssum-sec.casalemedia.com/usermatchredir?s=200547&cb=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D201339086%26mi%3D10%26csh%3D2023874098%3B1402...
43 B
838 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=200547&cb=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D201339086%26mi%3D10%26csh%3D2023874098%3B1402230080%3B1709765917%26rnd%3D-102141521%26pcid%3D__UID__
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Dec 2022 04:01:01 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0zxgKu4xnD9XwRpmSFBBVyHOPVj1plBTlWe33uTxdTtIHhXyI7AGQgmSFPGp1wLjj7kTtushKGRmFUqsGLYpUk0tDNEkHA2gs399avE6OugUKdlBPeaSt2a38%2F923IUtukqDyd2P6PGHtg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
7749e0d06e7117c9-MEL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 05 Dec 2022 04:01:01 GMT
via
1.1 0baa68530535d25b0fce15971fbb91e8.cloudfront.net (CloudFront)
server
Apache-Coyote/1.1
x-amz-cf-pop
SIN52-P1
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=200547&cb=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D201339086%26mi%3D10%26csh%3D2023874098%3B1402230080%3B1709765917%26rnd%3D-102141521%26pcid%3D__UID__
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
patent
https://www.almondnet.com/ip
content-length
43
x-amz-cf-id
Yn7VcA2oVB3TFT69qdIGPvsyfjGhtivAaOcVCwZTp1kP7z8cDzTnow==
expires
Thu, 01 Jan 1970 00:00:00 GMT
E0D49FB2-6484-443C-94BA-B894703FD7A2
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 2D39
Redirect Chain
  • https://mb9eo.publishers.tremorhub.com/pubsync?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D126%26advUuid%3D%5Btvid%5D
  • https://mb9eo.publishers.tremorhub.com/pubsync/verify?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D126%26advUuid%3D%5Btvid%5D
  • https://live.primis.tech/live/liveCS.php?source=external&advId=126&advUuid=22ae6b029cf64a39a7db3a2f043fd035
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=584182936&pcid=22ae6b029cf64a39a7db3a2f043fd035
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156872&pu=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1402230080%26mi%3D10%26csh%3D584182936%26rnd%3D1...
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:D2890877A16842FBAB5E0498421370CE
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://pr-bh.ybp.yahoo.com/sync/pubmatic/E0D49FB2-6484-443C-94BA-B894703FD7A2?gdpr=0&gdpr_consent=
43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/E0D49FB2-6484-443C-94BA-B894703FD7A2?gdpr=0&gdpr_consent=
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Server
52.220.163.160 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-220-163-160.ap-southeast-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 04:01:00 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43

Redirect headers

location
https://pr-bh.ybp.yahoo.com/sync/pubmatic/E0D49FB2-6484-443C-94BA-B894703FD7A2?gdpr=0&gdpr_consent=
date
Mon, 05 Dec 2022 04:00:59 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
126
content-type
text/html; charset=utf-8
usermatchredir
ssum-sec.casalemedia.com/ Frame 2D39
Redirect Chain
  • https://cs.media.net/cksync?gdpr=0&gdpr_consent=&cs=34&type=pri&ovsid=638d6cf666bb7&redirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D127%26advUuid%3D%3Cvsid%3E
  • https://live.primis.tech/live/liveCS.php?source=external&advId=127&advUuid=3132144571537998000V10
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=1723987475&pcid=3132144571537998000V10
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156872&pu=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1402230080%26mi%3D10%26csh%3D1723987475%26rnd%3D...
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=1402230080&mi=10&csh=1723987475&rnd=704316134&pcid=E0D49FB2-6484-443C-94BA-B894703FD7A2
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1709765917%26mi%3D10%26csh%3D1723987475%3B1402230080%26rnd%3D1689984886&pcid=...
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=1709765917&mi=10&csh=1723987475;1402230080&rnd=1689984886&pcid=6665481102401954734
  • https://ssum-sec.casalemedia.com/usermatchredir?s=200547&cb=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D201339086%26mi%3D10%26csh%3D1723987475%3B1402...
43 B
844 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=200547&cb=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D201339086%26mi%3D10%26csh%3D1723987475%3B1402230080%3B1709765917%26rnd%3D983007219%26pcid%3D__UID__
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Dec 2022 04:01:01 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q05eTeMd%2BYuG95lyo%2Brgy36sTzHWEbxNWDWvDTSlaIdBoou3a%2B%2BOt2FjwAXkOLtZX18TEFVyA%2F%2Fnk6bkb8ZbIdyTr4WCVFnwhNwgQr50A4gPaoiPqfIH6azifKdUKDrcrFP9F0116onrZw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
7749e0cbef2117c9-MEL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 05 Dec 2022 04:01:00 GMT
via
1.1 0baa68530535d25b0fce15971fbb91e8.cloudfront.net (CloudFront)
server
Apache-Coyote/1.1
x-amz-cf-pop
SIN52-P1
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=200547&cb=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D201339086%26mi%3D10%26csh%3D1723987475%3B1402230080%3B1709765917%26rnd%3D983007219%26pcid%3D__UID__
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
patent
https://www.almondnet.com/ip
content-length
43
x-amz-cf-id
l-VjKlOamgowUaqFZy8s4SoqXzrXn_K6uPAL650naiWfd8gSNPUl_A==
expires
Thu, 01 Jan 1970 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 2D39
Redirect Chain
  • https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D130%26advUuid%3D%24UID
  • https://live.primis.tech/live/liveCS.php?source=external&advId=130&advUuid=Fw2QCRZHu3v1r7TzQW6rTsLw
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=396218182&pcid=Fw2QCRZHu3v1r7TzQW6rTsLw
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156872&pu=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1402230080%26mi%3D10%26csh%3D396218182%26rnd%3D1...
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RTBENDlGQjItNjQ4NC00NDNDLTk0QkEtQjg5NDcwM0ZEN0Ey&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
113 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Server
103.231.98.194 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Mon, 05 Dec 2022 04:00:58 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 05 Dec 2022 04:00:58 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame 2D39
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=3586&gdpr=0&gdpr_consent=
  • https://live.primis.tech/live/liveCS.php?source=external&pixel=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26mi%3D10%26dpi%3D793790479%263rddpi%3D484859127%2...
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=484859127&3rdpcid=aff08fbb323e9e876aa6076ba5230eb
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156872&pu=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1402230080%26mi%3D10%26csh%3D793790479%26rnd%3D-...
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=1402230080&mi=10&csh=793790479&rnd=-1246140210&pcid=E0D49FB2-6484-443C-94BA-B894703FD7A2
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1709765917%26mi%3D10%26csh%3D793790479%3B1402230080%26rnd%3D1745524679&pcid=$UID
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=1709765917&mi=10&csh=793790479;1402230080&rnd=1745524679&pcid=6665481102401954734
  • https://ssum-sec.casalemedia.com/usermatchredir?s=200547&cb=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D201339086%26mi%3D10%26csh%3D793790479%3B14022...
43 B
843 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=200547&cb=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D201339086%26mi%3D10%26csh%3D793790479%3B1402230080%3B1709765917%26rnd%3D103526101%26pcid%3D__UID__
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Dec 2022 04:01:01 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sjeF6V3TJHfOskCfW8TeqmcVJ0bFiJKdFx4j5Y%2BHjUENfSfMmjyDR%2Fz%2BQe1mMK%2Bw98Cm%2BzkM35qVdP42p17c3mjinjumU1zwucPiaUjYUAK7BE8x3R1KToK0mC1WPdD43nLOOSgLpzh0FA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
7749e0d0aecd17c9-MEL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 05 Dec 2022 04:01:01 GMT
via
1.1 0baa68530535d25b0fce15971fbb91e8.cloudfront.net (CloudFront)
server
Apache-Coyote/1.1
x-amz-cf-pop
SIN52-P1
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=200547&cb=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D201339086%26mi%3D10%26csh%3D793790479%3B1402230080%3B1709765917%26rnd%3D103526101%26pcid%3D__UID__
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
patent
https://www.almondnet.com/ip
content-length
43
x-amz-cf-id
8gQdOfkz6j4QYyNcS4yceVBnX-yFkUaIwMcY32Nghzk-mNLSysq4OA==
expires
Thu, 01 Jan 1970 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame 2D39
Redirect Chain
  • https://cs.admanmedia.com/3613a31b6329d1c17d5663d05b080db1.gif?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D138%26advUuid%3D%5BUID%5D
  • https://live.primis.tech/live/liveCS.php?source=external&advId=138&advUuid=308e1982-4100-4e40-b524-dff1790fca25
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=2136778551&pcid=308e1982-4100-4e40-b524-dff1790fca25
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156872&pu=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1402230080%26mi%3D10%26csh%3D2136778551%26rnd%3D...
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=1402230080&mi=10&csh=2136778551&rnd=-1266792756&pcid=E0D49FB2-6484-443C-94BA-B894703FD7A2
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1709765917%26mi%3D10%26csh%3D2136778551%3B1402230080%26rnd%3D985129048&pcid=$UID
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=1709765917&mi=10&csh=2136778551;1402230080&rnd=985129048&pcid=6665481102401954734
  • https://ssum-sec.casalemedia.com/usermatchredir?s=200547&cb=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D201339086%26mi%3D10%26csh%3D2136778551%3B1402...
43 B
842 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=200547&cb=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D201339086%26mi%3D10%26csh%3D2136778551%3B1402230080%3B1709765917%26rnd%3D1363558109%26pcid%3D__UID__
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Dec 2022 04:01:01 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cH%2Bj6aWd%2FwsIniBLFC%2B1V2luPcZH2XOfV3R3RsdATXEPkVcB5pHdvKllTqWzZsnCU%2BqLkrNxRY0kKWZbOb71OzJbhKB4r426Yy99nUD7OHJEYJg1oGEiymJ2Cp1YIrd3DcaeK2UugxBSlg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
7749e0cf5cdf17c9-MEL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 05 Dec 2022 04:01:01 GMT
via
1.1 0baa68530535d25b0fce15971fbb91e8.cloudfront.net (CloudFront)
server
Apache-Coyote/1.1
x-amz-cf-pop
SIN52-P1
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=200547&cb=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D201339086%26mi%3D10%26csh%3D2136778551%3B1402230080%3B1709765917%26rnd%3D1363558109%26pcid%3D__UID__
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
patent
https://www.almondnet.com/ip
content-length
43
x-amz-cf-id
xv7KEFayG61Z005OkwcOr-o582uaUpRgFprOV0iWWpkRFn8yt027zA==
expires
Thu, 01 Jan 1970 00:00:00 GMT
vid63731efa78262891756890.jpg
video.primis.tech/uploads/cn16/video/users/converted/29569/video_6192662ccd5fb839743211/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.primis.tech/uploads/cn16/video/users/converted/29569/video_6192662ccd5fb839743211/vid63731efa78262891756890.jpg?cbuster=1668489763
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.3.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-3-9.lax50.r.cloudfront.net
Software
nginx /
Resource Hash
52f28ac91570d46add179d1b07b683fd47fe0c1832e7cbb4d2bd4c947634a2ba

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 02:14:06 GMT
via
1.1 343bf0673077d89b10a11d6681331656.cloudfront.net (CloudFront), 1.1 eff294f75dc5e54c1eeab4c7f8b45886.cloudfront.net (CloudFront)
x-amz-cf-pop
DFW56-P2, LAX50-P1
age
38631
x-cache
Hit from cloudfront
content-length
8704
last-modified
Tue, 15 Nov 2022 05:26:50 GMT
server
nginx
etag
"e939295305a5a2fb5178d7bb38059eab"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
x-amz-cf-id
agnr9wT5ucf6lVa8E0RKk4isrc8lOAfUL5z6EOU3yx9O54fsmLqTHQ==
expires
Mon, 05 Dec 2022 17:17:09 GMT
liveView.php
live.primis.tech/live/ Frame 2D39 		108 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveView.php?hash=pm01ODA1NlZ2nWRsqzFmqFRcoWViqXQ9LTEzqzyxX3Zup3RUrXByPTMzqzyxX3BfYXyypyZypw0mLwEhMCZ2nWRsqzyyq2FvnWkcqHyTqGF0ZT0kJaZcZF9wo250ZW50X3VloD1bqHRjplUmQSUlRvUlRaZcZGViLaBlnW1cpl50ZWNbJTJGqXBfo2FxplUlRzNhMTYyMxZ2nWRyolUlRaVmZXJmJTJGo3JcZ2yhJTJGMwx1NwxyMxZ2nWRyo182MTxlNwYlY2NxNWZvODM5NmQmMwEkJTJGqzyxNwM3MmFyZzE3ODI2Mwt5MTp1Nwt5MC5gpDQyM0Z0o2fyM0Ryq29aSUNBZ0ygRaNnrUx2SUNKSVV6STFOnUymQ2yBZ0yDQWyxSGk3SWciZ0yepFuWQ0yLZyEhZXqiZ0yDQWqJoWk6Y3yJNxyDSyFwoWk0YVuNnUkBo2qJQ0FaSW5OMVycSTZJQ0y2ZFuCp2IlRzgwrTydYzcFMxjmWaBnR1Z2TDNWrycYSacMMwy5YVqxpGJcOHyPVFUlT1M5MzFXUzkvMTtlTVRerU5dWXyZMx5eTyqnnU9ETTVOryF6TWcFrEjmWaBnRFy6TacNrFcXWzuOrzq5TzcJNE9URTNOVFx0T1RBqWJYQTBJnXqLSUNBZ0yDSaVZoVycT2yBrE5dY3qNVGg4TWcBq0kBo2qJQ0FaSW1WNGNDSTZJREUlTacBrx9EZ3cNREFLZyEhMyyWp1ReOGqJV2Ygn2qFo01TZ0JQNy92oE1JWx1CnFNBX1VgWwRaOTqholZ2nWRsY29hqGVhqF9cZD0lNwt3MwQ4JaZcZF9wo250ZW50X2Ryp2M9TG9lY2FhK0Zcoz5yZ2FhK3RuoGgmKlUlN05iY2VvolUlNlZ2nWRsY29hqGVhqF90nXRfZT1Mo3JwYW4eRzyhozVaYW4eqGFfn3MeJTI3Tz9wZWJiJTI3JaZcZF9wo250ZW50X2R1pzF0nW9hPTU5MCZxZWJ1Z0yhZz9loWF0nW9hPSZ4PTp3NlZ5PTQmNlZjqWJVpzj9nHR0pHMyM0EyMxYyMxZ3ZWqiqHRbnXNwo3ZypzVxLzNioSUlRvZlnT02QmY5NmY2NTUmNmQ2MTp0NmM3QmpmNxImMTqCNTQmMDqEN0I2NDMlMmAmMwMlMxQmMTMlMxQmMDM1NUYmMDM2N0Q3QwpmMmEmNwM2MmUmNDM0MmImODqEN0I0MmM3Mmp3RDqCNTM2NDMlNTY2RTYlMmM1MwMjNwE0NmZDN0E1OTMlMmxmMwVBNTt0QTZDNUE0MmM1NxE2MwMlMmAmRDqEN0I2MwYmNwt3MwZGNxQ2NTqEN0I3MTY0NwU3MmZCNmQ2RwpjN0Q3QwZGNmp2OTZFNwQ2Rwp3NmM3RDqCNTtmNwMjMmA3RDqCNTxmNDMjMmA3RDqCNwYmMTqEN0I0QmMkMmEmMDMmMmQ3REZFRxUznXNBpHA9MCZmZGg2PSZaZW9MYXRcPS0mNl44MmplJzqyo0kiozp9MTQ0LwxmNTQzqXNypxyjQWRxpw0kMDMhMwA5LwI1NC44MlZ1p2VlVUE9TW96nWkfYSUlRwUhMCfyMwuXnW5xo3qmK05UKmEjLwAyM0IeV2yhNwQyM0IerDY0JTI5K0FjpGkyV2VvS2y0JTJGNTM3LwM2KlUlOEgIVE1MJTJDK2kcn2UeR2Vwn28yMwxeQ2ulo21yJTJGMTA4LwAhNTM1OS45NCgTYWZupzxyMxY1MmphMmYzpGkurWVlQXBcSWQ9pHJcoWymUGkurWVlJzNmqXVcZD02MmuxNzNzNwY2YzI3JzNvqXN0ZXI9MTY3MDIkMwt1NwtkNA==
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D31322D30355F30367D7B7331363635343432387D7B4337377D7B536432566E6233523061476C7A593239325A584A6C5A43356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583630307D7B593430307D7B66317D7B4C31313033347DFEFE&userIpAddr=103.209.254.83&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F108.0.5359.94+Safari%2F537.36&debugInformation=&isWePassGdpr=1&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&sdkv=&isSinglePageFloatSupport=0&isAmpIframe=0&csuuid=638d6cf666bb7&debugInfo=16654428_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16654428&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2810upwijyhl&secondaryContent=&x=600&y=400&pubUrl=https%3A%2F%2Fwegotthiscovered.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=1&flow_bottomOffset=50&impGap=1&flow_width=340&flow_height=192&videoType=flow&gdpr=0&gdprConsent=&contentFeedId=&geoLati=-37.8372&geoLong=144.9354&vpTemplate=11034&flowMode=below&isRealPreroll=0&playerApiId=primisPlayer&isApp=0&ccpa=0&ccpaConsent=&subId=default
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.8.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-8-105.sin5.r.cloudfront.net
Software
nginx /
Resource Hash
ca41e9411dfe1c67f27553246941fc1443f5be202935cd3a7db3ceabec7a7941

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Dec 2022 04:00:56 GMT
content-encoding
gzip
via
1.1 884565e44bd03047bbadc5b86c50509c.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
SIN5-C1
age
0
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
https://wegotthiscovered.com
content-type
application/json; charset=utf-8
cache-control
no-store
access-control-allow-credentials
true
content-length
12103
x-amz-cf-id
Rb26Tpp61BBc7OAa255WhN8NMxORLZB61YWehnBX9J8PJnlkAz3I3w==
liveView.php
live.primis.tech/live/ Frame 2D39 		108 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveView.php?hash=pm01ODA1NlZ2nWRsqzFmqFRcoWViqXQ9LTEzqzyxX3Zup3RUrXByPTMzqzyxX3BfYXyypyZypw0mLwEhMCZ2nWRsqzyyq2FvnWkcqHyTqGF0ZT0kJaZcZF9wo250ZW50X3VloD1bqHRjplUmQSUlRvUlRaZcZGViLaBlnW1cpl50ZWNbJTJGqXBfo2FxplUlRzNhMTYyMxZ2nWRyolUlRaVmZXJmJTJGo3JcZ2yhJTJGMwx1NwxyMxZ2nWRyo182MTxlNwYlY2NxNWZvODM5NmQmMwEkJTJGqzyxNwM3MmFyZzE3ODI2Mwt5MTp1Nwt5MC5gpDQyM0Z0o2fyM0Ryq29aSUNBZ0ygRaNnrUx2SUNKSVV6STFOnUymQ2yBZ0yDQWyxSGk3SWciZ0yepFuWQ0yLZyEhZXqiZ0yDQWqJoWk6Y3yJNxyDSyFwoWk0YVuNnUkBo2qJQ0FaSW5OMVycSTZJQ0y2ZFuCp2IlRzgwrTydYzcFMxjmWaBnR1Z2TDNWrycYSacMMwy5YVqxpGJcOHyPVFUlT1M5MzFXUzkvMTtlTVRerU5dWXyZMx5eTyqnnU9ETTVOryF6TWcFrEjmWaBnRFy6TacNrFcXWzuOrzq5TzcJNE9URTNOVFx0T1RBqWJYQTBJnXqLSUNBZ0yDSaVZoVycT2yBrE5dY3qNVGg4TWcBq0kBo2qJQ0FaSW1WNGNDSTZJREUlTacBrx9EZ3cNREFLZyEhMyyWp1ReOGqJV2Ygn2qFo01TZ0JQNy92oE1JWx1CnFNBX1VgWwRaOTqholZ2nWRsY29hqGVhqF9cZD0lNwt3MwQ4JaZcZF9wo250ZW50X2Ryp2M9TG9lY2FhK0Zcoz5yZ2FhK3RuoGgmKlUlN05iY2VvolUlNlZ2nWRsY29hqGVhqF90nXRfZT1Mo3JwYW4eRzyhozVaYW4eqGFfn3MeJTI3Tz9wZWJiJTI3JaZcZF9wo250ZW50X2R1pzF0nW9hPTU5MCZxZWJ1Z0yhZz9loWF0nW9hPSZ4PTM0MCZ5PTE5MSZjqWJVpzj9nHR0pHMyM0EyMxYyMxZ3ZWqiqHRbnXNwo3ZypzVxLzNioSUlRvZlnT02QmY5NmY2NTUmNmQ2MTp0NmM3QmpmNxImMTqCNTQmMDqEN0I2NDMlMmAmMwMlMxQmMTMlMxQmMDM1NUYmMDM2N0Q3QwpmMmEmNwM2MmUmNDM0MmImODqEN0I0MmM3Mmp3RDqCNTM2NDMlNTY2RTYlMmM1MwMjNwE0NmZDN0E1OTMlMmxmMwVBNTt0QTZDNUE0MmM1NxE2MwMlMmAmRDqEN0I2MwYmNwt3MwZGNxQ2NTqEN0I3MTY0NwU3MmZCNmQ2RwpjN0Q3QwZGNmp2OTZFNwQ2Rwp3NmM3RDqCNTtmNwMjMmA3RDqCNTxmNDMjMmA3RDqCNwYmMTqEN0I0QmMkMmEmMDMmMmQ3REZFRxUznXNBpHA9MCZmZGg2PSZaZW9MYXRcPS0mNl44MmplJzqyo0kiozp9MTQ0LwxmNTQzqXNypxyjQWRxpw0kMDMhMwA5LwI1NC44MlZ1p2VlVUE9TW96nWkfYSUlRwUhMCfyMwuXnW5xo3qmK05UKmEjLwAyM0IeV2yhNwQyM0IerDY0JTI5K0FjpGkyV2VvS2y0JTJGNTM3LwM2KlUlOEgIVE1MJTJDK2kcn2UeR2Vwn28yMwxeQ2ulo21yJTJGMTA4LwAhNTM1OS45NCgTYWZupzxyMxY1MmphMmYzpGkurWVlQXBcSWQ9pHJcoWymUGkurWVlJzNmqXVcZD02MmuxNzNzNwY2YzI3JzNvqXN0ZXI9MTY3MDIkMwt1NwtkNQ==
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D31322D30355F30367D7B7331363635343432387D7B4337377D7B536432566E6233523061476C7A593239325A584A6C5A43356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583630307D7B593430307D7B66317D7B4C31313033347DFEFE&userIpAddr=103.209.254.83&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F108.0.5359.94+Safari%2F537.36&debugInformation=&isWePassGdpr=1&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&sdkv=&isSinglePageFloatSupport=0&isAmpIframe=0&csuuid=638d6cf666bb7&debugInfo=16654428_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16654428&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2810upwijyhl&secondaryContent=&x=600&y=400&pubUrl=https%3A%2F%2Fwegotthiscovered.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=1&flow_bottomOffset=50&impGap=1&flow_width=340&flow_height=192&videoType=flow&gdpr=0&gdprConsent=&contentFeedId=&geoLati=-37.8372&geoLong=144.9354&vpTemplate=11034&flowMode=below&isRealPreroll=0&playerApiId=primisPlayer&isApp=0&ccpa=0&ccpaConsent=&subId=default
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.8.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-8-105.sin5.r.cloudfront.net
Software
nginx /
Resource Hash
4945783159c6d1a643a0f7ceef5963593781e34f50e27267e9f9b1433745ab8b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Dec 2022 04:00:56 GMT
content-encoding
gzip
via
1.1 884565e44bd03047bbadc5b86c50509c.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
SIN5-C1
age
0
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
https://wegotthiscovered.com
content-type
application/json; charset=utf-8
cache-control
no-store
access-control-allow-credentials
true
content-length
12100
x-amz-cf-id
9NR1NDXDPXjISAGWd_GHmSEL-T6J6gEMSx74QXgmhZ4A0ETkzyjF-g==
liveView.php
live.primis.tech/live/ Frame 2D39 		34 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveView.php?hash=pm01ODA1NlZ2nWRsqzFmqFRcoWViqXQ9LTEzqzyxX3Zup3RUrXByPTMzqzyxX3BfYXyypyZypw0mLwEhMCZ2nWRsqzyyq2FvnWkcqHyTqGF0ZT0jJaZcZF9wo250ZW50X3VloD1bqHRjplUmQSUlRvUlRaZcZGViLaBlnW1cpl50ZWNbJTJGqXBfo2FxplUlRzNhMTYyMxZ2nWRyolUlRaVmZXJmJTJGo3JcZ2yhJTJGMwx1NwxyMxZ2nWRyo182MTxlNwYlY2NxNWZvODM5NmQmMwEkJTJGqzyxNwM3MmFyZzE3ODI2Mwt5MTp1Nwt5MC5gpDQyM0Z0o2fyM0Ryq29aSUNBZ0ygRaNnrUx2SUNKSVV6STFOnUymQ2yBZ0yDQWyxSGk3SWciZ0yepFuWQ0yLZyEhZXqiZ0yDQWqJoWk6Y3yJNxyDSyFwoWk0YVuNnUkBo2qJQ0FaSW5OMVycSTZJQ0y2ZFuCp2IlRzgwrTydYzcFMxjmWaBnR1Z2TDNWrycYSacMMwy5YVqxpGJcOHyPVFUlT1M5MzFXUzkvMTtlTVRerU5dWXyZMx5eTyqnnU9ETTVOryF6TWcFrEjmWaBnRFy6TacNrFcXWzuOrzq5TzcJNE9URTNOVFx0T1RBqWJYQTBJnXqLSUNBZ0yDSaVZoVycT2yBrE5dY3qNVGg4TWcBq0kBo2qJQ0FaSW1WNGNDSTZJREUlTacBrx9EZ3cNREFLZyEhMyyWp1ReOGqJV2Ygn2qFo01TZ0JQNy92oE1JWx1CnFNBX1VgWwRaOTqholZ2nWRsY29hqGVhqF9cZD0lNwt3MwQ4JaZcZF9wo250ZW50X2Ryp2M9TG9lY2FhK0Zcoz5yZ2FhK3RuoGgmKlUlN05iY2VvolUlNlZ2nWRsY29hqGVhqF90nXRfZT1Mo3JwYW4eRzyhozVaYW4eqGFfn3MeJTI3Tz9wZWJiJTI3JaZcZF9wo250ZW50X2R1pzF0nW9hPTU5MCZxZWJ1Z0yhZz9loWF0nW9hPSZ4PTp3NlZ5PTQmNlZjqWJVpzj9nHR0pHMyM0EyMxYyMxZ3ZWqiqHRbnXNwo3ZypzVxLzNioSUlRvZlnT02QmY5NmY2NTUmNmQ2MTp0NmM3QmpmNxImMTqCNTQmMDqEN0I2NDMlMmAmMwMlMxQmMTMlMxQmMDM1NUYmMDM2N0Q3QwpmMmEmNwM2MmUmNDM0MmImODqEN0I0MmM3Mmp3RDqCNTM2NDMlNTY2RTYlMmM1MwMjNwE0NmZDN0E1OTMlMmxmMwVBNTt0QTZDNUE0MmM1NxE2MwMlMmAmRDqEN0I2MwYmNwt3MwZGNxQ2NTqEN0I3MTY0NwU3MmZCNmQ2RwpjN0Q3QwZGNmp2OTZFNwQ2Rwp3NmM3RDqCNTtmNwMjMmA3RDqCNTxmNDMjMmA3RDqCNwYmMTqEN0I0QmMkMmEmMDMmMmQ3REZFRxUznXNBpHA9MCZmZGg2PSZaZW9MYXRcPS0mNl44MmplJzqyo0kiozp9MTQ0LwxmNTQzqXNypxyjQWRxpw0kMDMhMwA5LwI1NC44MlZ1p2VlVUE9TW96nWkfYSUlRwUhMCfyMwuXnW5xo3qmK05UKmEjLwAyM0IeV2yhNwQyM0IerDY0JTI5K0FjpGkyV2VvS2y0JTJGNTM3LwM2KlUlOEgIVE1MJTJDK2kcn2UeR2Vwn28yMwxeQ2ulo21yJTJGMTA4LwAhNTM1OS45NCgTYWZupzxyMxY1MmphMmYzpGkurWVlQXBcSWQ9pHJcoWymUGkurWVlJzNmqXVcZD02MmuxNzNzNwY2YzI3JzNvqXN0ZXI9MTY3MDIkMwt1NwtkNt==
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D31322D30355F30367D7B7331363635343432387D7B4337377D7B536432566E6233523061476C7A593239325A584A6C5A43356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583630307D7B593430307D7B66317D7B4C31313033347DFEFE&userIpAddr=103.209.254.83&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F108.0.5359.94+Safari%2F537.36&debugInformation=&isWePassGdpr=1&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&sdkv=&isSinglePageFloatSupport=0&isAmpIframe=0&csuuid=638d6cf666bb7&debugInfo=16654428_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16654428&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2810upwijyhl&secondaryContent=&x=600&y=400&pubUrl=https%3A%2F%2Fwegotthiscovered.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=1&flow_bottomOffset=50&impGap=1&flow_width=340&flow_height=192&videoType=flow&gdpr=0&gdprConsent=&contentFeedId=&geoLati=-37.8372&geoLong=144.9354&vpTemplate=11034&flowMode=below&isRealPreroll=0&playerApiId=primisPlayer&isApp=0&ccpa=0&ccpaConsent=&subId=default
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.8.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-8-105.sin5.r.cloudfront.net
Software
nginx /
Resource Hash
61b584df1f11afb02f263376e9b686bbecdd332920be25785af8733aadd08488

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Dec 2022 04:00:56 GMT
content-encoding
gzip
via
1.1 884565e44bd03047bbadc5b86c50509c.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
SIN5-C1
age
0
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
https://wegotthiscovered.com
content-type
application/json; charset=utf-8
cache-control
no-store
access-control-allow-credentials
true
content-length
5475
x-amz-cf-id
PAccf7jpMMi4hHlXIscjM-T_MMWa2Ar87DdRpi9qJQ1nNd1VT-ohjQ==
pr
s.amazon-adsystem.com/v3/ Frame 704E 		3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_gg_n-mediagrid_n-sharethrough_n-LoopMe_pm-db5_ym_rbd_n-vmg_n-MediaNet_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=n-smaato_gg_n-mediagrid_n-sharethrough_n-LoopMe_pm-db5_ym_rbd_n-vmg_n-MediaNet_3lift_n-Outbrain&dcc=t
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
73cb0a9bfac40c518bf5a9fdff4593bbf30b55819cf8d7559912266ff6c6251b
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=n-smaato_gg_n-mediagrid_n-sharethrough_n-LoopMe_pm-db5_ym_rbd_n-vmg_n-MediaNet_3lift_n-Outbrain&dcc=t
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
2778
Content-Type
text/html;charset=ISO-8859-1
Date
Mon, 05 Dec 2022 04:00:57 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
EJCD48XKW3GR7WS7NE8X
vid63731efa78262891756890_thumb.jpg
video.primis.tech/uploads/cn16/video/users/converted/29569/video_6192662ccd5fb839743211/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.primis.tech/uploads/cn16/video/users/converted/29569/video_6192662ccd5fb839743211/vid63731efa78262891756890_thumb.jpg?cbuster=1668489763
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.3.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-3-9.lax50.r.cloudfront.net
Software
nginx /
Resource Hash
c5b104fe91e046dd831e61b7314bb01eda6e357e3222d2d1f1259cfa9f969e93

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 02:11:26 GMT
via
1.1 e4d959ba5c709b88eb04934bd0d1eeea.cloudfront.net (CloudFront), 1.1 eff294f75dc5e54c1eeab4c7f8b45886.cloudfront.net (CloudFront)
x-amz-cf-pop
YUL62-C2, LAX50-P1
age
38675
x-cache
Hit from cloudfront
content-length
1744
last-modified
Tue, 15 Nov 2022 05:26:51 GMT
server
nginx
etag
"c19c1349ef82dadb65aedff5fce65894"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
x-amz-cf-id
IIfQmuT2NlLGYY1dxaBdvKhEKd4RiYVUHu0-wuSCGHipxtLbqPy6Aw==
expires
Mon, 05 Dec 2022 17:16:24 GMT
vid63731b30519b7011845702_thumb.jpg
video.primis.tech/uploads/cn16/video/users/converted/29569/video_6192662ccd5fb839743211/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.primis.tech/uploads/cn16/video/users/converted/29569/video_6192662ccd5fb839743211/vid63731b30519b7011845702_thumb.jpg?cbuster=1668488337
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.3.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-3-9.lax50.r.cloudfront.net
Software
nginx /
Resource Hash
2e794cf3d57750254871034d85eaebde7a99e0fe22bb832c15ea71993ffc4e6e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 02:10:27 GMT
via
1.1 794a3d3af21f401cf5ddf53187ea3030.cloudfront.net (CloudFront), 1.1 eff294f75dc5e54c1eeab4c7f8b45886.cloudfront.net (CloudFront)
x-amz-cf-pop
SLC50-C1, LAX50-P1
age
41221
x-cache
Hit from cloudfront
content-length
2220
last-modified
Tue, 15 Nov 2022 05:02:17 GMT
server
nginx
etag
"218c11fd2411175ddb443f75b4dce536"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
x-amz-cf-id
f9DHPLGRmHyARAc920xWiOOxn562j4SudyiLfoEdGElZXlfyxnETxQ==
expires
Mon, 05 Dec 2022 16:33:59 GMT
vid6387c4d4300eb023393333_thumb.jpg
video.primis.tech/uploads/cn6/video/users/converted/31043/video_61efdb2d89eb9568475954/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.primis.tech/uploads/cn6/video/users/converted/31043/video_61efdb2d89eb9568475954/vid6387c4d4300eb023393333_thumb.jpg?cbuster=1669842135
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.3.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-3-9.lax50.r.cloudfront.net
Software
nginx /
Resource Hash
00b14083601d123173ce293a6825b12170b9dbeb1c4c29231fe271fd2f97a541

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 02:12:09 GMT
via
1.1 652d4215f99cc06aa10e1cabcceb115c.cloudfront.net (CloudFront), 1.1 eff294f75dc5e54c1eeab4c7f8b45886.cloudfront.net (CloudFront)
x-amz-cf-pop
DFW56-P2, LAX50-P1
age
18390
x-cache
Hit from cloudfront
content-length
2040
last-modified
Wed, 30 Nov 2022 21:03:29 GMT
server
nginx
etag
"f05a6d8b78176b0aedc65bdb985aaab1"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
x-amz-cf-id
GftOp5cqbN62WeDqYhQZZYobj1zLouG9ZnkubWvF-FJi7RzLfINamw==
expires
Mon, 05 Dec 2022 22:54:30 GMT
vid6297a837f1389813639110_thumb.jpg
video.primis.tech/uploads/cn24/video/users/converted/20814/video_625d223b8cbf1457125374/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.primis.tech/uploads/cn24/video/users/converted/20814/video_625d223b8cbf1457125374/vid6297a837f1389813639110_thumb.jpg?cbuster=1669748418
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.3.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-3-9.lax50.r.cloudfront.net
Software
nginx /
Resource Hash
12ff3374a5e03acb69e498fc262fd3b257fab89e4668b6ab90a3a7018c2d8290

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 22:27:58 GMT
via
1.1 fd81cc2da7bcae14ff88dbed7b5b0c40.cloudfront.net (CloudFront), 1.1 eff294f75dc5e54c1eeab4c7f8b45886.cloudfront.net (CloudFront)
x-amz-cf-pop
ORD56-P6, LAX50-P1
age
19982
x-cache
Hit from cloudfront
content-length
3562
last-modified
Wed, 01 Jun 2022 18:48:46 GMT
server
nginx
etag
"06def76a8bf8fb445d1f3864461c0e7a"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
x-amz-cf-id
OvmX80oaXRL0nY0BAXB_ZJrYgkv9vtdlaWHYkq78fgLd78FQBR3ZzQ==
expires
Mon, 05 Dec 2022 22:27:58 GMT
vid63876b5a8e50e913091058_thumb.jpg
video.primis.tech/uploads/cn6/video/users/converted/30954/video_61ace6b292b77279779689/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.primis.tech/uploads/cn6/video/users/converted/30954/video_61ace6b292b77279779689/vid63876b5a8e50e913091058_thumb.jpg?cbuster=1669820230
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.3.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-3-9.lax50.r.cloudfront.net
Software
nginx /
Resource Hash
2eb923249e4102d719640acf713eb8e31fc3d5b2cdb87face1c531b75ca6b6a8

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 03:50:54 GMT
via
1.1 42785c2f14671098509d558abb6814f0.cloudfront.net (CloudFront), 1.1 eff294f75dc5e54c1eeab4c7f8b45886.cloudfront.net (CloudFront)
x-amz-cf-pop
SLC50-C1, LAX50-P1
age
32189
x-cache
Hit from cloudfront
content-length
2003
last-modified
Wed, 30 Nov 2022 14:59:13 GMT
server
nginx
etag
"1c4e19817945914de3eaab55c35d00c3"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
x-amz-cf-id
s5FrrLMuceSWmRj76xWv9A_T8_nhgqe_N4qcmqaDut8cGNfWCJ4AmQ==
expires
Mon, 05 Dec 2022 19:04:30 GMT
vid62ea3b56db682259624313_thumb.jpg
video.primis.tech/uploads/cn12/video/users/converted/29874/video_62de62c551981900205152/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.primis.tech/uploads/cn12/video/users/converted/29874/video_62de62c551981900205152/vid62ea3b56db682259624313_thumb.jpg?cbuster=1659518047
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.3.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-3-9.lax50.r.cloudfront.net
Software
nginx /
Resource Hash
ef2438a41c21a5b9dc27ad88d9a8da6ff8c781c946597c66c5001e146dfe38e9

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 04:37:56 GMT
via
1.1 969054bdb3a3ab0ab0c42213e2a06ed8.cloudfront.net (CloudFront), 1.1 eff294f75dc5e54c1eeab4c7f8b45886.cloudfront.net (CloudFront)
x-amz-cf-pop
SFO5-C3, LAX50-P1
age
84184
x-cache
Hit from cloudfront
content-length
1570
last-modified
Wed, 03 Aug 2022 09:14:08 GMT
server
nginx
etag
"b425e251e14716848c7696648a965b85"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
x-amz-cf-id
Vf0e6hZXWRd5ESSYQ7cuqRK-vEe6Rp2hATxkYusvOcL4qtzyz_zgSw==
expires
Mon, 05 Dec 2022 04:37:56 GMT
pixel
cm.g.doubleclick.net/ Frame EE42
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEMVsZ2oYOZj5Ik4lJsMf6Tk&google_cver=1&google_push=ASkJ3Fb-RvcRgO2P_gqjt9udjNoavTyautF6hjnAG8Y2-Tmru_9o13thL-Vm0PWkDsl4I8xbhRn1pq3__ciDu_eKOLJUypUoGw3yc5...
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=D2890877A16842FBAB5E0498421370CE&google_push=ASkJ3Fb-RvcRgO2P_gqjt9udjNoavTyautF6hjnAG8Y2-Tmru_9o13thL-Vm0PWkDsl4I8xbhRn1pq3__ciDu_e...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=D2890877A16842FBAB5E0498421370CE&google_push=ASkJ3Fb-RvcRgO2P_gqjt9udjNoavTyautF6hjnAG8Y2-Tmru_9o13thL-Vm0PWkDsl4I8xbhRn1pq3__ciDu_eKOLJUypUoGw3yc5qKcKtwZvoIU0Syw8NMdEzfRWsinBhx3-GucCBAF9QJCFmsJvrQxhE
Requested by
Host: a6877dcf690d5719671ec6745f20d2cd.safeframe.googlesyndication.com
URL: https://a6877dcf690d5719671ec6745f20d2cd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Dec 2022 04:00:57 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Mon, 05 Dec 2022 04:00:57 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=D2890877A16842FBAB5E0498421370CE&google_push=ASkJ3Fb-RvcRgO2P_gqjt9udjNoavTyautF6hjnAG8Y2-Tmru_9o13thL-Vm0PWkDsl4I8xbhRn1pq3__ciDu_eKOLJUypUoGw3yc5qKcKtwZvoIU0Syw8NMdEzfRWsinBhx3-GucCBAF9QJCFmsJvrQxhE
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Sun, 04 Dec 2022 04:00:57 GMT
pixel
cm.g.doubleclick.net/ Frame EE42
Redirect Chain
  • https://sync.fout.jp/sync?xid=googleadex&g_pixel=&google_gid=CAESENJBJrI6l6wA79TbNRtVXM0&google_cver=1&google_push=ASkJ3FYUdVe_lgTuJhsC1HfePS0H5moBaFtOXNryBHATXJNTsfAXt6kMiuDCbl6Izlm0cUqEu6wzeg4myw...
  • https://cm.g.doubleclick.net/pixel?google_nid=freakout&google_push=ASkJ3FYUdVe_lgTuJhsC1HfePS0H5moBaFtOXNryBHATXJNTsfAXt6kMiuDCbl6Izlm0cUqEu6wzeg4mywtBN8MwEt4yszgFL7Pxj9xPGJ_S4lOEByPeIgOoYOTf2Wti3x...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=freakout&google_push=ASkJ3FYUdVe_lgTuJhsC1HfePS0H5moBaFtOXNryBHATXJNTsfAXt6kMiuDCbl6Izlm0cUqEu6wzeg4mywtBN8MwEt4yszgFL7Pxj9xPGJ_S4lOEByPeIgOoYOTf2Wti3xXxRbygcfboBpLlD19hzaXcVZ8&google_hm=RDI0d2U4clRRdW5WbVdubFlfMmNLZGZZM3Rz&from_google=pc1
Requested by
Host: a6877dcf690d5719671ec6745f20d2cd.safeframe.googlesyndication.com
URL: https://a6877dcf690d5719671ec6745f20d2cd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Dec 2022 04:00:57 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 05 Dec 2022 04:00:57 GMT
Strict-Transport-Security
max-age=15768000
Server
nginx
Transfer-Encoding
chunked
P3P
CP="ADM NOI OUR"
Location
https://cm.g.doubleclick.net/pixel?google_nid=freakout&google_push=ASkJ3FYUdVe_lgTuJhsC1HfePS0H5moBaFtOXNryBHATXJNTsfAXt6kMiuDCbl6Izlm0cUqEu6wzeg4mywtBN8MwEt4yszgFL7Pxj9xPGJ_S4lOEByPeIgOoYOTf2Wti3xXxRbygcfboBpLlD19hzaXcVZ8&google_hm=RDI0d2U4clRRdW5WbVdubFlfMmNLZGZZM3Rz&from_google=pc1
Cache-Control
private, no-cache, no-cache="Set-Cookie", proxy-revalidate
Connection
keep-alive
pixel
cm.g.doubleclick.net/ Frame EE42
Redirect Chain
  • https://mweb.ck.inmobi.com/sync/3?redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dinmobi_pte_limited%26google_hm%3D%24DSP_CKID&google_gid=CAESELvOxYK-i9skI7il4YpST08&google_cver=...
  • https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=MGNmZDFmYjktYTU1Mi00ZjVkLTg2MTctNWI3ZGVmYmRhNDE3&google_gid=CAESELvOxYK-i9skI7il4YpST08&google_cver=1&google_push=ASkJ3FbL...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=MGNmZDFmYjktYTU1Mi00ZjVkLTg2MTctNWI3ZGVmYmRhNDE3&google_gid=CAESELvOxYK-i9skI7il4YpST08&google_cver=1&google_push=ASkJ3FbLKCkbin-HUBLagPVwF1gINZiGa_zRwC7SW6kYy1ea-x-i8GOkEqB1BUOqaFPT5pCGKOzrE90D9IXHiIsakM0WPtCfGSV-pQqHT5C7Ti-_xno2EVBFRwvMJ1Riwfpb74LkeqMWNhIEXi6P3qZXOA
Requested by
Host: a6877dcf690d5719671ec6745f20d2cd.safeframe.googlesyndication.com
URL: https://a6877dcf690d5719671ec6745f20d2cd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Dec 2022 04:00:58 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=MGNmZDFmYjktYTU1Mi00ZjVkLTg2MTctNWI3ZGVmYmRhNDE3&google_gid=CAESELvOxYK-i9skI7il4YpST08&google_cver=1&google_push=ASkJ3FbLKCkbin-HUBLagPVwF1gINZiGa_zRwC7SW6kYy1ea-x-i8GOkEqB1BUOqaFPT5pCGKOzrE90D9IXHiIsakM0WPtCfGSV-pQqHT5C7Ti-_xno2EVBFRwvMJ1Riwfpb74LkeqMWNhIEXi6P3qZXOA
date
Mon, 05 Dec 2022 04:00:58 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame EE42
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEMDvjHxofcoxf3knAj3BpIw&google_cver=1&google_push=ASkJ3FYi_FZVAIoVLsGcJP8bw66PMWpJFs3405X4PSqIuM7Cxkj49p8kpN-3rOCrQhtZTeRNY1g...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEJBOUxZME8tNi1FNE81&google_push=ASkJ3FYi_FZVAIoVLsGcJP8bw66PMWpJFs3405X4PSqIuM7Cxkj49p8kpN-3rOCrQhtZTeRNY1gPaGYHbCmmdnsl3YlDfc9CISSCVnkGa...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEJBOUxZME8tNi1FNE81&google_push=ASkJ3FYi_FZVAIoVLsGcJP8bw66PMWpJFs3405X4PSqIuM7Cxkj49p8kpN-3rOCrQhtZTeRNY1gPaGYHbCmmdnsl3YlDfc9CISSCVnkGaGT-cO-KhUpcaeHGKYUT1_wTDZO2bcEfdRmpMpg9oxNxfBDRW18
Requested by
Host: a6877dcf690d5719671ec6745f20d2cd.safeframe.googlesyndication.com
URL: https://a6877dcf690d5719671ec6745f20d2cd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Dec 2022 04:00:57 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEJBOUxZME8tNi1FNE81&google_push=ASkJ3FYi_FZVAIoVLsGcJP8bw66PMWpJFs3405X4PSqIuM7Cxkj49p8kpN-3rOCrQhtZTeRNY1gPaGYHbCmmdnsl3YlDfc9CISSCVnkGaGT-cO-KhUpcaeHGKYUT1_wTDZO2bcEfdRmpMpg9oxNxfBDRW18
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
6690dc791bf02dde8c4051a04cfd7bb8
Expires
0
pixel
cm.g.doubleclick.net/ Frame EE42
Redirect Chain
  • https://ads.yieldmo.com/exptsync?google_gid=CAESEPvcEAtCCbrBtEELtEFFkxA&google_cver=1&google_push=ASkJ3FYdc8xMckbh7KaArAy0KH9z2_xgGMMhVoyh9ITescleGPqbew0Qb7PwIGhE8nK1NZkKhua85vP2W7o0eOpImYab5txofou...
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=ASkJ3FYdc8xMckbh7KaArAy0KH9z2_xgGMMhVoyh9ITescleGPqbew0Qb7PwIGhE8nK1NZkKhua85vP2W7o0eOpImYab5txofouVNCfLeTkAhQaot2z6b4VrJn3rGDccGMA...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=ASkJ3FYdc8xMckbh7KaArAy0KH9z2_xgGMMhVoyh9ITescleGPqbew0Qb7PwIGhE8nK1NZkKhua85vP2W7o0eOpImYab5txofouVNCfLeTkAhQaot2z6b4VrJn3rGDccGMAMX1LX3Dm_OGuOoo90-QmIZQ&google_hm=Z2FkMzIzZmNhZTA4OWY2ZDg1MGE=
Requested by
Host: a6877dcf690d5719671ec6745f20d2cd.safeframe.googlesyndication.com
URL: https://a6877dcf690d5719671ec6745f20d2cd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Dec 2022 04:00:57 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 05 Dec 2022 04:00:57 GMT
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json;charset=utf-8
location
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=ASkJ3FYdc8xMckbh7KaArAy0KH9z2_xgGMMhVoyh9ITescleGPqbew0Qb7PwIGhE8nK1NZkKhua85vP2W7o0eOpImYab5txofouVNCfLeTkAhQaot2z6b4VrJn3rGDccGMAMX1LX3Dm_OGuOoo90-QmIZQ&google_hm=Z2FkMzIzZmNhZTA4OWY2ZDg1MGE=
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
0
pixel
cm.g.doubleclick.net/ Frame EE42
Redirect Chain
  • https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=google&pixel_match=y&google_gid=CAESEJLs-qsIjtoESDFe7o8_wvM&google_cver=1&google_push=ASkJ3Fb6hJ2FD8SVPP_WxfGJ37hoxOZ4A_6v_tqmn-VJPp70zKscapXKeCHSW6fi...
  • https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=google&pixel_match=y&google_gid=CAESEJLs-qsIjtoESDFe7o8_wvM&google_cver=1&google_push=ASkJ3Fb6hJ2FD8SVPP_WxfGJ37hoxOZ4A_6v_tqmn-VJPp70zKscapXKeCHSW6fi...
  • https://cm.g.doubleclick.net/pixel?google_nid=admatrix_dsp&google_push=ASkJ3Fb6hJ2FD8SVPP_WxfGJ37hoxOZ4A_6v_tqmn-VJPp70zKscapXKeCHSW6fiG0XCjeA2DPBqwmUruYawPex80ha0bNZd4_4QJJdIbX7B6XNpLgGhGlvJnh30et...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=admatrix_dsp&google_push=ASkJ3Fb6hJ2FD8SVPP_WxfGJ37hoxOZ4A_6v_tqmn-VJPp70zKscapXKeCHSW6fiG0XCjeA2DPBqwmUruYawPex80ha0bNZd4_4QJJdIbX7B6XNpLgGhGlvJnh30etQtAMiaDjW_-B3xrWehXXEW2WEZoXzZ&google_hm=NGZhc09BbDlXdUc=&suid-set=1
Requested by
Host: a6877dcf690d5719671ec6745f20d2cd.safeframe.googlesyndication.com
URL: https://a6877dcf690d5719671ec6745f20d2cd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Dec 2022 04:00:58 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 05 Dec 2022 04:00:58 GMT
Server
nginx
Location
https://cm.g.doubleclick.net/pixel?google_nid=admatrix_dsp&google_push=ASkJ3Fb6hJ2FD8SVPP_WxfGJ37hoxOZ4A_6v_tqmn-VJPp70zKscapXKeCHSW6fiG0XCjeA2DPBqwmUruYawPex80ha0bNZd4_4QJJdIbX7B6XNpLgGhGlvJnh30etQtAMiaDjW_-B3xrWehXXEW2WEZoXzZ&google_hm=NGZhc09BbDlXdUc=&suid-set=1
Cache-Control
no-store,no-cache
Connection
close
Content-Length
0
expires
-1
/
onetag-sys.com/match/ Frame EE42
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEAL9euE2ZSGLtujGjAqLe8s&google_cver=1&google_push=ASkJ3FYa_eHoBZscgFIlTTFW_BXf7ybpTSR7ejeSxAdsinGNaHmmTiAx3KumOgsc7o6i4osUaFQ8G-A0Z3x...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABhOBxrkjba1uh_qAFP9xI4LV-KmkpsF-sqg&google_push=ASkJ3FYa_eHoBZscgFIlTTFW_BXf7ybpTSR7ejeSxAdsinGNaHmmTiAx3KumOgsc7o6i4osUaFQ8G-A0Z3...
  • https://onetag-sys.com/match/?int_id=19&google_error=5
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=19&google_error=5
Requested by
Host: a6877dcf690d5719671ec6745f20d2cd.safeframe.googlesyndication.com
URL: https://a6877dcf690d5719671ec6745f20d2cd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
139.99.49.250 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip250.ip-139-99-49.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Mon, 05 Dec 2022 04:00:57 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
255
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame EE42 		0
50 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13I-ykFpVEYdfjOF0dVOikB55zE6-zsowRj_cLQX3YcU-eFlzUceSIAdd7gXHmF5p7TQ3Y8TEhs
Requested by
Host: a6877dcf690d5719671ec6745f20d2cd.safeframe.googlesyndication.com
URL: https://a6877dcf690d5719671ec6745f20d2cd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 04:00:57 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame BB66 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://a6877dcf690d5719671ec6745f20d2cd.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
470412
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 29 Nov 2022 17:20:44 GMT
expires
Wed, 29 Nov 2023 17:20:44 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame A0B7 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
099a918d88495c30959aee564c8c7fc97f92d1333046318208db735493be20c7

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 17B9 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3784676c3e78a4b0501bc20b8dee2fa12cd640dc2e3ffc796973a2e3c8609da4

