www.tmj4.com Open in urlscan Pro
13.224.95.126 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.tmj4.com/news/coronavirus/wisconsins-extended-safer-at-home-order-relaxes-restrictions-on-non-essential-b...
Submission Tags: falconsandbox
Submission: On April 24 via api (April 24th 2021, 3:00:57 pm UTC) from US

Summary HTTP 677 Redirects Links 23 Behaviour Indicators

Summary

This website contacted 116 IPs in 11 countries across 95 domains to perform 677 HTTP transactions. The main IP is 13.224.95.126, located in United States and belongs to AMAZON-02, US. The main domain is www.tmj4.com.
TLS certificate: Issued by Amazon on February 5th 2021. Valid for: a year.

This is the only time www.tmj4.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
6	13.224.95.126 13.224.95.126	16509 (AMAZON-02) (AMAZON-02)
4	13.224.95.115 13.224.95.115	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:202... 2600:9000:2021:400:9:4c16:5180:21	16509 (AMAZON-02) (AMAZON-02)
2	216.239.38.21 216.239.38.21	15169 (GOOGLE) (GOOGLE)
3	23.111.9.35 23.111.9.35	33438 (HIGHWINDS2) (HIGHWINDS2)
8	2.18.234.190 2.18.234.190	16625 (AKAMAI-AS) (AKAMAI-AS)
1	151.139.128.11 151.139.128.11	20446 (HIGHWINDS3) (HIGHWINDS3)
7	13.224.95.61 13.224.95.61	16509 (AMAZON-02) (AMAZON-02)
5	2a02:26f0:6c0... 2a02:26f0:6c00::210:ba0a	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a02:26f0:6c0... 2a02:26f0:6c00:2ae::19fd	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:4001:812::2008	15169 (GOOGLE) (GOOGLE)
2	2600:9000:21f... 2600:9000:21f3:f200:d:77c3:2dc0:21	16509 (AMAZON-02) (AMAZON-02)
34	2.18.235.40 2.18.235.40	16625 (AKAMAI-AS) (AKAMAI-AS)
7	143.204.247.127 143.204.247.127	16509 (AMAZON-02) (AMAZON-02)
2	2.18.235.93 2.18.235.93	16625 (AKAMAI-AS) (AKAMAI-AS)
10	13.33.139.93 13.33.139.93	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f03... 2a03:2880:f03d:1c:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
29	18.234.22.28 18.234.22.28	14618 (AMAZON-AES) (AMAZON-AES)
1 1	151.101.114.137 151.101.114.137	54113 (FASTLY) (FASTLY)
5	151.101.14.137 151.101.14.137	54113 (FASTLY) (FASTLY)
11	2606:2800:133... 2606:2800:133:202d:cd5:25f1:103b:1d26	15133 (EDGECAST) (EDGECAST)
2	35.201.67.47 35.201.67.47	15169 (GOOGLE) (GOOGLE)
2	35.190.91.160 35.190.91.160	15169 (GOOGLE) (GOOGLE)
1	2.18.232.28 2.18.232.28	16625 (AKAMAI-AS) (AKAMAI-AS)
1	3.11.4.3 3.11.4.3	16509 (AMAZON-02) (AMAZON-02)
2	143.204.245.11 143.204.245.11	16509 (AMAZON-02) (AMAZON-02)
1 2	35.190.59.101 35.190.59.101	15169 (GOOGLE) (GOOGLE)
2 4	142.250.185.166 142.250.185.166	15169 (GOOGLE) (GOOGLE)
5 8	2620:116:800d... 2620:116:800d:21:5a23:9c4e:e774:96c1	16509 (AMAZON-02) (AMAZON-02)
1 5	143.204.245.38 143.204.245.38	16509 (AMAZON-02) (AMAZON-02)
2	209.197.3.16 209.197.3.16	20446 (HIGHWINDS3) (HIGHWINDS3)
14	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
1	35.227.203.93 35.227.203.93	15169 (GOOGLE) (GOOGLE)
1	185.59.220.199 185.59.220.199	60068 (CDN77 (^_^)/) (CDN77 (^_^)/)
1	2600:9000:215... 2600:9000:215d:a600:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6812:acf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:2a	20446 (HIGHWINDS3) (HIGHWINDS3)
2	2600:1f18:e8a... 2600:1f18:e8a:cd10:3bb7:12f:ec6a:dc8a	14618 (AMAZON-AES) (AMAZON-AES)
64	13.33.139.113 13.33.139.113	16509 (AMAZON-02) (AMAZON-02)
35	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
1	34.96.74.203 34.96.74.203	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:800::200a	15169 (GOOGLE) (GOOGLE)
6	64.202.112.159 64.202.112.159	23352 (SERVERCEN...) (SERVERCENTRAL)
1	151.101.14.132 151.101.14.132	54113 (FASTLY) (FASTLY)
7	2a00:1450:400... 2a00:1450:400c:c00::9b	15169 (GOOGLE) (GOOGLE)
1	2600:9000:20e... 2600:9000:20eb:7800:10:618e:d880:93a1	16509 (AMAZON-02) (AMAZON-02)
10	3.143.119.104 3.143.119.104	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
27	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
2 2	206.189.254.17 206.189.254.17	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
2	205.185.216.42 205.185.216.42	20446 (HIGHWINDS3) (HIGHWINDS3)
17	134.209.131.220 134.209.131.220	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
12	20.50.105.246 20.50.105.246	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
4	2a00:1450:400... 2a00:1450:4001:803::2006	15169 (GOOGLE) (GOOGLE)
6	151.101.2.137 151.101.2.137	54113 (FASTLY) (FASTLY)
1	151.101.114.132 151.101.114.132	54113 (FASTLY) (FASTLY)
5	2a00:1450:400... 2a00:1450:400d:804::2001	15169 (GOOGLE) (GOOGLE)
23	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
2 2	23.37.42.132 23.37.42.132	16625 (AKAMAI-AS) (AKAMAI-AS)
6	104.111.230.142 104.111.230.142	16625 (AKAMAI-AS) (AKAMAI-AS)
1	178.162.133.148 178.162.133.148	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
8	2.18.233.180 2.18.233.180	16625 (AKAMAI-AS) (AKAMAI-AS)
1	18.195.155.181 18.195.155.181	16509 (AMAZON-02) (AMAZON-02)
7 18	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
4 4	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
11 12	185.33.221.13 185.33.221.13	29990 (ASN-APPNEX) (ASN-APPNEX)
4 4	52.57.10.248 52.57.10.248	16509 (AMAZON-02) (AMAZON-02)
7 7	3.126.56.137 3.126.56.137	16509 (AMAZON-02) (AMAZON-02)
2	178.162.133.149 178.162.133.149	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1 2	2600:1f18:612... 2600:1f18:612b:4216:b3d7:e742:13a8:bd05	14618 (AMAZON-AES) (AMAZON-AES)
12 12	52.57.142.16 52.57.142.16	16509 (AMAZON-02) (AMAZON-02)
2 2	188.42.191.196 188.42.191.196	7979 (SERVERS-COM) (SERVERS-COM)
1	3.223.71.232 3.223.71.232	14618 (AMAZON-AES) (AMAZON-AES)
3	185.64.189.115 185.64.189.115	62713 (AS-PUBMATIC) (AS-PUBMATIC)
5 8	185.29.132.144 185.29.132.144	30419 (MEDIAMATH...) (MEDIAMATH-INC)
9 9	37.157.4.39 37.157.4.39	198622 (ADFORM) (ADFORM)
8 11	52.30.50.112 52.30.50.112	16509 (AMAZON-02) (AMAZON-02)
19 25	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
3	151.101.13.194 151.101.13.194	54113 (FASTLY) (FASTLY)
11	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
1 5	2a00:1450:400... 2a00:1450:4001:811::2004	15169 (GOOGLE) (GOOGLE)
5	18.216.222.118 18.216.222.118	16509 (AMAZON-02) (AMAZON-02)
5 5	213.155.156.180 213.155.156.180	1299 (TELIANET ...) (TELIANET Telia Carrier)
56	185.64.189.110 185.64.189.110	62713 (AS-PUBMATIC) (AS-PUBMATIC)
3	178.250.2.151 178.250.2.151	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3 3	85.114.159.118 85.114.159.118	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
5 7	52.209.246.140 52.209.246.140	16509 (AMAZON-02) (AMAZON-02)
3 3	87.98.242.60 87.98.242.60	16276 (OVH) (OVH)
3	173.231.180.197 173.231.180.197	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
11 11	213.19.147.45 213.19.147.45	3356 (LEVEL3) (LEVEL3)
3	2606:4700:20:... 2606:4700:20::681a:bd1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 5	2606:4700::68... 2606:4700::6812:c05	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 3	198.148.27.140 198.148.27.140	19189 (PULSEPOINT) (PULSEPOINT)
3 6	199.232.137.44 199.232.137.44	54113 (FASTLY) (FASTLY)
3	169.197.150.7 169.197.150.7	398989 (DEEPINTENT) (DEEPINTENT)
3	2606:4700:10:... 2606:4700:10::6816:1957	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 5	77.243.60.138 77.243.60.138	42697 (NETIC-AS) (NETIC-AS)
5 5	35.201.96.126 35.201.96.126	15169 (GOOGLE) (GOOGLE)
3	185.64.189.249 185.64.189.249	62713 (AS-PUBMATIC) (AS-PUBMATIC)
3	159.253.128.188 159.253.128.188	36351 (SOFTLAYER) (SOFTLAYER)
2 2	47.252.78.131 47.252.78.131	45102 (CNNIC-ALI...) (CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co.)
3	2a00:1288:110... 2a00:1288:110:c305::8000	34010 (YAHOO-IRD) (YAHOO-IRD)
5	185.64.189.114 185.64.189.114	62713 (AS-PUBMATIC) (AS-PUBMATIC)
3 3	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (TURN) (TURN)
5 5	151.101.114.49 151.101.114.49	54113 (FASTLY) (FASTLY)
3 3	178.62.202.251 178.62.202.251	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
3 3	66.155.71.150 66.155.71.150	13768 (COGECO-PEER1) (COGECO-PEER1)
3	2a02:fa8:8806... 2a02:fa8:8806:13::1370	41041 (VCLK-EU-SE) (VCLK-EU-SE)
3 3	34.98.107.212 34.98.107.212	15169 (GOOGLE) (GOOGLE)
3 3	52.208.41.69 52.208.41.69	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:803::200a	15169 (GOOGLE) (GOOGLE)
2	185.29.133.33 185.29.133.33	30419 (MEDIAMATH...) (MEDIAMATH-INC)
4	13.224.95.17 13.224.95.17	16509 (AMAZON-02) (AMAZON-02)
2	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
2	2404:6800:400... 2404:6800:4003:c04::5e	15169 (GOOGLE) (GOOGLE)
1	138.201.63.165 138.201.63.165	24940 (HETZNER-AS) (HETZNER-AS)
1	2.18.233.201 2.18.233.201	16625 (AKAMAI-AS) (AKAMAI-AS)
1	178.162.133.150 178.162.133.150	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1	2600:1f18:612... 2600:1f18:612b:4264:5a80:73c5:9cbd:79d9	14618 (AMAZON-AES) (AMAZON-AES)
1	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:c::a	15169 (GOOGLE) (GOOGLE)
1	151.101.113.194 151.101.113.194	54113 (FASTLY) (FASTLY)
22	143.204.245.14 143.204.245.14	16509 (AMAZON-02) (AMAZON-02)
1 5	138.201.63.150 138.201.63.150	24940 (HETZNER-AS) (HETZNER-AS)
1 1	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:801::200a	15169 (GOOGLE) (GOOGLE)
1	188.138.33.34 188.138.33.34	8972 (GD-EMEA-D...) (GD-EMEA-DC-SXB1)
1	2606:4700:20:... 2606:4700:20::681a:236	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700:20:... 2606:4700:20::ac43:453b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	143.204.245.88 143.204.245.88	16509 (AMAZON-02) (AMAZON-02)
1	143.204.90.102 143.204.90.102	16509 (AMAZON-02) (AMAZON-02)
1	104.17.119.107 104.17.119.107	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
7	13.33.139.11 13.33.139.11	16509 (AMAZON-02) (AMAZON-02)
1	151.101.113.108 151.101.113.108	54113 (FASTLY) (FASTLY)
1 1	35.227.252.103 35.227.252.103	15169 (GOOGLE) (GOOGLE)
2 2	216.52.2.39 216.52.2.39	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
1	185.86.138.143 185.86.138.143	201081 (SMARTADSE...) (SMARTADSERVER)
3	52.217.15.52 52.217.15.52	16509 (AMAZON-02) (AMAZON-02)
677	116

6 13.224.95.126 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-95-126.zrh50.r.cloudfront.net

www.tmj4.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 13.224.95.115 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-95-115.zrh50.r.cloudfront.net

ewscripps.brightspotcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2021:400:9:4c16:5180:21 (United States)

ASN16509 (AMAZON-02, US)

d25dfknw9ghxs6.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.239.38.21 (San Mateo, United States)

ASN15169 (GOOGLE, US)
PTR: any-in-2615.1e100.net

jelly.mdhv.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.111.9.35 (United States)

ASN33438 (HIGHWINDS2, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2.18.234.190 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-190.deploy.static.akamaitechnologies.com

widgets.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
widget-pixels.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.139.128.11 (United States)

ASN20446 (HIGHWINDS3, US)

s.skimresources.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 13.224.95.61 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-95-61.zrh50.r.cloudfront.net

assets.scrippsdigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:26f0:6c00::210:ba0a (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:2ae::19fd (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:21f3:f200:d:77c3:2dc0:21 (United States)

ASN16509 (AMAZON-02, US)

d2s8wlbatk24s7.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

34 2.18.235.40 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-40.deploy.static.akamaitechnologies.com

sejs.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
px.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 143.204.247.127 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-247-127.cph50.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.235.93 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-93.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
hblg.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 13.33.139.93 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-139-93.cph50.r.cloudfront.net

yummy.consumable.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f03d:1c:face:b00c:0:3 (United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 18.234.22.28 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-234-22-28.compute-1.amazonaws.com

www.arcgis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.114.137 (Frankfurt am Main, Germany) 1 redirects

ASN54113 (FASTLY, US)

cd.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 151.101.14.137 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

cds.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
lit.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vid.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2606:2800:133:202d:cd5:25f1:103b:1d26 (United States)

ASN15133 (EDGECAST, US)

x-default-stgec.uplynk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.201.67.47 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 47.67.201.35.bc.googleusercontent.com

t.skimresources.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.91.160 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 160.91.190.35.bc.googleusercontent.com

p.skimresources.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.232.28 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-28.deploy.static.akamaitechnologies.com

tcheck.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.11.4.3 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-11-4-3.eu-west-2.compute.amazonaws.com

mb.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.204.245.11 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-245-11.cph50.r.cloudfront.net

api.ewscloud.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.59.101 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 101.59.190.35.bc.googleusercontent.com

r.skimresources.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.166 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f6.1e100.net

4394967.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
5994599.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2620:116:800d:21:5a23:9c4e:e774:96c1 (United States) 5 redirects

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 143.204.245.38 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-143-204-245-38.cph50.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 209.197.3.16 (United States)

ASN20446 (HIGHWINDS3, US)
PTR: vip0x010.map2.ssl.hwcdn.net

cdn5.userzoom.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.227.203.93 (Kansas City, United States)

ASN15169 (GOOGLE, US)

pymx5.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.59.220.199 (Frankfurt am Main, Germany)

ASN60068 (CDN77 (^_^)/, GB)

ob.cheqzone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:215d:a600:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:2a (Netherlands)

ASN20446 (HIGHWINDS3, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1f18:e8a:cd10:3bb7:12f:ec6a:dc8a (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

obs.cheqzone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

64 13.33.139.113 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-139-113.cph50.r.cloudfront.net

js.arcgis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

35 142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.74.203 (Kansas City, United States)

ASN15169 (GOOGLE, US)

api.pymx5.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 64.202.112.159 (United States)

ASN23352 (SERVERCENTRAL, US)
PTR: ny.outbrain.com

log.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mcdp-nydc1.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.14.132 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

odb.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:400c:c00::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20eb:7800:10:618e:d880:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.ewscloud.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 3.143.119.104 (Columbus, United States)

ASN16509 (AMAZON-02, US)

capi.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 206.189.254.17 (North Bergen, United States) 2 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

sync.serverbid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 205.185.216.42 (United States)

ASN20446 (HIGHWINDS3, US)
PTR: map2.hwcdn.net

serverbid-sync.nyc3.cdn.digitaloceanspaces.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 134.209.131.220 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

e.serverbid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 20.50.105.246 (London, United Kingdom)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

content.uplynk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
content-zeuuks-up-1.uplynk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:803::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 151.101.2.137 (United States)

ASN54113 (FASTLY, US)

img.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.114.132 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

mv.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:400d:804::2001 (Ireland)

ASN15169 (GOOGLE, US)

a3a96b9ff0f7528530d1f7c674196848.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fc66110c3fcd50b272fa32068622ef60.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
405fe409071c52a544271c00a7b1f864.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.37.42.132 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-42-132.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.111.230.142 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-230-142.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.162.133.148 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2.18.233.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.195.155.181 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-155-181.eu-central-1.compute.amazonaws.com

cs.emxdgt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 35.244.159.8 (Kansas City, United States) 7 redirects

ASN15169 (GOOGLE, US)

gift-connect-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eu-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2.18.234.21 (Frankfurt am Main, Germany) 4 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 185.33.221.13 (Amsterdam, Netherlands) 11 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.57.10.248 (Frankfurt am Main, Germany) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-10-248.eu-central-1.compute.amazonaws.com

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 3.126.56.137 (Frankfurt am Main, Germany) 7 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.162.133.149 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-sync.go.sonobi.com

sync.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1f18:612b:4216:b3d7:e742:13a8:bd05 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

pbs.publishers.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 52.57.142.16 (Frankfurt am Main, Germany) 12 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-142-16.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 188.42.191.196 (Luxembourg) 2 redirects

ASN7979 (SERVERS-COM, US)

ads.betweendigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.223.71.232 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-223-71-232.compute-1.amazonaws.com

ads-alpha.ewscloud.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.64.189.115 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 185.29.132.144 (United Kingdom) 5 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 37.157.4.39 (Denmark) 9 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 52.30.50.112 (Dublin, Ireland) 8 redirects

ASN16509 (AMAZON-02, US)

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 142.250.186.162 (United States) 19 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.13.194 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

includemodal.global.ssl.fastly.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:811::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 18.216.222.118 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-216-222-118.us-east-2.compute.amazonaws.com

includemodal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 213.155.156.180 (Sweden) 5 redirects

ASN1299 (TELIANET Telia Carrier, SE)

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

56 185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.250.2.151 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 85.114.159.118 (Germany) 3 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 52.209.246.140 (Dublin, Ireland) 5 redirects

ASN16509 (AMAZON-02, US)

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 87.98.242.60 (Saarbrücken, Germany) 3 redirects

ASN16276 (OVH, FR)

green.erne.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 173.231.180.197 (United States)

ASN29791 (VOXEL-DOT-NET, US)

cm.adgrx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 213.19.147.45 (United Kingdom) 11 redirects

ASN3356 (LEVEL3, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:20::681a:bd1 (United States)

ASN13335 (CLOUDFLARENET, US)

ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6812:c05 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 198.148.27.140 (New York, United States) 3 redirects

ASN19189 (PULSEPOINT, US)

bh.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 199.232.137.44 (Frankfurt am Main, Germany) 3 redirects

ASN54113 (FASTLY, US)

trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
match.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 169.197.150.7 (United States)

ASN398989 (DEEPINTENT, US)
PTR: g.deepintent.com

match.deepintent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:10::6816:1957 (United States)

ASN13335 (CLOUDFLARENET, US)

mwzeom.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 77.243.60.138 (Aalborg, Denmark) 2 redirects

ASN42697 (NETIC-AS, DK)

uipglob.semasio.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 35.201.96.126 (Kansas City, United States) 5 redirects

ASN15169 (GOOGLE, US)

visitor.fiftyt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.64.189.249 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

aud.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 159.253.128.188 (Amsterdam, Netherlands)

ASN36351 (SOFTLAYER, US)
PTR: bc.80.fd9f.ip4.static.sl-reverse.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 47.252.78.131 (United States) 2 redirects

ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co., Ltd., CN)

event.clientgear.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1288:110:c305::8000 (United Kingdom)

ASN34010 (YAHOO-IRD, GB)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.64.189.114 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
simage4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:678:cb4:bbbb::11 (United Kingdom) 3 redirects

ASN56396 (TURN, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 151.101.114.49 (Frankfurt am Main, Germany) 5 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.62.202.251 (Amsterdam, Netherlands) 3 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

match.adsby.bidtheatre.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 66.155.71.150 (Portsmouth, United Kingdom) 3 redirects

ASN13768 (COGECO-PEER1, CA)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:fa8:8806:13::1370 (United States)

ASN41041 (VCLK-EU-SE, US)

pubmatic-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.98.107.212 (Kansas City, United States) 3 redirects

ASN15169 (GOOGLE, US)

ads.playground.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.208.41.69 (Dublin, Ireland) 3 redirects

ASN16509 (AMAZON-02, US)

rtb.gumgum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.29.133.33 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)

tags.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 13.224.95.17 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-95-17.zrh50.r.cloudfront.net

services.brid.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4003:c04::5e (Singapore, Singapore)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 138.201.63.165 (Ketsch, Germany)

ASN24940 (HETZNER-AS, DE)

hal9000.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.233.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-201.deploy.static.akamaitechnologies.com

pixel.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.162.133.150 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-apex.go.sonobi.com

apex.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:612b:4264:5a80:73c5:9cbd:79d9 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

vtrdn-wjdav.ads.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

redirector.gvt1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:c::a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

r10---sn-4g5e6nzy.gvt1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.113.194 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

clarium.global.ssl.fastly.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 143.204.245.14 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-245-14.cph50.r.cloudfront.net

services9.arcgis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 138.201.63.150 (Ketsch, Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)

hal90008.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.193.173 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)

gcm.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.138.33.34 (Strasbourg, France)

ASN8972 (GD-EMEA-DC-SXB1, DE)
PTR: loft9037.serverprofi24.de

cdn.contentspread.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:236 (United States)

ASN13335 (CLOUDFLARENET, US)

v.traileraddict.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:20::ac43:453b (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.traileraddict.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.204.245.88 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-245-88.cph50.r.cloudfront.net

p.brid.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.90.102 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-90-102.fra50.r.cloudfront.net

c.brid.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.119.107 (United States)

ASN13335 (CLOUDFLARENET, US)

biddr.brealtime.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 13.33.139.11 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-139-11.cph50.r.cloudfront.net

stats-dev.brid.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.113.108 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.227.252.103 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.52.2.39 (United States) 2 redirects

ASN29791 (VOXEL-DOT-NET, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.138.143 (France)

ASN201081 (SMARTADSERVER, FR)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.217.15.52 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com

traileraddict-converted-assets.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
115	arcgis.com www.arcgis.com js.arcgis.com services9.arcgis.com	3 MB
76	pubmatic.com ads.pubmatic.com image6.pubmatic.com image2.pubmatic.com simage2.pubmatic.com aud.pubmatic.com image4.pubmatic.com hbopenbid.pubmatic.com simage4.pubmatic.com	141 KB
73	doubleclick.net 21 redirects 4394967.fls.doubleclick.net securepubads.g.doubleclick.net stats.g.doubleclick.net cm.g.doubleclick.net googleads.g.doubleclick.net pubads.g.doubleclick.net 5994599.fls.doubleclick.net	441 KB
51	googlesyndication.com pagead2.googlesyndication.com a3a96b9ff0f7528530d1f7c674196848.safeframe.googlesyndication.com tpc.googlesyndication.com fc66110c3fcd50b272fa32068622ef60.safeframe.googlesyndication.com 405fe409071c52a544271c00a7b1f864.safeframe.googlesyndication.com	327 KB
35	moatads.com sejs.moatads.com mb.moatads.com px.moatads.com z.moatads.com	382 KB
23	uplynk.com x-default-stgec.uplynk.com content.uplynk.com content-zeuuks-up-1.uplynk.com	3 MB
22	connatix.com 1 redirects cd.connatix.com cds.connatix.com capi.connatix.com lit.connatix.com vid.connatix.com img.connatix.com	381 KB
19	openx.net 8 redirects gift-connect-d.openx.net eu-u.openx.net us-u.openx.net u.openx.net rtb.openx.net	5 KB
19	serverbid.com 2 redirects sync.serverbid.com e.serverbid.com	1 KB
14	brid.tv services.brid.tv p.brid.tv c.brid.tv stats-dev.brid.tv	228 KB
14	google-analytics.com www.google-analytics.com	21 KB
13	adnxs.com 11 redirects ib.adnxs.com secure.adnxs.com acdn.adnxs.com	12 KB
13	google.com 1 redirects adservice.google.com www.google.com	2 KB
12	bidswitch.net 12 redirects x.bidswitch.net	5 KB
11	googletagservices.com www.googletagservices.com	351 KB
11	adsrvr.org 8 redirects match.adsrvr.org	5 KB
11	mathtag.com 5 redirects sync.mathtag.com tags.mathtag.com pixel.mathtag.com	7 KB
11	googleapis.com imasdk.googleapis.com fonts.googleapis.com ajax.googleapis.com	1 MB
11	outbrain.com widgets.outbrain.com widget-pixels.outbrain.com odb.outbrain.com mcdp-nydc1.outbrain.com mv.outbrain.com	101 KB
10	yahoo.com 7 redirects ups.analytics.yahoo.com pr-bh.ybp.yahoo.com	8 KB
10	rubiconproject.com 2 redirects secure-assets.rubiconproject.com eus.rubiconproject.com token.rubiconproject.com prebid-server.rubiconproject.com Failed	32 KB
10	consumable.com yummy.consumable.com	238 KB
9	adform.net 9 redirects c1.adform.net	5 KB
8	quantserve.com 5 redirects secure.quantserve.com pixel.quantserve.com cms.quantserve.com	12 KB
7	1rx.io 7 redirects sync.1rx.io	4 KB
7	bidr.io 5 redirects match.prod.bidr.io	4 KB
7	amazon-adsystem.com c.amazon-adsystem.com	69 KB
7	scrippsdigital.com assets.scrippsdigital.com	159 KB
7	skimresources.com 1 redirects s.skimresources.com t.skimresources.com p.skimresources.com r.skimresources.com	20 KB
6	redintelligence.net 1 redirects hal9000.redintelligence.net hal90008.redintelligence.net	10 KB
6	taboola.com 3 redirects trc.taboola.com match.taboola.com	1 KB
6	google.de adservice.google.de	2 KB
6	outbrainimg.com tcheck.outbrainimg.com log.outbrainimg.com	2 KB
6	typekit.net use.typekit.net p.typekit.net	124 KB
6	tmj4.com www.tmj4.com	388 KB
5	everesttech.net 5 redirects sync-tm.everesttech.net	1 KB
5	fiftyt.com 5 redirects visitor.fiftyt.com	2 KB
5	semasio.net 2 redirects uipglob.semasio.net	3 KB
5	tribalfusion.com 2 redirects a.tribalfusion.com s.tribalfusion.com	3 KB
5	de17a.com 5 redirects d5p.de17a.com	2 KB
5	includemodal.com includemodal.com	795 B
5	scorecardresearch.com 1 redirects sb.scorecardresearch.com	5 KB
4	traileraddict.com v.traileraddict.com cdn.traileraddict.com	45 KB
4	gvt1.com 1 redirects redirector.gvt1.com r10---sn-4g5e6nzy.gvt1.com	1 MB
4	unrulymedia.com 4 redirects sync.targeting.unrulymedia.com	2 KB
4	fastly.net includemodal.global.ssl.fastly.net clarium.global.ssl.fastly.net	74 KB
4	advertising.com 4 redirects pixel.advertising.com ads.adaptv.advertising.com Failed	1 KB
4	casalemedia.com 4 redirects ssum-sec.casalemedia.com as-sec.casalemedia.com Failed	3 KB
4	sonobi.com go.sonobi.com sync.go.sonobi.com apex.go.sonobi.com	2 KB
4	2mdn.net s0.2mdn.net	50 KB
4	ewscloud.com api.ewscloud.com static.ewscloud.com ads-alpha.ewscloud.com	7 KB
4	brightspotcdn.com ewscripps.brightspotcdn.com	162 KB
3	amazonaws.com traileraddict-converted-assets.s3.amazonaws.com	943 KB
3	gstatic.com csi.gstatic.com fonts.gstatic.com	23 KB
3	gumgum.com 3 redirects rtb.gumgum.com	898 B
3	playground.xyz 3 redirects ads.playground.xyz	961 B
3	dotomi.com pubmatic-match.dotomi.com	310 B
3	sitescout.com 3 redirects pixel-sync.sitescout.com	1011 B
3	bidtheatre.com 3 redirects match.adsby.bidtheatre.com	2 KB
3	turn.com 3 redirects ad.turn.com	2 KB
3	simpli.fi um.simpli.fi	2 KB
3	zeotap.com mwzeom.zeotap.com	1 KB
3	deepintent.com match.deepintent.com	99 B
3	contextweb.com 3 redirects bh.contextweb.com	1 KB
3	ad4m.at ad4m.at	2 KB
3	adgrx.com cm.adgrx.com	1 KB
3	erne.co 3 redirects green.erne.co	854 B
3	adition.com 3 redirects dsp.adfarm1.adition.com	1 KB
3	criteo.com dis.criteo.com	977 B
3	tremorhub.com 1 redirects pbs.publishers.tremorhub.com vtrdn-wjdav.ads.tremorhub.com	919 B
3	cheqzone.com ob.cheqzone.com obs.cheqzone.com	23 KB
3	fontawesome.com use.fontawesome.com	132 KB
3	cloudfront.net d25dfknw9ghxs6.cloudfront.net d2s8wlbatk24s7.cloudfront.net	67 KB
2	lijit.com 2 redirects ap.lijit.com	1 KB
2	clientgear.com 2 redirects event.clientgear.com	522 B
2	betweendigital.com 2 redirects ads.betweendigital.com	1023 B
2	digitaloceanspaces.com serverbid-sync.nyc3.cdn.digitaloceanspaces.com	10 KB
2	pymx5.com pymx5.com api.pymx5.com	10 KB
2	userzoom.com cdn5.userzoom.com	13 KB
2	facebook.net connect.facebook.net	67 KB
2	media.net contextual.media.net hblg.media.net	89 KB
2	mdhv.io jelly.mdhv.io	363 B
1	smartadserver.com rtb-csync.smartadserver.com	163 B
1	brealtime.com biddr.brealtime.com	1 KB
1	contentspread.net cdn.contentspread.net	24 KB
1	ctnsnet.com 1 redirects gcm.ctnsnet.com	481 B
1	emxdgt.com cs.emxdgt.com hb.emxdgt.com Failed
1	jquery.com code.jquery.com	33 KB
1	bootstrapcdn.com maxcdn.bootstrapcdn.com	5 KB
1	quantcount.com rules.quantcount.com	1 KB
1	googletagmanager.com www.googletagmanager.com	36 KB
0	acuityplatform.com Failed ums.acuityplatform.com Failed
0	digitru.st Failed prebid.digitru.st Failed
0	wbtrk.net Failed um.wbtrk.net Failed
0	spotxchange.com Failed search.spotxchange.com Failed
677	95

	Domain	Requested by
64	js.arcgis.com	www.arcgis.com js.arcgis.com
35	simage2.pubmatic.com	image6.pubmatic.com ads.pubmatic.com
30	px.moatads.com	www.tmj4.com
29	www.arcgis.com	www.tmj4.com www.arcgis.com js.arcgis.com
25	cm.g.doubleclick.net	19 redirects gift-connect-d.openx.net a3a96b9ff0f7528530d1f7c674196848.safeframe.googlesyndication.com u.openx.net
25	securepubads.g.doubleclick.net	www.tmj4.com securepubads.g.doubleclick.net d25dfknw9ghxs6.cloudfront.net www.googletagservices.com yummy.consumable.com imasdk.googleapis.com
23	tpc.googlesyndication.com	securepubads.g.doubleclick.net a3a96b9ff0f7528530d1f7c674196848.safeframe.googlesyndication.com tpc.googlesyndication.com www.tmj4.com
23	pagead2.googlesyndication.com	securepubads.g.doubleclick.net srcdoc tpc.googlesyndication.com www.tmj4.com www.googletagservices.com a3a96b9ff0f7528530d1f7c674196848.safeframe.googlesyndication.com d25dfknw9ghxs6.cloudfront.net
22	services9.arcgis.com	js.arcgis.com
21	image2.pubmatic.com	image6.pubmatic.com ads.pubmatic.com
17	e.serverbid.com	d25dfknw9ghxs6.cloudfront.net www.tmj4.com gift-connect-d.openx.net ads.pubmatic.com yummy.consumable.com serverbid-sync.nyc3.cdn.digitaloceanspaces.com
14	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com www.tmj4.com d25dfknw9ghxs6.cloudfront.net
12	x.bidswitch.net	12 redirects
11	www.googletagservices.com	securepubads.g.doubleclick.net a3a96b9ff0f7528530d1f7c674196848.safeframe.googlesyndication.com yummy.consumable.com www.tmj4.com
11	match.adsrvr.org	8 redirects gift-connect-d.openx.net a3a96b9ff0f7528530d1f7c674196848.safeframe.googlesyndication.com u.openx.net
11	content-zeuuks-up-1.uplynk.com	assets.scrippsdigital.com
11	x-default-stgec.uplynk.com	www.tmj4.com assets.scrippsdigital.com
10	pubads.g.doubleclick.net	imasdk.googleapis.com www.tmj4.com
10	capi.connatix.com	cd.connatix.com
10	yummy.consumable.com	www.tmj4.com yummy.consumable.com
9	c1.adform.net	9 redirects
8	sync.mathtag.com	5 redirects tags.mathtag.com a3a96b9ff0f7528530d1f7c674196848.safeframe.googlesyndication.com www.tmj4.com
8	ib.adnxs.com	8 redirects yummy.consumable.com
8	ads.pubmatic.com	sync.serverbid.com ads.pubmatic.com yummy.consumable.com serverbid-sync.nyc3.cdn.digitaloceanspaces.com
8	imasdk.googleapis.com	assets.scrippsdigital.com imasdk.googleapis.com cd.connatix.com services.brid.tv
8	adservice.google.com	4394967.fls.doubleclick.net securepubads.g.doubleclick.net imasdk.googleapis.com 5994599.fls.doubleclick.net
7	stats-dev.brid.tv	www.tmj4.com
7	sync.1rx.io	7 redirects
7	match.prod.bidr.io	5 redirects image6.pubmatic.com ads.pubmatic.com
7	eu-u.openx.net	3 redirects gift-connect-d.openx.net u.openx.net
7	ups.analytics.yahoo.com	7 redirects
7	stats.g.doubleclick.net	d25dfknw9ghxs6.cloudfront.net
7	c.amazon-adsystem.com	www.tmj4.com d25dfknw9ghxs6.cloudfront.net assets.scrippsdigital.com c.amazon-adsystem.com
7	assets.scrippsdigital.com	www.tmj4.com ewscripps.brightspotcdn.com assets.scrippsdigital.com
7	widgets.outbrain.com	www.tmj4.com widgets.outbrain.com
6	us-u.openx.net	2 redirects gift-connect-d.openx.net u.openx.net
6	eus.rubiconproject.com	sync.serverbid.com eus.rubiconproject.com yummy.consumable.com serverbid-sync.nyc3.cdn.digitaloceanspaces.com
6	img.connatix.com	www.tmj4.com
6	adservice.google.de	adservice.google.com securepubads.g.doubleclick.net imasdk.googleapis.com
6	pixel.quantserve.com	5 redirects www.tmj4.com
6	www.tmj4.com	www.tmj4.com ewscripps.brightspotcdn.com
5	hal90008.redintelligence.net	1 redirects a3a96b9ff0f7528530d1f7c674196848.safeframe.googlesyndication.com hal90008.redintelligence.net
5	sync-tm.everesttech.net	5 redirects
5	visitor.fiftyt.com	5 redirects
5	uipglob.semasio.net	2 redirects ads.pubmatic.com
5	d5p.de17a.com	5 redirects
5	includemodal.com	www.tmj4.com a3a96b9ff0f7528530d1f7c674196848.safeframe.googlesyndication.com
5	www.google.com	1 redirects securepubads.g.doubleclick.net a3a96b9ff0f7528530d1f7c674196848.safeframe.googlesyndication.com www.tmj4.com
5	log.outbrainimg.com	d25dfknw9ghxs6.cloudfront.net widgets.outbrain.com
5	sb.scorecardresearch.com	1 redirects www.tmj4.com widgets.outbrain.com
5	use.typekit.net	ewscripps.brightspotcdn.com use.typekit.net
4	services.brid.tv	yummy.consumable.com services.brid.tv
4	secure.adnxs.com	3 redirects acdn.adnxs.com
4	sync.targeting.unrulymedia.com	4 redirects
4	pixel.advertising.com	4 redirects
4	ssum-sec.casalemedia.com	4 redirects
4	s0.2mdn.net	imasdk.googleapis.com a3a96b9ff0f7528530d1f7c674196848.safeframe.googlesyndication.com
4	ewscripps.brightspotcdn.com	www.tmj4.com
3	traileraddict-converted-assets.s3.amazonaws.com	p.brid.tv
3	cdn.traileraddict.com	www.tmj4.com yummy.consumable.com
3	r10---sn-4g5e6nzy.gvt1.com	www.tmj4.com
3	rtb.gumgum.com	3 redirects
3	ads.playground.xyz	3 redirects
3	pubmatic-match.dotomi.com	ads.pubmatic.com
3	pixel-sync.sitescout.com	3 redirects
3	match.adsby.bidtheatre.com	3 redirects
3	ad.turn.com	3 redirects
3	image4.pubmatic.com	ads.pubmatic.com
3	pr-bh.ybp.yahoo.com	ads.pubmatic.com
3	um.simpli.fi	ads.pubmatic.com image6.pubmatic.com
3	aud.pubmatic.com	ads.pubmatic.com
3	mwzeom.zeotap.com	ads.pubmatic.com
3	match.deepintent.com	image6.pubmatic.com ads.pubmatic.com
3	match.taboola.com	image6.pubmatic.com ads.pubmatic.com
3	trc.taboola.com	3 redirects
3	bh.contextweb.com	3 redirects
3	a.tribalfusion.com	2 redirects image6.pubmatic.com
3	ad4m.at	image6.pubmatic.com ads.pubmatic.com
3	cm.adgrx.com	image6.pubmatic.com ads.pubmatic.com
3	green.erne.co	3 redirects
3	dsp.adfarm1.adition.com	3 redirects
3	dis.criteo.com	image6.pubmatic.com ads.pubmatic.com
3	z.moatads.com	securepubads.g.doubleclick.net assets.scrippsdigital.com
3	includemodal.global.ssl.fastly.net	securepubads.g.doubleclick.net a3a96b9ff0f7528530d1f7c674196848.safeframe.googlesyndication.com
3	image6.pubmatic.com	ads.pubmatic.com
3	gift-connect-d.openx.net	1 redirects sync.serverbid.com yummy.consumable.com
3	a3a96b9ff0f7528530d1f7c674196848.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
3	use.fontawesome.com	www.tmj4.com use.fontawesome.com
2	ap.lijit.com	2 redirects
2	u.openx.net	1 redirects yummy.consumable.com
2	p.brid.tv	services.brid.tv
2	5994599.fls.doubleclick.net	1 redirects www.tmj4.com
2	simage4.pubmatic.com	ads.pubmatic.com
2	csi.gstatic.com	imasdk.googleapis.com
2	googleads.g.doubleclick.net	a3a96b9ff0f7528530d1f7c674196848.safeframe.googlesyndication.com
2	token.rubiconproject.com	eus.rubiconproject.com
2	tags.mathtag.com	a3a96b9ff0f7528530d1f7c674196848.safeframe.googlesyndication.com tags.mathtag.com
2	fonts.googleapis.com	yummy.consumable.com c.brid.tv
2	event.clientgear.com	2 redirects
2	s.tribalfusion.com	image6.pubmatic.com ads.pubmatic.com
2	ads.betweendigital.com	2 redirects
2	pbs.publishers.tremorhub.com	1 redirects www.tmj4.com
2	sync.go.sonobi.com	www.tmj4.com serverbid-sync.nyc3.cdn.digitaloceanspaces.com
2	secure-assets.rubiconproject.com	2 redirects
2	vid.connatix.com	cd.connatix.com
2	serverbid-sync.nyc3.cdn.digitaloceanspaces.com	www.tmj4.com yummy.consumable.com
2	sync.serverbid.com	2 redirects
2	obs.cheqzone.com	ob.cheqzone.com www.tmj4.com
2	cdn5.userzoom.com	www.tmj4.com cdn5.userzoom.com
2	4394967.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	r.skimresources.com	1 redirects www.tmj4.com
2	api.ewscloud.com	ewscripps.brightspotcdn.com
2	p.skimresources.com	www.tmj4.com
2	t.skimresources.com	www.tmj4.com d25dfknw9ghxs6.cloudfront.net
2	cds.connatix.com	www.tmj4.com cd.connatix.com
2	connect.facebook.net	www.tmj4.com connect.facebook.net
2	d2s8wlbatk24s7.cloudfront.net	d25dfknw9ghxs6.cloudfront.net includemodal.global.ssl.fastly.net
2	jelly.mdhv.io	www.tmj4.com
1	rtb-csync.smartadserver.com	image6.pubmatic.com
1	rtb.openx.net	1 redirects
1	acdn.adnxs.com	serverbid-sync.nyc3.cdn.digitaloceanspaces.com
1	fonts.gstatic.com	fonts.googleapis.com
1	biddr.brealtime.com	yummy.consumable.com
1	c.brid.tv	services.brid.tv
1	v.traileraddict.com	yummy.consumable.com
1	cdn.contentspread.net	hal90008.redintelligence.net
1	ajax.googleapis.com	hal90008.redintelligence.net
1	gcm.ctnsnet.com	1 redirects
1	cms.quantserve.com	a3a96b9ff0f7528530d1f7c674196848.safeframe.googlesyndication.com
1	405fe409071c52a544271c00a7b1f864.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	clarium.global.ssl.fastly.net	www.tmj4.com
1	redirector.gvt1.com	1 redirects
1	hbopenbid.pubmatic.com	yummy.consumable.com
1	vtrdn-wjdav.ads.tremorhub.com	yummy.consumable.com
1	apex.go.sonobi.com	yummy.consumable.com
1	pixel.mathtag.com	tags.mathtag.com
1	hal9000.redintelligence.net	www.tmj4.com
1	fc66110c3fcd50b272fa32068622ef60.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	ads-alpha.ewscloud.com	imasdk.googleapis.com
1	cs.emxdgt.com	sync.serverbid.com
1	go.sonobi.com	sync.serverbid.com
1	mv.outbrain.com	widgets.outbrain.com
1	mcdp-nydc1.outbrain.com	widgets.outbrain.com
1	lit.connatix.com	cd.connatix.com
1	content.uplynk.com	assets.scrippsdigital.com
1	static.ewscloud.com	www.tmj4.com
1	odb.outbrain.com	widgets.outbrain.com
1	api.pymx5.com	pymx5.com
1	code.jquery.com	assets.scrippsdigital.com
1	maxcdn.bootstrapcdn.com	assets.scrippsdigital.com
1	rules.quantcount.com	secure.quantserve.com
1	hblg.media.net	www.tmj4.com
1	ob.cheqzone.com	widgets.outbrain.com
1	pymx5.com	www.googletagmanager.com
1	secure.quantserve.com	www.tmj4.com
1	mb.moatads.com	sejs.moatads.com
1	widget-pixels.outbrain.com	www.tmj4.com
1	tcheck.outbrainimg.com	d25dfknw9ghxs6.cloudfront.net
1	cd.connatix.com	1 redirects
1	contextual.media.net	www.tmj4.com
1	sejs.moatads.com	www.tmj4.com
1	www.googletagmanager.com	www.tmj4.com
1	p.typekit.net	use.typekit.net
1	s.skimresources.com	www.tmj4.com
1	d25dfknw9ghxs6.cloudfront.net	www.tmj4.com
0	ums.acuityplatform.com Failed	ads.pubmatic.com
0	prebid.digitru.st Failed	yummy.consumable.com
0	um.wbtrk.net Failed	a3a96b9ff0f7528530d1f7c674196848.safeframe.googlesyndication.com
0	hb.emxdgt.com Failed	yummy.consumable.com
0	search.spotxchange.com Failed	yummy.consumable.com
0	as-sec.casalemedia.com Failed	yummy.consumable.com
0	ads.adaptv.advertising.com Failed	yummy.consumable.com
0	prebid-server.rubiconproject.com Failed	yummy.consumable.com
677	173

This site contains links to these domains. Also see Links.

Domain
www.youtube.com
www.nbc.com
scripps.com
support.tmj4.com
www.factorium.com
scripps.wd5.myworkdayjobs.com
www.facebook.com
twitter.com
www.daily-stuff.com
www.outbrain.com
www.dhs.wisconsin.gov
www.dontwasteyourmoney.com
assets.scrippsdigital.com
publicfiles.fcc.gov
www.instagram.com

Subject Issuer	Validity	Valid
*.scrippsnationalnews.com Amazon	`2021-02-05` - `2022-03-06`	a year	crt.sh
ewscripps.brightspotcdn.com Amazon	`2020-06-28` - `2021-07-28`	a year	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2021-02-22` - `2022-02-21`	a year	crt.sh
jelly.mdhv.io GTS CA 1D2	`2021-03-06` - `2021-06-04`	3 months	crt.sh
*.fontawesome.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-13` - `2021-12-14`	a year	crt.sh
*.outbrain.com DigiCert SHA2 Secure Server CA	`2020-03-09` - `2021-06-08`	a year	crt.sh
*.skimresources.com DigiCert SHA2 Secure Server CA	`2020-09-10` - `2021-10-12`	a year	crt.sh
*.scrippsdigital.com Amazon	`2020-09-04` - `2021-10-06`	a year	crt.sh
use.typekit.net DigiCert SHA2 Secure Server CA	`2020-01-28` - `2022-02-01`	2 years	crt.sh
*.typekit.net DigiCert SHA2 Secure Server CA	`2019-12-06` - `2021-12-10`	2 years	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2021-01-21` - `2022-01-25`	a year	crt.sh
c.amazon-adsystem.com Amazon	`2020-08-04` - `2021-08-02`	a year	crt.sh
*.media.net DigiCert SHA2 Secure Server CA	`2021-04-12` - `2022-04-20`	a year	crt.sh
*.consumable.com Amazon	`2020-09-23` - `2021-10-25`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-04-06` - `2021-07-03`	3 months	crt.sh
*.arcgis.com DigiCert SHA2 High Assurance Server CA	`2020-09-22` - `2021-10-13`	a year	crt.sh
*.connatix.com Go Daddy Secure Certificate Authority - G2	`2020-09-29` - `2021-10-19`	a year	crt.sh
*.uplynk.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-09` - `2021-12-10`	a year	crt.sh
*.outbrainimg.com DigiCert Secure Site ECC CA-1	`2020-03-26` - `2021-06-25`	a year	crt.sh
*.moatads.com DigiCert SHA2 Secure Server CA	`2019-03-12` - `2021-06-10`	2 years	crt.sh
*.ewscloud.com DigiCert SHA2 Secure Server CA	`2019-08-02` - `2021-10-13`	2 years	crt.sh
*.doubleclick.net GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
*.quantserve.com DigiCert SHA2 High Assurance Server CA	`2020-10-02` - `2021-10-07`	a year	crt.sh
*.scorecardresearch.com Amazon	`2021-02-28` - `2022-03-29`	a year	crt.sh
manager.userzoom.com DigiCert SHA2 Extended Validation Server CA	`2020-06-30` - `2021-06-21`	a year	crt.sh
*.pymx5.com Go Daddy Secure Certificate Authority - G2	`2020-09-10` - `2021-10-12`	a year	crt.sh
ob.cheqzone.com R3	`2021-04-07` - `2021-07-06`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-03-01` - `2022-02-28`	a year	crt.sh
jquery.org Sectigo RSA Domain Validation Secure Server CA	`2020-10-06` - `2021-10-16`	a year	crt.sh
obs.cheqzone.com R3	`2021-04-15` - `2021-07-14`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
*.google.de GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
*.nyc3.cdn.digitaloceanspaces.com DigiCert TLS RSA SHA256 2020 CA1	`2021-03-30` - `2022-04-30`	a year	crt.sh
e.serverbid.com R3	`2021-03-15` - `2021-06-13`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2021-04-01` - `2022-04-04`	a year	crt.sh
*.go.sonobi.com Go Daddy Secure Certificate Authority - G2	`2020-12-06` - `2022-01-07`	a year	crt.sh
*.pubmatic.com DigiCert SHA2 Secure Server CA	`2021-03-30` - `2022-04-04`	a year	crt.sh
*.emxdgt.com Go Daddy Secure Certificate Authority - G2	`2020-05-18` - `2021-07-17`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2020-06-18` - `2021-08-17`	a year	crt.sh
*.tremorhub.com Amazon	`2020-07-25` - `2021-08-25`	a year	crt.sh
ads-alpha.ewscloud.com R3	`2021-03-21` - `2021-06-19`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
*.freetls.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2021-04-05` - `2022-04-06`	a year	crt.sh
www.google.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
includemodal.com Amazon	`2020-11-15` - `2021-12-14`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-04-14` - `2021-07-12`	3 months	crt.sh
*.match.prod.bidr.io Amazon	`2021-02-26` - `2022-03-27`	a year	crt.sh
public1.adgear.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-24` - `2022-03-26`	a year	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-25` - `2021-12-26`	a year	crt.sh
*.deepintent.com Go Daddy Secure Certificate Authority - G2	`2020-04-09` - `2022-06-08`	2 years	crt.sh
*.semasio.net GlobalSign GCC R3 DV TLS CA 2020	`2021-03-09` - `2022-04-10`	a year	crt.sh
*.simpli.fi DigiCert SHA2 Secure Server CA	`2019-09-18` - `2021-12-12`	2 years	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2020-10-30` - `2021-04-27`	6 months	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2019-06-19` - `2021-08-31`	2 years	crt.sh
*.mathtag.com DigiCert SHA2 Secure Server CA	`2020-04-15` - `2022-04-22`	2 years	crt.sh
brid.tv Amazon	`2021-02-18` - `2022-03-19`	a year	crt.sh
*.gstatic.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
redintelligence.net R3	`2021-04-21` - `2021-07-20`	3 months	crt.sh
pixel.mathtag.com DigiCert SHA2 Secure Server CA	`2020-04-15` - `2021-07-15`	a year	crt.sh
*.c.docs.google.com GTS CA 1O1	`2021-04-13` - `2021-06-22`	2 months	crt.sh
cdn.contentspread.net Go Daddy Secure Certificate Authority - G2	`2020-07-08` - `2021-07-08`	a year	crt.sh
*.brealtime.com Go Daddy Secure Certificate Authority - G2	`2020-01-22` - `2022-03-22`	2 years	crt.sh
cdn.adnxs.com GlobalSign CloudSSL CA - SHA256 - G3	`2021-03-16` - `2022-03-17`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
*.smartadserver.com DigiCert ECC Secure Server CA	`2020-01-30` - `2022-02-03`	2 years	crt.sh
*.s3.amazonaws.com DigiCert Baltimore CA-2 G2	`2021-01-11` - `2022-02-11`	a year	crt.sh

This page contains 89 frames:

Primary Page: https://www.tmj4.com/news/coronavirus/wisconsins-extended-safer-at-home-order-relaxes-restrictions-on-non-essential-businesses
Frame ID: 5A90AF36D309C5AB19308EC5CE82CA5E
Requests: 132 HTTP requests in this frame

Frame: https://www.arcgis.com/apps/opsdashboard/index.html
Frame ID: BE7AE3F007CBF76129235B3B17FEB2D1
Requests: 115 HTTP requests in this frame

Frame: https://cds.connatix.com/p/114867/connatix.playspace.dc.js
Frame ID: 1FBF91A1CE049F34006012B87C59CB6F
Requests: 16 HTTP requests in this frame

Frame: https://t.skimresources.com/api/v2/robots.txt?__skimjs_preflight__please_ignore__=true&rnd=0.8973215125913554
Frame ID: A774F84BF24870BB7F9015D8F70EAE4A
Requests: 1 HTTP requests in this frame

Frame: https://widgets.outbrain.com/nanoWidget/externals/cookie/test.html
Frame ID: 31994F39E03B3DE9F44A175D6A567550
Requests: 2 HTTP requests in this frame

Frame: https://assets.scrippsdigital.com/cms/videoIframe.html?&host=www.tmj4.com&title=Safer%20at%20Home%20order%20changes&kw=new%20guidelines%2Ccoronavirus%20milwaukee%20county%2Cextension%2CLocal%20business%2CMay%2026%2Cwhat%20places%20in%20wisconsin%20have%20coronavirus%2Cmilwaukee%20coronavirus%2Cbegins%2Crestaurants%20still%20open%2Ccoronaviurs%20wisconsin&autoplay=true&m3u8=https://content.uplynk.com/0741bce3458e4705a7a2e69ec4920c82.m3u8&mp4=https://x-default-stgec.uplynk.com/ausw/slices/074/44c3f81cadf84cf5a6f4e6d100388208/0741bce3458e4705a7a2e69ec4920c82/0741bce3458e4705a7a2e69ec4920c82_g.mp4&purl=/news/coronavirus/wisconsins-extended-safer-at-home-order-relaxes-restrictions-on-non-essential-businesses&dtrack=1&story=1&contplay=*recent&mute=1&tags=Homepage%20Showcase%2CLocal%20News%2CCoronavirus&cust_params=temp%3D%26weather%3D&s=tmj4
Frame ID: AF082B91E13CC6BA0A647D1D5EE71319
Requests: 62 HTTP requests in this frame

Frame: https://4394967.fls.doubleclick.net/activityi;dc_pre=CKuiod-Sl_ACFdaFgwcdK2kPmg;src=4394967;type=wtmj;cat=pc_tt0;ord=7697026444491;gtm=2wg4e1;auiddc=1046780366.1619276422;u1=Coronavirus;u2=Wisconsin's%20extended%20Safer%20at%20Home%20order%20relaxes%20restrictions%20on%20non-essential%20businesses;~oref=https%3A%2F%2Fwww.tmj4.com%2Fnews%2Fcoronavirus%2Fwisconsins-extended-safer-at-home-order-relaxes-restrictions-on-non-essential-businesses
Frame ID: 5A1451734374613833142EEF91E95A6A
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CKuiod-Sl_ACFdaFgwcdK2kPmg;src=4394967;type=wtmj;cat=pc_tt0;ord=7697026444491;gtm=2wg4e1;auiddc=1046780366.1619276422;u1=Coronavirus;u2=Wisconsin's%20extended%20Safer%20at%20Home%20order%20relaxes%20restrictions%20on%20non-essential%20businesses;~oref=https%3A%2F%2Fwww.tmj4.com%2Fnews%2Fcoronavirus%2Fwisconsins-extended-safer-at-home-order-relaxes-restrictions-on-non-essential-businesses
Frame ID: 8CCC82836FD9A10D817F2D04A38685AC
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.de/ddm/fls/i/dc_pre=CKuiod-Sl_ACFdaFgwcdK2kPmg;src=4394967;type=wtmj;cat=pc_tt0;ord=7697026444491;gtm=2wg4e1;auiddc=1046780366.1619276422;u1=Coronavirus;u2=Wisconsin's%20extended%20Safer%20at%20Home%20order%20relaxes%20restrictions%20on%20non-essential%20businesses;~oref=https%3A%2F%2Fwww.tmj4.com%2Fnews%2Fcoronavirus%2Fwisconsins-extended-safer-at-home-order-relaxes-restrictions-on-non-essential-businesses
Frame ID: F19552F92C6805FD6FEF7815EF99D965
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.453.0_en.html
Frame ID: 594234007E013F201BE99678D2B683E2
Requests: 17 HTTP requests in this frame

Frame: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Frame ID: 469DD0185E25FA250779A744BAF6EBA5
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 0D767B4E71974ED1CA7450FF56BDE067
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.453.0_en.html
Frame ID: CA8638ED22F35400588A6AA604E6173A
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.453.0_en.html
Frame ID: 4A3C86C8BCF51CF4BC5C8C55835EAB78
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.453.0_en.html
Frame ID: DA7824676350A34193A711F461E74FD7
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
Frame ID: 8767D14815CA5853CD6B01CC5784AEFD
Requests: 3 HTTP requests in this frame

Frame: https://go.sonobi.com/uc.html?pubid=e55fb5d7c2
Frame ID: DBC470E3EC2A671E5D22F2689359A827
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&userIdMacro=PM_UID&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3DPM_UID
Frame ID: 8022C2AFAAA49F09A394914EDB20DC16
Requests: 1 HTTP requests in this frame

Frame: https://cs.emxdgt.com/um?ssp=pbs&redirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D44%26userId%3D%24UID
Frame ID: BA463F2713C0258DEA55356852B8FB99
Requests: 1 HTTP requests in this frame

Frame: https://gift-connect-d.openx.net/w/1.0/cm?cc=1&id=fd531c74-f5ed-4e60-8874-939fb2acafa1&r=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D19%26userId%3D
Frame ID: 8C2E44215CC5641938FC273978FAF599
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: AC1D786BEDC2BA86164C9EAB7D32AE5C
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: AA7D15D67F8ABFCE2D385122EEE5B86B
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 5DC23444F8DC44295BAF046917B438BC
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 3C46A51F7CAF8A8BAD0843CFBB823A4D
Requests: 25 HTTP requests in this frame

Frame: https://includemodal.global.ssl.fastly.net/pw.js
Frame ID: DBEEA11FE10BBAFB4DE5962CF88B31C6
Requests: 10 HTTP requests in this frame

Frame: https://z.moatads.com/ewscrippsdfp76939516016/moatad.js
Frame ID: C9781F7060B89355CF5DA9596F249752
Requests: 9 HTTP requests in this frame

Frame: https://a3a96b9ff0f7528530d1f7c674196848.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: AB3875C92E10C761EB29E2D864F8659C
Requests: 21 HTTP requests in this frame

Frame: https://a3a96b9ff0f7528530d1f7c674196848.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 863660A29D06520A3F525E2B92FA2C13
Requests: 8 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=6973586629705886346
Frame ID: B3CF928C50BCBFC36B1954971E3AB95A
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: DAE4E2BCEF46C2DB961AFAC67D3A4184
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6954739297158232203
Frame ID: D8DA189E0E0AFC258595202AEF0F7BB2
Requests: 1 HTTP requests in this frame

Frame: https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
Frame ID: 43C61E0FEFFBA37C46F4D558E875DCB8
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=GUDd8qBA9gGQKyNEOXs9Wshk
Frame ID: 2D68EB622012F5319FF42E16997751F7
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: 4B7C184AC90832D08E93F4FDDB1431EF
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-53f52b94-e826-43c8-8bad-d2a54a7fdea5-003
Frame ID: E59A54C8EDD5816C990110764E1C98F5
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
Frame ID: D533E116D49C7029F578DA05E5CBEDFE
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 87F6036047772E553D161AAF538F02E3
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=Cz7IaRwaunqF&pid=557219
Frame ID: CDF8FEFBE38D783FC6A7EB3912626A17
Requests: 1 HTTP requests in this frame

Frame: https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=7a4569dd-6e5a-4c1f-b226-b55bf4895d0a-tuct77db808&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Frame ID: 2E3CC933277F57F9C2D561D023A1EF9D
Requests: 1 HTTP requests in this frame

Frame: https://match.deepintent.com/usersync/141?redir=https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw&piggybackCookie=${DI_USER_ID}&gdpr=0&gdpr_consent=
Frame ID: ADBFEEC38CB3F3EF47A779727A9F845B
Requests: 1 HTTP requests in this frame

Frame: https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=4&userId=B9FB84B7-AC9D-415B-B9D8-588946097E7A
Frame ID: 0169439682F15FAD078CDB65A3D5918F
Requests: 1 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Open+Sans:400,600,800
Frame ID: 67FB3A341BF3C11155C39BFA928D7932
Requests: 56 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: E334F9DF67F7D6D591775530767AFBA5
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssvPAnXEamUIGm7U4gbD9kGRgT9FuKzxLc65eJ5nf7XGqFGC1kcNrjHu6Q6p0cJiepXvl6hGMtCpqkpKLIqD67EpatTq06d0DwdXDezZx5qGfsHgRi4bT-zoHRDvE3gaGz9jOce57b3MxNx4AAjdvRI_DZDIlvJG43ayP7nWTIfF-SrCnX3pugkoFzlB5VhevrEJ1Ae9HGRBWnd1vqT8e_TJg39usUCdxqwGPcEHBPZvmKSh_tzrLY8JLiWLfgaFkGJ2bajg70qkCymV93vioQGgmjPLc_aFPGnwH5Bio1f942TF5_BWeN7Bp9ItVepNiDL6YgnYX25_qD2LHgBle1WcyS6BvvN3GFXlUjsx4f4MqMfcQ5pRDlEEtM&sig=Cg0ArKJSzHjQtEg94tBSEAE&urlfix=1&adurl=
Frame ID: 982A6A95B8AF2FA1D4F36742957597AD
Requests: 6 HTTP requests in this frame

Frame: https://www.googletagservices.com/tag/js/gpt.js
Frame ID: 445F8D576D25B488CA4453974C1C6755
Requests: 20 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: 3DC0B38C8BB66499CAAE12572818195F
Requests: 2 HTTP requests in this frame

Frame: https://5994599.fls.doubleclick.net/activityi;dc_pre=CMS95OGSl_ACFdiIdwodmcsA0Q;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2372805976790.5376
Frame ID: 71404F12D252BBE433F50D8D1C7451CA
Requests: 2 HTTP requests in this frame

Frame: https://hal90008.redintelligence.net/request_content.php?s=70161200119445700951389011574008&a=9828d99d
Frame ID: 8773773A3952D52EC11F13F5D992CD08
Requests: 6 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 233A771F7BCA915E14F2F32DDF126D44
Requests: 9 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstfB0Y5sPDj566HieY1kvtkCQLKeH_EsKycOsD0pOjVPS30MAcUrPNJugw4aP8S91jJ5oLbobFBx2GKI_NWLxe7hMhTprq8RB6E29lOJFMdE5SEoj2t8hTi470uZD3RCqAEUgSDesnzIWMQkQXBoTsEyriv7rPzp7I34GGDap-9Ber8c5jTe9AUv2G2_uVs_7Wy8UYG_iofbsz0su9YzlwO_xpb19GqBVWroHMkScjuKhHSBEguLC9sHyVtjwY0_n5rtG6WgvRKRMAHRyoY1KEs8U8ahTddZ9PSpAH0nTrjJrmJ7zJb77GsjbC_G2Ah0XYCWoUGDY6PAoJSmFWBfB3tXePnCAlIkLo&sai=AMfl-YS9YQoTKogWQLI1s_uygt4mesDlYjOQT4QW_sHD3JMwQdT5tdAr-B0E9pu_csR45eNofXGBl3QJd5TG2eyKjWOU4cD6qmCb__lG3zJc9eL4nRXC5ASgwWPN8TOFQ1DE&sig=Cg0ArKJSzLBNWq7NyP3GEAE&adurl=
Frame ID: AD44E879CDEACE493E671222D41D06E1
Requests: 10 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: 7740E8E02F3DA08B815FE611BE4C543B
Requests: 2 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd?cc=1
Frame ID: 269C6BEC59EC11973369042BEFB4793E
Requests: 7 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 5E8639029596731459141D6CB1B4CFD0
Requests: 24 HTTP requests in this frame

Frame: https://biddr.brealtime.com/check.html
Frame ID: 87244AADA432A587E6D5351A069022BE
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: D6A6EFECC33B1F16CE100096B53AE39D
Requests: 2 HTTP requests in this frame

Frame: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
Frame ID: 322A18B61B8065896C4B20D9355F92DA
Requests: 8 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.453.0_en.html
Frame ID: 78B0EA2521FAF1AAF7F1523F4788432B
Requests: 2 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=7448561412368900957
Frame ID: 0ECC75B87B4BC01F3095F1B67AF738DA
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 49D7C9D6D3EDDBA0E70B4F2B6399121D
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6954739331519477899
Frame ID: 6C738B666E85B7644B2266B3DDB8F7C6
Requests: 1 HTTP requests in this frame

Frame: https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
Frame ID: 8F25B59503BCB77497C4DCCBA5938067
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=GUDd8qBA9gGQKyNEOXs9Wshk
Frame ID: 32C1A7E982C65D6153A2CB8CED33F911
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: BA7E7AC9755BC52F768E5B29B55F2E7D
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-38854f3a-ae98-4d81-8b7c-6c3d996fe28f-003
Frame ID: 129AA91F2FB58E4AE7DACA83D2E3D5CC
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
Frame ID: 1CE241EBBCF9631782626BE3294DEC90
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 4C418F0CBC69E3D96C0BC8100EAC18F2
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=1StNWF3AFRGf&pid=557219
Frame ID: 2D8CD07037B990AD9AEC715F62E0AF3F
Requests: 1 HTTP requests in this frame

Frame: https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=eab59cc3-d4b8-45be-b11a-6f8ec72b8b7e-tuct77db813&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Frame ID: ECBD6A907180435540EFB244868D6213
Requests: 1 HTTP requests in this frame

Frame: https://match.deepintent.com/usersync/141?redir=https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw&piggybackCookie=${DI_USER_ID}&gdpr=0&gdpr_consent=
Frame ID: BA261B8AF3AE6A934033ED70E205C3EA
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: FDAA8B5866D957A60D288042DA555EF5
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
Frame ID: B69B9119B3EFDF6FE31B97A04DAE1515
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Frame ID: 00A8056F58FB6D5377E6E0C2901B4C0A
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: 40E2ABCE001745C309DD4CD29745665E
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: BFBCDDD0FB59283C5A6DA4643F4DFC44
Requests: 25 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=7448561412368900957
Frame ID: 61D31ED05E30B036DEE8C4D7C635A0B1
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 993E9D8ED636F0EADF12D64390EC60CA
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6954739331519477899
Frame ID: ED49F83CE73374BC183F161A5D5034A1
Requests: 1 HTTP requests in this frame

Frame: https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAC5w07BCGUAACtSTIVA3Q&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dpm%26bee_sync_hop_count%3D1%26userid%3DSMART_USER_ID
Frame ID: 816B8CDC4A0CC50CEC105AB44FEA4AA0
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=GUDd8qBA9gGQKyNEOXs9Wshk
Frame ID: B5B5C03AC6C0727902F3208179C776F5
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: 0DC4DFC3D4E52B2E2E0AD7339EE49D70
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-38854f3a-ae98-4d81-8b7c-6c3d996fe28f-003
Frame ID: 287A425F07B8249F94EA126EA7FC804D
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
Frame ID: 3FEADF64A65EC2049AC1FAFD8F0E7E5B
Requests: 1 HTTP requests in this frame

Frame: https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: CAADF5616627C5B57BF14886294FE3FF
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=Q4fwa6JAT1NU&pid=557219
Frame ID: 1CC6E73344898AB0001436F47D918D4E
Requests: 1 HTTP requests in this frame

Frame: https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=eab59cc3-d4b8-45be-b11a-6f8ec72b8b7e-tuct77db813&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Frame ID: 0FE7D243F77F18DF6761485A0E901CF7
Requests: 1 HTTP requests in this frame

Frame: https://match.deepintent.com/usersync/141?redir=https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw&piggybackCookie=${DI_USER_ID}&gdpr=0&gdpr_consent=
Frame ID: 0C1A3EB896207875D3DADBC55E6490BA
Requests: 1 HTTP requests in this frame

Frame: https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=4&userId=CC35BD80-53DC-498D-8996-79DB92000082
Frame ID: 8B91DA53F46B298CDF6DC9BA2270D380
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: 114672573E8594F309F452ED3427E8FA
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvdMQrER44D6t2eHUQMncMJT1UgVxPazgA5-8JEAvOGPyE9GdFcaG961XPBQ0doSQ3yFX6OsoGrUgZjuLW4aroC1FEZxVdgPKoItMf1Ad7Efcpv1IbPH7ydShPUhCFdM0MIOBB0JDXTDSKNX8NhqLQGbxZAzBPBCeRp58-c_d8aIEeneX7drhqqoH468q56I9nBD3M2m6ZV1leanr7--Ll4eBfXWksYm_cMIKVF-x7VdVtauoDWEsdiX0tbSoKe5zglzJY3PFfLEisjdP0AkrdPsh9dsqxEuDDhQndQKCR6nBbFGQQdL8nXc0IiHnNvKhrrmhhlKRUrT_Q81qdGBUXn2QqR8Z3NJb0&sai=AMfl-YQBIlI6zSUu_fy03h_K-27hJRl0KkrQdJ2wQT9Y3DHIySHOn3QXjArE29xrmJs_SzkrU9CGz5-MV5fZM4hZL6WeT6tJ4b3u7dGRD0jIbysk2S2QWyPWcMAJkSI8cCU&sig=Cg0ArKJSzIslGBcHA4fdEAE&adurl=
Frame ID: CC824038160A5F647A7B9043CC7B674D
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Java (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers server /^Apache-Coyote(?:\/([\d.]+))?/i

Apache Tomcat (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /^Apache-Coyote(?:\/([\d.]+))?/i

Amazon Web Services (PaaS) Expand

Overall confidence: 100%
Detected patterns

headers via /$CloudFront$$/i

Amazon Cloudfront (CDN) Expand

Overall confidence: 100%
Detected patterns

headers via /$CloudFront$$/i

Page Statistics

677
Requests

98 %
HTTPS

28 %
IPv6

95
Domains

173
Subdomains

116
IPs

11
Countries

14857 kB
Transfer

52190 kB
Size

1
Cookies

23 Outgoing links

These are links going to different origins than the main page.

URL: https://www.youtube.com/user/todaystmj4/videos
Title: Youtube Channel

Search URL Search Domain Scan URL

URL: https://www.nbc.com/kelly-clarkson-show
Title: The Kelly Clarkson Show

Search URL Search Domain Scan URL

URL: https://www.nbc.com/
Title: Watch NBC Shows

Search URL Search Domain Scan URL

URL: http://scripps.com/careers
Title: Jobs

Search URL Search Domain Scan URL

URL: http://support.tmj4.com/support/home
Title: Support

Search URL Search Domain Scan URL

URL: http://www.factorium.com/default.asp?stationid=todaystmj4
Title: Play the TODAY'S TMJ4 News Game

Search URL Search Domain Scan URL

URL: https://scripps.wd5.myworkdayjobs.com/Scripps_Careers
Title: Careers Search

Search URL Search Domain Scan URL

URL: https://www.facebook.com/dialog/share?app_id=1500660210257997&display=popup&href=https://www.tmj4.com/news/coronavirus/wisconsins-extended-safer-at-home-order-relaxes-restrictions-on-non-essential-businesses
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?url=https://www.tmj4.com/news/coronavirus/wisconsins-extended-safer-at-home-order-relaxes-restrictions-on-non-essential-businesses&text=Wisconsin%27s%20extended%20Safer%20at%20Home%20order%20relaxes%20restrictions%20on%20non-essential%20businesses
Title: Tweet

Search URL Search Domain Scan URL

URL: https://www.daily-stuff.com/tattoos-that-help-you-know-what-not-to-get-for-your-next-ink/?utm_medium=outbrain&utm_source=587&utm_campaign=210408140819831x0xchrome_00a4d5b2484064c420f30d874150b3376f&utm_term=$origpubname$_$origsrcname$_$section_id$&utm_content=%5BGallery%5D+Hilarious+Tattoo+Fails+%28%2312+May+Never+Be+Employed%29&cpc=$cpc$&obOrigUrl=true
Title: [Gallery] Hilarious Tattoo Fails (#12 May Never Be Employed) DailyStuff

Search URL Search Domain Scan URL

URL: https://www.outbrain.com/what-is/default/en

Search URL Search Domain Scan URL

URL: https://www.dhs.wisconsin.gov/covid-19/vaccine-data.htm
Title: here.

Search URL Search Domain Scan URL

URL: https://www.dhs.wisconsin.gov/covid-19/vaccine-get.htm
Title: here.