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type
image/png
pixel
cm.g.doubleclick.net/ Frame 0347
Redirect Chain
  • https://v9999.adv.admeme.net/drtb/n?google_gid=CAESEHGwHnEhPiVN1tSAdTBMUW4&google_cver=1&google_push=ASkJ3FbmVUH7UfBpBIulh27wBAy5BAwKPvwLfj7FLeDKc0FeLXbUFTGyT6-j2IOO8Ryenqv3HD48mDPxRVACRBXHeRWWnoAM...
  • https://cm.g.doubleclick.net/pixel?google_nid=kpis&google_push=ASkJ3FbmVUH7UfBpBIulh27wBAy5BAwKPvwLfj7FLeDKc0FeLXbUFTGyT6-j2IOO8Ryenqv3HD48mDPxRVACRBXHeRWWnoAMCed6jgZ5qwvAOBoyc_OwvSk25vWN3IX4pW81DL...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=kpis&google_push=ASkJ3FbmVUH7UfBpBIulh27wBAy5BAwKPvwLfj7FLeDKc0FeLXbUFTGyT6-j2IOO8Ryenqv3HD48mDPxRVACRBXHeRWWnoAMCed6jgZ5qwvAOBoyc_OwvSk25vWN3IX4pW81DL5G8ye-4WwfbBH5vLwuudk
Requested by
Host: a6877dcf690d5719671ec6745f20d2cd.safeframe.googlesyndication.com
URL: https://a6877dcf690d5719671ec6745f20d2cd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Dec 2022 04:00:58 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
http://cm.g.doubleclick.net/pixel?google_nid=kpis&google_push=ASkJ3FbmVUH7UfBpBIulh27wBAy5BAwKPvwLfj7FLeDKc0FeLXbUFTGyT6-j2IOO8Ryenqv3HD48mDPxRVACRBXHeRWWnoAMCed6jgZ5qwvAOBoyc_OwvSk25vWN3IX4pW81DL5G8ye-4WwfbBH5vLwuudk
Date
Mon, 05 Dec 2022 04:00:58 GMT
Server
Apache-Coyote/1.1
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame 0347
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEP6f-ephM0AAEq0EuVyAHPw&google_cver=1&google_push=ASkJ3FZu2Sx3b_dqZwXeaBgea33dnhagWMnyZMaYwKqV_uVAPv2TtKsbtnpuCqQ4pAAoeoOyGzoYrthh...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEP6f-ephM0AAEq0EuVyAHPw&google_cver=1&google_push=ASkJ3FZu2Sx3b_dqZwXeaBgea33dnhagWMnyZMaYwKqV_uVAPv2TtKsbtnpuCqQ4pAAoeoOyGzo...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzE2MzUyMzgxODA5NzgyNDM1Mw&google_push=ASkJ3FZu2Sx3b_dqZwXeaBgea33dnhagWMnyZMaYwKqV_uVAPv2TtKsbtnpuCqQ4pAAoeoOyGzoYrt...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzE2MzUyMzgxODA5NzgyNDM1Mw&google_push=ASkJ3FZu2Sx3b_dqZwXeaBgea33dnhagWMnyZMaYwKqV_uVAPv2TtKsbtnpuCqQ4pAAoeoOyGzoYrthh_jKHttmG56v5PeP4y10Au7M1YbQd2guFpkdUBKv5-GNnxuIN25o9kg1qiUJl_YmBLiQLPm1MdQQ
Requested by
Host: a6877dcf690d5719671ec6745f20d2cd.safeframe.googlesyndication.com
URL: https://a6877dcf690d5719671ec6745f20d2cd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Dec 2022 04:00:57 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 05 Dec 2022 04:00:57 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzE2MzUyMzgxODA5NzgyNDM1Mw&google_push=ASkJ3FZu2Sx3b_dqZwXeaBgea33dnhagWMnyZMaYwKqV_uVAPv2TtKsbtnpuCqQ4pAAoeoOyGzoYrthh_jKHttmG56v5PeP4y10Au7M1YbQd2guFpkdUBKv5-GNnxuIN25o9kg1qiUJl_YmBLiQLPm1MdQQ
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame 0347
Redirect Chain
  • https://tg.socdm.com/rtb/sync_before?proto=google_ebda&google_gid=CAESELRD02qtk1d-nY4oW3PAKM8&google_cver=1&google_push=ASkJ3FZLRXaVTGeDR7jY6GTg_B85GGzKkRucE3l7SoN1LW79nqgqjIwNOrwie6m30kC85ohD-mgbX...
  • https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=ASkJ3FZLRXaVTGeDR7jY6GTg_B85GGzKkRucE3l7SoN1LW79nqgqjIwNOrwie6m30kC85ohD-mgbXvj6IorOgRWtB3Dw-g2DQHjqMj4PVRWGXv9AU1TfaHPl_r...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=ASkJ3FZLRXaVTGeDR7jY6GTg_B85GGzKkRucE3l7SoN1LW79nqgqjIwNOrwie6m30kC85ohD-mgbXvj6IorOgRWtB3Dw-g2DQHjqMj4PVRWGXv9AU1TfaHPl_rPOmb7dfag0hXN0FgDN65xeqSaBD5aR8w&google_hm=WTQxcy5jQ284WDRBQURiMmNVd0FBQUFB
Requested by
Host: a6877dcf690d5719671ec6745f20d2cd.safeframe.googlesyndication.com
URL: https://a6877dcf690d5719671ec6745f20d2cd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Dec 2022 04:00:57 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

X-SO-Cluster-ID
0
Date
Mon, 05 Dec 2022 04:00:57 GMT
X-SO-LB-Data
{"ban":false,"clean_query":"\/rtb\/sync_before?proto=google_ebda&google_gid=CAESELRD02qtk1d-nY4oW3PAKM8&google_cver=1&google_push=ASkJ3FZLRXaVTGeDR7jY6GTg_B85GGzKkRucE3l7SoN1LW79nqgqjIwNOrwie6m30kC85ohD-mgbXvj6IorOgRWtB3Dw-g2DQHjqMj4PVRWGXv9AU1TfaHPl_rPOmb7dfag0hXN0FgDN65xeqSaBD5aR8w","cluster_id":0,"gdpr":false,"ipv4":"103.209.254.83","key":"Y41s.cCo8X4AADb2cUwAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"m-ad385"}
X-SO-Key
Y41s.cCo8X4AADb2cUwAAAAA
Server
nginx
X-SO-Upstream-ID
m-ad385
P3P
CP="See also http://www.scaleout.jp/privacy/"
Location
https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=ASkJ3FZLRXaVTGeDR7jY6GTg_B85GGzKkRucE3l7SoN1LW79nqgqjIwNOrwie6m30kC85ohD-mgbXvj6IorOgRWtB3Dw-g2DQHjqMj4PVRWGXv9AU1TfaHPl_rPOmb7dfag0hXN0FgDN65xeqSaBD5aR8w&google_hm=WTQxcy5jQ284WDRBQURiMmNVd0FBQUFB
Cache-Control
private
X-SO-HostName
m-ad385.dc4p.scaleout.jp
Connection
keep-alive
X-SO-Ads-Time
1
Content-Length
0
X-SO-LB-Hostname
m-tgng26.dc4p.scaleout.jp
X-SO-IP
103.209.254.83
pixel
cm.g.doubleclick.net/ Frame 0347
Redirect Chain
  • https://b1sync.zemanta.com/usersync/googleopenbidding/?google_gid=CAESEEGAt21DEg4ifbH7gSX86PI&google_cver=1&google_push=ASkJ3FYp8ZpmQbrv3dOcDshkBQZdoCmRRmLMrHoIUt7eAtCZuXK2v5FEghpMrtUGCJXmPI-UluT5s...
  • https://b1sync.zemanta.com/usersync/googleopenbidding/?google_cver=1&google_gid=CAESEEGAt21DEg4ifbH7gSX86PI&google_push=ASkJ3FYp8ZpmQbrv3dOcDshkBQZdoCmRRmLMrHoIUt7eAtCZuXK2v5FEghpMrtUGCJXmPI-UluT5s...
  • https://cm.g.doubleclick.net/pixel?google_nid=outbrain_eb&google_push=ASkJ3FYp8ZpmQbrv3dOcDshkBQZdoCmRRmLMrHoIUt7eAtCZuXK2v5FEghpMrtUGCJXmPI-UluT5seV9YIhYc38PVtP1ZNj6SuRvz88ifbegIMF9aemIabpEbnLaUEm...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=outbrain_eb&google_push=ASkJ3FYp8ZpmQbrv3dOcDshkBQZdoCmRRmLMrHoIUt7eAtCZuXK2v5FEghpMrtUGCJXmPI-UluT5seV9YIhYc38PVtP1ZNj6SuRvz88ifbegIMF9aemIabpEbnLaUEmxNH2dAcJdgqH7eQVbA4Cc8wa5f6vB&google_hm=LXZUdDNWeVEwNmM5MU5Ld0xlelA=
Requested by
Host: a6877dcf690d5719671ec6745f20d2cd.safeframe.googlesyndication.com
URL: https://a6877dcf690d5719671ec6745f20d2cd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Dec 2022 04:00:58 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 05 Dec 2022 04:00:58 GMT
Content-Type
text/html; charset=utf-8
Location
https://cm.g.doubleclick.net/pixel?google_nid=outbrain_eb&google_push=ASkJ3FYp8ZpmQbrv3dOcDshkBQZdoCmRRmLMrHoIUt7eAtCZuXK2v5FEghpMrtUGCJXmPI-UluT5seV9YIhYc38PVtP1ZNj6SuRvz88ifbegIMF9aemIabpEbnLaUEmxNH2dAcJdgqH7eQVbA4Cc8wa5f6vB&google_hm=LXZUdDNWeVEwNmM5MU5Ld0xlelA=
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
296
Expires
Thu, 01 Dec 1994 16:00:00 GMT
report
sync.teads.tv/um/ Frame 0347
Redirect Chain
  • https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEIANxwiPamYgc8Qyqz7H1uk&...
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=NTgwNjBmZjAtMjk1NC00OGRiLTliYTctZTc2NzI5NGYwMmEw&google_push=ASkJ3FaChepNFYC6UiqmCWZL9dDXtwNE2wQj_V1Cgq2_axIyo9AZf593NBuLbItCSAaoG...
  • https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by
Host: a6877dcf690d5719671ec6745f20d2cd.safeframe.googlesyndication.com
URL: https://a6877dcf690d5719671ec6745f20d2cd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
23.199.246.27 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-199-246-27.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.9 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

expires
Mon, 05 Dec 2022 04:00:58 GMT
pragma
no-cache
date
Mon, 05 Dec 2022 04:00:58 GMT
cache-control
max-age=0, no-cache, no-store
server
akka-http/10.2.9
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 05 Dec 2022 04:00:57 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
260
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 0347
Redirect Chain
  • https://trace.mediago.io/cs/google?google_gid=CAESEN3oh-4XMsasCTZZWhP5Spg&google_cver=1&google_push=ASkJ3FZIk4q-QDqrURdrKXH81RiRn0dRRU6EPru3PwC4DNw-5FU40DObVKoyV75D_HwpPJse88ZhBnd7zod7bjjdhu5IVdx61...
  • https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=ASkJ3FZIk4q-QDqrURdrKXH81RiRn0dRRU6EPru3PwC4DNw-5FU40DObVKoyV75D_HwpPJse88ZhBnd7zod7bjjdhu5IVdx61_fBT2UAxLtt5UoAWMLScEEqZv9Wh...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=ASkJ3FZIk4q-QDqrURdrKXH81RiRn0dRRU6EPru3PwC4DNw-5FU40DObVKoyV75D_HwpPJse88ZhBnd7zod7bjjdhu5IVdx61_fBT2UAxLtt5UoAWMLScEEqZv9Who2_vTpgt6WN_7yJLeh8FxMdpYHPZ05G&google_hm=8d2ebe8ec156ad2dab11ea44d8c7f47b
Requested by
Host: a6877dcf690d5719671ec6745f20d2cd.safeframe.googlesyndication.com
URL: https://a6877dcf690d5719671ec6745f20d2cd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Dec 2022 04:00:58 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=ASkJ3FZIk4q-QDqrURdrKXH81RiRn0dRRU6EPru3PwC4DNw-5FU40DObVKoyV75D_HwpPJse88ZhBnd7zod7bjjdhu5IVdx61_fBT2UAxLtt5UoAWMLScEEqZv9Who2_vTpgt6WN_7yJLeh8FxMdpYHPZ05G&google_hm=8d2ebe8ec156ad2dab11ea44d8c7f47b
date
Mon, 05 Dec 2022 04:00:57 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
302
content-type
text/html; charset=utf-8
pixel
cm.g.doubleclick.net/ Frame 0347
Redirect Chain
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEF7GSPDPQ...
  • https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=80b35f2d-fa1a-47da-9010-64e13e84dcaf&%%GOOGLE_PUSH_PAIR%%
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=80b35f2d-fa1a-47da-9010-64e13e84dcaf&%%GOOGLE_PUSH_PAIR%%
Requested by
Host: a6877dcf690d5719671ec6745f20d2cd.safeframe.googlesyndication.com
URL: https://a6877dcf690d5719671ec6745f20d2cd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Dec 2022 04:00:57 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=80b35f2d-fa1a-47da-9010-64e13e84dcaf&%%GOOGLE_PUSH_PAIR%%
Date
Mon, 05 Dec 2022 04:00:57 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
attr
cm.g.doubleclick.net/pixel/ Frame 0347 		0
40 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KZ7Qwqc8Wnx27nyMdqoUoXu9sIPym3AH28HfmoZUAz24teWw9U2XVpluJJ2J_IuUgcae3qqefBqg
Requested by
Host: a6877dcf690d5719671ec6745f20d2cd.safeframe.googlesyndication.com
URL: https://a6877dcf690d5719671ec6745f20d2cd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 04:00:57 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 792C 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://a6877dcf690d5719671ec6745f20d2cd.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
470413
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 29 Nov 2022 17:20:44 GMT
expires
Wed, 29 Nov 2023 17:20:44 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
PBJS
c2shb.pubgw.yahoo.com/admax/bid/partners/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/admax/bid/partners/PBJS
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.250.173.68 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-250-173-68.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://wegotthiscovered.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://wegotthiscovered.com
access-control-max-age
600
age
0
content-length
0
date
Mon, 05 Dec 2022 04:00:57 GMT
server
ATS/9.1.10.25
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ Frame 2D39 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20221205
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_4.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.88.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
31ac8767cea18f1e30a3802d1b14b2a416023ad85e042ece628494b8c077e8dc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://wegotthiscovered.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 05 Dec 2022 04:00:57 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
43174
x-jsd-version
1.0.1546
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra-eddf8230021-FRA, cache-yyz4525-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"670-08zMzyjBoA275IEaeXwhB1Z2JuA"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jPLcTD2aXkrEZQnjLdr%2BbQW5ZOnD2ylkPSODv7euqPyq%2BUKmnstYjhxbrXTEOeUBbiMi3rPPiyudU%2B4I65XtSAtE8ZksxwP45HT1llWh4L7EFAtRZ0SnZj0LIOt1n5vbAt8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
7749e0b66fea17c7-MEL
avjp
primis-d.openx.net/v/1.0/ Frame 2D39 		106 B
296 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://primis-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwegotthiscovered.com%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=1728b764-e66d-46aa-b9f4-2200c4701655&nocache=1670212857110&us_privacy=1---&id5id=ID5*JJal1y1Dw1iZwH4fZI9UQ4pGqtWXREOf8U5pKMJhMeAuefcwlDohWOEB2yW9dI2R&pubcid=213589a1-9289-4150-9e32-0822fc2b4a09&schain=1.0%2C1!primis.tech%2C29569%2C1%2C%2C%2C&auid=540289187&vwd=777&vht=437&aucs=adUnit_3&aumfs=1700
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_4.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://wegotthiscovered.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 05 Dec 2022 04:00:57 GMT
via
1.1 google
server
OXGW/0.0.0
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://wegotthiscovered.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
PBJS
c2shb.pubgw.yahoo.com/admax/bid/partners/ Frame 2D39 		0
211 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/admax/bid/partners/PBJS
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_4.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.250.173.68 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-250-173-68.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://wegotthiscovered.com/
x-openrtb-version
2.5
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://wegotthiscovered.com
date
Mon, 05 Dec 2022 04:00:57 GMT
access-control-allow-credentials
true
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
translator
hbopenbid.pubmatic.com/ Frame 2D39 		0
63 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_4.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.193 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://wegotthiscovered.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://wegotthiscovered.com
date
Mon, 05 Dec 2022 04:00:55 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
auction
prebid-server.rubiconproject.com/openrtb2/ Frame 2D39 		186 B
414 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_4.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.231.40.211 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-231-40-211.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
5fc317d76ceac0bf40bc807bfe56472c96ba97d948b7b420ad9c3442355273be

Request headers

Referer
https://wegotthiscovered.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 05 Dec 2022 04:00:58 GMT
content-encoding
gzip
x-prebid
pbs-java/1.105.0
content-type
application/json
access-control-allow-origin
https://wegotthiscovered.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
175
expires
0
api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js
pagead2.googlesyndication.com/bg/ Frame BB66 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f156.1e100.net
Software
sffe /
Resource Hash
6a98bdefd73410963a41036b4bc4d25b080aaec85db7ebd132a12d3aa17e8586
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Fri, 02 Dec 2022 11:59:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
230510
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16010
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 02 Dec 2023 11:59:07 GMT
ecm3
s.amazon-adsystem.com/ Frame 704E
Redirect Chain
  • https://s.ad.smaato.net/c/?adExInit=aps&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsmaato.com%26id%3D%24UID
  • https://s.amazon-adsystem.com/ecm3?ex=smaato.com&id=22dd4858
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=smaato.com&id=22dd4858
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_gg_n-mediagrid_n-sharethrough_n-LoopMe_pm-db5_ym_rbd_n-vmg_n-MediaNet_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 05 Dec 2022 04:00:57 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
2E8PFCWJ1FX99FFPZV9B
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date
Mon, 05 Dec 2022 04:00:57 GMT
via
1.1 fbb0eee872ada24336cf35814e95a30c.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
SIN2-P2
x-cache
FunctionGeneratedResponse from cloudfront
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://s.amazon-adsystem.com/ecm3?ex=smaato.com&id=22dd4858
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
T--WjENXNVW8MpPGqqTNeg7Bonjwa9-he5jfALVgBTZMEiFwpsv89Q==
ecm3
s.amazon-adsystem.com/ Frame 704E
Redirect Chain
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dmediagrid.com%26id%3D%24%7BBSW_UUID%7D?gdpr=0
  • https://s.amazon-adsystem.com/ecm3?ex=mediagrid.com&id=80b35f2d-fa1a-47da-9010-64e13e84dcaf
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=mediagrid.com&id=80b35f2d-fa1a-47da-9010-64e13e84dcaf
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_gg_n-mediagrid_n-sharethrough_n-LoopMe_pm-db5_ym_rbd_n-vmg_n-MediaNet_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 05 Dec 2022 04:00:57 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
NGHGS07JJX0976N2M11N
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=mediagrid.com&id=80b35f2d-fa1a-47da-9010-64e13e84dcaf
Date
Mon, 05 Dec 2022 04:00:57 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
ecm3
s.amazon-adsystem.com/ Frame 704E
Redirect Chain
  • https://csync.loopme.me/?pubid=11405&redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dloopme.com%26id%3D%7Bviewer_token%7D&gdpr=0
  • https://s.amazon-adsystem.com/ecm3?ex=loopme.com&id=14974ed4-eda2-4b38-a1a2-d8ae1b305010&gdpr=0
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=loopme.com&id=14974ed4-eda2-4b38-a1a2-d8ae1b305010&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_gg_n-mediagrid_n-sharethrough_n-LoopMe_pm-db5_ym_rbd_n-vmg_n-MediaNet_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 05 Dec 2022 04:00:58 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
ZY3CABVCD7JXJ93XZA14
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.amazon-adsystem.com/ecm3?ex=loopme.com&id=14974ed4-eda2-4b38-a1a2-d8ae1b305010&gdpr=0
date
Mon, 05 Dec 2022 04:00:57 GMT
server
_
content-length
0
ecm3
s.amazon-adsystem.com/ Frame 704E
Redirect Chain
  • https://cs.media.net/cksync?cs=31&type=tam&redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dmedia.net%26id%3D%3Cvsid%3E&gdpr=0
  • https://s.amazon-adsystem.com/ecm3?ex=media.net&id=3132144571537921000V10
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=media.net&id=3132144571537921000V10
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_gg_n-mediagrid_n-sharethrough_n-LoopMe_pm-db5_ym_rbd_n-vmg_n-MediaNet_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 05 Dec 2022 04:00:58 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
KH2H96WG0KDQ3PS50W1J
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 05 Dec 2022 04:00:57 GMT
Server
Apache
P3P
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Location
https://s.amazon-adsystem.com/ecm3?ex=media.net&id=3132144571537921000V10
Content-Type
text/html
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
154
X-MNET-HL2
E
Expires
Mon, 05 Dec 2022 04:00:57 GMT
ecm3
s.amazon-adsystem.com/ Frame 704E
Redirect Chain
  • https://b1sync.zemanta.com/usersync/amazon_tam/?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Doutbrain.com%26id%3D__ZUID__&gdpr=0
  • https://stags.bluekai.com/site/23178?id=3q4wdJKpE7SyyOK3pyGA&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS64ZOMFWWC6TPNYWWCZDTPFZXIZLNFZRW63JPMVRW2MZ7...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS64ZOMFWWC6TPNYWWCZDTPFZXIZLNFZRW63JPMVRW2MZ7MV4D233VORRHEYLJNYXGG33NEZSXQY3IMFXGOZJ5MFWWC6TPNZPXIYLNEZTWI4DSHUYCM2LEHUZXCNDXMRFEW...
  • https://s.amazon-adsystem.com/ecm3?ex=outbrain.com&gdpr=0&id=3q4wdJKpE7SyyOK3pyGA
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=outbrain.com&gdpr=0&id=3q4wdJKpE7SyyOK3pyGA
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_gg_n-mediagrid_n-sharethrough_n-LoopMe_pm-db5_ym_rbd_n-vmg_n-MediaNet_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 05 Dec 2022 04:00:59 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
F4K56VJRTYJ3Q2FPFVAB
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 05 Dec 2022 04:00:59 GMT
Content-Type
text/html; charset=utf-8
Location
https://s.amazon-adsystem.com/ecm3?ex=outbrain.com&gdpr=0&id=3q4wdJKpE7SyyOK3pyGA
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
112
Expires
Thu, 01 Dec 1994 16:00:00 GMT
amzns2s
rtb.gumgum.com/usync/ Frame 7F42 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_gg_n-mediagrid_n-sharethrough_n-LoopMe_pm-db5_ym_rbd_n-vmg_n-MediaNet_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.199.211.51 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-199-211-51.ap-northeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
5fabe2c017ba9a495a3e796d43bc2f554269ee02d4b4222f3cc99668c3c467ac

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Mon, 05 Dec 2022 04:00:57 GMT
etag
W/"0c7a3f25737ed5752e742f827658c6c53"
server
nginx
timing-allow-origin
*
/
match.sharethrough.com/jwumXNuB/v1/ Frame A187 		427 B
612 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D%24UID&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_gg_n-mediagrid_n-sharethrough_n-LoopMe_pm-db5_ym_rbd_n-vmg_n-MediaNet_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.221.159.176 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-221-159-176.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
99dc3d246f08ffb28a5b7b041e3189eded2263c11922d64741d139f8f30958f3

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

content-length
427
date
Mon, 05 Dec 2022 04:00:57 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 66EC 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_gg_n-mediagrid_n-sharethrough_n-LoopMe_pm-db5_ym_rbd_n-vmg_n-MediaNet_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.44.0.196 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-44-0-196.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=24022
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Mon, 05 Dec 2022 04:00:57 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Mon, 05 Dec 2022 10:41:19 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
tamptsync
sync-amz.ads.yieldmo.com/ Frame 4231 		870 B
708 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_gg_n-mediagrid_n-sharethrough_n-LoopMe_pm-db5_ym_rbd_n-vmg_n-MediaNet_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
122.248.223.64 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-122-248-223-64.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
5df0c07f33f798d24624ea588f1c984eea321915da7f3775c8f4ebfc1d2dd465

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

access-control-allow-headers
Cache-Control, Pragma, *
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
*
content-encoding
gzip
content-type
text/html;charset=utf-8
date
Mon, 05 Dec 2022 04:00:57 GMT
pragma
no-cache
vary
accept-encoding
usync.html
eus.rubiconproject.com/ Frame 757D 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_gg_n-mediagrid_n-sharethrough_n-LoopMe_pm-db5_ym_rbd_n-vmg_n-MediaNet_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.15.148.136 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-15-148-136.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 05 Dec 2022 04:00:57 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
ecm3
s.amazon-adsystem.com/ Frame 2483
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58251/sync?redir=true&gdpr=0
  • https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS1JaE5XdlRCRTJ1S0VSWlFkZFRLeXRSOHpRZ2wwWTJ6VH5B&gdpr=0&gdpr_consent=
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS1JaE5XdlRCRTJ1S0VSWlFkZFRLeXRSOHpRZ2wwWTJ6VH5B&gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_gg_n-mediagrid_n-sharethrough_n-LoopMe_pm-db5_ym_rbd_n-vmg_n-MediaNet_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Mon, 05 Dec 2022 04:00:57 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
VEH58NRF64K6RD6PA9BA

Redirect headers

age
0
content-length
0
date
Mon, 05 Dec 2022 04:00:57 GMT
location
https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS1JaE5XdlRCRTJ1S0VSWlFkZFRLeXRSOHpRZ2wwWTJ6VH5B&gdpr=0&gdpr_consent=
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
server
ATS/9.1.10.25
strict-transport-security
max-age=31536000
ecm3
s.amazon-adsystem.com/ Frame 9588
Redirect Chain
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID&gdpr=0
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID
  • https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=1745046129942590647047
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=1745046129942590647047
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_gg_n-mediagrid_n-sharethrough_n-LoopMe_pm-db5_ym_rbd_n-vmg_n-MediaNet_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Mon, 05 Dec 2022 04:00:57 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
47N6GMFZNBZ6PFXNYTBR

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Mon, 05 Dec 2022 04:00:57 GMT
location
https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=1745046129942590647047
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v20/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f94.1e100.net
Software
sffe /
Resource Hash
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://wegotthiscovered.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 00:55:06 GMT
x-content-type-options
nosniff
age
97551
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7884
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 17:03:52 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 04 Dec 2023 00:55:06 GMT
api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js
pagead2.googlesyndication.com/bg/ Frame 792C 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f156.1e100.net
Software
sffe /
Resource Hash
6a98bdefd73410963a41036b4bc4d25b080aaec85db7ebd132a12d3aa17e8586
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Fri, 02 Dec 2022 11:59:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
230510
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16010
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 02 Dec 2023 11:59:07 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 6B62 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=92262225&p=159196&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.199.150.81 Los Angeles, United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
a43dc73fd23707fe0da8b8ccb258143d6ff720f079117acb1f44a8a69299a36e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Mon, 05 Dec 2022 04:00:57 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
index.html
s0.2mdn.net/9644752/1669691643177/ Frame B167 		70 KB
19 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/9644752/1669691643177/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f148.1e100.net
Software
sffe /
Resource Hash
4a037aacfacfda6ce86801cfb26ec278a0d61efa2ee1887d959bec8014fb8981
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://a6877dcf690d5719671ec6745f20d2cd.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
5030
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
19877
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Mon, 05 Dec 2022 02:37:07 GMT
expires
Tue, 06 Dec 2022 02:37:07 GMT
last-modified
Tue, 29 Nov 2022 03:14:03 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame A0B7 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssXBqIUmmiChd6PStLlfog6Yq8jcZDps-lZG5RjoRUq927DdlXeIWXUFsk3F9mv7wsxJY7yQi_xKuT9rOi9po4Otjo1qrijPl11jQW_oGetda2Ge_gtqYM9pHvmwBVdwMc1SnmHDqD8VrBBTDh0KZoZ1EGjLgRmUi619050P1L3ygBHPTy_SXVbdsS-N0YpRBn9c4moacTyV6BMVPYvBLf5nT3JVZ-Pl44ysZ_3Mb-QBe131cbtwRdaS59DXrvwPq_sEJUbWU03YdP2OWRLMQEXASkqDjFKBs6EIVEKrtRarWb9PlxF1V9-5Eh7TmMLFdIe9h2ydWK4AYmmzWee_886zR5uRGPugUIK77VM8eT4DzcGJ4jm5UqTRgf7gl0vqTJRABBlgMgxxg2XP39fDNPlO8ftz3hryJ4Gz--rY4YF3zgd2QoaS9i_HqegIjAHlcuiFuy770K30PHLW-DsTkrrID8XQ2rcDLzI3qYIkcNjBNuI_VpHES9zhTn7bVicoOICaHZh2LHMzIrWIe4ZM78cG7h_GI28Z5LX7d1QTDhi3j4Yt1qt9pNk6qvYRmitE08bTglr-nJMHa4EK33U8Xmya3LiZn9spTM-P4mEHifKT0A1FmPcNFo83RRmPCdvbHHXHt-dHEHrFI4sJl-PCMQBXfKz73f4SoCsNLDIOXaYtIR8F26ZKpWcN7T9A3G0F9KdcKdsgD3i290Sr7evuee53SxnKDO7qnBSG5lQ2BEvq0l4jllGxBv883gEHqZbRN1Chnbuz8lBGVALS3fWfbn7Rp9_o703YO0k-XE7mFNgHG8YdWRHgrrCf9UNCOGy8TpOoFyHv0WOGKcG1o8U62Gpb2X5rbNYmYdyyAt1Bh4D5s_ifw9StsEE3ZkE5HSeNMS8hNl0JjBs3-Ww2kL1sN33K4nh4QS28nMFTu-pvIWj0ET1bVGG-MeX3JMKFpDeqzsG0LIZaCRCvDIPqKZ7SO4LZ2k05MkG8s95Ftat0sM_uee8GQ1xsO5yXHDFr-iAdqaCbK63rW49iS8jZO1KarOWPo24kPh7-h3Q5SSedPkfOPTcbwtM3nQSOTqugAAQPfFLvTFfPez8Ug1NldVi7D2NMA2c-5rkgaML7onMXDFKEjvj4n_hQzU8mbkZgKv_Ty5-taSh2Jh4vd_CATLPDyeWVZ-cPlnAux5yeG20wM7KeEfOI1IuOI3LSFY9MAaxa4ztuanPfVtevf-zZ7jyqY83sTiHFP1labG5vb10tPKXgmkwcs_TVuU-gItiZDfHYDiQkLHZ-5yprzHJ3a2n3J2hxdP7rHwokN7RUEv6j9bTcMbGLlSIb__i7JrvdWtPdl75&sai=AMfl-YSfvCA3dPP90_kualYOXNPQsOKlWwE1mPVdXrtclQh8yuyMlY7XaQst2K7Cd3Y9YpfXJFkV_CgK3Eg96c2jP6-74_tA5DEwFx-UFZyJ6AeM9RB5tyYj9rc9a_6XaXxZkSoU_nSLIUi8DWUE8oJF-9q26VPHnPuMO1IM3nQiTcuz-wv1j7pP9pW3TNsUVaxcKx70ZEMsdVfq_S9b9GFkq59I5IUehEYBXic0YXFfNxay1dAMId054mzw18WofblGryInn6gl_TffxCxJHYAM95TYI-EknHj74OZV0Q&sig=Cg0ArKJSzK08fJO75DWXEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1079&cbvp=1&cstd=1076&cisv=r20221110.55943&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f156.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://a6877dcf690d5719671ec6745f20d2cd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Mon, 05 Dec 2022 04:00:57 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Mon, 05 Dec 2022 04:00:57 GMT
collect
h.clarity.ms/ 		0
48 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://h.clarity.ms/collect
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.224.31.34 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://wegotthiscovered.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

access-control-allow-origin
https://wegotthiscovered.com
date
Mon, 05 Dec 2022 04:00:57 GMT
access-control-allow-credentials
true
server
Microsoft-IIS/10.0
vary
Origin
request-context
appId=cid-v1:b1d896b3-bec7-448b-b764-240152e813e8
usermatchredir
ssum-sec.casalemedia.com/ Frame 69A5
Redirect Chain
  • https://live.primis.tech/live/liveCS.php?source=external&pixel=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26mi%3D10%26dpi%3D793790479%263rddpi%3D1881119486%...
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1881119486&3rdpcid=4849656571711328320
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156872&pu=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1402230080%26mi%3D10%26csh%3D793790479%26rnd%3D2...
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=1402230080&mi=10&csh=396218182&rnd=1086430728&pcid=E0D49FB2-6484-443C-94BA-B894703FD7A2
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1709765917%26mi%3D10%26csh%3D396218182%3B1402230080%26rnd%3D-604892248&pcid=$UID
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=1709765917&mi=10&csh=396218182;1402230080&rnd=-604892248&pcid=6665481102401954734
  • https://ssum-sec.casalemedia.com/usermatchredir?s=200547&cb=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D201339086%26mi%3D10%26csh%3D396218182%3B14022...
43 B
844 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=200547&cb=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D201339086%26mi%3D10%26csh%3D396218182%3B1402230080%3B1709765917%26rnd%3D617384117%26pcid%3D__UID__
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=21&gdpr=0&gdpr_consent=
Protocol
H3
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Dec 2022 04:01:00 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HFGPV%2B2MSVGbtoRq5c1Vuw%2FD2gG89i9mYA3xWgzfTptqCZJl3m2%2FueGyWgORCzUKTf5ZgOaEG6%2F8GQ7UDeXQX9z%2Bpgm6D8O1%2FnIlY2c8avsmiwIlDpIgwswTejKYQKPxVmli2s4enE9Jgg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
7749e0c65ec817c9-MEL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 05 Dec 2022 04:00:59 GMT
via
1.1 0baa68530535d25b0fce15971fbb91e8.cloudfront.net (CloudFront)
server
Apache-Coyote/1.1
x-amz-cf-pop
SIN52-P1
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=200547&cb=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D201339086%26mi%3D10%26csh%3D396218182%3B1402230080%3B1709765917%26rnd%3D617384117%26pcid%3D__UID__
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
patent
https://www.almondnet.com/ip
content-length
43
x-amz-cf-id
lJhK-UiFo5KE3RmnPdHQUdM-Fp4XwpT9HDObSjtWBbtWRFoFOqBeXQ==
expires
Thu, 01 Jan 1970 00:00:00 GMT
/
rtb-csync.smartadserver.com/redir/ Frame 69A5
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=30&p=273&cp=smartortb&cu=1&url=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D79%26partneruserid%3D%40%40CRITEO_USERID%40%4...
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=79&partneruserid=59cfaa82-d4c8-4b80-86e4-227c36b490f8&gdpr=0&gdpr_consent=
43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=79&partneruserid=59cfaa82-d4c8-4b80-86e4-227c36b490f8&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=21&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
23.106.127.52 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 05 Dec 2022 04:00:58 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma
no-cache
date
Mon, 05 Dec 2022 04:00:57 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=79&partneruserid=59cfaa82-d4c8-4b80-86e4-227c36b490f8&gdpr=0&gdpr_consent=
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
3291508
content-length
0
expires
Mon, 05 Dec 2022 00:00:00 GMT
/
rtb-csync.smartadserver.com/redir/ Frame 69A5
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D86%26partneruserid%3D$UID&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=86&partneruserid=6665481102401954734&gdpr=0&gdpr_consent=
43 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=86&partneruserid=6665481102401954734&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=21&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
23.106.127.52 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 05 Dec 2022 04:00:58 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

Pragma
no-cache
Date
Mon, 05 Dec 2022 04:00:57 GMT
AN-X-Request-Uuid
f0da08b6-f8f8-4b0c-bcdb-5e01601b1fa1
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=86&partneruserid=6665481102401954734&gdpr=0&gdpr_consent=
Connection
keep-alive
X-Proxy-Origin
103.209.254.83; 103.209.254.83; 900.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
rtb-csync.smartadserver.com/redir/ Frame 69A5
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=smart-adserver&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=smart-adserver&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?partnerid=75&issi=1&partneruserid=068165a1-9f84-469f-b0f4-06b7381834b8&gdpr=0&gdpr_consent=
43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=75&issi=1&partneruserid=068165a1-9f84-469f-b0f4-06b7381834b8&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=21&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
23.106.127.52 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 05 Dec 2022 04:00:57 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma
no-cache
date
Mon, 05 Dec 2022 04:00:57 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://rtb-csync.smartadserver.com/redir/?partnerid=75&issi=1&partneruserid=068165a1-9f84-469f-b0f4-06b7381834b8&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
299
/
rtb-csync.smartadserver.com/redir/ Frame 69A5
Redirect Chain
  • https://cs.admanmedia.com/sync/smartadserver?us_privacy=&coppa=&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?partnerid=130&partneruserid=308e1982-4100-4e40-b524-dff1790fca25
43 B
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=130&partneruserid=308e1982-4100-4e40-b524-dff1790fca25
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=21&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
23.106.127.52 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 05 Dec 2022 04:00:57 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

Pragma
no-cache
Date
Mon, 05 Dec 2022 04:00:58 GMT
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
Server
nginx
Transfer-Encoding
chunked
X-Frame-Options
DENY
Location
https://rtb-csync.smartadserver.com/redir/?partnerid=130&partneruserid=308e1982-4100-4e40-b524-dff1790fca25
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Expires
0
usersync
usersync.gumgum.com/ Frame 7F42
Redirect Chain
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
  • https://usersync.gumgum.com/usersync?b=apn&i=6665481102401954734
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=apn&i=6665481102401954734
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
HTTP/1.1
Server
54.238.120.71 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-238-120-71.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 05 Dec 2022 04:00:58 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
Date
Mon, 05 Dec 2022 04:00:57 GMT
AN-X-Request-Uuid
26dcdad1-a3e0-4a8e-af55-8012757e90a7
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://usersync.gumgum.com/usersync?b=apn&i=6665481102401954734
Connection
keep-alive
X-Proxy-Origin
103.209.254.83; 103.209.254.83; 900.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame 7F42
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=a_9b4ef1cb-d190-408c-a686-af91f91e46ab&gdpr=0&gdpr_consent=&us_privacy=
  • https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=gumgum2
  • https://x.bidswitch.net/sync?dsp_id=70&user_id=5872975480053967565&ssp=gumgum2
  • https://usersync.gumgum.com/usersync?b=bsw&i=80b35f2d-fa1a-47da-9010-64e13e84dcaf
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=bsw&i=80b35f2d-fa1a-47da-9010-64e13e84dcaf
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
HTTP/1.1
Server
54.238.120.71 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-238-120-71.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 05 Dec 2022 04:00:58 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
//usersync.gumgum.com/usersync?b=bsw&i=80b35f2d-fa1a-47da-9010-64e13e84dcaf
Date
Mon, 05 Dec 2022 04:00:58 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
usersync
usersync.gumgum.com/ Frame 7F42
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sta&i=0-9701ef15-7d91-4f0f-6e8d-a9d41f58c730$ip$103.209.254.83
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sta&i=0-9701ef15-7d91-4f0f-6e8d-a9d41f58c730$ip$103.209.254.83
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
HTTP/1.1
Server
54.238.120.71 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-238-120-71.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 05 Dec 2022 04:00:59 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=sta&i=0-9701ef15-7d91-4f0f-6e8d-a9d41f58c730$ip$103.209.254.83
Date
Mon, 05 Dec 2022 04:00:58 GMT
Connection
keep-alive
Content-Length
128
Content-Type
text/html; charset=utf-8
usersync
usersync.gumgum.com/ Frame 7F42
Redirect Chain
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=a_9b4ef1cb-d190-408c-a686-af91f91e46ab&gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__
  • https://stags.bluekai.com/site/23178?id=X83YzngJ6wHyGWGfYQxs&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LO...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2WBYGNMXU3THJI3HOSDZI5LUOZSZKF4HG
  • https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=X83YzngJ6wHyGWGfYQxs
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=X83YzngJ6wHyGWGfYQxs
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
HTTP/1.1
Server
54.238.120.71 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-238-120-71.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 05 Dec 2022 04:00:59 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
Date
Mon, 05 Dec 2022 04:00:59 GMT
Content-Type
text/html; charset=utf-8
Location
https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=X83YzngJ6wHyGWGfYQxs
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
103
Expires
Thu, 01 Dec 1994 16:00:00 GMT
ImgSync
image8.pubmatic.com/AdServer/ Frame 7F42
Redirect Chain
  • https://sync.1rx.io/usersync2/floor6?gdpr=0&gdpr_consent=&dspret=1&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3D%5BRX_UUID%5D
  • https://sync.1rx.io/usersync2/floor6?zcc=1&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3D%5BRX_UUID%5D&cb=1670212858248
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=1056154669
  • https://sync.1rx.io/usersync/tradedesk/068165a1-9f84-469f-b0f4-06b7381834b8
  • https://sync.targeting.unrulymedia.com/csync/RX-41bfb3c0-28e7-4ac9-9b32-d4947a9f9983-004?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-41bfb3c0-28e7-4ac9-9b32-d4947a9f9983-004
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
0
135 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
H2
Server
103.231.98.197 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 04:01:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
date
Mon, 05 Dec 2022 04:01:00 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
usersync
usersync.gumgum.com/ Frame 7F42
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
  • https://usersync.gumgum.com/usersync?b=pln&i=86xgmJnBwVKu&ev=1&pid=558355
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=pln&i=86xgmJnBwVKu&ev=1&pid=558355
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
HTTP/1.1
Server
54.238.120.71 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-238-120-71.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 05 Dec 2022 04:00:58 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
location
https://usersync.gumgum.com/usersync?b=pln&i=86xgmJnBwVKu&ev=1&pid=558355
content-language
en-AU
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-5d75dc9fb4-w8v7v
expires
-1
cookie-sync
sync.outbrain.com/ Frame 7F42
Redirect Chain
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobR...
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%28IOCV50xEu3Fg2RC6dnmJRNsBXbb3PioS4mlKbco284xwO2nFq0mzseKDq_RJk86v%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%...
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=a_9b4ef1cb-d190-408c-a686-af91f91e46ab&obuid=ENC(IOCV50xEu3Fg2RC6dnmJRNsBXbb3PioS4mlKbco284xwO2nFq0mzseKDq_RJk86v)
  • https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51
  • https://u.openx.net/w/1.0/cm?id=00df9f64-6f67-4cae-aeb2-d951da52047c&r=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dopenx%26gdpr%3D%24GDPR_APPLIES%26gdpr_consent%3D%24CONSNT_STRING%26us_priv...
  • https://sync.outbrain.com/cookie-sync?p=openx&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING&us_privacy=$CCPA&obUid=IOCV50xEu3Fg2RC6dnmJRNsBXbb3PioS4mlKbco284xwO2nFq0mzseKDq_RJk86v&uid=e14196e6-58a...
0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=openx&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING&us_privacy=$CCPA&obUid=IOCV50xEu3Fg2RC6dnmJRNsBXbb3PioS4mlKbco284xwO2nFq0mzseKDq_RJk86v&uid=e14196e6-58a4-46c4-8830-23e46720d2b2
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
HTTP/1.1
Server
38.133.127.191 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date
Mon, 05 Dec 2022 04:00:59 GMT
Cache-Control
no-cache
X-TraceId
9e5c298dc4f6c66f4b42f788a39d627d
Content-Length
0

Redirect headers

date
Mon, 05 Dec 2022 04:00:59 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://sync.outbrain.com/cookie-sync?p=openx&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING&us_privacy=$CCPA&obUid=IOCV50xEu3Fg2RC6dnmJRNsBXbb3PioS4mlKbco284xwO2nFq0mzseKDq_RJk86v&uid=e14196e6-58a4-46c4-8830-23e46720d2b2
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
usersync
usersync.gumgum.com/ Frame 7F42
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://usersync.gumgum.com/usersync?b=opx&i=a66d1b91-0f5f-436e-8c24-61a417cb14df
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=opx&i=a66d1b91-0f5f-436e-8c24-61a417cb14df
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
HTTP/1.1
Server
54.238.120.71 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-238-120-71.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 05 Dec 2022 04:00:58 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Mon, 05 Dec 2022 04:00:57 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://usersync.gumgum.com/usersync?b=opx&i=a66d1b91-0f5f-436e-8c24-61a417cb14df
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
usersync
usersync.gumgum.com/ Frame 7F42
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=oth&i=y-lYuBz4pE2pd6kcrRRG_yyDnjPbn40.C3Uu9F~A
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=oth&i=y-lYuBz4pE2pd6kcrRRG_yyDnjPbn40.C3Uu9F~A
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
HTTP/1.1
Server
54.238.120.71 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-238-120-71.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 05 Dec 2022 04:00:58 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Mon, 05 Dec 2022 04:00:57 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://usersync.gumgum.com/usersync?b=oth&i=y-lYuBz4pE2pd6kcrRRG_yyDnjPbn40.C3Uu9F~A
content-length
0
usersync
usersync.gumgum.com/ Frame 7F42
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync...
  • https://usersync.gumgum.com/usersync?b=vnt&i=9d5687d6-919d-4b77-97c7-2b3fd3faba04
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=vnt&i=9d5687d6-919d-4b77-97c7-2b3fd3faba04
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
HTTP/1.1
Server
54.238.120.71 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-238-120-71.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 05 Dec 2022 04:00:58 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=vnt&i=9d5687d6-919d-4b77-97c7-2b3fd3faba04
Date
Mon, 05 Dec 2022 04:00:58 GMT
Connection
keep-alive
X-CI-RTID
0384563a-d27e-41b2-ad8d-ea81c072bed4
Content-Length
108
Content-Type
text/html; charset=utf-8
services
sync.technoratimedia.com/ Frame 7F42 		0
294 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
150.136.25.38 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 04:00:59 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
694233866
access-control-allow-origin
https://rtb.gumgum.com/
access-control-allow-credentials
true
142
match.deepintent.com/usersync/ Frame 7F42 		0
39 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
c /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 04:00:57 GMT
content-length
0
server
c
usersync
usersync.gumgum.com/ Frame 7F42
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://usersync.gumgum.com/usersync?b=idi&i=cd598f42-a5b8-40e8-8d5f-5df0334cdb85
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=idi&i=cd598f42-a5b8-40e8-8d5f-5df0334cdb85
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
HTTP/1.1
Server
54.238.120.71 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-238-120-71.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 05 Dec 2022 04:00:59 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=idi&i=cd598f42-a5b8-40e8-8d5f-5df0334cdb85
access-control-allow-origin
*
date
Mon, 05 Dec 2022 04:00:59 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
usersync
usersync.gumgum.com/ Frame 7F42
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sad&i=4849656571711328320
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sad&i=4849656571711328320
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
HTTP/1.1
Server
54.238.120.71 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-238-120-71.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 05 Dec 2022 04:00:58 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=sad&i=4849656571711328320
date
Mon, 05 Dec 2022 04:00:58 GMT
content-length
0
ecm3
s.amazon-adsystem.com/ Frame 7F42 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=gg.com&id=a_9b4ef1cb-d190-408c-a686-af91f91e46ab
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 05 Dec 2022 04:00:58 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
PXA4HKJG8VKDS7P64MM4
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame BF12 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvMucaEFbipgM_cDGnUd2EPBEXH-vWwAJPojEZfWaanT6bi3TRyV6-iMC9TyBTflTT_4XfiRUdMrCPKD2BSS5gXYbDTHxwX21R00lEJv6WwxO6PucZBAN7N7c47nkdyBtMPQmg&sai=AMfl-YR5dKAG1RWIjoOylNK5SGF0WRluuwuc4KPImmB5FZXb-B4Yz4WtezWmJHuqxhNVV29-LsrI3SaweCazoE6X4rpK-BGT5fd-LKu_Q6pF2P_goM7-o4quCy8gNwV5sw&sig=Cg0ArKJSzJAtpkVBrpbYEAE&cid=CAQSOwDq26N9H0wT5ceVPoDx37mVXebNSVFrLzCgBZjnzfw81joLxKhgzDXDXc0gLPdVv0JuBjkjXrvwdQPjGAEgEw&id=ampim&o=315,1110&d=970,90&ss=1600,1200&bs=1600,1200&mcvt=1016&mtos=0,0,1016,1016,1016&tos=0,0,1016,0,0&tfs=1009&tls=2025&g=100&h=100&tt=2025&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f156.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Dec 2022 04:00:57 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usersync
usersync.gumgum.com/ Frame D8F5
Redirect Chain
  • https://sync.inmobi.com/oRTB?gdpr_consent=&gdpr=0&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dinm%26i%3D%7BID5UID%7D
  • https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=0&callback=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dinm%26i%3D%7BID5UID%7D
  • https://usersync.gumgum.com/usersync?b=inm&i=ID5-70f4PuUAu4pmvfx3KZegmeBpNoTigHzi6KrL0cfyAw
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=inm&i=ID5-70f4PuUAu4pmvfx3KZegmeBpNoTigHzi6KrL0cfyAw
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.238.120.71 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-238-120-71.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Mon, 05 Dec 2022 04:00:58 GMT
Expires
0
Pragma
no-cache

Redirect headers

date
Mon, 05 Dec 2022 04:00:58 GMT
location
https://usersync.gumgum.com/usersync?b=inm&i=ID5-70f4PuUAu4pmvfx3KZegmeBpNoTigHzi6KrL0cfyAw
p3p
CP="CAO PSA OUR"
strict-transport-security
max-age=63072000; includeSubDomains; preload
transfer-encoding
chunked
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame D5C9 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.44.0.196 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-44-0-196.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=24022
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Mon, 05 Dec 2022 04:00:57 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Mon, 05 Dec 2022 10:41:19 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
usersync
usersync.gumgum.com/ Frame E8C6
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=ttd&i=068165a1-9f84-469f-b0f4-06b7381834b8
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=ttd&i=068165a1-9f84-469f-b0f4-06b7381834b8
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.238.120.71 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-238-120-71.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Mon, 05 Dec 2022 04:00:58 GMT
Expires
0
Pragma
no-cache

Redirect headers

cache-control
private,no-cache, must-revalidate
content-length
193
content-type
text/html
date
Mon, 05 Dec 2022 04:00:57 GMT
location
https://usersync.gumgum.com/usersync?b=ttd&i=068165a1-9f84-469f-b0f4-06b7381834b8
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319
usersync
usersync.gumgum.com/ Frame 2765
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2fusersync.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d
  • https://usersync.gumgum.com/usersync?b=mmh&i=b565638d-6cfa-4500-a279-97497957dfff&gdpr=0&gdpr_consent=
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=mmh&i=b565638d-6cfa-4500-a279-97497957dfff&gdpr=0&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.238.120.71 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-238-120-71.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Mon, 05 Dec 2022 04:00:58 GMT
Expires
0
Pragma
no-cache

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Mon, 05 Dec 2022 04:00:58 GMT
Expires
Mon, 05 Dec 2022 04:00:57 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 180 1fd3e2d master hkg-pixel-x23 config:1.0.0
location
https://usersync.gumgum.com/usersync?b=mmh&i=b565638d-6cfa-4500-a279-97497957dfff&gdpr=0&gdpr_consent=
usersync
usersync.gumgum.com/ Frame 7BA3
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
  • https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=Y41s_QABnhlHqgAF
  • https://usersync.gumgum.com/usersync?b=atm&i=Y41s_QABnhlHqgAF&gdpr=0&gdpr_consent=&_test=Y41s_QABnhlHqgAF
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=atm&i=Y41s_QABnhlHqgAF&gdpr=0&gdpr_consent=&_test=Y41s_QABnhlHqgAF
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.238.120.71 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-238-120-71.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Mon, 05 Dec 2022 04:00:58 GMT
Expires
0
Pragma
no-cache

Redirect headers

accept-ranges
bytes
cache-control
no-cache
content-length
0
date
Mon, 05 Dec 2022 04:00:58 GMT
location
https://usersync.gumgum.com/usersync?b=atm&i=Y41s_QABnhlHqgAF&gdpr=0&gdpr_consent=&_test=Y41s_QABnhlHqgAF
pragma
no-cache
retry-after
0
server
Varnish
via
1.1 varnish
x-cache
HIT
x-cache-hits
0
x-served-by
cache-mel11220-MEL
x-timer
S1670212858.062421,VS0,VE0
pixel
cm.g.doubleclick.net/ Frame 03E6 		170 B
188 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=YV85YjRlZjFjYi1kMTkwLTQwOGMtYTY4Ni1hZjkxZjkxZTQ2YWI=&gdpr=0&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-length
170
content-type
image/png
cross-origin-resource-policy
cross-origin
date
Mon, 05 Dec 2022 04:00:57 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
um
cs.emxdgt.com/ Frame 6509 		0
67 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cs.emxdgt.com/um?redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID&gdpr=0&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.92.104.91 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-104-91.compute-1.amazonaws.com
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

content-length
0
content-type
text/plain; charset=utf-8
date
Mon, 05 Dec 2022 04:00:58 GMT
server
awselb/2.0
usersync
usersync.gumgum.com/ Frame 457B
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=gumgum
  • https://usersync.gumgum.com/usersync?b=sus&i=Y41s.cCo8X4AADb2cVwAAAAA
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=sus&i=Y41s.cCo8X4AADb2cVwAAAAA
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.238.120.71 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-238-120-71.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Mon, 05 Dec 2022 04:00:58 GMT
Expires
0
Pragma
no-cache

Redirect headers

Cache-Control
private
Connection
keep-alive
Content-Length
0
Date
Mon, 05 Dec 2022 04:00:57 GMT
Location
https://usersync.gumgum.com/usersync?b=sus&i=Y41s.cCo8X4AADb2cVwAAAAA
P3P
CP="See also http://www.scaleout.jp/privacy/"
Server
nginx
X-SO-Ads-Time
2
X-SO-Cluster-ID
0
X-SO-HostName
m-ad357.dc4p.scaleout.jp
X-SO-IP
103.209.254.83
X-SO-Key
Y41s.cCo8X4AADb2cVwAAAAA
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":0,"gdpr":false,"ipv4":"103.209.254.83","key":"Y41s.cCo8X4AADb2cVwAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"m-ad357"}
X-SO-LB-Hostname
m-tgng26.dc4p.scaleout.jp
X-SO-Upstream-ID
m-ad357
usersync
usersync.gumgum.com/ Frame 0D5F
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=189872&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D
  • https://usersync.gumgum.com/usersync?b=iex&i=Y41s.eHz8VRrS6e3WWgVlgAA%264853
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=iex&i=Y41s.eHz8VRrS6e3WWgVlgAA%264853
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.238.120.71 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-238-120-71.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Mon, 05 Dec 2022 04:00:58 GMT
Expires
0
Pragma
no-cache