Search URL Search Domain Scan URL

URL: https://www.dhs.wisconsin.gov/covid-19/county.htm
Title: here

Search URL Search Domain Scan URL

URL: https://www.dhs.wisconsin.gov/outbreaks/index.htm?fullsite=y
Title: COVID-19 on the Wisconsin DHS website

Search URL Search Domain Scan URL

URL: https://www.dontwasteyourmoney.com/
Title: Don't Waste Your Money

Search URL Search Domain Scan URL

URL: https://assets.scrippsdigital.com/docs/journalism-ethics-guidelines.pdf
Title: Journalism Ethics Guidelines

Search URL Search Domain Scan URL

URL: https://scripps.com/careers/find-a-job/
Title: Careers

Search URL Search Domain Scan URL

URL: https://publicfiles.fcc.gov/tv-profile/wtmj-tv
Title: FCC Public File

Search URL Search Domain Scan URL

URL: https://www.facebook.com/tmj4
Title: tmj4

Search URL Search Domain Scan URL

URL: https://www.instagram.com/tmj4news/
Title: tmj4news

Search URL Search Domain Scan URL

URL: https://twitter.com/tmj4
Title: tmj4

Search URL Search Domain Scan URL

URL: https://scripps.com/our-brands/local-media/
Title: Scripps Local Media

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 27

https://cd.connatix.com/connatix.playspace.js HTTP 302
https://cds.connatix.com/p/114867/connatix.playspace.dc.js

Request Chain 47

https://r.skimresources.com/api/ HTTP 307
https://r.skimresources.com/api/?xguid=01F426APGR662DW2712QQGJNRK&persistence=1&checksum=161592de8f7a1d789494327d2b08a35285c708fe539066c4f065a2d39035ab66

Request Chain 48

https://4394967.fls.doubleclick.net/activityi;src=4394967;type=wtmj;cat=pc_tt0;ord=7697026444491;gtm=2wg4e1;auiddc=1046780366.1619276422;u1=Coronavirus;u2=Wisconsin's%20extended%20Safer%20at%20Home%20order%20relaxes%20restrictions%20on%20non-essential%20businesses;~oref=https%3A%2F%2Fwww.tmj4.com%2Fnews%2Fcoronavirus%2Fwisconsins-extended-safer-at-home-order-relaxes-restrictions-on-non-essential-businesses HTTP 302
https://4394967.fls.doubleclick.net/activityi;dc_pre=CKuiod-Sl_ACFdaFgwcdK2kPmg;src=4394967;type=wtmj;cat=pc_tt0;ord=7697026444491;gtm=2wg4e1;auiddc=1046780366.1619276422;u1=Coronavirus;u2=Wisconsin's%20extended%20Safer%20at%20Home%20order%20relaxes%20restrictions%20on%20non-essential%20businesses;~oref=https%3A%2F%2Fwww.tmj4.com%2Fnews%2Fcoronavirus%2Fwisconsins-extended-safer-at-home-order-relaxes-restrictions-on-non-essential-businesses

Request Chain 72

https://sb.scorecardresearch.com/b?c1=2&c2=6036471&ns__t=1619276422131&ns_c=UTF-8&cv=3.5&c8=Wisconsin%27s%20extended%20Safer%20at%20Home%20order%20relaxes%20restrictions%20on%20non-essential%20businesses&c7=https%3A%2F%2Fwww.tmj4.com%2Fnews%2Fcoronavirus%2Fwisconsins-extended-safer-at-home-order-relaxes-restrictions-on-non-essential-businesses&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=6036471&ns__t=1619276422131&ns_c=UTF-8&cv=3.5&c8=Wisconsin%27s%20extended%20Safer%20at%20Home%20order%20relaxes%20restrictions%20on%20non-essential%20businesses&c7=https%3A%2F%2Fwww.tmj4.com%2Fnews%2Fcoronavirus%2Fwisconsins-extended-safer-at-home-order-relaxes-restrictions-on-non-essential-businesses&c9=

Request Chain 123

https://sync.serverbid.com/ss/2000248.js HTTP 302
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.js

Request Chain 201

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17632&endpoint=us-east HTTP 301
https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east

Request Chain 205

https://gift-connect-d.openx.net/w/1.0/cm?id=fd531c74-f5ed-4e60-8874-939fb2acafa1&r=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D19%26userId%3D HTTP 302
https://gift-connect-d.openx.net/w/1.0/cm?cc=1&id=fd531c74-f5ed-4e60-8874-939fb2acafa1&r=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D19%26userId%3D

Request Chain 206

https://ssum-sec.casalemedia.com/usermatchredir?s=185073&cb=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=185073&cb=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D&C=1 HTTP 302
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=1&userId=YIQyh7FGtohipzVd8FPpJQAA%261150

Request Chain 207

https://ib.adnxs.com/getuid?https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D28%26userId%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fe.serverbid.com%252Fudb%252F9969%252Fsync%252Fi.gif%253FpartnerId%253D28%2526userId%253D%2524UID HTTP 302
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=28&userId=2327173575115661820

Request Chain 208

https://pixel.advertising.com/ups/56621/occ HTTP 302
https://pixel.advertising.com/ups/56621/occ?verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/56621/occ?apid=UPcba0c1fb-a50d-11eb-8cd5-06f3176763d2 HTTP 302
https://ups.analytics.yahoo.com/ups/56621/occ?apid=UPcba0c1fb-a50d-11eb-8cd5-06f3176763d2&verify=true HTTP 302
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=29&userId=UPcba0c1fb-a50d-11eb-8cd5-06f3176763d2

Request Chain 210

https://pbs.publishers.tremorhub.com/pubsync?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D50%26userId%3D%5Btvid%5D HTTP 302
https://pbs.publishers.tremorhub.com/pubsync/verify?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D50%26userId%3D%5Btvid%5D

Request Chain 211

https://x.bidswitch.net/sync?ssp=consumable HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=consumable HTTP 302
https://ads.betweendigital.com/match?bidder_id=43092&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dconsumable%26expires%3D30%26user_group%3D%24%7BUSER_GROUP%7D HTTP 302
https://ads.betweendigital.com/match?bidder_id=43092&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dconsumable%26expires%3D30%26user_group%3D%24%7BUSER_GROUP%7D&crf=1 HTTP 302
https://x.bidswitch.net/sync?dsp_id=429&user_id=892e3594-9377-5272-ab91-d94ccb15ebc0&ssp=consumable&expires=30&user_group=1 HTTP 302
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=52&userId=979ac9f1-515e-45d2-9d7a-fc0024c81689

Request Chain 236

https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=71fb6084-3287-4800-b60a-25198ddb4db0

Request Chain 237

https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=P1cDRzpVA0UkUwgRawYWEGteDBIkX1lKPgbDGn2h

Request Chain 238

https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=7693130459162871140 HTTP 302
https://eu-u.openx.net/w/1.0/sd?cc=1&id=537113484&val=7693130459162871140

Request Chain 241

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDWIeu4eyqiMOhNL9AFMbck&google_cver=1

Request Chain 264

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=6973586629705886346

Request Chain 266

https://dsp.adfarm1.adition.com/cookie/?ssp=9 HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6954739297158232203

Request Chain 267

https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent= HTTP 303
https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1 HTTP 303
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFHSk4wN0JDR1VBQUNwLXNaeFlBQQ&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1

Request Chain 268

https://green.erne.co/pubmatic/cm HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=GUDd8qBA9gGQKyNEOXs9Wshk

Request Chain 270

https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=3813606125 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=3813606125 HTTP 302
https://sync.1rx.io/usersync/tradedesk/f33a31f7-4189-42f9-8459-23c75442979a HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-53f52b94-e826-43c8-8bad-d2a54a7fdea5-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%3D%26piggybackCookie%3DRX-53f52b94-e826-43c8-8bad-d2a54a7fdea5-003 HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-53f52b94-e826-43c8-8bad-d2a54a7fdea5-003

Request Chain 272

https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}

Request Chain 273

https://bh.contextweb.com/bh/rtset?pid=557219&ev=1&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&piggybackCookie=%%VGUID%% HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=Cz7IaRwaunqF&pid=557219

Request Chain 274

https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID HTTP 302
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=7a4569dd-6e5a-4c1f-b226-b55bf4895d0a-tuct77db808&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0

Request Chain 277

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=ufuEt6ydQVu52FiJRgl-eg%3D%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=ufuEt6ydQVu52FiJRgl-eg%3D%3D&google_tc= HTTP 302
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

Request Chain 279

https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=B9FB84B7-AC9D-415B-B9D8-588946097E7A&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=B9FB84B7-AC9D-415B-B9D8-588946097E7A&sInitiator=external&gdpr=0&gdpr_consent=

Request Chain 280

https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=B9FB84B7-AC9D-415B-B9D8-588946097E7A&gdpr= HTTP 302
https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=B9FB84B7-AC9D-415B-B9D8-588946097E7A&gdpr=&fbounce=1 HTTP 302
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=B9FB84B7-AC9D-415B-B9D8-588946097E7A&addseg=19,36,42

Request Chain 281

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QjlGQjg0QjctQUM5RC00MTVCLUI5RDgtNTg4OTQ2MDk3RTdB&gdpr=0&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QjlGQjg0QjctQUM5RC00MTVCLUI5RDgtNTg4OTQ2MDk3RTdB&gdpr=0&gdpr_consent=&google_tc= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

Request Chain 282

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm=&google_sc=&gdpr=0&gdpr_consent=&google_tc= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEGn3J1ilVnuWkHbt7Aca7h0&google_cver=1

Request Chain 284

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=f33a31f7-4189-42f9-8459-23c75442979a

Request Chain 285

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=1925878208261557160

Request Chain 286

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:71476084-3287-4400-a031-89dc8adc7e71&gdpr=0&gdpr_consent=

Request Chain 287

https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA%3D%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2327173575115661820&gdpr=0&gdpr_consent=

Request Chain 288

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://event.clientgear.com/cookie/bidswitch?partner=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=3012b04a-ac88-4329-96a6-d6d620ec02c6 HTTP 302
https://x.bidswitch.net/sync?dsp_id=257&user_id=mkec72b583-2084-4041-8d44-4d71de6ae919&expires=7&user_group=5&ssp=pubmatic&bsw_param=3012b04a-ac88-4329-96a6-d6d620ec02c6 HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=257&user_id=mkec72b583-2084-4041-8d44-4d71de6ae919&expires=7&user_group=5&ssp=pubmatic&bsw_param=3012b04a-ac88-4329-96a6-d6d620ec02c6 HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=979ac9f1-515e-45d2-9d7a-fc0024c81689&gdpr=&gdpr_consent=&gdpr_pd=

Request Chain 290

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=B9FB84B7-AC9D-415B-B9D8-588946097E7A&redir=true&gdpr=0&gdpr_consent= HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-XkeGrChE2uUfi4.wLgDXfeLl6lFUisI-~A&gdpr=0&gdpr_consent=

Request Chain 291

https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=kCCgQZUioEyLIaxGwie1EZ9x_UaLc_oTlylWxwnK

Request Chain 292

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2558916498258368330&gdpr=0&gdpr_consent=&us_privacy=

Request Chain 293

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=YIQyiQAAb44A5gA4 HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YIQyiQAAb44A5gA4&gdpr=0&gdpr_consent=&_test=YIQyiQAAb44A5gA4

Request Chain 294

https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:2153d520-0a2d-4fcd-a114-0ded323e82ba&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw

Request Chain 295

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=

Request Chain 297

https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=2327173575115661820

Request Chain 298

https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_42e97c65-53cb-4a68-b676-0bdfa5b01ad4

Request Chain 344

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 374

https://redirector.gvt1.com/videoplayback/id/54a06471f87f2f12/itag/43/source/gfp_video_ads/requiressl/yes/acao/yes/mime/video%2Fwebm/ctier/L/ip/0.0.0.0/ipbits/0/expire/1619298025/sparams/ip,ipbits,expire,id,itag,source,requiressl,acao,mime,ctier/signature/4B1DE33E58D0776C364109DE2A59296A0103197A.0CA8666645EA39D577A305EFC36215CEEDE7BF34/key/ck2/file/file.webm HTTP 302
https://r10---sn-4g5e6nzy.gvt1.com/videoplayback/id/54a06471f87f2f12/itag/43/source/gfp_video_ads/requiressl/yes/acao/yes/mime/video%2Fwebm/ctier/L/ip/0.0.0.0/ipbits/0/expire/1619298025/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mime,mip,mm,mn,ms,mv,mvi,pl,requiressl,source/signature/2F824A98FA164DF99D2C5545BF104EFE7790AB7F.800C116C10627D22419451FB273F4169D80E9447/key/cms1/cms_redirect/yes/mh/rc/mip/2a01:4f8:192:5414::2/mm/28/mn/sn-4g5e6nzy/ms/nvh/mt/1619276076/mv/u/mvi/10/pl/50/file/file.webm

Request Chain 417

https://hal90008.redintelligence.net/request.php?zone=ajk4xlebn4mw&nw=20&renderingType=javascript&namespace=56cdcefb3a&subid=&uid=39117b375f19d0b0&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=BAAAAAAAAAAAAAAAAAluAA%2F%2F%2F%2F%2F%2F%2BABgCeAJ4Ang&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D4991949398876919303%26mt_id%3D6622332%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D71476084-3287-4400-a031-89dc8adc7e71%26mt_cid%3D71476084-3287-4400-a031-89dc8adc7e71%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCVTQThzKEYPOYG-GLx_APvYy58AzPh46bXMCG2YLGAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi04NDE0NjI3MjgwMDU0NTkzyAEJ4AIAqAMBqgTdAk_Q-Wq-l2jZLPqstVPeaM49kd6vmkZwXGqFI5l3i0oIPqwwoz5m9p-fuFo9aCTPk64PuwYuNA7sGMOhC33vlUl3S7SdW84lLyJNwxsaeDilWRJtB7a0utSpT14K23zZovnFzJEodS1rS6t-1X5AM__6oBKA8T-rbTRExEJiUaPCFvvMurs7QjsW5wvZw0z6wwK5PMSq_rxD0iWJ7iVExwAB8uDWPzu6lfGeUnyMgK--x7Lz9nMY8TrxWEU2n5rWKwrgPV2pYBibBOeomHak1v_TUsv6nWaDkzfJLRTFefxgALx-B4AT51OPomR3nUaG6MEQRTYtkaUu6_s8HQNMkvqwsNY_HeezOu3uQelLSinhGYaQB0WXk3Sw79yB3NtFo3lP_-a2qwYl5r58ACOhvI4A9UXdHgmWOXEuY737DsK1QXrIlbodt4Jgs25CSZQ9Aq-ZC6zdbP3q9NnsL2ngBAGABsrr6dDusIOqiQGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB%2526num%253D1%2526sig%253DAOD64_00mdNJqdMyF0PeRuoW6DattXMdNw%2526client%253Dca-pub-8414627280054593%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fwww.tmj4.com%2F&ancestorOrigins=https%3A%2F%2Fwww.tmj4.com&random=5020761757213&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
https://hal90008.redintelligence.net/request.php?zone=ajk4xlebn4mw&nw=20&renderingType=javascript&namespace=56cdcefb3a&subid=&uid=39117b375f19d0b0&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=BAAAAAAAAAAAAAAAAAluAA%2F%2F%2F%2F%2F%2F%2BABgCeAJ4Ang&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D4991949398876919303%26mt_id%3D6622332%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D71476084-3287-4400-a031-89dc8adc7e71%26mt_cid%3D71476084-3287-4400-a031-89dc8adc7e71%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCVTQThzKEYPOYG-GLx_APvYy58AzPh46bXMCG2YLGAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi04NDE0NjI3MjgwMDU0NTkzyAEJ4AIAqAMBqgTdAk_Q-Wq-l2jZLPqstVPeaM49kd6vmkZwXGqFI5l3i0oIPqwwoz5m9p-fuFo9aCTPk64PuwYuNA7sGMOhC33vlUl3S7SdW84lLyJNwxsaeDilWRJtB7a0utSpT14K23zZovnFzJEodS1rS6t-1X5AM__6oBKA8T-rbTRExEJiUaPCFvvMurs7QjsW5wvZw0z6wwK5PMSq_rxD0iWJ7iVExwAB8uDWPzu6lfGeUnyMgK--x7Lz9nMY8TrxWEU2n5rWKwrgPV2pYBibBOeomHak1v_TUsv6nWaDkzfJLRTFefxgALx-B4AT51OPomR3nUaG6MEQRTYtkaUu6_s8HQNMkvqwsNY_HeezOu3uQelLSinhGYaQB0WXk3Sw79yB3NtFo3lP_-a2qwYl5r58ACOhvI4A9UXdHgmWOXEuY737DsK1QXrIlbodt4Jgs25CSZQ9Aq-ZC6zdbP3q9NnsL2ngBAGABsrr6dDusIOqiQGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB%2526num%253D1%2526sig%253DAOD64_00mdNJqdMyF0PeRuoW6DattXMdNw%2526client%253Dca-pub-8414627280054593%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fwww.tmj4.com%2F&ancestorOrigins=https%3A%2F%2Fwww.tmj4.com&random=5020761757213&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1

Request Chain 432

https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2372805976790.5376 HTTP 302
https://5994599.fls.doubleclick.net/activityi;dc_pre=CMS95OGSl_ACFdiIdwodmcsA0Q;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2372805976790.5376

Request Chain 451

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEEiO_F3vlsXLuJkdLrtknZU&google_cver=1&google_push=AQvitUI6gdsiu0gBTgdJP4q5WhxmsDZgXBMU5PxUBNWyFmD4jSFrqZ8zRZhHYudt4oSL9kaHo91okjEpXrgvgJEC9knKzerzF1EQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AQvitUI6gdsiu0gBTgdJP4q5WhxmsDZgXBMU5PxUBNWyFmD4jSFrqZ8zRZhHYudt4oSL9kaHo91okjEpXrgvgJEC9knKzerzF1EQ&google_hm=NASC_-Q4RwmMTkAhSfQB8rw

Request Chain 454

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEMktL4oexxiMkuGaDj3_1uo&google_cver=1&google_push=AQvitUKROQeOdMSAWMjCs-sb5Oe5ZehOOx36FjWTWMx7jWEBHAEs_BNPKA-NOScefZYg0FoKc9mu_tbxvbgmlDyULHlbzwFYnDA1 HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEMktL4oexxiMkuGaDj3_1uo&google_cver=1&google_push=AQvitUKROQeOdMSAWMjCs-sb5Oe5ZehOOx36FjWTWMx7jWEBHAEs_BNPKA-NOScefZYg0FoKc9mu_tbxvbgmlDyULHlbzwFYnDA1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTM4OTI1NDEwMzExNTQ2Mzc2Ng&google_push=AQvitUKROQeOdMSAWMjCs-sb5Oe5ZehOOx36FjWTWMx7jWEBHAEs_BNPKA-NOScefZYg0FoKc9mu_tbxvbgmlDyULHlbzwFYnDA1

Request Chain 455

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEIZilvpWb7DN9NmDQEBFcOc&google_cver=1&google_push=AQvitULctARqG7psnQstTqRVzu2YvBbfPMVBufOxz877h0l6jRMjUnNJOIml0ur-51bgYJMeAVx3lJ3wWsJ4xDsUKPVSsc8ruJlD HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-8d25ab97-ac2c-4190-bb12-53bee023be24-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAQvitULctARqG7psnQstTqRVzu2YvBbfPMVBufOxz877h0l6jRMjUnNJOIml0ur-51bgYJMeAVx3lJ3wWsJ4xDsUKPVSsc8ruJlD%26google_hm%3DA40lq5esLEGQuxJTvuAjviQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AQvitULctARqG7psnQstTqRVzu2YvBbfPMVBufOxz877h0l6jRMjUnNJOIml0ur-51bgYJMeAVx3lJ3wWsJ4xDsUKPVSsc8ruJlD&google_hm=A40lq5esLEGQuxJTvuAjviQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AQvitULctARqG7psnQstTqRVzu2YvBbfPMVBufOxz877h0l6jRMjUnNJOIml0ur-51bgYJMeAVx3lJ3wWsJ4xDsUKPVSsc8ruJlD&google_hm=A40lq5esLEGQuxJTvuAjviQ&google_tc=

Request Chain 496

https://u.openx.net/w/1.0/pd HTTP 302
https://u.openx.net/w/1.0/pd?cc=1

Request Chain 501

https://sync.serverbid.com/ss/2000248.html HTTP 302
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html

Request Chain 514

https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=a5266084-328f-4400-9c87-0778f57855a0 HTTP 302
https://eu-u.openx.net/w/1.0/sd?cc=1&id=536872786&val=a5266084-328f-4400-9c87-0778f57855a0

Request Chain 515

https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=WdMAjVzRANtC0V3cWtEVgQmCCY5Ch1yODdY-0JUt HTTP 302
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072956&gdpr=1&val=WdMAjVzRANtC0V3cWtEVgQmCCY5Ch1yODdY-0JUt

Request Chain 516

https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=5389254103115463766 HTTP 302
https://eu-u.openx.net/w/1.0/sd?cc=1&id=537113484&val=5389254103115463766

Request Chain 519

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEMQgsahfFZaSUoh9aDiqB5M&google_cver=1 HTTP 302
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESEMQgsahfFZaSUoh9aDiqB5M&google_cver=1

Request Chain 531

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm=&google_sc=&gdpr=0&gdpr_consent=&google_tc= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESENkf0g0bJlj8ADXADbXsU_8&google_cver=1

Request Chain 533

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=4c0fb35a-432f-4192-8e94-0e0dc6eaf333

Request Chain 534

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=7448561412368900957

Request Chain 536

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=2650122518224243743

Request Chain 537

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:b13a6084-3293-4700-ba3e-86e159cff04e&gdpr=0&gdpr_consent=

Request Chain 538

https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA%3D%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5315332890397927562&gdpr=0&gdpr_consent=

Request Chain 539

https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=l_OME5LxjRSM9IISxaaZEMOhgxOM8tAekfe6ljlQ

Request Chain 540

https://dsp.adfarm1.adition.com/cookie/?ssp=9 HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6954739331519477899

Request Chain 541

https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent= HTTP 303
https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1 HTTP 303
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFDNXcwN0JDR1VBQUN0U1RJVkEzUQ&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1

Request Chain 542

https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:607567c3-51a9-473f-b565-4f12fc5525e7&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw

Request Chain 543

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=

Request Chain 544

https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=5315332890397927562

Request Chain 545

https://green.erne.co/pubmatic/cm HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=GUDd8qBA9gGQKyNEOXs9Wshk

Request Chain 547

https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=7369145341 HTTP 302
https://sync.1rx.io/usersync/tradedesk/4c0fb35a-432f-4192-8e94-0e0dc6eaf333 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-38854f3a-ae98-4d81-8b7c-6c3d996fe28f-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%3D%26piggybackCookie%3DRX-38854f3a-ae98-4d81-8b7c-6c3d996fe28f-003 HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-38854f3a-ae98-4d81-8b7c-6c3d996fe28f-003

Request Chain 549

https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}

Request Chain 550

https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_19a9f609-ebbe-4eee-be8a-f0bba58aab5b

Request Chain 551

https://bh.contextweb.com/bh/rtset?pid=557219&ev=1&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&piggybackCookie=%%VGUID%% HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=1StNWF3AFRGf&pid=557219

Request Chain 552

https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID HTTP 302
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=eab59cc3-d4b8-45be-b11a-6f8ec72b8b7e-tuct77db813&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0

Request Chain 554

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=BCg5_Xo1Rn-rYTqrNd59fA%3D%3D HTTP 302
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

Request Chain 556

https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=042839FD-7A35-467F-AB61-3AAB35DE7D7C&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=042839FD-7A35-467F-AB61-3AAB35DE7D7C&sInitiator=external&gdpr=0&gdpr_consent=

Request Chain 557

https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=042839FD-7A35-467F-AB61-3AAB35DE7D7C&gdpr= HTTP 302
https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=042839FD-7A35-467F-AB61-3AAB35DE7D7C&gdpr=&fbounce=1 HTTP 302
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=042839FD-7A35-467F-AB61-3AAB35DE7D7C&addseg=19,36,42

Request Chain 558

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MDQyODM5RkQtN0EzNS00NjdGLUFCNjEtM0FBQjM1REU3RDdD&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

Request Chain 559

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://event.clientgear.com/cookie/bidswitch?partner=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=b85b6b29-735d-4e70-b33b-c214efcc539c HTTP 302
https://x.bidswitch.net/sync?dsp_id=257&user_id=mk99d1e74c-d35f-4a1f-900b-bb29c0a4e58d&expires=7&user_group=5&ssp=pubmatic&bsw_param=b85b6b29-735d-4e70-b33b-c214efcc539c HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=b85b6b29-735d-4e70-b33b-c214efcc539c&gdpr=&gdpr_consent=&gdpr_pd=

Request Chain 561

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=042839FD-7A35-467F-AB61-3AAB35DE7D7C&redir=true&gdpr=0&gdpr_consent= HTTP 302
https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=042839FD-7A35-467F-AB61-3AAB35DE7D7C&redir=true&gdpr=0&gdpr_consent=&verify=true HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-7FhdTQhE2uX7IGqOLQ0ZPlW5vS_3.80-~A&gdpr=0&gdpr_consent=

Request Chain 562

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4105589595274140268&gdpr=0&gdpr_consent=&us_privacy=

Request Chain 563

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=YIQykwAAbAgJrwBg HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YIQykwAAbAgJrwBg&gdpr=0&gdpr_consent=&_test=YIQykwAAbAgJrwBg

Request Chain 569

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17632&endpoint=us-east HTTP 301
https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east

Request Chain 572

https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D19%26userId%3D%24%7BUID%7D HTTP 302
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=19&userId=c737811b-5627-4e92-a15e-8eb82e642b72

Request Chain 573

https://ib.adnxs.com/getuid?https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D28%26userId%3D%24UID HTTP 302
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=28&userId=5315332890397927562

Request Chain 574

https://pixel.advertising.com/ups/56621/occ HTTP 302
https://pixel.advertising.com/ups/56621/occ?verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/56621/occ?apid=UPd2d90daf-a50d-11eb-8cd5-06f3176763d2 HTTP 302
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=29&userId=UPd2d90daf-a50d-11eb-8cd5-06f3176763d2

Request Chain 575

https://ssum-sec.casalemedia.com/usermatchredir?s=185073&cb=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=185073&cb=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D&C=1 HTTP 302
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=1&userId=YIQykz5zG25OFp25goLkUQAA%261142

Request Chain 576

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D24%26userId%3D%24UID HTTP 307
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D24%26userId%3D%24UID&sovrn_retry=true HTTP 307
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=24&userId=5b502b91e4569ee242619ab9

Request Chain 588

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEA-ShnHD7NcLOc63ekbd9BE&google_cver=1

Request Chain 590

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=4c0fb35a-432f-4192-8e94-0e0dc6eaf333

Request Chain 591

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=7448561412368900957

Request Chain 593

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=2650122518224243743

Request Chain 594

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:b13a6084-3293-4700-ba3e-86e159cff04e&gdpr=0&gdpr_consent=

Request Chain 595

https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5315332890397927562&gdpr=0&gdpr_consent=

Request Chain 596

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://ums.acuityplatform.com/bum?tpid=29&uid=b85b6b29-735d-4e70-b33b-c214efcc539c&bidswitch_ssp_id=pubmatic

Request Chain 597

https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=l_OME5LxjRSM9IISxaaZEMOhgxOM8tAekfe6ljlQ

Request Chain 598

https://dsp.adfarm1.adition.com/cookie/?ssp=9 HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6954739331519477899

Request Chain 599

https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent= HTTP 303
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAC5w07BCGUAACtSTIVA3Q&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dpm%26bee_sync_hop_count%3D1%26userid%3DSMART_USER_ID

Request Chain 600

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YIQykwAAbAgJrwBg&gdpr=0&gdpr_consent=

Request Chain 601

https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:607567c3-51a9-473f-b565-4f12fc5525e7&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw

Request Chain 602

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=

Request Chain 603

https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=5315332890397927562

Request Chain 604

https://green.erne.co/pubmatic/cm HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=GUDd8qBA9gGQKyNEOXs9Wshk

Request Chain 606

https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-38854f3a-ae98-4d81-8b7c-6c3d996fe28f-003&rndcb=4601500639 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=adconductor&bsw_param=b85b6b29-735d-4e70-b33b-c214efcc539c&google_hm=Yjg1YjZiMjktNzM1ZC00ZTcwLWIzM2ItYzIxNGVmY2M1Mzlj HTTP 302
https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEGsKos7MNz4EUHsuOgnfi94&google_cver=1&ssp=adconductor&bsw_param=b85b6b29-735d-4e70-b33b-c214efcc539c HTTP 302
https://sync.1rx.io/usersync/bidswitch/b85b6b29-735d-4e70-b33b-c214efcc539c?gdpr=&gdpr_consent= HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-38854f3a-ae98-4d81-8b7c-6c3d996fe28f-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%3D%26piggybackCookie%3DRX-38854f3a-ae98-4d81-8b7c-6c3d996fe28f-003 HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-38854f3a-ae98-4d81-8b7c-6c3d996fe28f-003

Request Chain 609

https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_19a9f609-ebbe-4eee-be8a-f0bba58aab5b

Request Chain 610

https://bh.contextweb.com/bh/rtset?pid=557219&ev=1&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&piggybackCookie=%%VGUID%% HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=Q4fwa6JAT1NU&pid=557219

Request Chain 611

https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID HTTP 302
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=eab59cc3-d4b8-45be-b11a-6f8ec72b8b7e-tuct77db813&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0

Request Chain 614

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=zDW9gFPcSY2JlnnbkgAAgg%3D%3D HTTP 302
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

Request Chain 617

https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=CC35BD80-53DC-498D-8996-79DB92000082&gdpr= HTTP 302
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=CC35BD80-53DC-498D-8996-79DB92000082&addseg=19,36,42

Request Chain 618

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=Q0MzNUJEODAtNTNEQy00OThELTg5OTYtNzlEQjkyMDAwMDgy&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

Request Chain 620

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=CC35BD80-53DC-498D-8996-79DB92000082&redir=true&gdpr=0&gdpr_consent= HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-7FhdTQhE2uX7IGqOLQ0ZPlW5vS_3.80-~A&gdpr=0&gdpr_consent=

Request Chain 621

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4105589595274140268&gdpr=0&gdpr_consent=&us_privacy=

677 HTTP transactions
9 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request Cookie set wisconsins-extended-safer-at-home-order-relaxes-restrictions-on-non-essential-businesses Show response
www.tmj4.com/news/coronavirus/ 241 KB
66 KB 279ms
220ms Document
text/html 13.224.95.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tmj4.com/news/coronavirus/wisconsins-extended-safer-at-home-order-relaxes-restrictions-on-non-essential-businesses
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.95.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-95-126.zrh50.r.cloudfront.net
Software: Apache-Coyote/1.1 / Brightspot
Resource Hash: 4b14b4c3da1c4b81de90d8b9cb92d117ad6c5e7053d19dc2acd34adf09be9ce2

Request headers

Host: www.tmj4.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=240
Content-Encoding: gzip
Date: Sat, 24 Apr 2021 15:00:20 GMT
Server: Apache-Coyote/1.1
Set-Cookie: JSESSIONID=9E5279EF0FC7C733F35DE3D4757D8128; Path=/; HttpOnly
X-Powered-By: Brightspot
Vary: Accept-Encoding
X-Cache: Miss from cloudfront
Via: 1.1 792f70324a941726ce7e749514e6fc3c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: ZRH50-C1
X-Amz-Cf-Id: 7fvm5tWLakhyImt4gJUbyN15ndbfeALOHFD7tZ5-UNrDSj4-MUIMAQ==

GET
H/1.1 200
OK All.min.65d8f2d7f19a1d6f00aa04f0c97a2644.gz.css
ewscripps.brightspotcdn.com/resource/00000178-eb24-d424-adfc-efad9ac60000/styleguide/ 154 KB
25 KB 73ms
16ms Stylesheet
text/css 13.224.95.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ewscripps.brightspotcdn.com/resource/00000178-eb24-d424-adfc-efad9ac60000/styleguide/All.min.65d8f2d7f19a1d6f00aa04f0c97a2644.gz.css
Requested by: Host: www.tmj4.com
URL: https://www.tmj4.com/news/coronavirus/wisconsins-extended-safer-at-home-order-relaxes-restrictions-on-non-essential-businesses
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.95.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-95-115.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6127a41b0cb4ecdbf2b95669560589ee2cd011e730a7ecb10b3082017ac9d3d0

Request headers

Referer: https://www.tmj4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 19 Apr 2021 17:19:11 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Mon, 19 Apr 2021 17:19:10 GMT
Server: AmazonS3
Age: 423671
ETag: "665c7c82987707e4d070e697c42fcb30"
X-Cache: Hit from cloudfront
Content-Type: text/css
Via: 1.1 f0f5607a03d2ae4c43b553dc2cef0c9e.cloudfront.net (CloudFront)
Cache-Control: public, max-age=31536000
X-Amz-Cf-Pop: ZRH50-C1
Accept-Ranges: bytes
Content-Length: 25223
X-Amz-Cf-Id: xQMKKVnAYvDLG6PrbOGdQwqP0VkX08ax9P_83DHJyYq4NObtDywbZA==

GET
H2 200 scsp.js Show response
d25dfknw9ghxs6.cloudfront.net/ 134 KB
34 KB 120ms
35ms Script
application/javascript 2600:9000:2021:400:9:4c16:5180:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d25dfknw9ghxs6.cloudfront.net/scsp.js
Requested by: Host: www.tmj4.com
URL: https://www.tmj4.com/news/coronavirus/wisconsins-extended-safer-at-home-order-relaxes-restrictions-on-non-essential-businesses
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2021:400:9:4c16:5180:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f94366efc6314725e16b4002b1e6903913b1f6d9f5757aec611205dcd0db3596

Request headers

Referer: https://www.tmj4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: D6d3wRZSpYd2caAk52T_Z3UgQuNzycNf
content-encoding: gzip
last-modified: Tue, 02 Feb 2021 20:14:21 GMT
server: AmazonS3
age: 85915
etag: W/"1315a3807c809bf51bb6f25ee163a270"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 08b0a1b0a31e772cbdbd57889ec6b80a.cloudfront.net (CloudFront)
date: Fri, 23 Apr 2021 17:24:31 GMT
x-amz-cf-pop: CPH50-C2
x-amz-cf-id: BAkstrFoLTZR0IGAyyQLWC3jlGckYy7aGxp1Iakm1SdcmoAXdunK7A==

GET
H2 200 star.gif
jelly.mdhv.io/v1/ 43 B
235 B 145ms
120ms Image
image/gif 216.239.38.21
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jelly.mdhv.io/v1/star.gif?pid=KrupPNut8EQGOaNmOwbjXgIS7Iyz&src=mh&evt=hi
Requested by: Host: www.tmj4.com
URL: https://www.tmj4.com/news/coronavirus/wisconsins-extended-safer-at-home-order-relaxes-restrictions-on-non-essential-businesses
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.38.21 San Mateo, United States, ASN15169 (GOOGLE, US),
Reverse DNS: any-in-2615.1e100.net
Software: Google Frontend /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://www.tmj4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Apr 2021 15:00:21 GMT
server: Google Frontend
content-type: image/gif
x-cloud-trace-context: bb797bfd13b60e9269f98870e915a4d5
cache-control: no-store,no-cache,must-revalidate,max-age=0,post-check=0,pre-check=0
content-length: 43
expires: -1

GET
H2 200 all.css
use.fontawesome.com/releases/v5.1.0/css/ 45 KB
11 KB 25ms
7ms Stylesheet
text/css 23.111.9.35
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.1.0/css/all.css
Requested by: Host: www.tmj4.com
URL: https://www.tmj4.com/news/coronavirus/wisconsins-extended-safer-at-home-order-relaxes-restrictions-on-non-essential-businesses
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.9.35 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: ce91e2144ea27f82292ef2c87c5d9e1d0b9994df63836130293865aca18fc550

Request headers

Origin: https://www.tmj4.com
Referer: https://www.tmj4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 15:00:21 GMT
content-encoding: gzip
last-modified: Wed, 20 Jun 2018 20:19:16 GMT
server: NetDNA-cache/2.2
etag: W/"826c57385f3d35cfed5478ba7b1f5c03"
vary: Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=31556926
x-cache: HIT

GET
H2 200 star.gif Show response
jelly.mdhv.io/v1/ 43 B
128 B 119ms
119ms Script
image/gif 216.239.38.21
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://jelly.mdhv.io/v1/star.gif?pid=b3xnBZnc4kgsPo4Jt2zJhSqdNJOa&src=mh&evt=hi
Requested by: Host: www.tmj4.com
URL: https://www.tmj4.com/news/coronavirus/wisconsins-extended-safer-at-home-order-relaxes-restrictions-on-non-essential-businesses
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.38.21 San Mateo, United States, ASN15169 (GOOGLE, US),
Reverse DNS: any-in-2615.1e100.net
Software: Google Frontend /
Resource Hash: e963e7196beb9123059ec3534b042ebcd1ef0a470fa568bfbebfeab2f33c4fda

Request headers

Referer: https://www.tmj4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Apr 2021 15:00:21 GMT
server: Google Frontend
content-type: image/gif
x-cloud-trace-context: ba78eaf79ff50034a07930a927f4f13e
cache-control: no-store,no-cache,must-revalidate,max-age=0,post-check=0,pre-check=0
content-length: 43
expires: -1

GET
H/1.1 200
OK /
ewscripps.brightspotcdn.com/dims4/default/14ab2d7/2147483647/strip/true/crop/600x274+0+0/resize/400x183!/quality/90/ 12 KB
13 KB 15ms
13ms Image
image/png 13.224.95.115
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ewscripps.brightspotcdn.com/dims4/default/14ab2d7/2147483647/strip/true/crop/600x274+0+0/resize/400x183!/quality/90/?url=http%3A%2F%2Fewscripps-brightspot.s3.amazonaws.com%2F68%2F50%2F2eddbd2f41b4967e3d8c76e2e884%2Fweb-main-logo-wtmj.png
Requested by: Host: www.tmj4.com
URL: https://www.tmj4.com/news/coronavirus/wisconsins-extended-safer-at-home-order-relaxes-restrictions-on-non-essential-businesses
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.95.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-95-115.zrh50.r.cloudfront.net
Software: Apache /
Resource Hash: fe832d4fce90ea0d84d760da1b63ff8644d522b399cee6c991972ff9a2a1078f

Request headers

Referer: https://www.tmj4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 30 Jan 2021 04:45:33 GMT
Via: 1.1 f0f5607a03d2ae4c43b553dc2cef0c9e.cloudfront.net (CloudFront)
Connection: keep-alive
Server: Apache
Age: 7294488
ETag: 63c16c9b332cc1b09956a023709655a9
X-Cache: Hit from cloudfront
Content-Type: image/png
Edge-Control: downstream-ttl=31536000
Cache-Control: max-age=31536000, public
X-Amz-Cf-Pop: ZRH50-C1
X-Robots-Tag: nofollow
Content-Length: 12700
X-Amz-Cf-Id: NjdsM8mhPetElclKobbBdzwjAvn9fIp3OSSoKTpQu-8jW-jVqpz7kQ==
Expires: Sun, 30 Jan 2022 04:45:33 GMT

GET
H/1.1 200
OK Blank.gif
www.tmj4.com/styleguide/assets/ 57 B
474 B 17ms
15ms Image
image/gif 13.224.95.126
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.tmj4.com/styleguide/assets/Blank.gif
Requested by: Host: www.tmj4.com
URL: https://www.tmj4.com/news/coronavirus/wisconsins-extended-safer-at-home-order-relaxes-restrictions-on-non-essential-businesses
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.95.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-95-126.zrh50.r.cloudfront.net
Software: Apache-Coyote/1.1 /
Resource Hash: e4447831baf6690d632168390edfd95679cb7b5a09aec2c54d47b0a2343e54aa

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.tmj4.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.tmj4.com/news/coronavirus/wisconsins-extended-safer-at-home-order-relaxes-restrictions-on-non-essential-businesses
Cookie: JSESSIONID=9E5279EF0FC7C733F35DE3D4757D8128
Connection: keep-alive
Referer: https://www.tmj4.com/news/coronavirus/wisconsins-extended-safer-at-home-order-relaxes-restrictions-on-non-essential-businesses
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 07 Feb 2021 03:59:53 GMT
Via: 1.1 792f70324a941726ce7e749514e6fc3c.cloudfront.net (CloudFront)
Connection: keep-alive
Server: Apache-Coyote/1.1
Age: 6606028
X-Cache: Hit from cloudfront
Content-Type: image/gif;charset=UTF-8
Cache-Control: public, max-age=31536000
X-Amz-Cf-Pop: ZRH50-C1
Content-Length: 57
X-Amz-Cf-Id: 42LYZ4IE1Z6g3FSKTVDt9ZZi5_HqRrGxscAMCFlZ3UeVopMAGb63Og==

GET
H2 200 outbrain.js Show response
widgets.outbrain.com/ 172 KB
58 KB 48ms
15ms Script
application/x-javascript 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/outbrain.js
Requested by: Host: www.tmj4.com
URL: https://www.tmj4.com/news/coronavirus/wisconsins-extended-safer-at-home-order-relaxes-restrictions-on-non-essential-businesses
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 11947b1c7fd4361e0a062a78a8cbe02ec43102b8cebb37c63d64dd65071e61aa

Request headers

Referer: https://www.tmj4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 15:00:21 GMT
content-encoding: gzip
last-modified: Thu, 22 Apr 2021 08:35:57 GMT
etag: W/"2ae74-AXLmPlXWya6DIN68XGR6bvjwQfY"
vary: Accept-Encoding
edge-cache-tag: widget-cheetah
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=14400
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
x-traceid: 6ca32229eb7c2b69f9db13403dd112a1
timing-allow-origin: *, *
content-length: 58263
expires: Sat, 24 Apr 2021 19:00:21 GMT

GET
H2 200 88890X1542035.skimlinks.js Show response
s.skimresources.com/js/ 49 KB
19 KB 37ms
11ms Script
application/octet-stream 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://s.skimresources.com/js/88890X1542035.skimlinks.js
Requested by: Host: www.tmj4.com
URL: https://www.tmj4.com/news/coronavirus/wisconsins-extended-safer-at-home-order-relaxes-restrictions-on-non-essential-businesses
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9dd1ed208fd2b1d465233fcf7a7a4b0deec30f908b174fbed4e2f7f8d7c98156

Request headers

Referer: https://www.tmj4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 15:00:21 GMT
content-encoding: gzip
last-modified: Wed, 17 Mar 2021 11:54:21 GMT
server: AmazonS3
x-amz-request-id: 7MSNHXQEVGW0BCBG
etag: "826a23ab95d37344891f9ebade723583"
x-hw: 1619276421.cds167.fr8.hn,1619276421.cds221.fr8.c
content-type: application/octet-stream
cache-control: max-age=3600
accept-ranges: bytes
content-length: 18714
x-amz-id-2: g4z/rM6sESAZUFteYIk71lFaXAvCI0nQMRYYauk+AsDCpYoivuC8DlkV5oH95KGDDHK/WzN2L9o=

GET
H/1.1 200
OK logo-scripps.png
assets.scrippsdigital.com/cms/images/ 3 KB
4 KB 80ms
14ms Image
image/png 13.224.95.61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.scrippsdigital.com/cms/images/logo-scripps.png
Requested by: Host: www.tmj4.com
URL: https://www.tmj4.com/news/coronavirus/wisconsins-extended-safer-at-home-order-relaxes-restrictions-on-non-essential-businesses
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.95.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-95-61.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d66c157e60a88623fc6bb87393d303096b3a2db235ad33c1cdb80ed71ee38c42

Request headers

Referer: https://www.tmj4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 8lNexGmb6tKD4SPVOeXslwnzBtFWYJoV
Via: 1.1 0c476b4e93e7b13a5f68b185a8e9753c.cloudfront.net (CloudFront)
Last-Modified: Mon, 23 Oct 2017 14:04:11 GMT
Server: AmazonS3
Age: 20368
ETag: "f46791d665054bf21da09492d448e1d2"
X-Cache: Hit from cloudfront
Content-Type: image/png
Connection: keep-alive
Date: Sat, 24 Apr 2021 09:21:27 GMT
x-amz-replication-status: COMPLETED
X-Amz-Cf-Pop: ZRH50-C1
Accept-Ranges: bytes
Content-Length: 3532
X-Amz-Cf-Id: ky9zDeUKqlROAD8ZIIM2NjWCzqFJkjq78NKnt_Isnc-ASF6gLs3TIQ==

GET
H/1.1 200
OK All.min.2f9624d512372d25bc9ce2c3f2c34682.gz.js Show response
ewscripps.brightspotcdn.com/resource/00000178-eb24-d424-adfc-efad9ac60000/styleguide/ 1 MB
107 KB 35ms
18ms Script
text/javascript 13.224.95.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ewscripps.brightspotcdn.com/resource/00000178-eb24-d424-adfc-efad9ac60000/styleguide/All.min.2f9624d512372d25bc9ce2c3f2c34682.gz.js
Requested by: Host: www.tmj4.com
URL: https://www.tmj4.com/news/coronavirus/wisconsins-extended-safer-at-home-order-relaxes-restrictions-on-non-essential-businesses
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.95.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-95-115.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: db137a6af0c93b9e8a4303780ce166ecd74bd208e7f55f0f79ea741c88f8e9b3

Request headers

Referer: https://www.tmj4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 19 Apr 2021 17:19:11 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Mon, 19 Apr 2021 17:19:10 GMT
Server: AmazonS3
Age: 423671
ETag: "87f1353cb36e02a7e648b195952fcc3c"
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Via: 1.1 f0f5607a03d2ae4c43b553dc2cef0c9e.cloudfront.net (CloudFront)
Cache-Control: public, max-age=31536000
X-Amz-Cf-Pop: ZRH50-C1
Accept-Ranges: bytes
Content-Length: 109265
X-Amz-Cf-Id: qFjb529CJYsNpIZ2tAuFMASf4AQV97ETdIYG7J6Y-Q423_zxc3bwwA==

GET
H2 200 tsu4adm.css
use.typekit.net/ 18 KB
2 KB 73ms
42ms Stylesheet
text/css 2a02:26f0:6c00::210:ba0a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/tsu4adm.css

Requested by

Host: ewscripps.brightspotcdn.com
URL: https://ewscripps.brightspotcdn.com/resource/00000178-eb24-d424-adfc-efad9ac60000/styleguide/All.min.65d8f2d7f19a1d6f00aa04f0c97a2644.gz.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:ba0a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

373230acfd98e6e8704812d39c2288ce9ca1d1a20c2884586b16f3ea3e4774cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

Referer: https://ewscripps.brightspotcdn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
server: nginx
date: Sat, 24 Apr 2021 15:00:21 GMT
vary: Accept-Encoding
content-type: text/css;charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 1657

GET
H2 200 p.css
p.typekit.net/ 5 B
162 B 21ms
6ms Stylesheet
text/css 2a02:26f0:6c00:2ae::19fd
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p.typekit.net/p.css?s=1&k=tsu4adm&ht=tk&f=137.138.139.140.169.170.171.172.175.176.141.142.143.144.147.148.151.152.153.154.155.156.157.160.161.162.165.166.167.168&a=15199297&app=typekit&e=css
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/tsu4adm.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:2ae::19fd Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

Referer: https://use.typekit.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 15:00:21 GMT
last-modified: Thu, 05 Nov 2020 13:49:42 GMT
server: nginx
etag: "5fa402f6-5"
content-type: text/css
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 5

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 124 KB
36 KB 28ms
27ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KZVQWL

Requested by

Host: www.tmj4.com
URL: https://www.tmj4.com/news/coronavirus/wisconsins-extended-safer-at-home-order-relaxes-restrictions-on-non-essential-businesses

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

71dcbcb413db00a140bfe5b3077135c5b8d1a9268cba4a85dbc6ecfa858b350f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.tmj4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 15:00:21 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36666
x-xss-protection: 0
expires: Sat, 24 Apr 2021 15:00:21 GMT

GET
H2 200 ff983cd0-6c28-474c-9cc4-7a5281d11e05.js Show response
d2s8wlbatk24s7.cloudfront.net/service/js/ 48 KB
16 KB 30ms
7ms XHR
application/javascript 2600:9000:21f3:f200:d:77c3:2dc0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2s8wlbatk24s7.cloudfront.net/service/js/ff983cd0-6c28-474c-9cc4-7a5281d11e05.js
Requested by: Host: d25dfknw9ghxs6.cloudfront.net
URL: https://d25dfknw9ghxs6.cloudfront.net/scsp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:f200:d:77c3:2dc0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: e412d030d3c3190d3d15fc6d1b5aff09c1c6d62a60f452b96c3e370520ad93ad

Request headers

Referer: https://www.tmj4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 13:03:53 GMT
content-encoding: gzip
server: nginx/1.10.3 (Ubuntu)
age: 6988
vary: Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 14400
cache-control: public, max-age=14400
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA2-C2
access-control-allow-headers: *
x-amz-cf-id: yuiMrRXTAZ6NWnjwKd7N5PqXw7Y82gYv7CVzY3zcxTrUHzgjMU6zFA==
via: 1.1 debe291145dc27044f50d04bac101cd9.cloudfront.net (CloudFront)

GET
H2 200 l
use.typekit.net/af/705e94/00000000000000003b9b3062/27/ 33 KB
33 KB 36ms
6ms Font
application/font-woff2 2a02:26f0:6c00::210:ba0a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/705e94/00000000000000003b9b3062/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/tsu4adm.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba0a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: f37e21c653607facbf39ad55a0d09b23fbda4ee1be8202257bd4c218eb1544ee

Request headers

Origin: https://www.tmj4.com
Referer: https://use.typekit.net/tsu4adm.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 15:00:21 GMT
server: nginx
etag: "79fea02668402fc378c129193093131a2db2577c"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 33568

GET
H/1.1 200
OK yi.js Show response
sejs.moatads.com/crackedscrippsdfpprebidheader262014341684/ 195 KB
69 KB 67ms
36ms Script
application/x-javascript 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sejs.moatads.com/crackedscrippsdfpprebidheader262014341684/yi.js
Requested by: Host: www.tmj4.com
URL: https://www.tmj4.com/news/coronavirus/wisconsins-extended-safer-at-home-order-relaxes-restrictions-on-non-essential-businesses
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: e27b395dd390b36ff73915d6736d8c30721b8f2c88d69bbfe7d9baba127bd0a7

Request headers

Referer: https://www.tmj4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 24 Apr 2021 15:00:21 GMT
Content-Encoding: gzip
Server: AmazonS3
x-amz-request-id: A8V7V3FSJW3DNA70
ETag: "bf99df8799c52d25f9335eccaa199ccd"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=43850
Transfer-Encoding: chunked
Connection: keep-alive, Transfer-Encoding
x-amz-id-2: FBouFQQeqyzNHa1p5VPLGzPxMuNJEn6kBqn3Wy1zgelqwfHzlarEMt+4pk9JQhvyaknncTqOF7k=

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 119 KB
31 KB 102ms
36ms Script
application/javascript 143.204.247.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: www.tmj4.com
URL: https://www.tmj4.com/news/coronavirus/wisconsins-extended-safer-at-home-order-relaxes-restrictions-on-non-essential-businesses
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.247.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-247-127.cph50.r.cloudfront.net
Software: Server /
Resource Hash: 9e5a3984c873d9f7009795b85f0d9bfa38e8f9dddc2309d83556aea4d7ee41a0

Request headers

Referer: https://www.tmj4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 14:54:59 GMT
content-encoding: gzip
server: Server
age: 322
etag: 433bd8b9aebf928ab8f51e43abc531d2
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 cfd12cc4ec21f43f7afaabc9c7275134.cloudfront.net (CloudFront)
cache-control: public, max-age=900
x-amz-cf-pop: CPH50-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-version-id: FUA623DCjlDRvcvJxerHmi4TRUp1BV44
x-amz-cf-id: fXRsqUHPF_xKB79inuriNAYLyJI3J4wZrDZeFN301WVQWj5jJQqh_Q==

GET
H2 200 bidexchange.js Show response
contextual.media.net/ 434 KB
89 KB 119ms
102ms Script
text/javascript 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/bidexchange.js?cid=8CU6Q6626&dn=www.tmj4.com&version=4.1&https=1

Requested by

Host: www.tmj4.com
URL: https://www.tmj4.com/news/coronavirus/wisconsins-extended-safer-at-home-order-relaxes-restrictions-on-non-essential-businesses

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

a62ad98ec95d11bee0312b3c13e7640234d02f0ae250aefac7f3f74daa10bec3

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://www.tmj4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=604800
content-encoding: gzip
server: Apache
date: Sat, 24 Apr 2021 15:00:21 GMT
vary: Accept-Encoding
x-mnet-h: E
content-type: text/javascript; charset=utf-8
cache-control: max-age=1800
expires: Sat, 24 Apr 2021 15:30:21 GMT

GET
H2 200 consumable-cdn.js Show response
yummy.consumable.com/standalone/ 83 KB
22 KB 504ms
426ms Script
application/javascript 13.33.139.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yummy.consumable.com/standalone/consumable-cdn.js
Requested by: Host: www.tmj4.com
URL: https://www.tmj4.com/news/coronavirus/wisconsins-extended-safer-at-home-order-relaxes-restrictions-on-non-essential-businesses
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.139.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-139-93.cph50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c8d2551c545c7556a6abf32ece25d1b8e12c1d31964919fb5a3b73e3ca0c67c4

Request headers

Referer: https://www.tmj4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 15:00:22 GMT
content-encoding: gzip
last-modified: Thu, 18 Apr 2019 13:41:28 GMT
server: AmazonS3
x-amz-cf-pop: CPH50-C2
etag: W/"c70b09cf7daf3f6e63265fcf7dce428b"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
via: 1.1 c77c2d645cbeae90b436c4ed3b9c4718.cloudfront.net (CloudFront)
x-amz-cf-id: riJX2pH_au7b_ltu1FOO515D0l_VeUbsWgkJqjLll1vsJscZSLCCtQ==

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 10ms
10ms Script
application/x-javascript 2a03:2880:f03d:1c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: www.tmj4.com
URL: https://www.tmj4.com/news/coronavirus/wisconsins-extended-safer-at-home-order-relaxes-restrictions-on-non-essential-businesses

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f03d:1c:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4ab6396c4320590be355403d8dc3ef757f9a13df3cf6d5d1f6c337a8ef67877d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.tmj4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: IB8e2oFJhcz5Ake9+dlqfA==
cross-origin-resource-policy: cross-origin
expires: Sat, 24 Apr 2021 15:03:38 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1781
x-fb-rlafr: 0
x-fb-debug: 1SeuOk7DIfb1Wa5h8tNqZyTHUyNwWBh1O5UqPR5c9brYyQ8/YhAeIKAPZ61xy1XVCrShhVsDn2Hg26IAPQR9lQ==
x-fb-trip-id: 95149190
x-fb-content-md5: e65df3019496c827f5047e4a629a5779
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Sat, 24 Apr 2021 15:00:21 GMT
x-frame-options: DENY
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "e307e7dbf52d887e34eb8b19fc5a7cf6"
timing-allow-origin: *
priority: u=3,i
access-control-expose-headers: X-FB-Content-MD5

GET
H2 200 l
use.typekit.net/af/d82519/00000000000000003b9b306a/27/ 20 KB
20 KB 39ms
22ms Font
application/font-woff2 2a02:26f0:6c00::210:ba0a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/d82519/00000000000000003b9b306a/27/l?subset_id=2&fvd=n8&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/tsu4adm.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba0a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 90bf686f30e8bfcc224e5af0495606f031d6d5970a5701f45fc94951b2fae966

Request headers

Origin: https://www.tmj4.com
Referer: https://use.typekit.net/tsu4adm.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 15:00:21 GMT
server: nginx
etag: "fd8402d37106f684ec19a13afdcc4e7f3508fe4c"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 20356

GET
H2 200 fa-solid-900.woff2
use.fontawesome.com/releases/v5.1.0/webfonts/ 58 KB
59 KB 62ms
61ms Font
font/woff2 23.111.9.35
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.1.0/webfonts/fa-solid-900.woff2
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.1.0/css/all.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.9.35 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: a83079124373d924ad1402fbc08d2e24d0043234d4c26565f1c368745f55f5d9

Request headers

Origin: https://www.tmj4.com
Referer: https://use.fontawesome.com/releases/v5.1.0/css/all.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 15:00:21 GMT
last-modified: Wed, 20 Jun 2018 20:19:36 GMT
server: NetDNA-cache/2.2
etag: "18d2347ab2a9f40ca2247cdb03303d84"
vary: Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=31556926
x-cache: HIT
accept-ranges: bytes
content-length: 59572

GET
H2 200 fa-brands-400.woff2
use.fontawesome.com/releases/v5.1.0/webfonts/ 62 KB
62 KB 71ms
70ms Font
font/woff2 23.111.9.35
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.1.0/webfonts/fa-brands-400.woff2
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.1.0/css/all.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.9.35 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 62b5e7ae9e2ed60dcd7cb2e0823dd0884575f2176aff629f2df1e912dfae20e1

Request headers

Origin: https://www.tmj4.com
Referer: https://use.fontawesome.com/releases/v5.1.0/css/all.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 15:00:21 GMT
last-modified: Wed, 20 Jun 2018 20:19:30 GMT
server: NetDNA-cache/2.2
etag: "f319eac1c755f9929fd856720ce1695e"
vary: Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=31556926
x-cache: HIT
accept-ranges: bytes
content-length: 63376

GET
H2 200 l
use.typekit.net/af/5c70f2/00000000000000003b9b3063/27/ 34 KB
35 KB 33ms
17ms Font
application/font-woff2 2a02:26f0:6c00::210:ba0a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/5c70f2/00000000000000003b9b3063/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=i4&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/tsu4adm.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba0a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: f685d36f3f62589ffc7cb9633a82850958978f8803780ece24c613ca6f8cf563

Request headers

Origin: https://www.tmj4.com
Referer: https://use.typekit.net/tsu4adm.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 15:00:21 GMT
server: nginx
etag: "d9c559430b0162ff50e16cf6dad5514fa963f9ff"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 35116

GET
H2 200 l
use.typekit.net/af/949f99/00000000000000003b9b3068/27/ 34 KB
34 KB 24ms
8ms Font
application/font-woff2 2a02:26f0:6c00::210:ba0a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/949f99/00000000000000003b9b3068/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/tsu4adm.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba0a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 3302ef568a096b5d784190fc4a27a5360a9e0a22c069d90253c6341e311024d8

Request headers

Origin: https://www.tmj4.com
Referer: https://use.typekit.net/tsu4adm.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 15:00:21 GMT
server: nginx
etag: "b5fef031a96fc670f9c3b1b64dd52243a29d7531"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 34344

GET
H2 200 index.html Show response
www.arcgis.com/apps/opsdashboard/ Frame BE7A 1 KB
764 B 306ms
100ms Document
text/html 18.234.22.28
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.arcgis.com/apps/opsdashboard/index.html

Requested by

Host: www.tmj4.com
URL: https://www.tmj4.com/news/coronavirus/wisconsins-extended-safer-at-home-order-relaxes-restrictions-on-non-essential-businesses

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.234.22.28 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-234-22-28.compute-1.amazonaws.com

Software

AmazonS3 /

Resource Hash

b70d0b6b6860c1b51d7436b44dae909fdf0d7897ada90de0993315262f35fe6c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000

Request headers

:method: GET
:authority: www.arcgis.com
:scheme: https
:path: /apps/opsdashboard/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.tmj4.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.tmj4.com/

Response headers

date: Sat, 24 Apr 2021 15:00:21 GMT
content-type: text/html
content-length: 394
content-encoding: br
last-modified: Wed, 14 Apr 2021 02:56:28 GMT
etag: "f9c1bb197f2a43969189c14a59203821"
server: AmazonS3
cache-control: private, max-age=0
expires: -1
strict-transport-security: max-age=63072000
content-security-policy: upgrade-insecure-requests
referrer-policy: no-referrer-when-downgrade
x-cached: HIT
link: <https://www.arcgis.com/apps/opsdashboard/index.html>; rel="canonical"

GET
H2

200

connatix.playspace.dc.js Show response
cds.connatix.com/p/114867/ Frame 1FBF
Redirect Chain

https://cd.connatix.com/connatix.playspace.js
https://cds.connatix.com/p/114867/connatix.playspace.dc.js

1 MB
232 KB

49ms
11ms

Script
application/javascript

151.101.14.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.connatix.com/p/114867/connatix.playspace.dc.js
Requested by: Host: www.tmj4.com
URL: https://www.tmj4.com/news/coronavirus/wisconsins-extended-safer-at-home-order-relaxes-restrictions-on-non-essential-businesses
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.14.137 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 39e0774e46c1665887dfda10b5fae9af78233715f9eca8c7431d24b551894a39

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 15:00:21 GMT
content-encoding: br
last-modified: Fri, 23 Apr 2021 19:40:44 GMT
age: 69446
etag: "4737e9228de661482d3da21871e89726"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 236816

Redirect headers

location: https://cds.connatix.com/p/114867/connatix.playspace.dc.js
date: Sat, 24 Apr 2021 15:00:21 GMT
cache-control: no-cache, no-store, must-revalidate, max-age=0
age: 0
accept-ranges: bytes
content-length: 0
retry-after: 0

GET
H2 200 poster_4d942abda02b424ba8db380aa2e9ce1b.jpg
x-default-stgec.uplynk.com/ausw/slices/074/44c3f81cadf84cf5a6f4e6d100388208/0741bce3458e4705a7a2e69ec4920c82/ 47 KB
48 KB 726ms
705ms Image
image/jpeg 2606:2800:133:202d:cd5:25f1:103b:1d26
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x-default-stgec.uplynk.com/ausw/slices/074/44c3f81cadf84cf5a6f4e6d100388208/0741bce3458e4705a7a2e69ec4920c82/poster_4d942abda02b424ba8db380aa2e9ce1b.jpg
Requested by: Host: www.tmj4.com
URL: https://www.tmj4.com/news/coronavirus/wisconsins-extended-safer-at-home-order-relaxes-restrictions-on-non-essential-businesses
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:133:202d:cd5:25f1:103b:1d26 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 371e8ae51e1a4d13e9f876aa36664fbcaff1b0bdb7cd7777247bea333060cdef

Request headers

Referer: https://www.tmj4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 15:00:22 GMT
etag: "9bdfd65d4bfe1b51379bb41460ba68dd"
last-modified: Fri, 24 Apr 2020 17:08:23 GMT
server: AmazonS3
x-amz-request-id: 90MD5JRTCGMAHADY
x-amz-server-side-encryption: AES256
content-type: image/jpeg
access-control-allow-origin: *
accept-ranges: bytes
content-length: 48617
x-amz-id-2: IaBMlcUN83p22nYGwEMMIWB337iTGtmm88Neek8WXkv7IZ1X7AIUqEWDEmz2bhXLyBNfYJo1IdY=
x-ec-put2cache: 1

GET
H/1.1 200
OK /
ewscripps.brightspotcdn.com/dims4/default/4f3a5c0/2147483647/strip/true/crop/675x675+0+0/resize/300x300!/quality/90/ 16 KB
17 KB 23ms
23ms Image
image/jpeg 13.224.95.115
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ewscripps.brightspotcdn.com/dims4/default/4f3a5c0/2147483647/strip/true/crop/675x675+0+0/resize/300x300!/quality/90/?url=http%3A%2F%2Fewscripps-brightspot.s3.amazonaws.com%2F33%2F70%2F1b1221a141f5b3303f9603d41b16%2Fprofile-pic-jenkins.jpg
Requested by: Host: www.tmj4.com
URL: https://www.tmj4.com/news/coronavirus/wisconsins-extended-safer-at-home-order-relaxes-restrictions-on-non-essential-businesses
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.95.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-95-115.zrh50.r.cloudfront.net
Software: Apache /
Resource Hash: 09c3b6a5703fb63a02456ba0e7c5c747600a7b12eecc2d7c1abac7237373bb90

Request headers

Referer: https://www.tmj4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 18 Apr 2021 07:46:40 GMT
Via: 1.1 f0f5607a03d2ae4c43b553dc2cef0c9e.cloudfront.net (CloudFront)
Connection: keep-alive
Server: Apache
Age: 544421
ETag: 8a1ae4e2fbceb509ad0075a1d6980cc3
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Edge-Control: downstream-ttl=31536000
Cache-Control: max-age=31536000, public
X-Amz-Cf-Pop: ZRH50-C1
X-Robots-Tag: nofollow
Content-Length: 16470
X-Amz-Cf-Id: t8gQfnJFpYAazoFvWDsRMQHULY1i3PQ67cEDmr-f5XHrWjQTQnTqvA==
Expires: Mon, 18 Apr 2022 07:46:40 GMT

GET
H3-29 200 sdk.js Show response
connect.facebook.net/en_US/ 218 KB
65 KB 22ms
10ms Script
application/x-javascript 2a03:2880:f03d:1c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=c7708844a2a7da4c0c30b33a55608b77&ua=modern_es6

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f03d:1c:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

120892938457bac6b762c5cba9bb3c2b0bc8a778ec4c387b01f499f6383765d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Origin: https://www.tmj4.com
Referer: https://www.tmj4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: elS6Q+u9KrpwcZLVb+WYVw==
cross-origin-resource-policy: cross-origin
expires: Sun, 24 Apr 2022 12:34:57 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 66022
x-fb-rlafr: 0
x-fb-debug: DpDg5+iVNskPthdW0+gRm9sTEsr7LzylFdks0Rd4u5pMvOJBlZlrECCROOfGtrIpXdCLBlxFF1vP7v/rwT9DgQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: f3b46c6176222118e33a2df8894ba34a
date: Sat, 24 Apr 2021 15:00:21 GMT
x-frame-options: DENY
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "44c8059d3eb5823d418ffb0be347a6a5"
timing-allow-origin: *
priority: u=3,i
access-control-expose-headers: X-FB-Content-MD5

GET
H2 206 robots.txt
t.skimresources.com/api/v2/ Frame A774 0
102 B 39ms
17ms Image
text/plain 35.201.67.47
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.skimresources.com/api/v2/robots.txt?__skimjs_preflight__please_ignore__=true&rnd=0.8973215125913554
Requested by: Host: www.tmj4.com
URL: https://www.tmj4.com/news/coronavirus/wisconsins-extended-safer-at-home-order-relaxes-restrictions-on-non-essential-businesses
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.67.47 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 47.67.201.35.bc.googleusercontent.com
Software: Python/3.7 aiohttp/3.5.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 15:00:21 GMT
via: 1.1 google
server: Python/3.7 aiohttp/3.5.4
alt-svc: clear
content-length: 0
content-type: text/plain charset=UTF-8

GET
H2 200 px.gif
p.skimresources.com/ 43 B
244 B 33ms
16ms Image
image/gif 35.190.91.160
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.skimresources.com/px.gif?ch=1&rn=3.2209140517470134
Requested by: Host: www.tmj4.com
URL: https://www.tmj4.com/news/coronavirus/wisconsins-extended-safer-at-home-order-relaxes-restrictions-on-non-essential-businesses
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.91.160 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 160.91.190.35.bc.googleusercontent.com
Software: Skimlinks Pixel 1.0 /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: https://www.tmj4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 15:00:21 GMT
via: 1.1 google
server: Skimlinks Pixel 1.0
p3p: policyref="http://skimlinks.com/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
alt-svc: clear
content-length: 43
content-type: image/gif

GET
H2 200 px.gif
p.skimresources.com/ 43 B
102 B 33ms
16ms Image
image/gif 35.190.91.160
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.skimresources.com/px.gif?ch=2&rn=3.2209140517470134
Requested by: Host: www.tmj4.com
URL: https://www.tmj4.com/news/coronavirus/wisconsins-extended-safer-at-home-order-relaxes-restrictions-on-non-essential-businesses
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.91.160 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 160.91.190.35.bc.googleusercontent.com
Software: Skimlinks Pixel 1.0 /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: https://www.tmj4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 15:00:21 GMT
via: 1.1 google
server: Skimlinks Pixel 1.0
p3p: policyref="http://skimlinks.com/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
alt-svc: clear
content-length: 43
content-type: image/gif

GET
H2 200 put.html Show response
widgets.outbrain.com/nanoWidget/externals/cookie/ Frame 3199 416 B
799 B 35ms
33ms Document
text/html 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/externals/cookie/put.html
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 4f3b933077b738b503f7543ffc82fa0a061f0fe7d0ff1470865fde561a324bcc

Request headers

:method: GET
:authority: widgets.outbrain.com
:scheme: https
:path: /nanoWidget/externals/cookie/put.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.tmj4.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.tmj4.com/

Response headers

accept-ranges: bytes
content-type: text/html
etag: "c0311cf15c21ddda054005e92fad3f9e:1619081948.322689"
last-modified: Thu, 22 Apr 2021 08:35:23 GMT
server: AkamaiNetStorage
content-length: 416
cache-control: max-age=345600
date: Sat, 24 Apr 2021 15:00:21 GMT
timing-allow-origin: * *
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
set-cookie: akacd_widgets_routing=1619276421~rv=43~id=3e3a56d7ed34ad1e47136f8dca38546f; path=/; Expires=Sat, 24 Apr 2021 15:00:21 GMT; Secure; SameSite=None

GET
H/1.1 200
OK d3d3LnRtajQuY29t Show response
tcheck.outbrainimg.com/tcheck/check/ 15 B
462 B 29ms
11ms XHR
application/json 2.18.232.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tcheck.outbrainimg.com/tcheck/check/d3d3LnRtajQuY29t
Requested by: Host: d25dfknw9ghxs6.cloudfront.net
URL: https://d25dfknw9ghxs6.cloudfront.net/scsp.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-28.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 39d160e97e2bea07b0cf1c647259ffa4f0bd07069dba4e6c19a22d38b408510f

Request headers

Referer: https://www.tmj4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 24 Apr 2021 15:00:21 GMT
ETag: W/"f-ayLlCL3PuzXSThdu78iReSEjl6Y"
Access-Control-Max-Age: 43200
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=42329
Access-Control-Allow-Credentials: false
Connection: keep-alive
X-TraceId: 14d2b83787fad1991ea8135feba1e45b
Content-Length: 15
Expires: Sun, 25 Apr 2021 02:45:50 GMT

GET
H2 200 px.gif
widget-pixels.outbrain.com/widget/detect/ 43 B
451 B 28ms
27ms Image
image/gif 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widget-pixels.outbrain.com/widget/detect/px.gif?ch=1&rn=8.832989387253075
Requested by: Host: www.tmj4.com
URL: https://www.tmj4.com/news/coronavirus/wisconsins-extended-safer-at-home-order-relaxes-restrictions-on-non-essential-businesses
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.tmj4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 15:00:21 GMT
last-modified: Wed, 30 Sep 2020 14:22:29 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1601475749.911431"
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 43
expires: Mon, 24 May 2021 15:00:21 GMT

GET
H2 200 yi.js Show response
mb.moatads.com/ 2 KB
2 KB 106ms
38ms Script
text/html 3.11.4.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mb.moatads.com/yi.js?ud=undefined&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8D4Sq_GVK61%5Dml%22ZzTm!ja8V%22%3BU%5DDTg%7Df%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5tWhX%3C%3Ce%24%26~1%3Axkr%2BUe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3Ft%40yUtKC&th=3321063859&tf=nMzjG---CSa7H-XSSptC-j7VIQD-xFQTS-nMzjG-&vi=111111&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=00&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.tmj4.com%2Fnews%2Fcoronavirus%2Fwisconsins-extended-safer-at-home-order-relaxes-restrictions-on-non-essential-businesses&confidence=2&pcode=crackedscrippsdfpprebidheader262014341684&callback=MoatNadoAllJsonpRequest_14032934
Requested by: Host: sejs.moatads.com
URL: https://sejs.moatads.com/crackedscrippsdfpprebidheader262014341684/yi.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.11.4.3 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-11-4-3.eu-west-2.compute.amazonaws.com
Software: TornadoServer/4.5.3 /
Resource Hash: f6d28ce81ea894ee02fa55889d2fba70e61f61dbc60250c8b2f3d7297dba6372

Request headers

Referer: https://www.tmj4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 15:00:21 GMT
cache-control: max-age=900
server: TornadoServer/4.5.3
timing-allow-origin: *
etag: "3497608b509b1e37dd265d825668fe8502e9c187"
content-length: 1549
content-type: text/html; charset=UTF-8

OPTIONS
H2 200 /
api.ewscloud.com/prod/scheduler/v1/com.tmj4/schedules/current/ Frame 0
0 215ms
123ms Preflight
application/json 143.204.245.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.ewscloud.com/prod/scheduler/v1/com.tmj4/schedules/current/?type=web
Protocol: H2
Server: 143.204.245.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-245-11.cph50.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization
Origin: https://www.tmj4.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

content-type: application/json
content-length: 0
date: Sat, 24 Apr 2021 15:00:21 GMT
x-amzn-requestid: daae5312-8ab4-44c2-86aa-9bba3bbed4d7
access-control-allow-origin: *
access-control-allow-headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
x-amz-apigw-id: eSzU6G_VIAMFUPA=
access-control-allow-methods: GET,OPTIONS
x-amzn-trace-id: Root=1-60843285-7324013b2432af4e1ddf02f0
x-cache: Miss from cloudfront
via: 1.1 7c587fa0463f61b130aff5ca04c29170.cloudfront.net (CloudFront)
x-amz-cf-pop: CPH50-C1
x-amz-cf-id: VPWyhaL8ErEdQSVBXXVvbC7lSV7d_UxZ4ngwdKyETph90IGvGDmeLw==

GET
H/1.1 200
OK Cookie set weather Show response
www.tmj4.com/ 112 KB
113 KB 421ms
421ms Fetch
application/json 13.224.95.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tmj4.com/weather?_renderer=json
Requested by: Host: ewscripps.brightspotcdn.com
URL: https://ewscripps.brightspotcdn.com/resource/00000178-eb24-d424-adfc-efad9ac60000/styleguide/All.min.2f9624d512372d25bc9ce2c3f2c34682.gz.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.95.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-95-126.zrh50.r.cloudfront.net
Software: Apache-Coyote/1.1 / Brightspot
Resource Hash: 2e905b3a493c6d9c62737e1ece3bc83ea52ffdb0f8574dddf815ae1d5cbcebcd

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.tmj4.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: empty
Referer: https://www.tmj4.com/news/coronavirus/wisconsins-extended-safer-at-home-order-relaxes-restrictions-on-non-essential-businesses
Cookie: JSESSIONID=9E5279EF0FC7C733F35DE3D4757D8128
Connection: keep-alive
Referer: https://www.tmj4.com/news/coronavirus/wisconsins-extended-safer-at-home-order-relaxes-restrictions-on-non-essential-businesses
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 24 Apr 2021 15:00:21 GMT
Via: 1.1 792f70324a941726ce7e749514e6fc3c.cloudfront.net (CloudFront)
Server: Apache-Coyote/1.1
X-Amz-Cf-Pop: ZRH50-C1
X-Powered-By: Brightspot
Transfer-Encoding: chunked
X-Cache: Miss from cloudfront
Content-Type: application/json;charset=UTF-8
Set-Cookie: JSESSIONID=3FCE6E8492BE7917C25026F17AD3D239; Path=/; HttpOnly
Cache-Control: max-age=240
Connection: keep-alive
X-Robots-Tag: nofollow
X-Amz-Cf-Id: hPtRkiN6rBrd_FTvGF5YT1blobaGxes68s4QWBvIH6ZFjl9JJFhqMQ==

GET
H/1.1 200
OK Cookie set breaking-news-alerts Show response
www.tmj4.com/ 65 KB
65 KB 282ms
253ms Fetch
application/json 13.224.95.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tmj4.com/breaking-news-alerts?_renderer=json
Requested by: Host: ewscripps.brightspotcdn.com
URL: https://ewscripps.brightspotcdn.com/resource/00000178-eb24-d424-adfc-efad9ac60000/styleguide/All.min.2f9624d512372d25bc9ce2c3f2c34682.gz.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.95.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-95-126.zrh50.r.cloudfront.net
Software: Apache-Coyote/1.1 / Brightspot
Resource Hash: 4e3b3a51d01b3e6681c50739023e564c6055cb419a1f8ea257ec7b743c46a003

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.tmj4.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: empty
Referer: https://www.tmj4.com/news/coronavirus/wisconsins-extended-safer-at-home-order-relaxes-restrictions-on-non-essential-businesses
Cookie: JSESSIONID=9E5279EF0FC7C733F35DE3D4757D8128
Connection: keep-alive
Referer: https://www.tmj4.com/news/coronavirus/wisconsins-extended-safer-at-home-order-relaxes-restrictions-on-non-essential-businesses
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 24 Apr 2021 15:00:21 GMT
Via: 1.1 c07945b00aad28e34fbfebb3d3907061.cloudfront.net (CloudFront)
Server: Apache-Coyote/1.1
X-Amz-Cf-Pop: ZRH50-C1
X-Powered-By: Brightspot
Transfer-Encoding: chunked
X-Cache: Miss from cloudfront
Content-Type: application/json;charset=UTF-8
Set-Cookie: JSESSIONID=F2B304B7DFCF89D3F59C19C117DFA3EE; Path=/; HttpOnly
Cache-Control: max-age=240
Connection: keep-alive
X-Robots-Tag: nofollow
X-Amz-Cf-Id: hJyfcg1DlWOuo708Tq01kzb_bfX_16cEGx5gqAf7bnKdfSxY4z8Ocw==

GET
H/1.1 200
OK Cookie set alerts Show response
www.tmj4.com/weather/ 73 KB
74 KB 1270ms
1242ms Fetch
application/json 13.224.95.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tmj4.com/weather/alerts?_renderer=json
Requested by: Host: ewscripps.brightspotcdn.com
URL: https://ewscripps.brightspotcdn.com/resource/00000178-eb24-d424-adfc-efad9ac60000/styleguide/All.min.2f9624d512372d25bc9ce2c3f2c34682.gz.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.95.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-95-126.zrh50.r.cloudfront.net
Software: Apache-Coyote/1.1 / Brightspot
Resource Hash: 2c0d8f53c22e1fc0296c1954cb303af90746030b70136effa16c76bb1947c397

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.tmj4.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: empty
Referer: https://www.tmj4.com/news/coronavirus/wisconsins-extended-safer-at-home-order-relaxes-restrictions-on-non-essential-businesses
Cookie: JSESSIONID=9E5279EF0FC7C733F35DE3D4757D8128
Connection: keep-alive
Referer: https://www.tmj4.com/news/coronavirus/wisconsins-extended-safer-at-home-order-relaxes-restrictions-on-non-essential-businesses
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 24 Apr 2021 15:00:22 GMT
Via: 1.1 e6b325a976b10aa826ec63757afbdedb.cloudfront.net (CloudFront)
Server: Apache-Coyote/1.1
X-Amz-Cf-Pop: ZRH50-C1
X-Powered-By: Brightspot
Transfer-Encoding: chunked
X-Cache: Miss from cloudfront
Content-Type: application/json;charset=UTF-8
Set-Cookie: JSESSIONID=CF0C272A86B55FB1BE603D0174A184E4; Path=/; HttpOnly
Cache-Control: max-age=240
Connection: keep-alive
X-Robots-Tag: nofollow
X-Amz-Cf-Id: J__x3_QKmKwZ6ISdd-1ieyPp0qtb0uGiO7m8iHlJPF9d7P-8cKtg-w==