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
7749e0b79e0417c9-MEL
content-length
0
date
Mon, 05 Dec 2022 04:00:57 GMT
expires
0
location
https://usersync.gumgum.com/usersync?b=iex&i=Y41s.eHz8VRrS6e3WWgVlgAA%264853
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WyQ6dZERJ%2FClqrQhviFXlNx5owU14Etd5GDYn9YYAJ%2FIYKXcndBS%2BFKZWAiScdfDdtE18aZHQVWI3%2FNn0v0pZJOttnu3%2FKXIPvnxHc3Yt7a8gQ88tv3DYky02wBC3YeFaYr4PApGtK1dGw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usersync
usersync.gumgum.com/ Frame 2EB8
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1
  • https://usersync.gumgum.com/usersync?b=rth&i=XxuXOxblioyknFouUq7k&pi=gumgum&tc=1
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=rth&i=XxuXOxblioyknFouUq7k&pi=gumgum&tc=1
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.238.120.71 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-238-120-71.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Mon, 05 Dec 2022 04:00:58 GMT
Expires
0
Pragma
no-cache

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Mon, 05 Dec 2022 04:00:58 GMT Mon, 05 Dec 2022 04:00:58 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://usersync.gumgum.com/usersync?b=rth&i=XxuXOxblioyknFouUq7k&pi=gumgum&tc=1
pragma
no-cache
usync.html
eus.rubiconproject.com/ Frame F25D
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
  • https://eus.rubiconproject.com/usync.html?p=gumgum
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.15.148.136 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-15-148-136.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 05 Dec 2022 04:00:58 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Mon, 05 Dec 2022 04:00:57 GMT
location
https://eus.rubiconproject.com/usync.html?p=gumgum
server
AkamaiGHost
index.html
s0.2mdn.net/9644752/1669691686695/ Frame 42FC 		70 KB
19 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/9644752/1669691686695/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f148.1e100.net
Software
sffe /
Resource Hash
1f3820f3b75e1bb07c2f086666a40506159fbe51506848736657082c0c07f3f9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://a6877dcf690d5719671ec6745f20d2cd.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
4607
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
19884
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Mon, 05 Dec 2022 02:44:10 GMT
expires
Tue, 06 Dec 2022 02:44:10 GMT
last-modified
Tue, 29 Nov 2022 03:14:46 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 17B9 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsstVtyFvlUdD8C1lWvxb2h5sr5noh5e91ShP2Za_nUSotn3x0cLb0vGPDpvrAeTQqhQCztyg22oSVp7cEYRRuwuWeQ3Uboz9CKgZefmXKx9T4OYNmyMASB741P5fiiFvzgsoWfdGJKoFEEYpJ3mpt9ZcJZixe9dmW3dMIP6LXGiuxfPBv8QnMfpXZtTvSdxgTJLl0xYQ-MSqgAMowiYOtBMLnOrXx6bAtKW9aBbx5vR4mtk2Y8ZIRt9HYwEubd2jBF54Rfww_LMZacOTnrcWh5giLXFNnA9eaev6QlCjEX6S-T73oJhe9Y37CzYiNvnTFZ6YbXaPqw7IWc8kZnHPSQiF7f7TqbdxMOZ4MMYYu0x819n9dF9XcavXEERswMNbAA6v-dUUgCtG6fSIp7aSU-pxuWVfbLuU88pzD6x4JA4Z1VcTI9b2c_l7PvTo_btaP68nwdLe2ljAlKHK9rkK5c4ECeZhhIOxpbragYSxV4GYZemQYeBTZe5DdfOT1SjLhThCLuHMfLb0BfCMgPn8FVOlSVBrkd3xdpg_VYh3Vf21IAkZDgjv1NoHUCwQBYQVT-yEqBVZgtnpINLfFvBG-Qq6TSqWkjUJyYhlKr5YPMfPejXotVIXRlPqnt3QM7_HmuG7_WwGnB8jT8p0ZV5a4C5PTipX0RbvoRwfrYcd7GEFXHOW4NcUv6H6BnB40Lk02EnsOsuDHjM3s7sapaHAu6FnYAQTid9YuH_EiWGk_9Hn8igtmXG_AH69i10ar_SHIKvWfiUcxc9417LHqUQtibubXms-L_javrM9ymsABhZaklLlxZLYm8l_HZXLaG6acv0gkVvHVgcSbS-T1uEgNZGsv3_ZxPH1BqdelzL_Pt1OQnpv6ZTCdKn9bhG64lh2KRpGSVhTlXL5kvuBTFn5xmFxWVRa9oXSo8m_aXUSCt_g3W1yBklT0OkDlDWIJoytpXQedjWyUSY589dEjquJ7v4yAw4s1ri0cAVtdUK4b3xv_uOfgy84TnbbOrSiVB0xgsPyIcvQcth_v-qUGG0ih8aiMeYTEvCNmjpZBHoWRnB_yAkDgEJUsBUWpTnvcbZEZNbqLeIhrTrrda4R5Ey_cTNAI1MHp4ms-EetNeNTA18wjMFsqqEGxaBQ5xwhjWDPJeJGL61Pis-a4_jB3VepZflHj4bwoVWbWrfJVBxQ17-I2qqhBbD8Z1wi9hNo-dsvSvJGRVydIuhviAvImm5Czq6fjqonRsbK7bEZ5T0H4qKIU52qEx1cjXUU9D1KFJiBaUuGceehlXwqOacPA8xG94KFoQVxHzREUF0ePLlSfPMWwID5DJ38dpHwT6UcK1w9Y7c29V6VQ&sai=AMfl-YSANpABxP92KaES31QIxZCEZH3YN_9FoglrqZfXTPI9Rw2GU9gfRqDuZNcX_BkF6dQUeMmyXedshUV0RIwucBpoHZmmEfRixemm_4djW2vJ-YvBsH9JpV1V8bHNXWr1Xf73qQwhOoKXka0uBaxQ5pQVfDJDlO6YUYxXzSXAVGd7KNmqr0RTWidDLGpimcIjTfatvLRwvm44FQ_jn7YV1IJ0TIb4lDXSKVuBgxmBgbxdMo_hPSm-pcpK7-68m5oM4O85YJ3FZqWaC6zEt-ksSPe0oMy2T5pljf6Q1w&sig=Cg0ArKJSzMpSEVG1xXbrEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1145&cbvp=1&cstd=1143&cisv=r20221110.75556&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f156.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://a6877dcf690d5719671ec6745f20d2cd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Mon, 05 Dec 2022 04:00:57 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Mon, 05 Dec 2022 04:00:57 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame BB66 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BtUkG92yNY8yLO8u7z7sPpPC74AkAAAAAOAHgBAI&bg=!srGlsfXNAAbvMpMzzzI7ACkAdvg8WpXyPcosK-agiHvt0gJNksf0ngIsKYDGW4PhMYZjZKOj1LdBywIAAAC_UgAAAAJoAQeZAwqEI9MrlIWeAdmCLfOjkjwbM1GBtQkF0e6tGMjcLTxfSs4ewdfK0wKM55DRL2mgm9kaimq2aUsofNufOwOn5Sfjj7koavQmLDWrFDSqiPpGB1pSpnbOUQNKZ_j1R1LAROad1iCJDSx3B5udZViewmmUu77S3okB8epy_VwVieW4jS7zfwVonehSlweqiJuAxwuT-GKt5-XFBELI72DvSJ7I23DqT-TgSHTr6nYm9kY9QgT6mBUsfks6m6gz24_P2a-jMBdiqvQZVSHBnEeHmPQTssP5xUzz0GF2Vd1QcFW5mV4pC0DZ39w35w9fnVsRZBa9CMgOUJHA7cUE44r4MsYXXmBYzzfPnYVL4_xc6bCMQKhWvlaBHlbvXliFvaECJMZIJHEAlVhiW_OD0vasYutc_ByjYSouLzzlzBSbARUjHlvg61F0SI765eD9AA6awaVQMldOMTiI8ONeyCKNNS7tMRuToxtDoxYmwbmIUGpudEh8q9zA1XrkiJY8rRxMMOZe26emSy4FDinMzYfFE7X-EwIXGKzePdHFpWf-eG6Eq30CPZ2FLkvMa7DWlkPQUYomM8MwalUVWxVQ9QCmKVySw7n023i5keloveS6ao2oO_rcIViGdpkvPGpDFHAGzUbfMRS8tMf5XJ7wSt1VdhbcnAd1LS7c3pn-r0JfjZW0TFc4Y0S_toZR5ELSYZDsAWU85VeElicaRmX-vnrXMtZGUAXVUrX8Az5ts7fB4JKrHLuB32cunyztGObHRlVPuW4Pwk4F2OfGLz-9CsK5C29erolaZIuCboQpvIneJTpIBmI8Xqn0M6Ti2oxeejdL33PEXXOQ7OJN4zzzbiskITx9bFMTtIT8He_dEoRgnnOZiUWdcLTheGUqa35-6vSyXfoGMqzAfFk74fXtmIUIHxQ3NyMiwdLxnd041gQnxRXuPVxgazEoGMLbldp5FWnG2ZH0CHIbuquKbQchd5z2IJhlE6onqZybNwGFyQEnCSdznwC5gk0Nb_umnHlR_2IvfxEb6vRP6S5z6JNX
Requested by
Host: a6877dcf690d5719671ec6745f20d2cd.safeframe.googlesyndication.com
URL: https://a6877dcf690d5719671ec6745f20d2cd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f156.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Dec 2022 04:00:57 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 792C 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B-43Y-GyNY_zOA6OJ8QO2_o6wBQAAAAA4AeAEAg&bg=!CgmlCU3NAAbvMpMzzzI7ACkAdvg8WpIQGcTfuCcSFv-I7jNXsTZNPBDlFKmFddo9nObbdm2Vx9RoZgIAAAB4UgAAAAJoAQcKAJqCulu5Ue2MG5HYHtc1lnj1ApvnO56sJEsBD-vrMTfVYTHDk4RAiOQyI4i_1CPmHl6cxY_je-38nunwjwJxvrufGbiI0vVCIrfg3UM36W09JRjfUkEYk11UNzoGyaFmMjUmghc6oBLbQ2E8JVBxpQTTm_sai1sDQKHtfahXOqOAWmmnZ9pfTiMxwfrwrTlyUBDw2vndbT22vO5TmQL-8uEHZc1aOuZSI_diH014ORt39fXTeqpmKk-_ZerqLIY0K-fUJ1xRH478KF3qFYJb5yrMJT991iew0c9TJvgGbqgv-Jm--IWqzVT9cZSjNkrfs6qM5LxWKG3KCy8O5_RqnTLPixD3C29iLACI4BnyJLQnKQypZKTKQjVRT0ziGMbpLN9NFcwNrkv5HvbxsD8ynNxxhB3yet552euFR3sJ1whnFndLENES2fu4mFFUdLQwzxjVzfLymMl-jURYZHUUg7DCDBe1T1lvWwTfrxVGyrs542VcBHyb74zxLzYd-IQrbiBI2umoMueLgCXCCXhWcfuEiYLiq5Xay5nV0JBsESAeI6syOoWL90TUdFU9RsEumLvi4doRh1PjedNolZ8x1oDHv03fORVhLoJEVhNlSF279Uct-35DWpLEClx2lztJg43RpuQSbbzp4-0rmIKHWgLwdWbUstpZ_gQgSyYRTZ3Ahl6CQrz8Tug2FQyLhjJd6wux0dCwRYZFQRVZbivifTD7bqRtZLxWNq2ZZDDUmT7_abrXzO6Wx-Qh9w5_fqtQtSFequxiWyHE0QZyVeKMAXZ_xAihDJc8i8hr5B5oAniOMOXSh0zf2xFdX8alR2_khwoWxXaETMTvHOAHIjEDV121Dv7m5D4brAvohbaKAQ9NEzOAT8IlSpoe1hDL62g84-pOOpXHwdoMysmQBR6GF8BwlbExsIC1lCX7dlicvNTUJAQS34T6DXWfxqtGSV6kkuVozdPguXA1eVQaXrRo9ruSQ918bUgKw_EwCwUbJXBrDm2g6HK_5x1XltIDGW6K0zcrYnSXBp9p8KBfPYh2Z-VahlDJf6Vpn7DtUdkUpRnIyiE6LZuFm1zo3EQHZBhtJKxWm0PHkFfLdzQUEUo6NYD764RxRwOibyjZpYoJJzKyk4ImjsiKKIREUMpnvpCXJ5OsDAfT6YOE7RO7ASzQdiNTy63NjC7rCQTlKCF-M45z07MtKayCubeZExXsZb_5srwvdOFPOwteGg0WIA
Requested by
Host: a6877dcf690d5719671ec6745f20d2cd.safeframe.googlesyndication.com
URL: https://a6877dcf690d5719671ec6745f20d2cd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f156.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Dec 2022 04:00:57 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame 757D 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.15.148.136 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-15-148-136.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
4b49f9df6833f612c5bf19b77f27c01ff259fca7994c2cd150ce04f86bd32642

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east&gdpr=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date
Mon, 05 Dec 2022 04:00:57 GMT
Content-Encoding
gzip
Last-Modified
Sun, 04 Dec 2022 13:02:35 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=32456
Connection
keep-alive
Content-Length
10067
Expires
Mon, 05 Dec 2022 13:01:53 GMT
ecm3
s.amazon-adsystem.com/ Frame 4231 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=ym.com&id=gd93c4265451b191a719&gdpr=0
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://sync-amz.ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 05 Dec 2022 04:00:58 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
07YDMC3JKZ943TQXEVPQ
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sync
ads.yieldmo.com/ Frame 4231
Redirect Chain
  • https://yieldmo-match.dotomi.com/match/bounce/current?networkId=42851&version=1
  • https://ads.yieldmo.com/sync?pn_id=eps&id=AQELAC3sQDkNZwIIf0aaAQEBAQE&expiration=1670299258
43 B
447 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/sync?pn_id=eps&id=AQELAC3sQDkNZwIIf0aaAQEBAQE&expiration=1670299258
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID&gdpr=0
Protocol
H2
Server
18.139.75.61 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-139-75-61.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://sync-amz.ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Mon, 05 Dec 2022 04:00:58 GMT
content-type
image/gif
content-length
43
access-control-allow-methods
GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma

Redirect headers

pragma
no-cache
date
Mon, 05 Dec 2022 04:00:58 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://ads.yieldmo.com/sync?pn_id=eps&id=AQELAC3sQDkNZwIIf0aaAQEBAQE&expiration=1670299258
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
sync
ads.yieldmo.com/ Frame 4231
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=yieldmo
  • https://pm.w55c.net/ping_match.gif?st=bidswitch&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D79%26user_id%3D_wfivefivec_%26expires%3D30%26ssp%3Dyieldmo%26bsw_param%3D80b35f2d-fa1a-47da-9010-64e13e8...
  • https://pm.w55c.net/ping_match.gif?scc=1&st=bidswitch&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D79%26user_id%3D_wfivefivec_%26expires%3D30%26ssp%3Dyieldmo%26bsw_param%3D80b35f2d-fa1a-47da-9010-6...
  • https://x.bidswitch.net/sync?dsp_id=79&user_id=cdLMNgQe1P22F45&expires=30&ssp=yieldmo&bsw_param=80b35f2d-fa1a-47da-9010-64e13e84dcaf
  • https://ads.yieldmo.com/sync?userid=80b35f2d-fa1a-47da-9010-64e13e84dcaf&pn_id=bsw&extinit=&gdpr=&gdpr_consent=
43 B
665 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/sync?userid=80b35f2d-fa1a-47da-9010-64e13e84dcaf&pn_id=bsw&extinit=&gdpr=&gdpr_consent=
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID&gdpr=0
Protocol
H2
Server
18.139.75.61 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-139-75-61.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://sync-amz.ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Mon, 05 Dec 2022 04:00:59 GMT
content-type
image/gif
content-length
43
access-control-allow-methods
GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma

Redirect headers

Location
//ads.yieldmo.com/sync?userid=80b35f2d-fa1a-47da-9010-64e13e84dcaf&pn_id=bsw&extinit=&gdpr=&gdpr_consent=
Date
Mon, 05 Dec 2022 04:00:58 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
sync
ads.yieldmo.com/v000/ Frame 4231
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=yieldmo&ttd_tpi=1&ttd_puid=gd93c4265451b191a719
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=yieldmo&ttd_tpi=1&ttd_puid=gd93c4265451b191a719
  • https://ads.yieldmo.com/v000/sync?tdid=5cf6b0ca-1cd5-485e-b82f-4f101a2389ad
43 B
334 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/v000/sync?tdid=5cf6b0ca-1cd5-485e-b82f-4f101a2389ad
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID&gdpr=0
Protocol
H2
Server
18.139.75.61 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-139-75-61.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://sync-amz.ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Mon, 05 Dec 2022 04:00:58 GMT
content-type
image/gif
content-length
43
access-control-allow-methods
GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma

Redirect headers

pragma
no-cache
date
Mon, 05 Dec 2022 04:00:57 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://ads.yieldmo.com/v000/sync?tdid=5cf6b0ca-1cd5-485e-b82f-4f101a2389ad
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
181
sync
ads.yieldmo.com/ Frame 4231
Redirect Chain
  • https://pixel-apac.rubiconproject.com/exchange/sync.php?p=yieldmo
  • https://ads.yieldmo.com/sync?pn_id=rc&id=LBA9LY0O-6-E4O5
43 B
436 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/sync?pn_id=rc&id=LBA9LY0O-6-E4O5
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID&gdpr=0
Protocol
H2
Server
18.139.75.61 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-139-75-61.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://sync-amz.ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Mon, 05 Dec 2022 04:00:58 GMT
content-type
image/gif
content-length
43
access-control-allow-methods
GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ads.yieldmo.com/sync?pn_id=rc&id=LBA9LY0O-6-E4O5
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
6690dc791bf02dde8c4051a04cfd7bb8
Expires
0
sync
ads.yieldmo.com/v000/ Frame 4231
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=yieldmo
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=yieldmo
  • https://ads.yieldmo.com/v000/sync?pn_id=mf&userid=3b5056a7-1fff-4313-ba69-a8208f0d3fb8&gdpr=&gdpr_pd=&gdpr_consent=
43 B
781 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/v000/sync?pn_id=mf&userid=3b5056a7-1fff-4313-ba69-a8208f0d3fb8&gdpr=&gdpr_pd=&gdpr_consent=
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID&gdpr=0
Protocol
H2
Server
18.139.75.61 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-139-75-61.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://sync-amz.ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Mon, 05 Dec 2022 04:00:59 GMT
content-type
image/gif
content-length
43
access-control-allow-methods
GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma

Redirect headers

Location
//ads.yieldmo.com/v000/sync?pn_id=mf&userid=3b5056a7-1fff-4313-ba69-a8208f0d3fb8&gdpr=&gdpr_pd=&gdpr_consent=
Date
Mon, 05 Dec 2022 04:00:59 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
ecm3
s.amazon-adsystem.com/ Frame A187 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=sharethrough.com&id=ef621820-2851-42b3-b428-eba03b4951ed
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D%24UID&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 05 Dec 2022 04:00:58 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
59H7MNQGTQW45QJ5XQSG
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
v1
match.sharethrough.com/sync/ Frame A187
Redirect Chain
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=1
  • https://sync.srv.stackadapt.com/sync?nid=15
  • https://match.sharethrough.com/sync/v1?source_id=f832af09fdaea37e940528ab&source_user_id=0-db6f2f01-fc68-43f5-5e47-61f06dae94cd$ip$103.209.254.83
68 B
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=f832af09fdaea37e940528ab&source_user_id=0-db6f2f01-fc68-43f5-5e47-61f06dae94cd$ip$103.209.254.83
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D%24UID&gdpr=0
Protocol
H2
Server
52.221.159.176 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-221-159-176.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 04:00:59 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

Location
https://match.sharethrough.com/sync/v1?source_id=f832af09fdaea37e940528ab&source_user_id=0-db6f2f01-fc68-43f5-5e47-61f06dae94cd$ip$103.209.254.83
Date
Mon, 05 Dec 2022 04:00:58 GMT
Connection
keep-alive
Content-Length
172
Content-Type
text/html; charset=utf-8
v1
match.sharethrough.com/sync/ Frame A187
Redirect Chain
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=2
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=068165a1-9f84-469f-b0f4-06b7381834b8&gdpr=0&gdpr_consent=
68 B
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=068165a1-9f84-469f-b0f4-06b7381834b8&gdpr=0&gdpr_consent=
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D%24UID&gdpr=0
Protocol
H2
Server
52.221.159.176 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-221-159-176.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 04:00:58 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Mon, 05 Dec 2022 04:00:58 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=068165a1-9f84-469f-b0f4-06b7381834b8&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
323
v1
match.sharethrough.com/sync/ Frame A187
Redirect Chain
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=3
  • https://sync.search.spotxchange.com/partner?adv_id=8499&redir=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3Dk1jJghvBi79yX1NZ2sM5fXrm%26source_user_id%3D%24SPOTX_USER_ID
  • https://match.sharethrough.com/sync/v1?source_id=k1jJghvBi79yX1NZ2sM5fXrm&source_user_id=6a0ea1e7-7451-11ed-a4dc-15930aea0007
68 B
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=k1jJghvBi79yX1NZ2sM5fXrm&source_user_id=6a0ea1e7-7451-11ed-a4dc-15930aea0007
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D%24UID&gdpr=0
Protocol
H2
Server
52.221.159.176 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-221-159-176.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 04:00:59 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

Date
Mon, 05 Dec 2022 04:00:58 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Location
https://match.sharethrough.com/sync/v1?source_id=k1jJghvBi79yX1NZ2sM5fXrm&source_user_id=6a0ea1e7-7451-11ed-a4dc-15930aea0007
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
8
Connection
keep-alive
Content-Length
0
v1
match.sharethrough.com/sync/ Frame A187
Redirect Chain
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=4
  • https://pixel.rubiconproject.com/exchange/sync.php?p=18694&gdpr=0&gdpr_consent=
  • https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LBA9LY0O-6-E4O5&gdpr=0
68 B
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LBA9LY0O-6-E4O5&gdpr=0
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D%24UID&gdpr=0
Protocol
H2
Server
52.221.159.176 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-221-159-176.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 04:00:58 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LBA9LY0O-6-E4O5&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
6690dc791bf02dde8c4051a04cfd7bb8
Expires
0
match
c1.adform.net/serving/cookie/ Frame B2D1 		35 B
468 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?party=14&cid=5735DD26-16E9-40CB-8EFF-8A5983153CA5&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.84.60.29 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Mon, 05 Dec 2022 04:00:58 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame 5231
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:f6d2638d-6cfa-4600-979d-bfef3a19d8ab&gdpr=0&gdpr_consent=
42 B
345 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:f6d2638d-6cfa-4600-979d-bfef3a19d8ab&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.199.150.86 Los Angeles, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 05 Dec 2022 04:00:58 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Mon, 05 Dec 2022 04:00:58 GMT
Expires
Mon, 05 Dec 2022 04:00:57 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 180 1fd3e2d master hkg-pixel-x25 config:1.0.0
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:f6d2638d-6cfa-4600-979d-bfef3a19d8ab&gdpr=0&gdpr_consent=
Pug
simage2.pubmatic.com/AdServer/ Frame FFC5
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y41s_gAAAZViBgAp&gdpr=0&gdpr_consent=&_test=Y41s_gAAAZViBgAp
1 B
297 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y41s_gAAAZViBgAp&gdpr=0&gdpr_consent=&_test=Y41s_gAAAZViBgAp
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.199.150.86 Los Angeles, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Mon, 05 Dec 2022 04:00:58 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ranges
bytes
cache-control
no-cache
content-length
0
date
Mon, 05 Dec 2022 04:00:58 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y41s_gAAAZViBgAp&gdpr=0&gdpr_consent=&_test=Y41s_gAAAZViBgAp
pragma
no-cache
retry-after
0
server
Varnish
via
1.1 varnish
x-cache
HIT
x-cache-hits
0
x-served-by
cache-mel11220-MEL
x-timer
S1670212858.281654,VS0,VE0
usermatchredir
ssum-sec.casalemedia.com/ Frame C75E
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6665481102401954734&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEIIUZvUHDUlIqYn_08wlweU&google_cver=1
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=1402230080&mi=10&csh=2023874098&rnd=1738078019&pcid=E0D49FB2-6484-443C-94BA-B894703FD7A2
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1709765917%26mi%3D10%26csh%3D2023874098%3B1402230080%26rnd%3D1577035710&pcid=...
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=1709765917&mi=10&csh=2023874098;1402230080&rnd=1577035710&pcid=6665481102401954734
  • https://ssum-sec.casalemedia.com/usermatchredir?s=200547&cb=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D201339086%26mi%3D10%26csh%3D2023874098%3B1402...
43 B
842 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=200547&cb=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D201339086%26mi%3D10%26csh%3D2023874098%3B1402230080%3B1709765917%26rnd%3D-883940829%26pcid%3D__UID__
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
7749e0ca2c9217c9-MEL
content-length
43
content-type
image/gif
date
Mon, 05 Dec 2022 04:01:00 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c9To7sSba0XsBDzQyOrtJ%2BUirBHIiw%2BirrdCajScuPekiyvE3scONR8WrOR%2FtqZ2k1mk%2Fo39JUJiMKJ0OHV0J89yl0ZNEycyO0lyvwk6afiPHyVubjV3GORd2FaEWqtu4gf%2FKI32aLmb1Q%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
date
Mon, 05 Dec 2022 04:01:00 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://ssum-sec.casalemedia.com/usermatchredir?s=200547&cb=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D201339086%26mi%3D10%26csh%3D2023874098%3B1402230080%3B1709765917%26rnd%3D-883940829%26pcid%3D__UID__
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
patent
https://www.almondnet.com/ip
pragma
no-cache
server
Apache-Coyote/1.1
via
1.1 0baa68530535d25b0fce15971fbb91e8.cloudfront.net (CloudFront)
x-amz-cf-id
I49oLPWVffIpINRy0FTvu2Q2I6WYkhQE_nZzi9HO8VfpP4v7ONv5lQ==
x-amz-cf-pop
SIN52-P1
x-cache
Miss from cloudfront
usermatchredir
ssum-sec.casalemedia.com/ Frame 1A00
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=418xauMPbzj4Cjk_sFUkPedaaD34Djo3sFhnxaeZ
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEIIUZvUHDUlIqYn_08wlweU&google_cver=1
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=1402230080&mi=10&csh=2023874098&rnd=1738078019&pcid=E0D49FB2-6484-443C-94BA-B894703FD7A2
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1709765917%26mi%3D10%26csh%3D2023874098%3B1402230080%26rnd%3D-972834876&pcid=...
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=1709765917&mi=10&csh=2023874098;1402230080&rnd=-972834876&pcid=6665481102401954734
  • https://ssum-sec.casalemedia.com/usermatchredir?s=200547&cb=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D201339086%26mi%3D10%26csh%3D2023874098%3B1402...
43 B
845 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=200547&cb=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D201339086%26mi%3D10%26csh%3D2023874098%3B1402230080%3B1709765917%26rnd%3D-1526334505%26pcid%3D__UID__
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
7749e0cd897a17c9-MEL
content-length
43
content-type
image/gif
date
Mon, 05 Dec 2022 04:01:01 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9s5KUWTbjvLWlfdtvg9fKUuQI%2FuQruwfklinnsSZpjX8P0D3RHeENiJQRZnYtnpUj%2B4p%2F6gP6kkVgdGtM4YEBz9x8gakxRllKe7%2Bo4YkQDpuQIKYjGXzyM1ppPHif8zp%2BTsPXo6yWUP4qQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
date
Mon, 05 Dec 2022 04:01:00 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://ssum-sec.casalemedia.com/usermatchredir?s=200547&cb=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D201339086%26mi%3D10%26csh%3D2023874098%3B1402230080%3B1709765917%26rnd%3D-1526334505%26pcid%3D__UID__
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
patent
https://www.almondnet.com/ip
pragma
no-cache
server
Apache-Coyote/1.1
via
1.1 0baa68530535d25b0fce15971fbb91e8.cloudfront.net (CloudFront)
x-amz-cf-id
DX0SpKkalxkKNJVwtPkbNexUIr1Av7CTGLL7RollGVou9_JyETvByg==
x-amz-cf-pop
SIN52-P1
x-cache
Miss from cloudfront
Pug
simage2.pubmatic.com/AdServer/ Frame 8EBD
Redirect Chain
  • https://cm.ambientdsp.com/cm/send?vc=pmj
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=y2gqwq7qgks
1 B
149 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=y2gqwq7qgks
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.199.150.86 Los Angeles, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Mon, 05 Dec 2022 04:00:58 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-encoding
utf-8
cache-control
no-store
content-length
0
date
Mon, 05 Dec 2022 04:00:58 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=y2gqwq7qgks
lws
127.0.0.1
strict-transport-security
max-age=31536000; includeSubDomains
time-ms
0
usersync.aspx
dis.criteo.com/dis/ Frame E174 		43 B
362 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.146 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-cache
content-type
image/gif
cross-origin-resource-policy
cross-origin
date
Mon, 05 Dec 2022 04:00:57 GMT
expires
Mon, 05 Dec 2022 00:00:00 GMT
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
479379
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
Pug
simage2.pubmatic.com/AdServer/ Frame F382
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=WdjVO0KjT7ZAjBdxTKHkrGfR_lM
42 B
302 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=WdjVO0KjT7ZAjBdxTKHkrGfR_lM
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.199.150.86 Los Angeles, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 05 Dec 2022 04:00:58 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
159
Content-Type
text/html; charset=utf-8
Date
Mon, 05 Dec 2022 04:00:58 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=WdjVO0KjT7ZAjBdxTKHkrGfR_lM
Pug
image2.pubmatic.com/AdServer/ Frame 0194
Redirect Chain
  • https://gocm.c.appier.net/pubmatic
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=rfSoucguAf6m1BWJ-myNYw
42 B
199 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=rfSoucguAf6m1BWJ-myNYw
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.194 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 05 Dec 2022 04:00:58 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

cache-control
no-store
content-length
153
content-type
text/html; charset=utf-8
date
Mon, 05 Dec 2022 04:00:58 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=rfSoucguAf6m1BWJ-myNYw
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
nginx
send
sync-dsp.ad-m.asia/dsp/api/sync/ Frame 381A 		43 B
243 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=pubmatic&rd=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyNTMmdGw9MTI5NjAw%26piggybackCookie%3D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
202.131.200.84 , Japan, ASN17941 (BIT-ISLE Equinix Japan Enterprise K.K., JP),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
no-store,no-cache
Connection
close
Content-Length
43
Content-Type
image/gif
Date
Mon, 05 Dec 2022 04:00:58 GMT
Pragma
no-cache
Server
nginx
expires
-1
cm
ipac.ctnsnet.com/int/ Frame 83DD 		43 B
369 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.193.173 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
173.193.186.35.bc.googleusercontent.com
Software
Apache-Coyote/1.1 /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
43
content-type
image/gif
date
Mon, 05 Dec 2022 04:00:57 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
CP="NOI DSP COR NID CUR OUR NOR"
pragma
no-cache
server
Apache-Coyote/1.1
via
1.1 google
Pug
simage2.pubmatic.com/AdServer/ Frame 2F2F
Redirect Chain
  • https://ipac.ctnsnet.com/int/cm?exc=14&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA%3D%26piggybackCookie%3D%5Buser_id%5D
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=a2273aa33a5240feaece75fe068f72ad
42 B
300 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=a2273aa33a5240feaece75fe068f72ad
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.199.150.86 Los Angeles, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 05 Dec 2022 04:00:58 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html;charset=UTF-8
date
Mon, 05 Dec 2022 04:00:57 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=a2273aa33a5240feaece75fe068f72ad
p3p
CP="NOI DSP COR NID CUR OUR NOR"
pragma
no-cache
server
Apache-Coyote/1.1
status
302
via
1.1 google
x-xss-protection
1; mode=block
pxd
dps.jp.cinarra.com/ Frame 6ABD 		95 B
220 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dps.jp.cinarra.com/pxd?PLATFORM_ID=D&USER_ID=5735DD26-16E9-40CB-8EFF-8A5983153CA5
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.113.156.50 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-113-156-50.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Connection
keep-alive
Content-Length
95
Content-Type
image/png
Date
Mon, 05 Dec 2022 04:00:58 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 8B46
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:ZaOUeCgq1P22F45&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:D2890877A16842FBAB5E0498421370CE
42 B
209 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:D2890877A16842FBAB5E0498421370CE
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.194 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 05 Dec 2022 04:00:59 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
content-length
142
content-type
text/html
date
Mon, 05 Dec 2022 04:00:59 GMT
expires
Sun, 04 Dec 2022 04:00:59 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:D2890877A16842FBAB5E0498421370CE
server
openresty
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
ImgSync
image8.pubmatic.com/AdServer/ Frame 4400
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://sync.1rx.io/usersync2/pubmatic?zcc=1&cb=1670212858248
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=1827403459
  • https://sync.1rx.io/usersync/tradedesk/068165a1-9f84-469f-b0f4-06b7381834b8
  • https://sync.targeting.unrulymedia.com/csync/RX-41bfb3c0-28e7-4ac9-9b32-d4947a9f9983-004?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-41bfb3c0-28e7-4ac9-9b32-d4947a9f9983-004
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.197 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

date
Mon, 05 Dec 2022 04:01:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

cache-control
no-store, no-cache, private
date
Mon, 05 Dec 2022 04:01:00 GMT
location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
E0D49FB2-6484-443C-94BA-B894703FD7A2
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 4695
Redirect Chain
  • https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
  • https://cm.adgrx.com/bridge.gif?AG_PID=pubmatic&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=6ce4c71e-7451-11ed-bbbe-cf973f2c79ff
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:D2890877A16842FBAB5E0498421370CE
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://pr-bh.ybp.yahoo.com/sync/pubmatic/E0D49FB2-6484-443C-94BA-B894703FD7A2?gdpr=0&gdpr_consent=
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/E0D49FB2-6484-443C-94BA-B894703FD7A2?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.220.163.160 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-220-163-160.ap-southeast-1.compute.amazonaws.com
Software
ATS /
Resource Hash
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
0
content-length
43
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
content-type
image/gif
date
Mon, 05 Dec 2022 04:01:00 GMT
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
referrer-policy
strict-origin-when-cross-origin
server
ATS
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-frame-options
DENY

Redirect headers

content-length
126
content-type
text/html; charset=utf-8
date
Mon, 05 Dec 2022 04:00:59 GMT
location
https://pr-bh.ybp.yahoo.com/sync/pubmatic/E0D49FB2-6484-443C-94BA-B894703FD7A2?gdpr=0&gdpr_consent=
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
141
match.deepintent.com/usersync/ Frame 85C4 		0
44 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
c /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

content-length
0
date
Mon, 05 Dec 2022 04:00:58 GMT
server
c
i.match
s.tribalfusion.com/z/ Frame 3FF9
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...
43 B
412 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.25.173 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
7749e0bd7c903776-MEL
content-length
43
content-type
image/gif; charset=utf-8
date
Mon, 05 Dec 2022 04:00:58 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
302

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
7749e0bb98f13776-MEL
content-type
text/html
date
Mon, 05 Dec 2022 04:00:58 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
206
x-reuse-index
9785
cookiesync
core.iprom.net/ Frame 0786 		43 B
277 B 		Document
General
Check archive.org
Download Go to
Full URL
https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Connection
close
Content-Length
43
Content-Type
image/gif
Date
Mon, 05 Dec 2022 04:00:59 GMT
Vary
Accept-Encoding
X-adserver-worker
avatar-23c1dee199d3@version_1.531
X-core-time
1ms
X-server-arch
v2
Pug
simage2.pubmatic.com/AdServer/ Frame 50A9
Redirect Chain
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={viewer_token}&gdpr=0
0
93 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={viewer_token}&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.199.150.86 Los Angeles, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Mon, 05 Dec 2022 04:00:58 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
date
Mon, 05 Dec 2022 04:00:58 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={viewer_token}&gdpr=0
server
_
usermatchredir
ssum-sec.casalemedia.com/ Frame 2AD7
Redirect Chain
  • https://live.primis.tech/live/liveCS.php?source=external&advId=91&advUuid=5735DD26-16E9-40CB-8EFF-8A5983153CA5
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=1402230080&pcid=5735DD26-16E9-40CB-8EFF-8A5983153CA5
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1709765917%26mi%3D10%26csh%3D1402230080%26rnd%3D-1340626951&pcid=$UID
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=1709765917&mi=10&csh=1402230080&rnd=-1340626951&pcid=6665481102401954734
  • https://ssum-sec.casalemedia.com/usermatchredir?s=200547&cb=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D201339086%26mi%3D10%26csh%3D1402230080%3B1709...
43 B
836 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=200547&cb=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D201339086%26mi%3D10%26csh%3D1402230080%3B1709765917%26rnd%3D1409321288%26pcid%3D__UID__
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
7749e0c7f96417c9-MEL
content-length
43
content-type
image/gif
date
Mon, 05 Dec 2022 04:01:00 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qy8rRVk5XJIqLi3nt7LoJaWb9du1nOlnR1S2GUADl6zMQqbZ0KJn371EH0CEirlilGAMTcz2lJO5XB6R9jd0YYf1MBiwOJogDTpvJ05dXTpwOw29wVnCNnwUqEcEMLb7tAXdmbi4dZvQlQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
date
Mon, 05 Dec 2022 04:00:59 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://ssum-sec.casalemedia.com/usermatchredir?s=200547&cb=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D201339086%26mi%3D10%26csh%3D1402230080%3B1709765917%26rnd%3D1409321288%26pcid%3D__UID__
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
patent
https://www.almondnet.com/ip
pragma
no-cache
server
Apache-Coyote/1.1
via
1.1 0baa68530535d25b0fce15971fbb91e8.cloudfront.net (CloudFront)
x-amz-cf-id
zOAAJH9W35RPvGr8LvyNy8VSgzbQJNj_2QGCpCTU4x8erzUa3O27kA==
x-amz-cf-pop
SIN52-P1
x-cache
Miss from cloudfront
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 6B62
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=VzXdJhbpQMuO_4pZgxU8pQ%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Server
23.44.0.196 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-44-0-196.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 04:00:58 GMT
content-encoding
gzip
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
server
Apache/2.2.15 (CentOS)
etag
"1300708-3de4-5d6ef246ef4cf"
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=24021
accept-ranges
bytes
content-length
5549
expires
Mon, 05 Dec 2022 10:41:19 GMT

Redirect headers

pragma
no-cache
date
Mon, 05 Dec 2022 04:00:58 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
458249.gif
idsync.rlcdn.com/ Frame 6B62
Redirect Chain
  • https://idsync.rlcdn.com/420486.gif?partner_uid=5735DD26-16E9-40CB-8EFF-8A5983153CA5
  • https://idsync.rlcdn.com/1000.gif?memo=CIbVGRIwCiwIARCMowEaJDU3MzVERDI2LTE2RTktNDBDQi04RUZGLThBNTk4MzE1M0NBNRAAGg0I-tm1nAYSBQjoBxAAQgBKAA
  • https://pippio.com/api/sync?pid=5324&it=1&iv=181160e617ffde46af6591d0c49cb516234176405c4ddb3ed346b708a17f16a1791426b5417dce21&_=2
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlAxODExNjBlNjE3ZmZkZTQ2YWY2NTkxZDBjNDljYjUxNjIzNDE3NjQwNWM0ZGRiM2VkMzQ2YjcwOGExN2YxNmExNzkxNDI2YjU...
  • https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlAxODExNjBlNjE3ZmZkZTQ2YWY2NTkxZDBjNDljYjUxNjIzNDE3NjQwNWM0ZGRiM2VkMzQ2YjcwOGExN2YxNmExNzkxNDI2YjU0MTdkY2UyMRAAGgwI-9m1nAYSBAgCEABCAEoA&goog...
  • https://tags.rd.linksynergy.com/rcs?ns=lr&uid3=
  • https://idsync.rlcdn.com/458249.gif?partner_uid=f59e36ba-68cc-456c-af9a-d2ce6d2a44ad
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/458249.gif?partner_uid=f59e36ba-68cc-456c-af9a-d2ce6d2a44ad
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 04:01:00 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

location
https://idsync.rlcdn.com/458249.gif?partner_uid=f59e36ba-68cc-456c-af9a-d2ce6d2a44ad
date
Mon, 05 Dec 2022 04:01:00 GMT
via
1.1 google
x-samesite
secure
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
111
content-type
text/html; charset=utf-8
SPug
image4.pubmatic.com/AdServer/ Frame 6B62
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=af57638d-6cfa-4600-8909-94e1f1deb2d9
0
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=af57638d-6cfa-4600-8909-94e1f1deb2d9
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Server
103.231.98.195 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 04:00:58 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Mon, 05 Dec 2022 04:00:58 GMT
Server
MT3 180 1fd3e2d master hkg-pixel-x25 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=af57638d-6cfa-4600-8909-94e1f1deb2d9
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 05 Dec 2022 04:00:57 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame 6B62
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NTczNUREMjYtMTZFOS00MENCLThFRkYtOEE1OTgzMTUzQ0E1&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEIIUZvUHDUlIqYn_08wlweU&google_cver=1
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=1402230080&mi=10&csh=2023874098&rnd=1738078019&pcid=E0D49FB2-6484-443C-94BA-B894703FD7A2
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1709765917%26mi%3D10%26csh%3D2023874098%3B1402230080%26rnd%3D-895941051&pcid=...
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=1709765917&mi=10&csh=2023874098;1402230080&rnd=-895941051&pcid=6665481102401954734
  • https://ssum-sec.casalemedia.com/usermatchredir?s=200547&cb=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D201339086%26mi%3D10%26csh%3D2023874098%3B1402...
43 B
837 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=200547&cb=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D201339086%26mi%3D10%26csh%3D2023874098%3B1402230080%3B1709765917%26rnd%3D-1715534168%26pcid%3D__UID__
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Dec 2022 04:01:00 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pr8irup0BsaUwurnzqUvXt5GUItqimsIyjEOoXIb9zTyazlsvkY9gNSZeFO28VsGFJIbI1FcWMvB1CdiWH3YHv0nLAvVRS5OA2PTnrNbLwlq5X3lLXUAGieIKdioRwBIlNBEw2nHOZrSIg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
7749e0cbcef317c9-MEL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 05 Dec 2022 04:01:00 GMT
via
1.1 0baa68530535d25b0fce15971fbb91e8.cloudfront.net (CloudFront)
server
Apache-Coyote/1.1
x-amz-cf-pop
SIN52-P1
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=200547&cb=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D201339086%26mi%3D10%26csh%3D2023874098%3B1402230080%3B1709765917%26rnd%3D-1715534168%26pcid%3D__UID__
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
patent
https://www.almondnet.com/ip
content-length
43
x-amz-cf-id
m6giBsZVZlGF0PM_p--cxmyHv7KU_J_RTD5Sq_FpnhUFroFLeCd-pw==
expires
Thu, 01 Jan 1970 00:00:00 GMT
E0D49FB2-6484-443C-94BA-B894703FD7A2
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 6B62
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEIIUZvUHDUlIqYn_08wlweU&google_cver=1
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEIIUZvUHDUlIqYn_08wlweU&google_cver=1
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=068165a1-9f84-469f-b0f4-06b7381834b8&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://pr-bh.ybp.yahoo.com/sync/pubmatic/E0D49FB2-6484-443C-94BA-B894703FD7A2?gdpr=0&gdpr_consent=
43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/E0D49FB2-6484-443C-94BA-B894703FD7A2?gdpr=0&gdpr_consent=
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Server
52.220.163.160 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-220-163-160.ap-southeast-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 04:01:00 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43

Redirect headers

location
https://pr-bh.ybp.yahoo.com/sync/pubmatic/E0D49FB2-6484-443C-94BA-B894703FD7A2?gdpr=0&gdpr_consent=
date
Mon, 05 Dec 2022 04:00:59 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
126
content-type
text/html; charset=utf-8
usermatchredir
ssum-sec.casalemedia.com/ Frame 6B62
Redirect Chain
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:D2890877A16842FBAB5E0498421370CE
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEIIUZvUHDUlIqYn_08wlweU&google_cver=1
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=1402230080&mi=10&csh=2023874098&rnd=1738078019&pcid=E0D49FB2-6484-443C-94BA-B894703FD7A2
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1709765917%26mi%3D10%26csh%3D2023874098%3B1402230080%26rnd%3D-1813794918&pcid...
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=1709765917&mi=10&csh=2023874098;1402230080&rnd=-1813794918&pcid=6665481102401954734
  • https://ssum-sec.casalemedia.com/usermatchredir?s=200547&cb=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D201339086%26mi%3D10%26csh%3D2023874098%3B1402...
43 B
847 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=200547&cb=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D201339086%26mi%3D10%26csh%3D2023874098%3B1402230080%3B1709765917%26rnd%3D-1764298501%26pcid%3D__UID__
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Dec 2022 04:01:00 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JAozzRZJiYiWPg0T%2BFVHuFjkK6eIHFqVtwEdSSZ8KfO%2BdsydwdDK%2FRy4qxi8ZYE0IoBucGSD3qXIy7%2FkJHcOI71NkkIrAdgactFeHyFidho5mhKdR%2FiN5%2B4LJRd3ChBSW7%2B6p56aafLPmg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
7749e0cbff4117c9-MEL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 05 Dec 2022 04:01:00 GMT
via
1.1 0baa68530535d25b0fce15971fbb91e8.cloudfront.net (CloudFront)
server
Apache-Coyote/1.1
x-amz-cf-pop
SIN52-P1
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=200547&cb=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D201339086%26mi%3D10%26csh%3D2023874098%3B1402230080%3B1709765917%26rnd%3D-1764298501%26pcid%3D__UID__
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
patent
https://www.almondnet.com/ip
content-length
43
x-amz-cf-id
GCOj4vESEvwaMVtH2RDoOkc_ZCMv-lnnvK79YSi0v1GbV5iZre5EmQ==
expires
Thu, 01 Jan 1970 00:00:00 GMT
5735DD26-16E9-40CB-8EFF-8A5983153CA5
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 6B62 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/5735DD26-16E9-40CB-8EFF-8A5983153CA5?gdpr=0&gdpr_consent=
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.220.163.160 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-220-163-160.ap-southeast-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 04:00:58 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
usermatchredir
ssum-sec.casalemedia.com/ Frame 6B62
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=068165a1-9f84-469f-b0f4-06b7381834b8&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEIIUZvUHDUlIqYn_08wlweU&google_cver=1
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=1402230080&mi=10&csh=2023874098&rnd=1738078019&pcid=E0D49FB2-6484-443C-94BA-B894703FD7A2
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1709765917%26mi%3D10%26csh%3D2023874098%3B1402230080%26rnd%3D-223881882&pcid=...
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=1709765917&mi=10&csh=2023874098;1402230080&rnd=-223881882&pcid=6665481102401954734
  • https://ssum-sec.casalemedia.com/usermatchredir?s=200547&cb=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D201339086%26mi%3D10%26csh%3D2023874098%3B1402...
43 B
846 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=200547&cb=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D201339086%26mi%3D10%26csh%3D2023874098%3B1402230080%3B1709765917%26rnd%3D1412699242%26pcid%3D__UID__
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Dec 2022 04:01:01 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TiW1yWsjwnv6CVnFjXkzFQ%2Fas86Tt%2BHkoMQbjAv9RDD2fsvKhdbTuyRZt03I%2FxiIk36cjThVImBrotUX3D7UpLTqxz%2Fl%2BJ8rnTOVWYBvESp9zYd5hVGDyCZSW%2F0Fx45VKAOmQ7bemgqdtQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
7749e0cd694617c9-MEL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 05 Dec 2022 04:01:00 GMT
via
1.1 0baa68530535d25b0fce15971fbb91e8.cloudfront.net (CloudFront)
server
Apache-Coyote/1.1
x-amz-cf-pop
SIN52-P1
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=200547&cb=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D201339086%26mi%3D10%26csh%3D2023874098%3B1402230080%3B1709765917%26rnd%3D1412699242%26pcid%3D__UID__
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
patent
https://www.almondnet.com/ip
content-length
43
x-amz-cf-id
0D8nWHqMGMKk6QVTNPsf3lJSH2VwHLLNCghKcgG0_lmjaTEIYQldPQ==
expires
Thu, 01 Jan 1970 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame 6B62
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=5872975480053967565
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEIIUZvUHDUlIqYn_08wlweU&google_cver=1
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=1402230080&mi=10&csh=2023874098&rnd=1738078019&pcid=E0D49FB2-6484-443C-94BA-B894703FD7A2
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1709765917%26mi%3D10%26csh%3D2023874098%3B1402230080%26rnd%3D-1288352802&pcid...
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=1709765917&mi=10&csh=2023874098;1402230080&rnd=-1288352802&pcid=6665481102401954734
  • https://ssum-sec.casalemedia.com/usermatchredir?s=200547&cb=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D201339086%26mi%3D10%26csh%3D2023874098%3B1402...
43 B
850 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=200547&cb=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D201339086%26mi%3D10%26csh%3D2023874098%3B1402230080%3B1709765917%26rnd%3D604967299%26pcid%3D__UID__
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Dec 2022 04:01:01 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h%2FcwT3We6x%2Fq0cboTvETFk%2FzUeqzq%2Ba1vIkTIFyEqg2dYW6GkCPJ%2Bw%2B%2B1EI%2F9fzA4d4HExdcUX1c4QDyx8taF3A5Jb%2BLcjGvbfkCrG2N1ywTnMwaQOFcJXqDHQFK40z14msQMS6d6NEJXQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
7749e0ccf89017c9-MEL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 05 Dec 2022 04:01:00 GMT
via
1.1 0baa68530535d25b0fce15971fbb91e8.cloudfront.net (CloudFront)
server
Apache-Coyote/1.1
x-amz-cf-pop
SIN52-P1
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=200547&cb=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D201339086%26mi%3D10%26csh%3D2023874098%3B1402230080%3B1709765917%26rnd%3D604967299%26pcid%3D__UID__
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
patent
https://www.almondnet.com/ip
content-length
43
x-amz-cf-id
q1bVZ7zK5Lu3gKFAzBLTm3JL8zMzFG-3MylXy3-qd7KwK0tDnYd--A==
expires
Thu, 01 Jan 1970 00:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame 6B62
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=5735DD26-16E9-40CB-8EFF-8A5983153CA5&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-jXnKUURE2uWSfjsi6cGASSv4d3RgAY4-~A&gdpr=0&gdpr_consent=
0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-jXnKUURE2uWSfjsi6cGASSv4d3RgAY4-~A&gdpr=0&gdpr_consent=
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Server
103.231.98.195 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 04:00:58 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-jXnKUURE2uWSfjsi6cGASSv4d3RgAY4-~A&gdpr=0&gdpr_consent=
date
Mon, 05 Dec 2022 04:00:58 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Pug
simage2.pubmatic.com/AdServer/ Frame 6B62
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=029b5057-f717-47ce-a128-be417c5799c1&ssp=pubmatic
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=80b35f2d-fa1a-47da-9010-64e13e84dcaf&gdpr=&gdpr_consent=&gdpr_pd=
1 B
165 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=80b35f2d-fa1a-47da-9010-64e13e84dcaf&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Server
67.199.150.86 Los Angeles, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Mon, 05 Dec 2022 04:00:59 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=80b35f2d-fa1a-47da-9010-64e13e84dcaf&gdpr=&gdpr_consent=&gdpr_pd=
Date
Mon, 05 Dec 2022 04:00:59 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
Pug
simage2.pubmatic.com/AdServer/ Frame 6B62
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3034912127337643283&gdpr=0&gdpr_consent=&us_privacy=
1 B
176 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3034912127337643283&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Server
67.199.150.86 Los Angeles, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Mon, 05 Dec 2022 04:00:58 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3034912127337643283&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Mon, 05 Dec 2022 04:00:58 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Pug
simage2.pubmatic.com/AdServer/ Frame 6B62
Redirect Chain
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=5735DD26-16E9-40CB-8EFF-8A5983153CA5&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AQELAC3sQDkNZwIIf0aaAQEBAQE&expiration=1670299258&nuid=5735DD26-16E9-40CB-8EFF-8A5983153CA5&...
42 B
267 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AQELAC3sQDkNZwIIf0aaAQEBAQE&expiration=1670299258&nuid=5735DD26-16E9-40CB-8EFF-8A5983153CA5&gdpr_consent=&gdpr=0
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Server
67.199.150.86 Los Angeles, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Mon, 05 Dec 2022 04:00:58 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 05 Dec 2022 04:00:58 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AQELAC3sQDkNZwIIf0aaAQEBAQE&expiration=1670299258&nuid=5735DD26-16E9-40CB-8EFF-8A5983153CA5&gdpr_consent=&gdpr=0
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
Pug
simage2.pubmatic.com/AdServer/ Frame 6B62
Redirect Chain
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=6665481102401954734
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=6665481102401954734
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Server
67.199.150.86 Los Angeles, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Mon, 05 Dec 2022 04:00:57 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Mon, 05 Dec 2022 04:00:58 GMT
AN-X-Request-Uuid
3fb4e114-95d3-4b56-8c39-4dbef318227b
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=6665481102401954734
Connection
keep-alive
X-Proxy-Origin
103.209.254.83; 103.209.254.83; 900.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
ecm3
s.amazon-adsystem.com/ Frame 757D
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=a9us&gdpr=0&gdpr=0&us_privacy=1---&khaos=LBA9LY0O-6-E4O5
  • https://s.amazon-adsystem.com/ecm3?id=LBA9LY0O-6-E4O5&ex=d-rubiconproject.com&status=ok&gdpr=0&us_privacy=1---
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=LBA9LY0O-6-E4O5&ex=d-rubiconproject.com&status=ok&gdpr=0&us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east&gdpr=0
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 05 Dec 2022 04:00:59 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
TFFTTRF1V4YWSMG9F9G5
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://s.amazon-adsystem.com/ecm3?id=LBA9LY0O-6-E4O5&ex=d-rubiconproject.com&status=ok&gdpr=0&us_privacy=1---
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
d3682eda7e5cb79782b1d5475f50e8fc
Expires
0
activeview
pagead2.googlesyndication.com/pcs/ Frame A0B7 		42 B
166 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssDMmV2fbhIQnZeIdVLLPEomB6MOZiwAph8z2M8LirmioTKCYHbDJGwJ4zYoF3LeZMgxP3cQWF_tVHzjlTLhwBnDNVleWJqgQ-JEuOaRB6wkHnDp0oGZaoItAnTyq_hdvGitTA&sai=AMfl-YT-wCn9_15NEByhA0qPRJhX0W_9DTd_ko8Tgx9pNcX9-CDTbi1-SdQsBRkIQAqaj7G9wHNqwnartOZ8jwquvFxYg4MsGDAHBqUIOiGkLYxiKoyLid0vlg4Eu67g3Q&sig=Cg0ArKJSzIpQMREFlbwuEAE&cid=CAQSOwDq26N9H0wT5ceVPoDx37mVXebNSVFrLzCgBZjnzfw81joLxKhgzDXDXc0gLPdVv0JuBjkjXrvwdQPjGAEgEw&id=lidar2&mcvt=1000&p=1030,1049,1280,1349&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&v=20221130&bin=7&avms=nio&bs=0,0&mc=0.68&if=1&vu=1&app=0&itpl=20&adk=3702255727&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1670212855313&rpt=1594&isd=0&lsd=0&met=ce&wmsd=0&pbe=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f156.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://a6877dcf690d5719671ec6745f20d2cd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Dec 2022 04:00:58 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ecm3
s.amazon-adsystem.com/ Frame 757D
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0&us_privacy=1---
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=8-ni5WZXQs2aP-aytsmJew&rk=usync-na&gdpr=0
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=8-ni5WZXQs2aP-aytsmJew&gdpr=0
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=8-ni5WZXQs2aP-aytsmJew&gdpr=0
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east&gdpr=0
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 05 Dec 2022 04:00:59 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
8YV4ZZ7E7E7J8B3Y7206
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=8-ni5WZXQs2aP-aytsmJew&gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
d335433bbbe0efeac67146df47932f6f
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
setuid
px.ads.linkedin.com/ Frame 757D
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584&gdpr=0&us_privacy=1---
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LBA9LY0O-6-E4O5&gdpr=0&us_privacy=1---
0
574 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LBA9LY0O-6-E4O5&gdpr=0&us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east&gdpr=0
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 04:00:59 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 8B9E08A2750F4E46854BD94CECA50FB4 Ref B: MEL01EDGE0807 Ref C: 2022-12-05T04:00:59Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAXvDLwqhQxgFoFBzhYHCw==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LBA9LY0O-6-E4O5&gdpr=0&us_privacy=1---
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
dedf7fc216a5bbc739a54325e875a79f
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 757D
Redirect Chain
  • https://match.adsrvr.org/track/cmf/rubicon?gdpr=0&us_privacy=1---
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=068165a1-9f84-469f-b0f4-06b7381834b8&gdpr=0&gdpr_consent=&expires=30
42 B
688 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=068165a1-9f84-469f-b0f4-06b7381834b8&gdpr=0&gdpr_consent=&expires=30
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east&gdpr=0
Protocol
HTTP/1.1
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
550b0c1400f70e56269f7c1848fb3166
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Mon, 05 Dec 2022 04:00:58 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=068165a1-9f84-469f-b0f4-06b7381834b8&gdpr=0&gdpr_consent=&expires=30
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
289
tap.php
pixel.rubiconproject.com/ Frame 757D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr=0&us_privacy=1---
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESELftpVW2u1JHsUiyvWoChK0&google_cver=1
42 B
688 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESELftpVW2u1JHsUiyvWoChK0&google_cver=1
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east&gdpr=0
Protocol
HTTP/1.1
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
6690dc791bf02dde8c4051a04cfd7bb8
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Mon, 05 Dec 2022 04:00:58 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESELftpVW2u1JHsUiyvWoChK0&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
337
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 757D
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470&gdpr=0&us_privacy=1---
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEJBOUxZME8tNi1FNE81&gdpr=0&us_privacy=1---
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEJBOUxZME8tNi1FNE81&gdpr=0&us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east&gdpr=0
Protocol
H3
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Dec 2022 04:00:58 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEJBOUxZME8tNi1FNE81&gdpr=0&us_privacy=1---
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
d335433bbbe0efeac67146df47932f6f
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 757D
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=0&us_privacy=1---
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/ciJ83_Bh4G9NKcFDGLMQBA?csrc=&gdpr=0&us_privacy=1---
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-1ZBPcCtE2oJLOcocx5JFiyQsbJBlVRD8ygqdnQ--~A
42 B
708 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-1ZBPcCtE2oJLOcocx5JFiyQsbJBlVRD8ygqdnQ--~A
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east&gdpr=0
Protocol
HTTP/1.1
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
38ddff6a66d3988dfd0c6ea3be81c5f1
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Mon, 05 Dec 2022 04:00:58 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-1ZBPcCtE2oJLOcocx5JFiyQsbJBlVRD8ygqdnQ--~A
content-length
0
dcm
aax-eu.amazon-adsystem.com/s/ Frame 757D 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0&us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.239.33.159 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 05 Dec 2022 04:00:59 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
ZWM181FR4Y6SBZ6DZQXT
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 757D
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=0&us_privacy=1---
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NzkyOTRjMmI4ZmY5MGE5ZjYyYTIzNTljZWQ3ZDdlZDlkMDYyZWE0ZQ&gdpr=0&us_privacy=1---
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NzkyOTRjMmI4ZmY5MGE5ZjYyYTIzNTljZWQ3ZDdlZDlkMDYyZWE0ZQ&gdpr=0&us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east&gdpr=0
Protocol
H3
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Dec 2022 04:00:58 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NzkyOTRjMmI4ZmY5MGE5ZjYyYTIzNTljZWQ3ZDdlZDlkMDYyZWE0ZQ&gdpr=0&us_privacy=1---
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
d335433bbbe0efeac67146df47932f6f
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
DcmEnabler_01_247.js
s0.2mdn.net/879366/ Frame B167 		29 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/DcmEnabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/9644752/1669691643177/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f148.1e100.net
Software
sffe /
Resource Hash
467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/9644752/1669691643177/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 08:46:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
69258
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10136
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 05 Dec 2022 08:46:40 GMT
DcmEnabler_01_247.js
s0.2mdn.net/879366/ Frame 42FC 		29 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/DcmEnabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/9644752/1669691686695/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f148.1e100.net
Software
sffe /
Resource Hash
467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/9644752/1669691686695/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 08:46:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
69258
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10136
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 05 Dec 2022 08:46:40 GMT
usync.js
eus.rubiconproject.com/ Frame F25D 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.15.148.136 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-15-148-136.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
4b49f9df6833f612c5bf19b77f27c01ff259fca7994c2cd150ce04f86bd32642

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date
Mon, 05 Dec 2022 04:00:58 GMT
Content-Encoding
gzip
Last-Modified
Sun, 04 Dec 2022 13:02:35 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=32455
Connection
keep-alive
Content-Length
10067
Expires
Mon, 05 Dec 2022 13:01:53 GMT
showad.js
ads.pubmatic.com/AdServer/js/ Frame 1A5A 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.44.0.196 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-44-0-196.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d073fb4f4eec190af7bf7282c4fecca1001c25616f87f23d5aaa8dbe16d37e2d

Request headers

Referer
https://wegotthiscovered.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=42182
content-encoding
gzip
content-length
13946
content-type
text/html
date
Mon, 05 Dec 2022 04:00:58 GMT
expires
Mon, 05 Dec 2022 15:44:00 GMT
last-modified
Tue, 05 Jul 2022 05:32:20 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
iframe
sync.teads.tv/ Frame 010B 		153 B
314 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.teads.tv/iframe?gdprIab=%7B%22status%22%3A0%7D
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.199.246.27 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-199-246-27.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.9 /
Resource Hash
716a727e47216ad28191f60fb09d59015b1bcb3df8cc32b5bb94f73d534a5732

Request headers

Referer
https://wegotthiscovered.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store
content-length
153
content-type
text/html; charset=UTF-8
date
Mon, 05 Dec 2022 04:00:58 GMT
expires
Mon, 05 Dec 2022 04:00:58 GMT
pragma
no-cache
server
akka-http/10.2.9
async_usersync.html
acdn.adnxs.com/dmp/ Frame ED71 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://wegotthiscovered.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
84568
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Mon, 05 Dec 2022 04:00:58 GMT
ETag
W/"623de86a-cf34"
Expires
Fri, 02 Dec 2022 04:31:25 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
50, 76801
X-Served-By
cache-lga13626-LGA, cache-mel11255-MEL
X-Timer
S1670212859.571112,VS0,VE0
usync.html
eus.rubiconproject.com/ Frame D644 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?gdpr_consent=undefined
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.15.148.136 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-15-148-136.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://wegotthiscovered.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 05 Dec 2022 04:00:58 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 99D8 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://wegotthiscovered.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
84568
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Mon, 05 Dec 2022 04:00:58 GMT
ETag
W/"623de86a-cf34"
Expires
Fri, 02 Dec 2022 04:31:25 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
50, 74428
X-Served-By
cache-lga13626-LGA, cache-mel11270-MEL
X-Timer
S1670212859.571151,VS0,VE0
null
s0.2mdn.net/9644752/1669691643177/ Frame B167 		43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/9644752/1669691643177/null
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/9644752/1669691643177/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f148.1e100.net
Software
sffe /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/9644752/1669691643177/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 04:01:00 GMT
x-content-type-options
nosniff
server
sffe
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=900
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
x-xss-protection
0
expires
Mon, 05 Dec 2022 04:16:00 GMT
JBR_Summer_T2_Product_2_BU_MasterDisplay-300x250.gif
s0.2mdn.net/9644752/1669691643177/ Frame B167 		116 KB
116 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/9644752/1669691643177/JBR_Summer_T2_Product_2_BU_MasterDisplay-300x250.gif
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/9644752/1669691643177/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f148.1e100.net
Software
sffe /
Resource Hash
f27701d979b8cd28406c38e9072bf869172608e24469936dcb15ed7650ba8f18
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/9644752/1669691643177/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 02:37:08 GMT
x-content-type-options
nosniff
age
5030
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119122
x-xss-protection
0
last-modified
Tue, 29 Nov 2022 03:14:03 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 06 Dec 2022 02:37:08 GMT
truncated
/ Frame B167 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type
image/gif
usersync
usersync.gumgum.com/ Frame F25D
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&gdpr_consent=undefined&gdpr=0&us_privacy=1---&khaos=LBA9LY0O-6-E4O5
  • https://usersync.gumgum.com/usersync?b=mag&i=LBA9LY0O-6-E4O5&gdpr=0&gdpr_consent=undefined&us_privacy=1---
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=mag&i=LBA9LY0O-6-E4O5&gdpr=0&gdpr_consent=undefined&us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Server
54.238.120.71 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-238-120-71.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 05 Dec 2022 04:00:58 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://usersync.gumgum.com/usersync?b=mag&i=LBA9LY0O-6-E4O5&gdpr=0&gdpr_consent=undefined&us_privacy=1---
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
548ddf114c6f6bfbb66a4cdeb6a219f4
Expires
0
null
s0.2mdn.net/9644752/1669691686695/ Frame 42FC 		43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/9644752/1669691686695/null
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/9644752/1669691686695/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f148.1e100.net
Software
sffe /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/9644752/1669691686695/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 04:00:58 GMT
x-content-type-options
nosniff
server
sffe
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=900
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
x-xss-protection
0
expires
Mon, 05 Dec 2022 04:15:58 GMT
collect
analytics.google.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-VRDHJCSX1H&gtm=2oebu0&_p=733302740&cid=981839477.1670212853&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1670212853&sct=1&seg=0&dl=https%3A%2F%2Fwegotthiscovered.com%2F&dt=Movie%20News%2C%20Gaming%20News%2C%20Blu-Ray%20News%2C%20Music%20News%2C%20and%20TV%20News%20%7C%20We%20Got%20This%20Covered&en=Allowed&_ee=1&ep.event_category=Ad%20Block&ep.non_interaction=true&_et=3
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VRDHJCSX1H&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.239.36.181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Dec 2022 04:00:58 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://wegotthiscovered.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame D644 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr_consent=undefined
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.15.148.136 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-15-148-136.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
4b49f9df6833f612c5bf19b77f27c01ff259fca7994c2cd150ce04f86bd32642

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?gdpr_consent=undefined
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date
Mon, 05 Dec 2022 04:00:58 GMT
Content-Encoding
gzip
Last-Modified
Sun, 04 Dec 2022 13:02:35 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=32455
Connection
keep-alive
Content-Length
10067
Expires
Mon, 05 Dec 2022 13:01:53 GMT
async_usersync
ib.adnxs.com/ Frame ED71 		0
745 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.151.36 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
897.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 05 Dec 2022 04:00:58 GMT
AN-X-Request-Uuid
63d74596-9bef-42de-875d-c1e1340ecd1e
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
103.209.254.83; 103.209.254.83; 897.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 99D8 		0
745 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.151.36 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
897.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 05 Dec 2022 04:00:58 GMT
AN-X-Request-Uuid
67f4beeb-cd5b-468b-9c73-48ab9bfdb203
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
103.209.254.83; 103.209.254.83; 897.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 17B9 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsstVtyFvlUdD8C1lWvxb2h5sr5noh5e91ShP2Za_nUSotn3x0cLb0vGPDpvrAeTQqhQCztyg22oSVp7cEYRRuwuWeQ3Uboz9CKgZefmXKx9T4OYNmyMASB741P5fiiFvzgsoWfdGJKoFEEYpJ3mpt9ZcJZixe9dmW3dMIP6LXGiuxfPBv8QnMfpXZtTvSdxgTJLl0xYQ-MSqgAMowiYOtBMLnOrXx6bAtKW9aBbx5vR4mtk2Y8ZIRt9HYwEubd2jBF54Rfww_LMZacOTnrcWh5giLXFNnA9eaev6QlCjEX6S-T73oJhe9Y37CzYiNvnTFZ6YbXaPqw7IWc8kZnHPSQiF7f7TqbdxMOZ4MMYYu0x819n9dF9XcavXEERswMNbAA6v-dUUgCtG6fSIp7aSU-pxuWVfbLuU88pzD6x4JA4Z1VcTI9b2c_l7PvTo_btaP68nwdLe2ljAlKHK9rkK5c4ECeZhhIOxpbragYSxV4GYZemQYeBTZe5DdfOT1SjLhThCLuHMfLb0BfCMgPn8FVOlSVBrkd3xdpg_VYh3Vf21IAkZDgjv1NoHUCwQBYQVT-yEqBVZgtnpINLfFvBG-Qq6TSqWkjUJyYhlKr5YPMfPejXotVIXRlPqnt3QM7_HmuG7_WwGnB8jT8p0ZV5a4C5PTipX0RbvoRwfrYcd7GEFXHOW4NcUv6H6BnB40Lk02EnsOsuDHjM3s7sapaHAu6FnYAQTid9YuH_EiWGk_9Hn8igtmXG_AH69i10ar_SHIKvWfiUcxc9417LHqUQtibubXms-L_javrM9ymsABhZaklLlxZLYm8l_HZXLaG6acv0gkVvHVgcSbS-T1uEgNZGsv3_ZxPH1BqdelzL_Pt1OQnpv6ZTCdKn9bhG64lh2KRpGSVhTlXL5kvuBTFn5xmFxWVRa9oXSo8m_aXUSCt_g3W1yBklT0OkDlDWIJoytpXQedjWyUSY589dEjquJ7v4yAw4s1ri0cAVtdUK4b3xv_uOfgy84TnbbOrSiVB0xgsPyIcvQcth_v-qUGG0ih8aiMeYTEvCNmjpZBHoWRnB_yAkDgEJUsBUWpTnvcbZEZNbqLeIhrTrrda4R5Ey_cTNAI1MHp4ms-EetNeNTA18wjMFsqqEGxaBQ5xwhjWDPJeJGL61Pis-a4_jB3VepZflHj4bwoVWbWrfJVBxQ17-I2qqhBbD8Z1wi9hNo-dsvSvJGRVydIuhviAvImm5Czq6fjqonRsbK7bEZ5T0H4qKIU52qEx1cjXUU9D1KFJiBaUuGceehlXwqOacPA8xG94KFoQVxHzREUF0ePLlSfPMWwID5DJ38dpHwT6UcK1w9Y7c29V6VQ&sai=AMfl-YSANpABxP92KaES31QIxZCEZH3YN_9FoglrqZfXTPI9Rw2GU9gfRqDuZNcX_BkF6dQUeMmyXedshUV0RIwucBpoHZmmEfRixemm_4djW2vJ-YvBsH9JpV1V8bHNXWr1Xf73qQwhOoKXka0uBaxQ5pQVfDJDlO6YUYxXzSXAVGd7KNmqr0RTWidDLGpimcIjTfatvLRwvm44FQ_jn7YV1IJ0TIb4lDXSKVuBgxmBgbxdMo_hPSm-pcpK7-68m5oM4O85YJ3FZqWaC6zEt-ksSPe0oMy2T5pljf6Q1w&sig=Cg0ArKJSzMpSEVG1xXbrEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2676&vt=11&dtpt=1531&dett=3&cstd=1143&cisv=r20221110.75556&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f156.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://a6877dcf690d5719671ec6745f20d2cd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 04:00:59 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Mon, 05 Dec 2022 04:00:59 GMT
prebid
id5-sync.com/api/config/ Frame 2D39 		135 B
549 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/config/prebid
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_4.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.116 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533567.ip-162-19-138.eu
Software
/
Resource Hash
25359cb3d49c2e00cb2e97f95643ee30748d54c33daa11c9c6fb0d2b519dfffa
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://wegotthiscovered.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://wegotthiscovered.com
date
Mon, 05 Dec 2022 04:00:59 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
rid
match.adsrvr.org/track/ Frame 2D39 		108 B
721 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=j6w8ta9&fmt=json
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_4.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
468423172426fd9cc2a135eb9a3884643f6307cd4a856955f87a1598d0aa36be

Request headers

Referer
https://wegotthiscovered.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 05 Dec 2022 04:00:59 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://wegotthiscovered.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
108
expires
Wed, 04 Jan 2023 04:00:59 GMT
pd
u.openx.net/w/1.0/ Frame 9DB8 		533 B
342 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd?us_privacy=1---
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_4.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4a45af047847df5b4c2d559429e9bbcb54785ae47f3f8e0124f3f96cc88d235a

Request headers

Referer
https://wegotthiscovered.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
323
content-type
text/html
date
Mon, 05 Dec 2022 04:00:59 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 4112 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156595&us_privacy=1---
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_4.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.44.0.196 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-44-0-196.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://wegotthiscovered.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=24020
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Mon, 05 Dec 2022 04:00:59 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Mon, 05 Dec 2022 10:41:19 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame A72F 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?us_privacy=1---
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_4.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.15.148.136 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-15-148-136.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://wegotthiscovered.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 05 Dec 2022 04:00:59 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
sd
us-u.openx.net/w/1.0/ Frame 9DB8
Redirect Chain
  • https://ad.turn.com/r/cs?pid=9&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=3034912127337643283&gdpr=0&gdpr_consent=&us_privacy=
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073061&val=3034912127337643283&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd?us_privacy=1---
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Dec 2022 04:00:59 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537073061&val=3034912127337643283&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Mon, 05 Dec 2022 04:00:59 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
sd
us-u.openx.net/w/1.0/ Frame 9DB8
Redirect Chain
  • https://match.adsrvr.org/track/cmf/openx?oxid=5150bfe1-274a-7b38-eb5f-7149df9b1599&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=068165a1-9f84-469f-b0f4-06b7381834b8&ttd_puid=5150bfe1-274a-7b38-eb5f-7149df9b1599&gdpr=0&gdpr_consent=
43 B
62 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072971&val=068165a1-9f84-469f-b0f4-06b7381834b8&ttd_puid=5150bfe1-274a-7b38-eb5f-7149df9b1599&gdpr=0&gdpr_consent=
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd?us_privacy=1---
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Dec 2022 04:00:59 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 05 Dec 2022 04:00:59 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072971&val=068165a1-9f84-469f-b0f4-06b7381834b8&ttd_puid=5150bfe1-274a-7b38-eb5f-7149df9b1599&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
335
sd
jp-u.openx.net/w/1.0/ Frame 9DB8
Redirect Chain
  • https://tg.socdm.com/rtb/sync_before?proto=openx
  • https://jp-u.openx.net/w/1.0/sd?id=537072335&val=Y41s.cCo8X4AADb2cVwAAAAA
43 B
114 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jp-u.openx.net/w/1.0/sd?id=537072335&val=Y41s.cCo8X4AADb2cVwAAAAA
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd?us_privacy=1---
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Dec 2022 04:00:59 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Mon, 05 Dec 2022 04:00:59 GMT
X-SO-LB-Data
{"ban":false,"clean_query":"\/rtb\/sync_before?proto=openx","cluster_id":0,"gdpr":false,"ipv4":"103.209.254.83","key":"Y41s.cCo8X4AADb2cVwAAAAA","privacy_sensitive":false,"uid":"Y41s.cCo8X4AADb2cVwAAAAA","upstream_id":"m-ad357"}
X-SO-Key
Y41s.cCo8X4AADb2cVwAAAAA
X-SO-Upstream-ID
m-ad357
P3P
CP="See also http://www.scaleout.jp/privacy/"
X-SO-HostName
m-ad357.dc4p.scaleout.jp
X-SO-UID
Y41s.cCo8X4AADb2cVwAAAAA
Connection
keep-alive
Content-Length
0
X-SO-IP
103.209.254.83
X-SO-Cluster-ID
0
Server
nginx
Location
https://jp-u.openx.net/w/1.0/sd?id=537072335&val=Y41s.cCo8X4AADb2cVwAAAAA
Cache-Control
private
X-SO-Ads-Time
4
X-SO-LB-Hostname
m-tgng26.dc4p.scaleout.jp
sd
jp-u.openx.net/w/1.0/ Frame 9DB8
Redirect Chain
  • https://cr-p3.ladsp.com/cookiesender/3
  • https://cr-p3.ladsp.com/cookiesender/3?cr=true
  • https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AYXO1Q6PrhK5ks8ADxwUw6ALE88AAAGE4HG5uA
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AYXO1Q6PrhK5ks8ADxwUw6ALE88AAAGE4HG5uA
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd?us_privacy=1---
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Dec 2022 04:01:00 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 05 Dec 2022 04:01:00 GMT
via
1.1 e25f1b4aa5076f3a6a2551c87259c664.cloudfront.net (CloudFront)
server
Logicad
x-amz-cf-pop
SIN2-P2
x-cache
Miss from cloudfront
p3p
CP="NOI DEVo TAIo PSAo PSDo OUR IND UNI NAV", policyref="http://cd.ladsp.com/xml/w3c/p3p.xml"
location
https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AYXO1Q6PrhK5ks8ADxwUw6ALE88AAAGE4HG5uA
cache-control
no-cache
content-length
0
x-amz-cf-id
td_bIL_g9cEq97qWlEVgNV4sABqQamTczzgGyBjEmbUvP5LlniZ-NA==
expires
-1
pixel
cm.g.doubleclick.net/ Frame 9DB8 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=N2QzZjZjMmItZWUzZC0yNTljLWZlYmYtMmJmMDE1NzlkYmY5
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd?us_privacy=1---
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Dec 2022 04:00:59 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 9DB8
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEN6Zezun9gVRIAzzmuzTOzY&google_cver=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEN6Zezun9gVRIAzzmuzTOzY&google_cver=1
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd?us_privacy=1---
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Dec 2022 04:00:59 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 05 Dec 2022 04:00:59 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEN6Zezun9gVRIAzzmuzTOzY&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame A72F 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.15.148.136 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-15-148-136.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
4b49f9df6833f612c5bf19b77f27c01ff259fca7994c2cd150ce04f86bd32642

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?us_privacy=1---
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date
Mon, 05 Dec 2022 04:00:59 GMT
Content-Encoding
gzip
Last-Modified
Sun, 04 Dec 2022 13:02:35 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=32454
Connection
keep-alive
Content-Length
10067
Expires
Mon, 05 Dec 2022 13:01:53 GMT
sync
eb2.3lift.com/ Frame 7F72 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.2.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
98ed071e2805943a367ebcf6a33f6d149302f6a85826fae511ed186a327d14dc

Request headers

Referer
https://wegotthiscovered.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
1148
content-type
text/html; charset=utf-8
date
Mon, 05 Dec 2022 04:00:59 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
v2
de.tynt.com/deb/ Frame C43A
Redirect Chain
  • https://de.tynt.com/deb/v2?m=xch&rt=html&id=ahOcs-0hSr66bCaKj0P0Le&gdpr_consent=undefined&us_privacy=undefined
  • https://de.tynt.com/deb/v2?m=xch&rt=html&id=ahOcs-0hSr66bCaKj0P0Le&gdpr_consent=undefined&us_privacy=undefined&b=1
2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://de.tynt.com/deb/v2?m=xch&rt=html&id=ahOcs-0hSr66bCaKj0P0Le&gdpr_consent=undefined&us_privacy=undefined&b=1
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.31 Palos Park, United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip31.67-202-105.static.steadfastdns.net
Software
/
Resource Hash
9289277b42ee181b69efc8a03cc708fb2dfdaa4bfc4f71dcc15b86fe3cc75232

Request headers

Referer
https://wegotthiscovered.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-length
1932
content-type
text/html
date
Mon, 05 Dec 2022 04:01:00 GMT
expires
Sat, 26 Jul 1997 05:00:00 GMT
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
referrer-policy
unsafe-url

Redirect headers

accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-length
0
date
Mon, 05 Dec 2022 04:01:00 GMT
expires
Sat, 26 Jul 1997 05:00:00 GMT
location
https://de.tynt.com/deb/v2?m=xch&rt=html&id=ahOcs-0hSr66bCaKj0P0Le&gdpr_consent=undefined&us_privacy=undefined&b=1
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
referrer-policy
unsafe-url
v2
de.tynt.com/deb/ Frame A36D
Redirect Chain
  • https://de.tynt.com/deb/v2?m=xch&rt=html&id=avU6sM0hSr66bCaKj0P0Le&gdpr_consent=undefined&us_privacy=undefined
  • https://de.tynt.com/deb/v2?m=xch&rt=html&id=avU6sM0hSr66bCaKj0P0Le&gdpr_consent=undefined&us_privacy=undefined&b=1
2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://de.tynt.com/deb/v2?m=xch&rt=html&id=avU6sM0hSr66bCaKj0P0Le&gdpr_consent=undefined&us_privacy=undefined&b=1
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.31 Palos Park, United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip31.67-202-105.static.steadfastdns.net
Software
/
Resource Hash
9289277b42ee181b69efc8a03cc708fb2dfdaa4bfc4f71dcc15b86fe3cc75232

Request headers

Referer
https://wegotthiscovered.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-length
1932
content-type
text/html
date
Mon, 05 Dec 2022 04:01:00 GMT
expires
Sat, 26 Jul 1997 05:00:00 GMT
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
referrer-policy
unsafe-url

Redirect headers

accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-length
0
date
Mon, 05 Dec 2022 04:01:00 GMT
expires
Sat, 26 Jul 1997 05:00:00 GMT
location
https://de.tynt.com/deb/v2?m=xch&rt=html&id=avU6sM0hSr66bCaKj0P0Le&gdpr_consent=undefined&us_privacy=undefined&b=1
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
referrer-policy
unsafe-url
pd
jp-u.openx.net/w/1.0/ Frame EC49 		943 B
837 B 		Document
General
Check archive.org
Download Go to
Full URL
https://jp-u.openx.net/w/1.0/pd?plm=10&ph=d7066e05-92d3-4e83-b4f2-cbee552a2f6b&gdpr=0?gdpr=0&gdpr_consent=
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
abb8322d7925bd93762b2c727c44798125772949ce01bd3328e87124e7dabd5c

Request headers

Referer
https://wegotthiscovered.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
499
content-type
text/html
date
Mon, 05 Dec 2022 04:00:59 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
timing-allow-origin
*
vary
Accept, Accept-Encoding
via
1.1 google
v2
de.tynt.com/deb/ Frame 1BDC
Redirect Chain
  • https://de.tynt.com/deb/v2?m=xch&rt=html&id=ampQeC0hSr66bCaKj0P0Le&gdpr_consent=undefined&us_privacy=undefined
  • https://de.tynt.com/deb/v2?m=xch&rt=html&id=ampQeC0hSr66bCaKj0P0Le&gdpr_consent=undefined&us_privacy=undefined&b=1
2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://de.tynt.com/deb/v2?m=xch&rt=html&id=ampQeC0hSr66bCaKj0P0Le&gdpr_consent=undefined&us_privacy=undefined&b=1
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.31 Palos Park, United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip31.67-202-105.static.steadfastdns.net
Software
/
Resource Hash
9289277b42ee181b69efc8a03cc708fb2dfdaa4bfc4f71dcc15b86fe3cc75232

Request headers

Referer
https://wegotthiscovered.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-length
1932
content-type
text/html
date
Mon, 05 Dec 2022 04:01:00 GMT
expires
Sat, 26 Jul 1997 05:00:00 GMT
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
referrer-policy
unsafe-url

Redirect headers

accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-length
0
date
Mon, 05 Dec 2022 04:01:00 GMT
expires
Sat, 26 Jul 1997 05:00:00 GMT
location
https://de.tynt.com/deb/v2?m=xch&rt=html&id=ampQeC0hSr66bCaKj0P0Le&gdpr_consent=undefined&us_privacy=undefined&b=1
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
referrer-policy
unsafe-url
SPug
simage4.pubmatic.com/AdServer/ Frame 6B62 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=159196&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.195 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 04:01:00 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
sd
us-u.openx.net/w/1.0/ Frame EC49
Redirect Chain
  • https://i.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
  • https://us-u.openx.net/w/1.0/sd?id=537072979&val=cdLMNgQe1P22F45
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072979&val=cdLMNgQe1P22F45
Requested by
Host: jp-u.openx.net
URL: https://jp-u.openx.net/w/1.0/pd?plm=10&ph=d7066e05-92d3-4e83-b4f2-cbee552a2f6b&gdpr=0?gdpr=0&gdpr_consent=
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://jp-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Dec 2022 04:01:00 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 05 Dec 2022 04:00:59 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/595ea14#595ea1444a96c0bdac4aa333a73d7028cf966fc7 i-0d347ca036a683313@ap-southeast-1b@dxedge-app-ap-southeast-1-prod-asg
Location
https://us-u.openx.net/w/1.0/sd?id=537072979&val=cdLMNgQe1P22F45
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame EC49
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=Y41s_gAAAZViBgAp
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537148856&val=Y41s_gAAAZViBgAp
Requested by
Host: jp-u.openx.net
URL: https://jp-u.openx.net/w/1.0/pd?plm=10&ph=d7066e05-92d3-4e83-b4f2-cbee552a2f6b&gdpr=0?gdpr=0&gdpr_consent=
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://jp-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Dec 2022 04:01:00 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

x-served-by
cache-mel11220-MEL
pragma
no-cache
date
Mon, 05 Dec 2022 04:01:00 GMT
via
1.1 varnish
server
Varnish
x-timer
S1670212860.077286,VS0,VE0
x-cache
HIT
location
https://us-u.openx.net/w/1.0/sd?id=537148856&val=Y41s_gAAAZViBgAp
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
openx
tr.blismedia.com/v1/api/sync/ Frame EC49 		0
174 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.blismedia.com/v1/api/sync/openx
Requested by
Host: jp-u.openx.net
URL: https://jp-u.openx.net/w/1.0/pd?plm=10&ph=d7066e05-92d3-4e83-b4f2-cbee552a2f6b&gdpr=0?gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.105.96.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://jp-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 04:01:00 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
sd
jp-u.openx.net/w/1.0/ Frame EC49
Redirect Chain
  • https://bk.r-ad.ne.jp/3/cs
  • https://jp-u.openx.net/w/1.0/sd?id=537097918&val=51n41001FBDGa007vg7D
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jp-u.openx.net/w/1.0/sd?id=537097918&val=51n41001FBDGa007vg7D
Requested by
Host: jp-u.openx.net
URL: https://jp-u.openx.net/w/1.0/pd?plm=10&ph=d7066e05-92d3-4e83-b4f2-cbee552a2f6b&gdpr=0?gdpr=0&gdpr_consent=
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://jp-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Dec 2022 04:01:00 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-store, no-cache
Date
Mon, 05 Dec 2022 04:01:00 GMT
Server
nginx
P3P
CP="NON DSP COR CURa ADMa DEVa CUSo TAIa PSDo OUR BUS UNI COM NAV STA"
location
//jp-u.openx.net/w/1.0/sd?id=537097918&val=51n41001FBDGa007vg7D
cache-control
private, no-store, no-cache, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
0
X-SID
159f32b0
pxd
dps.jp.cinarra.com/ Frame EC49 		95 B
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dps.jp.cinarra.com/pxd?PLATFORM_ID=1&USER_ID=37e222e1-399f-8174-e157-c31d4c07aa67
Requested by
Host: jp-u.openx.net
URL: https://jp-u.openx.net/w/1.0/pd?plm=10&ph=d7066e05-92d3-4e83-b4f2-cbee552a2f6b&gdpr=0?gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.113.156.50 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-113-156-50.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://jp-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date
Mon, 05 Dec 2022 04:01:00 GMT
Connection
keep-alive
Content-Length
95
Content-Type
image/png
c597d9a5-b7e6-e971-da88-67bc20ccd8d0
pr-bh.ybp.yahoo.com/sync/openx/ Frame EC49 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/openx/c597d9a5-b7e6-e971-da88-67bc20ccd8d0?gdpr=0
Requested by
Host: jp-u.openx.net
URL: https://jp-u.openx.net/w/1.0/pd?plm=10&ph=d7066e05-92d3-4e83-b4f2-cbee552a2f6b&gdpr=0?gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.220.163.160 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-220-163-160.ap-southeast-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://jp-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 04:01:00 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
openx
cs.nex8.net/cs/ Frame EC49 		0
0
dds
rtb.openx.net/sync/ Frame EC49
Redirect Chain
  • https://rtb.openx.net/sync/dds
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=jgY13Y7MwhYNKz3-DIIvIw==&ox_sc=1&ox_init=1
  • https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
43 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
Requested by
Host: jp-u.openx.net
URL: https://jp-u.openx.net/w/1.0/pd?plm=10&ph=d7066e05-92d3-4e83-b4f2-cbee552a2f6b&gdpr=0?gdpr=0&gdpr_consent=
Protocol
H3
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://jp-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Dec 2022 04:01:00 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
40c4tqgarou772njpidt9mvsuffe13pb

Redirect headers

pragma
no-cache
date
Mon, 05 Dec 2022 04:01:00 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
249
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
send
sync-dsp.ad-m.asia/dsp/api/sync/ Frame EC49 		43 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=openx
Requested by
Host: jp-u.openx.net
URL: https://jp-u.openx.net/w/1.0/pd?plm=10&ph=d7066e05-92d3-4e83-b4f2-cbee552a2f6b&gdpr=0?gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
202.131.200.84 , Japan, ASN17941 (BIT-ISLE Equinix Japan Enterprise K.K., JP),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://jp-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 05 Dec 2022 04:01:01 GMT
Server
nginx
Content-Type
image/gif
Cache-Control
no-store,no-cache
Connection
close
Content-Length
43
expires
-1
sd
jp-u.openx.net/w/1.0/ Frame EC49
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Fjp-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
  • https://jp-u.openx.net/w/1.0/sd?id=536872786&val=af57638d-6cfa-4600-8909-94e1f1deb2d9
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jp-u.openx.net/w/1.0/sd?id=536872786&val=af57638d-6cfa-4600-8909-94e1f1deb2d9
Requested by
Host: jp-u.openx.net
URL: https://jp-u.openx.net/w/1.0/pd?plm=10&ph=d7066e05-92d3-4e83-b4f2-cbee552a2f6b&gdpr=0?gdpr=0&gdpr_consent=
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://jp-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Dec 2022 04:01:00 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Mon, 05 Dec 2022 04:01:00 GMT
Server
MT3 180 1fd3e2d master hkg-pixel-x7 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://jp-u.openx.net/w/1.0/sd?id=536872786&val=af57638d-6cfa-4600-8909-94e1f1deb2d9
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 05 Dec 2022 04:00:59 GMT
xuid
eb2.3lift.com/ Frame 7F72
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3658&xuid=068165a1-9f84-469f-b0f4-06b7381834b8&dongle=0cfd
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3658&xuid=068165a1-9f84-469f-b0f4-06b7381834b8&dongle=0cfd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
52.223.2.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-type
image/gif
date
Mon, 05 Dec 2022 04:01:00 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Mon, 05 Dec 2022 04:01:00 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://eb2.3lift.com/xuid?mid=3658&xuid=068165a1-9f84-469f-b0f4-06b7381834b8&dongle=0cfd
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
209
ebda
eb2.3lift.com/ Frame 7F72
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTc0NTA0NjEyOTk0MjU5MDY0NzA0Nw%3D%3D
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
52.223.2.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 04:01:00 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 05 Dec 2022 04:01:00 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
248
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
xuid
eb2.3lift.com/ Frame 7F72
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESECu7iSt0IB-Er9lmTlqtlAc&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESECu7iSt0IB-Er9lmTlqtlAc&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
52.223.2.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-type
image/gif
date
Mon, 05 Dec 2022 04:01:00 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Mon, 05 Dec 2022 04:01:00 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESECu7iSt0IB-Er9lmTlqtlAc&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
332
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 7F72
Redirect Chain
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTc0NTA0NjEyOTk0MjU5MDY0NzA0Nw%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTc0NTA0NjEyOTk0MjU5MDY0NzA0Nw%3D%3D
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H3
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Dec 2022 04:01:00 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTc0NTA0NjEyOTk0MjU5MDY0NzA0Nw%3D%3D
date
Mon, 05 Dec 2022 04:01:00 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
p.adsymptotic.com/d/px/ Frame 7F72
Redirect Chain
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=1745046129942590647047&dbredirect=true&gdpr=0&consent=
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=1745046129942590647047&dbredirect=true&gdpr=0&consent=&cookiesTest=true
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=03860c1b-ec57-440a-96ae-1c1814739080&_noobservation=1
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=03860c1b-ec57-440a-96ae-1c1814739080&_noobservation=1&_expected_cookie=1d44c8a...
43 B
164 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=03860c1b-ec57-440a-96ae-1c1814739080&_noobservation=1&_expected_cookie=1d44c8a39722770ede66b8d4b97454b0
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
104.18.101.194 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

p3p
CP='NON DSP COR CONi OUR BUS CNT'
date
Mon, 05 Dec 2022 04:01:01 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7749e0ce1eee5ac8-MEL
content-length
43
content-type
image/gif

Redirect headers

location
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=03860c1b-ec57-440a-96ae-1c1814739080&_noobservation=1&_expected_cookie=1d44c8a39722770ede66b8d4b97454b0
date
Mon, 05 Dec 2022 04:01:00 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7749e0cc9bad5ac8-MEL
content-length
0
xuid
eb2.3lift.com/ Frame 7F72
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=1745046129942590647047&gdpr=0&gdpr_consent=
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=triplelift
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=029b5057-f717-47ce-a128-be417c5799c1&ssp=triplelift
  • https://eb2.3lift.com/xuid?mid=2409&xuid=80b35f2d-fa1a-47da-9010-64e13e84dcaf&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2409&xuid=80b35f2d-fa1a-47da-9010-64e13e84dcaf&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
52.223.2.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-type
image/gif
date
Mon, 05 Dec 2022 04:01:00 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location
//eb2.3lift.com/xuid?mid=2409&xuid=80b35f2d-fa1a-47da-9010-64e13e84dcaf&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Date
Mon, 05 Dec 2022 04:01:00 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
xuid
eb2.3lift.com/ Frame 7F72
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/1745046129942590647047?gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-K3Pz_O5E2oSS5EU3Rl73wTmAO0adJgmaoYa5uX9RJg--~A&dongle=0883
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2662&xuid=y-K3Pz_O5E2oSS5EU3Rl73wTmAO0adJgmaoYa5uX9RJg--~A&dongle=0883
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
52.223.2.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-type
image/gif
date
Mon, 05 Dec 2022 04:01:00 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Mon, 05 Dec 2022 04:01:00 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://eb2.3lift.com/xuid?mid=2662&xuid=y-K3Pz_O5E2oSS5EU3Rl73wTmAO0adJgmaoYa5uX9RJg--~A&dongle=0883
content-length
0
757c0557066e95cfd4c7
s.amazon-adsystem.com/x/ Frame 7F72 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=0&gdpr_consent=&uid=1745046129942590647047
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers
c.gif
c.bing.com/ Frame 7F72 		42 B
666 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bing.com/c.gif?xid=1745046129942590647047&Red3=TLMS_pd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.79.197.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
a-0001.a-msedge.net
Software
/ ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Dec 2022 04:01:00 GMT
last-modified
Thu, 13 Oct 2022 15:58:17 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: FD22F25D6A37425AB329E6C00906A2EA Ref B: MEL01EDGE1411 Ref C: 2022-12-05T04:01:00Z
etag
"e997be9b1cdfd81:0"
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-type
image/gif
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42
xuid
eb2.3lift.com/ Frame 7F72
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3335&xuid=6665481102401954734&dongle=4d58&gdpr=0&gdpr_consent=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3335&xuid=6665481102401954734&dongle=4d58&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
52.223.2.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-type
image/gif
date
Mon, 05 Dec 2022 04:01:00 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Pragma
no-cache
Date
Mon, 05 Dec 2022 04:01:00 GMT
AN-X-Request-Uuid
d85c6b0e-c1a5-4b8c-b462-7b6784de56e8
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://eb2.3lift.com/xuid?mid=3335&xuid=6665481102401954734&dongle=4d58&gdpr=0&gdpr_consent=
Connection
keep-alive
X-Proxy-Origin
103.209.254.83; 103.209.254.83; 897.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame A0B7 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssXBqIUmmiChd6PStLlfog6Yq8jcZDps-lZG5RjoRUq927DdlXeIWXUFsk3F9mv7wsxJY7yQi_xKuT9rOi9po4Otjo1qrijPl11jQW_oGetda2Ge_gtqYM9pHvmwBVdwMc1SnmHDqD8VrBBTDh0KZoZ1EGjLgRmUi619050P1L3ygBHPTy_SXVbdsS-N0YpRBn9c4moacTyV6BMVPYvBLf5nT3JVZ-Pl44ysZ_3Mb-QBe131cbtwRdaS59DXrvwPq_sEJUbWU03YdP2OWRLMQEXASkqDjFKBs6EIVEKrtRarWb9PlxF1V9-5Eh7TmMLFdIe9h2ydWK4AYmmzWee_886zR5uRGPugUIK77VM8eT4DzcGJ4jm5UqTRgf7gl0vqTJRABBlgMgxxg2XP39fDNPlO8ftz3hryJ4Gz--rY4YF3zgd2QoaS9i_HqegIjAHlcuiFuy770K30PHLW-DsTkrrID8XQ2rcDLzI3qYIkcNjBNuI_VpHES9zhTn7bVicoOICaHZh2LHMzIrWIe4ZM78cG7h_GI28Z5LX7d1QTDhi3j4Yt1qt9pNk6qvYRmitE08bTglr-nJMHa4EK33U8Xmya3LiZn9spTM-P4mEHifKT0A1FmPcNFo83RRmPCdvbHHXHt-dHEHrFI4sJl-PCMQBXfKz73f4SoCsNLDIOXaYtIR8F26ZKpWcN7T9A3G0F9KdcKdsgD3i290Sr7evuee53SxnKDO7qnBSG5lQ2BEvq0l4jllGxBv883gEHqZbRN1Chnbuz8lBGVALS3fWfbn7Rp9_o703YO0k-XE7mFNgHG8YdWRHgrrCf9UNCOGy8TpOoFyHv0WOGKcG1o8U62Gpb2X5rbNYmYdyyAt1Bh4D5s_ifw9StsEE3ZkE5HSeNMS8hNl0JjBs3-Ww2kL1sN33K4nh4QS28nMFTu-pvIWj0ET1bVGG-MeX3JMKFpDeqzsG0LIZaCRCvDIPqKZ7SO4LZ2k05MkG8s95Ftat0sM_uee8GQ1xsO5yXHDFr-iAdqaCbK63rW49iS8jZO1KarOWPo24kPh7-h3Q5SSedPkfOPTcbwtM3nQSOTqugAAQPfFLvTFfPez8Ug1NldVi7D2NMA2c-5rkgaML7onMXDFKEjvj4n_hQzU8mbkZgKv_Ty5-taSh2Jh4vd_CATLPDyeWVZ-cPlnAux5yeG20wM7KeEfOI1IuOI3LSFY9MAaxa4ztuanPfVtevf-zZ7jyqY83sTiHFP1labG5vb10tPKXgmkwcs_TVuU-gItiZDfHYDiQkLHZ-5yprzHJ3a2n3J2hxdP7rHwokN7RUEv6j9bTcMbGLlSIb__i7JrvdWtPdl75&sai=AMfl-YSfvCA3dPP90_kualYOXNPQsOKlWwE1mPVdXrtclQh8yuyMlY7XaQst2K7Cd3Y9YpfXJFkV_CgK3Eg96c2jP6-74_tA5DEwFx-UFZyJ6AeM9RB5tyYj9rc9a_6XaXxZkSoU_nSLIUi8DWUE8oJF-9q26VPHnPuMO1IM3nQiTcuz-wv1j7pP9pW3TNsUVaxcKx70ZEMsdVfq_S9b9GFkq59I5IUehEYBXic0YXFfNxay1dAMId054mzw18WofblGryInn6gl_TffxCxJHYAM95TYI-EknHj74OZV0Q&sig=Cg0ArKJSzK08fJO75DWXEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=3884&vt=11&dtpt=2805&dett=3&cstd=1076&cisv=r20221110.55943&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f156.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://a6877dcf690d5719671ec6745f20d2cd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 04:01:00 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Mon, 05 Dec 2022 04:01:00 GMT
v1
lb.eu-1-id5-sync.com/lb/ Frame 2D39 		33 B
407 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_4.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.120 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533571.ip-162-19-138.eu
Software
/
Resource Hash
9d3e5594775ebe199e9cec093c575ce447e6418bedb099a583ea18a930e614cf
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://wegotthiscovered.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://wegotthiscovered.com
date
Mon, 05 Dec 2022 04:01:00 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
PugMaster
image6.pubmatic.com/AdServer/ Frame 66EC 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=21938012&p=156011&s=165626&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.199.150.81 Los Angeles, United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
92f08df9b2a05da00a58498aa754a24d5ffb5242f0579487393ed3b923f210ae

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Mon, 05 Dec 2022 04:01:00 GMT
content-length
1659
content-type
text/html; charset=UTF-8
collect
h.clarity.ms/ 		0
48 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://h.clarity.ms/collect
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.224.31.34 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://wegotthiscovered.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

access-control-allow-origin
https://wegotthiscovered.com
date
Mon, 05 Dec 2022 04:01:00 GMT
access-control-allow-credentials
true
server
Microsoft-IIS/10.0
vary
Origin
request-context
appId=cid-v1:b1d896b3-bec7-448b-b764-240152e813e8
Pug
simage2.pubmatic.com/AdServer/ Frame 88C4
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:af57638d-6cfa-4600-8909-94e1f1deb2d9&gdpr=0&gdpr_consent=
42 B
326 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:af57638d-6cfa-4600-8909-94e1f1deb2d9&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.199.150.86 Los Angeles, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 05 Dec 2022 04:01:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Mon, 05 Dec 2022 04:01:00 GMT
Expires
Mon, 05 Dec 2022 04:00:59 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 180 1fd3e2d master hkg-pixel-x25 config:1.0.0
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:af57638d-6cfa-4600-8909-94e1f1deb2d9&gdpr=0&gdpr_consent=
Pug
simage2.pubmatic.com/AdServer/ Frame 562C
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y41s_gAAAZViBgAp&gdpr=0&gdpr_consent=
1 B
342 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y41s_gAAAZViBgAp&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.199.150.86 Los Angeles, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Mon, 05 Dec 2022 04:01:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ranges
bytes
cache-control
no-cache
content-length
0
date
Mon, 05 Dec 2022 04:01:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y41s_gAAAZViBgAp&gdpr=0&gdpr_consent=
pragma
no-cache
retry-after
0
server
Varnish
via
1.1 varnish
x-cache
HIT
x-cache-hits
0
x-served-by
cache-mel11220-MEL
x-timer
S1670212861.655354,VS0,VE0
Pug
simage2.pubmatic.com/AdServer/ Frame 294D
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6665481102401954734&gdpr=0&gdpr_consent=
42 B
218 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6665481102401954734&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.199.150.86 Los Angeles, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 05 Dec 2022 04:01:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

AN-X-Request-Uuid
aee66ffa-c3b3-49fc-9fba-c74b662bf59f
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=utf-8
Date
Mon, 05 Dec 2022 04:01:00 GMT
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6665481102401954734&gdpr=0&gdpr_consent=
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma
no-cache
Server
nginx/1.21.3
X-Proxy-Origin
103.209.254.83; 103.209.254.83; 897.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
X-XSS-Protection
0
Pug
image2.pubmatic.com/AdServer/ Frame 8A1E
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=418xauMPbzj4Cjk_sFUkPedaaD34Djo3sFhnxaeZ
42 B
415 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=418xauMPbzj4Cjk_sFUkPedaaD34Djo3sFhnxaeZ
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.194 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 05 Dec 2022 04:01:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
date
Mon, 05 Dec 2022 04:01:00 GMT
expires
Fri, 04 Aug 1978 12:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=418xauMPbzj4Cjk_sFUkPedaaD34Djo3sFhnxaeZ
pragma
no-cache
strict-transport-security
max-age=86400
Pug
simage2.pubmatic.com/AdServer/ Frame 83D5
Redirect Chain
  • https://cm.ambientdsp.com/cm/send?vc=pmj
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=y2gqwq7qgks
1 B
149 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=y2gqwq7qgks
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.199.150.86 Los Angeles, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Mon, 05 Dec 2022 04:01:01 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-encoding
utf-8
cache-control
no-store
content-length
0
date
Mon, 05 Dec 2022 04:01:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=y2gqwq7qgks
lws
127.0.0.1
strict-transport-security
max-age=31536000; includeSubDomains
time-ms
1
Pug
simage2.pubmatic.com/AdServer/ Frame 66EC
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=5872975480053967565
42 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=5872975480053967565
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_gg_n-mediagrid_n-sharethrough_n-LoopMe_pm-db5_ym_rbd_n-vmg_n-MediaNet_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Server
67.199.150.86 Los Angeles, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Mon, 05 Dec 2022 04:01:00 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 05 Dec 2022 04:01:00 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=5872975480053967565
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
ecm3
s.amazon-adsystem.com/ Frame 4DC6 		43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=PM_UIDE0D49FB2-6484-443C-94BA-B894703FD7A2
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Mon, 05 Dec 2022 04:01:00 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
087GZ35XFXV84JM3TP6M
info2
uipglob.semasio.net/pubmatic/1/ Frame 66EC
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=E0D49FB2-6484-443C-94BA-B894703FD7A2&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=E0D49FB2-6484-443C-94BA-B894703FD7A2&sInitiator=external&gdpr=0&gdpr_consent=
42 B
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=E0D49FB2-6484-443C-94BA-B894703FD7A2&sInitiator=external&gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_gg_n-mediagrid_n-sharethrough_n-LoopMe_pm-db5_ym_rbd_n-vmg_n-MediaNet_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Server
119.9.108.191 , Hong Kong, ASN45187 (RACKSPACE-AP Rackspace IT Hosting AS IT Hosting Provider Hong Kong, HK),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

uip-response-status
FallbackResponse
date
Mon, 05 Dec 2022 04:00:59 GMT
frontend-id
0
content-length
42
routing-server-id
1
content-type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 05 Dec 2022 04:00:59 GMT
frontend-id
0
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
location
/pubmatic/1/info2?sType=sync&sExtCookieId=E0D49FB2-6484-443C-94BA-B894703FD7A2&sInitiator=external&gdpr=0&gdpr_consent=
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
0
routing-server-id
1
expires
Sat, 01 Jan 2011 12:00:00 GMT
qmap
sync.crwdcntrl.net/ Frame 66EC 		49 B
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=E0D49FB2-6484-443C-94BA-B894703FD7A2&gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_gg_n-mediagrid_n-sharethrough_n-LoopMe_pm-db5_ym_rbd_n-vmg_n-MediaNet_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.137.212.121 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-46-137-212-121.ap-southeast-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Dec 2022 04:01:01 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.42.20.108
content-length
49
expires
0
receive
pixel.tapad.com/idsync/ex/ Frame 66EC
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=E0D49FB2-6484-443C-94BA-B894703FD7A2
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=99425b1c-5be5-4b55-8e5e-c77148467017%252C&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=068165a1-9f84-469f-b0f4-06b7381834b8&ttd_puid=99425b1c-5be5-4b55-8e5e-c77148467017%2C
95 B
122 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=068165a1-9f84-469f-b0f4-06b7381834b8&ttd_puid=99425b1c-5be5-4b55-8e5e-c77148467017%2C
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_gg_n-mediagrid_n-sharethrough_n-LoopMe_pm-db5_ym_rbd_n-vmg_n-MediaNet_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H3
Server
107.178.244.193 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
193.244.178.107.bc.googleusercontent.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 04:01:01 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
content-type
image/png
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

pragma
no-cache
date
Mon, 05 Dec 2022 04:01:00 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=068165a1-9f84-469f-b0f4-06b7381834b8&ttd_puid=99425b1c-5be5-4b55-8e5e-c77148467017%2C
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
353
PugMaster
image6.pubmatic.com/AdServer/ Frame D5C9 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=30936301&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.199.150.81 Los Angeles, United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
29b9bc924b5f8b28a0976dcaf933c9d621dc0752d3872ab707b523300b748f53