GET
H/1.1 200
OK Cookie set school-closings-delays Show response
www.tmj4.com/weather/ 70 KB
70 KB 316ms
283ms Fetch
application/json 13.224.95.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tmj4.com/weather/school-closings-delays?_renderer=json
Requested by: Host: ewscripps.brightspotcdn.com
URL: https://ewscripps.brightspotcdn.com/resource/00000178-eb24-d424-adfc-efad9ac60000/styleguide/All.min.2f9624d512372d25bc9ce2c3f2c34682.gz.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.95.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-95-126.zrh50.r.cloudfront.net
Software: Apache-Coyote/1.1 / Brightspot
Resource Hash: d9dc7cc0bfcc9ed47707ecb3ebbcc2cb724265af8bd0cfe18bbfb01597a5636d

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.tmj4.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: empty
Referer: https://www.tmj4.com/news/coronavirus/wisconsins-extended-safer-at-home-order-relaxes-restrictions-on-non-essential-businesses
Cookie: JSESSIONID=9E5279EF0FC7C733F35DE3D4757D8128
Connection: keep-alive
Referer: https://www.tmj4.com/news/coronavirus/wisconsins-extended-safer-at-home-order-relaxes-restrictions-on-non-essential-businesses
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 24 Apr 2021 15:00:21 GMT
Via: 1.1 d7147e532e5cf73689fcb39fa760bcf3.cloudfront.net (CloudFront)
Server: Apache-Coyote/1.1
X-Amz-Cf-Pop: ZRH50-C1
X-Powered-By: Brightspot
Transfer-Encoding: chunked
X-Cache: Miss from cloudfront
Content-Type: application/json;charset=UTF-8
Set-Cookie: JSESSIONID=C0A049F164E6A64E26DBEBB2CAD990AE; Path=/; HttpOnly
Cache-Control: max-age=240
Connection: keep-alive
X-Robots-Tag: nofollow
X-Amz-Cf-Id: _bBsjWxjKgJSvWxVtL91h0UUFYRH3T9I4zjD0WmQswWqVvLvpNNj_w==

GET
H2 200 / Show response
api.ewscloud.com/prod/scheduler/v1/com.tmj4/schedules/current/ 2 KB
2 KB 304ms
304ms Fetch
application/json 143.204.245.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.ewscloud.com/prod/scheduler/v1/com.tmj4/schedules/current/?type=web
Requested by: Host: ewscripps.brightspotcdn.com
URL: https://ewscripps.brightspotcdn.com/resource/00000178-eb24-d424-adfc-efad9ac60000/styleguide/All.min.2f9624d512372d25bc9ce2c3f2c34682.gz.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.245.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-245-11.cph50.r.cloudfront.net
Software: /
Resource Hash: 749b2850aeb0e6162d4e695799798d29341ce9acbbeef7db71bee11e17dc3636

Request headers

Authorization: Token bc22df1e0efb4dcb53f2438a4b71da118f05788c
Referer: https://www.tmj4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 15:00:22 GMT
via: 1.1 7c587fa0463f61b130aff5ca04c29170.cloudfront.net (CloudFront)
x-amz-cf-pop: CPH50-C1
x-amzn-requestid: df6a58ba-18c8-40cd-935b-8252e3db7749
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
x-amzn-trace-id: Root=1-60843286-20c25d5756d5240b5677c4ea
x-amz-apigw-id: eSzU9E5KIAMFkXQ=
content-length: 1578
x-amz-cf-id: DZT5jEfXAzU-gN5qyneT-Iewflvxg1R9MA2MzYRy5KRKNWb5693frA==

GET
H/1.1 200
OK videoIframe.html Show response
assets.scrippsdigital.com/cms/ Frame AF08 8 KB
8 KB 15ms
15ms Document
text/html 13.224.95.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.scrippsdigital.com/cms/videoIframe.html?&host=www.tmj4.com&title=Safer%20at%20Home%20order%20changes&kw=new%20guidelines%2Ccoronavirus%20milwaukee%20county%2Cextension%2CLocal%20business%2CMay%2026%2Cwhat%20places%20in%20wisconsin%20have%20coronavirus%2Cmilwaukee%20coronavirus%2Cbegins%2Crestaurants%20still%20open%2Ccoronaviurs%20wisconsin&autoplay=true&m3u8=https://content.uplynk.com/0741bce3458e4705a7a2e69ec4920c82.m3u8&mp4=https://x-default-stgec.uplynk.com/ausw/slices/074/44c3f81cadf84cf5a6f4e6d100388208/0741bce3458e4705a7a2e69ec4920c82/0741bce3458e4705a7a2e69ec4920c82_g.mp4&purl=/news/coronavirus/wisconsins-extended-safer-at-home-order-relaxes-restrictions-on-non-essential-businesses&dtrack=1&story=1&contplay=*recent&mute=1&tags=Homepage%20Showcase%2CLocal%20News%2CCoronavirus&cust_params=temp%3D%26weather%3D&s=tmj4
Requested by: Host: ewscripps.brightspotcdn.com
URL: https://ewscripps.brightspotcdn.com/resource/00000178-eb24-d424-adfc-efad9ac60000/styleguide/All.min.2f9624d512372d25bc9ce2c3f2c34682.gz.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.95.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-95-61.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 425f48810738e2e4a59f1432f8b66a0b895f4e91d8988154289e453f1499d2a9

Request headers

Host: assets.scrippsdigital.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.tmj4.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.tmj4.com/

Response headers

Content-Type: text/html
Content-Length: 7686
Connection: keep-alive
x-amz-replication-status: COMPLETED
Last-Modified: Thu, 10 Sep 2020 15:48:03 GMT
x-amz-version-id: Nnjjxuvz4pfxoe8A6Je2kzBw2JpmWg8D
Accept-Ranges: bytes
Server: AmazonS3
Date: Sat, 24 Apr 2021 01:19:13 GMT
ETag: "495b2629f59eb04dd769ccf3fc03b986"
X-Cache: Hit from cloudfront
Via: 1.1 0c476b4e93e7b13a5f68b185a8e9753c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: ZRH50-C1
X-Amz-Cf-Id: 2aQe96AcrzEEJ0uTfTj0QlKJbhe5giCAY2JNbqAX3BcUu2CGSNINzQ==
Age: 49269

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 30ms
9ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&t=1619276421514&de=619847336786&d=CRACKED_SCRIPPS_DFP_PREBID_HEADER1%3ADesktop%3A-%3A-&i=YIELD_INTELLIGENCE_INTERNAL1&ar=31f9dba90d7-clean&iw=07d6456&zMoatRendered=0&zMoatSlotTargetingLoaded=0&zMoatSlotTargetingSet=0&zMoatPageDataTargetingSet=0&zMoatSafetyTargetingSet=0&zMoatEmptySlot=0&zMoatNadoDataLoadTime=Not%20Loaded&zMoatAllDataLoadTime=Not%20Loaded&bo=tmj4.com&bd=tmj4.com%2Fnews%2Fcoronavirus%2Fwisconsins-extended-safer-at-home-order-relaxes-restrictions-on-non-essential-businesses&ac=1&bq=11&f=0&na=328180693&cs=0
Requested by: Host: www.tmj4.com
URL: https://www.tmj4.com/news/coronavirus/wisconsins-extended-safer-at-home-order-relaxes-restrictions-on-non-essential-businesses
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.tmj4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Apr 2021 15:00:21 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Sat, 24 Apr 2021 15:00:21 GMT

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 97ms
31ms XHR
application/javascript 143.204.247.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: d25dfknw9ghxs6.cloudfront.net
URL: https://d25dfknw9ghxs6.cloudfront.net/scsp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.247.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-247-127.cph50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Referer: https://www.tmj4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: eEYYOb32LZFr6yGAi8hXG4401uAIPew2
content-encoding: gzip
etag: W/"a4d296427fc806b21335359e398c025c"
age: 23969
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Wed, 07 Apr 2021 05:49:36 GMT
server: AmazonS3
date: Sat, 24 Apr 2021 12:59:00 GMT
vary: Origin
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 0326fbaba639f5673ce3c647a7884df0.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: CPH50-C1
x-amz-cf-id: f6Viuz3xbOQoLiJcghVfFN1ewFPGmUlfCBfnII1RmW9ftG6nCQ_Qpw==

POST
H2

200

/ Show response
r.skimresources.com/api/
Redirect Chain

https://r.skimresources.com/api/
https://r.skimresources.com/api/?xguid=01F426APGR662DW2712QQGJNRK&persistence=1&checksum=161592de8f7a1d789494327d2b08a35285c708fe539066c4f065a2d39035ab66

173 B
485 B

30ms
30ms

XHR
application/json

35.190.59.101
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r.skimresources.com/api/?xguid=01F426APGR662DW2712QQGJNRK&persistence=1&checksum=161592de8f7a1d789494327d2b08a35285c708fe539066c4f065a2d39035ab66

Requested by

Host: www.tmj4.com
URL: https://www.tmj4.com/news/coronavirus/wisconsins-extended-safer-at-home-order-relaxes-restrictions-on-non-essential-businesses

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.59.101 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

101.59.190.35.bc.googleusercontent.com

Software

openresty/1.11.2.5 /

Resource Hash

b25958853b22bed60f3f024d71487e43b310f90b777eeea9519f9d4b4d7d5894

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.tmj4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 15:00:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: openresty/1.11.2.5
strict-transport-security: max-age=31536000
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: https://www.tmj4.com
vary: Accept-Encoding
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
via: 1.1 google

Redirect headers

date: Sat, 24 Apr 2021 15:00:21 GMT
via: 1.1 google
server: openresty/1.11.2.5
access-control-allow-origin: https://www.tmj4.com
strict-transport-security: max-age=31536000
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
location: https://r.skimresources.com/api/?xguid=01F426APGR662DW2712QQGJNRK&persistence=1&checksum=161592de8f7a1d789494327d2b08a35285c708fe539066c4f065a2d39035ab66
access-control-allow-credentials: true
content-type: text/html
alt-svc: clear
content-length: 193

GET
H3-29

200

activityi;dc_pre=CKuiod-Sl_ACFdaFgwcdK2kPmg;src=4394967;type=wtmj;cat=pc_tt0;ord=7697026444491;gtm=2wg4e1;auiddc=1046780366.1619276422;u1=Coronavirus;u2=Wisconsin's%20extended%20Safer%20at%20Home%2... Show response
4394967.fls.doubleclick.net/ Frame 5A14
Redirect Chain

https://4394967.fls.doubleclick.net/activityi;src=4394967;type=wtmj;cat=pc_tt0;ord=7697026444491;gtm=2wg4e1;auiddc=1046780366.1619276422;u1=Coronavirus;u2=Wisconsin's%20extended%20Safer%20at%20Home...
https://4394967.fls.doubleclick.net/activityi;dc_pre=CKuiod-Sl_ACFdaFgwcdK2kPmg;src=4394967;type=wtmj;cat=pc_tt0;ord=7697026444491;gtm=2wg4e1;auiddc=1046780366.1619276422;u1=Coronavirus;u2=Wisconsi...

716 B
524 B

36ms
21ms

Document
text/html

142.250.185.166
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://4394967.fls.doubleclick.net/activityi;dc_pre=CKuiod-Sl_ACFdaFgwcdK2kPmg;src=4394967;type=wtmj;cat=pc_tt0;ord=7697026444491;gtm=2wg4e1;auiddc=1046780366.1619276422;u1=Coronavirus;u2=Wisconsin's%20extended%20Safer%20at%20Home%20order%20relaxes%20restrictions%20on%20non-essential%20businesses;~oref=https%3A%2F%2Fwww.tmj4.com%2Fnews%2Fcoronavirus%2Fwisconsins-extended-safer-at-home-order-relaxes-restrictions-on-non-essential-businesses?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KZVQWL

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f6.1e100.net

Software

cafe /

Resource Hash

f3501358874a785e40a5c5137d83bedd3295664e0b6e7363b6357d3a92b9876d

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 4394967.fls.doubleclick.net
:scheme: https
:path: /activityi;dc_pre=CKuiod-Sl_ACFdaFgwcdK2kPmg;src=4394967;type=wtmj;cat=pc_tt0;ord=7697026444491;gtm=2wg4e1;auiddc=1046780366.1619276422;u1=Coronavirus;u2=Wisconsin's%20extended%20Safer%20at%20Home%20order%20relaxes%20restrictions%20on%20non-essential%20businesses;~oref=https%3A%2F%2Fwww.tmj4.com%2Fnews%2Fcoronavirus%2Fwisconsins-extended-safer-at-home-order-relaxes-restrictions-on-non-essential-businesses?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.tmj4.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: about:blank

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 24 Apr 2021 15:00:21 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 499
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 24-Apr-2021 15:15:21 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 24 Apr 2021 15:00:21 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://4394967.fls.doubleclick.net/activityi;dc_pre=CKuiod-Sl_ACFdaFgwcdK2kPmg;src=4394967;type=wtmj;cat=pc_tt0;ord=7697026444491;gtm=2wg4e1;auiddc=1046780366.1619276422;u1=Coronavirus;u2=Wisconsin's%20extended%20Safer%20at%20Home%20order%20relaxes%20restrictions%20on%20non-essential%20businesses;~oref=https%3A%2F%2Fwww.tmj4.com%2Fnews%2Fcoronavirus%2Fwisconsins-extended-safer-at-home-order-relaxes-restrictions-on-non-essential-businesses?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 quant.js Show response
secure.quantserve.com/ 23 KB
9 KB 30ms
9ms Script
application/javascript 2620:116:800d:21:5a23:9c4e:e774:96c1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: www.tmj4.com
URL: https://www.tmj4.com/news/coronavirus/wisconsins-extended-safer-at-home-order-relaxes-restrictions-on-non-essential-businesses
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:5a23:9c4e:e774:96c1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 8000d797097e74bfff377d2f3fca7e046ee4490ea4edb70c2c0b189575847629

Request headers

Referer: https://www.tmj4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 15:00:21 GMT
content-encoding: gzip
etag: "9iaPKZLFg6XYoMRMhilE8g=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
expires: Sat, 01 May 2021 15:00:21 GMT

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 1 KB
2 KB 106ms
34ms Script
application/javascript 143.204.245.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: www.tmj4.com
URL: https://www.tmj4.com/news/coronavirus/wisconsins-extended-safer-at-home-order-relaxes-restrictions-on-non-essential-businesses
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.245.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-245-38.cph50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer: https://www.tmj4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 14:50:46 GMT
via: 1.1 a2ff850ccdde2a6d47a8ef587e8cb536.cloudfront.net (CloudFront)
etag: "1827f116c73f319409b97f10b8a58ade"
last-modified: Fri, 26 Feb 2021 14:35:05 GMT
server: AmazonS3
age: 2217
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: CPH50-C1
accept-ranges: bytes
content-length: 1469
x-amz-cf-id: ZZzjTfTlKALw5Yq8Bc4Tqk8VYL58JV8QWx8GtrkOIjAmdKsvGuTnxA==

GET
H/1.1 200
OK uz_til_us.js Show response
cdn5.userzoom.com/trueintent/js/ 47 KB
12 KB 69ms
11ms Script
application/x-javascript 209.197.3.16
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn5.userzoom.com/trueintent/js/uz_til_us.js?cuid=D42D89CC6BCDE41180C90050569444FB

Requested by

Host: www.tmj4.com
URL: https://www.tmj4.com/news/coronavirus/wisconsins-extended-safer-at-home-order-relaxes-restrictions-on-non-essential-businesses

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

209.197.3.16 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

vip0x010.map2.ssl.hwcdn.net

Software

Resource Hash

56bae8ed4c1cd2eb42fcb7b26752e478880806f7229ee1b9103653e3d279d15e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.tmj4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 24 Apr 2021 15:00:21 GMT
Content-Encoding: gzip
Last-Modified: Thu, 22 Apr 2021 12:19:00 GMT
ETag: "1619093940"
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-HW: 1619276421.dop019.fr8.t,1619276421.cds005.fr8.shn,1619276421.dop019.fr8.t,1619276421.cds266.fr8.c
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=10
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 12128

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 9ms
6ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KZVQWL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.tmj4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 4788
date: Sat, 24 Apr 2021 13:40:33 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19569
expires: Sat, 24 Apr 2021 15:40:33 GMT

GET
H2 200 load_tags.js Show response
pymx5.com/scripts/ 9 KB
9 KB 45ms
8ms Script
application/javascript 35.227.203.93
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pymx5.com/scripts/load_tags.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KZVQWL
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.203.93 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 492f490d3a8cae053f8ab9f525210cfcd792987a02d65783aa81ce4edf926fa2

Request headers

Referer: https://www.tmj4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 14:03:56 GMT
age: 3385
x-guploader-uploadid: ABg5-UxKX07Di10fGRYKJgI6T6XvdpwwuKDCtG0MRly0ER4YPS6aYKH9aZSq3SIDi_7_nEjlUoI9Sov2LfzyI9qwKk3jYdZZCA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: clear
content-length: 8946
last-modified: Mon, 30 Nov 2020 10:13:10 GMT
server: UploadServer
etag: "f6b06694767e707999eecbe9538b403a"
x-goog-hash: crc32c=xz4nKQ==, md5=9rBmlHZ+cHmZ7svpU4tAOg==
x-goog-generation: 1606731190093338
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 8946
accept-ranges: bytes
content-type: application/javascript
expires: Sat, 24 Apr 2021 15:03:56 GMT

GET
H2 200 placement_invocation Show response
ob.cheqzone.com/ 49 KB
20 KB 50ms
13ms Script
text/javascript 185.59.220.199
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to

Full URL: https://ob.cheqzone.com/placement_invocation?id=65349&idx=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.59.220.199 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
Software: BunnyCDN-DE1-722 /
Resource Hash: 4f65c38ed3681b49cf4f86c0e1fcd4143fa78015121b20e69e11c1c422dd0bfa

Request headers

Referer: https://www.tmj4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 15:00:21 GMT
content-encoding: br
cdn-edgestorageid: 632
cdn-cachedat: 2021-04-24 15:46:59
cdn-pullzone: 62714
cheq_headers_order: Content-Type Cache-Control Expires Etag Date Connection Content-Length
server: BunnyCDN-DE1-722
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cdn-cache: HIT
cdn-uid: 2642aeaf-0ebf-4c43-9f87-c153981605b2
cache-control: public, max-age=43200
cdn-requestid: 0dd88717d43111f884d5726c8dea2a79
cdn-requestcountrycode: DE
cdn-requestpullsuccess: True

GET
H2 200 log
hblg.media.net/ 35 B
194 B 27ms
17ms Image
image/gif 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hblg.media.net/log?logid=kfk&evtid=flog&itype=HB&abte=SSP_CLIENT_gcp_w&adbd=0&adt=desktop&cid=8CU6Q6626&ct=FRANKFURT&cc=DE&ugd=4&app=0&pht=1200&pid=8PRL4E7N3&dn=tmj4.com&servname=rtb-nv-dcos-ssp-10-6-37-122-20132&sd=1&svr=042211_229_042211_95_ssp&sc=HE&version=4&vh=1200&vw=1600&vsid=&vid=00001619276421717014019432969386&sspAbBucket=CONTROL&npa=0&lw=1&dapp=green&rtype=&gdpr_enf=1&csex=0&gdfstr=Y-N&gdpr=1&csstr=&tcf_cmp=&tcf_status=&tcf_prp=&suc=0&usp_enf=1&usp_status=0&usp_ldf=&usp_string=&ufca=-1&coppa_status=&coppa_applied=&gfundl=700&gtd=&inid=&ngfundl=1000&rdl=700&id_details=&a=0&r=209&lper=1&pc=&requrl=https%3A%2F%2Fwww.tmj4.com%2Fnews%2Fcoronavirus%2Fwisconsins-extended-safer-at-home-order-relaxes-restrictions-on-non-essential-businesses&kwrf=
Requested by: Host: www.tmj4.com
URL: https://www.tmj4.com/news/coronavirus/wisconsins-extended-safer-at-home-order-relaxes-restrictions-on-non-essential-businesses
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-93.deploy.static.akamaitechnologies.com
Software: Jetty(9.4.35.v20201120) /
Resource Hash: 796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

Referer: https://www.tmj4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Apr 2021 15:00:21 GMT
server: Jetty(9.4.35.v20201120)
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
content-length: 35
expires: Sat, 24 Apr 2021 15:00:21 GMT

GET
H2 200 rules-p-cfh7-Kj7hw4Cs.js Show response
rules.quantcount.com/ 1 KB
1 KB 99ms
32ms Script
application/x-javascript 2600:9000:215d:a600:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-cfh7-Kj7hw4Cs.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:215d:a600:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f2dcd9cd8327f9a74903074baf5a2af793df8d8a706c220e2ab4516e775596eb

Request headers

Referer: https://www.tmj4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 14:36:00 GMT
content-encoding: gzip
last-modified: Wed, 30 Aug 2017 16:19:22 GMT
server: AmazonS3
age: 1707
etag: W/"021b7e04f30cea21812673c831b1b679"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 cfdd20e60ffbfd2a5f3d8cc3027d54fb.cloudfront.net (CloudFront)
cache-control: max-age=3600
x-amz-cf-pop: CPH50-C1
x-amz-cf-id: wQ5H0rLw4-2a-ljiLgZSey_tpgtuW7-gKg2Vgyr7F7urHriWLLbUiw==

GET
H3-29 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
882 B 14ms
14ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tmj4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 14:36:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
age: 1437
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 859
x-xss-protection: 0
expires: Sat, 24 Apr 2021 15:36:24 GMT

GET
H2 200 test.html Show response
widgets.outbrain.com/nanoWidget/externals/cookie/ Frame 3199 610 B
990 B 15ms
14ms Document
text/html 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/externals/cookie/test.html
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/cookie/put.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 6139e1fc0d3709eebbe2b18510cf24361b9f8a538c3529a73c282bafe6c78474

Request headers

:method: GET
:authority: widgets.outbrain.com
:scheme: https
:path: /nanoWidget/externals/cookie/test.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://widgets.outbrain.com/nanoWidget/externals/cookie/put.html
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: thirdparty=yes
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://widgets.outbrain.com/nanoWidget/externals/cookie/put.html

Response headers

accept-ranges: bytes
content-type: text/html
etag: "48053d50141031b1511dbd30f9a31288:1619081949.048117"
last-modified: Thu, 22 Apr 2021 08:35:23 GMT
server: AkamaiNetStorage
content-length: 610
cache-control: max-age=345600
date: Sat, 24 Apr 2021 15:00:21 GMT
timing-allow-origin: * *
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
set-cookie: akacd_widgets_routing=1619276421~rv=6~id=fc1dc20fbab0f08b3493006e405ae66e; path=/; Expires=Sat, 24 Apr 2021 15:00:21 GMT; Secure; SameSite=None

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/ Frame AF08 23 KB
5 KB 16ms
15ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/font-awesome.min.css

Requested by

Host: assets.scrippsdigital.com
URL: https://assets.scrippsdigital.com/cms/videoIframe.html?&host=www.tmj4.com&title=Safer%20at%20Home%20order%20changes&kw=new%20guidelines%2Ccoronavirus%20milwaukee%20county%2Cextension%2CLocal%20business%2CMay%2026%2Cwhat%20places%20in%20wisconsin%20have%20coronavirus%2Cmilwaukee%20coronavirus%2Cbegins%2Crestaurants%20still%20open%2Ccoronaviurs%20wisconsin&autoplay=true&m3u8=https://content.uplynk.com/0741bce3458e4705a7a2e69ec4920c82.m3u8&mp4=https://x-default-stgec.uplynk.com/ausw/slices/074/44c3f81cadf84cf5a6f4e6d100388208/0741bce3458e4705a7a2e69ec4920c82/0741bce3458e4705a7a2e69ec4920c82_g.mp4&purl=/news/coronavirus/wisconsins-extended-safer-at-home-order-relaxes-restrictions-on-non-essential-businesses&dtrack=1&story=1&contplay=*recent&mute=1&tags=Homepage%20Showcase%2CLocal%20News%2CCoronavirus&cust_params=temp%3D%26weather%3D&s=tmj4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://assets.scrippsdigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 15:00:21 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 632, 617
age: 2829503
cdn-cachedat: 2021-03-11 11:57:55
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09a5fe72db000098140eaf3000000001
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: a9f1136dc57a7605179530d5ffb85493
cf-ray: 645033649a099814-FRA
cdn-requestcountrycode: DE
cdn-requestpullsuccess: True

GET
H2 200 jquery-1.12.1.min.js Show response
code.jquery.com/ Frame AF08 95 KB
33 KB 26ms
8ms Script
application/javascript 2001:4de0:ac18::1:a:2a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-1.12.1.min.js
Requested by: Host: assets.scrippsdigital.com
URL: https://assets.scrippsdigital.com/cms/videoIframe.html?&host=www.tmj4.com&title=Safer%20at%20Home%20order%20changes&kw=new%20guidelines%2Ccoronavirus%20milwaukee%20county%2Cextension%2CLocal%20business%2CMay%2026%2Cwhat%20places%20in%20wisconsin%20have%20coronavirus%2Cmilwaukee%20coronavirus%2Cbegins%2Crestaurants%20still%20open%2Ccoronaviurs%20wisconsin&autoplay=true&m3u8=https://content.uplynk.com/0741bce3458e4705a7a2e69ec4920c82.m3u8&mp4=https://x-default-stgec.uplynk.com/ausw/slices/074/44c3f81cadf84cf5a6f4e6d100388208/0741bce3458e4705a7a2e69ec4920c82/0741bce3458e4705a7a2e69ec4920c82_g.mp4&purl=/news/coronavirus/wisconsins-extended-safer-at-home-order-relaxes-restrictions-on-non-essential-businesses&dtrack=1&story=1&contplay=*recent&mute=1&tags=Homepage%20Showcase%2CLocal%20News%2CCoronavirus&cust_params=temp%3D%26weather%3D&s=tmj4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:2a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 2359d383bf2d4ab65ebf7923bdf74ce40e4093f6e58251b395a64034b3c39772

Request headers

Referer: https://assets.scrippsdigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 15:00:21 GMT
content-encoding: gzip
last-modified: Mon, 22 Feb 2016 19:07:54 GMT
server: nginx
etag: W/"56cb5c8a-17c7b"
vary: Accept-Encoding
x-hw: 1619276421.dop202.fr8.t,1619276421.cds240.fr8.hn,1619276421.cds160.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 33838

GET
H/1.1 200
OK ScrippsEmbeddedVideoIframe.js Show response
assets.scrippsdigital.com/cms/js/ Frame AF08 68 KB
21 KB 14ms
13ms Script
application/javascript 13.224.95.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.scrippsdigital.com/cms/js/ScrippsEmbeddedVideoIframe.js?v=09102020
Requested by: Host: assets.scrippsdigital.com
URL: https://assets.scrippsdigital.com/cms/videoIframe.html?&host=www.tmj4.com&title=Safer%20at%20Home%20order%20changes&kw=new%20guidelines%2Ccoronavirus%20milwaukee%20county%2Cextension%2CLocal%20business%2CMay%2026%2Cwhat%20places%20in%20wisconsin%20have%20coronavirus%2Cmilwaukee%20coronavirus%2Cbegins%2Crestaurants%20still%20open%2Ccoronaviurs%20wisconsin&autoplay=true&m3u8=https://content.uplynk.com/0741bce3458e4705a7a2e69ec4920c82.m3u8&mp4=https://x-default-stgec.uplynk.com/ausw/slices/074/44c3f81cadf84cf5a6f4e6d100388208/0741bce3458e4705a7a2e69ec4920c82/0741bce3458e4705a7a2e69ec4920c82_g.mp4&purl=/news/coronavirus/wisconsins-extended-safer-at-home-order-relaxes-restrictions-on-non-essential-businesses&dtrack=1&story=1&contplay=*recent&mute=1&tags=Homepage%20Showcase%2CLocal%20News%2CCoronavirus&cust_params=temp%3D%26weather%3D&s=tmj4
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.95.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-95-61.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e9af5c2ca5d3fbdc490a787ad1d25fde4916a7526b97f6f911c7f99c5475300f

Request headers

Referer: https://assets.scrippsdigital.com/cms/videoIframe.html?&host=www.tmj4.com&title=Safer%20at%20Home%20order%20changes&kw=new%20guidelines%2Ccoronavirus%20milwaukee%20county%2Cextension%2CLocal%20business%2CMay%2026%2Cwhat%20places%20in%20wisconsin%20have%20coronavirus%2Cmilwaukee%20coronavirus%2Cbegins%2Crestaurants%20still%20open%2Ccoronaviurs%20wisconsin&autoplay=true&m3u8=https://content.uplynk.com/0741bce3458e4705a7a2e69ec4920c82.m3u8&mp4=https://x-default-stgec.uplynk.com/ausw/slices/074/44c3f81cadf84cf5a6f4e6d100388208/0741bce3458e4705a7a2e69ec4920c82/0741bce3458e4705a7a2e69ec4920c82_g.mp4&purl=/news/coronavirus/wisconsins-extended-safer-at-home-order-relaxes-restrictions-on-non-essential-businesses&dtrack=1&story=1&contplay=*recent&mute=1&tags=Homepage%20Showcase%2CLocal%20News%2CCoronavirus&cust_params=temp%3D%26weather%3D&s=tmj4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 23 Apr 2021 19:22:23 GMT
Content-Encoding: gzip
Age: 70679
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
Connection: keep-alive
Last-Modified: Mon, 19 Apr 2021 17:59:48 GMT
Server: AmazonS3
ETag: W/"e15d3a1e889fc47043ffd68eb7e548c7"
Vary: Accept-Encoding
x-amz-version-id: 6OfPaQTyuHJYYOfh6NYJaEtCiXhxs6bA
Via: 1.1 0c476b4e93e7b13a5f68b185a8e9753c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: ZRH50-C1
Content-Type: application/javascript
X-Amz-Cf-Id: HhHhLBLOljBpNZCCcQNZjg9Rr5fK4GJwAkO3enoPHE_A0P-wuphVUw==

GET
H/1.1 200
OK voc.js Show response
cdn5.userzoom.com/voc/files/3D9698FA3649E61180CC0050569444FB/ 8 B
500 B 9ms
8ms Script
application/x-javascript 209.197.3.16
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn5.userzoom.com/voc/files/3D9698FA3649E61180CC0050569444FB/voc.js

Requested by

Host: cdn5.userzoom.com
URL: https://cdn5.userzoom.com/trueintent/js/uz_til_us.js?cuid=D42D89CC6BCDE41180C90050569444FB

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

209.197.3.16 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

vip0x010.map2.ssl.hwcdn.net

Software

Resource Hash

88e071a02a5adf92b172da587c1d4469a2984108aa6d90ab042f2887859d053e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.tmj4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 24 Apr 2021 15:00:21 GMT
Content-Encoding: gzip
Last-Modified: Sun, 18 Apr 2021 01:26:28 GMT
ETag: "1618709188"
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-HW: 1619276421.dop019.fr8.t,1619276421.cds005.fr8.shn,1619276421.dop019.fr8.t,1619276421.cds248.fr8.c
Content-Type: application/x-javascript; charset=utf-16
Cache-Control: public, max-age=10
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 28

GET
H2 200 show_pla Show response
obs.cheqzone.com/ 3 KB
2 KB 293ms
104ms Script
text/javascript 2600:1f18:e8a:cd10:3bb7:12f:ec6a:dc8a
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://obs.cheqzone.com/show_pla?id=65349&url=https%3A%2F%2Fwww.tmj4.com%2Fnews%2Fcoronavirus%2Fwisconsins-extended-safer-at-home-order-relaxes-restrictions-on-non-essential-businesses&sf=0&k=&idx=0&ch=&ext=&np=linux%20x86_64&nv=google%20inc.&rand=049098526630212907295562385972070452869910891991890553226911702107&nc=0&tsf=0&tsfmi=&pv=0&cb=1619276422024&ref=&pit=1&hl=2&op=0&fs=1600x1200&ss=1600x1200&pre=0&jsonp=OBR.extern.onCheqResponse&mr=&ag=2826626440&at=&bid=e30%3D&di=W1siZWYiLDM3OTNdLFsxMiwie1wiZVwiOjAsXCJ3Z2xcIjoxfSJdLFstMSwiLSJdLFstMiwiMTUs%0D%0AWEh4ZzFqMHpFbEFRd0oxUUVja3Z6b3ZiY0FJWlNFRWpBaEpJUVFCd2dsOUY0Q0JBZ1FXZ2lkMExI%0D%0AQkJlT0dqYnZYM3FZeU02Lyt2enZTN0dvWEd3aC8rYk1samJUeWFvN09QZiJdLFstMywiW10iXSxb%0D%0ALTQsIi0iXSxbLTUsIi0iXSxbLTYsIntcIndcIjpbXCIwXCIsXCJjb3JlXCIsXCJfX2NvcmUtanNf%0D%0Ac2hhcmVkX19cIixcImdsb2JhbFwiLFwiU3lzdGVtXCIsXCJhc2FwXCIsXCJPYnNlcnZhYmxlXCIs%0D%0AXCJzZXRJbW1lZGlhdGVcIixcImNsZWFySW1tZWRpYXRlXCIsXCJyZWdlbmVyYXRvclJ1bnRpbWVc%0D%0AIixcIl9iYWJlbFBvbHlmaWxsXCIsXCJTY3JpcHBzQWRMaWJcIixcImRheXNTaW5jZVB1Ymxpc2hl%0D%0AZFwiLFwiZGF0ZVB1Ymxpc2hlZFwiLFwicHVibGlzaGVkVGltZVwiLFwibW9kaWZpZWRUaW1lXCIs%0D%0AXCJnZXRDb29raWVcIixcImd0bU9ialwiLFwiY2FsbExldHRlcnNcIixcImpzVGFnc1wiLFwianNQ%0D%0AdWJsaXNoRGF0ZVwiLFwianNVcGRhdGVEYXRlXCIsXCJqc0lzQnJlYWtpbmdcIixcImpzSXNBbGVy%0D%0AdFwiLFwianNBdXRob3JzXCIsXCJqc0hhc1ZpZGVvXCIsXCJqc1NlY3Rpb25cIixcImpzUGFnZVR5%0D%0AcGVcIixcImpzRGlzYWJsZVByZXJvbGxBZHNcIixcImpzRGlzYWJsZURpc3BsYXlBZHNcIixcImpz%0D%0ARGlzYWJsZUlubGluZVZpZGVvQWRzXCIsXCJqc0ZuYW1lXCIsXCJkYXRhTGF5ZXJcIixcIl9feHNo%0D%0AanJ5aGRoamt1ZWhkXCIsXCJkZGxzXCIsXCJhZHNPblBhZ2VcIixcIklTX0NNU1wiLFwiQWREZWJ1%0D%0AZ2dlclwiLFwiU2NyaXBwc1V0aWxzXCIsXCJTdGlja3lSaWdodFJhaWxcIixcInNVc2VySHViXCIs%0D%0AXCJBZFRhcmdldGluZ1BhcmFtc1wiLFwiRHluYW1pY1RhcmdldGluZ1BhcmFtc1wiLFwiU2NyaXBw%0D%0Ac091dHN0cmVhbVBsYXllclwiLFwiU2NyaXBwc0Fkc0xpYlwiLFwiSW1hZ2VMYXp5TG9hZFwiLFwi%0D%0AZ29vZ2xldGFnXCIsXCJtb2F0WWllbGRSZWFkeVwiLFwiYXBzdGFnXCIsXCJhZHZCaWR4Y1wiXSxc%0D%0AIm5cIjpbXSxcImRcIjpbXX0iXSxbLTcsIi0iXSxbLTgsIi0iXSxbLTksIi0iXSxbLTEwLCItIl0s%0D%0AWy0xMSwie1widFwiOlwiXCIsXCJtXCI6W1wiZGVzY3JpcHRpb25cIixcImtleXdvcmRzXCIsXCJv%0D%0AZzp0aXRsZVwiLFwib2c6ZGVzY3JpcHRpb25cIixcInR3aXR0ZXI6ZGVzY3JpcHRpb25cIixcInR3%0D%0AaXR0ZXI6dGl0bGVcIixcIm9nOmRlc2NyaXB0aW9uXCIsXCJkZXNjcmlwdGlvblwiLFwicGFyc2Vs%0D%0AeS10aXRsZVwiXX0iXSxbLTEyLCJudWxsIl0sWy0xMywiLSJdLFstMTQsIntcIm9cIjowLjAwNTEw%0D%0AMjA0MDgxNjMyNjUzfSJdLFstMTUsIi0iXSxbLTE2LCIwIl0sWy0xNywiMTYiXSxbLTE4LCJbMCww%0D%0ALDAsMV0iXSxbLTE5LCJbMCwwLDAsMCwwLDAsMSwyNCwyNCxcIi1cIiwxNjAwLDEyMDAsMTYwMCwx%0D%0AMjAwLDE2MDAsMTIwMCwxNjAwLDEyMDAsMCwwLDAsMCxcIi1cIixcIi1cIl0iXSxbLTIwLCIyMTA4%0D%0AMjIyOTg0LjE2MTkyNzY0MjIiXSxbLTIxLCJpY2VBWGZUNiJdLFstMjIsIltcIm5cIixcIm5cIl0i%0D%0AXSxbLTIzLCIrIl0sWy0yNCwiW10iXSxbLTI1LCItIl0sWy0yNiwie1widGpoc1wiOjE4MjAwMDAw%0D%0ALFwidWpoc1wiOjE1MjAwMDAwLFwiamhzbFwiOjM3NjAwMDAwMDB9Il0sWy0yNywiWzAsMTAsMCxc%0D%0AIjRnXCIsbnVsbF0iXSxbLTI4LCJlbi1VUyJdLFstMjksIntcInZcIjpbMiwyLDIsMiwwLDAsMCwy%0D%0ALDAsMiwwLDIsMCwwLDIsMiwyLDIsMF19Il0sWy0zMCwiW1widlwiLDBdIl0sWy0zMSwidHJ1ZSJd%0D%0ALFstMzIsIjIiXSxbLTMzLCItIl0sWy0zNCwiLSJdLFstMzUsIlsxNjE5Mjc2NDIxOTAzLC0yXSJd%0D%0ALFstMzYsIltcIjQvM1wiLFwiNC8zXCJdIl0sWy0zNywiLSJdLFstMzgsImksLTEsLTEsMCwwLDEs%0D%0AMCwzMCwyOCwyMzEsMzU5LDAsNjI2LjAxLDYyNi4wMSwxMTUyLDExNTMiXSxbLTM5LCJbXCIyMDAz%0D%0AMDEwN1wiLDAsXCJHZWNrb1wiLFwiTmV0c2NhcGVcIixcIk1vemlsbGFcIixudWxsLG51bGwsdHJ1%0D%0AZSw4LGZhbHNlLG51bGwsMF0iXSxbLTQwLCIzMyJdLFstNDEsIi0iXSxbLTQyLCIxNzI0Mjk3NjUz%0D%0AIl0sWy00MywiMDAwMDAwMDEwMDAwMDAwMDAwMTExMDExMDAiXSxbLTQ0LCIwLDAsMCw1Il0sWy00%0D%0ANSwiNjIwLDAsMCwwLDAsMCw3NjIsMCw2NDgsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAs%0D%0AMCwwLDAsMCwwLDAsMCwwIl0sWy00NiwiMCJdLFstNDcsIkV1cm9wZS9CZXJsaW4sZW4tVVMsbGF0%0D%0AbixncmVnb3J5Il0sWy00OCwiMCwwIl0sWy00OSwiLSJdLFsiYm5jaCIsMTY1XV0%3D&tsfu=&fst=1600x1200&dep=0&cpos=%5B%7B%22x%22%3A325%2C%22y%22%3A3682%2C%22w%22%3A610%2C%22h%22%3A0%7D%2C%7B%22w%22%3A1600%2C%22h%22%3A1200%7D%5D&ver=41&cri=y3jYPN6NYc&sdd=%7B%7D&pto=1276
Requested by: Host: ob.cheqzone.com
URL: https://ob.cheqzone.com/placement_invocation?id=65349&idx=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2600:1f18:e8a:cd10:3bb7:12f:ec6a:dc8a Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: 1109c8eee8360d25c3736e2fefd75ba3b29d6feca4370f0c96db9ae88c26886c