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Mon, 05 Dec 2022 04:01:00 GMT
content-length
1566
content-type
text/html; charset=UTF-8
212.json
id5-sync.com/g/v2/ Frame 2D39 		456 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/212.json
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_4.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.116 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533567.ip-162-19-138.eu
Software
/
Resource Hash
cd48d28c7ebaf56033b251f88780bf4cea0b65dbcb815ccd6854c93caee7d7d4
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://wegotthiscovered.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 05 Dec 2022 04:01:00 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://wegotthiscovered.com
p3p
CP="CAO PSA OUR"
access-control-allow-credentials
true
Pug
simage2.pubmatic.com/AdServer/ Frame 113E
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
42 B
95 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.199.150.86 Los Angeles, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 05 Dec 2022 04:01:01 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

cache-control
no-cache
content-length
0
cross-origin-resource-policy
cross-origin
date
Mon, 05 Dec 2022 04:01:00 GMT
expires
Mon, 05 Dec 2022 00:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
1348336
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
Pug
simage2.pubmatic.com/AdServer/ Frame 6929
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=228vAfxoQ_VeR2Hwba6UzWfR_lM
42 B
297 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=228vAfxoQ_VeR2Hwba6UzWfR_lM
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.199.150.86 Los Angeles, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 05 Dec 2022 04:00:59 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
159
Content-Type
text/html; charset=utf-8
Date
Mon, 05 Dec 2022 04:01:01 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=228vAfxoQ_VeR2Hwba6UzWfR_lM
Pug
image2.pubmatic.com/AdServer/ Frame 366D
Redirect Chain
  • https://gocm.c.appier.net/pubmatic
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=rfSoucguAf6m1BWJ-myNYw
42 B
278 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=rfSoucguAf6m1BWJ-myNYw
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.194 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 05 Dec 2022 04:01:01 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

cache-control
no-store
content-length
153
content-type
text/html; charset=utf-8
date
Mon, 05 Dec 2022 04:01:01 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=rfSoucguAf6m1BWJ-myNYw
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
nginx
send
sync-dsp.ad-m.asia/dsp/api/sync/ Frame BD71 		43 B
243 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=pubmatic&rd=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyNTMmdGw9MTI5NjAw%26piggybackCookie%3D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
202.131.200.84 , Japan, ASN17941 (BIT-ISLE Equinix Japan Enterprise K.K., JP),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
no-store,no-cache
Connection
close
Content-Length
43
Content-Type
image/gif
Date
Mon, 05 Dec 2022 04:01:01 GMT
Pragma
no-cache
Server
nginx
expires
-1
Pug
simage2.pubmatic.com/AdServer/ Frame D5C9
Redirect Chain
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=6665481102401954734
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=6665481102401954734
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_gg_n-mediagrid_n-sharethrough_n-LoopMe_pm-db5_ym_rbd_n-vmg_n-MediaNet_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Server
67.199.150.86 Los Angeles, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Mon, 05 Dec 2022 04:01:01 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Mon, 05 Dec 2022 04:01:01 GMT
AN-X-Request-Uuid
622f0ae8-0b0d-4fb2-ae2e-24184192cf14
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=6665481102401954734
Connection
keep-alive
X-Proxy-Origin
103.209.254.83; 103.209.254.83; 900.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cm
ipac.ctnsnet.com/int/ Frame 2D35 		43 B
63 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.193.173 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
173.193.186.35.bc.googleusercontent.com
Software
Apache-Coyote/1.1 /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
43
content-type
image/gif
date
Mon, 05 Dec 2022 04:01:00 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
CP="NOI DSP COR NID CUR OUR NOR"
pragma
no-cache
server
Apache-Coyote/1.1
via
1.1 google
usersync
usersync.gumgum.com/ Frame BABA 		35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=pbm&i=E0D49FB2-6484-443C-94BA-B894703FD7A2
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.238.120.71 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-238-120-71.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Mon, 05 Dec 2022 04:01:01 GMT
Expires
0
Pragma
no-cache
SPug
image4.pubmatic.com/AdServer/ Frame D5C9
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=E0D49FB2-6484-443C-94BA-B894703FD7A2&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-jXnKUURE2uWSfjsi6cGASSv4d3RgAY4-~A&gdpr=0&gdpr_consent=
0
128 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-jXnKUURE2uWSfjsi6cGASSv4d3RgAY4-~A&gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_gg_n-mediagrid_n-sharethrough_n-LoopMe_pm-db5_ym_rbd_n-vmg_n-MediaNet_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Server
103.231.98.195 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 04:01:01 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-jXnKUURE2uWSfjsi6cGASSv4d3RgAY4-~A&gdpr=0&gdpr_consent=
date
Mon, 05 Dec 2022 04:01:00 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Pug
simage2.pubmatic.com/AdServer/ Frame D5C9
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=80b35f2d-fa1a-47da-9010-64e13e84dcaf
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=80b35f2d-fa1a-47da-9010-64e13e84dcaf
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=20470e5d-92e1-47e0-8a10-72bf805a3624&user_group=1&ssp=pubmatic&bsw_param=80b35f2d-fa1a-47da-9010-64e13e84dcaf
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=80b35f2d-fa1a-47da-9010-64e13e84dcaf&gdpr=&gdpr_consent=&gdpr_pd=
1 B
166 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=80b35f2d-fa1a-47da-9010-64e13e84dcaf&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Server
67.199.150.86 Los Angeles, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Mon, 05 Dec 2022 04:01:02 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=80b35f2d-fa1a-47da-9010-64e13e84dcaf&gdpr=&gdpr_consent=&gdpr_pd=
Date
Mon, 05 Dec 2022 04:01:02 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
Pug
simage2.pubmatic.com/AdServer/ Frame D5C9
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3034912127337643283&gdpr=0&gdpr_consent=&us_privacy=
1 B
195 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3034912127337643283&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_gg_n-mediagrid_n-sharethrough_n-LoopMe_pm-db5_ym_rbd_n-vmg_n-MediaNet_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Server
67.199.150.86 Los Angeles, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Mon, 05 Dec 2022 04:00:59 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3034912127337643283&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Mon, 05 Dec 2022 04:01:00 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Pug
simage2.pubmatic.com/AdServer/ Frame D5C9
Redirect Chain
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=E0D49FB2-6484-443C-94BA-B894703FD7A2&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AQELAC3sQDkNZwIIf0aaAQEBAQE&expiration=1670299260&nuid=E0D49FB2-6484-443C-94BA-B894703FD7A2&...
42 B
346 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AQELAC3sQDkNZwIIf0aaAQEBAQE&expiration=1670299260&nuid=E0D49FB2-6484-443C-94BA-B894703FD7A2&gdpr_consent=&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_gg_n-mediagrid_n-sharethrough_n-LoopMe_pm-db5_ym_rbd_n-vmg_n-MediaNet_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Server
67.199.150.86 Los Angeles, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Mon, 05 Dec 2022 04:01:01 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 05 Dec 2022 04:01:00 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AQELAC3sQDkNZwIIf0aaAQEBAQE&expiration=1670299260&nuid=E0D49FB2-6484-443C-94BA-B894703FD7A2&gdpr_consent=&gdpr=0
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
usync.html
eus.rubiconproject.com/ Frame 0FCB
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=33across&endpoint=us-east&us_privacy=
  • https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/v2?m=xch&rt=html&id=ahOcs-0hSr66bCaKj0P0Le&gdpr_consent=undefined&us_privacy=undefined&b=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.15.148.136 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-15-148-136.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://de.tynt.com/deb/v2?m=xch&rt=html&id=ahOcs-0hSr66bCaKj0P0Le&gdpr_consent=undefined&us_privacy=undefined&b=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 05 Dec 2022 04:01:01 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Mon, 05 Dec 2022 04:01:01 GMT
location
https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
server
AkamaiGHost
cm
us-u.openx.net/w/1.0/ Frame A86F
Redirect Chain
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1670212860819.5&ri=70&ru=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fcm%3Fid%3Dc6a5ba0d-ce02-41bd-a1ea-842c68bd5108%26ph%3D8f5ed5d4-642c-4222-968a-d709c...
  • https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D...
951 B
575 B 		Document
General
Check archive.org
Download Go to
Full URL
https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/v2?m=xch&rt=html&id=ahOcs-0hSr66bCaKj0P0Le&gdpr_consent=undefined&us_privacy=undefined&b=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
feef73a6e360f41ff99a55fef39887d19c9ba932a90d3a8ec68fd7579c253cc1

Request headers

Referer
https://de.tynt.com/deb/v2?m=xch&rt=html&id=ahOcs-0hSr66bCaKj0P0Le&gdpr_consent=undefined&us_privacy=undefined&b=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
556
content-type
text/html
date
Mon, 05 Dec 2022 04:01:01 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-length
0
date
Mon, 05 Dec 2022 04:01:00 GMT
expires
Thu, 01-Jan-70 00:00:01 GMT
location
https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
pragma
no-cache
referrer-policy
unsafe-url
server
33XP019
x-33x-status
40000000008200000C
match
events-ssc.33across.com/ Frame C43A
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=the33across&us_privacy=
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=the33across&bsw_param=80b35f2d-fa1a-47da-9010-64e13e84dcaf&google_hm=ODBiMzVmMmQtZmExYS00N2RhLTkwMTAtNjRlMTNlODRk...
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEJuheWNJR6sgxF2I_wa7HjA&google_cver=1&ssp=the33across&bsw_param=80b35f2d-fa1a-47da-9010-64e13e84dcaf
  • https://ssc-cms.33across.com/ps/?xi=10&us_privacy=&xu=80b35f2d-fa1a-47da-9010-64e13e84dcaf
  • https://events-ssc.33across.com/match?bidder_id=10&external_user_id=80b35f2d-fa1a-47da-9010-64e13e84dcaf&ts=1670212862&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
126 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=10&external_user_id=80b35f2d-fa1a-47da-9010-64e13e84dcaf&ts=1670212862&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/v2?m=xch&rt=html&id=ahOcs-0hSr66bCaKj0P0Le&gdpr_consent=undefined&us_privacy=undefined&b=1
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://de.tynt.com/deb/v2?m=xch&rt=html&id=ahOcs-0hSr66bCaKj0P0Le&gdpr_consent=undefined&us_privacy=undefined&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 04:01:02 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Mon, 05 Dec 2022 04:01:01 GMT
referrer-policy
unsafe-url
server
33XP012
x-33x-status
8000000008200000C
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=10&external_user_id=80b35f2d-fa1a-47da-9010-64e13e84dcaf&ts=1670212862&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
events-ssc.33across.com/ Frame C43A
Redirect Chain
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1670212860819.3&ri=1&ru=https%3A%2F%2Fsync.mathtag.com%2Fsync%2Fimg%3Fus_privacy%3D%24%7BUS_PRIVACY%7D%26mt_exid%3D73%26redir%3Dhttps%253A%252F%252Fe...
  • https://sync.mathtag.com/sync/img?us_privacy=&mt_exid=73&redir=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D1%26external_user_id%3D%5BMM_UUID%5D
  • https://events-ssc.33across.com/match?liv=g&us_privacy=&bidder_id=1&external_user_id=af57638d-6cfa-4600-8909-94e1f1deb2d9
68 B
126 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?liv=g&us_privacy=&bidder_id=1&external_user_id=af57638d-6cfa-4600-8909-94e1f1deb2d9
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/v2?m=xch&rt=html&id=ahOcs-0hSr66bCaKj0P0Le&gdpr_consent=undefined&us_privacy=undefined&b=1
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://de.tynt.com/deb/v2?m=xch&rt=html&id=ahOcs-0hSr66bCaKj0P0Le&gdpr_consent=undefined&us_privacy=undefined&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 04:01:02 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

Date
Mon, 05 Dec 2022 04:01:02 GMT
Server
MT3 180 1fd3e2d master hkg-pixel-x23 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://events-ssc.33across.com/match?liv=g&us_privacy=&bidder_id=1&external_user_id=af57638d-6cfa-4600-8909-94e1f1deb2d9
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 05 Dec 2022 04:01:01 GMT
match
events-ssc.33across.com/ Frame C43A
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=104&us_privacy=&redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fus_privacy%3D%26xi%3D45%26xu%3D%7BuserId%7D
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=104&us_privacy=&redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fus_privacy%3D%26xi%3D45%26xu%3D%7BuserId%7D
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=590893b0-074c-4b82-8fa8-43a492b763bd-638d6cfd-4155&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%...
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=590893b0-074c-4b82-8fa8-43a492b763bd-638d6cfd-4155&partner_url=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fus_privacy%3D%26...
  • https://ssc-cms.33across.com/ps/?us_privacy=&xi=45&xu=590893b0-074c-4b82-8fa8-43a492b763bd-638d6cfd-4155
  • https://events-ssc.33across.com/match?bidder_id=45&external_user_id=590893b0-074c-4b82-8fa8-43a492b763bd-638d6cfd-4155&ts=1670212863&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=45&external_user_id=590893b0-074c-4b82-8fa8-43a492b763bd-638d6cfd-4155&ts=1670212863&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/v2?m=xch&rt=html&id=ahOcs-0hSr66bCaKj0P0Le&gdpr_consent=undefined&us_privacy=undefined&b=1
Protocol
H3
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://de.tynt.com/deb/v2?m=xch&rt=html&id=ahOcs-0hSr66bCaKj0P0Le&gdpr_consent=undefined&us_privacy=undefined&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 04:01:03 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Mon, 05 Dec 2022 04:01:02 GMT
referrer-policy
unsafe-url
server
33XP017
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=45&external_user_id=590893b0-074c-4b82-8fa8-43a492b763bd-638d6cfd-4155&ts=1670212863&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
events-ssc.33across.com/ Frame C43A
Redirect Chain
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1670212860819.6&ri=90&ru=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fevents-ssc.33across.com%252Fmatch%253Fliv%253Dg%2526us_privacy%253...
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D90%26external_user_id%3D%24UID
  • https://events-ssc.33across.com/match?liv=g&us_privacy=&bidder_id=90&external_user_id=6665481102401954734
68 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?liv=g&us_privacy=&bidder_id=90&external_user_id=6665481102401954734
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/v2?m=xch&rt=html&id=ahOcs-0hSr66bCaKj0P0Le&gdpr_consent=undefined&us_privacy=undefined&b=1
Protocol
H3
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://de.tynt.com/deb/v2?m=xch&rt=html&id=ahOcs-0hSr66bCaKj0P0Le&gdpr_consent=undefined&us_privacy=undefined&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 04:01:02 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

Pragma
no-cache
Date
Mon, 05 Dec 2022 04:01:02 GMT
AN-X-Request-Uuid
daf5535e-5c83-4a42-ace0-ebe4d762a3df
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://events-ssc.33across.com/match?liv=g&us_privacy=&bidder_id=90&external_user_id=6665481102401954734
Connection
keep-alive
X-Proxy-Origin
103.209.254.83; 103.209.254.83; 897.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usync.html
eus.rubiconproject.com/ Frame BC61
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=33across&endpoint=us-east&us_privacy=
  • https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/v2?m=xch&rt=html&id=ampQeC0hSr66bCaKj0P0Le&gdpr_consent=undefined&us_privacy=undefined&b=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.15.148.136 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-15-148-136.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://de.tynt.com/deb/v2?m=xch&rt=html&id=ampQeC0hSr66bCaKj0P0Le&gdpr_consent=undefined&us_privacy=undefined&b=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 05 Dec 2022 04:01:01 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Mon, 05 Dec 2022 04:01:01 GMT
location
https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
server
AkamaiGHost
match
events-ssc.33across.com/ Frame 1BDC
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=the33across&us_privacy=
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=D41B0D84-4DB7-4D9C-81CC-3A497DB5D0A6&gdpr=&consent=&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D354%26user_id%3D%24%24visitor_cookie%24%24%26ssp%3Dthe33...
  • https://x.bidswitch.net/sync?dsp_id=354&user_id=79df575a921f4bf9ab94548f74082a5c&ssp=the33across&bsw_param=80b35f2d-fa1a-47da-9010-64e13e84dcaf&gdpr=&consent=&gdpr_pd=&expires=7
  • https://ssc-cms.33across.com/ps/?xi=10&us_privacy=&xu=80b35f2d-fa1a-47da-9010-64e13e84dcaf
  • https://events-ssc.33across.com/match?bidder_id=10&external_user_id=80b35f2d-fa1a-47da-9010-64e13e84dcaf&ts=1670212862&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
126 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=10&external_user_id=80b35f2d-fa1a-47da-9010-64e13e84dcaf&ts=1670212862&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/v2?m=xch&rt=html&id=ampQeC0hSr66bCaKj0P0Le&gdpr_consent=undefined&us_privacy=undefined&b=1
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://de.tynt.com/deb/v2?m=xch&rt=html&id=ampQeC0hSr66bCaKj0P0Le&gdpr_consent=undefined&us_privacy=undefined&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 04:01:02 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Mon, 05 Dec 2022 04:01:01 GMT
referrer-policy
unsafe-url
server
33XP007
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=10&external_user_id=80b35f2d-fa1a-47da-9010-64e13e84dcaf&ts=1670212862&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
events-ssc.33across.com/ Frame 1BDC
Redirect Chain
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1670212860819.3&ri=1&ru=https%3A%2F%2Fsync.mathtag.com%2Fsync%2Fimg%3Fus_privacy%3D%24%7BUS_PRIVACY%7D%26mt_exid%3D73%26redir%3Dhttps%253A%252F%252Fe...
  • https://sync.mathtag.com/sync/img?us_privacy=&mt_exid=73&redir=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D1%26external_user_id%3D%5BMM_UUID%5D
  • https://events-ssc.33across.com/match?liv=g&us_privacy=&bidder_id=1&external_user_id=af57638d-6cfa-4600-8909-94e1f1deb2d9
68 B
126 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?liv=g&us_privacy=&bidder_id=1&external_user_id=af57638d-6cfa-4600-8909-94e1f1deb2d9
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/v2?m=xch&rt=html&id=ampQeC0hSr66bCaKj0P0Le&gdpr_consent=undefined&us_privacy=undefined&b=1
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://de.tynt.com/deb/v2?m=xch&rt=html&id=ampQeC0hSr66bCaKj0P0Le&gdpr_consent=undefined&us_privacy=undefined&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 04:01:02 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

Date
Mon, 05 Dec 2022 04:01:02 GMT
Server
MT3 180 1fd3e2d master hkg-pixel-x10 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://events-ssc.33across.com/match?liv=g&us_privacy=&bidder_id=1&external_user_id=af57638d-6cfa-4600-8909-94e1f1deb2d9
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 05 Dec 2022 04:01:01 GMT
match
events-ssc.33across.com/ Frame 1BDC
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=104&us_privacy=&redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fus_privacy%3D%26xi%3D45%26xu%3D%7BuserId%7D
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=104&us_privacy=&redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fus_privacy%3D%26xi%3D45%26xu%3D%7BuserId%7D
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=590893b0-074c-4b82-8fa8-43a492b763bd-638d6cfd-4155&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%...
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=590893b0-074c-4b82-8fa8-43a492b763bd-638d6cfd-4155&partner_url=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fus_privacy%3D%26...
  • https://ssc-cms.33across.com/ps/?us_privacy=&xi=45&xu=590893b0-074c-4b82-8fa8-43a492b763bd-638d6cfd-4155
  • https://events-ssc.33across.com/match?bidder_id=45&external_user_id=590893b0-074c-4b82-8fa8-43a492b763bd-638d6cfd-4155&ts=1670212863&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=45&external_user_id=590893b0-074c-4b82-8fa8-43a492b763bd-638d6cfd-4155&ts=1670212863&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/v2?m=xch&rt=html&id=ampQeC0hSr66bCaKj0P0Le&gdpr_consent=undefined&us_privacy=undefined&b=1
Protocol
H3
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://de.tynt.com/deb/v2?m=xch&rt=html&id=ampQeC0hSr66bCaKj0P0Le&gdpr_consent=undefined&us_privacy=undefined&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 04:01:03 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Mon, 05 Dec 2022 04:01:02 GMT
referrer-policy
unsafe-url
server
33XP007
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=45&external_user_id=590893b0-074c-4b82-8fa8-43a492b763bd-638d6cfd-4155&ts=1670212863&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
cm
us-u.openx.net/w/1.0/ Frame 11C3
Redirect Chain
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1670212860819.5&ri=70&ru=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fcm%3Fid%3Dc6a5ba0d-ce02-41bd-a1ea-842c68bd5108%26ph%3D8f5ed5d4-642c-4222-968a-d709c...
  • https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D...
951 B
575 B 		Document
General
Check archive.org
Download Go to
Full URL
https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/v2?m=xch&rt=html&id=ampQeC0hSr66bCaKj0P0Le&gdpr_consent=undefined&us_privacy=undefined&b=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
feef73a6e360f41ff99a55fef39887d19c9ba932a90d3a8ec68fd7579c253cc1

Request headers

Referer
https://de.tynt.com/deb/v2?m=xch&rt=html&id=ampQeC0hSr66bCaKj0P0Le&gdpr_consent=undefined&us_privacy=undefined&b=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
556
content-type
text/html
date
Mon, 05 Dec 2022 04:01:01 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-length
0
date
Mon, 05 Dec 2022 04:01:01 GMT
expires
Thu, 01-Jan-70 00:00:01 GMT
location
https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
pragma
no-cache
referrer-policy
unsafe-url
server
33XP009
x-33x-status
40000000008200000C
match
events-ssc.33across.com/ Frame 1BDC
Redirect Chain
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1670212860819.6&ri=90&ru=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fevents-ssc.33across.com%252Fmatch%253Fliv%253Dg%2526us_privacy%253...
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D90%26external_user_id%3D%24UID
  • https://events-ssc.33across.com/match?liv=g&us_privacy=&bidder_id=90&external_user_id=6665481102401954734
68 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?liv=g&us_privacy=&bidder_id=90&external_user_id=6665481102401954734
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/v2?m=xch&rt=html&id=ampQeC0hSr66bCaKj0P0Le&gdpr_consent=undefined&us_privacy=undefined&b=1
Protocol
H3
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://de.tynt.com/deb/v2?m=xch&rt=html&id=ampQeC0hSr66bCaKj0P0Le&gdpr_consent=undefined&us_privacy=undefined&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 04:01:02 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

Pragma
no-cache
Date
Mon, 05 Dec 2022 04:01:02 GMT
AN-X-Request-Uuid
fa50a324-e0a3-4f5a-9665-7617d3c528ff
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://events-ssc.33across.com/match?liv=g&us_privacy=&bidder_id=90&external_user_id=6665481102401954734
Connection
keep-alive
X-Proxy-Origin
103.209.254.83; 103.209.254.83; 897.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usync.html
eus.rubiconproject.com/ Frame AB74
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=33across&endpoint=us-east&us_privacy=
  • https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/v2?m=xch&rt=html&id=avU6sM0hSr66bCaKj0P0Le&gdpr_consent=undefined&us_privacy=undefined&b=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.15.148.136 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-15-148-136.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://de.tynt.com/deb/v2?m=xch&rt=html&id=avU6sM0hSr66bCaKj0P0Le&gdpr_consent=undefined&us_privacy=undefined&b=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 05 Dec 2022 04:01:01 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Mon, 05 Dec 2022 04:01:01 GMT
location
https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
server
AkamaiGHost
match
events-ssc.33across.com/ Frame A36D
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=the33across&us_privacy=
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=D41B0D84-4DB7-4D9C-81CC-3A497DB5D0A6&gdpr=&consent=&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D354%26user_id%3D%24%24visitor_cookie%24%24%26ssp%3Dthe33...
  • https://x.bidswitch.net/sync?dsp_id=354&user_id=028f615ab32c49f38075170b398047c2&ssp=the33across&bsw_param=80b35f2d-fa1a-47da-9010-64e13e84dcaf&gdpr=&consent=&gdpr_pd=&expires=7
  • https://ssc-cms.33across.com/ps/?xi=10&us_privacy=&xu=80b35f2d-fa1a-47da-9010-64e13e84dcaf
  • https://events-ssc.33across.com/match?bidder_id=10&external_user_id=80b35f2d-fa1a-47da-9010-64e13e84dcaf&ts=1670212862&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
126 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=10&external_user_id=80b35f2d-fa1a-47da-9010-64e13e84dcaf&ts=1670212862&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/v2?m=xch&rt=html&id=avU6sM0hSr66bCaKj0P0Le&gdpr_consent=undefined&us_privacy=undefined&b=1
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://de.tynt.com/deb/v2?m=xch&rt=html&id=avU6sM0hSr66bCaKj0P0Le&gdpr_consent=undefined&us_privacy=undefined&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 04:01:02 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Mon, 05 Dec 2022 04:01:02 GMT
referrer-policy
unsafe-url
server
33XP007
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=10&external_user_id=80b35f2d-fa1a-47da-9010-64e13e84dcaf&ts=1670212862&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
events-ssc.33across.com/ Frame A36D
Redirect Chain
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1670212860819.3&ri=1&ru=https%3A%2F%2Fsync.mathtag.com%2Fsync%2Fimg%3Fus_privacy%3D%24%7BUS_PRIVACY%7D%26mt_exid%3D73%26redir%3Dhttps%253A%252F%252Fe...
  • https://sync.mathtag.com/sync/img?us_privacy=&mt_exid=73&redir=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D1%26external_user_id%3D%5BMM_UUID%5D
  • https://events-ssc.33across.com/match?liv=g&us_privacy=&bidder_id=1&external_user_id=af57638d-6cfa-4600-8909-94e1f1deb2d9
68 B
126 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?liv=g&us_privacy=&bidder_id=1&external_user_id=af57638d-6cfa-4600-8909-94e1f1deb2d9
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/v2?m=xch&rt=html&id=avU6sM0hSr66bCaKj0P0Le&gdpr_consent=undefined&us_privacy=undefined&b=1
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://de.tynt.com/deb/v2?m=xch&rt=html&id=avU6sM0hSr66bCaKj0P0Le&gdpr_consent=undefined&us_privacy=undefined&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 04:01:02 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

Date
Mon, 05 Dec 2022 04:01:02 GMT
Server
MT3 180 1fd3e2d master hkg-pixel-x23 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://events-ssc.33across.com/match?liv=g&us_privacy=&bidder_id=1&external_user_id=af57638d-6cfa-4600-8909-94e1f1deb2d9
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 05 Dec 2022 04:01:01 GMT
match
events-ssc.33across.com/ Frame A36D
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=104&us_privacy=&redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fus_privacy%3D%26xi%3D45%26xu%3D%7BuserId%7D
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=104&us_privacy=&redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fus_privacy%3D%26xi%3D45%26xu%3D%7BuserId%7D
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=590893b0-074c-4b82-8fa8-43a492b763bd-638d6cfd-4155&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%...
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=590893b0-074c-4b82-8fa8-43a492b763bd-638d6cfd-4155&partner_url=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fus_privacy%3D%26...
  • https://ssc-cms.33across.com/ps/?us_privacy=&xi=45&xu=590893b0-074c-4b82-8fa8-43a492b763bd-638d6cfd-4155
  • https://events-ssc.33across.com/match?bidder_id=45&external_user_id=590893b0-074c-4b82-8fa8-43a492b763bd-638d6cfd-4155&ts=1670212863&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=45&external_user_id=590893b0-074c-4b82-8fa8-43a492b763bd-638d6cfd-4155&ts=1670212863&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/v2?m=xch&rt=html&id=avU6sM0hSr66bCaKj0P0Le&gdpr_consent=undefined&us_privacy=undefined&b=1
Protocol
H3
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://de.tynt.com/deb/v2?m=xch&rt=html&id=avU6sM0hSr66bCaKj0P0Le&gdpr_consent=undefined&us_privacy=undefined&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 04:01:03 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Mon, 05 Dec 2022 04:01:02 GMT
referrer-policy
unsafe-url
server
33XP015
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=45&external_user_id=590893b0-074c-4b82-8fa8-43a492b763bd-638d6cfd-4155&ts=1670212863&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
cm
us-u.openx.net/w/1.0/ Frame 34AD
Redirect Chain
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1670212860819.5&ri=70&ru=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fcm%3Fid%3Dc6a5ba0d-ce02-41bd-a1ea-842c68bd5108%26ph%3D8f5ed5d4-642c-4222-968a-d709c...
  • https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D...
951 B
575 B 		Document
General
Check archive.org
Download Go to
Full URL
https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/v2?m=xch&rt=html&id=avU6sM0hSr66bCaKj0P0Le&gdpr_consent=undefined&us_privacy=undefined&b=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
feef73a6e360f41ff99a55fef39887d19c9ba932a90d3a8ec68fd7579c253cc1

Request headers

Referer
https://de.tynt.com/deb/v2?m=xch&rt=html&id=avU6sM0hSr66bCaKj0P0Le&gdpr_consent=undefined&us_privacy=undefined&b=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
556
content-type
text/html
date
Mon, 05 Dec 2022 04:01:02 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-length
0
date
Mon, 05 Dec 2022 04:01:01 GMT
expires
Thu, 01-Jan-70 00:00:01 GMT
location
https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
pragma
no-cache
referrer-policy
unsafe-url
server
33XP010
x-33x-status
40000000008200000C
match
events-ssc.33across.com/ Frame A36D
Redirect Chain
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1670212860819.6&ri=90&ru=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fevents-ssc.33across.com%252Fmatch%253Fliv%253Dg%2526us_privacy%253...
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D90%26external_user_id%3D%24UID
  • https://events-ssc.33across.com/match?liv=g&us_privacy=&bidder_id=90&external_user_id=6665481102401954734
68 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?liv=g&us_privacy=&bidder_id=90&external_user_id=6665481102401954734
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/v2?m=xch&rt=html&id=avU6sM0hSr66bCaKj0P0Le&gdpr_consent=undefined&us_privacy=undefined&b=1
Protocol
H3
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://de.tynt.com/deb/v2?m=xch&rt=html&id=avU6sM0hSr66bCaKj0P0Le&gdpr_consent=undefined&us_privacy=undefined&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 04:01:02 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

Pragma
no-cache
Date
Mon, 05 Dec 2022 04:01:02 GMT
AN-X-Request-Uuid
55edfe6b-71ab-4eda-ab76-4e9b941fbd59
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://events-ssc.33across.com/match?liv=g&us_privacy=&bidder_id=90&external_user_id=6665481102401954734
Connection
keep-alive
X-Proxy-Origin
103.209.254.83; 103.209.254.83; 897.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
v2
de.tynt.com/deb/ Frame 582A 		75 B
403 B 		Document
General
Check archive.org
Download Go to
Full URL
https://de.tynt.com/deb/v2?m=xch&rt=html&id=aq47yi0hSr66bCaKj0P0Le&gdpr_consent=undefined&us_privacy=undefined
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.31 Palos Park, United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip31.67-202-105.static.steadfastdns.net
Software
/
Resource Hash
e170d20dbbd5a22f50118e25fa2eefb1e85d2ad780e5477ed3a9643186090442

Request headers

Referer
https://wegotthiscovered.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-length
75
content-type
text/html
date
Mon, 05 Dec 2022 04:01:01 GMT
expires
Sat, 26 Jul 1997 05:00:00 GMT
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
referrer-policy
unsafe-url
v2
de.tynt.com/deb/ Frame 6EDE 		75 B
403 B 		Document
General
Check archive.org
Download Go to
Full URL
https://de.tynt.com/deb/v2?m=xch&rt=html&id=aARC5I0hSr66bCaKj0P0Le&gdpr_consent=undefined&us_privacy=undefined
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.31 Palos Park, United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip31.67-202-105.static.steadfastdns.net
Software
/
Resource Hash
e170d20dbbd5a22f50118e25fa2eefb1e85d2ad780e5477ed3a9643186090442

Request headers

Referer
https://wegotthiscovered.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-length
75
content-type
text/html
date
Mon, 05 Dec 2022 04:01:00 GMT
expires
Sat, 26 Jul 1997 05:00:00 GMT
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
referrer-policy
unsafe-url
beacon
ap.lijit.com/ Frame 1E83 		5 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/beacon?informer=13412165
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
209.191.163.209 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
aa634d5e2fbde5cfa71a2237198f04c6dbf491ef21ba68df699b863de30a75bb

Request headers

Referer
https://wegotthiscovered.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Content-Length
5152
Content-Type
text/html
Date
Mon, 05 Dec 2022 04:01:01 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
X-Sovrn-Pod
ad_ap3sfo1
/
rtb-csync.smartadserver.com/redir/
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?&rd=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D91%26partneruserid%3D%23PM_USER_ID%26gdpr%3DPM_GDPR%26gdpr_conse...
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=91&partneruserid=E0D49FB2-6484-443C-94BA-B894703FD7A2&gdpr=0&gdpr_consent=
43 B
466 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=91&partneruserid=E0D49FB2-6484-443C-94BA-B894703FD7A2&gdpr=0&gdpr_consent=
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
HTTP/1.1
Server
23.106.127.52 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 05 Dec 2022 04:01:01 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=91&partneruserid=E0D49FB2-6484-443C-94BA-B894703FD7A2&gdpr=0&gdpr_consent=
date
Mon, 05 Dec 2022 04:01:01 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
/
rtb-csync.smartadserver.com/redir/
Redirect Chain
  • https://a.audrte.com/get?p=M501991648&r=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D141%26partneruserid%3D$UID&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=141&partneruserid=35iFTJ3VRT3TCm-lsZTFLIa-w
43 B
496 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=141&partneruserid=35iFTJ3VRT3TCm-lsZTFLIa-w
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
HTTP/1.1
Server
23.106.127.52 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 05 Dec 2022 04:01:01 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

Date
Mon, 05 Dec 2022 04:01:02 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Access-Control-Allow-Origin
*
Location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=141&partneruserid=35iFTJ3VRT3TCm-lsZTFLIa-w
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
PugMaster
image6.pubmatic.com/AdServer/ Frame 1A5A 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=45623189&p=109126&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.199.150.81 Los Angeles, United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
f302865c57f7f59513df889c3b454f4e6e886bc82fbb5e55cfdf7a4860d7eda2

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Mon, 05 Dec 2022 04:00:22 GMT
content-length
1665
content-type
text/html; charset=UTF-8
Pug
simage2.pubmatic.com/AdServer/ Frame 5FEE
Redirect Chain
  • https://ipac.ctnsnet.com/int/cm?exc=14&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA%3D%26piggybackCookie%3D%5Buser_id%5D
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=222be45c84fd46478d1c8288686c3634
42 B
304 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=222be45c84fd46478d1c8288686c3634
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.199.150.86 Los Angeles, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 05 Dec 2022 04:01:02 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html;charset=UTF-8
date
Mon, 05 Dec 2022 04:01:01 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=222be45c84fd46478d1c8288686c3634
p3p
CP="NOI DSP COR NID CUR OUR NOR"
pragma
no-cache
server
Apache-Coyote/1.1
status
302
via
1.1 google
x-xss-protection
1; mode=block
pxd
dps.jp.cinarra.com/ Frame 6CB7 		95 B
220 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dps.jp.cinarra.com/pxd?PLATFORM_ID=D&USER_ID=E0D49FB2-6484-443C-94BA-B894703FD7A2
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.113.156.50 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-113-156-50.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Connection
keep-alive
Content-Length
95
Content-Type
image/png
Date
Mon, 05 Dec 2022 04:01:02 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 8333
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:cdLMNgQe1P22F45&gdpr=0&gdpr_consent=
42 B
299 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:cdLMNgQe1P22F45&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.199.150.86 Los Angeles, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 05 Dec 2022 04:01:02 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Date
Mon, 05 Dec 2022 04:01:01 GMT
Expires
Fri, 01 Jan 1990 00:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:cdLMNgQe1P22F45&gdpr=0&gdpr_consent=
Pragma
no-cache
Server
PingMatch/595ea14#595ea1444a96c0bdac4aa333a73d7028cf966fc7 i-0b7d7e75c35afaec7@ap-southeast-1b@dxedge-app-ap-southeast-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
RX-41bfb3c0-28e7-4ac9-9b32-d4947a9f9983-004
sync.targeting.unrulymedia.com/csync/ Frame 1D49
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-41bfb3c0-28e7-4ac9-9b32-d4947a9f9983-004&rndcb=7245116160
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=adconductor&bsw_custom_parameter=80b35f2d-fa1a-47da-9010-64e13e84dcaf
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=20470e5d-92e1-47e0-8a10-72bf805a3624&user_group=1&ssp=adconductor&bsw_param=80b35f2d-fa1a-47da-9010-64e13e84dcaf
  • https://sync.1rx.io/usersync/bidswitch/80b35f2d-fa1a-47da-9010-64e13e84dcaf?gdpr=&gdpr_consent=
  • https://sync.targeting.unrulymedia.com/csync/RX-41bfb3c0-28e7-4ac9-9b32-d4947a9f9983-004
43 B
377 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.targeting.unrulymedia.com/csync/RX-41bfb3c0-28e7-4ac9-9b32-d4947a9f9983-004
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
74.118.186.45 Serangoon, Singapore, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

content-length
43
date
Mon, 05 Dec 2022 04:01:03 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-type
text/html
date
Mon, 05 Dec 2022 04:01:02 GMT
expires
0
location
https://sync.targeting.unrulymedia.com/csync/RX-41bfb3c0-28e7-4ac9-9b32-d4947a9f9983-004
pragma
no-cache
bridge
cm.adgrx.com/ Frame F272 		43 B
423 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.250.207.233 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-250-207-233.ap-southeast-1.compute.amazonaws.com
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
content-length
43
content-type
image/gif
date
Mon, 05 Dec 2022 04:01:01 GMT
expires
Thu, 23 Sep 2004 17:42:04 GMT
p3p
CP="NOI OTC OTP OUR NOR"
pragma
no-cache
server
Cowboy
x-realserver-nx
aws-apsoutheast1a-delivery-1
141
match.deepintent.com/usersync/ Frame 3702 		0
39 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
c /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

content-length
0
date
Mon, 05 Dec 2022 04:01:01 GMT
server
c
i.match
a.tribalfusion.com/ Frame B171 		43 B
612 B 		Document
General
Check archive.org
Download Go to
Full URL
https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.173 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
7749e0d2eda117ca-MEL
content-length
43
content-type
image/gif; charset=utf-8
date
Mon, 05 Dec 2022 04:01:02 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
302
cookiesync
core.iprom.net/ Frame 0192 		43 B
277 B 		Document
General
Check archive.org
Download Go to
Full URL
https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Connection
close
Content-Length
43
Content-Type
image/gif
Date
Mon, 05 Dec 2022 04:01:02 GMT
Vary
Accept-Encoding
X-adserver-worker
komodo-52270aa551bc@version_1.531
X-core-time
0ms
X-server-arch
v2
Pug
simage2.pubmatic.com/AdServer/ Frame 6EE7
Redirect Chain
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={viewer_token}&gdpr=0
0
74 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={viewer_token}&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.199.150.86 Los Angeles, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Mon, 05 Dec 2022 04:01:02 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
date
Mon, 05 Dec 2022 04:01:02 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={viewer_token}&gdpr=0
server
_
Pug
simage2.pubmatic.com/AdServer/ Frame E803
Redirect Chain
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:D2890877A16842FBAB5E0498421370CE&gdpr=0&gdpr_consent=
1 B
53 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:D2890877A16842FBAB5E0498421370CE&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.199.150.86 Los Angeles, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Mon, 05 Dec 2022 04:01:02 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
content-length
142
content-type
text/html
date
Mon, 05 Dec 2022 04:01:01 GMT
expires
Sun, 04 Dec 2022 04:01:01 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:D2890877A16842FBAB5E0498421370CE&gdpr=0&gdpr_consent=
server
openresty
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
usync.js
eus.rubiconproject.com/ Frame BC61 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.15.148.136 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-15-148-136.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
4b49f9df6833f612c5bf19b77f27c01ff259fca7994c2cd150ce04f86bd32642

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date
Mon, 05 Dec 2022 04:01:01 GMT
Content-Encoding
gzip
Last-Modified
Sun, 04 Dec 2022 13:02:35 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=32452
Connection
keep-alive
Content-Length
10067
Expires
Mon, 05 Dec 2022 13:01:53 GMT
usync.js
eus.rubiconproject.com/ Frame 0FCB 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.15.148.136 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-15-148-136.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
4b49f9df6833f612c5bf19b77f27c01ff259fca7994c2cd150ce04f86bd32642

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date
Mon, 05 Dec 2022 04:01:01 GMT
Content-Encoding
gzip
Last-Modified
Sun, 04 Dec 2022 13:02:35 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=32452
Connection
keep-alive
Content-Length
10067
Expires
Mon, 05 Dec 2022 13:01:53 GMT
usync.js
eus.rubiconproject.com/ Frame AB74 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.15.148.136 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-15-148-136.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
4b49f9df6833f612c5bf19b77f27c01ff259fca7994c2cd150ce04f86bd32642

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date
Mon, 05 Dec 2022 04:01:01 GMT
Content-Encoding
gzip
Last-Modified
Sun, 04 Dec 2022 13:02:35 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=32452
Connection
keep-alive
Content-Length
10067
Expires
Mon, 05 Dec 2022 13:01:53 GMT
match
events-ssc.33across.com/ Frame 0FCB
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=33across&us_privacy=&gdpr_consent=undefined&gdpr=0&us_privacy=1---&khaos=LBA9LY0O-6-E4O5
  • https://ssc-cms.33across.com/ps/?xi=1&xu=LBA9LY0O-6-E4O5&gdpr=0&gdpr_consent=undefined
  • https://events-ssc.33across.com/match?bidder_id=30&external_user_id=LBA9LY0O-6-E4O5&ts=1670212862&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=30&external_user_id=LBA9LY0O-6-E4O5&ts=1670212862&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Protocol
H3
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 04:01:02 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Mon, 05 Dec 2022 04:01:01 GMT
referrer-policy
unsafe-url
server
33XP019
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=30&external_user_id=LBA9LY0O-6-E4O5&ts=1670212862&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
events-ssc.33across.com/ Frame A86F 		68 B
126 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?liv=g&us_privacy=&bidder_id=70&external_user_id=273bb38f-f9c1-4bd7-8768-7e99d5cf87c6
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 04:01:02 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png
c.html
j.mrpdata.net/ Frame A86F
Redirect Chain
  • https://j.mrpdata.net/c.html?ex=OpenX
  • https://j.mrpdata.net/c.html?ac=1&test=1&pd=IiJDEhk64oNJNGE8hhJnLaIH&ex=OpenX
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://j.mrpdata.net/c.html?ac=1&test=1&pd=IiJDEhk64oNJNGE8hhJnLaIH&ex=OpenX
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol
HTTP/1.1
Server
18.195.252.61 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-252-61.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Redirect headers

location
https://j.mrpdata.net/c.html?ac=1&test=1&pd=IiJDEhk64oNJNGE8hhJnLaIH&ex=OpenX
pragma
no-cache
cache-control
no-cache
x-deviceid
ff6a1089-acab-59ab-5fa8-c5e7c1c5b94e
x-backend
dmc_hitServer_4_f@j4mrpdatanet
Connection
keep-alive
transfer-encoding
chunked
sd
us-u.openx.net/w/1.0/ Frame A86F
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=4&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072977&val=590893b0-074c-4b82-8fa8-43a492b763bd-638d6cfd-4155&gdpr=0&gdpr_consent=
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072977&val=590893b0-074c-4b82-8fa8-43a492b763bd-638d6cfd-4155&gdpr=0&gdpr_consent=
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Dec 2022 04:01:02 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 05 Dec 2022 04:01:01 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://us-u.openx.net/w/1.0/sd?id=537072977&val=590893b0-074c-4b82-8fa8-43a492b763bd-638d6cfd-4155&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
sd
eu-u.openx.net/w/1.0/ Frame A86F
Redirect Chain
  • https://csync.loopme.me/?redirect=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D539270434%26val%3D%7Bdevice_id%7D
  • https://eu-u.openx.net/w/1.0/sd?id=539270434&val=14974ed4-eda2-4b38-a1a2-d8ae1b305010
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=539270434&val=14974ed4-eda2-4b38-a1a2-d8ae1b305010
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Dec 2022 04:01:02 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://eu-u.openx.net/w/1.0/sd?id=539270434&val=14974ed4-eda2-4b38-a1a2-d8ae1b305010
date
Mon, 05 Dec 2022 04:01:02 GMT
server
_
content-length
0
sd
us-u.openx.net/w/1.0/ Frame A86F
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=openx
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=80b35f2d-fa1a-47da-9010-64e13e84dcaf&ssp=openx&gdpr=&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2910&partner_device_id=10524349382118821030&gdpr=&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.vis...
  • https://odr.mookie1.com/t/v2?tagid=V2_948118&src.visitorid=99425b1c-5be5-4b55-8e5e-c77148467017&ssp=openx&gdpr_consent=&gdpr=
  • https://aa.agkn.com/adscores/g.pixel?sid=9212302828&puid=10524349382118821030&ssp=openx&gdpr=&gdpr_consent=
  • https://odr.mookie1.com/t/v2?tagid=V2_785409&src.visitorId=232363304356002906117&ssp=openx&gdpr=&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=419&user_id=10524349382118821030&ssp=openx&gdpr=&gdpr_consent=
  • https://us-u.openx.net/w/1.0/sd?id=537072968&val=80b35f2d-fa1a-47da-9010-64e13e84dcaf&gdpr=&gdpr_consent=
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072968&val=80b35f2d-fa1a-47da-9010-64e13e84dcaf&gdpr=&gdpr_consent=
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Dec 2022 04:01:03 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
//us-u.openx.net/w/1.0/sd?id=537072968&val=80b35f2d-fa1a-47da-9010-64e13e84dcaf&gdpr=&gdpr_consent=
Date
Mon, 05 Dec 2022 04:01:03 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
/
apsoutheast-match.deepintent.com/usersync/108/ Frame A86F 		0
16 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://apsoutheast-match.deepintent.com/usersync/108/
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
c /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 04:01:01 GMT
content-length
0
server
c
sd
us-u.openx.net/w/1.0/ Frame A86F
Redirect Chain
  • https://openx2-match.dotomi.com/match/bounce/current?networkId=15900&version=1&nuid={OX_USER_ID}
  • https://us-u.openx.net/w/1.0/sd?id=537072954&val=AQELAC3sQDkNZwIIf0aaAQEBAQE&expiration=1670299262&nuid={OX_USER_ID}
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072954&val=AQELAC3sQDkNZwIIf0aaAQEBAQE&expiration=1670299262&nuid={OX_USER_ID}
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Dec 2022 04:01:02 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 05 Dec 2022 04:01:02 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://us-u.openx.net/w/1.0/sd?id=537072954&val=AQELAC3sQDkNZwIIf0aaAQEBAQE&expiration=1670299262&nuid={OX_USER_ID}
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
sync
ups.analytics.yahoo.com/ups/58294/ Frame A86F 		0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58294/sync?_origin=1&gdpr=0&uid=7f943c68-ff20-4171-b878-b0434838e1f0
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.74.13.196 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-74-13-196.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 04:01:02 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sd
us-u.openx.net/w/1.0/ Frame A86F
Redirect Chain
  • https://um.simpli.fi/ox_match
  • https://us-u.openx.net/w/1.0/sd?id=537072966&val=D2890877A16842FBAB5E0498421370CE
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072966&val=D2890877A16842FBAB5E0498421370CE
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Dec 2022 04:01:02 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date
Mon, 05 Dec 2022 04:01:02 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://us-u.openx.net/w/1.0/sd?id=537072966&val=D2890877A16842FBAB5E0498421370CE
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Sun, 04 Dec 2022 04:01:02 GMT
redirect
match.rundsp.com/ Frame A86F 		0
0
19cb1bfc173dcb98ccec
s.amazon-adsystem.com/x/ Frame A86F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/x/19cb1bfc173dcb98ccec
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers
match
events-ssc.33across.com/ Frame 11C3 		68 B
126 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?liv=g&us_privacy=&bidder_id=70&external_user_id=273bb38f-f9c1-4bd7-8768-7e99d5cf87c6
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 04:01:02 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png
c.html
j.mrpdata.net/ Frame 11C3
Redirect Chain
  • https://j.mrpdata.net/c.html?ex=OpenX
  • https://j.mrpdata.net/c.html?ac=1&test=1&pd=IiJDEhk64oNJNGE8hhJnLaIH&ex=OpenX
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://j.mrpdata.net/c.html?ac=1&test=1&pd=IiJDEhk64oNJNGE8hhJnLaIH&ex=OpenX
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol
HTTP/1.1
Server
18.195.252.61 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-252-61.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Redirect headers

location
https://j.mrpdata.net/c.html?ac=1&test=1&pd=IiJDEhk64oNJNGE8hhJnLaIH&ex=OpenX
pragma
no-cache
cache-control
no-cache
x-deviceid
ff6a1089-acab-59ab-5fa8-c5e7c1c5b94e
x-backend
dmc_hitServer_4_e@j4mrpdatanet
Connection
keep-alive
transfer-encoding
chunked
sd
us-u.openx.net/w/1.0/ Frame 11C3
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=4&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072977&val=590893b0-074c-4b82-8fa8-43a492b763bd-638d6cfd-4155&gdpr=0&gdpr_consent=
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072977&val=590893b0-074c-4b82-8fa8-43a492b763bd-638d6cfd-4155&gdpr=0&gdpr_consent=
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Dec 2022 04:01:02 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 05 Dec 2022 04:01:01 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://us-u.openx.net/w/1.0/sd?id=537072977&val=590893b0-074c-4b82-8fa8-43a492b763bd-638d6cfd-4155&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
sd
eu-u.openx.net/w/1.0/ Frame 11C3
Redirect Chain
  • https://csync.loopme.me/?redirect=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D539270434%26val%3D%7Bdevice_id%7D
  • https://eu-u.openx.net/w/1.0/sd?id=539270434&val=14974ed4-eda2-4b38-a1a2-d8ae1b305010
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=539270434&val=14974ed4-eda2-4b38-a1a2-d8ae1b305010
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Dec 2022 04:01:02 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://eu-u.openx.net/w/1.0/sd?id=539270434&val=14974ed4-eda2-4b38-a1a2-d8ae1b305010
date
Mon, 05 Dec 2022 04:01:02 GMT
server
_
content-length
0
sd
us-u.openx.net/w/1.0/ Frame 11C3
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=openx
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=80b35f2d-fa1a-47da-9010-64e13e84dcaf&ssp=openx&gdpr=&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2910&partner_device_id=10524349382118821030&gdpr=&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.vis...
  • https://odr.mookie1.com/t/v2?tagid=V2_948118&src.visitorid=99425b1c-5be5-4b55-8e5e-c77148467017&ssp=openx&gdpr_consent=&gdpr=
  • https://aa.agkn.com/adscores/g.pixel?sid=9212302828&puid=10524349382118821030&ssp=openx&gdpr=&gdpr_consent=
  • https://odr.mookie1.com/t/v2?tagid=V2_785409&src.visitorId=232363304356002906117&ssp=openx&gdpr=&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=419&user_id=10524349382118821030&ssp=openx&gdpr=&gdpr_consent=
  • https://us-u.openx.net/w/1.0/sd?id=537072968&val=80b35f2d-fa1a-47da-9010-64e13e84dcaf&gdpr=&gdpr_consent=
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072968&val=80b35f2d-fa1a-47da-9010-64e13e84dcaf&gdpr=&gdpr_consent=
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Dec 2022 04:01:03 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
//us-u.openx.net/w/1.0/sd?id=537072968&val=80b35f2d-fa1a-47da-9010-64e13e84dcaf&gdpr=&gdpr_consent=
Date
Mon, 05 Dec 2022 04:01:03 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
/
apsoutheast-match.deepintent.com/usersync/108/ Frame 11C3 		0
16 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://apsoutheast-match.deepintent.com/usersync/108/
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
c /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 04:01:01 GMT
content-length
0
server
c
sd
us-u.openx.net/w/1.0/ Frame 11C3
Redirect Chain
  • https://openx2-match.dotomi.com/match/bounce/current?networkId=15900&version=1&nuid={OX_USER_ID}
  • https://us-u.openx.net/w/1.0/sd?id=537072954&val=AQELAC3sQDkNZwIIf0aaAQEBAQE&expiration=1670299262&nuid={OX_USER_ID}
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072954&val=AQELAC3sQDkNZwIIf0aaAQEBAQE&expiration=1670299262&nuid={OX_USER_ID}
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Dec 2022 04:01:02 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 05 Dec 2022 04:01:02 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://us-u.openx.net/w/1.0/sd?id=537072954&val=AQELAC3sQDkNZwIIf0aaAQEBAQE&expiration=1670299262&nuid={OX_USER_ID}
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
sync
ups.analytics.yahoo.com/ups/58294/ Frame 11C3 		0
17 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58294/sync?_origin=1&gdpr=0&uid=7f943c68-ff20-4171-b878-b0434838e1f0
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.74.13.196 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-74-13-196.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 04:01:02 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sd
us-u.openx.net/w/1.0/ Frame 11C3
Redirect Chain
  • https://um.simpli.fi/ox_match
  • https://us-u.openx.net/w/1.0/sd?id=537072966&val=D2890877A16842FBAB5E0498421370CE
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072966&val=D2890877A16842FBAB5E0498421370CE
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Dec 2022 04:01:02 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date
Mon, 05 Dec 2022 04:01:02 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://us-u.openx.net/w/1.0/sd?id=537072966&val=D2890877A16842FBAB5E0498421370CE
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Sun, 04 Dec 2022 04:01:02 GMT
redirect
match.rundsp.com/ Frame 11C3 		0
0
19cb1bfc173dcb98ccec
s.amazon-adsystem.com/x/ Frame 11C3 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/x/19cb1bfc173dcb98ccec
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers
pixel
cm.g.doubleclick.net/ Frame 1E83
Redirect Chain
  • https://ap.lijit.com/dsp/google/cookiematch/dv?gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=RncyUUNSWkh1M3YxcjdUelFXNnJUc0x3&gdpr=0
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=RncyUUNSWkh1M3YxcjdUelFXNnJUc0x3&gdpr=0
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13412165
Protocol
H3
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Dec 2022 04:01:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Mon, 05 Dec 2022 04:01:02 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=RncyUUNSWkh1M3YxcjdUelFXNnJUc0x3&gdpr=0
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap3sfo1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
merge
ce.lijit.com/ Frame 1E83
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558511&ev=1&rurl=https%3A%2F%2Fce.lijit.com/merge?pid=49&3pid=%%VGUID%%&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=49&3pid=86xgmJnBwVKu&ev=1&pid=558511&gdpr_consent=&gdpr=0
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=49&3pid=86xgmJnBwVKu&ev=1&pid=558511&gdpr_consent=&gdpr=0
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13412165
Protocol
HTTP/1.1
Server
209.191.163.208 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 05 Dec 2022 04:01:03 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2sfo1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
location
https://ce.lijit.com/merge?pid=49&3pid=86xgmJnBwVKu&ev=1&pid=558511&gdpr_consent=&gdpr=0
content-language
en-AU
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-5d75dc9fb4-w8v7v
expires
-1
merge
ce.lijit.com/ Frame 1E83
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=17&mt_exuid=Fw2QCRZHu3v1r7TzQW6rTsLw&redirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D3%263pid%3D%5BUUID%5D&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=3&3pid=af57638d-6cfa-4600-8909-94e1f1deb2d9&gdpr=0&gdpr_consent=
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=3&3pid=af57638d-6cfa-4600-8909-94e1f1deb2d9&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13412165
Protocol
HTTP/1.1
Server
209.191.163.208 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 05 Dec 2022 04:01:03 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2sfo1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Date
Mon, 05 Dec 2022 04:01:02 GMT
Server
MT3 180 1fd3e2d master hkg-pixel-x25 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://ce.lijit.com/merge?pid=3&3pid=af57638d-6cfa-4600-8909-94e1f1deb2d9&gdpr=0&gdpr_consent=
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 05 Dec 2022 04:01:01 GMT
merge
ce.lijit.com/ Frame 1E83
Redirect Chain
  • https://um.simpli.fi/lj_match?r=1670212861976&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=2&3pid=D2890877A16842FBAB5E0498421370CE
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=2&3pid=D2890877A16842FBAB5E0498421370CE
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13412165
Protocol
HTTP/1.1
Server
209.191.163.208 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 05 Dec 2022 04:01:03 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2sfo1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date
Mon, 05 Dec 2022 04:01:02 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://ce.lijit.com/merge?pid=2&3pid=D2890877A16842FBAB5E0498421370CE
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Sun, 04 Dec 2022 04:01:02 GMT
merge
ce.lijit.com/ Frame 1E83
Redirect Chain
  • https://data.adsrvr.org/track/cmf/generic?ttd_pid=federatedmedia&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=27&3pid=068165a1-9f84-469f-b0f4-06b7381834b8&gdpr=0&gdpr_consent=
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=27&3pid=068165a1-9f84-469f-b0f4-06b7381834b8&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13412165
Protocol
HTTP/1.1
Server
209.191.163.208 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 05 Dec 2022 04:01:02 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2sfo1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 05 Dec 2022 04:01:02 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://ce.lijit.com/merge?pid=27&3pid=068165a1-9f84-469f-b0f4-06b7381834b8&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
223
merge
ce.lijit.com/ Frame 1E83
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D12%263pid%3D%24UID&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=12&3pid=6665481102401954734&gdpr=0&gdpr_consent=
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=12&3pid=6665481102401954734&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13412165
Protocol
HTTP/1.1
Server
209.191.163.208 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 05 Dec 2022 04:01:03 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2sfo1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 05 Dec 2022 04:01:02 GMT
AN-X-Request-Uuid
64988fe5-0749-4174-883a-25c7dfaee834
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://ce.lijit.com/merge?pid=12&3pid=6665481102401954734&gdpr=0&gdpr_consent=
Connection
keep-alive
X-Proxy-Origin
103.209.254.83; 103.209.254.83; 900.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
merge
ce.lijit.com/ Frame 1E83
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=23&gdpr=0&gdpr_consent=
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=590893b0-074c-4b82-8fa8-43a492b763bd-638d6cfd-4155&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%...
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=590893b0-074c-4b82-8fa8-43a492b763bd-638d6cfd-4155&partner_url=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D16%263pid%3D590893...
  • https://ce.lijit.com/merge?pid=16&3pid=590893b0-074c-4b82-8fa8-43a492b763bd-638d6cfd-4155&gdpr=0&gdpr_consent=
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=16&3pid=590893b0-074c-4b82-8fa8-43a492b763bd-638d6cfd-4155&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13412165
Protocol
HTTP/1.1
Server
209.191.163.208 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 05 Dec 2022 04:01:03 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2sfo1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date
Mon, 05 Dec 2022 04:01:02 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location
https://ce.lijit.com/merge?pid=16&3pid=590893b0-074c-4b82-8fa8-43a492b763bd-638d6cfd-4155&gdpr=0&gdpr_consent=
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
RX-41bfb3c0-28e7-4ac9-9b32-d4947a9f9983-004
sync.targeting.unrulymedia.com/csync/ Frame 1E83
Redirect Chain
  • https://sync.1rx.io/usersync2/sovrn?gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-41bfb3c0-28e7-4ac9-9b32-d4947a9f9983-004&rndcb=6549138848
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=adconductor&bsw_custom_parameter=80b35f2d-fa1a-47da-9010-64e13e84dcaf
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=20470e5d-92e1-47e0-8a10-72bf805a3624&user_group=1&ssp=adconductor&bsw_param=80b35f2d-fa1a-47da-9010-64e13e84dcaf
  • https://sync.1rx.io/usersync/bidswitch/80b35f2d-fa1a-47da-9010-64e13e84dcaf?gdpr=&gdpr_consent=
  • https://sync.targeting.unrulymedia.com/csync/RX-41bfb3c0-28e7-4ac9-9b32-d4947a9f9983-004
43 B
377 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.targeting.unrulymedia.com/csync/RX-41bfb3c0-28e7-4ac9-9b32-d4947a9f9983-004
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13412165
Protocol
H2
Server
74.118.186.45 Serangoon, Singapore, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 04:01:03 GMT
content-length
43
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

Redirect headers

location
https://sync.targeting.unrulymedia.com/csync/RX-41bfb3c0-28e7-4ac9-9b32-d4947a9f9983-004
pragma
no-cache
date
Mon, 05 Dec 2022 04:01:03 GMT
cache-control
no-store, no-cache, must-revalidate
expires
0
content-type
text/html
merge
ce.lijit.com/ Frame 1E83
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=sovrn&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=86&3pid=XxuXOxblioyknFouUq7k&pi=sovrn&gdpr=0&gdpr_consent=
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=86&3pid=XxuXOxblioyknFouUq7k&pi=sovrn&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13412165
Protocol
HTTP/1.1
Server
209.191.163.208 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 05 Dec 2022 04:01:03 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2sfo1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

location
https://ce.lijit.com/merge?pid=86&3pid=XxuXOxblioyknFouUq7k&pi=sovrn&gdpr=0&gdpr_consent=
pragma
no-cache
date
Mon, 05 Dec 2022 04:01:02 GMT, Mon, 05 Dec 2022 04:01:02 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
reporting
ap.lijit.com/dsp/google/ Frame 1E83
Redirect Chain
  • https://ap.lijit.com/dsp/google/cookiematch/beacon?gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_hm=RncyUUNSWkh1M3YxcjdUelFXNnJUc0x3&gdpr=0
  • https://ap.lijit.com/dsp/google/reporting?gdpr=0
43 B
552 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/dsp/google/reporting?gdpr=0
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13412165
Protocol
HTTP/1.1
Server
209.191.163.209 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 05 Dec 2022 04:01:03 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
P3P
CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin
*
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap3sfo1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 05 Dec 2022 04:01:03 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ap.lijit.com/dsp/google/reporting?gdpr=0
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
245
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
merge
ce.lijit.com/ Frame 1E83
Redirect Chain
  • https://aorta.clickagy.com/pixel.gif?ch=185&cm=Fw2QCRZHu3v1r7TzQW6rTsLw&redir=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D84%263pid%3D%7Bvisitor_id%7D&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=84&3pid=c:a0c7fadee91ba15a5e773a980232689a
43 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=84&3pid=c:a0c7fadee91ba15a5e773a980232689a
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13412165
Protocol
HTTP/1.1
Server
209.191.163.208 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 05 Dec 2022 04:01:03 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2sfo1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date
Mon, 05 Dec 2022 04:01:03 GMT
server
Aorta/20221117.e7edcc499
expect
0
access-control-max-age
31536000
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/plain
location
https://ce.lijit.com/merge?pid=84&3pid=c:a0c7fadee91ba15a5e773a980232689a
access-control-allow-origin
access-control-expose-headers
Set-Cookie
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-aorta-region
us-west-1
x-aorta-host
4b45a4845057
access-control-allow-headers
Origin,cache-control,content-type,man,messagetype,soapaction
content-length
0
merge
ce.lijit.com/ Frame 1E83
Redirect Chain
  • https://cms.quantserve.com/pixel/p-CXt61zNBpKUt1.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=43&gdpr=0&gdpr_consent=&us_privacy=&3pid=6N5L0uiOFYDzi0OHu9RehezbEoXzj0CPu9mUEabj
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=43&gdpr=0&gdpr_consent=&us_privacy=&3pid=6N5L0uiOFYDzi0OHu9RehezbEoXzj0CPu9mUEabj
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13412165
Protocol
HTTP/1.1
Server
209.191.163.208 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 05 Dec 2022 04:01:02 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2sfo1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 05 Dec 2022 04:01:02 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://ce.lijit.com/merge?pid=43&gdpr=0&gdpr_consent=&us_privacy=&3pid=6N5L0uiOFYDzi0OHu9RehezbEoXzj0CPu9mUEabj
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
merge
ce.lijit.com/ Frame 1E83
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=fmx&gdpr=0&gdpr_consent=
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=fmx&bsw_custom_parameter=80b35f2d-fa1a-47da-9010-64e13e84dcaf
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=20470e5d-92e1-47e0-8a10-72bf805a3624&user_group=1&ssp=fmx&bsw_param=80b35f2d-fa1a-47da-9010-64e13e84dcaf
  • https://ce.lijit.com/merge?pid=26&3pid=80b35f2d-fa1a-47da-9010-64e13e84dcaf&gdpr=&gdpr_consent=
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=26&3pid=80b35f2d-fa1a-47da-9010-64e13e84dcaf&gdpr=&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13412165
Protocol
HTTP/1.1
Server
209.191.163.208 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 05 Dec 2022 04:01:03 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2sfo1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Location
//ce.lijit.com/merge?pid=26&3pid=80b35f2d-fa1a-47da-9010-64e13e84dcaf&gdpr=&gdpr_consent=
Date
Mon, 05 Dec 2022 04:01:02 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
merge
ce.lijit.com/ Frame 1E83
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=sovrn&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=87&3pid=3b5056a7-1fff-4313-ba69-a8208f0d3fb8
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=87&3pid=3b5056a7-1fff-4313-ba69-a8208f0d3fb8
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13412165
Protocol
HTTP/1.1
Server
209.191.163.208 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 05 Dec 2022 04:01:03 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2sfo1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Location
//ce.lijit.com/merge?pid=87&3pid=3b5056a7-1fff-4313-ba69-a8208f0d3fb8
Date
Mon, 05 Dec 2022 04:01:02 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
epx.gif
px.owneriq.net/fr/ Frame 1E83
Redirect Chain
  • https://px.owneriq.net/eucm/p/sv?gdpr=0&gdpr_consent=
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fpx.owneriq.net%2ffr%2fepx.gif&uid=Q7234992621378133737&ref=%2Feucm%2Fp%2Fsv
  • https://px.owneriq.net/fr/epx.gif
43 B
402 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.owneriq.net/fr/epx.gif
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13412165
Protocol
HTTP/1.1
Server
23.58.239.171 Cyberjaya, Malaysia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-58-239-171.deploy.static.akamaitechnologies.com
Software
Apache/2.4.6 (CentOS) / PHP/7.3.33
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date
Mon, 05 Dec 2022 04:01:03 GMT
Server
Apache/2.4.6 (CentOS)
X-Powered-By
PHP/7.3.33
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Content-Type
image/gif
Cache-Control
max-age=357652
Connection
keep-alive
Content-Length
43
Expires
Fri, 09 Dec 2022 07:21:55 GMT

Redirect headers

Date
Mon, 05 Dec 2022 04:01:03 GMT
Server
Apache/2.4.6 (CentOS)
X-Powered-By
PHP/7.3.33
Vary
Accept-Encoding
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://px.owneriq.net/fr/epx.gif
Content-Type
text/html
Cache-Control
max-age=25339
Connection
keep-alive
Content-Length
154
merge
ce.lijit.com/ Frame 1E83
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/svr?gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/svr?gdpr=0&gdpr_consent=&_bee_ppp=1
  • https://ce.lijit.com/merge?pid=85&3pid=AAGMF07HGtoAACAyHa_sQQ&gdpr=0
43 B
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=85&3pid=AAGMF07HGtoAACAyHa_sQQ&gdpr=0
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13412165
Protocol
HTTP/1.1
Server
209.191.163.208 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 05 Dec 2022 04:01:04 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2sfo1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

location
https://ce.lijit.com/merge?pid=85&3pid=AAGMF07HGtoAACAyHa_sQQ&gdpr=0
Date
Mon, 05 Dec 2022 04:01:04 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
ae12848777b41970a5f2
s.amazon-adsystem.com/x/ Frame 1E83 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/x/ae12848777b41970a5f2?gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13412165
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers
merge
ce.lijit.com/ Frame 1E83
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D92%263pid%3D%24UID&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=92&3pid=6665481102401954734&gdpr=0&gdpr_consent=
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=92&3pid=6665481102401954734&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13412165
Protocol
HTTP/1.1
Server
209.191.163.208 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 05 Dec 2022 04:01:03 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2sfo1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 05 Dec 2022 04:01:03 GMT
AN-X-Request-Uuid
b8ad3ded-e146-4155-b080-f19246af991d
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://ce.lijit.com/merge?pid=92&3pid=6665481102401954734&gdpr=0&gdpr_consent=
Connection
keep-alive
X-Proxy-Origin
103.209.254.83; 103.209.254.83; 897.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
beacon
ap.lijit.com/ Frame 1E83 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/beacon?gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13412165
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
209.191.163.209 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ap.lijit.com/beacon?informer=13412165
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 05 Dec 2022 04:01:03 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/avif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap3sfo1
Content-Length
5690
Expires
Fri, 20 Mar 2009 00:00:00 GMT
merge
ce.lijit.com/ Frame 1E83
Redirect Chain
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=sovrn-onscroll&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=83&3pid=LBA9LY0O-6-E4O5&gdpr=0
43 B
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=83&3pid=LBA9LY0O-6-E4O5&gdpr=0
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13412165
Protocol
HTTP/1.1
Server
209.191.163.208 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 05 Dec 2022 04:01:04 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2sfo1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ce.lijit.com/merge?pid=83&3pid=LBA9LY0O-6-E4O5&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
6f9fd0201ed801884e5299d5aabca094
Expires
0
merge
ce.lijit.com/ Frame 1E83
Redirect Chain
  • https://p.rfihub.com/cm?in=1&pub=1827&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=10&3pid=1976306190318009741
43 B
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=10&3pid=1976306190318009741
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13412165
Protocol
HTTP/1.1
Server
209.191.163.208 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 05 Dec 2022 04:01:05 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2sfo1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Location
https://ce.lijit.com/merge?pid=10&3pid=1976306190318009741
Date
Mon, 05 Dec 2022 04:01:05 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
merge
ce.lijit.com/ Frame 1E83
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=sovrn&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=80&3pid=LBA9LY0O-6-E4O5&gdpr=0
43 B
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=80&3pid=LBA9LY0O-6-E4O5&gdpr=0
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13412165
Protocol
HTTP/1.1
Server
209.191.163.208 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 05 Dec 2022 04:01:04 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2sfo1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ce.lijit.com/merge?pid=80&3pid=LBA9LY0O-6-E4O5&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
f72efbd84733ea5ba734e4e8fe0395a3
Expires
0
merge
ce.lijit.com/ Frame 9FFB
Redirect Chain
  • https://d.turn.com/r/dd/id/L21rdC8xMjcvY2lkLzI4NTUyOTczL3QvMg/url/https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D1%263pid%3D%24!%7BTURN_UUID%7D&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=1&3pid=3034912127337643283&gdpr=0&gdpr_consent=
43 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ce.lijit.com/merge?pid=1&3pid=3034912127337643283&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13412165
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
209.191.163.208 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ap.lijit.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Content-Length
43
Content-Type
image/gif
Date
Mon, 05 Dec 2022 04:01:03 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
X-Sovrn-Pod
ad_ap2sfo1

Redirect headers

cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
date
Mon, 05 Dec 2022 04:01:02 GMT
location
https://ce.lijit.com/merge?pid=1&3pid=3034912127337643283&gdpr=0&gdpr_consent=
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
pragma
no-cache
cm
us-u.openx.net/w/1.0/ Frame 68CA 		598 B
396 B 		Document
General
Check archive.org
Download Go to
Full URL
https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13412165
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
b939dd22d40d542e7b079bef1c8eae6b22683da34fae12d852e9b75704f80c6d

Request headers

Referer
https://ap.lijit.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
377
content-type
text/html
date
Mon, 05 Dec 2022 04:01:02 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 2A77 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=1&gdpr_consent=ABCFETYFDJLNBFCV&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13412165
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.44.0.196 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-44-0-196.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://ap.lijit.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=24017
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Mon, 05 Dec 2022 04:01:02 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Mon, 05 Dec 2022 10:41:19 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 119E 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13412165
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.44.0.196 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-44-0-196.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://ap.lijit.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=24017
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Mon, 05 Dec 2022 04:01:02 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Mon, 05 Dec 2022 10:41:19 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
match
events-ssc.33across.com/ Frame 34AD 		68 B
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?liv=g&us_privacy=&bidder_id=70&external_user_id=273bb38f-f9c1-4bd7-8768-7e99d5cf87c6
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 04:01:02 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png
c.html
j.mrpdata.net/ Frame 34AD
Redirect Chain
  • https://j.mrpdata.net/c.html?ex=OpenX
  • https://j.mrpdata.net/c.html?ac=1&test=1&pd=IiJDEhk64oNJNGE8hhJnLaIH&ex=OpenX
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://j.mrpdata.net/c.html?ac=1&test=1&pd=IiJDEhk64oNJNGE8hhJnLaIH&ex=OpenX
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol
HTTP/1.1
Server
18.195.252.61 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-252-61.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Redirect headers

location
https://j.mrpdata.net/c.html?ac=1&test=1&pd=IiJDEhk64oNJNGE8hhJnLaIH&ex=OpenX
pragma
no-cache
cache-control
no-cache
x-deviceid
ff6a1089-acab-59ab-5fa8-c5e7c1c5b94e
x-backend
dmc_hitServer_4_d@j4mrpdatanet
Connection
keep-alive
transfer-encoding
chunked
sd
us-u.openx.net/w/1.0/ Frame 34AD
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=4&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072977&val=590893b0-074c-4b82-8fa8-43a492b763bd-638d6cfd-4155&gdpr=0&gdpr_consent=
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072977&val=590893b0-074c-4b82-8fa8-43a492b763bd-638d6cfd-4155&gdpr=0&gdpr_consent=
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Dec 2022 04:01:02 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 05 Dec 2022 04:01:01 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://us-u.openx.net/w/1.0/sd?id=537072977&val=590893b0-074c-4b82-8fa8-43a492b763bd-638d6cfd-4155&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
sd
eu-u.openx.net/w/1.0/ Frame 34AD
Redirect Chain
  • https://csync.loopme.me/?redirect=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D539270434%26val%3D%7Bdevice_id%7D
  • https://eu-u.openx.net/w/1.0/sd?id=539270434&val=14974ed4-eda2-4b38-a1a2-d8ae1b305010
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=539270434&val=14974ed4-eda2-4b38-a1a2-d8ae1b305010
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Dec 2022 04:01:02 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://eu-u.openx.net/w/1.0/sd?id=539270434&val=14974ed4-eda2-4b38-a1a2-d8ae1b305010
date
Mon, 05 Dec 2022 04:01:02 GMT
server
_
content-length
0
sd
us-u.openx.net/w/1.0/ Frame 34AD
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=openx
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=openx&bsw_custom_parameter=80b35f2d-fa1a-47da-9010-64e13e84dcaf
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=20470e5d-92e1-47e0-8a10-72bf805a3624&user_group=1&ssp=openx&bsw_param=80b35f2d-fa1a-47da-9010-64e13e84dcaf
  • https://us-u.openx.net/w/1.0/sd?id=537072968&val=80b35f2d-fa1a-47da-9010-64e13e84dcaf&gdpr=&gdpr_consent=
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072968&val=80b35f2d-fa1a-47da-9010-64e13e84dcaf&gdpr=&gdpr_consent=
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Dec 2022 04:01:03 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
//us-u.openx.net/w/1.0/sd?id=537072968&val=80b35f2d-fa1a-47da-9010-64e13e84dcaf&gdpr=&gdpr_consent=
Date
Mon, 05 Dec 2022 04:01:03 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
/
apsoutheast-match.deepintent.com/usersync/108/ Frame 34AD 		0
39 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://apsoutheast-match.deepintent.com/usersync/108/
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
c /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 04:01:02 GMT
content-length
0
server
c
sd
us-u.openx.net/w/1.0/ Frame 34AD
Redirect Chain
  • https://openx2-match.dotomi.com/match/bounce/current?networkId=15900&version=1&nuid={OX_USER_ID}
  • https://us-u.openx.net/w/1.0/sd?id=537072954&val=AQELAC3sQDkNZwIIf0aaAQEBAQE&expiration=1670299262&nuid={OX_USER_ID}
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072954&val=AQELAC3sQDkNZwIIf0aaAQEBAQE&expiration=1670299262&nuid={OX_USER_ID}
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Dec 2022 04:01:02 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 05 Dec 2022 04:01:02 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://us-u.openx.net/w/1.0/sd?id=537072954&val=AQELAC3sQDkNZwIIf0aaAQEBAQE&expiration=1670299262&nuid={OX_USER_ID}
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
sync
ups.analytics.yahoo.com/ups/58294/ Frame 34AD 		0
17 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58294/sync?_origin=1&gdpr=0&uid=7f943c68-ff20-4171-b878-b0434838e1f0
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.74.13.196 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-74-13-196.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 04:01:02 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sd
us-u.openx.net/w/1.0/ Frame 34AD
Redirect Chain
  • https://um.simpli.fi/ox_match
  • https://us-u.openx.net/w/1.0/sd?id=537072966&val=D2890877A16842FBAB5E0498421370CE
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072966&val=D2890877A16842FBAB5E0498421370CE
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Dec 2022 04:01:02 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date
Mon, 05 Dec 2022 04:01:02 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://us-u.openx.net/w/1.0/sd?id=537072966&val=D2890877A16842FBAB5E0498421370CE
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Sun, 04 Dec 2022 04:01:02 GMT
redirect
match.rundsp.com/ Frame 34AD 		0
0
19cb1bfc173dcb98ccec
s.amazon-adsystem.com/x/ Frame 34AD 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/x/19cb1bfc173dcb98ccec
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers
merge
ce.lijit.com/ Frame 68CA 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=76&3pid=3dbe6121-cdfe-4135-ace3-c7efa72a2acb
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
209.191.163.208 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 05 Dec 2022 04:01:03 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2sfo1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT
sd
jp-u.openx.net/w/1.0/ Frame 68CA
Redirect Chain
  • https://ds.uncn.jp/ox/0/sync
  • https://jp-u.openx.net/w/1.0/sd?id=540741011&val=v_0dce8faa-4cdd-410c-b678-5953b1007568
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jp-u.openx.net/w/1.0/sd?id=540741011&val=v_0dce8faa-4cdd-410c-b678-5953b1007568
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Dec 2022 04:01:03 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
https://jp-u.openx.net/w/1.0/sd?id=540741011&val=v_0dce8faa-4cdd-410c-b678-5953b1007568
Date
Mon, 05 Dec 2022 04:01:03 GMT
Server
Apache
Connection
keep-alive
Content-Length
114
Content-Type
text/html; charset=utf-8
sd
us-u.openx.net/w/1.0/ Frame 68CA
Redirect Chain
  • https://dmp.brand-display.com/cm/api/openx
  • https://us-u.openx.net/w/1.0/sd?id=539237773&val=f62db374-c74e-a7ba-314d4366
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=539237773&val=f62db374-c74e-a7ba-314d4366
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Dec 2022 04:01:02 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date
Mon, 05 Dec 2022 04:01:02 GMT
via
1.1 google
server
nginx/1.22.1
p3p
CP='This is not a P3P policy!'
access-control-allow-origin
*
location
https://us-u.openx.net/w/1.0/sd?id=539237773&val=f62db374-c74e-a7ba-314d4366
content-type
text/html; charset=utf-8
cache-control
max-age=3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
103
Pug
simage2.pubmatic.com/AdServer/ Frame 68CA
Redirect Chain
  • https://sync.1rx.io/usersync/openx/c266af83-5cff-4953-bbb2-28a1792359e5
  • https://sync.targeting.unrulymedia.com/csync/RX-41bfb3c0-28e7-4ac9-9b32-d4947a9f9983-004?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-41bfb3c0-28e7-4ac9-9b32-d4947a9f9983-004
42 B
335 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-41bfb3c0-28e7-4ac9-9b32-d4947a9f9983-004
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
H2
Server
67.199.150.86 Los Angeles, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Mon, 05 Dec 2022 04:01:03 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-41bfb3c0-28e7-4ac9-9b32-d4947a9f9983-004
date
Mon, 05 Dec 2022 04:01:02 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX41bfb3c028e74ac99b32d4947a9f9983004
content-type
text/html
sd
us-u.openx.net/w/1.0/ Frame 68CA
Redirect Chain
  • https://ib.adnxs.com/getuid?https://us-u.openx.net/w/1.0/sd?id=537072399&val=$UID
  • https://us-u.openx.net/w/1.0/sd?id=537072399&val=6665481102401954734
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072399&val=6665481102401954734
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Dec 2022 04:01:02 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 05 Dec 2022 04:01:02 GMT
AN-X-Request-Uuid
b7a175f9-0622-48a7-800a-8583dfd8e816
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://us-u.openx.net/w/1.0/sd?id=537072399&val=6665481102401954734
Connection
keep-alive
X-Proxy-Origin
103.209.254.83; 103.209.254.83; 897.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
openxjp
e-jp.cmcd1.com/usersync/ Frame 68CA 		82 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e-jp.cmcd1.com/usersync/openxjp?id=4fd3695a-467a-448c-b57b-e2e3e43f5e4d
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.213.64.108 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
108.64.213.35.bc.googleusercontent.com
Software
Apache-Coyote/1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 04:01:03 GMT
via
1.1 google
server
Apache-Coyote/1.1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
82
content-type
image/gif
sd
us-u.openx.net/w/1.0/ Frame 68CA
Redirect Chain
  • https://cms.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=SWxtq0k8M_lSOWX-GmZ4_E1pNPxSPWb2Gmsr2XDx
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=SWxtq0k8M_lSOWX-GmZ4_E1pNPxSPWb2Gmsr2XDx
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Dec 2022 04:01:02 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 05 Dec 2022 04:01:02 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=SWxtq0k8M_lSOWX-GmZ4_E1pNPxSPWb2Gmsr2XDx
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 4112 		47 B
226 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=89384366&p=156595&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156595&us_privacy=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.199.150.81 Los Angeles, United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
09343d3b3473e1c994b2d603c99feb8a0f63fbd3ff20be7432ff18b973dbe651

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Mon, 05 Dec 2022 04:01:02 GMT
content-length
47
content-type
text/html; charset=UTF-8
SPug
simage4.pubmatic.com/AdServer/ Frame 66EC 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156011&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.195 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 04:01:02 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
/
rtb-csync.smartadserver.com/redir/
Redirect Chain
  • https://cs.admanmedia.com/sync/smartadserver?us_privacy=&coppa=&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?partnerid=130&partneruserid=308e1982-4100-4e40-b524-dff1790fca25
43 B
583 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=130&partneruserid=308e1982-4100-4e40-b524-dff1790fca25
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
HTTP/1.1
Server
23.106.127.52 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 05 Dec 2022 04:01:02 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

Pragma
no-cache
Date
Mon, 05 Dec 2022 04:01:03 GMT
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
Server
nginx
Transfer-Encoding
chunked
X-Frame-Options
DENY
Location
https://rtb-csync.smartadserver.com/redir/?partnerid=130&partneruserid=308e1982-4100-4e40-b524-dff1790fca25
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Expires
0
/
rtb-csync.smartadserver.com/redir/
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=39&redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D25%26partneruserid%3D%5BMM_UUID%5D&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=25&partneruserid=af57638d-6cfa-4600-8909-94e1f1deb2d9&gdpr=0&gdpr_consent=
43 B
542 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=25&partneruserid=af57638d-6cfa-4600-8909-94e1f1deb2d9&gdpr=0&gdpr_consent=
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
HTTP/1.1
Server
23.106.127.52 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 05 Dec 2022 04:01:02 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

Date
Mon, 05 Dec 2022 04:01:02 GMT
Server
MT3 180 1fd3e2d master hkg-pixel-x6 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=25&partneruserid=af57638d-6cfa-4600-8909-94e1f1deb2d9&gdpr=0&gdpr_consent=
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 05 Dec 2022 04:01:01 GMT
/
rtb-csync.smartadserver.com/redir/
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/gjIEMT18?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D94%26partneruserid%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=94&partneruserid=Y41s_gAAAZViBgAp&gdpr=0&gdpr_consent=
43 B
516 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=94&partneruserid=Y41s_gAAAZViBgAp&gdpr=0&gdpr_consent=
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
HTTP/1.1
Server
23.106.127.52 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 05 Dec 2022 04:01:02 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

x-served-by
cache-mel11220-MEL
pragma
no-cache
date
Mon, 05 Dec 2022 04:01:02 GMT
via
1.1 varnish
server
Varnish
x-timer
S1670212863.878690,VS0,VE0
x-cache
HIT
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=94&partneruserid=Y41s_gAAAZViBgAp&gdpr=0&gdpr_consent=
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
/
rtb-csync.smartadserver.com/redir/
Redirect Chain
  • https://match.sharethrough.com/universal/v1?supply_id=v5hJK9Sl&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?partnerid=147&partneruserid=ef621820-2851-42b3-b428-eba03b4951ed&gdpr=0
43 B
583 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=147&partneruserid=ef621820-2851-42b3-b428-eba03b4951ed&gdpr=0
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
HTTP/1.1
Server
23.106.127.52 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 05 Dec 2022 04:01:03 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

location
https://rtb-csync.smartadserver.com/redir/?partnerid=147&partneruserid=ef621820-2851-42b3-b428-eba03b4951ed&gdpr=0
date
Mon, 05 Dec 2022 04:01:03 GMT
content-length
0
v1
match.sharethrough.com/sync/
Redirect Chain
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=139&partneruserid=0&redirurl=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3D98KUz37ype9D3X2sf9ovgeTt%26source_user_id%3DS...
  • https://match.sharethrough.com/sync/v1?source_id=98KUz37ype9D3X2sf9ovgeTt&source_user_id=4849656571711328320&gdpr=0&gdpr_consent=
68 B
280 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=98KUz37ype9D3X2sf9ovgeTt&source_user_id=4849656571711328320&gdpr=0&gdpr_consent=
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Server
52.221.159.176 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-221-159-176.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 04:01:03 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

location
https://match.sharethrough.com/sync/v1?source_id=98KUz37ype9D3X2sf9ovgeTt&source_user_id=4849656571711328320&gdpr=0&gdpr_consent=
pragma
no-cache
date
Mon, 05 Dec 2022 04:01:01 GMT
cache-control
no-cache,no-store
content-length
0
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
SPug
simage4.pubmatic.com/AdServer/ Frame D5C9 		0
48 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=0&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.195 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 04:01:02 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
chunklist_1280.m3u8
video.primis.tech/uploads/cn16/video/users/hls/29569/video_6192662ccd5fb839743211/vid63731efa78262891756890.mp4/ 		3 KB
936 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.primis.tech/uploads/cn16/video/users/hls/29569/video_6192662ccd5fb839743211/vid63731efa78262891756890.mp4/chunklist_1280.m3u8
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.3.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-3-9.lax50.r.cloudfront.net
Software
nginx /
Resource Hash
02756b0824e115ea8c05311123e2b5723d9b09dd26fc70e3767a2804a23a1c0f

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 13:43:29 GMT
via
1.1 cd70e8654a3d1e664579c68192c0146c.cloudfront.net (CloudFront), 1.1 9d8d6bf05a0a6195c678f29d47a75e52.cloudfront.net (CloudFront)
content-encoding
gzip
x-amz-cf-pop
SFO5-C3, LAX50-P1
age
51455
x-cache
Hit from cloudfront
last-modified
Tue, 15 Nov 2022 09:05:04 GMT
server
nginx
etag
W/"af12013e8750ea8fd61bc37697799c96"
access-control-max-age
604800
access-control-allow-methods
GET, HEAD
content-type
application/vnd.apple.mpegurl
access-control-allow-origin
*
cache-control
max-age=86400
vary
Accept-Encoding
x-amz-cf-id
KUCtYXfLsGbNY6_BXkRg-GhN7VGxodilMVe3IT0xgWmbZ_Ouydu6DQ==
expires
Mon, 05 Dec 2022 13:43:29 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame 1A5A 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=109126&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.195 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 04:01:03 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
usermatch
ssum-sec.casalemedia.com/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=179394&cb=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D33%26partneruserid%3D&gdpr=0&gdpr_consent=
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers
/
rtb-csync.smartadserver.com/redir/
Redirect Chain
  • https://b1sync.zemanta.com/usersync/smart/?cb=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D116%26partneruserid%3D__ZUID__&gdpr=0&gdpr_consent=
  • https://stags.bluekai.com/site/23178?id=-vTt3VyQ06c91NKwLezP&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS64TUMIWWG43ZNZRS443NMFZHIYLEONSXE5TFOIXGG33N...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS64TUMIWWG43ZNZRS443NMFZHIYLEONSXE5TFOIXGG33NF5ZGKZDJOIXT6ZLYMNUGC3THMU6XG3LBOJ2CMZ3EOBZD2MBGNFZXG2J5GETHAYLSORXGK4TJMQ6TCMJWEZYGC...
  • https://rtb-csync.smartadserver.com/redir/?gdpr=0&issi=1&partnerid=116&partneruserid=-vTt3VyQ06c91NKwLezP
43 B
701 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?gdpr=0&issi=1&partnerid=116&partneruserid=-vTt3VyQ06c91NKwLezP
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
HTTP/1.1
Server
23.106.127.52 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 05 Dec 2022 04:01:05 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

Pragma
no-cache
Date
Mon, 05 Dec 2022 04:01:06 GMT
Content-Type
text/html; charset=utf-8
Location
https://rtb-csync.smartadserver.com/redir/?gdpr=0&issi=1&partnerid=116&partneruserid=-vTt3VyQ06c91NKwLezP
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
140
Expires
Thu, 01 Dec 1994 16:00:00 GMT
/
rtb-csync.smartadserver.com/redir/
Redirect Chain
  • https://gu.dyntrk.com/adx/sma/us.php?dynk=sma4rt4bt4fg&sspurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D69%26partneruserid%3DPARTNER_USER_ID%26gdpr%3D$GDPR%26gdp...
  • https://gu.dyntrk.com/adx/sma/us.php?dynk=sma4rt4bt4fg&sspurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D69%26partneruserid%3DPARTNER_USER_ID%26gdpr%3D$GDPR%26gdp...
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=69&partneruserid=07030002_638d6d00bfc3b&gdpr=0&gdpr_consent=
43 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=69&partneruserid=07030002_638d6d00bfc3b&gdpr=0&gdpr_consent=
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
HTTP/1.1
Server
23.106.127.52 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 05 Dec 2022 04:01:04 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

date
Mon, 05 Dec 2022 04:01:04 GMT
server
nginx
transfer-encoding
chunked
access-control-allow-methods
POST, GET, OPTIONS
p3p
CP="NOI DEV OUR BUS UNI"
access-control-allow-origin
*
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=69&partneruserid=07030002_638d6d00bfc3b&gdpr=0&gdpr_consent=
content-type
text/html; charset=UTF-8
cache-control
no-cache
keep-alive
timeout=10
access-control-allow-headers
Origin
redir
rtb-csync.smartadserver.com/
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/sas?gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAGMF07HGtoAACAyHa_sQQ&gdpr=0
43 B
610 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAGMF07HGtoAACAyHa_sQQ&gdpr=0
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
HTTP/1.1
Server
23.106.127.52 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 05 Dec 2022 04:01:04 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

location
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAGMF07HGtoAACAyHa_sQQ&gdpr=0
Date
Mon, 05 Dec 2022 04:01:04 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
/
rtb-csync.smartadserver.com/redir/
Redirect Chain
  • https://eu-u.openx.net/w/1.0/cm?id=a547219b-814b-4e3e-8a4f-35c044fa1891&ph=ec81d0b7-c42e-4a42-b97a-9305af647d30&r=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D100%2...
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=100&partneruserid=44d92819-b688-4454-accd-cf75f988ce5f
43 B
624 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=100&partneruserid=44d92819-b688-4454-accd-cf75f988ce5f
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
HTTP/1.1
Server
23.106.127.52 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 05 Dec 2022 04:01:04 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

date
Mon, 05 Dec 2022 04:01:04 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=100&partneruserid=44d92819-b688-4454-accd-cf75f988ce5f
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
w_1280_00000.ts
video.primis.tech/uploads/cn16/video/users/hls/29569/video_6192662ccd5fb839743211/vid63731efa78262891756890.mp4/ 		563 KB
564 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.primis.tech/uploads/cn16/video/users/hls/29569/video_6192662ccd5fb839743211/vid63731efa78262891756890.mp4/w_1280_00000.ts
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.3.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-3-9.lax50.r.cloudfront.net
Software
nginx /
Resource Hash
01562464e38fbcde6f6a1cf2dca8c2b3141f41e54eda9e2c2c426c1dcc14045e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 09:21:51 GMT
via
1.1 c35af9913ec186d5ecdb304dc720b006.cloudfront.net (CloudFront), 1.1 9d8d6bf05a0a6195c678f29d47a75e52.cloudfront.net (CloudFront)
x-amz-cf-pop
DFW56-P2, LAX50-P1
age
153553
x-cache
Hit from cloudfront
content-length
576596
last-modified
Tue, 15 Nov 2022 09:05:04 GMT
server
nginx
etag
"2c03e4a14d654a1b37f314761d4b3df4"
access-control-max-age
604800
access-control-allow-methods
GET, HEAD
content-type
video/mp2t
access-control-allow-origin
*
cache-control
max-age=1209600
vary
Accept-Encoding
accept-ranges
bytes
x-amz-cf-id
LJGbVr4VB3VJkBYEsxZbNRyTXsPg7jx4YB9OfIzml0h6GL_MR066Jw==
expires
Sat, 17 Dec 2022 09:21:51 GMT
90efdc3b-ab45-4d07-9977-d3c2a7bafcfe
https://wegotthiscovered.com/ 		67 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://wegotthiscovered.com/90efdc3b-ab45-4d07-9977-d3c2a7bafcfe
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b3e57eb372e8b405c816875571e184854b2846261c7477c6c9bdb7782faa1a30

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Length
68465
Content-Type
text/javascript
collect
h.clarity.ms/ 		0
48 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://h.clarity.ms/collect
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.224.31.34 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://wegotthiscovered.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

access-control-allow-origin
https://wegotthiscovered.com
date
Mon, 05 Dec 2022 04:01:04 GMT
access-control-allow-credentials
true
server
Microsoft-IIS/10.0
vary
Origin
request-context
appId=cid-v1:b1d896b3-bec7-448b-b764-240152e813e8
liveView.php
live.primis.tech/live/ 		0
420 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveView.php?hash=ozcmPTEznXRiPTEzqzyxX2V2ZW50PTI1JaNypaZypyRcoWU9MTY3MDIkMwt1NSZ2nWRspGkurWVlVzVlPTMhMS4jJaM9MTA4MDM0JaN0YT0jJat9NwAjJax9NDAjJaZcZF9jYXNmRG9gYWyhPXqyZ290qGucp2NiqzVlZWQhY29gJaN1YxyxPXqyZ290qGucp2NiqzVlZWQhY29gJzRyYaVaSW5zo3JgYXRco249JzymQXBjPTAzp2Reqw0zqXNypxyjQWRxpw0kMDMhMwA5LwI1NC44MlZ1p2VlVUE9TW96nWkfYSUlRwUhMCUlMCUlOFqcozRiq3MyMwBOVCUlMDEjLwAyM0IyMwBXnW42NCUmQvUlMHt2NCUlOSUlMEFjpGkyV2VvS2y0JTJGNTM3LwM2JTIjJTI4S0uUTUjyMxMyMwBfnWgyJTIjR2Vwn28yMwxyMwBDnHJioWUyMxYkMDthMC41MmU5Lwx0JTIjU2FzYXJcJTJGNTM3LwM2JzNmqXVcZD02MmuxNzNzNwY2YzI3JzNioaRyoaRGnWkySWQ9MCZgZWRcYVBfYXyMnXN0SWQ9MCZgZWRcYUkcp3RJZD0jJzR1pw04MDAzZ2Rjpw0jJzqxpHJDo25mZW50PSZcp1qyUGFmp0qxpHI9MSZwY3BuPTAzY2NjYUNioaNyoaQ9JzNvqXN0ZXI9MTY3MDIkMwt2NDp1NSZ1nWQ9U2VenW5xo1NQoGF5ZXI2MmuxNzNzNmFxYmU1JaB1YyVloD1bqHRjplUmQSUlRvUlRaqyZ290qGucp2NiqzVlZWQhY29gJTJGJzZfo2F0U3RuqHVmPWZuoHNyJzVcZHNjPWycpQ==
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.8.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-8-105.sin5.r.cloudfront.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Dec 2022 04:01:04 GMT
content-encoding
gzip
via
1.1 884565e44bd03047bbadc5b86c50509c.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
SIN5-C1
age
0
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store
x-amz-cf-id
9RWFM30QVXZeyqCs33kahEh4Gqy_16c8RI1L89X3JdRR8XvRfEfAFQ==
merge
ce.lijit.com/ Frame 83FA 		43 B
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ce.lijit.com/merge?pid=58&3pid=E0D49FB2-6484-443C-94BA-B894703FD7A2
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
209.191.163.208 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Content-Length
43
Content-Type
image/gif
Date
Mon, 05 Dec 2022 04:01:05 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
X-Sovrn-Pod
ad_ap2sfo1
merge
ce.lijit.com/ Frame 9651 		43 B
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ce.lijit.com/merge?pid=71&3pid=E0D49FB2-6484-443C-94BA-B894703FD7A2
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=1&gdpr_consent=ABCFETYFDJLNBFCV&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
209.191.163.208 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Content-Length
43
Content-Type
image/gif
Date
Mon, 05 Dec 2022 04:01:05 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
X-Sovrn-Pod
ad_ap2sfo1
w_1280_00001.ts
video.primis.tech/uploads/cn16/video/users/hls/29569/video_6192662ccd5fb839743211/vid63731efa78262891756890.mp4/ 		595 KB
596 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.primis.tech/uploads/cn16/video/users/hls/29569/video_6192662ccd5fb839743211/vid63731efa78262891756890.mp4/w_1280_00001.ts
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.3.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-3-9.lax50.r.cloudfront.net
Software
nginx /
Resource Hash
92e413976d2d21c9170e04003fb485b584dbe98b5832e36b050361d4fca2631c

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 11:43:33 GMT
via
1.1 224ff291656c355124a517edfd057cea.cloudfront.net (CloudFront), 1.1 9d8d6bf05a0a6195c678f29d47a75e52.cloudfront.net (CloudFront)
x-amz-cf-pop
ORD56-P6, LAX50-P1
age
145052
x-cache
Hit from cloudfront
content-length
609496
last-modified
Tue, 15 Nov 2022 09:05:04 GMT
server
nginx
etag
"78dcb5b8bfae595d8cf84550eaa68cb1"
vary
Accept-Encoding
content-type
video/mp2t
access-control-allow-origin
*
cache-control
max-age=1209600
accept-ranges
bytes
x-amz-cf-id
MGnrgKXctgULSNl7TPynG2glVzI4XVsX_RS8sOP5kEjA5z9moQDgqw==
expires
Sat, 17 Dec 2022 11:43:33 GMT
/
rtb-csync.smartadserver.com/redir/
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=smart-adserver&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?partnerid=75&issi=1&partneruserid=068165a1-9f84-469f-b0f4-06b7381834b8&gdpr=0&gdpr_consent=
43 B
676 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=75&issi=1&partneruserid=068165a1-9f84-469f-b0f4-06b7381834b8&gdpr=0&gdpr_consent=
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
HTTP/1.1
Server
23.106.127.52 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 05 Dec 2022 04:01:05 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma
no-cache
date
Mon, 05 Dec 2022 04:01:05 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://rtb-csync.smartadserver.com/redir/?partnerid=75&issi=1&partneruserid=068165a1-9f84-469f-b0f4-06b7381834b8&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
299
/
rtb-csync.smartadserver.com/redir/
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=10&sspurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D22%26partneruserid%3DYOUR_USER_ID&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=22&partneruserid=5872975480053967565&gdpr=0&gdpr_consent=
43 B
679 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=22&partneruserid=5872975480053967565&gdpr=0&gdpr_consent=
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
HTTP/1.1
Server
23.106.127.52 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 05 Dec 2022 04:01:06 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma
no-cache
date
Mon, 05 Dec 2022 04:01:05 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=22&partneruserid=5872975480053967565&gdpr=0&gdpr_consent=
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
/
rtb-csync.smartadserver.com/redir/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=smartadserver&gdpr=0&gdpr_consent=
  • https://dsp.nrich.ai/bidswitch/sync?bidswitch_ssp_id=smartadserver&bsw_custom_parameter=80b35f2d-fa1a-47da-9010-64e13e84dcaf&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
  • https://x.bidswitch.net/sync?dsp_id=283&user_id=a30bf635-4782-4800-a6f9-1aa79954b75b&expires=1&user_group=5&ssp=smartadserver&bsw_param=80b35f2d-fa1a-47da-9010-64e13e84dcaf
  • https://rtb-csync.smartadserver.com/redir/?partnerid=31&partneruserid=80b35f2d-fa1a-47da-9010-64e13e84dcaf&gdpr=&gdpr_consent=
43 B
730 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=31&partneruserid=80b35f2d-fa1a-47da-9010-64e13e84dcaf&gdpr=&gdpr_consent=
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
HTTP/1.1
Server
23.106.127.52 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 05 Dec 2022 04:01:06 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

Location
//rtb-csync.smartadserver.com/redir/?partnerid=31&partneruserid=80b35f2d-fa1a-47da-9010-64e13e84dcaf&gdpr=&gdpr_consent=
Date
Mon, 05 Dec 2022 04:01:07 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
/
rtb-csync.smartadserver.com/redir/
Redirect Chain
  • https://s.ad.smaato.net/c/?adExInit=sas&redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D133%26partneruserid%3D$UID&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=133&partneruserid=22dd4858
43 B
649 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=133&partneruserid=22dd4858
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
HTTP/1.1
Server
23.106.127.52 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 05 Dec 2022 04:01:06 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

date
Mon, 05 Dec 2022 04:01:05 GMT
via
1.1 fbb0eee872ada24336cf35814e95a30c.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
SIN2-P2
x-cache
FunctionGeneratedResponse from cloudfront
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=133&partneruserid=22dd4858
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
5RR8sUTdWcgOlnsWEmQfxDn44b1omsJAJMRW9DnwyBKj7jZAKHrwGQ==
/
rtb-csync.smartadserver.com/redir/
Redirect Chain
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=76&partneruserid=GOOGLE_HOSTED_SI&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmartrtb_dbm%26google_cm%26google_sc...
  • https://cm.g.doubleclick.net/pixel?google_nid=smartrtb_dbm&google_cm&google_sc&google_hm=NDg0OTY1NjU3MTcxMTMyODMyMA==&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEGgZpVvSjzOCbiT6Hyk-ML8&gdpr=0&gdpr_consent=&google_cver=1
43 B
690 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEGgZpVvSjzOCbiT6Hyk-ML8&gdpr=0&gdpr_consent=&google_cver=1
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
HTTP/1.1
Server
23.106.127.52 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 05 Dec 2022 04:01:05 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma
no-cache
date
Mon, 05 Dec 2022 04:01:06 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEGgZpVvSjzOCbiT6Hyk-ML8&gdpr=0&gdpr_consent=&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
345
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
w_1280_00002.ts
video.primis.tech/uploads/cn16/video/users/hls/29569/video_6192662ccd5fb839743211/vid63731efa78262891756890.mp4/ 		546 KB
547 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.primis.tech/uploads/cn16/video/users/hls/29569/video_6192662ccd5fb839743211/vid63731efa78262891756890.mp4/w_1280_00002.ts
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.3.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-3-9.lax50.r.cloudfront.net
Software
nginx /
Resource Hash
9ed9c2ea0873572787708365a59a09342244b524abb587dbe4e7a159520d67c4

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 05:55:33 GMT
via
1.1 5457c222c2d16dbac9187bfa0ba2f8f2.cloudfront.net (CloudFront), 1.1 9d8d6bf05a0a6195c678f29d47a75e52.cloudfront.net (CloudFront)
x-amz-cf-pop
YUL62-C2, LAX50-P1
age
79533
x-cache
Hit from cloudfront
content-length
559112
last-modified
Tue, 15 Nov 2022 09:05:04 GMT
server
nginx
etag
"180d0321a1b629f5726eaa8d3b223a7a"
access-control-max-age
604800
access-control-allow-methods
GET, HEAD
content-type
video/mp2t
access-control-allow-origin
*
cache-control
max-age=1209600
vary
Accept-Encoding
accept-ranges
bytes
x-amz-cf-id
jD-ABMNON3oCsj9dVhwP4eie1OpGclklyCOsoo_UnoVYfVtNv98SUA==
expires
Sun, 18 Dec 2022 05:55:33 GMT
w_1280_00003.ts
video.primis.tech/uploads/cn16/video/users/hls/29569/video_6192662ccd5fb839743211/vid63731efa78262891756890.mp4/ 		564 KB
565 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.primis.tech/uploads/cn16/video/users/hls/29569/video_6192662ccd5fb839743211/vid63731efa78262891756890.mp4/w_1280_00003.ts
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.3.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-3-9.lax50.r.cloudfront.net
Software
nginx /
Resource Hash
dfcd3e3ddcded435733c38d4875ed73a509bcdc4ac3c4566240c9adf5e3d765f

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 02:14:54 GMT
via
1.1 e243983257fcce5bd109f05e71ec2dc0.cloudfront.net (CloudFront), 1.1 9d8d6bf05a0a6195c678f29d47a75e52.cloudfront.net (CloudFront)
x-amz-cf-pop
DFW56-P2, LAX50-P1
age
53110
x-cache
Hit from cloudfront
content-length
577724
last-modified
Tue, 15 Nov 2022 09:05:04 GMT
server
nginx
etag
"17b735eac40fbea6aa856953cd8afb7e"
access-control-max-age
604800
access-control-allow-methods
GET, HEAD
content-type
video/mp2t
access-control-allow-origin
*
cache-control
max-age=1209600
vary
Accept-Encoding
accept-ranges
bytes
x-amz-cf-id
6oKhPZU6LOdATiDQFfIarf7L9JCp23fN21-8mIBR96JOR716p_wzYA==
expires
Sun, 18 Dec 2022 13:15:55 GMT
w_1280_00004.ts
video.primis.tech/uploads/cn16/video/users/hls/29569/video_6192662ccd5fb839743211/vid63731efa78262891756890.mp4/ 		483 KB
484 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.primis.tech/uploads/cn16/video/users/hls/29569/video_6192662ccd5fb839743211/vid63731efa78262891756890.mp4/w_1280_00004.ts
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.3.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-3-9.lax50.r.cloudfront.net
Software
nginx /
Resource Hash
4847e582ebcf3d14461a985c49742c41f2ea498c2f84b408c5746cc3090aae7a