Request headers

Referer: https://www.tmj4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Apr 2021 15:00:22 GMT
content-encoding: gzip
content-type: text/javascript
cache-control: no-cache, no-store, must-revalidate
cheq_headers_order: Set-Cookie Content-Type Cache-Control Pragma Expires Content-Length Content-Encoding Date Connection
content-length: 1660
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 connatix.playspace.css
cds.connatix.com/p/114867/ 102 KB
14 KB 7ms
7ms Stylesheet
text/css 151.101.14.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.connatix.com/p/114867/connatix.playspace.css
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.14.137 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 522fc3437f63d9dea2d5a213f29ebb8bdf15483e9863c61db235cec4cadeedc2

Request headers

Referer: https://www.tmj4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 15:00:22 GMT
content-encoding: br
last-modified: Fri, 23 Apr 2021 19:40:44 GMT
age: 69446
etag: "5f3dfbc82ccaae8710c9757f1e8d353c"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 14309

GET
H2 200 claro.css
js.arcgis.com/3.36/dijit/themes/claro/ Frame BE7A 135 KB
15 KB 106ms
38ms Stylesheet
text/css 13.33.139.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.arcgis.com/3.36/dijit/themes/claro/claro.css

Requested by

Host: www.arcgis.com
URL: https://www.arcgis.com/apps/opsdashboard/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.33.139.113 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-33-139-113.cph50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

8186902052c6aad7092970d4cdb2e61bf0c9878f42c05dba58ff0f2b18dadaaa

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=6307200

Request headers

Referer: https://www.arcgis.com/apps/opsdashboard/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Apr 2021 19:50:25 GMT
content-encoding: br
age: 68998
x-cache: Hit from cloudfront
access-control-max-age: 3000
content-length: 14697
access-control-allow-origin: *
last-modified: Thu, 22 Apr 2021 04:41:42 GMT
server: AmazonS3
etag: "e4589f75ace40ff709bbb2bfaf083cac"
strict-transport-security: max-age=6307200
access-control-allow-methods: HEAD, GET
x-amz-version-id: KZbjj_2rz_nDlzvEiJMv1E2qGqV28Osg
via: 1.1 3b78d7f6f4659eac59b9364313823247.cloudfront.net (CloudFront)
cache-control: max-age=86400
content-security-policy: upgrade-insecure-requests
x-amz-cf-pop: CPH50-C2
content-type: text/css
x-amz-cf-id: RuYoQMlBL0B8rF0nBAR6vQJYV8c8r8xfw2NFfPkS4BRSXZs8tsOD3w==

GET
H2 200 esri.css
js.arcgis.com/3.36/esri/css/ Frame BE7A 640 KB
155 KB 106ms
38ms Stylesheet
text/css 13.33.139.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.arcgis.com/3.36/esri/css/esri.css

Requested by

Host: www.arcgis.com
URL: https://www.arcgis.com/apps/opsdashboard/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.33.139.113 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-33-139-113.cph50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

7bb367be2e371b37129fa9d71ef2504b76df0730545cced82ef97086e198fd76

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=6307200

Request headers

Referer: https://www.arcgis.com/apps/opsdashboard/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: tyOLx2ftlLlUqHIgQaq64soK1PQ1s5ZP
content-encoding: br
etag: "357a8912e543341c6e6893e8f2e62334"
age: 36879
x-cache: Hit from cloudfront
access-control-max-age: 3000
content-length: 157870
access-control-allow-origin: *
last-modified: Thu, 22 Apr 2021 04:42:20 GMT
server: AmazonS3
date: Sat, 24 Apr 2021 04:45:50 GMT
strict-transport-security: max-age=6307200
access-control-allow-methods: HEAD, GET
content-type: text/css
via: 1.1 3b78d7f6f4659eac59b9364313823247.cloudfront.net (CloudFront)
cache-control: max-age=86400
content-security-policy: upgrade-insecure-requests
x-amz-cf-pop: CPH50-C2
x-amz-cf-id: nh3WmMESDeLR_QcrTZ9fVifqzaIxlUhUC4KGR8R1B8YqWnCFWYADlg==

GET
H2 200 vendor-cd320a47cf3e277e4a55fc99d7ff1519.css
www.arcgis.com/apps/opsdashboard/assets/ Frame BE7A 13 KB
3 KB 105ms
103ms Stylesheet
text/css 18.234.22.28
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.arcgis.com/apps/opsdashboard/assets/vendor-cd320a47cf3e277e4a55fc99d7ff1519.css

Requested by

Host: www.arcgis.com
URL: https://www.arcgis.com/apps/opsdashboard/index.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.234.22.28 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-234-22-28.compute-1.amazonaws.com

Software

AmazonS3 /

Resource Hash

7d34a992dba48b7a2ae6893d726bd86360ba678d137ef7d31e746fcfd4de03fc

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://www.arcgis.com/apps/opsdashboard/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 15:00:22 GMT
content-encoding: br
last-modified: Tue, 15 Dec 2020 04:44:52 GMT
server: AmazonS3
etag: "dfaec924d1412b054c9ec704d06681fe"
strict-transport-security: max-age=63072000
content-type: text/css
cache-control: max-age=1800
content-security-policy: upgrade-insecure-requests
link: <https://www.arcgis.com/apps/opsdashboard/assets/vendor-cd320a47cf3e277e4a55fc99d7ff1519.css>; rel="canonical"
content-length: 2214
x-cached: HIT

GET
H2 200 app-light-5ed0e2bb193abeae6bc320ed581e8a3a.css
www.arcgis.com/apps/opsdashboard/assets/ Frame BE7A 271 KB
31 KB 194ms
192ms Stylesheet
text/css 18.234.22.28
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.arcgis.com/apps/opsdashboard/assets/app-light-5ed0e2bb193abeae6bc320ed581e8a3a.css

Requested by

Host: www.arcgis.com
URL: https://www.arcgis.com/apps/opsdashboard/index.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.234.22.28 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-234-22-28.compute-1.amazonaws.com

Software

AmazonS3 /

Resource Hash

c3358d4ece0875b468d1f3cca15c7a9cddd82c4e8b6a825a0ed1deb088013fc1

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://www.arcgis.com/apps/opsdashboard/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 15:00:22 GMT
content-encoding: br
last-modified: Tue, 15 Dec 2020 04:44:30 GMT
server: AmazonS3
etag: "95d95f6dbe35da1969696a2b164c3aca"
strict-transport-security: max-age=63072000
content-type: text/css
cache-control: max-age=1800
content-security-policy: upgrade-insecure-requests
link: <https://www.arcgis.com/apps/opsdashboard/assets/app-light-5ed0e2bb193abeae6bc320ed581e8a3a.css>; rel="canonical"
content-length: 31290
x-cached: HIT

GET
H2 200 amd-config-d7fb343ed4b24bea0f132a1d0bbc7dbb.js Show response
www.arcgis.com/apps/opsdashboard/assets/ Frame BE7A 1 KB
720 B 104ms
103ms Script
application/javascript 18.234.22.28
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.arcgis.com/apps/opsdashboard/assets/amd-config-d7fb343ed4b24bea0f132a1d0bbc7dbb.js

Requested by

Host: www.arcgis.com
URL: https://www.arcgis.com/apps/opsdashboard/index.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.234.22.28 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-234-22-28.compute-1.amazonaws.com

Software

AmazonS3 /

Resource Hash

8314a990a5fb9dcdd342c7c8fda368167056d55ab3e48224d6c0eb5af555e363

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://www.arcgis.com/apps/opsdashboard/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 15:00:22 GMT
content-encoding: br
last-modified: Tue, 15 Dec 2020 04:44:30 GMT
server: AmazonS3
etag: "875afba2949c7e051ce4ab059cbed31a"
strict-transport-security: max-age=63072000
content-type: application/javascript
cache-control: max-age=1800
content-security-policy: upgrade-insecure-requests
link: <https://www.arcgis.com/apps/opsdashboard/assets/amd-config-d7fb343ed4b24bea0f132a1d0bbc7dbb.js>; rel="canonical"
content-length: 359
x-cached: HIT

GET
H2 200 init.js Show response
js.arcgis.com/3.36/ Frame BE7A 2 MB
365 KB 105ms
38ms Script
application/javascript 13.33.139.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.arcgis.com/3.36/init.js

Requested by

Host: www.arcgis.com
URL: https://www.arcgis.com/apps/opsdashboard/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.33.139.113 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-33-139-113.cph50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

c3b0517ae016f5bafd0663854c828542a43daac1430c0cffd6a8c78e0bf15fe3

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=6307200

Request headers

Referer: https://www.arcgis.com/apps/opsdashboard/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: msgHvkOb2ddysiEJquGBjn5GHbDho74q
content-encoding: br
etag: "4f68105d4e7bb45922280ed5c28b04da"
age: 49762
x-cache: Hit from cloudfront
access-control-max-age: 3000
content-length: 372906
access-control-allow-origin: *
last-modified: Thu, 22 Apr 2021 04:43:30 GMT
server: AmazonS3
date: Sat, 24 Apr 2021 04:45:50 GMT
strict-transport-security: max-age=6307200
access-control-allow-methods: HEAD, GET
content-type: application/javascript
via: 1.1 3b78d7f6f4659eac59b9364313823247.cloudfront.net (CloudFront)
cache-control: max-age=86400
content-security-policy: upgrade-insecure-requests
x-amz-cf-pop: CPH50-C2
x-amz-cf-id: Dtvbdz_Rx1UqcGfkqny2myAZ3mmFbNbOwkEMX97N6alOjf24cTsvag==

GET
H2 200 amd-loading-02cbfb85f129b9c95536fe053a9457cb.js Show response
www.arcgis.com/apps/opsdashboard/assets/ Frame BE7A 4 KB
2 KB 196ms
196ms Script
application/javascript 18.234.22.28
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.arcgis.com/apps/opsdashboard/assets/amd-loading-02cbfb85f129b9c95536fe053a9457cb.js

Requested by

Host: www.arcgis.com
URL: https://www.arcgis.com/apps/opsdashboard/index.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.234.22.28 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-234-22-28.compute-1.amazonaws.com

Software

AmazonS3 /

Resource Hash

5a5c7b2868f83cd1ffdd6f2102c55e0bfbfee025fb56aa42ef94c977b2286951

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://www.arcgis.com/apps/opsdashboard/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 15:00:22 GMT
content-encoding: br
last-modified: Wed, 14 Apr 2021 02:56:13 GMT
server: AmazonS3
etag: "ba4000f70191ab8f176b89fee25f3043"
strict-transport-security: max-age=63072000
content-type: application/javascript
cache-control: max-age=1800
content-security-policy: upgrade-insecure-requests
link: <https://www.arcgis.com/apps/opsdashboard/assets/amd-loading-02cbfb85f129b9c95536fe053a9457cb.js>; rel="canonical"
content-length: 1182
x-cached: HIT

GET
H2

200

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=6036471&ns__t=1619276422131&ns_c=UTF-8&cv=3.5&c8=Wisconsin%27s%20extended%20Safer%20at%20Home%20order%20relaxes%20restrictions%20on%20non-essential%20busi...
https://sb.scorecardresearch.com/b2?c1=2&c2=6036471&ns__t=1619276422131&ns_c=UTF-8&cv=3.5&c8=Wisconsin%27s%20extended%20Safer%20at%20Home%20order%20relaxes%20restrictions%20on%20non-essential%20bus...

64 B
331 B

49ms
49ms

Image
image/gif

143.204.245.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=6036471&ns__t=1619276422131&ns_c=UTF-8&cv=3.5&c8=Wisconsin%27s%20extended%20Safer%20at%20Home%20order%20relaxes%20restrictions%20on%20non-essential%20businesses&c7=https%3A%2F%2Fwww.tmj4.com%2Fnews%2Fcoronavirus%2Fwisconsins-extended-safer-at-home-order-relaxes-restrictions-on-non-essential-businesses&c9=
Requested by: Host: www.tmj4.com
URL: https://www.tmj4.com/news/coronavirus/wisconsins-extended-safer-at-home-order-relaxes-restrictions-on-non-essential-businesses
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.245.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-245-38.cph50.r.cloudfront.net
Software: /
Resource Hash: 831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Referer: https://www.tmj4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 15:00:22 GMT
via: 1.1 a2ff850ccdde2a6d47a8ef587e8cb536.cloudfront.net (CloudFront)
x-amz-cf-pop: CPH50-C1
etag: W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache: Miss from cloudfront
content-type: image/gif; charset=utf-8
content-length: 64
x-amz-cf-id: VV1NkaGCPnpHz4bc1y3QZzPtdPRBI77UsmviIAvzhtZG-kIQHlmGkA==

Redirect headers

date: Sat, 24 Apr 2021 15:00:22 GMT
via: 1.1 a2ff850ccdde2a6d47a8ef587e8cb536.cloudfront.net (CloudFront)
x-amz-cf-pop: CPH50-C1
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://sb.scorecardresearch.com/b2?c1=2&c2=6036471&ns__t=1619276422131&ns_c=UTF-8&cv=3.5&c8=Wisconsin's%20extended%20Safer%20at%20Home%20order%20relaxes%20restrictions%20on%20non-essential%20businesses&c7=https%3A%2F%2Fwww.tmj4.com%2Fnews%2Fcoronavirus%2Fwisconsins-extended-safer-at-home-order-relaxes-restrictions-on-non-essential-businesses&c9=
content-length: 370
x-amz-cf-id: HEh5jNJQy0CBqk4sxqi8yNRaRlxuSD7ni_U4lkQI_u8uYkgmp6ZYPQ==

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 62 KB
21 KB 42ms
15ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.tmj4.com
URL: https://www.tmj4.com/news/coronavirus/wisconsins-extended-safer-at-home-order-relaxes-restrictions-on-non-essential-businesses

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

sffe /

Resource Hash

ad309904b3882d0bc665ba54e6fc9a708e89a6155fdce036c73ab386c80086c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tmj4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 15:00:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "851 / 838 of 1000 / last-modified: 1619215752"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21081
x-xss-protection: 0
expires: Sat, 24 Apr 2021 15:00:22 GMT

GET
H2 200 load_optional_tags Show response
api.pymx5.com/v1/sites/ 0
717 B 151ms
119ms Script
text/html 34.96.74.203
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api.pymx5.com/v1/sites/load_optional_tags

Requested by

Host: pymx5.com
URL: https://pymx5.com/scripts/load_tags.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.96.74.203 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

nginx/1.13.7 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.tmj4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 15:00:22 GMT
via: 1.1 google
server: nginx/1.13.7
x-frame-options: SAMEORIGIN
allow: GET, HEAD, OPTIONS
content-type: text/html; charset=utf-8
alt-svc: clear
content-length: 0

GET
H2 200 dc_pre=CKuiod-Sl_ACFdaFgwcdK2kPmg;src=4394967;type=wtmj;cat=pc_tt0;ord=7697026444491;gtm=2wg4e1;auiddc=1046780366.1619276422;u1=Coronavirus;u2=Wisconsin's%20extended%20Safer%20at%20Home%20order%20r... Show response
adservice.google.com/ddm/fls/i/ Frame 8CCC 715 B
972 B 63ms
42ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/dc_pre=CKuiod-Sl_ACFdaFgwcdK2kPmg;src=4394967;type=wtmj;cat=pc_tt0;ord=7697026444491;gtm=2wg4e1;auiddc=1046780366.1619276422;u1=Coronavirus;u2=Wisconsin's%20extended%20Safer%20at%20Home%20order%20relaxes%20restrictions%20on%20non-essential%20businesses;~oref=https%3A%2F%2Fwww.tmj4.com%2Fnews%2Fcoronavirus%2Fwisconsins-extended-safer-at-home-order-relaxes-restrictions-on-non-essential-businesses

Requested by

Host: 4394967.fls.doubleclick.net
URL: https://4394967.fls.doubleclick.net/activityi;dc_pre=CKuiod-Sl_ACFdaFgwcdK2kPmg;src=4394967;type=wtmj;cat=pc_tt0;ord=7697026444491;gtm=2wg4e1;auiddc=1046780366.1619276422;u1=Coronavirus;u2=Wisconsin's%20extended%20Safer%20at%20Home%20order%20relaxes%20restrictions%20on%20non-essential%20businesses;~oref=https%3A%2F%2Fwww.tmj4.com%2Fnews%2Fcoronavirus%2Fwisconsins-extended-safer-at-home-order-relaxes-restrictions-on-non-essential-businesses?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0bfa9232e799a5ceb61b8494b43dcb279071e855079a664a6e5ac22247aa2407

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: adservice.google.com
:scheme: https
:path: /ddm/fls/i/dc_pre=CKuiod-Sl_ACFdaFgwcdK2kPmg;src=4394967;type=wtmj;cat=pc_tt0;ord=7697026444491;gtm=2wg4e1;auiddc=1046780366.1619276422;u1=Coronavirus;u2=Wisconsin's%20extended%20Safer%20at%20Home%20order%20relaxes%20restrictions%20on%20non-essential%20businesses;~oref=https%3A%2F%2Fwww.tmj4.com%2Fnews%2Fcoronavirus%2Fwisconsins-extended-safer-at-home-order-relaxes-restrictions-on-non-essential-businesses
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://4394967.fls.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://4394967.fls.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 24 Apr 2021 15:00:22 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 499
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ Frame AF08 119 KB
31 KB 39ms
38ms Script
application/javascript 143.204.247.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: assets.scrippsdigital.com
URL: https://assets.scrippsdigital.com/cms/videoIframe.html?&host=www.tmj4.com&title=Safer%20at%20Home%20order%20changes&kw=new%20guidelines%2Ccoronavirus%20milwaukee%20county%2Cextension%2CLocal%20business%2CMay%2026%2Cwhat%20places%20in%20wisconsin%20have%20coronavirus%2Cmilwaukee%20coronavirus%2Cbegins%2Crestaurants%20still%20open%2Ccoronaviurs%20wisconsin&autoplay=true&m3u8=https://content.uplynk.com/0741bce3458e4705a7a2e69ec4920c82.m3u8&mp4=https://x-default-stgec.uplynk.com/ausw/slices/074/44c3f81cadf84cf5a6f4e6d100388208/0741bce3458e4705a7a2e69ec4920c82/0741bce3458e4705a7a2e69ec4920c82_g.mp4&purl=/news/coronavirus/wisconsins-extended-safer-at-home-order-relaxes-restrictions-on-non-essential-businesses&dtrack=1&story=1&contplay=*recent&mute=1&tags=Homepage%20Showcase%2CLocal%20News%2CCoronavirus&cust_params=temp%3D%26weather%3D&s=tmj4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.247.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-247-127.cph50.r.cloudfront.net
Software: Server /
Resource Hash: 9e5a3984c873d9f7009795b85f0d9bfa38e8f9dddc2309d83556aea4d7ee41a0

Request headers

Referer: https://assets.scrippsdigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 14:54:59 GMT
content-encoding: gzip
server: Server
age: 323
etag: 433bd8b9aebf928ab8f51e43abc531d2
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 cfd12cc4ec21f43f7afaabc9c7275134.cloudfront.net (CloudFront)
cache-control: public, max-age=900
x-amz-cf-pop: CPH50-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-version-id: FUA623DCjlDRvcvJxerHmi4TRUp1BV44
x-amz-cf-id: OCNYS7ojVpK1_EvRW4i6YGr2f7dQ051NcaUKbmzLdzfYyU_TUcfa9A==

GET
H/1.1 200
OK video-js.min.css
assets.scrippsdigital.com/cms/videojs/ Frame AF08 39 KB
14 KB 20ms
19ms Stylesheet
text/css 13.224.95.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.scrippsdigital.com/cms/videojs/video-js.min.css
Requested by: Host: assets.scrippsdigital.com
URL: https://assets.scrippsdigital.com/cms/js/ScrippsEmbeddedVideoIframe.js?v=09102020
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.95.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-95-61.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 39b576e0da6026221c6efaeb013bc44a49c917700427deb40e0d924c2a388492

Request headers

Referer: https://assets.scrippsdigital.com/cms/videoIframe.html?&host=www.tmj4.com&title=Safer%20at%20Home%20order%20changes&kw=new%20guidelines%2Ccoronavirus%20milwaukee%20county%2Cextension%2CLocal%20business%2CMay%2026%2Cwhat%20places%20in%20wisconsin%20have%20coronavirus%2Cmilwaukee%20coronavirus%2Cbegins%2Crestaurants%20still%20open%2Ccoronaviurs%20wisconsin&autoplay=true&m3u8=https://content.uplynk.com/0741bce3458e4705a7a2e69ec4920c82.m3u8&mp4=https://x-default-stgec.uplynk.com/ausw/slices/074/44c3f81cadf84cf5a6f4e6d100388208/0741bce3458e4705a7a2e69ec4920c82/0741bce3458e4705a7a2e69ec4920c82_g.mp4&purl=/news/coronavirus/wisconsins-extended-safer-at-home-order-relaxes-restrictions-on-non-essential-businesses&dtrack=1&story=1&contplay=*recent&mute=1&tags=Homepage%20Showcase%2CLocal%20News%2CCoronavirus&cust_params=temp%3D%26weather%3D&s=tmj4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 18 Apr 2021 16:23:36 GMT
Content-Encoding: gzip
Age: 513407
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
Connection: keep-alive
Last-Modified: Wed, 11 Jul 2018 18:03:46 GMT
Server: AmazonS3
ETag: W/"c0b21543872a45887225ba59f9e1169d"
Vary: Accept-Encoding
x-amz-version-id: 9MDxrCj_cZfQ3o33D8McbYD_U3i1Ldsb
Via: 1.1 0c476b4e93e7b13a5f68b185a8e9753c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: ZRH50-C1
Content-Type: text/css
X-Amz-Cf-Id: ODGMjSQdJZ9s4v7Osvy3gIOS8nWHrmC8QQ3UVCPPUF2b9frNu2kbVQ==

GET
H/1.1 200
OK videojs.ads.ima.min.css
assets.scrippsdigital.com/cms/videojs/ Frame AF08 3 KB
1 KB 38ms
13ms Stylesheet
text/css 13.224.95.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.scrippsdigital.com/cms/videojs/videojs.ads.ima.min.css
Requested by: Host: assets.scrippsdigital.com
URL: https://assets.scrippsdigital.com/cms/js/ScrippsEmbeddedVideoIframe.js?v=09102020
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.95.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-95-61.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9fcd0153277b6a8867e92dd6860d2e2ca51642f521c5c9d83f37bb6df2e27907

Request headers

Referer: https://assets.scrippsdigital.com/cms/videoIframe.html?&host=www.tmj4.com&title=Safer%20at%20Home%20order%20changes&kw=new%20guidelines%2Ccoronavirus%20milwaukee%20county%2Cextension%2CLocal%20business%2CMay%2026%2Cwhat%20places%20in%20wisconsin%20have%20coronavirus%2Cmilwaukee%20coronavirus%2Cbegins%2Crestaurants%20still%20open%2Ccoronaviurs%20wisconsin&autoplay=true&m3u8=https://content.uplynk.com/0741bce3458e4705a7a2e69ec4920c82.m3u8&mp4=https://x-default-stgec.uplynk.com/ausw/slices/074/44c3f81cadf84cf5a6f4e6d100388208/0741bce3458e4705a7a2e69ec4920c82/0741bce3458e4705a7a2e69ec4920c82_g.mp4&purl=/news/coronavirus/wisconsins-extended-safer-at-home-order-relaxes-restrictions-on-non-essential-businesses&dtrack=1&story=1&contplay=*recent&mute=1&tags=Homepage%20Showcase%2CLocal%20News%2CCoronavirus&cust_params=temp%3D%26weather%3D&s=tmj4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 19 Apr 2021 18:41:48 GMT
Content-Encoding: gzip
Age: 418714
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
Connection: keep-alive
Last-Modified: Wed, 10 May 2017 18:04:10 GMT
Server: AmazonS3
ETag: W/"5923635524b18f4a96f5ef2ab3e490b7"
Vary: Accept-Encoding
x-amz-version-id: rrbghb1dXLQoExo3zxyqgHARjFx4uCW5
Via: 1.1 0c476b4e93e7b13a5f68b185a8e9753c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: ZRH50-C1
Content-Type: text/css
X-Amz-Cf-Id: yuG4JrkUeZ-2MQzLmh81GNGnByIEl1j1emlJOU6y0pmlnCsslRGtjQ==

GET
H/1.1 200
OK videojs-combine.js Show response
assets.scrippsdigital.com/cms/videojs/ Frame AF08 429 KB
102 KB 51ms
14ms Script
text/javascript 13.224.95.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.scrippsdigital.com/cms/videojs/videojs-combine.js
Requested by: Host: assets.scrippsdigital.com
URL: https://assets.scrippsdigital.com/cms/js/ScrippsEmbeddedVideoIframe.js?v=09102020
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.95.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-95-61.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7dc95e5b1831ab2871016d3e7119b0c8a1d4176e046e75b77ecc77c61d93dc83

Request headers

Referer: https://assets.scrippsdigital.com/cms/videoIframe.html?&host=www.tmj4.com&title=Safer%20at%20Home%20order%20changes&kw=new%20guidelines%2Ccoronavirus%20milwaukee%20county%2Cextension%2CLocal%20business%2CMay%2026%2Cwhat%20places%20in%20wisconsin%20have%20coronavirus%2Cmilwaukee%20coronavirus%2Cbegins%2Crestaurants%20still%20open%2Ccoronaviurs%20wisconsin&autoplay=true&m3u8=https://content.uplynk.com/0741bce3458e4705a7a2e69ec4920c82.m3u8&mp4=https://x-default-stgec.uplynk.com/ausw/slices/074/44c3f81cadf84cf5a6f4e6d100388208/0741bce3458e4705a7a2e69ec4920c82/0741bce3458e4705a7a2e69ec4920c82_g.mp4&purl=/news/coronavirus/wisconsins-extended-safer-at-home-order-relaxes-restrictions-on-non-essential-businesses&dtrack=1&story=1&contplay=*recent&mute=1&tags=Homepage%20Showcase%2CLocal%20News%2CCoronavirus&cust_params=temp%3D%26weather%3D&s=tmj4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Apr 2021 18:26:23 GMT
Content-Encoding: gzip
Age: 333240
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
Connection: keep-alive
Last-Modified: Fri, 07 Jul 2017 18:39:22 GMT
Server: AmazonS3
ETag: W/"6024c953b699bb3914e376bc24c97d1e"
Vary: Accept-Encoding
x-amz-version-id: KhqY1IhzWPhnRAYmwk.AUZTrSg435ayo
Via: 1.1 a06cb72e779e366fcd004926eacd5b85.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: ZRH50-C1
Content-Type: text/javascript
X-Amz-Cf-Id: 2QSZbO105jZAt5WNYbBcU-BNWuoyuT3oILQGV9Jbxzv7N8CUbX_HwA==

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame AF08 334 KB
115 KB 39ms
15ms Script
text/javascript 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: assets.scrippsdigital.com
URL: https://assets.scrippsdigital.com/cms/js/ScrippsEmbeddedVideoIframe.js?v=09102020

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d25942b7da85bc7cdb258cdb436227b1de7e3a2b50c61f7d7050eff911f88f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://assets.scrippsdigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 15:00:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 117044
x-xss-protection: 0
expires: Sat, 24 Apr 2021 15:00:22 GMT

GET
H/1.1 200
OK videojs.ads.ima.min.js Show response
assets.scrippsdigital.com/cms/videojs/ Frame AF08 35 KB
9 KB 52ms
15ms Script
text/javascript 13.224.95.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.scrippsdigital.com/cms/videojs/videojs.ads.ima.min.js
Requested by: Host: assets.scrippsdigital.com
URL: https://assets.scrippsdigital.com/cms/js/ScrippsEmbeddedVideoIframe.js?v=09102020
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.95.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-95-61.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f0240bee9e6bcfd0f100b50ac6b0be53b78c24d37c33778565e5c3aeac8cdf7c

Request headers

Referer: https://assets.scrippsdigital.com/cms/videoIframe.html?&host=www.tmj4.com&title=Safer%20at%20Home%20order%20changes&kw=new%20guidelines%2Ccoronavirus%20milwaukee%20county%2Cextension%2CLocal%20business%2CMay%2026%2Cwhat%20places%20in%20wisconsin%20have%20coronavirus%2Cmilwaukee%20coronavirus%2Cbegins%2Crestaurants%20still%20open%2Ccoronaviurs%20wisconsin&autoplay=true&m3u8=https://content.uplynk.com/0741bce3458e4705a7a2e69ec4920c82.m3u8&mp4=https://x-default-stgec.uplynk.com/ausw/slices/074/44c3f81cadf84cf5a6f4e6d100388208/0741bce3458e4705a7a2e69ec4920c82/0741bce3458e4705a7a2e69ec4920c82_g.mp4&purl=/news/coronavirus/wisconsins-extended-safer-at-home-order-relaxes-restrictions-on-non-essential-businesses&dtrack=1&story=1&contplay=*recent&mute=1&tags=Homepage%20Showcase%2CLocal%20News%2CCoronavirus&cust_params=temp%3D%26weather%3D&s=tmj4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 22 Apr 2021 15:09:18 GMT
Content-Encoding: gzip
Age: 172265
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
Connection: keep-alive
Last-Modified: Sat, 10 Mar 2018 19:08:19 GMT
Server: AmazonS3
ETag: W/"0b683ccb87d7179c7ae2f381ac303fe5"
Vary: Accept-Encoding
x-amz-version-id: jQfzn06.koBAEnYP4aqwoCwOxd5Soy4z
Via: 1.1 c202f63846a430afd2d556266be8b50c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: ZRH50-C1
Content-Type: text/javascript
X-Amz-Cf-Id: az9N6Wk2KodCfJGLEJlkUz4H3cDVsfrz5W6SUkV0wU3MFElEVPNJEw==

GET
H/1.1 200
OK dwce_cheq_events Show response
log.outbrainimg.com/loggerServices/ 4 B
325 B 361ms
89ms XHR
application/json 64.202.112.159
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: https://log.outbrainimg.com/loggerServices/dwce_cheq_events?timestamp=1619276422215&sessionId=ec6db82c-18b5-41be-9958-9d4c55a5cfa1&url=www.tmj4.com&cheqSource=1&cheqEvent=0&exitReason=3
Requested by: Host: d25dfknw9ghxs6.cloudfront.net
URL: https://d25dfknw9ghxs6.cloudfront.net/scsp.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.159 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

Referer: https://www.tmj4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 24 Apr 2021 15:00:22 GMT
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
X-TraceId: e54864c72cb4388d81ffbbba3e221dad
Content-Length: 4
Expires: 0

GET
H2 200 get Show response
odb.outbrain.com/utils/ 26 KB
7 KB 347ms
323ms Script
text/javascript 151.101.14.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://odb.outbrain.com/utils/get?url=https%3A%2F%2Fwww.tmj4.com%2F%2Fnews%2Fcoronavirus%2Fwisconsins-extended-safer-at-home-order-relaxes-restrictions-on-non-essential-businesses&idx=0&rand=77715&key=NANOWDGT01&widgetJSId=AR_11&va=true&et=true&format=html&pdobuid=-1&adblck=false&abwl=false&clid=ec6db82c-18b5-41be-9958-9d4c55a5cfa1&fdu=www.tmj4.com&px=325&py=3682&vpd=2482&cw=610&settings=true&recs=true&version=2000299&sig=iceAXfT6&apv=false&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpaStat=0&wdr-natlaz=true
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.14.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 6f5263acc03126555b7b6523f5d006e769527f08a8f84ffcc0422f278d411276

Request headers

Referer: https://www.tmj4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 15:00:22 GMT
via: 1.1 varnish, 1.1 varnish
traffic-path: NYDC1, LGA, FRA, Europe1
x-cache: MISS, MISS
p3p: policyref="http://www.outbrain.com/w3c/p3p.xml",CP="NOI NID CURa DEVa TAIa PSAa PSDa OUR IND UNI"
backend-ip: 157.52.117.35
x-cache-hits: 0, 0
x-traceid: 7c979e85c5d493e33cbcc84b613530ea
content-encoding: gzip
content-length: 6439
x-served-by: cache-lga21935-LGA, cache-fra19158-FRA
x-timer: S1619276422.245195,VS0,VE316
vary: Accept-Encoding, User-Agent
content-type: text/javascript; charset=UTF-8
accept-ranges: bytes
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 page Show response
t.skimresources.com/api/v2/ 22 B
338 B 20ms
19ms XHR
application/javascript 35.201.67.47
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://t.skimresources.com/api/v2/page

Requested by

Host: d25dfknw9ghxs6.cloudfront.net
URL: https://d25dfknw9ghxs6.cloudfront.net/scsp.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.201.67.47 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

47.67.201.35.bc.googleusercontent.com

Software

Python/3.7 aiohttp/3.5.4 /

Resource Hash

fcc83a5b6aef86420c1ad553167106df96bd0ff4192ffe52b1647599948edbcf

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.tmj4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: text/plain

Response headers

pragma: no-cache
date: Sat, 24 Apr 2021 15:00:22 GMT
via: 1.1 google
x-content-type-options: nosniff
server: Python/3.7 aiohttp/3.5.4
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/plain; charset=utf-8, application/javascript
access-control-allow-origin: https://www.tmj4.com
cache-control: no-store, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
content-length: 22

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
83 B 15ms
14ms XHR
text/plain 2a00:1450:400c:c00::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-19051957-3&cid=2108222984.1619276422&jid=1548489131&gjid=1012094470&_gid=953076291.1619276422&_u=aHBAgAAjAAAAAE~&z=2012977455

Requested by

Host: d25dfknw9ghxs6.cloudfront.net
URL: https://d25dfknw9ghxs6.cloudfront.net/scsp.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.tmj4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sat, 24 Apr 2021 15:00:22 GMT
content-type: text/plain
access-control-allow-origin: https://www.tmj4.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
67 B 15ms
14ms XHR
text/plain 2a00:1450:400c:c00::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-19051957-29&cid=2108222984.1619276422&jid=1199870004&gjid=719391887&_gid=953076291.1619276422&_u=aHDAiAAjBAAAAE~&z=760129152

Requested by

Host: d25dfknw9ghxs6.cloudfront.net
URL: https://d25dfknw9ghxs6.cloudfront.net/scsp.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.tmj4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sat, 24 Apr 2021 15:00:22 GMT
content-type: text/plain
access-control-allow-origin: https://www.tmj4.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-29 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
22 B 17ms
16ms XHR
text/plain 2a00:1450:400c:c00::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-40066851-1&cid=2108222984.1619276422&jid=1917790492&gjid=1652148099&_gid=953076291.1619276422&_u=aHDAiAAjBAAAAE~&z=1395898245

Requested by

Host: d25dfknw9ghxs6.cloudfront.net
URL: https://d25dfknw9ghxs6.cloudfront.net/scsp.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.tmj4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sat, 24 Apr 2021 15:00:22 GMT
content-type: text/plain
access-control-allow-origin: https://www.tmj4.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 8ms
6ms Image
image/gif 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=1948437090&t=pageview&_s=1&dl=https%3A%2F%2Fwww.tmj4.com%2Fnews%2Fcoronavirus%2Fwisconsins-extended-safer-at-home-order-relaxes-restrictions-on-non-essential-businesses&ul=en-us&de=UTF-8&dt=Wisconsin%27s%20extended%20Safer%20at%20Home%20order%20relaxes%20restrictions%20on%20non-essential%20businesses&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aHBAgAAj~&jid=1548489131&gjid=1012094470&cid=2108222984.1619276422&tid=UA-19051957-3&_gid=953076291.1619276422&gtm=2wg4e1KZVQWL&cd20=2047&cd21=Ryan%20Jenkins&cd22=&cd23=Coronavirus&cd24=Homepage%20Showcase%2CLocal%20News%2CCoronavirus&cd25=false&cd30=&cd31=true&cd33=true&cd34=false&z=836261566

Requested by

Host: www.tmj4.com
URL: https://www.tmj4.com/news/coronavirus/wisconsins-extended-safer-at-home-order-relaxes-restrictions-on-non-essential-businesses