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 02:14:59 GMT
via
1.1 ea7c4b0407882327307bae4ed233d142.cloudfront.net (CloudFront), 1.1 9d8d6bf05a0a6195c678f29d47a75e52.cloudfront.net (CloudFront)
x-amz-cf-pop
SFO5-C3, LAX50-P1
age
54333
x-cache
Hit from cloudfront
content-length
494252
last-modified
Tue, 15 Nov 2022 09:05:04 GMT
server
nginx
etag
"ba8e37611ad7670f05c88c082d520fb7"
access-control-max-age
604800
access-control-allow-methods
GET, HEAD
content-type
video/mp2t
access-control-allow-origin
*
cache-control
max-age=1209600
vary
Accept-Encoding
accept-ranges
bytes
x-amz-cf-id
cx7iRNLw2pU4p6PAA5SJvjzL2r3MekBIG1VGWCIqhhmuLCDpvi0SBQ==
expires
Sun, 18 Dec 2022 12:55:34 GMT
w_1280_00005.ts
video.primis.tech/uploads/cn16/video/users/hls/29569/video_6192662ccd5fb839743211/vid63731efa78262891756890.mp4/ 		550 KB
551 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.primis.tech/uploads/cn16/video/users/hls/29569/video_6192662ccd5fb839743211/vid63731efa78262891756890.mp4/w_1280_00005.ts
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.3.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-3-9.lax50.r.cloudfront.net
Software
nginx /
Resource Hash
80744cc1911b5c2091f9ad6dcba46ba5a8157629af9f9e468704fe23d6551588

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 02:15:08 GMT
via
1.1 3466f1977d0fde72d3b068733212f226.cloudfront.net (CloudFront), 1.1 9d8d6bf05a0a6195c678f29d47a75e52.cloudfront.net (CloudFront)
x-amz-cf-pop
SFO5-C3, LAX50-P1
age
54333
x-cache
Hit from cloudfront
content-length
563248
last-modified
Tue, 15 Nov 2022 09:05:04 GMT
server
nginx
etag
"78b64c4e320a94519cb7421c22daaaee"
access-control-max-age
604800
access-control-allow-methods
GET, HEAD
content-type
video/mp2t
access-control-allow-origin
*
cache-control
max-age=1209600
vary
Accept-Encoding
accept-ranges
bytes
x-amz-cf-id
EWEwgbKxZrPO3Z5tnakWmY5pjkjKzKpsqbUgdqoWCSImdydtAqlafA==
expires
Sun, 18 Dec 2022 12:55:34 GMT
/
rtb-csync.smartadserver.com/redir/
Redirect Chain
  • https://match.sharethrough.com/universal/v1?supply_id=v5hJK9Sl&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?partnerid=147&partneruserid=ef621820-2851-42b3-b428-eba03b4951ed&gdpr=0
43 B
700 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=147&partneruserid=ef621820-2851-42b3-b428-eba03b4951ed&gdpr=0
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
HTTP/1.1
Server
23.106.127.52 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 05 Dec 2022 04:01:07 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

location
https://rtb-csync.smartadserver.com/redir/?partnerid=147&partneruserid=ef621820-2851-42b3-b428-eba03b4951ed&gdpr=0
date
Mon, 05 Dec 2022 04:01:07 GMT
content-length
0
/
rtb-csync.smartadserver.com/redir/
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=10&sspurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D22%26partneruserid%3DYOUR_USER_ID&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=22&partneruserid=5872975480053967565&gdpr=0&gdpr_consent=
43 B
700 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=22&partneruserid=5872975480053967565&gdpr=0&gdpr_consent=
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
HTTP/1.1
Server
23.106.127.52 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 05 Dec 2022 04:01:06 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma
no-cache
date
Mon, 05 Dec 2022 04:01:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=22&partneruserid=5872975480053967565&gdpr=0&gdpr_consent=
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/
Redirect Chain
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=134&partneruserid=OB_OK&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmart_adserver_eb%26google_hm%3DSMART_USER_ID_...
  • https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_hm=NDg0OTY1NjU3MTcxMTMyODMyMA==&gdpr=0&gdpr_consent=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_hm=NDg0OTY1NjU3MTcxMTMyODMyMA==&gdpr=0&gdpr_consent=
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Dec 2022 04:01:07 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_hm=NDg0OTY1NjU3MTcxMTMyODMyMA==&gdpr=0&gdpr_consent=
pragma
no-cache
date
Mon, 05 Dec 2022 04:01:07 GMT
cache-control
no-cache,no-store
content-length
0
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
/
rtb-csync.smartadserver.com/redir/
Redirect Chain
  • https://csync.loopme.me/?redirect=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D124%26partneruserid%3D%7Bdevice_id%7D&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=124&partneruserid=14974ed4-eda2-4b38-a1a2-d8ae1b305010&gdpr_consent=null&gdpr=0
43 B
741 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=124&partneruserid=14974ed4-eda2-4b38-a1a2-d8ae1b305010&gdpr_consent=null&gdpr=0
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
HTTP/1.1
Server
23.106.127.52 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 05 Dec 2022 04:01:08 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=124&partneruserid=14974ed4-eda2-4b38-a1a2-d8ae1b305010&gdpr_consent=null&gdpr=0
date
Mon, 05 Dec 2022 04:01:08 GMT
server
_
content-length
0
/
rtb-csync.smartadserver.com/redir/
Redirect Chain
  • https://sync.1rx.io/usersync2/smartadserver?gdpr=0&gdpr_consent=
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Fappnexus%2F2075%2F%24UID%3Fzcc%3D0%26sspret%3D1&rndcb=4803545878
  • https://sync.1rx.io/usersync3/appnexus/2075/6665481102401954734?zcc=0&sspret=1&rndcb=4803545878
  • https://sync.targeting.unrulymedia.com/csync/RX-41bfb3c0-28e7-4ac9-9b32-d4947a9f9983-004?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fpartnerid%3D113%26partneruserid%3DRX-41bfb3c0-2...
  • https://rtb-csync.smartadserver.com/redir/?partnerid=113&partneruserid=RX-41bfb3c0-28e7-4ac9-9b32-d4947a9f9983-004
43 B
804 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=113&partneruserid=RX-41bfb3c0-28e7-4ac9-9b32-d4947a9f9983-004
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
HTTP/1.1
Server
23.106.127.52 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 05 Dec 2022 04:01:09 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

location
https://rtb-csync.smartadserver.com/redir/?partnerid=113&partneruserid=RX-41bfb3c0-28e7-4ac9-9b32-d4947a9f9983-004
date
Mon, 05 Dec 2022 04:01:09 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX41bfb3c028e74ac99b32d4947a9f9983004
content-type
text/html
ping
ping.chartbeat.net/ 		43 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ping.chartbeat.net/ping?h=wegotthiscovered.com&p=%2F&u=DsIiPMCGfG2qZ3Yfh&d=wegotthiscovered.com&g=66987&g0=No%20Section&g1=No%20Author&n=1&f=00001&c=0.25&x=0&m=0&y=11008&o=1600&w=1200&j=30&R=1&W=0&I=0&E=5&e=5&r=&b=2743&t=C5zmK7BO7e9J3pGE5CMqop3BYoial&V=137&tz=0&sn=2&sv=BuSEIKBkxyvyCM2FC_0l2s7DDILXe&sd=1&im=067b0fff&_
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.157.29.40 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-157-29-40.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 05 Dec 2022 04:01:07 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
/
rtb-csync.smartadserver.com/redir/
Redirect Chain
  • https://match.sharethrough.com/universal/v1?supply_id=v5hJK9Sl&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?partnerid=147&partneruserid=ef621820-2851-42b3-b428-eba03b4951ed&gdpr=0
43 B
741 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=147&partneruserid=ef621820-2851-42b3-b428-eba03b4951ed&gdpr=0
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
HTTP/1.1
Server
23.106.127.52 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 05 Dec 2022 04:01:08 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

location
https://rtb-csync.smartadserver.com/redir/?partnerid=147&partneruserid=ef621820-2851-42b3-b428-eba03b4951ed&gdpr=0
date
Mon, 05 Dec 2022 04:01:08 GMT
content-length
0
/
rtb-csync.smartadserver.com/redir/
Redirect Chain
  • https://cs.admanmedia.com/sync/smartadserver?us_privacy=&coppa=&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?partnerid=130&partneruserid=308e1982-4100-4e40-b524-dff1790fca25
43 B
741 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=130&partneruserid=308e1982-4100-4e40-b524-dff1790fca25
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
HTTP/1.1
Server
23.106.127.52 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 05 Dec 2022 04:01:09 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

Pragma
no-cache
Date
Mon, 05 Dec 2022 04:01:08 GMT
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
Server
nginx
Transfer-Encoding
chunked
X-Frame-Options
DENY
Location
https://rtb-csync.smartadserver.com/redir/?partnerid=130&partneruserid=308e1982-4100-4e40-b524-dff1790fca25
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Expires
0
redir
rtb-csync.smartadserver.com/
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/sas?gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAGMF07HGtoAACAyHa_sQQ&gdpr=0
43 B
741 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAGMF07HGtoAACAyHa_sQQ&gdpr=0
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
HTTP/1.1
Server
23.106.127.52 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 05 Dec 2022 04:01:08 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

location
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAGMF07HGtoAACAyHa_sQQ&gdpr=0
Date
Mon, 05 Dec 2022 04:01:08 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
/
rtb-csync.smartadserver.com/redir/
Redirect Chain
  • https://demand.trafficroots.com/sync.php?partner=3379&redirect=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D137%26partneruserid%3D%7Btrafficroots_id%7D&gdpr=0&gdpr_...
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=137&partneruserid=041d0c26d3&gdpr=0&gdpr_consent=
43 B
756 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=137&partneruserid=041d0c26d3&gdpr=0&gdpr_consent=
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
HTTP/1.1
Server
23.106.127.52 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 05 Dec 2022 04:01:09 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

Date
Mon, 05 Dec 2022 04:01:09 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Referrer-Policy
origin-when-cross-origin
Server
nginx
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
Location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=137&partneruserid=041d0c26d3&gdpr=0&gdpr_consent=
Connection
keep-alive
X-XSS-Protection
1; mode=block
/
rtb-csync.smartadserver.com/redir/
Redirect Chain
  • https://cms.quantserve.com/pixel/p-EtBqU4Lj3YbAv.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?partnerid=80&gdpr=0&partneruserid=EbdISBHnFhoK4kAdQr1dHxWyER8K5kMVQrAmWmDU
43 B
785 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=80&gdpr=0&partneruserid=EbdISBHnFhoK4kAdQr1dHxWyER8K5kMVQrAmWmDU
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
HTTP/1.1
Server
23.106.127.52 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 05 Dec 2022 04:01:08 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma
no-cache
date
Mon, 05 Dec 2022 04:01:08 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://rtb-csync.smartadserver.com/redir/?partnerid=80&gdpr=0&partneruserid=EbdISBHnFhoK4kAdQr1dHxWyER8K5kMVQrAmWmDU
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
dc_oe=ChMI_Krw38vh-wIVo0R8Ch02vwNWEAAYACDqzZtXQhMIurCU38vh-wIVwAG3AB2u7w1_;met=1;&timestamp=1670212869130;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame 17B9 		42 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI_Krw38vh-wIVo0R8Ch02vwNWEAAYACDqzZtXQhMIurCU38vh-wIVwAG3AB2u7w1_;met=1;&timestamp=1670212869130;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f157.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://a6877dcf690d5719671ec6745f20d2cd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Dec 2022 04:01:09 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
h.clarity.ms/ 		0
48 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://h.clarity.ms/collect
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.224.31.34 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://wegotthiscovered.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

access-control-allow-origin
https://wegotthiscovered.com
date
Mon, 05 Dec 2022 04:01:09 GMT
access-control-allow-credentials
true
server
Microsoft-IIS/10.0
vary
Origin
request-context
appId=cid-v1:b1d896b3-bec7-448b-b764-240152e813e8
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022112901&st=env
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f156.1e100.net
Software
cafe /
Resource Hash
9c3db9ee989d0642be70d419c8edaaf6a3564b67a5b3caf1988289bcc56a56b0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 04:01:10 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11039
x-xss-protection
0
c.gif
c.clarity.ms/
Redirect Chain
  • https://c.clarity.ms/c.gif
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=8F9DD180F5424B4AB6DCC84E5F31667B&RedC=c.clarity.ms&MXFR=083CBDF5EAD86FED18D8AF84EED86170
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=8F9DD180F5424B4AB6DCC84E5F31667B&MUID=364D75AA93EF600D195967DB928F61B4
42 B
440 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=8F9DD180F5424B4AB6DCC84E5F31667B&MUID=364D75AA93EF600D195967DB928F61B4
Protocol
H2
Server
52.231.207.240 -, , ASN (),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Dec 2022 04:01:10 GMT
last-modified
Thu, 13 Oct 2022 15:58:17 GMT
server
Microsoft-IIS/10.0
etag
"e997be9b1cdfd81:0"
x-powered-by
ASP.NET
content-type
image/gif
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42

Redirect headers

pragma
no-cache
date
Mon, 05 Dec 2022 04:01:10 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 5ED6F87A52A14118AF7C69C8ED5447DC Ref B: MEL01EDGE1411 Ref C: 2022-12-05T04:01:10Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=8F9DD180F5424B4AB6DCC84E5F31667B&MUID=364D75AA93EF600D195967DB928F61B4
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
syncframe
gum.criteo.com/ Frame 8599 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=wegotthiscovered.com&gdpr=0&gdpr_consent=
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.130.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.136 -, , ASN (),
Reverse DNS
Software
Kestrel /
Resource Hash
b09a581bc29f4bdbe66bef5c69b90cc1a003e849e2f7706f47a9f0c5f5a6860e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://wegotthiscovered.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 05 Dec 2022 04:01:09 GMT
server
Kestrel
server-processing-duration-in-ticks
755943
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
rum
wegotthiscovered.com/cdn-cgi/ 		0
144 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://wegotthiscovered.com/cdn-cgi/rum?
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.52.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://wegotthiscovered.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
content-type
application/json

Response headers

date
Mon, 05 Dec 2022 04:01:10 GMT
x-content-type-options
nosniff
server
cloudflare
vary
Origin
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://wegotthiscovered.com
x-frame-options
DENY
access-control-allow-credentials
true
cf-ray
7749e106ad5ea8b0-SYD
rum
wegotthiscovered.com/cdn-cgi/ 		0
144 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://wegotthiscovered.com/cdn-cgi/rum?
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.52.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://wegotthiscovered.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
content-type
application/json

Response headers

date
Mon, 05 Dec 2022 04:01:10 GMT
x-content-type-options
nosniff
server
cloudflare
vary
Origin
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://wegotthiscovered.com
x-frame-options
DENY
access-control-allow-credentials
true
cf-ray
7749e106cd81a8b0-SYD
dc_oe=ChMIjOPq38vh-wIVy91zAR0k-A6cEAAYACC8tJtXQhMIubCU38vh-wIVwAG3AB2u7w1_;met=1;&timestamp=1670212870179;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame A0B7 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIjOPq38vh-wIVy91zAR0k-A6cEAAYACC8tJtXQhMIubCU38vh-wIVwAG3AB2u7w1_;met=1;&timestamp=1670212870179;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f156.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://a6877dcf690d5719671ec6745f20d2cd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Dec 2022 04:01:10 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022112901.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 04:01:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 05 Dec 2022 04:01:10 GMT
/
rtb-csync.smartadserver.com/redir/
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=smart-adserver&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?partnerid=75&issi=1&partneruserid=068165a1-9f84-469f-b0f4-06b7381834b8&gdpr=0&gdpr_consent=
43 B
844 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=75&issi=1&partneruserid=068165a1-9f84-469f-b0f4-06b7381834b8&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
23.106.127.52 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 05 Dec 2022 04:01:09 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma
no-cache
date
Mon, 05 Dec 2022 04:01:10 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://rtb-csync.smartadserver.com/redir/?partnerid=75&issi=1&partneruserid=068165a1-9f84-469f-b0f4-06b7381834b8&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
299
711890.gif
id.rlcdn.com/ 		42 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/711890.gif?credir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D136%26partneruserid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 04:01:10 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
/
rtb-csync.smartadserver.com/redir/
Redirect Chain
  • https://sync.adotmob.com/cookie/smart?r=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D66%26partneruserid%3D%7Bamob_user_id%7D&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=66&partneruserid=087422040022369f79e4bc57&gdpr=0&gdpr_consent=
0
0
integrator.js
adservice.google.com.au/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com.au/adsid/integrator.js?domain=wegotthiscovered.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022112901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 04:01:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=wegotthiscovered.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022112901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f154.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 04:01:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		0
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=723874549316057&correlator=498963875214186&eid=31070919%2C21065724&output=ldjh&gdfp_req=1&vrg=2022112901&ptt=17&impl=fifs&gdpr=0&us_privacy=1---&tfcd=0&iu_parts=5376056%3A143457427%2Cwegotthiscovered_side_1%2Cdynamic_1%2Cwegotthiscovered_sticky_1&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F3&prev_iu_szs=1x1%7C300x250%7C300x50%7C300x100%2C1x1%7C728x90%7C970x90%7C320x50%7C300x50&ifi=7&adks=3702255727%2C2087247537&didk=1365886904~1126633514&sfv=1-0-40&ris=16~16&rcs=1%2C1&prev_scp=proper_slot%3D2.01%26proper_floor%3D0.10%26proper_bidder%3Dwegotthiscovered_floor%26proper_bid%3D0.10%26refresh_count%3D1%7Cproper_slot%3D20%26proper_sticky%3Dtrue%26proper_floor%3D0.10%26proper_bidder%3Dwegotthiscovered_floor%26proper_bid%3D0.10%26refresh_count%3D1&eri=1&cust_params=post_id%3Dunknown%26member%3Dno%26category%3D%26split_version%3D19126%26proper_site%3Dwegotthiscovered%26proper_page%3D1%26s_depth%3D1%26tags%3Dhome-page&ppid=82fc80b8-8ecd-44cf-b189-b9a1bbbc2664&sc=1&cookie=ID%3D7d385100edddc740-229712f4bed80073%3AT%3D1670212853%3ART%3D1670212854%3AS%3DALNI_MZORUBbIFBKvLd-mhojMOsa0V6YWQ&gpic=UID%3D00000b89c71662ec%3AT%3D1670212853%3ART%3D1670212853%3AS%3DALNI_MaH85dljvtX8BZvPD1JIaims2EfWw&arp=1&abxe=1&dt=1670212870538&lmt=1670212870&dlt=1670212850871&idt=2812&adxs=1049%2C315&adys=1030%2C1110&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0&ucis=2%7C5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwegotthiscovered.com%2F&frm=20&vis=1&psz=302x-1%7C970x-1&msz=300x-1%7C970x-1&fws=516%2C512&ohw=342%2C0&psts=AMjMPc0KSZDQ0uisFidlzy5HKUYLtrXiAQryjgSuzLJtSSDxJX4m7ZTtJElGyzSCd8guF3iqDUQG7Z0-fRzS45Q&ga_vid=981839477.1670212853&ga_sid=1670212854&ga_hid=733302740&ga_fc=true
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 04:01:11 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15832
x-xss-protection
0
google-lineitem-id
-1,-1
pragma
no-cache
server
cafe
google-creative-id
-1,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://wegotthiscovered.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 106D 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wegotthiscovered.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
582033
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 28 Nov 2022 10:20:37 GMT
expires
Tue, 28 Nov 2023 10:20:37 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 7DE4 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f106.1e100.net
Software
GSE /
Resource Hash
c6367234db4620f84491701a015759eba55fb47e68164d86afee6e86fd363dd1
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-NoQo51r9491zu0fFLXMusQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://wegotthiscovered.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-NoQo51r9491zu0fFLXMusQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 05 Dec 2022 04:01:10 GMT
expires
Mon, 05 Dec 2022 04:01:10 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
json
gum.criteo.com/sid/ Frame 8599 		454 B
576 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=publishertag&domain=wegotthiscovered.com&sn=ChromeSyncframe&so=0&topUrl=wegotthiscovered.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
Requested by
Host: gum.criteo.com
URL: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=wegotthiscovered.com&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.136 -, , ASN (),
Reverse DNS
Software
Kestrel /
Resource Hash
d638e338899339e633c07e2b4d7da564bbc9850e18e0ca95d8c7cf31b7e6b50c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=wegotthiscovered.com&gdpr=0&gdpr_consent=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Dec 2022 04:01:10 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/json; charset=utf-8
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
1037281
expires
0
sodar
pagead2.googlesyndication.com/pagead/ Frame 7DE4 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022112901&jk=723874549316057&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f156.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers
api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js
pagead2.googlesyndication.com/bg/ Frame 106D 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f156.1e100.net
Software
sffe /
Resource Hash
6a98bdefd73410963a41036b4bc4d25b080aaec85db7ebd132a12d3aa17e8586
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Fri, 02 Dec 2022 11:59:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
230523
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16010
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 02 Dec 2023 11:59:07 GMT
generate_204
tpc.googlesyndication.com/ Frame 106D 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?NmfZlQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 04:01:11 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
certify.alexametrics.com
URL
https://certify.alexametrics.com/atrk.gif?frame_height=1200&frame_width=1600&iframe=0&title=Movie%20News%2C%20Gaming%20News%2C%20Blu-Ray%20News%2C%20Music%20News%2C%20and%20TV%20News%20%7C%20We%20Got%20This%20Covered&time=1670212852942&time_zone_offset=0&screen_params=1600x1200x24&java_enabled=0&cookie_enabled=1&ref_url=&host_url=https%3A%2F%2Fwegotthiscovered.com%2F&random_number=4953855017&sess_cookie=9228c846184e0719cceeb4f47cd&sess_cookie_flag=1&user_cookie=9228c846184e0719cceeb4f47cd&user_cookie_flag=1&dynamic=true&domain=wegotthiscovered.com&account=FMu/w1hNdI20fn&jsv=20130128&user_lang=en-US
Domain
cs.nex8.net
URL
https://cs.nex8.net/cs/openx
Domain
match.rundsp.com
URL
https://match.rundsp.com/redirect?ex=openx
Domain
match.rundsp.com
URL
https://match.rundsp.com/redirect?ex=openx
Domain
match.rundsp.com
URL
https://match.rundsp.com/redirect?ex=openx
Domain
rtb-csync.smartadserver.com
URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=66&partneruserid=087422040022369f79e4bc57&gdpr=0&gdpr_consent=

Verdicts & Comments Add Verdict or Comment

376 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 object| 26 object| 27 object| 28 object| 29 object| oncontentvisibilityautostatechange string| ANDROID string| BLACKBERRY string| IPAD string| IPHONE string| IPOD string| MOBILE string| NOKIA string| SYMBIAN string| WINDOWS_PHONE string| WINDOWS string| MAC string| LINUX string| OTHER object| MOBILE_ARRAY object| DESKTOP_ARRAY function| getDeviceType function| isDesktopDevice function| is_mobile string| gtm4wp_datalayer_name object| dataLayer function| Swiper undefined| $ function| jQuery object| wpp_params object| WordPressPopularPosts object| _sf_async_config object| GlobalSnowplowNamespace function| snowplow object| dataLayer_content object| special_ops object| propertag function| gtag object| _comscore object| _atrk_opts function| fbq function| _fbq function| admiral object| googletag function| __tcfapi function| __uspapi boolean| haveWeGotAds object| WGTCADS number| postBottom object| $sidebar object| $topStickySideAnchor object| $topStickySideContainer object| $topStickySideUnits object| $stickySideAnchor object| $stickySideContainer object| $stickySideUnits function| addStickySidebar boolean| _add_1 boolean| _end_1 boolean| _finish_1 object| infiniteScroll object| hurrytimer_ajax_object object| webVitals function| getArticle function| getArticlePage function| _createForOfIteratorHelper function| _unsupportedIterableToArray function| _arrayLikeToArray function| _classCallCheck function| _defineProperties function| _createClass function| HurrytimerAction function| _typeof function| HurrytimerCampaign number| square_loaded number| top_loaded number| fullscreen number| delay string| hash boolean| gallery_square_ad_ready boolean| gallery_banner_ad_ready boolean| hover_loaded function| load_gallery_square_ad function| load_gallery_banner_ad function| unload_gallery_ads function| EvEmitter function| imagesLoaded function| wgtcLoadGallery object| Cookies object| __bt_tag_d object| __bt_tag_am object| __bt_intrnl object| _stq function| popup undefined| newsletterCookieValue string| string object| myPopup object| Modernizr string| ggv2id function| get_real_link object| __SKIM_JS_GLOBAL__ object| skimlinksAPI object| FB object| _cb_shared object| pSUPERFLY_mab object| _cbq object| pSUPERFLY function| st_go function| linktracker_init object| wpcom object| __cfBeacon number| topLimit object| carouselSlider object| properSpecialOps boolean| payload_loaded object| ggeac object| google_tag_data object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| google_persistent_state_async boolean| google_measure_js_timing object| google_reactive_ads_global_state object| adsbygoogle boolean| _gfp_a_ object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint object| google_tag_manager string| GoogleAnalyticsObject function| ga object| AMP object| _cbm object| COMSCORE function| udm_ function| atrk boolean| _atrk_fired object| _0x1ac4 function| _0x2ad4 function| _0x32639f object| ProperMedia object| _qevents function| proper_log function| proper_debug_console function| proper_debug_overlay function| proper_display function| proper_render function| disableSlotRefresh function| logMatchingResponse function| properSpaNewPage function| properSpaNewSection function| properSpaNewPageView function| properSpaNewPageReset function| properInfNewPage function| properBuildSlots function| properDeleteSlot function| properDestroyDfpSlot function| proper_remnant function| runATS function| publisherAudiencesOptOut function| refreshAuctionAndSlotsByName object| TraceKit function| UAParser object| properStorage string| PBJS_USER_ID_OPTOUT_NAME object| device string| PUB_COMMON string| EXP_SUFFIX string| COOKIE string| LOCAL_STORAGE string| MODULE_NAME number| GVLID object| amazon_crid_map number| accountId number| alias_accountId string| proper_ad_page_uuid object| apstag object| link1 object| link2 function| proper_5ba389eb_037eb042_1 function| proper_7f387311_7ddc7d5b_2 function| proper_e5affeb0_04c97d82_3 number| proper_rps string| proper_ad_session_uuid object| propervideotag function| 4dm1r11545242527 object| __buffer string| x object| userId object| Criteo string| placementId function| clarity object| ns_p object| webpackChunkad_manager object| vmpbjs object| _pbjsGlobals number| __VM_COUNT function| $___render object| ADAGIO string| nobidVersion object| nobid function| onYouTubeIframeAPIReady object| gaGlobal object| gtmDataLayer function| quantserve function| __qc object| ezt object| _qoptions object| googleToken object| googleIMState function| processGoogleToken object| gaplugins object| gaData object| ProperMediaVideo function| propervideo_log function| propervideo_display function| google_sa_impl boolean| _gfp_p_ object| google_image_requests number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| __VM boolean| apstagLOADED object| google_optimize object| paramMatch object| viewPortSize object| debugIp object| debugId number| sekindoDisplayedPlacement object| PrimisApiConfig function| constructsekindoParent115 object| lotame_sync_16576 function| setImmediate function| clearImmediate object| ID5 object| ats boolean| gg_custom_takeover_fired object| criteo_syncframe_state object| criteo_pubtag object| criteo_pubtag_prebid_130 object| Criteo_prebid_130 object| PublisherCommonId function| lotameIsCompatible function| sync16576_ba function| sync16576_b undefined| sync16576_c undefined| sync16576_ca undefined| sync16576_d function| sync16576_e object| sync16576_g function| sync16576_da function| sync16576_ea object| sync16576_ object| sync16576_ha object| sync16576_o object| sync16576_ta object| sync16576_K function| sync16576_aa function| sync16576_a function| sync16576_f function| sync16576_h function| sync16576_i function| sync16576_j function| sync16576_k function| sync16576_ga function| sync16576_fa function| sync16576_l function| sync16576_m function| sync16576_n function| sync16576_p function| sync16576_ia function| sync16576_ja function| sync16576_r function| sync16576_ka function| sync16576_s function| sync16576_t function| sync16576_q function| sync16576_u function| sync16576_la function| sync16576_v function| sync16576_w function| sync16576_x function| sync16576_y function| sync16576_z function| sync16576_A function| sync16576_B function| sync16576_D function| sync16576_E function| sync16576_F function| sync16576_C function| sync16576_ma function| sync16576_G function| sync16576_H function| sync16576_na function| sync16576_oa function| sync16576_I function| sync16576_J function| sync16576_pa function| sync16576_qa function| sync16576_ra function| sync16576_sa function| sync16576_L function| sync16576_M function| sync16576_N function| sync16576_O function| sync16576_P function| sync16576_Q function| sync16576_R function| sync16576_S function| sync16576_T function| sync16576_U function| sync16576_V function| sync16576_W function| sync16576_Z function| sync16576_X function| sync16576__ function| sync16576_Y function| sync16576_0 function| sync16576_1 function| sync16576_2 function| sync16576_3 function| sync16576_8 function| sync16576_ua function| sync16576_4 function| sync16576_6 function| sync16576_va function| sync16576_wa function| sync16576_9 function| sync16576_7 function| sync16576_5 function| sync16576_xa function| sync16576_ya function| sync16576_za function| sync16576_Aa function| sync16576_$ function| sync16576_Ba function| sync16576_Ca function| sync16576_Da function| sync16576_Ea object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager boolean| sekindoFlowingPlayerOn object| ebData

287 Cookies

Domain/Path Name / Value
.cmcd1.com/usersync Name: ckuid
Value: 7a5a1e36-bcdd-4ad2-b4ec-ca24448af929
.3lift.com/sync Name: sync
Value: CgoIoQEQlfDGg84wCgoIgQIQlfDGg84wCgoI4gEQlfDGg84wCgoI5gEQlfDGg84wCgoIhwIQlfDGg84wCgkICRCV8MaDzjAKCQg6EJXwxoPOMAoKCIwCEJXwxoPOMAoJCF8QlfDGg84wCgkIHxCV8MaDzjA=
wegotthiscovered.com/ Name: newsletter-popup
Value: 2
.wegotthiscovered.com/ Name: _cb
Value: DsIiPMCGfG2qZ3Yfh
.wegotthiscovered.com/ Name: _chartbeat2
Value: .1670212852391.1670212852391.1.BuSEIKBkxyvyCM2FC_0l2s7DDILXe.1
.wegotthiscovered.com/ Name: _cb_svref
Value: null
wegotthiscovered.com/ Name: _sp_ses.1618
Value: *
wegotthiscovered.com/ Name: _sp_id.1618
Value: ebed1b65-b692-446d-a912-4d67600f7d88.1670212853.1.1670212853..7a7ec9d9-96c5-4687-aa81-d34d15d0b794..2129585c-008f-42c0-8131-be05ad91f892.1670212852758.1
.wegotthiscovered.com/ Name: __asc
Value: 9228c846184e0719cceeb4f47cd
.wegotthiscovered.com/ Name: __auc
Value: 9228c846184e0719cceeb4f47cd
wegotthiscovered.com/ Name: _lr_retry_request
Value: true
wegotthiscovered.com/ Name: _lr_env_src_ats
Value: false
.wegotthiscovered.com/ Name: usprivacy
Value: 1---
.wegotthiscovered.com/ Name: _fbp
Value: fb.1.1670212853404.1986962759
.wegotthiscovered.com/ Name: _ga_VRDHJCSX1H
Value: GS1.1.1670212853.1.0.1670212853.60.0.0
.scorecardresearch.com/ Name: UID
Value: 194b39d8e7accd24a9afb1b1670212853
.openx.net/ Name: i
Value: 82fc80b8-8ecd-44cf-b189-b9a1bbbc2664|1670212853
.wegotthiscovered.com/ Name: _sp_cookie
Value: 28e17f9f-7c78-4c22-884c-c2653f5b80f4
.wegotthiscovered.com/ Name: _ga
Value: GA1.2.981839477.1670212853
.wegotthiscovered.com/ Name: _gid
Value: GA1.2.1386242268.1670212854
.wegotthiscovered.com/ Name: _gat_gtag_UA_17178859_1
Value: 1
.bidswitch.net/ Name: tuuid
Value: 80b35f2d-fa1a-47da-9010-64e13e84dcaf
.bidswitch.net/ Name: c
Value: 1670212853
.bidswitch.net/ Name: tuuid_lu
Value: 1670212853
.gumgum.com/ Name: cs
Value: true
.gumgum.com/ Name: loc
Value: 4s_EXaH7BxjzAmONdfimoepLYlRQeqxU8rVWQq5QryTa3XHdoIq3t_wFO7VxB_Narf6aZXCmKe0j48a_Ev7Z_RpZzSu1-8MWkuGS6GV6JCsHjn0kWn97TrG2nXiXTflb
.spotxchange.com/ Name: audience
Value: 6a0ea1e7-7451-11ed-a4dc-15930aea0007
.wegotthiscovered.com/ Name: __gpi
Value: UID=00000b89c71662ec:T=1670212853:RT=1670212853:S=ALNI_MaH85dljvtX8BZvPD1JIaims2EfWw
.teads.tv/ Name: tt_viewer
Value: 58060ff0-2954-48db-9ba7-e767294f02a0
.prebid.a-mo.net/ Name: _sv3_0
Value: 1
.a-mo.net/ Name: amuid2
Value: f33dd133-4dbf-4af7-844a-20b520c1ea9f
.prebid.a-mo.net/ Name: sd_amuid2
Value: f33dd133-4dbf-4af7-844a-20b520c1ea9f
.dotomi.com/ Name: DotomiUser
Value: 720906812869053542$3$159270811$$1
.rubiconproject.com/ Name: khaos
Value: LBA9LY0O-6-E4O5
.gumgum.com/ Name: vst
Value: a_9b4ef1cb-d190-408c-a686-af91f91e46ab
.id5-sync.com/ Name: 3pi
Value:
.go.sonobi.com/ Name: __uis
Value: 6f896399-2a8c-433e-9a55-401cdb521b59
.go.sonobi.com/ Name: _usd_wegotthiscovered.com
Value: 5c194e0e-09ff-4010-a0a8-0244c7e0484c
.go.sonobi.com/ Name: HAPLB3A
Value: s3569|Y41s+
.lijit.com/ Name: _ljtrtb_263069
Value: 82fc80b8-8ecd-44cf-b189-b9a1bbbc2664
.lijit.com/ Name: ljt_reader
Value: Fw2QCRZHu3v1r7TzQW6rTsLw
www.clarity.ms/ Name: CLID
Value: 8e7b95e625bc486a9ccb716e121b22a7.20221205.20231205
.adnxs.com/ Name: icu
Value: ChgIt-19EAoYASABKAEw9tm1nAY4AUABSAEQ9tm1nAYYAA..
.wegotthiscovered.com/ Name: _clck
Value: 5xvzam|1|f75|0
.adnxs.com/ Name: uuid2
Value: 6665481102401954734
.smartadserver.com/ Name: pbw
Value: %24b%3d16999%3b%24o%3d11100
.smartadserver.com/ Name: vs
Value: 519499=5220240
.smartadserver.com/ Name: TestIfCookie
Value: ok
.smartadserver.com/ Name: TestIfCookieP
Value: ok
.smartadserver.com/ Name: sasd
Value: %24qc%3D1500025086%3B%24ql%3DUnknown%3B%24qpc%3D3000%3B%24qt%3D164_1410_42470t%3B%24dma%3D0
.proper.io/ Name: __cf_bm
Value: CRQ3G6XYyw07xxd92PqUVzn0A_tMQSC_GZPCDAgpHeY-1670212852-0-AY0nd39%2B2Hw2dt918gzIhMExOvfu0ZH5%2Bgn6eaHtc3aRuQkXbtzQ77t01rKtPIqZ4K9U3hD82bgtVAeNopmpkz3reK6AK%2B3ySJOGAw80bVwr
.primis.tech/ Name: csuuid
Value: 638d6cf666bb7
.smartadserver.com/ Name: pid
Value: 4849656571711328320
.smartadserver.com/ Name: sasd2
Value: q=%24qc%3D1500025086%3B%24ql%3DUnknown%3B%24qpc%3D3000%3B%24qt%3D164_1410_42470t%3B%24dma%3D0&c=1&l=1874688790&lo=597497507&lt=638058096542971395&o=1
.yahoo.com/ Name: A3
Value: d=AQABBPZsjWMCEAcw9S4BKOVR9fSQEZT4xIUFEgEBAQG-jmOXYwAAAAAA_eMAAA&S=AQAAAhzOgnNiAXA8uLg8TfPtECQ
.doubleclick.net/ Name: IDE
Value: AHWqTUkfJ_1QibppsAfGjOkv5O4d4mkgsNA8C8ODxXhXEnnmV-0yiQMopCIhPhdGp4c
.proper.io/ Name: mediagrid
Value: 80b35f2d-fa1a-47da-9010-64e13e84dcaf
.proper.io/ Name: sovrn
Value: Fw2QCRZHu3v1r7TzQW6rTsLw
.prebid.a-mo.net/ Name: _sv3_8
Value: 1
.wegotthiscovered.com/ Name: __gads
Value: ID=7d385100edddc740-229712f4bed80073:T=1670212853:RT=1670212854:S=ALNI_MZORUBbIFBKvLd-mhojMOsa0V6YWQ
.wegotthiscovered.com/ Name: _awl
Value: 2.1670212854.0.5-ac3ff1cfc9b3a9d44becc9dde985e94d-6763652d617369612d6561737431-0
.quantserve.com/ Name: mc
Value: 638d6cf6-f01e9-326a3-b39e4
.wegotthiscovered.com/ Name: __qca
Value: P0-150791004-1670212853616
.wegotthiscovered.com/ Name: properSessionStorage
Value: eyJ1dWlkIjoiYzFjMTQzYjEtM2U5ZS00Njc3LWE3MGItMDk3ZjJlNmQzMTg5IiwiZGVwdGgiOjEsInJlZmVycmVyIjoiIiwiZ2NsaWQiOiIiLCJmYmNsaWQiOiIiLCJ1dG1fY2FtcGFpZ24iOiIiLCJ1dG1fc291cmNlIjoiIiwidXRtX21lZGl1bSI6IiIsInV0bV90ZXJtIjoiIiwidXRtX2NvbnRlbnQiOiIiLCJ1dG1fdGVtcGxhdGUiOiIiLCJ1dG1fcmVmZXJyZXIiOiIiLCJ1dG1fYWRzZXQiOiIiLCJ1dG1fc3ViaWQiOiIiLCJyZXZlbnVlIjowLjAwMDMzLCJiaWRfYXZnIjp7fSwibm9fYmlkX2NudCI6e30sImF1Y3Rpb25fY291bnQiOjEsImxhc3RfdGhyZXNob2xkIjowfQ%3D%3D
.wegotthiscovered.com/ Name: _clsk
Value: n9h4ug|1670212855925|1|1|h.clarity.ms/collect
wegotthiscovered.com/ Name: _lr_geo_location
Value: AU
.crwdcntrl.net/ Name: _cc_dc
Value: 2
.crwdcntrl.net/ Name: _cc_id
Value: b9045ce4bde1933652eadb79168432d1
.wegotthiscovered.com/ Name: _cc_id
Value: b9045ce4bde1933652eadb79168432d1
.wegotthiscovered.com/ Name: panoramaId_expiry
Value: 1670299255863
.intentiq.com/ Name: IQver
Value: 1.9
.intentiq.com/ Name: intentIQCDate
Value: 1670212856499
.intentiq.com/ Name: intentIQ
Value: QnClFusBBa
wegotthiscovered.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.amazon-adsystem.com/ Name: ad-id
Value: A-sWu5_O-Eiwm6n-KK14gCs
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2Il^tFVH_!]tbPl1M>e)ZlrFUfJ+tGXxoeP3sv)B/ahOV<9<0^1)l'TeP32Yvn'aBRe7c3If)y3KL9D3I?+n!BhcY
.doubleclick.net/ Name: DSID
Value: NO_DATA
.intentiq.com/ Name: ASDT
Value: 0
.mookie1.com/ Name: id
Value: 10524349382118821030
.mookie1.com/ Name: mdata
Value: 1|10524349382118821030|1670212857355
.mookie1.com/ Name: ov
Value: 3c76ebb2103160b4dac0f4d9d7952b29
.fout.jp/ Name: uid
Value: D24we8rTQunVmWnlY_2cKdfY3ts
.onetag-sys.com/ Name: OTP
Value: JL5gPSS9C3tWBA_VREeFuifnp1CYVfxa7CqAiiLMnT8
.3lift.com/ Name: tluid
Value: 1745046129942590647047
.adform.net/ Name: C
Value: 1
.tremorhub.com/ Name: tvid
Value: 22ae6b029cf64a39a7db3a2f043fd035
.ad-m.asia/ Name: uid
Value: aCMIWLORMX
.smaato.net/ Name: SCM
Value: 22dd4858
.smaato.net/ Name: SCMaps
Value: 22dd4858
.yieldmo.com/ Name: yieldmo_id
Value: gd93c4265451b191a719%7C1670212857639%7C0%7C
.media.net/ Name: data-pri
Value: 638d6cf666bb7~~34
.casalemedia.com/ Name: CMPRO
Value: 4853
.sharethrough.com/ Name: stx_user_id
Value: ef621820-2851-42b3-b428-eba03b4951ed
.simpli.fi/ Name: suid
Value: D2890877A16842FBAB5E0498421370CE
.csync.loopme.me/ Name: viewer_token
Value: 14974ed4-eda2-4b38-a1a2-d8ae1b305010
.casalemedia.com/ Name: CMPS
Value: 4853
.intentiq.com/ Name: IQadv
Value: 1670212857693
.adform.net/ Name: uid
Value: 5872975480053967565
.tapad.com/ Name: TapAd_TS
Value: 1670212857797
.tapad.com/ Name: TapAd_DID
Value: 99425b1c-5be5-4b55-8e5e-c77148467017
.socdm.com/ Name: SOC
Value: Y41s.cCo8X4AADb2cVwAAAAA
.mediago.io/ Name: __mguid_
Value: 8d2ebe8ec156ad2dab11ea44d8c7f47b
.media.net/ Name: visitor-id
Value: 3132144571537921000V10
.criteo.com/ Name: uid
Value: 59cfaa82-d4c8-4b80-86e4-227c36b490f8
.tremorhub.com/ Name: tvssa
Value: 1670212857862
.adsrvr.org/ Name: TDID
Value: 068165a1-9f84-469f-b0f4-06b7381834b8
.pubmatic.com/ Name: KADUSERCOOKIE
Value: E0D49FB2-6484-443C-94BA-B894703FD7A2
.intentiq.com/ Name: IQSmartAdServerCookieSync
Value: 1670212857898
.casalemedia.com/ Name: CMID
Value: Y41s.eHz8VRrS6e3WWgVlgAA
.ads.yieldmo.com/ Name: ptrt
Value: 5cf6b0ca-1cd5-485e-b82f-4f101a2389ad
.contextweb.com/ Name: V
Value: 86xgmJnBwVKu
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: 79ac315436019a76
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~Y41s_gAAAZViBgAp
ads.playground.xyz/ Name: connect.sid
Value: s%3ABqHdcwVBWvI-1YRkvTKJIZ6AwKO_pOtF.LbOB9FE%2BQEiI%2BscpmWsHS0yOlQF1LWmtsVVoWVVUyVk
.zemanta.com/ Name: zuid
Value: -vTt3VyQ06c91NKwLezP
.admanmedia.com/ Name: admtr
Value: 308e1982-4100-4e40-b524-dff1790fca25
.ambientdsp.com/ Name: _aGeoIp
Value: HK-Hong_Kong
.ambientdsp.com/ Name: _aUID
Value: y2gqwq7qgks
.outbrain.com/ Name: obuid
Value: 72d8152e-b9ba-4692-9ab3-d10112141551
.inmobi.com/ Name: idsp_c
Value: 0cfd1fb9-a552-4f5d-8617-5b7defbda417
.c.appier.net/ Name: _auid
Value: rfSoucguAf6m1BWJ-myNYw
.creativecdn.com/ Name: u
Value: XxuXOxblioyknFouUq7k
.creativecdn.com/ Name: ts
Value: 1670212858
.mathtag.com/ Name: uuid
Value: af57638d-6cfa-4600-8909-94e1f1deb2d9
.intentiq.com/ Name: IIQYahooPrimisCookieSync
Value: 1670212858353
.mookie1.com/ Name: syncdata_TAP
Value: 1
.intentiq.com/ Name: IQTripleLiftCookieSync
Value: 1670212858398
.pubmatic.com/ Name: KRTBCOOKIE_377
Value: 6810-068165a1-9f84-469f-b0f4-06b7381834b8&KRTB&22918-068165a1-9f84-469f-b0f4-06b7381834b8&KRTB&23031-068165a1-9f84-469f-b0f4-06b7381834b8
.pubmatic.com/ Name: KRTBCOOKIE_218
Value: 4056-Y41s_gAAAZViBgAp&KRTB&22978-Y41s_gAAAZViBgAp&KRTB&23194-Y41s_gAAAZViBgAp&KRTB&23209-Y41s_gAAAZViBgAp
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-6665481102401954734&KRTB&23339-6665481102401954734
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-5872975480053967565&KRTB&23263-5872975480053967565
.turn.com/ Name: uid
Value: 3034912127337643283
.pubmatic.com/ Name: KRTBCOOKIE_1290
Value: 23368-y2gqwq7qgks
.intentiq.com/ Name: IQRubiconPrimisCookieSync
Value: 1670212858456
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-418xauMPbzj4Cjk_sFUkPedaaD34Djo3sFhnxaeZ&KRTB&19420-418xauMPbzj4Cjk_sFUkPedaaD34Djo3sFhnxaeZ&KRTB&22979-418xauMPbzj4Cjk_sFUkPedaaD34Djo3sFhnxaeZ&KRTB&23403-418xauMPbzj4Cjk_sFUkPedaaD34Djo3sFhnxaeZ
.pubmatic.com/ Name: KRTBCOOKIE_148
Value: 19421-uid:D2890877A16842FBAB5E0498421370CE
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEIIUZvUHDUlIqYn_08wlweU&KRTB&16514-CAESEIIUZvUHDUlIqYn_08wlweU&KRTB&23025-CAESEIIUZvUHDUlIqYn_08wlweU&KRTB&23386-CAESEIIUZvUHDUlIqYn_08wlweU
.ipredictive.com/ Name: cu
Value: 9d5687d6-919d-4b77-97c7-2b3fd3faba04|1670212858534
.pubmatic.com/ Name: KRTBCOOKIE_904
Value: 16787-rfSoucguAf6m1BWJ-myNYw
.ads.yieldmo.com/ Name: ptrrc
Value: LBA9LY0O-6-E4O5
.intentiq.com/ Name: IQIndexExchangeCookieSync
Value: 1670212858527
.adgrx.com/ Name: ADGRX_UID
Value: 6ce4c71e-7451-11ed-bbbe-cf973f2c79ff
.ads.yieldmo.com/ Name: ptreps
Value: AQELAC3sQDkNZwIIf0aaAQEBAQE
.id5-sync.com/ Name: cf
Value:
.id5-sync.com/ Name: cip
Value:
.id5-sync.com/ Name: cnac
Value:
.id5-sync.com/ Name: car
Value:
.id5-sync.com/ Name: gdpr
Value:
.id5-sync.com/ Name: callback
Value:
.sportradarserving.com/ Name: zuuid
Value: 029b5057-f717-47ce-a128-be417c5799c1
.sportradarserving.com/ Name: c
Value: 1670212858
.w55c.net/ Name: matchpubmatic
Value: 5
.intentiq.com/ Name: IQMediaNetCookieSync
Value: 1670212858623
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-3034912127337643283&KRTB&23150-3034912127337643283
.pubmatic.com/ Name: KRTBCOOKIE_32
Value: 11175-AQELAC3sQDkNZwIIf0aaAQEBAQE&KRTB&22713-AQELAC3sQDkNZwIIf0aaAQEBAQE&KRTB&22715-AQELAC3sQDkNZwIIf0aaAQEBAQE
.w55c.net/ Name: wfivefivec
Value: cdLMNgQe1P22F45
.w55c.net/ Name: matchbidswitch
Value: 5
.adgrx.com/ Name: ADGRX_CM_PUBMATIC_BRIDGED
Value: 1
.rlcdn.com/ Name: pxrc
Value: CPrZtZwGEgUI6AcQABIFCOhHEAA=
.admanmedia.com/ Name: ac_r
Value: CS32|CS116
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-db6f2f01-fc68-43f5-5e47-61f06dae94cd.VNReijSNs%2BagjUQkqjzCOgR2uRIbtHUybeKg8qU3TDw
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3A228vAfxoQ_VeR2Hwba6UzWfR_lM.jiGisavrPsoMxnsgU6qLPlTQ4A4pWz9o7T1oZy60QEg
.mfadsrvr.com/ Name: tuuid
Value: 3b5056a7-1fff-4313-ba69-a8208f0d3fb8
.mfadsrvr.com/ Name: c
Value: 1670212858
.intentiq.com/ Name: IQtelariaCookieSync
Value: 1670212858884
.pubmatic.com/ Name: KRTBCOOKIE_1003
Value: 22761-6ce4c71e-7451-11ed-bbbe-cf973f2c79ff&KRTB&23275-6ce4c71e-7451-11ed-bbbe-cf973f2c79ff
.bluekai.com/ Name: bku
Value: ikG99woLMVwaIq9r
.bluekai.com/ Name: bkpa
Value: KJyWyBNrQM9D9mY73jzbKhOlRhRcwPYQCxcSzrTx0WqXsxw1yo8Iltq38tfeRq+d4KFq9dyTFt6DetJ4nWLSyf9Wh2UR+4NTIJg7RVJyjOyjhX+tVCfBI3IfNTI8UM445XqhmUUM+eyShFa0KlqUrZzzZdotr2EBkUaAQY6eUfdpDeoIsDoqr9bkYGlhlenEkEWKIVVsjYDksiAlnAujmrKsv23gLIBpQcmS8bsGAACUBQQ9+veY4kxQa5GQoVi76OMwnEBBZjPPGQVPHMoIWjT3EdaWCYK07FS+0kWRhXBQa27YMqB/AEtbzuMabg15hLwndyO9UaKd
.ads.stickyadstv.com/ Name: UID
Value: aff08fbb323e9e876aa6076ba5230eb
.360yield.com/ Name: tuuid
Value: cd598f42-a5b8-40e8-8d5f-5df0334cdb85
.360yield.com/ Name: tuuid_lu
Value: 1670212859
.agkn.com/ Name: ab
Value: 0001%3AoTUmOQY%2FMbfEH1bNVI9rfDs81H5kFArI
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&903438e4-45d6-4b95-8d77-ce8b67e4da65"
.linkedin.com/ Name: lidc
Value: "b=TGST08:s=T:r=T:a=T:p=T:g=2434:u=1:x=1:i=1670212859:t=1670299259:v=2:sig=AQHIjADjfNW7KEa-n4IIk0ayIYaxE_yi"
.sportradarserving.com/ Name: zuuid_lu
Value: 1670212859
.sportradarserving.com/ Name: zuuid_k
Value: 1
.sportradarserving.com/ Name: zuuid_k_lu
Value: 1670212859
.ads.yieldmo.com/ Name: ptrbsw
Value: 80b35f2d-fa1a-47da-9010-64e13e84dcaf
.intentiq.com/ Name: IQOpenxPrimisCookieSync
Value: 1670212859173
.mfadsrvr.com/ Name: tuuid_lu
Value: 1670212859
.technoratimedia.com/ Name: tads_uid
Value: GDPR
.mookie1.com/ Name: syncdata_NEU
Value: 1
.pippio.com/ Name: did
Value: ngjmkSsM8aGWeZqV
.pippio.com/ Name: didts
Value: 1670212859
.pippio.com/ Name: nnls
Value:
wegotthiscovered.com/ Name: pbjs-unifiedid
Value: %7B%22TDID%22%3A%22068165a1-9f84-469f-b0f4-06b7381834b8%22%2C%22TDID_LOOKUP%22%3A%22TRUE%22%2C%22TDID_CREATED_AT%22%3A%222022-11-05T04%3A00%3A59%22%7D
wegotthiscovered.com/ Name: pbjs-unifiedid_last
Value: Mon%2C%2005%20Dec%202022%2004%3A00%3A59%20GMT
.ads.yieldmo.com/ Name: ptrmf
Value: 3b5056a7-1fff-4313-ba69-a8208f0d3fb8
.pubmatic.com/ Name: KRTBCOOKIE_466
Value: 16530-80b35f2d-fa1a-47da-9010-64e13e84dcaf
.socdm.com/ Name: SOSYNC
Value: anNvbjp7Im9wZW54IjoxNjcwMjEyODU5fQ
.openx.net/ Name: univ_id
Value: 537072971|068165a1-9f84-469f-b0f4-06b7381834b8|1670212859761858
.intentiq.com/ Name: IIQADMANCookieSync
Value: 1670212859844
.lijit.com/ Name: _ljtrtb_8101
Value: QnClFusBBa
.pippio.com/ Name: pxrc
Value: CPzZtZwGEgQIAhAAEgYI7OsBEAA=
.intentiq.com/ Name: IIQFreeWheelPrimisCookieSync
Value: 1670212859986
.ladsp.com/ Name: cr
Value: 1
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-41bfb3c0-28e7-4ac9-9b32-d4947a9f9983-004%22%7D
.linkedin.com/ Name: li_sugr
Value: 03860c1b-ec57-440a-96ae-1c1814739080
.blismedia.com/ Name: b
Value: 638D6CFCB236C8353E6EFD3EBLIS
.pubmatic.com/ Name: KRTBCOOKIE_594
Value: 17105-RX-41bfb3c0-28e7-4ac9-9b32-d4947a9f9983-004&KRTB&17107-RX-41bfb3c0-28e7-4ac9-9b32-d4947a9f9983-004
.ladsp.com/ Name: smn_uid
Value: _6CQT-BjjF9nQ4wYAZISlw8cFMOgCxM
.ladsp.com/ Name: lum
Value: CLjzxoPOMBIFCAMQ0AU
.linksynergy.com/ Name: rmuid
Value: f59e36ba-68cc-456c-af9a-d2ce6d2a44ad
.linksynergy.com/ Name: icts
Value: 2022-12-05T04:01:00Z
.bing.com/ Name: MUID
Value: 364D75AA93EF600D195967DB928F61B4
.c.bing.com/ Name: MR
Value: 0
.pubmatic.com/ Name: DPSync3
Value: 1670803200%3A248_164%7C1670284800%3A174%7C1671408000%3A197_201_226_245
.tynt.com/ Name: uid
Value: FCYPv2ONbPxT2T5mBBk1Ug==
.rlcdn.com/ Name: rlas3
Value: gXfPtyjsXTk4p3zQfJrWLTCX4/b04mSCkjbkmKLU9mA=
.intentiq.com/ Name: IQPubmaticCookieSync
Value: 1670212860574
.w55c.net/ Name: matchopenx
Value: 5
.r-ad.ne.jp/ Name: r_ad_token
Value: 51n41001FBDGa007vg7D
.tynt.com/ Name: pids
Value: %5B%7B%22p%22%3A%223bfd58deb3%22%2C%22f%22%3A1%2C%22ts%22%3A1670212860819%7D%2C%7B%22p%22%3A%227912d88d74%22%2C%22f%22%3A1%2C%22ts%22%3A1670212860819%7D%2C%7B%22p%22%3A%2224c05c7b76%22%2C%22f%22%3A1%2C%22ts%22%3A1670212860819%7D%2C%7B%22p%22%3A%22bac1bc34e2%22%2C%22f%22%3A1%2C%22ts%22%3A1670212860819%7D%2C%7B%22p%22%3A%22f9a4a8fd15%22%2C%22f%22%3A1%2C%22ts%22%3A1670212860819%7D%2C%7B%22p%22%3A%22008c314e8f%22%2C%22f%22%3A1%2C%22ts%22%3A1670212860819%7D%5D
.intentiq.com/ Name: IQSovernCookieSync
Value: 1670212860797
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:af57638d-6cfa-4600-8909-94e1f1deb2d9&KRTB&16736-uid:af57638d-6cfa-4600-8909-94e1f1deb2d9&KRTB&23019-uid:af57638d-6cfa-4600-8909-94e1f1deb2d9&KRTB&23208-uid:af57638d-6cfa-4600-8909-94e1f1deb2d9
.adsymptotic.com/ Name: U
Value: 1d44c8a39722770ede66b8d4b97454b0
.id5-sync.com/ Name: id5
Value: f9026747-8990-75ae-a9cf-efbe60940bf4#1670212853924#4
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value: 1!8140
.ctnsnet.com/ Name: cid
Value: 222be45c84fd46478d1c8288686c3634
.semasio.net/ Name: SEUNCY
Value: 5CAB1AFD8F74A4E2
.pubmatic.com/ Name: KRTBCOOKIE_860
Value: 16335-228vAfxoQ_VeR2Hwba6UzWfR_lM&KRTB&23334-228vAfxoQ_VeR2Hwba6UzWfR_lM&KRTB&23417-228vAfxoQ_VeR2Hwba6UzWfR_lM&KRTB&23426-228vAfxoQ_VeR2Hwba6UzWfR_lM
.intentiq.com/ Name: IQAppnexusCookieSync
Value: 1670212861289
.intentiq.com/ Name: IQRubiconCookieSync
Value: 1670212861481
.intentiq.com/ Name: IQMediaMathCookieSync
Value: 1670212861481
.intentiq.com/ Name: CSDT
Value: UEQ6MTUxMDZfMCZUUDZ3dzVNIzIzXzAmVFA2d3dGWiMyNF8wJlRQNnd3eGwjMTUxMTVfMCZUUDZ3d2RSIzEwMTM5XzAmVFA2d3g0byMxMDE0MF8wJlRQNnd4RWYjMTUwMzhfMCZUUDZ3d1Va
.intentiq.com/ Name: IQPData
Value: 1741815379#1670212861480#0#1670212857040
.pubmatic.com/ Name: SyncRTB3
Value: 1671062400%3A63%7C1675382400%3A69%7C1671408000%3A54_71_247_231_233_107_13_204_165_56_22_179_234_96_8_176_5_3_238_21_214_220_7_209_99%7C1671494400%3A35%7C1670803200%3A15_223_2
.admixer.net/ Name: am-uid
Value: 028f615ab32c49f38075170b398047c2
pool.admedo.com/ Name: tuuid
Value: 20470e5d-92e1-47e0-8a10-72bf805a3624
pool.admedo.com/ Name: c
Value: 1670212861
.sitescout.com/ Name: ssi
Value: 590893b0-074c-4b82-8fa8-43a492b763bd#1670212861897
.pubmatic.com/ Name: KRTBCOOKIE_107
Value: 1471-uid:cdLMNgQe1P22F45&KRTB&23421-uid:cdLMNgQe1P22F45
.tribalfusion.com/ Name: ANON_ID
Value: aGntmIoNIvbpmVrCJIlQYwFOjEoD5JKkqPU9yWw9mBM8btQFv2PPOvHVpamaPiZbZcvg7Q0pHn6A4fo91RBc8qZctue
.pubmatic.com/ Name: KRTBCOOKIE_1159
Value: 23138-222be45c84fd46478d1c8288686c3634&KRTB&23139-222be45c84fd46478d1c8288686c3634&KRTB&23328-222be45c84fd46478d1c8288686c3634&KRTB&23427-222be45c84fd46478d1c8288686c3634
pool.admedo.com/ Name: tuuid_lu
Value: 1670212862
.adsrvr.org/ Name: TDCPM
Value: CAESFwoIcHVibWF0aWMSCwi0zdOf65-rOxAFEhYKB3J1Ymljb24SCwiulvSQ65-rOxAFEhYKB3N2eDl0NTASCwjAqP-j65-rOxAFEhQKBXRhcGFkEgsIzP7Oq-ufqzsQBRgBIAIoAjILCMz20diBoKs7EAU4AVoFdGFwYWRgAg..
.analytics.yahoo.com/ Name: IDSYNC
Value: "18y3~28o3:18z8~28o4:18za~28o4"
.openx.net/ Name: pd
Value: v2|1670212859.3|lYvOiavyjEsnuIiujIvGlQkqkalUhIvH.v6vvvCkSrAvzvwpMtSvAuDvXvxvesPtd
.contextweb.com/ Name: pb_rtb_ev
Value: 3-1hlz|7dW.0.1|7bq.0.1
.33across.com/ Name: 33x_ps
Value: u%3D212048774470512%3As1%3D1670212862031%3Ats%3D1670212862031
.mfadsrvr.com/ Name: ssh
Value: !sovrn,1670212862!yieldmo,1670212859
.quantserve.com/ Name: d
Value: EKUBGAHeJ_ijCJiTDNjIEA
.audrte.com/ Name: arcki2
Value: 35iFTJ3VRT3TCm-lsZTFLIa-w!20220908!1670212862390!ip#103.209.254.83
.mookie1.com/ Name: syncdata_IOW
Value: 1
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-41bfb3c0-28e7-4ac9-9b32-d4947a9f9983-004%22%2C%22nxtrdr%22%3Afalse%7D
.owneriq.net/ Name: si
Value: Q7234992621378133737
.owneriq.net/ Name: p2
Value: sv
.sitescout.com/ Name: _ssuma
Value: eyIxNyI6MTY3MDIxMjg2MjYwN30
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 13
.ads.pubmatic.com/ Name: pubsyncexp
Value: 1670234462777
.brand-display.com/ Name: _knxq_
Value: f62db374-c74e-a7ba-314d4366.1670212862.0.1670212862.1670212862
.lijit.com/ Name: _ljtrtb_27
Value: 068165a1-9f84-469f-b0f4-06b7381834b8
.lijit.com/ Name: _ljtrtb_43
Value: 6N5L0uiOFYDzi0OHu9RehezbEoXzj0CPu9mUEabj
.lijit.com/ Name: _ljtrtb_76
Value: 3dbe6121-cdfe-4135-ace3-c7efa72a2acb
.lijit.com/ Name: _ljtrtb_3
Value: af57638d-6cfa-4600-8909-94e1f1deb2d9
.uncn.jp/ Name: t
Value: v_0dce8faa-4cdd-410c-b678-5953b1007568
.pubmatic.com/ Name: PugT
Value: 1670212863
.lijit.com/ Name: _ljtrtb_1
Value: 3034912127337643283
.lijit.com/ Name: _ljtrtb_12
Value: 6665481102401954734
.lijit.com/ Name: _ljtrtb_87
Value: 3b5056a7-1fff-4313-ba69-a8208f0d3fb8
.lijit.com/ Name: ljtrtbexp
Value: eJxdjzsWhDAMA%2B%2BSmiIy%2FnK1fXt3IFBglWMnY%2Bk3MA54TKkSxzZkIVREb9w7GjL6JNAZk%2Fb%2B%2BBPha08Hqip6gmuS5PTOSTeSUqYSGzH5hP9Txyx6%2F3YS87k4eseijkp%2BJZ9RHsuv%2F38CQ8dR4A%3D%3D
.mrpdata.net/ Name: U
Value: 82121521-6bf5-f19a-1d46-f190fa7cf8d5
.lijit.com/ Name: _ljtrtb_49
Value: 86xgmJnBwVKu
.lijit.com/ Name: _ljtrtb_86
Value: XxuXOxblioyknFouUq7k
.lijit.com/ Name: _ljtrtb_16
Value: 590893b0-074c-4b82-8fa8-43a492b763bd-638d6cfd-4155
.lijit.com/ Name: _ljtrtb_26
Value: 80b35f2d-fa1a-47da-9010-64e13e84dcaf
.lijit.com/ Name: _ljtrtb_92
Value: 6665481102401954734
.mrpdata.net/ Name: DNT
Value: 00000000-0000-0000-0000-000000000000
.lijit.com/ Name: _ljtrtb_84
Value: c:a0c7fadee91ba15a5e773a980232689a
.pubmatic.com/ Name: SPugT
Value: 1670212863
.lijit.com/ Name: _ljtrtb_2
Value: D2890877A16842FBAB5E0498421370CE
.bidr.io/ Name: bito
Value: AAGMF07HGtoAACAyHa_sQQ
.bidr.io/ Name: bitoIsSecure
Value: ok
.lijit.com/ Name: _ljtrtb_85
Value: AAGMF07HGtoAACAyHa_sQQ
.casalemedia.com/ Name: CMTS
Value: 5014
.rubiconproject.com/ Name: audit
Value: 1|WD0cx+9RTMKjIGpFF9QEhSKB0+A8/5Oa/STgRiy1xlvw5nw/OPhO4zKhdFEOCUcgZzKWVv00IB8wMD3dSGT6eTnFeKROAqMwVpvCtdV69rwuQio4DdLIkE3OYGmoobl7
.lijit.com/ Name: _ljtrtb_80
Value: LBA9LY0O-6-E4O5
.dyntrk.com/ Name: dyn_u
Value: 07030002_638d6d00bfc3b
.lijit.com/ Name: _ljtrtb_83
Value: LBA9LY0O-6-E4O5
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNrQ0NzM2MDO0NDA2tDAwsDQ3MRTiM9Q1MzAOLU4sCvD0MgkCAM_5p9UlAAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNrQ0NzM2MDO0NDA2tDAwsDQ3MRTiM9Q1MzAOLU4sCvD0MgkCAM_5p9UlAAAA
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_zvEyGtoZm5gZGhkYWZqYGkAAF0yFyQQAAAA
.smartadserver.com/ Name: csync
Value: 25:af57638d-6cfa-4600-8909-94e1f1deb2d9|69:07030002_638d6d00bfc3b|91:E0D49FB2-6484-443C-94BA-B894703FD7A2|127:AAGMF07HGtoAACAyHa_sQQ|130:308e1982-4100-4e40-b524-dff1790fca25|139:0|141:35iFTJ3VRT3TCm-lsZTFLIa-w|147:ef621820-2851-42b3-b428-eba03b4951ed
.lijit.com/ Name: ljtrtb
Value: eJx1Uk1vUzEQ%2FC85s9Laa6%2FXvb2kSSMIhCAVpSdk%2B9mQfiRC5Yk0iP%2FOuudye9qdnfHMvD8zMWhmV7PdcfG4mp7n8zR7NzNWJ8zsnRiD1qGJ3gVyurKsK8FMvtkRWjIJXBgTRDQI7KqhKm4sqXWajvURJVJGwOAKuCwWpCUBR8lFmwNTHoFJRi5tBGe810sXuwqfvz%2B9P85%2Ff%2F0wdeWgM2Qx7JOB2MSB49ggY3OAnAOJEVKB11cS8iuHbUVfKyC1KLsrijcSIcdkcs7FMndXPQFCctFYYwNRYEdWqDPp5tqKmghhMCzOrubD3C%2FRRf02FHCxVBgpLDUfuhFQJ5oKI4LeRYiaSjNjzXaMChVU7GY%2BxM0dboFh6bbdcvx%2F5kJvXojTcblKWEJLY63R5GR88jUESlHQkmWJvU%2FxihyGm48rDOubX6dhWAwv6%2FTtebfr217T%2Fjztt%2Bf8eDi9PBxXp%2Bn2Z3joRXRp%2FuQ3OB22q7vrywG36yl%2BqT%2FqJS9P%2B8s9Lj5P8el2mfK94kPnojFX1iShjK1qpeQhlUpQQm0p2GRTyV23F0rZo%2BcUwLTW9KcwBDlxhCQWpeFITQv9%2Bw9E0Kju
.lijit.com/ Name: _ljtrtb_10
Value: 1976306190318009741

11 Console Messages

Source Level URL
Text
network error URL: https://certify.alexametrics.com/atrk.gif?frame_height=1200&frame_width=1600&iframe=0&title=Movie%20News%2C%20Gaming%20News%2C%20Blu-Ray%20News%2C%20Music%20News%2C%20and%20TV%20News%20%7C%20We%20Got%20This%20Covered&time=1670212852942&time_zone_offset=0&screen_params=1600x1200x24&java_enabled=0&cookie_enabled=1&ref_url=&host_url=https%3A%2F%2Fwegotthiscovered.com%2F&random_number=4953855017&sess_cookie=9228c846184e0719cceeb4f47cd&sess_cookie_flag=1&user_cookie=9228c846184e0719cceeb4f47cd&user_cookie_flag=1&dynamic=true&domain=wegotthiscovered.com&account=FMu/w1hNdI20fn&jsv=20130128&user_lang=en-US
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://api.rlcdn.com/api/identity/envelope?pid=72
Message:
Failed to load resource: the server responded with a status of 451 ()
security error URL: https://wegotthiscovered.com/
Message:
Refused to execute script from 'https://cm.adform.net/cookie?gdpr=0&gdpr_consent=&redirect_url=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F1%2F4471%3Fgdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26A%3Df33dd133-4dbf-4af7-844a-20b520c1ea9f%26bidder%3Dadform%26cbx%3DaHR0cHM6Ly91c3luYy5wcm9wZXIuaW8vdjEvdXNlcnN5bmM_YmlkZGVyPWFkYXB0bXgmcHJvcGVyX3VpZD04MmZjODBiOC04ZWNkLTQ0Y2YtYjE4OS1iOWExYmJiYzI2NjQmdWlkPQ%253D%253D%26uid%3D%24UID' because its MIME type ('image/gif') is not executable.
other warning URL: https://cdn.ampproject.org/rtv/012211060024000/v0/amp-ad-exit-0.1.mjs(Line 1)
Message:
Unrecognized feature: 'attribution-reporting'.
network error URL: https://s0.2mdn.net/9644752/1669691686695/null
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://cs.nex8.net/cs/openx
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
other error URL: chrome-error://chromewebdata/
Message:
Refused to display 'https://pr-bh.ybp.yahoo.com/' in a frame because it set 'X-Frame-Options' to 'deny'.
network error URL: https://s0.2mdn.net/9644752/1669691643177/null
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://match.rundsp.com/redirect?ex=openx
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://match.rundsp.com/redirect?ex=openx
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://match.rundsp.com/redirect?ex=openx
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.audrte.com
a.sportradarserving.com
a.teads.tv
a.tribalfusion.com
a6877dcf690d5719671ec6745f20d2cd.safeframe.googlesyndication.com
aa.agkn.com
aax-dtb-cf.amazon-adsystem.com
aax-eu.amazon-adsystem.com
abcheck.proper.io
acdn.adnxs.com
ad-delivery.net
ad.360yield.com
ad.turn.com
ade.googlesyndication.com
ads.playground.xyz
ads.pubmatic.com
ads.stickyadstv.com
ads.yieldmo.com
adservice.google.com
adservice.google.com.au
analytics.google.com
aorta.clickagy.com
ap.lijit.com
apex.go.sonobi.com
api.intentiq.com
api.rlcdn.com
apsoutheast-match.deepintent.com
ats.rlcdn.com
b1sync.zemanta.com
bcp.crwdcntrl.net
bh.contextweb.com
bidder.criteo.com
bids.proper.io
bk.r-ad.ne.jp
btloader.com
btlr.sharethrough.com
c.amazon-adsystem.com
c.bing.com
c.clarity.ms
c1.adform.net
c2shb.pubgw.yahoo.com
cdn.ampproject.org
cdn.id5-sync.com
cdn.jsdelivr.net
cdnjs.cloudflare.com
ce.lijit.com
certify-js.alexametrics.com
certify.alexametrics.com
cm.adform.net
cm.adgrx.com
cm.ambientdsp.com
cm.g.doubleclick.net
cms.quantserve.com
connect.facebook.net
core.iprom.net
cr-p3.ladsp.com
creativecdn.com
cs.admanmedia.com
cs.emxdgt.com
cs.media.net
cs.nex8.net
csync.loopme.me
d.turn.com
d3div1mtym39ic.cloudfront.net
data.adsrvr.org
de.tynt.com
demand.trafficroots.com
dis.criteo.com
dmp.brand-display.com
dps.jp.cinarra.com
ds.uncn.jp
dsp.nrich.ai
dsum-sec.casalemedia.com
e-jp.cmcd1.com
eb.proper.io
eb2.3lift.com
eu-u.openx.net
eus.rubiconproject.com
events-ssc.33across.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
g2.gumgum.com
geo.privacymanager.io
geoip.gamurs.workers.dev
global.proper.io
gocm.c.appier.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gu.dyntrk.com
gum.criteo.com
h.clarity.ms
hb.vntsm.com
hb.vntsm.io
hbopenbid.pubmatic.com
htlb.casalemedia.com
i.w55c.net
ib.adnxs.com
id.rlcdn.com
id5-sync.com
idsync.rlcdn.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
image8.pubmatic.com
inv-nets.admixer.net
ipac.ctnsnet.com
j.mrpdata.net
jp-u.openx.net
lb.eu-1-id5-sync.com
lbs.eu-1-id5-sync.com
live.primis.tech
mab.chartbeat.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
match.rundsp.com
match.sharethrough.com
mb9eo.publishers.tremorhub.com
mweb.ck.inmobi.com
odr.mookie1.com
onetag-sys.com
openx2-match.dotomi.com
p.adsymptotic.com
p.rfihub.com
p.skimresources.com
pagead2.googlesyndication.com
partner.googleadservices.com
ping.chartbeat.net
pippio.com
pixel-apac.rubiconproject.com
pixel-eu.rubiconproject.com
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.tapad.com
pixel.wp.com
player.propervideo.io
pm.w55c.net
pool.admedo.com
pr-bh.ybp.yahoo.com
prebid-server.rubiconproject.com
prebid.a-mo.net
prebid.media.net
prg.smartadserver.com
primis-d.openx.net
propermedia-d.openx.net
pubmatic-match.dotomi.com
px.ads.linkedin.com
px.owneriq.net
r.skimresources.com
reachms.bfmio.com
redirect.prod.experiment.routing.cloudfront.aws.a2z.com
rtb-csync.smartadserver.com
rtb.gumgum.com
rtb.mfadsrvr.com
rtb.openx.net
rules.quantcount.com
s.ad.smaato.net
s.amazon-adsystem.com
s.skimresources.com
s.tribalfusion.com
s0.2mdn.net
sb.scorecardresearch.com
search.spotxchange.com
secure-assets.rubiconproject.com
secure.adnxs.com
secure.cdn.fastclick.net
secure.quantserve.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
spc.wegotthiscovered.com
ssbsync.smartadserver.com
ssc-cms.33across.com
ssc.33across.com
ssum-sec.casalemedia.com
stags.bluekai.com
static.adsafeprotected.com
static.chartbeat.com
static.cloudflareinsights.com
static.criteo.net
stats.g.doubleclick.net
stats.wp.com
superficialeyes.com
sync-amz.ads.yieldmo.com
sync-dsp.ad-m.asia
sync-tm.everesttech.net
sync.1rx.io
sync.crwdcntrl.net
sync.fout.jp
sync.inmobi.com
sync.intentiq.com
sync.ipredictive.com
sync.mathtag.com
sync.outbrain.com
sync.search.spotxchange.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync.teads.tv
sync.technoratimedia.com
sync1.intentiq.com
t.skimresources.com
tag.1rx.io
tags.crwdcntrl.net
tags.rd.linksynergy.com
terrifictooth.com
tg.socdm.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
tr.blismedia.com
trace.mediago.io
u.openx.net
uipglob.semasio.net
um.simpli.fi
unpkg.com
ups.analytics.yahoo.com
us-u.openx.net
usersync.gumgum.com
usync.proper.io
v9999.adv.admeme.net
video.primis.tech
web.hb.ad.cpe.dotomi.com
wegotthiscovered.com
www.clarity.ms
www.facebook.com
www.google-analytics.com
www.google.com
www.google.com.au
www.googleoptimize.com
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
yieldmo-match.dotomi.com
certify.alexametrics.com
cs.nex8.net
match.rundsp.com
rtb-csync.smartadserver.com
103.229.10.211
103.229.206.240
103.231.98.193
103.231.98.194
103.231.98.195
103.231.98.197
103.71.26.124
103.71.26.126
104.16.124.175
104.16.57.101
104.16.88.20
104.17.24.14
104.17.78.34
104.18.101.194
104.18.158.234
104.18.25.173
104.18.33.19
104.22.52.76
104.254.151.36
104.254.151.69
104.26.7.139
104.45.178.220
107.178.244.193
107.178.254.65
119.9.108.191
122.248.223.64
124.146.215.50
13.107.246.59
13.107.42.14
13.115.124.23
13.115.65.60
13.231.40.211
13.250.173.68
13.250.207.233
13.251.166.115
13.33.100.164
13.33.33.127
13.33.33.86
13.33.39.40
13.33.79.163
13.33.88.104
13.33.88.107
13.33.88.60
13.33.88.71
13.35.19.109
13.35.8.105
139.5.84.243
139.99.49.250
139.99.63.197
142.250.4.101
142.250.4.154
142.251.10.106
142.251.10.113
142.251.10.154
142.251.10.156
142.251.12.154
142.251.12.156
142.251.12.157
142.251.12.95
145.40.89.200
150.136.25.38
151.101.1.108
151.101.194.49
151.101.2.202
151.139.128.10
157.240.235.1
157.240.235.35
162.19.138.116
162.19.138.120
162.254.186.187
169.197.150.7
172.104.45.159
172.217.194.132
172.217.194.148
172.217.194.156
172.217.194.94
172.64.154.237
172.67.202.192
172.67.36.131
172.67.38.106
172.67.69.19
18.136.8.51
18.138.18.111
18.139.75.61
18.155.68.100
18.155.68.12
18.155.68.15
18.164.174.23
18.176.162.247
18.177.11.95
18.179.95.204
18.195.252.61
18.218.39.25
18.65.3.9
182.161.73.129
182.161.73.136
182.161.73.145
182.161.73.146
184.25.221.62
184.25.248.23
185.184.8.90
185.84.60.29
192.0.76.3
195.5.165.20
198.8.71.130
20.127.253.7
202.131.200.84
202.232.238.37
204.79.197.200
209.191.163.208
209.191.163.209
216.239.36.181
23.106.127.52
23.106.69.72
23.108.103.8
23.15.148.136
23.199.246.27
23.44.0.196
23.47.190.83
23.58.236.39
23.58.239.171
23.58.244.87
23.8.97.76
3.1.230.20
3.113.156.50
3.126.17.61
3.92.104.91
34.102.253.54
34.107.148.139
34.110.189.112
34.110.240.68
34.111.151.213
34.117.239.71
34.120.155.137
34.120.157.206
34.149.20.76
34.202.12.145
34.203.60.99
34.235.231.136
34.96.105.8
34.98.64.218
34.98.67.3
35.186.193.173
35.190.59.101
35.190.60.146
35.190.91.160
35.201.67.47
35.208.249.213
35.213.12.39
35.213.64.108
35.213.93.179
35.214.223.115
35.227.202.26
35.227.252.103
35.244.159.8
35.247.47.28
35.71.131.137
35.77.191.155
37.157.4.41
38.133.127.191
44.235.177.172
46.137.212.121
5.135.209.97
50.116.239.135
50.31.142.223
51.255.68.171
52.203.53.149
52.220.163.160
52.221.159.176
52.223.2.229
52.224.31.34
52.231.207.240
52.37.90.245
52.46.130.91
52.74.13.196
52.74.219.59
52.76.76.143
52.9.91.153
54.157.29.40
54.179.155.191
54.192.81.74
54.199.211.51
54.204.109.58
54.238.120.71
54.239.33.159
66.155.71.25
67.199.150.81
67.199.150.86
67.202.105.21
67.202.105.31
69.173.144.139
69.173.151.100
69.173.158.64
69.173.158.65
72.34.250.78
74.118.186.43
74.118.186.45
74.125.24.132
74.125.24.155
74.125.68.97
74.214.196.131
80.77.87.163
89.207.22.114
89.207.22.137
00b14083601d123173ce293a6825b12170b9dbeb1c4c29231fe271fd2f97a541
00b41ce5405f76a61dac043edc9fc8635a1f4f6498efa64f03ea2157f5215c1b
01562464e38fbcde6f6a1cf2dca8c2b3141f41e54eda9e2c2c426c1dcc14045e
02756b0824e115ea8c05311123e2b5723d9b09dd26fc70e3767a2804a23a1c0f
032e86283c62e14d0c9c9db04db6f056cf5c2662282d456e2b8cc945eb1befcd
04221e821cad47e91fc4e565c605b2a1be5096ca14a82ea9d1cb632004f43f90
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0767c070293f17944c5246f47d8c610131ee16556a032dc3b5820bdac5ec725f
0929f510ca5abcc390c07a48317ee269fef705edac1c4d14c994ac855d14cd7d
09343d3b3473e1c994b2d603c99feb8a0f63fbd3ff20be7432ff18b973dbe651
099a918d88495c30959aee564c8c7fc97f92d1333046318208db735493be20c7
0aa6a7045a55ddcb25bbee4d1edcb864081cf59f7fc9bdc1ada22a32ed4ad3ad
0acd8ae8b70a3eca02fde62b59dd2ec048d11eb76c7cbcb0c7f9bea268674b89
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0ba917f5ffe95fbb9d9dc91b941eebdb365f8645883ab5d1e7ff0a1f07dd0c7b
0c985c8da99184f16fec592565784fc4fd1cc7c0b20b95ee3560c973420c0215
0d69193d1987f491fcfc9e87d995b618ef60a9c88b40d24ad99483067c76a11f
0dabde244ca54751439b42b2bc6754887cf48d7d13835c2ed1fa37b253a4731a
0e9c1e427a5e80c2866377d7efcf372713fe8de95427f06e0fcfedfe1e3cd12a
0f35fdbba04218112d4d190abbe93a7676e285c34a69cb1c197fb06b601745c0
0f48c5678ce459a596423b0e55344e7ad8eb3d3b1b27c54cd76a9d4cee7dd6c3
0fd2c65795c29d6e60c327e78939a448d9fd58d92ce477af1a436f4ab4387d3c
100cb6165570b3968be23ab06f803bafd1ec6b404182fb222025b301a1d319d4
109a9bdc6b8dab426645aeec2eebda6ef3a200e3abc4e4a79c4707bc7f6073c5
10b9d688509666bd9712e877a397c9ea8354cf3725397f7d41cee8be1371829d
10ea06fc411398f73cfb5fb063835592fdcc1b58f5c8802c60c72c4d3d38a260
125934618e2193d744ce3940dcab6a6d7b85bfd57342fefda2daf7eee701ccea
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
12ff3374a5e03acb69e498fc262fd3b257fab89e4668b6ab90a3a7018c2d8290
1333bf077104679a1e7eb28fd2cfd9931b9b348dae056963156a707f07f15b0b
134aab2f403c424ea40a0eacd511c774cf70dad4a67299bc3b1bd422fc8e3d28
1358406cab97e777be8c5affde570ff240af3aec862103e913011338b66ba7f7
13f29f38fc50cc65f3762d35f72b32c18b43699457af0dfa65c9d1413cab74d7
147115ce7aa4a4b2960cc9a0272e384211f1ab74f80b4125b986c6c6061d8d74
1491de1b31182d38593bcf660c99bc6018af8e192d91663f67ec9d045a3b5ccc
157f268930de1c101f99eed8ba5f230c705a44e53d015156dd43f38c2364f0aa
174a239c0ca6c6c5cba1b3037153e50413db377a34bf3daeaa36fa8644dd6e99
17501b2e2ef5481d400850242a6fedc076b0b016594a05beac581b88780fe6bf
176f4538c1764c03b69fb2701b61264f68b3e49eceb5bacb9f4cb18e3c654019
177eba7b005421e3a266913745502d461dcbba122b22cc599c3b63a1f87cf589
183cc0e95052ec40453d70b96380671c93ef240220c5816514ee9c188f50852f
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
19069d69ed1a6767e490923c9cbc08c18466583f0dfa9ab000942c77843b0e96
1b1c3ea8b3d9fec1913ac70c81c83f2172acc41988e747bd24d22bf779fd19a0
1d6ef69e7cf814bb371ce419679b477527ab7b97b0d04919f9ec5089e0aa6d61
1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87
1e0b113b4cf760f1956e7f788e46afd93c62744845aade722ed12163d0fba897
1f3820f3b75e1bb07c2f086666a40506159fbe51506848736657082c0c07f3f9
232f07c5f3799e1c7a3c7934b2a5b4c7d646eab2a761ea404f6e928db7a05243
243aa4e590286a301c88779fa7ae4433721c07caeb63a0a7752c035855b3b357
24559cb630d9fc7ad4c9c2ceb19663a2dacdc44af12c572d7f08a28e1e74218a
25359cb3d49c2e00cb2e97f95643ee30748d54c33daa11c9c6fb0d2b519dfffa
2541943eb1b759367d198f4b470134d85aadc1bf18a48da5e49de3c61b9a59ac
2672d25e2e1eae5faaed7af1cfec73a8cbb155a1b6e52748817bac879fa23368
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
275094aa5d73cd24d848e78f0c41c33d9fd61a09d97b9976e5e707dfd24ada00
28da092b33499c87f72013ce83f2950bf4f52f9b7c7d3fb5231ed80ac423a3cd
29b9bc924b5f8b28a0976dcaf933c9d621dc0752d3872ab707b523300b748f53
2a114299cb24353e87e03256fc7aedce9fec79070dd6c4ef058f6dd6eb5ecb7d
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2c19d105106bf6f55dd15da3523b88f88921e03cf54e1efaa138922fc12397c5
2c31481264886d365d646d49ee106192996e226f0198ffb81a5beab367afc8c7
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e78caada297b81617e1621a15b8da25ea6bc91b6c8d5267b1c469c362cfa61a
2e794cf3d57750254871034d85eaebde7a99e0fe22bb832c15ea71993ffc4e6e
2eb923249e4102d719640acf713eb8e31fc3d5b2cdb87face1c531b75ca6b6a8
2eff9682459cdf09edbdc26d40a2ebe4ebe9a89398676952d0b06c1630452789
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
2f95a880e5801bccf9bd22a13baeae155794995fdbabfe419427757ecdaa1449
302e69dd5cd67c33a01a5d0308c1ead25d5967bd0810b0c073f9fe18124de7bd
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31878cb4da521009771e933a2055c14611e982bf4032e8471e154646eeff4bb8
31ac8767cea18f1e30a3802d1b14b2a416023ad85e042ece628494b8c077e8dc
324229580a277a2f43dabaa9aee2042c1e8197bcf0a8e2fe6fc5aa077f0d14e8
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
3784676c3e78a4b0501bc20b8dee2fa12cd640dc2e3ffc796973a2e3c8609da4
38012049996f1f46f378c3d067d00e5538e98ae3fc2807d69e499346124bc276
3983a6e70201c87528a8742172dc1580eb2098d2857682a8f1a84bb8429450aa
39a31792bbbdb895b3784ef6cd435260a6d1e7fff467f934e4d5bea5543a743f
39fae3dc476aaaa594e2c963401633dd5d02eccb3c175eda03912cfe0f91c92e
3b25b7b320cf3ea75d6219e35c6894a39b1fca98bbc45e20dbfe54cfbbb35281
3cbfa45685b4ad91c14f3256742155082ef47dc59fb6838faff5329877c5ad9d
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3f71cc81bff30c9268948c0c2c85fbee14f895a3d63a8225bbfa638efad82bc9
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
456b9b39be4fc43af92c93b73c146192c7ae1c11a4217dc8a7700afa101628d6
45a39d5fa47e140b1f3acf392447d15aa8117fcfed91eabdcffd9fb2dc4f2652
467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30
468423172426fd9cc2a135eb9a3884643f6307cd4a856955f87a1598d0aa36be
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
46a9dc23f2b4b485c6ac6657aa287e6927d2a83c90344572e7ba2bc9d879603a
4847e582ebcf3d14461a985c49742c41f2ea498c2f84b408c5746cc3090aae7a
48820a19d18fa2b2e58662f993bbca5a69e59cd14d1ddbd26f06ba0dc6ae445d
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48c97b0cfa2e71392fa58921505b2b8aad8f7496cd049ba4331fca8e8db8c485
48d611c460406f0653185a1447f5bf797eec3afa7c080b74205f4a8ea2729f3c
4945783159c6d1a643a0f7ceef5963593781e34f50e27267e9f9b1433745ab8b
4a037aacfacfda6ce86801cfb26ec278a0d61efa2ee1887d959bec8014fb8981
4a45af047847df5b4c2d559429e9bbcb54785ae47f3f8e0124f3f96cc88d235a
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
4ae7a6c76ef4f3b2c72e647be807ca60d4fedf43b6609a210c46919693fbfdfb
4b05d7f4339a505c65d2fcb1b21addd2a13a0c155ddf7ca766d1e7203b2b6cae
4b49f9df6833f612c5bf19b77f27c01ff259fca7994c2cd150ce04f86bd32642
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
507c27740d49f6b21e854adb09f4f2b4e482ce1e2d043e3d71d25a652543465d
51308cfc2cee270e6819ae124d2eb4eec815637c9ac20f0b4a44b20ff0c41689
52f28ac91570d46add179d1b07b683fd47fe0c1832e7cbb4d2bd4c947634a2ba
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5542faba1b71b675241345b49ed0e9eeb3647734a7ef67d56f1aff4b25c45036
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57ba6e1bdb4acee34e54dc147acabd1d0573218dbe12fc0fdf9148d45eacbbed
5944c9a55a4aeda9bc651c1ea13b1c2308f516ddab2cf567046bf4fd3c896766
5a3f127c394608f08000422ae1fda55ea74a923675337c217bffd474027eaea0
5da042d5812f163384470df8b5fbca46e8364922c47407a8dbdcf114066fc6ab
5df0c07f33f798d24624ea588f1c984eea321915da7f3775c8f4ebfc1d2dd465
5e84ce936bc3e3844a5d9efb3ac7d28107fa17234fa2a6c2bf3491fc284f0d4f
5e9e8ae4b52da14c2647bcd0d9697ccb862c5e8cf6f617bbecb1153beb33e950
5fabe2c017ba9a495a3e796d43bc2f554269ee02d4b4222f3cc99668c3c467ac
5fc317d76ceac0bf40bc807bfe56472c96ba97d948b7b420ad9c3442355273be
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824
616f41fbbcf44ba72bb9c97132871526164c81d78f56a15e04ece1a44eb5606a
61b584df1f11afb02f263376e9b686bbecdd332920be25785af8733aadd08488
61c1317e433c125a2ebbbdaf22fc3a0b3606bcb0c9cfea151425adf7b5195f48
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6246712a8a5a655792a7fbebee30b3c65997db297c614e628bed1d37d50271a4
639966fde1c8c288f7d8a48d8bcc34849d461da65f61cf7231b608572068dd98
6448fd1cb28f03fc7d7523861e09bcaa77dd33544175456ff60e130f7a3e1605
645ab6337a55814ca5c4bedda9359debc1f395495b4b7b3c7be9b29bdf41c322
654b64587ba484cd7a2e650fe5f94f707c6922c971f5342b5da7709d773a4cbe
65565783d0087210366e3cc44cb91174d9a30814ef5977e2126ef99bb8ea3650
6585917f907eafe9c7cd98fc36ad1b3e0b386deab1d8433ee96b3ad9e7bb4105
66a69687066acc0ccf5806aaf68098f0b97393b2e4ad8550f6b3eee918b95674
66bedd8addee8463085b2f3dad53b4e44edc803af61577c7f6134d6b5f960eb6
66eec5ff1f5907c3bfb3d9fc41b7a9dba1cb34f81ee6cd1dc5f07da29ba5e977
68116287d6b99feff98ad41fa01cdc251f12b52e253bab507ed2eaa7a363e2b5
683792c85f0e326254a6578668f03cf729462af0691dc3dce35df863cbb88e7f
6a2e81445d96198a101d10b8e84f27f0d5e393efe23ef8c18514a6369ff5f0d1
6a7233280a2e726d9ae0b56ae30bc42d002fc4861447fe27b5b1e4bfc0116e08
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6a98bdefd73410963a41036b4bc4d25b080aaec85db7ebd132a12d3aa17e8586
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b0b111ca14c2147a0f0cb51f1317290eb5ec19b4a9bea595a5ad7ffb7d9661a
6b23455fef4a9d5e25f65875ad223e123e45ff11d28e6f8d304a0e557c60c8fe
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6bf8bb7a4ff87c9951cc6ae6090eb35c99ab7e3a88a2876b06a27ad710a126c2
6c1c7f67a0266e34d2f3678b97e8effa698d9315642e79b0a4c1184d0ec628c3
6da1dab741a3f2779804d4b9a6234fd658e831b523c7086fb65cefd3ff7a5bd1
6dbe9a41d66683628f91a1a4048737288291ec567ea3e31a0012403e68ef39d1
6f2ebea39f445400b5d4ad13527ceb329d4a88d49a4cb1e22ce13906e2210d19
716a727e47216ad28191f60fb09d59015b1bcb3df8cc32b5bb94f73d534a5732
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658
7374a169b675ad5c3ac6167edda9c8fe05fe5315b6728815db2f091cc7712af6
73cb0a9bfac40c518bf5a9fdff4593bbf30b55819cf8d7559912266ff6c6251b
745f607e6360daa1987c11a41b787694cb546f5705b76721d9ae434c90e7cefd
74c08fcfefc984ee892bef518a4970082f1afca27e9de5249210a5a63e705a9a
759dd846c7e5976373fc1fa9cde0bb0bb84435eb364957c53d324630ef6744e0
75bf480ea6d50239a3dbdceb0f5dcea88a5bfd1aeddf485898d9f9d470916bb4
761c8f2cf9cd5684baccb1d915d895566f11d67878ef27c62eab106fa77600ed
76fecf61beba427caa9f1e132cba36585e4c56a1757cd8b632df3672c17e0de3
771093e1694f623315f5b7106918d7a44fc5f4bcaa874942faf3cab21ed7f4c9
7735c234473a327e0cd8f02d866ae594efedba2aa4d0cc146251ab606fe395b5
78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53
7952a34f886e3cef6c4522009e3abebb3b7f8254955848f6ef064a915fa9ed23
7ba5521768346424aa762b47755936d37a920b92e4ce3946d92367cd6e43ef6e
7c57c4d05d08dad65bc6935b48f240ba3b7a31897805b4def998917a8dcb6ad7
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
7ec70108a49369dc3f73734dacf94050c28049d32fe708c968782483ae8cabda
804937eb9f6c40328d98457f04893b924e1926435c0feedb55a72f58c1e77469
8063368e3f5b0333df27c3796a4dccc0ea145b013186f3872f86aff9e92e5ac3
80744cc1911b5c2091f9ad6dcba46ba5a8157629af9f9e468704fe23d6551588
80e30a26dc70d625989d0f39f9cf4985b96c1285abd6e20c79a94893b0c59a18
81b683dd9d42cd417d7d9b29ab60b1d30c8f3b6d0cd6dde6587725805559a7d2
82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302
82ef200ece01e84b0387a394dd784b93e1a677f8b2efed9d6b79f61d3084121a
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
859a885aa32847000c002c0bce5c07ff72d2958242524ce7e42796965f2f6166
85a64faec356c3a72f249a98a037317adc730ec6d38e47653cd53be5485d80a1
85c96fbb69c7238228745f7653c4c883a1055b6503b7dd5ef2811315afd35c8d
878397a60d22342567cbeb8cbd3e512f37cc4a271d4ae91d29f09b263a698e3a
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8ee5f53d3752309af021002b2199a06523b1fd03f3ea1cdaf5d59e911d4d8178
9003eb7e3040cdb9591230348da3f8342778da4f6ba8b2ce9deafa8970caba4a
925b41942342b99e4fa069f40103f35a3dc23b3ba25a01621394935b27205aae
9289277b42ee181b69efc8a03cc708fb2dfdaa4bfc4f71dcc15b86fe3cc75232
92e413976d2d21c9170e04003fb485b584dbe98b5832e36b050361d4fca2631c
92f08df9b2a05da00a58498aa754a24d5ffb5242f0579487393ed3b923f210ae
942fb8cf0e6046ca52efa912010d060d127ef30f696bdb6ce65e4693be0a3386
954e385ecd6ed2ab0cb91dc0333ea1b3cf1bdcfe309d4857e7181324cb8dc25b
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
98ed071e2805943a367ebcf6a33f6d149302f6a85826fae511ed186a327d14dc
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
99dc3d246f08ffb28a5b7b041e3189eded2263c11922d64741d139f8f30958f3
9a421d7cf16a54029a14eeee9dfe3cba2293bfb393d90a06cb44a71fa80aa626
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9c0c77262d966ff2ec2d4ac5a45de324d044f37fdecac564cb0e9391c44f604b
9c3db9ee989d0642be70d419c8edaaf6a3564b67a5b3caf1988289bcc56a56b0
9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52
9d3e5594775ebe199e9cec093c575ce447e6418bedb099a583ea18a930e614cf
9d7bbb525bb6a5ac08fdd7ae5b31ff6c012b48bd38a471d990342b6c512478cd
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
9e1f20b28bb28036c9fb747a427557bb17632deb4de587cd4de4645cfbad8bdf
9ed9c2ea0873572787708365a59a09342244b524abb587dbe4e7a159520d67c4
9f1928345c63629e189227c2bc06f5ebe67035d3471f472e0e912cfcbb93620c
9f4aa60e5ea65e2f692a0a529e7085fa669a0077424da6bf580881140a5d3219
a01f9f2f5ba1812441a49f7f1dc0b04fb56a18b486005289b8df4212381f10ce
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0708e45fd895ddb761c50d5cf27da6d38314058bc42e9529d0e79c50718d9e2
a08acd55bb001aa85ced7f4f93a4a1446ca18a17689e872b59a9da81ebe0cd45
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a20010b26bce05ea3cfc83cf3a162b7c16b5d2fa2bcf2253b0394b0eb322347a
a26695adab8d7538059dd2a25948c481f5a8fffefee171985a305f9fea9dd628
a33a192e33e85088f82b75303dfe28944c0753f77898bb4efa3f39b000befc2f
a43dc73fd23707fe0da8b8ccb258143d6ff720f079117acb1f44a8a69299a36e
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a63e5cadd935b4e0f99d4e3813d01b5c71f7348fa8ada43d7e46ac9caa57939a
a730c7b06d85c790631820e819fe869e0e7c833b57d2ac05ed38d3d8662bd474
a82086bffbea2b1ba0cb1c931a3045c55bcaec75104009c2d7693c7bec03adab
a8245304d559698c5788e5a75fd94974adfaade8522376c86458f41356480279
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
a90572a4e039aa99c39d536741700c639e1701c6c6cb412f39603c32094d6591
aa634d5e2fbde5cfa71a2237198f04c6dbf491ef21ba68df699b863de30a75bb
abb8322d7925bd93762b2c727c44798125772949ce01bd3328e87124e7dabd5c
ace4208545fb0ff5ea87fbe1470d3bf0af8e73d7d52fea869966c4b9d8c78a60
ae78d17708323caaf2efe8257ae5bcb3b73554e3b4d49014141fd5aef375b5fc
af9fdf82c6453a8916b00a725915136209e20015a8375a4b483ad4f1d36e9496
aff15379a48ef8e15c2c70a7b0eda7ba8976bb50116fd15afdddc1a0037824a0
b08cc9bd79f873cbf3a9468010074bd1c2ede4524d993a1f42edb1778fa3657a
b09a581bc29f4bdbe66bef5c69b90cc1a003e849e2f7706f47a9f0c5f5a6860e
b0dd6a6d3593b5bbb952522e13d6b85af3da1b5f92c2ace9d5076ebfdee27a37
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b3e57eb372e8b405c816875571e184854b2846261c7477c6c9bdb7782faa1a30
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b5cf3c1e88f1fa0dbbcf17a91699d3b05da3ac779dcc160deb9f1160781365b4
b6a14933a29d1a00a9c74cd1b8f896434cbcff24a446e097ea4cf9ca179ddff1
b939dd22d40d542e7b079bef1c8eae6b22683da34fae12d852e9b75704f80c6d
ba265c4a139c5ea673f32664fa85d066d95471c65a62a25aa7ea2394c022d89c
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bbdb1bc1d54833eb7c46e9f7c5d65fd7e329209d803670692066b98074046710
bd73a6b7b2f159a029f55a14d43abd6a022242e4cf6d22d1718baa527d3ccc0b
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05
bf3682135bca4b0c9662fd870a4eeb212edb93acf9452b028daf5361ca74659a
c1344ac197d8708cbf3e03217434e4e284a17e7388a334743d5fca0a95edf0f4
c13ab9c30909f332c35d43db8e9601d6eae5eb3dddadaf402a4ee21113d9a1a5
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c3f05412b273a3c32bf550bf721db6302d8c8c8692d25b847f278ef67693195d
c3f73b989e0620a4d2e12ed57a0d538e4580b8fefaa1fefbad73e0abad6d227f
c4a235e60d29399532a4bf25010afc9b2037088dc123d60f2b3a65ac70103da4
c4ed63fd82336bdbf00126aecf1da73961222a5b6fd28dc25cd6e240159a9a5f
c51fffe2be6f1a72b6d297c12af42ddea28f64b60d1d75a7fe774114dd6942a3
c530c3949769a068f1d54a12b46dc7a29024d81bb360c8c4f0966df30099df9b
c5b104fe91e046dd831e61b7314bb01eda6e357e3222d2d1f1259cfa9f969e93
c6367234db4620f84491701a015759eba55fb47e68164d86afee6e86fd363dd1
c642adbdfb7d17e2072b6f357079f3af67602df784ea938b4085a74b72a8b1e0
c76355a6a939c817ee83f8293fb23c463ceb323ee656892091936b15c386c8ab
c77c73031f12ad805be49f065989e35ee84cdeaba71e1b64c650732c921409df
c7ad2fb033696f6b193dc1e4ef7d353c1d9a4d4a39772bdd0b44175704986ef8
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
ca41e9411dfe1c67f27553246941fc1443f5be202935cd3a7db3ceabec7a7941
ca966385451988c5c3e18c1364f3851d9439eb3647115c7db4a482efde3367e6
cc8a16ce849d72f106bd67187e4b60c20da3093375202bf0b53f23e8f40a8b11
cd48d28c7ebaf56033b251f88780bf4cea0b65dbcb815ccd6854c93caee7d7d4
ce8368e5b8e9f2f066acc6284578c00021aea742c4c7c7ec2836c232a5f8b1f8
ced3b2cefe662b12854b774e447fc7916f2886fee99c61865a0f78893ded2dd0
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf5fe2149d8b73f111851ba945205c53ef4cb07e26ac3f2873265491aefa9bac
d073fb4f4eec190af7bf7282c4fecca1001c25616f87f23d5aaa8dbe16d37e2d
d350d82a519c5fac452e82405846a81ec7a521c645567be99070ca8d613ac1ce
d39403de1ec71ed2f8605a302c8255f0a13f426e05c7cfa4ecaf40aadb27c665
d51a01cb8bd93423b23bd54de6bde16242423fa25201e4cfe619d84db85f0793
d52e99522753413b2c78b32c66cc4628ec79291e50a88413eea585b7e746af5b
d5c905d7ce4679b183eb11f7c6811682ddffbf0f037590360ae2b1a84a51ef1b
d638e338899339e633c07e2b4d7da564bbc9850e18e0ca95d8c7cf31b7e6b50c
d709873b2dd3058fdb02f9325eb522bd13420e9aa57fa9d1c99723ce6947e517
d7f23b706c2051cd14bbfdc75b158a623e575846b2a34cf308709793fb72f5e8
d89cb9800cc62dcc44a0ba866b4a080ad06f735f60a6afecbd6d691d2e8939dd
d8ba6e00e79f5d4ffc5e3f634123c36823648e601c5d6465d27c65e7797d2807
db1c2b662ffc9e6309d4eadf7f80f63ba929159c46e91b9ab7d9a6f2d86e04c4
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de0b6a85183e77b27669137f81e9807c2f1c35fd0c1b3012055e3cf0da2f16fa
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df3ba57c1234e50c05735a0dedc033f43d5e638a97d5c51583cac8411d2ea34f
dfcd3e3ddcded435733c38d4875ed73a509bcdc4ac3c4566240c9adf5e3d765f
e170d20dbbd5a22f50118e25fa2eefb1e85d2ad780e5477ed3a9643186090442
e179e95a429c819ed11563c9e76d36e8159b6a670e03a3c71a0b932638085ef7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3c0a69d6de03571afb770c25f2216665c272ff731e3699ca3a2caf80d730f93
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e41d3eb7172ebf89a4cbf9c6e1d87408ae1f488e4eb451feb9d32158b0123761
e576f12e82c468567e420386b68476ff7045815976395bc6baad1a822c7368a7
e664f939b16da5937eaf17e634fc13aa705a69b18e7e8a8cdb3b4a52608bfe7e
e86b2df786db9badb8478c2a7adb8b1db7a8dad1fabc2911f599b8c68760f075
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ede05a356f8001316785c390ed3c62b8a47a3b882a53d1061ca6c6f6939cf18d
ee1b9dfb4546d28ca1d25011350c95eac305f784d03c4de17fa799f7f3f94c31
ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117
ee73c73e4071b7a4d21e7b9132e230961ba08033858a5737963550b342723619
eeb59fd0df9b67d0489c4bc353b1c0087b8d02eb2af05cebad6cd0eb3265d301
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef2438a41c21a5b9dc27ad88d9a8da6ff8c781c946597c66c5001e146dfe38e9
ef90592d22153fb1cb1534cbc57c637d1268171d949700bcf8f8b8c826706415
f1f17fea7cee4a9ae74981b2930b10a3aafd713f4564080def24e5fb8342a338
f1fcbf1b326bdc97388e929fc5f2ec582501cbb9438d91a26066473868034acc
f27701d979b8cd28406c38e9072bf869172608e24469936dcb15ed7650ba8f18
f2b68c2435eda0b3e644072ac97ee5a6ba8314656c025612ca4226c5695789d5
f302865c57f7f59513df889c3b454f4e6e886bc82fbb5e55cfdf7a4860d7eda2
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f40798a86ddd1c78e6462f011855fb774ff580687d37f19f403fd1d406d57af4
f4961a18ce15e6ac3cc8a3583a62b84118879492071f3501e6a57fee6b89cf96
f4eef8263281c0b26486637831251059757bc3fdc4c3a48045a8ef8646b36e8f
f677ee2d82dfb11f08175f673cf3f065b0d5e491b4485e01259a492715c746e2
f8e873797c0f7edb197ed1d8c9747a14287f064f81f8c955b71f4397570b5cb3
fb65745d7c8a3c3be646a4e5fad4f4911ef6549bd87648cb457bb54fc0a0fce7
fbcc6b13cee9c1b9b9b97f4070d9127a7dafc3a725b1b0cd80ebd3e1096e7668
fcc83a5b6aef86420c1ad553167106df96bd0ff4192ffe52b1647599948edbcf
fe1987c174a68a8f21d577e6c2557d2e5dd9389ada66bcaa99bbaa247212a72c
feef73a6e360f41ff99a55fef39887d19c9ba932a90d3a8ec68fd7579c253cc1
ff1b840b83fb98a6576b9a78591ed399eba5ebcecab7f0638729acb1f76a8064
ffda3b10a6859baeb930feedcb801563e29cf97e96acb7014a19604ddd95cbf8