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.tmj4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Apr 2021 05:24:01 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 34581
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 8ms
6ms Image
image/gif 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=1948437090&t=pageview&_s=1&dl=https%3A%2F%2Fwww.tmj4.com%2Fnews%2Fcoronavirus%2Fwisconsins-extended-safer-at-home-order-relaxes-restrictions-on-non-essential-businesses&ul=en-us&de=UTF-8&dt=Wisconsin%27s%20extended%20Safer%20at%20Home%20order%20relaxes%20restrictions%20on%20non-essential%20businesses&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aHDAiAAjBAAAAE~&jid=1199870004&gjid=719391887&cid=2108222984.1619276422&tid=UA-19051957-29&_gid=953076291.1619276422&gtm=2wg4e1KZVQWL&cd20=2047&cd21=Ryan%20Jenkins&cd22=&cd23=Coronavirus&cd24=Homepage%20Showcase%2CLocal%20News%2CCoronavirus&cd25=false&cd30=&cd31=true&cd33=true&z=556172130

Requested by

Host: www.tmj4.com
URL: https://www.tmj4.com/news/coronavirus/wisconsins-extended-safer-at-home-order-relaxes-restrictions-on-non-essential-businesses

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.tmj4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Apr 2021 05:24:01 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 34581
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 9ms
7ms Image
image/gif 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=1948437090&t=pageview&_s=1&dl=https%3A%2F%2Fwww.tmj4.com%2Fnews%2Fcoronavirus%2Fwisconsins-extended-safer-at-home-order-relaxes-restrictions-on-non-essential-businesses&ul=en-us&de=UTF-8&dt=Wisconsin%27s%20extended%20Safer%20at%20Home%20order%20relaxes%20restrictions%20on%20non-essential%20businesses&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aHDAiAAjBAAAAE~&jid=1917790492&gjid=1652148099&cid=2108222984.1619276422&tid=UA-40066851-1&_gid=953076291.1619276422&gtm=2wg4e1KZVQWL&cd20=2047&cd21=Ryan%20Jenkins&cd22=&cd23=Coronavirus&cd24=Homepage%20Showcase%2CLocal%20News%2CCoronavirus&cd25=false&cd30=&cd31=true&cd33=true&cd34=false&z=488569014

Requested by

Host: www.tmj4.com
URL: https://www.tmj4.com/news/coronavirus/wisconsins-extended-safer-at-home-order-relaxes-restrictions-on-non-essential-businesses

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.tmj4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Apr 2021 05:24:01 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 34581
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel;r=2097404815;labels=Cracked.Article%20Title.Wisconsin's%20extended%20Safer%20at%20Home%20order%20relaxes%20restrictions%20on%20non-essential%20businesses;rf=0;a=p-cfh7-Kj7hw4Cs;url=https%3A%2...
pixel.quantserve.com/ 35 B
371 B 14ms
8ms Image
image/gif 2620:116:800d:21:5a23:9c4e:e774:96c1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=2097404815;labels=Cracked.Article%20Title.Wisconsin's%20extended%20Safer%20at%20Home%20order%20relaxes%20restrictions%20on%20non-essential%20businesses;rf=0;a=p-cfh7-Kj7hw4Cs;url=https%3A%2F%2Fwww.tmj4.com%2Fnews%2Fcoronavirus%2Fwisconsins-extended-safer-at-home-order-relaxes-restrictions-on-non-essential-businesses;uht=2;fpan=1;fpa=P0-1446842245-1619276422261;pbcn=u;pbc=;ns=0;ce=1;qjs=1;qv=1558287b-20210421211215;cm=;gdpr=0;ref=;d=tmj4.com;je=0;sr=1600x1200x24;dst=1;et=1619276422261;tzo=-120;ogl=title.Wisconsin's%20extended%20Safer%20at%20Home%20order%20relaxes%20restrictions%20on%20non-essential%20b%2Curl.https%3A%2F%2Fwww%252Etmj4%252Ecom%2Fnews%2Fcoronavirus%2Fwisconsins-extended-safer-at-home-order-re%2Cimage.https%3A%2F%2Fewscripps%252Ebrightspotcdn%252Ecom%2Fdims4%2Fdefault%2Fcd61c5f%2F2147483647%2Fstrip%2Ftrue%2F%2Cimage%3Aurl.https%3A%2F%2Fewscripps%252Ebrightspotcdn%252Ecom%2Fdims4%2Fdefault%2Fcd61c5f%2F2147483647%2Fstrip%2Ftrue%2F%2Cimage%3Asecure_url.https%3A%2F%2Fewscripps%252Ebrightspotcdn%252Ecom%2Fdims4%2Fdefault%2Fcd61c5f%2F2147483647%2Fstrip%2Ftrue%2F%2Cimage%3Awidth.1200%2Cimage%3Aheight.630%2Cimage%3Atype.image%2Fpng%2Cdescription.Some%20local%20shops%20are%20now%20%20taking%20advantage%20of%20relaxed%20restrictions%20under%20the%20sta%2Csite_name.TMJ4%2Ctype.article%2Cdescription.Some%20local%20shops%20are%20now%20%20taking%20advantage%20of%20relaxed%20restrictions%20under%20the%20sta

Requested by

Host: www.tmj4.com
URL: https://www.tmj4.com/news/coronavirus/wisconsins-extended-safer-at-home-order-relaxes-restrictions-on-non-essential-businesses

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:5a23:9c4e:e774:96c1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://www.tmj4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Apr 2021 15:00:22 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 cloudy.png
static.ewscloud.com/weathercenter/prod/static/weathericons/daytime/ 3 KB
3 KB 60ms
7ms Image
image/png 2600:9000:20eb:7800:10:618e:d880:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.ewscloud.com/weathercenter/prod/static/weathericons/daytime/cloudy.png
Requested by: Host: www.tmj4.com
URL: https://www.tmj4.com/news/coronavirus/wisconsins-extended-safer-at-home-order-relaxes-restrictions-on-non-essential-businesses
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:7800:10:618e:d880:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 727f93b09ab81ccfabda8af76bbd53e3e99a3eafce122b52fac24f9e13872e33

Request headers

Referer: https://www.tmj4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 9OY47Kvuv4DbLwzArUUJYWLNuwTLh2GP
via: 1.1 f046bfa1468bb4385e357c8c9128cf51.cloudfront.net (CloudFront)
last-modified: Thu, 11 Feb 2021 14:00:40 GMT
server: AmazonS3
age: 162
etag: "472ec61e8e2a117758a265abc1d2d247"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=86400
date: Sat, 24 Apr 2021 14:57:41 GMT
x-amz-replication-status: COMPLETED
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 3167
x-amz-cf-id: aPi1iIJbhaMEwEipHJwfnndIS7ckUMqOfcp8jlVL8nCj7LpHaLnaFw==

POST
H/1.1 200
OK story Show response
capi.connatix.com/core/ Frame 1FBF 1 KB
1 KB 503ms
161ms XHR
multipart/form-data 3.143.119.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/core/story?v=114867
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.143.119.104 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 15e23c26e5a921044bff42508a48ab366137ccbe6d59db5ae841f1282876962c

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: multipart/form-data

Response headers

Date: Sat, 24 Apr 2021 15:00:22 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: multipart/form-data
Access-Control-Allow-Origin: https://www.tmj4.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 937

GET
H3-29 200 pubads_impl_2021042001.js Show response
securepubads.g.doubleclick.net/gpt/ 301 KB
105 KB 31ms
15ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042001.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

sffe /

Resource Hash

a2aca9aa200ad3e4dd9afcd27fd2bd5b272a5d297e9f85d708394857ca6a1ffe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tmj4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 15:00:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 20 Apr 2021 08:40:14 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 107961
x-xss-protection: 0
expires: Sat, 24 Apr 2021 15:00:22 GMT

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame AF08 6 KB
3 KB 31ms
30ms XHR
application/javascript 143.204.247.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.247.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-247-127.cph50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Referer: https://assets.scrippsdigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: eEYYOb32LZFr6yGAi8hXG4401uAIPew2
content-encoding: gzip
etag: W/"a4d296427fc806b21335359e398c025c"
age: 57230
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Wed, 07 Apr 2021 05:49:36 GMT
server: AmazonS3
date: Fri, 23 Apr 2021 23:07:46 GMT
vary: Origin
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 0326fbaba639f5673ce3c647a7884df0.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: CPH50-C1
x-amz-cf-id: m9sgKsiTqDjUSGjr-spnQegVqYGlowLQoQmEriVX0AmC-uiDiMnQ3g==

GET
H2 200 dc_pre=CKuiod-Sl_ACFdaFgwcdK2kPmg;src=4394967;type=wtmj;cat=pc_tt0;ord=7697026444491;gtm=2wg4e1;auiddc=1046780366.1619276422;u1=Coronavirus;u2=Wisconsin's%20extended%20Safer%20at%20Home%20order%20r... Show response
adservice.google.de/ddm/fls/i/ Frame F195 194 B
877 B 64ms
41ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/ddm/fls/i/dc_pre=CKuiod-Sl_ACFdaFgwcdK2kPmg;src=4394967;type=wtmj;cat=pc_tt0;ord=7697026444491;gtm=2wg4e1;auiddc=1046780366.1619276422;u1=Coronavirus;u2=Wisconsin's%20extended%20Safer%20at%20Home%20order%20relaxes%20restrictions%20on%20non-essential%20businesses;~oref=https%3A%2F%2Fwww.tmj4.com%2Fnews%2Fcoronavirus%2Fwisconsins-extended-safer-at-home-order-relaxes-restrictions-on-non-essential-businesses

Requested by

Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CKuiod-Sl_ACFdaFgwcdK2kPmg;src=4394967;type=wtmj;cat=pc_tt0;ord=7697026444491;gtm=2wg4e1;auiddc=1046780366.1619276422;u1=Coronavirus;u2=Wisconsin's%20extended%20Safer%20at%20Home%20order%20relaxes%20restrictions%20on%20non-essential%20businesses;~oref=https%3A%2F%2Fwww.tmj4.com%2Fnews%2Fcoronavirus%2Fwisconsins-extended-safer-at-home-order-relaxes-restrictions-on-non-essential-businesses

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: adservice.google.de
:scheme: https
:path: /ddm/fls/i/dc_pre=CKuiod-Sl_ACFdaFgwcdK2kPmg;src=4394967;type=wtmj;cat=pc_tt0;ord=7697026444491;gtm=2wg4e1;auiddc=1046780366.1619276422;u1=Coronavirus;u2=Wisconsin's%20extended%20Safer%20at%20Home%20order%20relaxes%20restrictions%20on%20non-essential%20businesses;~oref=https%3A%2F%2Fwww.tmj4.com%2Fnews%2Fcoronavirus%2Fwisconsins-extended-safer-at-home-order-relaxes-restrictions-on-non-essential-businesses
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://adservice.google.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://adservice.google.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 24 Apr 2021 15:00:22 GMT
expires: Sat, 24 Apr 2021 15:00:22 GMT
cache-control: private, max-age=0
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 177
x-xss-protection: 0
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ Frame AF08 23 B
377 B 147ms
147ms XHR
text/javascript 143.204.247.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/e/dtb/bid?src=3295&u=https%3A%2F%2Fwww.tmj4.com%2F&pr=https%3A%2F%2Fwww.tmj4.com%2F&pid=i5UqjAvyeSlPF&cb=0&ws=610x343&v=7.61.00&t=2000&slots=%5B%7B%22id%22%3A%22preroll%22%2C%22mt%22%3A%22v%22%7D%5D&cfgv=0&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.247.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-247-127.cph50.r.cloudfront.net
Software: Server /
Resource Hash: 745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Request headers

Referer: https://assets.scrippsdigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 15:00:22 GMT
via: 1.1 cfd12cc4ec21f43f7afaabc9c7275134.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: CPH50-C1
vary: User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://assets.scrippsdigital.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: z_JgjB74VJg04s78QQRp02kOH7VxjoH-jWZRK-RPUZGJiKw-S0157Q==

GET
H/1.1 200
OK dwce_cheq_events Show response
log.outbrainimg.com/loggerServices/ 4 B
325 B 252ms
91ms XHR
application/json 64.202.112.159
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: https://log.outbrainimg.com/loggerServices/dwce_cheq_events?timestamp=1619276422415&sessionId=ec6db82c-18b5-41be-9958-9d4c55a5cfa1&url=www.tmj4.com&cheqSource=1&cheqEvent=2&responseTime=737
Requested by: Host: d25dfknw9ghxs6.cloudfront.net
URL: https://d25dfknw9ghxs6.cloudfront.net/scsp.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.159 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

Referer: https://www.tmj4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 24 Apr 2021 15:00:22 GMT
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
X-TraceId: 8adcf99b0da8589beb9142a797be12af
Content-Length: 4
Expires: 0

GET
H2 200 imp.gif
obs.cheqzone.com/tracker/ 43 B
135 B 216ms
216ms Image
image/gif 2600:1f18:e8a:cd10:3bb7:12f:ec6a:dc8a
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://obs.cheqzone.com/tracker/imp.gif?e=37dfbd8ee84e00136be7c532ec43889f9225c24f567d51c5c30f41b0254384cfa532ff1a285aa40e98d022e0b44dc87ea4a36fde4c1b8c682309094d0ba0bfea9475489e91da563e351aff717718956a8b70cd0130003f8101424d3f065cc3bf775d36fa26e877cb55e2cc7ce2586fb01f6f3903d053f054abd1c5d52fe87547ed62d2f1157f84163312714593d60632fd78afe7dfe1474ab9488bbd39e821da61c45085052aae2d05f91e46042cc95b32b49affa125be2ab8589801f95c0c2cf38e6b256a655c9b6599857ea95a61a7d4f232331e32d786302080903b477442750c1bef8828796d76e4ba152cebfea755c9a444771e2bb5a5a384800cc6b9a326f746c0016537dd9fcfe6ad6b89cc9133d56c5384e6c1250616e9656ca0990a63ecc89825d957bd1fad811bc551c8c96dd82a77c3d835d27798d5bba0deb9e54f2ea027b5baac205667ba876790b145b04d1006d20809d1d9c38681eb923bce6a88dee2df2bb57f2f64d22c78c7c2901a76d0ef75fd53b7c81fc526ae2a421c039e6dff439cd0be71f8df78d209f2c3cad46fd8154560f21318546b5833c6a173b949d7d88c34b28f28e89b3ddb8fe5ef7683a1a8587c688fe55843ddf8185906f3fcad37e027c2b501bafd71f028f5738811814886e069840765b1edd624666c245a75551f0af5bf91328d5caa100d007ca6f0168ec4055ebbfb86e4e92f81b8a7ee9aeafba459453de755c4e3082ddc1d7711d47f4f3330e471c47505c1ebc47f8960de3988a92ad1a50b997d13222101600e9ac0e4c7217d559b045893d3dda7adc9550582adbb7d94a26f698bc0182e1d8c83c54473a52d84438d5fb22d9116c7da50adf874b7d9fb8ddd1926b6be6c718832e4c8e5b704df2c261c05d9&cb=1619276422415&cri=y3jYPN6NYc
Requested by: Host: www.tmj4.com
URL: https://www.tmj4.com/news/coronavirus/wisconsins-extended-safer-at-home-order-relaxes-restrictions-on-non-essential-businesses
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2600:1f18:e8a:cd10:3bb7:12f:ec6a:dc8a Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer: https://www.tmj4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Apr 2021 15:00:22 GMT
cache-control: no-cache, no-store, must-revalidate
cheq_headers_order: Cache-Control Pragma Expires Content-Type Date Connection Content-Length
content-type: image/gif
content-length: 43
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 jsapi_ROOT.js Show response
js.arcgis.com/3.36/esri/nls/ Frame BE7A 246 KB
59 KB 39ms
36ms Script
application/javascript 13.33.139.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.arcgis.com/3.36/esri/nls/jsapi_ROOT.js

Requested by

Host: js.arcgis.com
URL: https://js.arcgis.com/3.36/init.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.33.139.113 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-33-139-113.cph50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

93c534596c81954c36de4959c6dd091e4614a0ee768cd441b54ce417c67916dd

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=6307200

Request headers

Referer: https://www.arcgis.com/apps/opsdashboard/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: LBeMUbMaiWmQ9HaNPsVMRNMzQMuR9i2e
content-encoding: br
etag: "298c52167508bea4639b22cb64baa4ec"
age: 61958
x-cache: Hit from cloudfront
access-control-max-age: 3000
content-length: 60132
access-control-allow-origin: *
last-modified: Thu, 22 Apr 2021 04:43:23 GMT
server: AmazonS3
date: Sat, 24 Apr 2021 04:48:16 GMT
strict-transport-security: max-age=6307200
access-control-allow-methods: HEAD, GET
content-type: application/javascript
via: 1.1 3b78d7f6f4659eac59b9364313823247.cloudfront.net (CloudFront)
cache-control: max-age=86400
content-security-policy: upgrade-insecure-requests
x-amz-cf-pop: CPH50-C2
x-amz-cf-id: DHeOQkxUvawdBDrk3TxiBDSP2VR-Iac_dSRssR_yTUo5vav3VeM9rA==

GET
H2 200 ColorPicker.js Show response
js.arcgis.com/3.36/esri/dijit/ Frame BE7A 19 KB
5 KB 30ms
28ms Script
application/javascript 13.33.139.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.arcgis.com/3.36/esri/dijit/ColorPicker.js

Requested by

Host: js.arcgis.com
URL: https://js.arcgis.com/3.36/init.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.33.139.113 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-33-139-113.cph50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

6108b8efc385bdb66a47e004b1e8b37ea774036850e34dedb51d37697265292a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=6307200

Request headers

Referer: https://www.arcgis.com/apps/opsdashboard/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: rvXnx7hOE3ZxKOkuVaaGxwCklXHvfN40
content-encoding: br
etag: "299aa299a5480adea3a7a9df3c532636"
age: 36879
x-cache: Hit from cloudfront
access-control-max-age: 3000
content-length: 4430
access-control-allow-origin: *
last-modified: Thu, 22 Apr 2021 04:42:21 GMT
server: AmazonS3
date: Sat, 24 Apr 2021 04:45:50 GMT
strict-transport-security: max-age=6307200
access-control-allow-methods: HEAD, GET
content-type: application/javascript
via: 1.1 3b78d7f6f4659eac59b9364313823247.cloudfront.net (CloudFront)
cache-control: max-age=86400
content-security-policy: upgrade-insecure-requests
x-amz-cf-pop: CPH50-C2
x-amz-cf-id: O34QF_mYi7cWVJ0w6ThqkXZaFh_zBveHaGJlunaFh43DbSLksIvhYQ==

GET
H2 200 HexPalette.js Show response
js.arcgis.com/3.36/esri/dijit/ColorPicker/ Frame BE7A 1 KB
1 KB 31ms
28ms Script
application/javascript 13.33.139.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.arcgis.com/3.36/esri/dijit/ColorPicker/HexPalette.js

Requested by

Host: js.arcgis.com
URL: https://js.arcgis.com/3.36/init.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.33.139.113 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-33-139-113.cph50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

fca948980be87c8f70e7866a750f6328b654e4347c09172f3a720cc612dac473

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=6307200

Request headers

Referer: https://www.arcgis.com/apps/opsdashboard/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 9Nx4Es4PpWB6xfG6oV70EX9F05Fcgu_k
content-encoding: br
etag: "706f9c9e104c702d9728e2b0cef26282"
age: 36878
x-cache: Hit from cloudfront
access-control-max-age: 3000
content-length: 615
access-control-allow-origin: *
last-modified: Thu, 22 Apr 2021 04:42:21 GMT
server: AmazonS3
date: Sat, 24 Apr 2021 04:45:50 GMT
strict-transport-security: max-age=6307200
access-control-allow-methods: HEAD, GET
content-type: application/javascript
via: 1.1 3b78d7f6f4659eac59b9364313823247.cloudfront.net (CloudFront)
cache-control: max-age=86400
content-security-policy: upgrade-insecure-requests
x-amz-cf-pop: CPH50-C2
x-amz-cf-id: vGn6w2cw0I7V0kFQ3XbWJmlPEV12M-CGPSkPEQbyXKJ1gVnCjIorlg==

GET
H2 200 DateTextBox.js Show response
js.arcgis.com/3.36/dijit/form/ Frame BE7A 281 B
703 B 31ms
29ms Script
application/javascript 13.33.139.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.arcgis.com/3.36/dijit/form/DateTextBox.js

Requested by

Host: js.arcgis.com
URL: https://js.arcgis.com/3.36/init.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.33.139.113 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-33-139-113.cph50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

9346137917230c2daf742c1d0eb891e1e826e66d4005787cf670f00f8095fc19

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=6307200

Request headers

Referer: https://www.arcgis.com/apps/opsdashboard/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Apr 2021 19:30:20 GMT
content-encoding: br
age: 70203
x-cache: Hit from cloudfront
access-control-max-age: 3000
content-length: 172
access-control-allow-origin: *
last-modified: Thu, 22 Apr 2021 04:41:39 GMT
server: AmazonS3
etag: "4ad7bb6096b1193bc787bf15c1356ccc"
strict-transport-security: max-age=6307200
access-control-allow-methods: HEAD, GET
x-amz-version-id: kzdjdJvMK5mwuL86y4.Nkl8pq4cFtRxL
via: 1.1 3b78d7f6f4659eac59b9364313823247.cloudfront.net (CloudFront)
cache-control: max-age=86400
content-security-policy: upgrade-insecure-requests
x-amz-cf-pop: CPH50-C2
content-type: application/javascript
x-amz-cf-id: 0VoZ3lMAm2t0Ukm1wo9ngmyMtUEbL6wb692G18s-9YW-FMkoh6-B3g==

GET
H2 200 TimeTextBox.js Show response
js.arcgis.com/3.36/dijit/form/ Frame BE7A 886 B
924 B 31ms
28ms Script
application/javascript 13.33.139.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.arcgis.com/3.36/dijit/form/TimeTextBox.js

Requested by

Host: js.arcgis.com
URL: https://js.arcgis.com/3.36/init.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.33.139.113 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-33-139-113.cph50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

c09fb1577f4e4dbb6bf7b93ed0dc44f8f430437522b81d22e18285e53632918f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=6307200

Request headers

Referer: https://www.arcgis.com/apps/opsdashboard/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Apr 2021 22:49:32 GMT
content-encoding: br
age: 58250
x-cache: Hit from cloudfront
access-control-max-age: 3000
content-length: 394
access-control-allow-origin: *
last-modified: Thu, 22 Apr 2021 04:41:39 GMT
server: AmazonS3
etag: "bbe475b4701fce101d810cf266e203ba"
strict-transport-security: max-age=6307200
access-control-allow-methods: HEAD, GET
x-amz-version-id: 6seosUq2y3Ajdacw3u4o7PfZG.PtP1zI
via: 1.1 3b78d7f6f4659eac59b9364313823247.cloudfront.net (CloudFront)
cache-control: max-age=86400
content-security-policy: upgrade-insecure-requests
x-amz-cf-pop: CPH50-C2
content-type: application/javascript
x-amz-cf-id: P3H0SnRR7-BfDEnE_JGItnwJ2tRH2Brz50hwEE_aHzpAOVbn0cxhtA==

GET
H2 200 color.js Show response
js.arcgis.com/3.36/dojox/ Frame BE7A 72 B
605 B 32ms
28ms Script
application/javascript 13.33.139.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.arcgis.com/3.36/dojox/color.js

Requested by

Host: js.arcgis.com
URL: https://js.arcgis.com/3.36/init.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.33.139.113 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-33-139-113.cph50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

1a59329497187b99641cf0cd1eb55d3d4b2324ef9e5d037b8c00347d1692b23c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=6307200

Request headers

Referer: https://www.arcgis.com/apps/opsdashboard/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: ikbsxK8F35QoNd9ovYz8qpWxpoRC2KQP
content-encoding: br
etag: "b6aa79090c4a99d9f102d78901d620a5"
age: 36878
x-cache: Hit from cloudfront
access-control-max-age: 3000
content-length: 74
access-control-allow-origin: *
last-modified: Thu, 22 Apr 2021 04:41:53 GMT
server: AmazonS3
date: Sat, 24 Apr 2021 04:45:50 GMT
strict-transport-security: max-age=6307200
access-control-allow-methods: HEAD, GET
content-type: application/javascript
via: 1.1 3b78d7f6f4659eac59b9364313823247.cloudfront.net (CloudFront)
cache-control: max-age=86400
content-security-policy: upgrade-insecure-requests
x-amz-cf-pop: CPH50-C2
x-amz-cf-id: zXcRC9SehvFynUpxe6FsqIoL0Bp-AW__Xyq9XteKWgFABRoHkfkzlw==

GET
H2 200 Legend.js Show response
js.arcgis.com/3.36/esri/dijit/ Frame BE7A 66 KB
18 KB 32ms
29ms Script
application/javascript 13.33.139.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.arcgis.com/3.36/esri/dijit/Legend.js

Requested by

Host: js.arcgis.com
URL: https://js.arcgis.com/3.36/init.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.33.139.113 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-33-139-113.cph50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

43425033eafa0432d367080621dbe0b9d5eab20913d0b58443d3a0cb79b2adad

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=6307200

Request headers

Referer: https://www.arcgis.com/apps/opsdashboard/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 7Lmcm928Oc.s1RxZ1sL8t.ipPPZuxP8p
content-encoding: br
etag: "78b2d818cba53839e463bdb0742ab9c0"
age: 47255
x-cache: Hit from cloudfront
access-control-max-age: 3000
content-length: 17413
access-control-allow-origin: *
last-modified: Thu, 22 Apr 2021 04:42:22 GMT
server: AmazonS3
date: Sat, 24 Apr 2021 04:45:50 GMT
strict-transport-security: max-age=6307200
access-control-allow-methods: HEAD, GET
content-type: application/javascript
via: 1.1 3b78d7f6f4659eac59b9364313823247.cloudfront.net (CloudFront)
cache-control: max-age=86400
content-security-policy: upgrade-insecure-requests
x-amz-cf-pop: CPH50-C2
x-amz-cf-id: op1EBTdpBARr_0ZcJyTS1nfyoOj8gTCzfWIfwFIiAVxcD3Qna4V6KA==

GET
H2 200 Scalebar.js Show response
js.arcgis.com/3.36/esri/dijit/ Frame BE7A 8 KB
3 KB 32ms
29ms Script
application/javascript 13.33.139.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.arcgis.com/3.36/esri/dijit/Scalebar.js

Requested by

Host: js.arcgis.com
URL: https://js.arcgis.com/3.36/init.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.33.139.113 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-33-139-113.cph50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

27c13b9a3a8393852e9ca69a521eccee111f8ec9b7faefc8d3c1221a5a9a601d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=6307200

Request headers

Referer: https://www.arcgis.com/apps/opsdashboard/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Apr 2021 19:47:36 GMT
content-encoding: br
age: 69167
x-cache: Hit from cloudfront
access-control-max-age: 3000
content-length: 2241
access-control-allow-origin: *
last-modified: Thu, 22 Apr 2021 04:42:22 GMT
server: AmazonS3
etag: "591f8b5d659d69eeac15fd67c595eb6e"
strict-transport-security: max-age=6307200
access-control-allow-methods: HEAD, GET
x-amz-version-id: 2DNmQmRF1oAwAjT.bA65UYbBxY5N_dym
via: 1.1 3b78d7f6f4659eac59b9364313823247.cloudfront.net (CloudFront)
cache-control: max-age=86400
content-security-policy: upgrade-insecure-requests
x-amz-cf-pop: CPH50-C2
content-type: application/javascript
x-amz-cf-id: fsI0KBMcnKOW1fMNd7vw6vgP2gkVJY6tEKTIsFCQTj8XVASBA6sOuQ==

GET
H2 200 BasemapGallery.js Show response
js.arcgis.com/3.36/esri/dijit/ Frame BE7A 490 KB
108 KB 73ms
68ms Script
application/javascript 13.33.139.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.arcgis.com/3.36/esri/dijit/BasemapGallery.js

Requested by

Host: js.arcgis.com
URL: https://js.arcgis.com/3.36/init.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.33.139.113 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-33-139-113.cph50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

78be4e93a54d1fb5069eaa01a4fb90c89f51236c7933280a8839df53d8bd8825

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=6307200

Request headers

Referer: https://www.arcgis.com/apps/opsdashboard/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Apr 2021 22:49:53 GMT
content-encoding: br
age: 58230
x-cache: Hit from cloudfront
access-control-max-age: 3000
content-length: 109868
access-control-allow-origin: *
last-modified: Thu, 22 Apr 2021 04:42:21 GMT
server: AmazonS3
etag: "6b21c44ec1b7e98c5dbe0405de8bbb1c"
strict-transport-security: max-age=6307200
access-control-allow-methods: HEAD, GET
x-amz-version-id: XiAIC7krXjACqFTvGCa5.TxR3hrXdnYs
via: 1.1 3b78d7f6f4659eac59b9364313823247.cloudfront.net (CloudFront)
cache-control: max-age=86400
content-security-policy: upgrade-insecure-requests
x-amz-cf-pop: CPH50-C2
content-type: application/javascript
x-amz-cf-id: rlIqpgPiTzjlLGg7nLHeYIVgU62Hw-DQ6nEIVAaJjGUmIqGVJQh9GQ==

GET
H2 200 LayerList.js Show response
js.arcgis.com/3.36/esri/dijit/ Frame BE7A 18 KB
5 KB 75ms
71ms Script
application/javascript 13.33.139.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.arcgis.com/3.36/esri/dijit/LayerList.js

Requested by

Host: js.arcgis.com
URL: https://js.arcgis.com/3.36/init.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.33.139.113 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-33-139-113.cph50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

f2b9ac40ccbcb8c4e6b6bf4bcc67d2efcd0b729aeb79780af7d31dc6be12286e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=6307200

Request headers

Referer: https://www.arcgis.com/apps/opsdashboard/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: MRCQe1Wb_2JCiVH6COqkG0KGlaf4NVz1
content-encoding: br
etag: "7ee644cc1dc3398c1e8308982e92f434"
age: 47198
x-cache: Hit from cloudfront
access-control-max-age: 3000
content-length: 4934
access-control-allow-origin: *
last-modified: Thu, 22 Apr 2021 04:42:22 GMT
server: AmazonS3
date: Sat, 24 Apr 2021 04:45:50 GMT
strict-transport-security: max-age=6307200
access-control-allow-methods: HEAD, GET
content-type: application/javascript
via: 1.1 3b78d7f6f4659eac59b9364313823247.cloudfront.net (CloudFront)
cache-control: max-age=86400
content-security-policy: upgrade-insecure-requests
x-amz-cf-pop: CPH50-C2
x-amz-cf-id: xPI58W0o9xtSXFdZrcxORCs48xcrZyW-I5aIqlHIBiQ3ziyl4zWaTA==

GET
H2 200 Search.js Show response
js.arcgis.com/3.36/esri/dijit/ Frame BE7A 44 KB
11 KB 75ms
71ms Script
application/javascript 13.33.139.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.arcgis.com/3.36/esri/dijit/Search.js

Requested by

Host: js.arcgis.com
URL: https://js.arcgis.com/3.36/init.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.33.139.113 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-33-139-113.cph50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

c466a21ad4cb9a6d05655821aab3f9881631226ab6be1bd6272c094ecca36376

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=6307200

Request headers

Referer: https://www.arcgis.com/apps/opsdashboard/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Apr 2021 19:30:20 GMT
content-encoding: br
age: 70203
x-cache: Hit from cloudfront
access-control-max-age: 3000
content-length: 10523
access-control-allow-origin: *
last-modified: Thu, 22 Apr 2021 04:42:22 GMT
server: AmazonS3
etag: "562bacbbb38a7a4bc8be0fa339acc41d"
strict-transport-security: max-age=6307200
access-control-allow-methods: HEAD, GET
x-amz-version-id: gxLVstZ4JmFCLxBZyd5W_jg4ubxdSb70
via: 1.1 3b78d7f6f4659eac59b9364313823247.cloudfront.net (CloudFront)
cache-control: max-age=86400
content-security-policy: upgrade-insecure-requests
x-amz-cf-pop: CPH50-C2
content-type: application/javascript
x-amz-cf-id: mLU2YxpL8_aOfOrDgnyUDAl6078mInNKNesrkYmFSIrB5spJvfmRSQ==

GET
H2 200 locator.js Show response
js.arcgis.com/3.36/esri/tasks/ Frame BE7A 5 KB
2 KB 76ms
72ms Script
application/javascript 13.33.139.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.arcgis.com/3.36/esri/tasks/locator.js

Requested by

Host: js.arcgis.com
URL: https://js.arcgis.com/3.36/init.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.33.139.113 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-33-139-113.cph50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

2d9c617688e8ac94805bc712099b4a3800c88815a71147e2320881f33005e3e2

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=6307200

Request headers

Referer: https://www.arcgis.com/apps/opsdashboard/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Apr 2021 19:30:20 GMT
content-encoding: br
age: 70203
x-cache: Hit from cloudfront
access-control-max-age: 3000
content-length: 1397
access-control-allow-origin: *
last-modified: Thu, 22 Apr 2021 04:43:25 GMT
server: AmazonS3
etag: "ba8bfd75754b62305b780127920c3ba6"
strict-transport-security: max-age=6307200
access-control-allow-methods: HEAD, GET
x-amz-version-id: JeRGd5UQKfSHtVUKqrA0zSKJhUJKUAjW
via: 1.1 3b78d7f6f4659eac59b9364313823247.cloudfront.net (CloudFront)
cache-control: max-age=86400
content-security-policy: upgrade-insecure-requests
x-amz-cf-pop: CPH50-C2
content-type: application/javascript
x-amz-cf-id: xQmlrjZTnSlh1XmZFVrj25tr_GHCQ85hQH1PdB9ZJSaCej1_xAc4Qw==

GET
H2 200 draw.js Show response
js.arcgis.com/3.36/esri/toolbars/ Frame BE7A 20 KB
5 KB 76ms
72ms Script
application/javascript 13.33.139.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.arcgis.com/3.36/esri/toolbars/draw.js

Requested by

Host: js.arcgis.com
URL: https://js.arcgis.com/3.36/init.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.33.139.113 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-33-139-113.cph50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

83b9de17a90789c0c650d05f2b72a607b55bff98828cca2339edd8944e47a5a4

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=6307200

Request headers

Referer: https://www.arcgis.com/apps/opsdashboard/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Apr 2021 22:49:32 GMT
content-encoding: br
age: 58250
x-cache: Hit from cloudfront
access-control-max-age: 3000
content-length: 4377
access-control-allow-origin: *
last-modified: Thu, 22 Apr 2021 04:43:30 GMT
server: AmazonS3
etag: "2ab5bb1ed33a4ebdca3770fc0f290e5f"
strict-transport-security: max-age=6307200
access-control-allow-methods: HEAD, GET
x-amz-version-id: JZA5yi7bqZzrZ29HE3aF19a2ooEjnxC4
via: 1.1 3b78d7f6f4659eac59b9364313823247.cloudfront.net (CloudFront)
cache-control: max-age=86400
content-security-policy: upgrade-insecure-requests
x-amz-cf-pop: CPH50-C2
content-type: application/javascript
x-amz-cf-id: nSGNbxzBNbXJySrDn_95YsxAbNSciJDh6jJHulHRn-TBFOUNm_5mUg==

GET
H2 200 FeatureLayerStatistics.js Show response
js.arcgis.com/3.36/esri/plugins/ Frame BE7A 59 KB
15 KB 76ms
72ms Script
application/javascript 13.33.139.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.arcgis.com/3.36/esri/plugins/FeatureLayerStatistics.js

Requested by

Host: js.arcgis.com
URL: https://js.arcgis.com/3.36/init.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.33.139.113 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-33-139-113.cph50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

682956186052c62a648b149b129f4df856d61e42b49ec3ec21eab7e139798ab1

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=6307200

Request headers

Referer: https://www.arcgis.com/apps/opsdashboard/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 05h2pcw_wRtAGMtu6GCxQzHoqy9rDbFZ
content-encoding: br
etag: "69db88ba0d1b1cb791624fad05e717ff"
age: 51910
x-cache: Hit from cloudfront
access-control-max-age: 3000
content-length: 14941
access-control-allow-origin: *
last-modified: Thu, 22 Apr 2021 04:43:24 GMT
server: AmazonS3
date: Sat, 24 Apr 2021 04:45:50 GMT
strict-transport-security: max-age=6307200
access-control-allow-methods: HEAD, GET
content-type: application/javascript
via: 1.1 3b78d7f6f4659eac59b9364313823247.cloudfront.net (CloudFront)
cache-control: max-age=86400
content-security-policy: upgrade-insecure-requests
x-amz-cf-pop: CPH50-C2
x-amz-cf-id: oyDXlxu2R_aTn-fluQkDhmpnS0RBiSMeiYoyMg3238N6WShYGtaiRA==

GET
H2 200 geometryEngineAsync.js Show response
js.arcgis.com/3.36/esri/geometry/ Frame BE7A 16 KB
4 KB 76ms
72ms Script
application/javascript 13.33.139.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.arcgis.com/3.36/esri/geometry/geometryEngineAsync.js

Requested by

Host: js.arcgis.com
URL: https://js.arcgis.com/3.36/init.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.33.139.113 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-33-139-113.cph50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

926023069cae76acfe583c903c17d46c97a02b297f54d999dcffdb919d282aa1

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=6307200

Request headers

Referer: https://www.arcgis.com/apps/opsdashboard/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Apr 2021 22:49:32 GMT
content-encoding: br
age: 58250
x-cache: Hit from cloudfront
access-control-max-age: 3000
content-length: 3236
access-control-allow-origin: *
last-modified: Thu, 22 Apr 2021 04:43:17 GMT
server: AmazonS3
etag: "9f4a4a0a8f9e15487c7ddc8c0ac49f79"
strict-transport-security: max-age=6307200
access-control-allow-methods: HEAD, GET
x-amz-version-id: 5.KKNh1t4J4x4.c3L2KAOIAc3c69frzu
via: 1.1 3b78d7f6f4659eac59b9364313823247.cloudfront.net (CloudFront)
cache-control: max-age=86400
content-security-policy: upgrade-insecure-requests
x-amz-cf-pop: CPH50-C2
content-type: application/javascript
x-amz-cf-id: V-QvnAbIJ27uUkmDScKCxyRy-uyNCUrNo7H18IzNURwV5hD1HP17bg==

GET
H2 200 geometryEngine.js Show response
js.arcgis.com/3.36/esri/geometry/ Frame BE7A 644 KB
155 KB 75ms
73ms Script
application/javascript 13.33.139.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.arcgis.com/3.36/esri/geometry/geometryEngine.js

Requested by

Host: js.arcgis.com
URL: https://js.arcgis.com/3.36/init.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.33.139.113 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-33-139-113.cph50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

6e3376d5e0c17e4f6f28b0590ae80f6a723eeba77fc1238f142396e74881d149

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=6307200

Request headers

Referer: https://www.arcgis.com/apps/opsdashboard/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: nfY6oXj9RHsf6ojIDf.grm0fNEd2tOvT
content-encoding: br
etag: "599078cccc26d677d555cef91fe819a7"
age: 47198
x-cache: Hit from cloudfront
access-control-max-age: 3000
content-length: 158284
access-control-allow-origin: *
last-modified: Thu, 22 Apr 2021 04:43:17 GMT
server: AmazonS3
date: Sat, 24 Apr 2021 04:45:50 GMT
strict-transport-security: max-age=6307200
access-control-allow-methods: HEAD, GET
content-type: application/javascript
via: 1.1 3b78d7f6f4659eac59b9364313823247.cloudfront.net (CloudFront)
cache-control: max-age=86400
content-security-policy: upgrade-insecure-requests
x-amz-cf-pop: CPH50-C2
x-amz-cf-id: lUn-Oj9SpRZ1FhZvdmSnILkv463FJAG9QjchX6-kMDhyknxW0Fn_jw==

GET
H2 200 easing.js Show response
js.arcgis.com/3.36/dojo/fx/ Frame BE7A 3 KB
1 KB 75ms
73ms Script
application/javascript 13.33.139.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.arcgis.com/3.36/dojo/fx/easing.js

Requested by

Host: js.arcgis.com
URL: https://js.arcgis.com/3.36/init.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.33.139.113 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-33-139-113.cph50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

b4d1b435e4d711dd3c239db10733cc869d22d11dda5961c2ce66ce8748732e46

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=6307200

Request headers

Referer: https://www.arcgis.com/apps/opsdashboard/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: FLoRZ7yPV.X9S04pEEmmqEkHBKABieGf
content-encoding: br
etag: "27e2ae248d7ec9eed0b112df67becb43"
age: 47198
x-cache: Hit from cloudfront
access-control-max-age: 3000
content-length: 769
access-control-allow-origin: *
last-modified: Thu, 22 Apr 2021 04:41:48 GMT
server: AmazonS3
date: Sat, 24 Apr 2021 04:45:50 GMT
strict-transport-security: max-age=6307200
access-control-allow-methods: HEAD, GET
content-type: application/javascript
via: 1.1 3b78d7f6f4659eac59b9364313823247.cloudfront.net (CloudFront)
cache-control: max-age=86400
content-security-policy: upgrade-insecure-requests
x-amz-cf-pop: CPH50-C2
x-amz-cf-id: 5UlyXxw8LTsdp0PAqyLaRAF-hYk-bqNu919J995SBNatZvDm9X1C3w==

GET
H2 200 Portal.js Show response
js.arcgis.com/3.36/esri/arcgis/ Frame BE7A 22 KB
6 KB 83ms
81ms Script
application/javascript 13.33.139.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.arcgis.com/3.36/esri/arcgis/Portal.js

Requested by

Host: js.arcgis.com
URL: https://js.arcgis.com/3.36/init.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.33.139.113 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-33-139-113.cph50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

4aeb54d91d16c17e491410291fe303f31fba89bacecae91ac30ef24e8206e475

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=6307200

Request headers

Referer: https://www.arcgis.com/apps/opsdashboard/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Apr 2021 22:49:33 GMT
content-encoding: br
age: 58250
x-cache: Hit from cloudfront
access-control-max-age: 3000
content-length: 5565
access-control-allow-origin: *
last-modified: Thu, 22 Apr 2021 04:42:20 GMT
server: AmazonS3
etag: "a1e157771c00717e1f913c1dd2881b4f"
strict-transport-security: max-age=6307200
access-control-allow-methods: HEAD, GET
x-amz-version-id: GR.yYjzhWXfbd84uVwaIH8l3CoYtKnNa
via: 1.1 3b78d7f6f4659eac59b9364313823247.cloudfront.net (CloudFront)
cache-control: max-age=86400
content-security-policy: upgrade-insecure-requests
x-amz-cf-pop: CPH50-C2
content-type: application/javascript
x-amz-cf-id: LaVH-_q9LA0f482GcaCPMHpoiucTUqAMyYSxfn_lQjSQ2Yyu4VvqSw==

GET
H2 200 colors.js Show response
js.arcgis.com/3.36/esri/styles/ Frame BE7A 114 KB
17 KB 82ms
81ms Script
application/javascript 13.33.139.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.arcgis.com/3.36/esri/styles/colors.js

Requested by

Host: js.arcgis.com
URL: https://js.arcgis.com/3.36/init.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.33.139.113 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-33-139-113.cph50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

572d12de3a11c9e43e0c6457baab46f8efa2028b64ba1b3b23b212daecf6d753

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=6307200

Request headers

Referer: https://www.arcgis.com/apps/opsdashboard/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Apr 2021 22:49:55 GMT
content-encoding: br
age: 58228
x-cache: Hit from cloudfront
access-control-max-age: 3000
content-length: 17321
access-control-allow-origin: *
last-modified: Thu, 22 Apr 2021 04:43:24 GMT
server: AmazonS3
etag: "bcc4ed6189c88e957a664fe5e174e5d4"
strict-transport-security: max-age=6307200
access-control-allow-methods: HEAD, GET
x-amz-version-id: TuxhtZEq4Vi5fNM3sD.YXYJgW.C9iVkD
via: 1.1 3b78d7f6f4659eac59b9364313823247.cloudfront.net (CloudFront)
cache-control: max-age=86400
content-security-policy: upgrade-insecure-requests
x-amz-cf-pop: CPH50-C2
content-type: application/javascript
x-amz-cf-id: omcrhOGyqcLpDXCcAPMgZJMviEq8E1jpzttmP7jDYfqIf0RZQZzTuA==

GET
H2 200 svg.js Show response
js.arcgis.com/3.36/dojox/gfx/ Frame BE7A 30 KB
8 KB 95ms
92ms Script
application/javascript 13.33.139.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.arcgis.com/3.36/dojox/gfx/svg.js

Requested by

Host: js.arcgis.com
URL: https://js.arcgis.com/3.36/init.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.33.139.113 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-33-139-113.cph50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

8e62232beaf69feddd671db91004b098c8ecf7b1f3f6694c41b8546faea5e4f1

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=6307200

Request headers

Referer: https://www.arcgis.com/apps/opsdashboard/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Apr 2021 22:49:33 GMT
content-encoding: br
age: 58250
x-cache: Hit from cloudfront
access-control-max-age: 3000
content-length: 7330
access-control-allow-origin: *
last-modified: Thu, 22 Apr 2021 04:42:02 GMT
server: AmazonS3
etag: "665d752bdcd1cb33d3862c02d54f0e85"
strict-transport-security: max-age=6307200
access-control-allow-methods: HEAD, GET
x-amz-version-id: Hoiv2.WyDW1XT.Zo4NPFW_12LgIwPFVs
via: 1.1 3b78d7f6f4659eac59b9364313823247.cloudfront.net (CloudFront)
cache-control: max-age=86400
content-security-policy: upgrade-insecure-requests
x-amz-cf-pop: CPH50-C2
content-type: application/javascript
x-amz-cf-id: loToKAZ4mimI7DYkbpAFK5i99lyTcHknpPMQ_fl77wn0HYE22hgDkg==

GET
H2 200 blank.gif
js.arcgis.com/3.36/dojo/resources/ Frame BE7A 43 B
570 B 52ms
25ms Image
image/gif 13.33.139.113
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://js.arcgis.com/3.36/dojo/resources/blank.gif

Requested by

Host: www.arcgis.com
URL: https://www.arcgis.com/apps/opsdashboard/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.33.139.113 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-33-139-113.cph50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=6307200

Request headers

Referer: https://www.arcgis.com/apps/opsdashboard/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: WNIY_HFt3cfOlkWtQr20LfyBVDYGLUyV
content-encoding: br
etag: "dc6a65cd26443ea8263105a5cf8d1006"
age: 44536
x-cache: Hit from cloudfront
access-control-max-age: 3000
content-length: 48
access-control-allow-origin: *
last-modified: Thu, 22 Apr 2021 04:41:49 GMT
server: AmazonS3
date: Sat, 24 Apr 2021 04:45:44 GMT
strict-transport-security: max-age=6307200
access-control-allow-methods: HEAD, GET
content-type: image/gif
via: 1.1 3b78d7f6f4659eac59b9364313823247.cloudfront.net (CloudFront)
cache-control: max-age=86400
content-security-policy: upgrade-insecure-requests
x-amz-cf-pop: CPH50-C2
x-amz-cf-id: olu5R18GQrBWJe9p1Bp4pGGjWsGhhj8-wN6JS75vlsDnuu8-dBJBxQ==

GET
H2 200 show_companion_ad.js Show response
pagead2.googlesyndication.com/pagead/ 14 KB
6 KB 41ms
5ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_companion_ad.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c8b5d984e6d2cdaf64b8a50c9b645e347e74ffa712aa0b9422015700c98f9bb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tmj4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 14:35:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1480
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5863
x-xss-protection: 0
server: cafe
etag: 12453517290502062038
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Sat, 24 Apr 2021 15:35:42 GMT

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 23 B
369 B 80ms
66ms XHR
text/javascript 143.204.247.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/e/dtb/bid?src=3295&u=https%3A%2F%2Fwww.tmj4.com%2Fnews%2Fcoronavirus%2Fwisconsins-extended-safer-at-home-order-relaxes-restrictions-on-non-essential-businesses&pid=FJa6hWD9XKKLK&cb=0&ws=1600x1200&v=7.61.00&t=1500&slots=%5B%7B%22sd%22%3A%22MAD_INVIEW%22%2C%22s%22%3A%5B%22728x90%22%5D%7D%2C%7B%22sd%22%3A%22MAD_RIGHT_RAIL%22%2C%22s%22%3A%5B%22300x600%22%2C%22300x250%22%5D%7D%5D&cfgv=0&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by: Host: d25dfknw9ghxs6.cloudfront.net
URL: https://d25dfknw9ghxs6.cloudfront.net/scsp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.247.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-247-127.cph50.r.cloudfront.net
Software: Server /
Resource Hash: 745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Request headers

Referer: https://www.tmj4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 15:00:22 GMT
via: 1.1 cfd12cc4ec21f43f7afaabc9c7275134.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: CPH50-C1
vary: User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.tmj4.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: VrstJuhEVEoMIFrHlI6EjwQfdYZxVEtkMd9cKIrJ6LJQ2VQrD-zDiw==

GET
H/1.1

200
OK

2000248.js Show response
serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/
Redirect Chain

https://sync.serverbid.com/ss/2000248.js
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.js

5 KB
5 KB

40ms
14ms

Script
application/x-javascript

205.185.216.42
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.js

Requested by

Host: www.tmj4.com
URL: https://www.tmj4.com/news/coronavirus/wisconsins-extended-safer-at-home-order-relaxes-restrictions-on-non-essential-businesses

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

205.185.216.42 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

map2.hwcdn.net

Software

Resource Hash

25b88bf9d929543f95693a526b8a0e803eb7190cfa60042b0487a4b6b749ae71

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://www.tmj4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 24 Apr 2021 15:00:23 GMT
Connection: Keep-Alive
Last-Modified: Tue, 08 Dec 2020 16:28:09 GMT
age: 1
etag: "4e60003ba0cf3b31fca6aff00fe454eb"
Vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
X-HW: 1619276423.dop132.fr8.t,1619276423.cds239.fr8.shn,1619276423.dop132.fr8.t,1619276423.cds051.fr8.c
Content-Type: application/x-javascript
Cache-Control: max-age=12580
Content-Length: 4750
strict-transport-security: max-age=15552000; includeSubDomains; preload
Accept-Ranges: bytes
x-amz-request-id: tx000000000000002a6ca92-006083122a-4d93f15-nyc3a

Redirect headers

location: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.js
cache-control: no-cache
content-length: 0

POST
H2 200 v2 Show response
e.serverbid.com/api/ 16 B
166 B 306ms
98ms XHR
application/json 134.209.131.220
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://e.serverbid.com/api/v2
Requested by: Host: d25dfknw9ghxs6.cloudfront.net
URL: https://d25dfknw9ghxs6.cloudfront.net/scsp.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 134.209.131.220 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: 903eb8f1cc364e01930ba03579f049a72794aa91d1a5842a2edb6365e436bb7c

Request headers

Referer: https://www.tmj4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.tmj4.com
date: Sat, 24 Apr 2021 15:00:22 GMT
access-control-allow-credentials: true
content-length: 16
vary: Origin
content-type: application/json

GET
H2 200 0741bce3458e4705a7a2e69ec4920c82.m3u8 Show response
content.uplynk.com/ Frame AF08 2 KB
823 B 275ms
218ms XHR
application/vnd.apple.mpegurl 20.50.105.246
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://content.uplynk.com/0741bce3458e4705a7a2e69ec4920c82.m3u8

Requested by

Host: assets.scrippsdigital.com
URL: https://assets.scrippsdigital.com/cms/videojs/videojs-combine.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.50.105.246 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

9d762aa796ceda8e7d83bf237b7ce812a57c9236c17786f9ee52cfc9d5e43651

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://assets.scrippsdigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 15:00:22 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/vnd.apple.mpegurl
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store
x-services: f3e6875dd31e4752834416d1ec6a8824
content-length: 525
x-content-type-options: nosniff

GET
DATA 200
OK truncated
/ Frame AF08 4 KB
4 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a39d9acefe24437ed2d4031241c6a1e19751f7e2010681b9320dd2264d27ef54

Request headers

Origin: https://assets.scrippsdigital.com
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: application/font-woff;charset=utf-8

GET
H3-29 200 bridge3.453.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 5942 570 KB
186 KB 21ms
7ms Document
text/html 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.453.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

03fa924099182c607c33fb7877f50e7de0ae3522e1bcff8f7247ae5e88a2b25b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.453.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://assets.scrippsdigital.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://assets.scrippsdigital.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 190793
date: Fri, 23 Apr 2021 03:56:55 GMT
expires: Sat, 23 Apr 2022 03:56:55 GMT
last-modified: Wed, 21 Apr 2021 20:50:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 126207
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ Frame AF08 44 KB
17 KB 42ms
13ms Script
text/javascript 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://assets.scrippsdigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 15:00:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
expires: Sat, 24 Apr 2021 15:00:22 GMT

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 23 B
369 B 76ms
75ms XHR
text/javascript 143.204.247.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/e/dtb/bid?src=3295&u=https%3A%2F%2Fwww.tmj4.com%2Fnews%2Fcoronavirus%2Fwisconsins-extended-safer-at-home-order-relaxes-restrictions-on-non-essential-businesses&pid=FJa6hWD9XKKLK&cb=1&ws=1600x1200&v=7.61.00&t=1500&slots=%5B%7B%22sd%22%3A%22MAD_INLINE%22%2C%22s%22%3A%5B%22300x250%22%5D%7D%2C%7B%22sd%22%3A%22MAD_HEADER%22%2C%22s%22%3A%5B%22970x250%22%2C%22728x90%22%2C%22970x90%22%2C%22994x30%22%2C%2210x1%22%5D%7D%5D&cfgv=0&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by: Host: d25dfknw9ghxs6.cloudfront.net
URL: https://d25dfknw9ghxs6.cloudfront.net/scsp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.247.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-247-127.cph50.r.cloudfront.net
Software: Server /
Resource Hash: 89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4

Request headers

Referer: https://www.tmj4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 15:00:22 GMT
via: 1.1 cfd12cc4ec21f43f7afaabc9c7275134.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: CPH50-C1
vary: User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.tmj4.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: wX4m8sE9MPx6v64w6t5uzDMCFvX-EmVlRCsG4Tk9uA3OeAv_qqAjIw==

POST
H2 200 v2 Show response
e.serverbid.com/api/ 16 B
166 B 183ms
99ms XHR
application/json 134.209.131.220
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://e.serverbid.com/api/v2
Requested by: Host: d25dfknw9ghxs6.cloudfront.net
URL: https://d25dfknw9ghxs6.cloudfront.net/scsp.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 134.209.131.220 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: 903eb8f1cc364e01930ba03579f049a72794aa91d1a5842a2edb6365e436bb7c

Request headers

Referer: https://www.tmj4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.tmj4.com
date: Sat, 24 Apr 2021 15:00:22 GMT
access-control-allow-credentials: true
content-length: 16
vary: Origin
content-type: application/json

GET
BLOB 200
OK 61f2f97b-f4bc-4eb7-a4d1-e3224883cfb6
https://assets.scrippsdigital.com/ Frame AF08 182 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://assets.scrippsdigital.com/61f2f97b-f4bc-4eb7-a4d1-e3224883cfb6
Requested by: Host: www.tmj4.com
URL: https://www.tmj4.com/news/coronavirus/wisconsins-extended-safer-at-home-order-relaxes-restrictions-on-non-essential-businesses
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8711e50058f6a714b6e9091223a2db931ba9e4ad4db8256271107ef946869f51

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length: 186209
Content-Type: text/javascript

GET
H2 200 number.js Show response
js.arcgis.com/3.36/dojo/cldr/nls/en/ Frame BE7A 636 B
884 B 33ms
33ms Script
application/javascript 13.33.139.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.arcgis.com/3.36/dojo/cldr/nls/en/number.js

Requested by

Host: js.arcgis.com
URL: https://js.arcgis.com/3.36/init.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.33.139.113 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-33-139-113.cph50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

576561fc32468323e4257d17824b4b57bdb4aa7bace8b5afd97345f1c9cfe07e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=6307200

Request headers

Referer: https://www.arcgis.com/apps/opsdashboard/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 1zFctmge4DX4p2_irV2ZO_7ho66YI3B6
content-encoding: br
etag: "464ae6c2fde00439f9926d863476383b"
age: 46767
x-cache: Hit from cloudfront
access-control-max-age: 3000
content-length: 342
access-control-allow-origin: *
last-modified: Thu, 22 Apr 2021 04:41:46 GMT
server: AmazonS3
date: Sat, 24 Apr 2021 04:48:17 GMT
strict-transport-security: max-age=6307200
access-control-allow-methods: HEAD, GET
content-type: application/javascript
via: 1.1 3b78d7f6f4659eac59b9364313823247.cloudfront.net (CloudFront)
cache-control: max-age=86400
content-security-policy: upgrade-insecure-requests
x-amz-cf-pop: CPH50-C2
x-amz-cf-id: 7AcNh50gOLd4LVdxYXOvVWIjLPKKIAJoeC5bk0rrdzaBIUMDYRhElw==

GET
H2 200 gregorian.js Show response
js.arcgis.com/3.36/dojo/cldr/nls/en/ Frame BE7A 9 KB
2 KB 33ms
32ms Script
application/javascript 13.33.139.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.arcgis.com/3.36/dojo/cldr/nls/en/gregorian.js

Requested by

Host: js.arcgis.com
URL: https://js.arcgis.com/3.36/init.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.33.139.113 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-33-139-113.cph50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

38e9bd17fbfa765f2baa1c982e1a6fc707972a39701cbd70ed48662781363b1b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=6307200

Request headers

Referer: https://www.arcgis.com/apps/opsdashboard/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 2IrjFT.29S5guHpiLgZQW9RPV7plxryP
content-encoding: br
etag: "98dbe0228845ca9a4c2bfc08cfe850ff"
age: 46767
x-cache: Hit from cloudfront
access-control-max-age: 3000
content-length: 1651
access-control-allow-origin: *
last-modified: Thu, 22 Apr 2021 04:41:46 GMT
server: AmazonS3
date: Sat, 24 Apr 2021 04:48:17 GMT
strict-transport-security: max-age=6307200
access-control-allow-methods: HEAD, GET
content-type: application/javascript
via: 1.1 3b78d7f6f4659eac59b9364313823247.cloudfront.net (CloudFront)
cache-control: max-age=86400
content-security-policy: upgrade-insecure-requests
x-amz-cf-pop: CPH50-C2
x-amz-cf-id: 0LZZaixwyK8qBPuJqbtiFSSYzFfivR1YpXTs513dR6I3aHNutK15zQ==

GET
H2 200 blockedDomains_1.bin Show response
lit.connatix.com/08d73d33-9bb5-9b21-f035-1721d593115a/ Frame 1FBF 37 B
253 B 32ms
6ms XHR
application/octet-stream 151.101.14.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://lit.connatix.com/08d73d33-9bb5-9b21-f035-1721d593115a/blockedDomains_1.bin
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.14.137 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 34e3f618db625fef9f9d3efb096053c1a63a9c3cd725ba2275829d6218d942fa

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 15:00:22 GMT
content-encoding: gzip
fastly-restarts: 1
last-modified: Tue, 16 Feb 2021 13:25:12 GMT
age: 2858584
etag: "d52192593689e68b27a6c423370aebf0"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 50

POST
H/1.1 200
OK sr Show response
capi.connatix.com/tr/ Frame 1FBF 0
293 B 111ms
111ms XHR
multipart/form-data 3.143.119.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/tr/sr?v=114867
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.143.119.104 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: multipart/form-data

Response headers

Date: Sat, 24 Apr 2021 15:00:22 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: multipart/form-data
Access-Control-Allow-Origin: https://www.tmj4.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 20

POST
H/1.1 200
OK fallbackstory Show response
capi.connatix.com/core/ Frame 1FBF 44 B
317 B 452ms
114ms XHR
multipart/form-data 3.143.119.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/core/fallbackstory
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.143.119.104 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: cc60a4f8be2f6490be740098f9b6c74ddced16855d46073f5fbc73b392c7f1fd

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: multipart/form-data

Response headers

Date: Sat, 24 Apr 2021 15:00:23 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: multipart/form-data
Access-Control-Allow-Origin: https://www.tmj4.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 44

GET
H2 200 490a502a-4b92-45f4-b1cd-46ae6ea892f6.bin Show response
vid.connatix.com/3b349157-4b1d-491c-b0ad-fd9d6a811fc6/ Frame 1FBF 2 KB
1 KB 13ms
9ms XHR
application/octet-stream 151.101.14.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.connatix.com/3b349157-4b1d-491c-b0ad-fd9d6a811fc6/490a502a-4b92-45f4-b1cd-46ae6ea892f6.bin
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.14.137 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 1799b98931eb002e5e30b01b1ae1c4ff9094c5e2fab291401880fa3857205a52

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 15:00:22 GMT
content-encoding: gzip
last-modified: Sat, 24 Apr 2021 14:39:48 GMT
age: 939
etag: "8ae22086242e1c93c64ac11bb78e9ea1"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 946

GET
H3-29 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 1FBF 334 KB
114 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d25942b7da85bc7cdb258cdb436227b1de7e3a2b50c61f7d7050eff911f88f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 15:00:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 117044
x-xss-protection: 0
expires: Sat, 24 Apr 2021 15:00:22 GMT

GET
H2 200 ob_smartFeedLogo.min.svg
widgets.outbrain.com/images/widgetIcons/ 7 KB
7 KB 19ms
19ms Image
image/svg+xml 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.outbrain.com/images/widgetIcons/ob_smartFeedLogo.min.svg
Requested by: Host: www.tmj4.com
URL: https://www.tmj4.com/news/coronavirus/wisconsins-extended-safer-at-home-order-relaxes-restrictions-on-non-essential-businesses
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 8050f05c230d74be333b63cef230e786094e9100f55fa19c6c0831e95870768d

Request headers

Referer: https://www.tmj4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 15:00:22 GMT
last-modified: Wed, 17 Feb 2021 13:51:00 GMT
server: AkamaiNetStorage
etag: "f370d19306add072a726e7f4ade8dc57:1613570903.586246"
access-control-allow-methods: GET,POST
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 7090
expires: Mon, 24 May 2021 15:00:22 GMT

GET
H2 200 achoice.svg
widgets.outbrain.com/images/widgetIcons/ 3 KB
3 KB 20ms
19ms Image
image/svg+xml 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.outbrain.com/images/widgetIcons/achoice.svg
Requested by: Host: www.tmj4.com
URL: https://www.tmj4.com/news/coronavirus/wisconsins-extended-safer-at-home-order-relaxes-restrictions-on-non-essential-businesses
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04

Request headers

Referer: https://www.tmj4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 15:00:22 GMT
last-modified: Wed, 17 Feb 2021 13:51:00 GMT
server: AkamaiNetStorage
etag: "9d26fa4e7238ed94f1d0d92afb453b3e:1613570879.822144"
access-control-allow-methods: GET,POST
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 2735
expires: Mon, 24 May 2021 15:00:22 GMT

GET
H/1.1 200
OK l Show response
mcdp-nydc1.outbrain.com/ 2 B
292 B 351ms
89ms Fetch
text/plain 64.202.112.159
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: https://mcdp-nydc1.outbrain.com/l?token=9cc26833254becb664f8dcb08738dafc_7231_1619276422506&tm=1535&eT=0&widgetWidth=610&widgetHeight=188&widgetX=325&widgetY=4209&tpcs=0&wRV=2000299&pVis=1&lsd=-1&eIdx=&cnsnt=no_consent&cheq=2&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.159 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://www.tmj4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
Date: Sat, 24 Apr 2021 15:00:23 GMT
content-encoding: gzip
X-TraceId: 9a09d065de8e10253e869ce079dc87a5
Content-Type: text/plain; charset=UTF-8
Content-Length: 28
access-control-expose-headers: content-range

GET
H2 200 obUserSync.html Show response
widgets.outbrain.com/widgetOBUserSync/ Frame 469D 16 KB
6 KB 16ms
15ms Document
text/html 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 73298c8f5a6114815ba00b891f7f36b6030d6817c12c7c160c039b277ea725b6

Request headers

:method: GET
:authority: widgets.outbrain.com
:scheme: https
:path: /widgetOBUserSync/obUserSync.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.tmj4.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.tmj4.com/

Response headers

accept-ranges: bytes
content-type: text/html
etag: "afdd3785c80ed9c7965597d8e9141a6b:1617802737.514459"
last-modified: Wed, 07 Apr 2021 13:38:45 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=86400
expires: Sun, 25 Apr 2021 15:00:23 GMT
date: Sat, 24 Apr 2021 15:00:23 GMT
content-length: 5464
timing-allow-origin: * *
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
set-cookie: akacd_widgets_routing=1619276423~rv=45~id=ac2964347608de43d2be5c054384f668; path=/; Expires=Sat, 24 Apr 2021 15:00:23 GMT; Secure; SameSite=None

GET
H2 200 streamFeed.js Show response
widgets.outbrain.com/nanoWidget/2000299/module/ 49 KB
16 KB 19ms
18ms Script
application/x-javascript 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/2000299/module/streamFeed.js?e=1
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 13086c68f899dc06f5b51da8efc563f7e6d005c20e524f64aa437d0985b0e9d7

Request headers

Referer: https://www.tmj4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 15:00:23 GMT
content-encoding: gzip
last-modified: Thu, 22 Apr 2021 08:35:23 GMT
server: AkamaiNetStorage
etag: "afc84cbc87a9f0aba370d0f4fc0880fa:1619081842.660935"
vary: Accept-Encoding
access-control-allow-methods: GET,POST
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=345600
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 16345

GET
H2 200 _Tooltip.js Show response
js.arcgis.com/3.36/esri/dijit/ Frame BE7A 1 KB
1 KB 34ms
30ms Script
application/javascript 13.33.139.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.arcgis.com/3.36/esri/dijit/_Tooltip.js

Requested by

Host: js.arcgis.com
URL: https://js.arcgis.com/3.36/init.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.33.139.113 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-33-139-113.cph50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

dc0cbcda5db3d177f58159b656fde36a74322f9ee5b732454bc5558c346e4262

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=6307200

Request headers

Referer: https://www.arcgis.com/apps/opsdashboard/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: YgM6AQythX10T9hNAo1JtRNhfVM17yFl
content-encoding: br
etag: "f3d97d0c6e1f171e4a35edaada444f74"
age: 47992
x-cache: Hit from cloudfront
access-control-max-age: 3000
content-length: 561
access-control-allow-origin: *
last-modified: Thu, 22 Apr 2021 04:42:23 GMT
server: AmazonS3
date: Sat, 24 Apr 2021 04:45:50 GMT
strict-transport-security: max-age=6307200
access-control-allow-methods: HEAD, GET
content-type: application/javascript
via: 1.1 3b78d7f6f4659eac59b9364313823247.cloudfront.net (CloudFront)
cache-control: max-age=86400
content-security-policy: upgrade-insecure-requests
x-amz-cf-pop: CPH50-C2
x-amz-cf-id: Mdl_KegWvpjkT-hExhdek8IgaDTbLBYGieJAA06fcNxzj7OSAE6JTA==

GET
H2 200 colorUtil.js Show response
js.arcgis.com/3.36/esri/dijit/ColorPicker/ Frame BE7A 1 KB
1 KB 34ms
31ms Script
application/javascript 13.33.139.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.arcgis.com/3.36/esri/dijit/ColorPicker/colorUtil.js

Requested by

Host: js.arcgis.com
URL: https://js.arcgis.com/3.36/init.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.33.139.113 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-33-139-113.cph50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

a6de81df734ae58ec16d83c4ad847e1b90c16b2da34fc625e5bbabfe642e9a55

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=6307200

Request headers

Referer: https://www.arcgis.com/apps/opsdashboard/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Apr 2021 22:49:59 GMT
content-encoding: br
age: 58225
x-cache: Hit from cloudfront
access-control-max-age: 3000
content-length: 533
access-control-allow-origin: *
last-modified: Thu, 22 Apr 2021 04:42:21 GMT
server: AmazonS3
etag: "9bbcf79bbd4d4609746408f97a1a45e3"
strict-transport-security: max-age=6307200
access-control-allow-methods: HEAD, GET
x-amz-version-id: SnipX4VleCCTAz7.LslbCYy6n6lYPrJP
via: 1.1 3b78d7f6f4659eac59b9364313823247.cloudfront.net (CloudFront)
cache-control: max-age=86400
content-security-policy: upgrade-insecure-requests
x-amz-cf-pop: CPH50-C2
content-type: application/javascript
x-amz-cf-id: grZKFWc2a6EDKge5_gyUl8waDdwFCk_pPK17JCjlIfjQNNLN_UoN3w==

GET
H2 200 HorizontalSlider.js Show response
js.arcgis.com/3.36/esri/dijit/ Frame BE7A 709 B
886 B 34ms
31ms Script
application/javascript 13.33.139.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.arcgis.com/3.36/esri/dijit/HorizontalSlider.js

Requested by

Host: js.arcgis.com
URL: https://js.arcgis.com/3.36/init.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.33.139.113 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-33-139-113.cph50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

67b21b433f99c5ad0b124f568a0614fa54740af754630f76572ea46164c5e54e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=6307200

Request headers

Referer: https://www.arcgis.com/apps/opsdashboard/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: bKx2R_mbM0UB_ksQUX8oN9nE07Qf3yAi
content-encoding: br
etag: "44210f50c0886cd7f384ac175158774d"
age: 47041
x-cache: Hit from cloudfront
access-control-max-age: 3000
content-length: 353
access-control-allow-origin: *
last-modified: Thu, 22 Apr 2021 04:42:22 GMT
server: AmazonS3
date: Sat, 24 Apr 2021 04:45:50 GMT
strict-transport-security: max-age=6307200
access-control-allow-methods: HEAD, GET
content-type: application/javascript
via: 1.1 3b78d7f6f4659eac59b9364313823247.cloudfront.net (CloudFront)
cache-control: max-age=86400
content-security-policy: upgrade-insecure-requests
x-amz-cf-pop: CPH50-C2
x-amz-cf-id: iT4hpI0AT9pJlkAK97DSPGKEZyNSnFT0VCQpE5PRA36aCK79raxxbA==

GET
H2 200 RadioButton.js Show response
js.arcgis.com/3.36/dijit/form/ Frame BE7A 184 B
657 B 33ms
31ms Script
application/javascript 13.33.139.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.arcgis.com/3.36/dijit/form/RadioButton.js

Requested by

Host: js.arcgis.com
URL: https://js.arcgis.com/3.36/init.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.33.139.113 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-33-139-113.cph50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

4febba3d38968f9582ce70d2fdaec56aaa975519a953cd02283fd91abc96e5fa

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=6307200

Request headers

Referer: https://www.arcgis.com/apps/opsdashboard/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: P4TTbIr2PRPc2ULJvCqbiNntkDWGh9nw
content-encoding: br
etag: "20c39379dc91564d69f976494ca620ec"
age: 44537
x-cache: Hit from cloudfront
access-control-max-age: 3000
content-length: 125
access-control-allow-origin: *
last-modified: Thu, 22 Apr 2021 04:41:39 GMT
server: AmazonS3
date: Sat, 24 Apr 2021 04:45:50 GMT
strict-transport-security: max-age=6307200
access-control-allow-methods: HEAD, GET
content-type: application/javascript
via: 1.1 3b78d7f6f4659eac59b9364313823247.cloudfront.net (CloudFront)
cache-control: max-age=86400
content-security-policy: upgrade-insecure-requests
x-amz-cf-pop: CPH50-C2
x-amz-cf-id: NC284_mp6omyRj_gjJVgc1Fg1Jt5LcgPLnG4exyoz6EodQ03tzRdDg==

GET
H2 200 Calendar.js Show response
js.arcgis.com/3.36/dijit/ Frame BE7A 4 KB
2 KB 32ms
31ms Script
application/javascript 13.33.139.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.arcgis.com/3.36/dijit/Calendar.js

Requested by

Host: js.arcgis.com
URL: https://js.arcgis.com/3.36/init.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.33.139.113 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-33-139-113.cph50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

06243cd40ffe29de1e22920a2d0ad394009962eebc1469a774dd43bba6a833ca

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=6307200

Request headers

Referer: https://www.arcgis.com/apps/opsdashboard/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Apr 2021 22:49:59 GMT
content-encoding: br
age: 58225
x-cache: Hit from cloudfront
access-control-max-age: 3000
content-length: 1371
access-control-allow-origin: *
last-modified: Thu, 22 Apr 2021 04:41:38 GMT
server: AmazonS3
etag: "101e89d2b40c5338a941213661787982"
strict-transport-security: max-age=6307200
access-control-allow-methods: HEAD, GET
x-amz-version-id: _BV7Fvv43pLfGsRcPNHHjoTxuguKPmNG
via: 1.1 3b78d7f6f4659eac59b9364313823247.cloudfront.net (CloudFront)
cache-control: max-age=86400
content-security-policy: upgrade-insecure-requests
x-amz-cf-pop: CPH50-C2
content-type: application/javascript
x-amz-cf-id: xouCqMNWDu5vMpTu88SCumhepZEHxE9ZubhXyfa519DYfKQj1CQd1Q==

GET
H2 200 _DateTimeTextBox.js Show response
js.arcgis.com/3.36/dijit/form/ Frame BE7A 5 KB
2 KB 32ms
31ms Script
application/javascript 13.33.139.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.arcgis.com/3.36/dijit/form/_DateTimeTextBox.js

Requested by

Host: js.arcgis.com
URL: https://js.arcgis.com/3.36/init.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.33.139.113 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-33-139-113.cph50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

3ae0a056c3b312c36c66e1533966eec0b02a8096f87f73bf18092e138ff7f3f7

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=6307200

Request headers

Referer: https://www.arcgis.com/apps/opsdashboard/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Apr 2021 22:49:59 GMT
content-encoding: br
age: 58225
x-cache: Hit from cloudfront
access-control-max-age: 3000
content-length: 1564
access-control-allow-origin: *
last-modified: Thu, 22 Apr 2021 04:41:40 GMT
server: AmazonS3
etag: "72e0e31d9da9beab3b9e42069db823ba"
strict-transport-security: max-age=6307200
access-control-allow-methods: HEAD, GET
x-amz-version-id: jrynM0YsOC0U._L.ejNCXHDanxI02RGD
via: 1.1 3b78d7f6f4659eac59b9364313823247.cloudfront.net (CloudFront)
cache-control: max-age=86400
content-security-policy: upgrade-insecure-requests
x-amz-cf-pop: CPH50-C2
content-type: application/javascript
x-amz-cf-id: SK1h3t0RjNrtLYDd5KhuHCr1z4guWMUNsi2RHndE9OTDw4PK4uXESg==

GET
H2 200 _TimePicker.js Show response
js.arcgis.com/3.36/dijit/ Frame BE7A 5 KB
2 KB 32ms
31ms Script
application/javascript 13.33.139.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.arcgis.com/3.36/dijit/_TimePicker.js

Requested by

Host: js.arcgis.com
URL: https://js.arcgis.com/3.36/init.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.33.139.113 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-33-139-113.cph50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

f6dedb6d899127a39505eaab087c3e053c260066ce63e5726a48377ddc0ab364

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=6307200

Request headers

Referer: https://www.arcgis.com/apps/opsdashboard/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: lujGIiIO0OOslVD5.ux3WZvcVP.jJxrJ
content-encoding: br
etag: "a997f3ea5f81d6c02340c0bb7c4b2cc4"
age: 30128
x-cache: Hit from cloudfront
access-control-max-age: 3000
content-length: 1503
access-control-allow-origin: *
last-modified: Thu, 22 Apr 2021 04:41:38 GMT
server: AmazonS3
date: Sat, 24 Apr 2021 14:32:48 GMT
strict-transport-security: max-age=6307200
access-control-allow-methods: HEAD, GET
content-type: application/javascript
via: 1.1 3b78d7f6f4659eac59b9364313823247.cloudfront.net (CloudFront)
cache-control: max-age=86400
content-security-policy: upgrade-insecure-requests
x-amz-cf-pop: CPH50-C2
x-amz-cf-id: 9e8P-3rVvbF3MpcdLt4JEvhrd_Z8ULXvMhi64UGBjNcQIHbf9KRG-g==

GET
H2 200 _base.js Show response
js.arcgis.com/3.36/dojox/color/ Frame BE7A 3 KB
1 KB 32ms
32ms Script
application/javascript 13.33.139.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.arcgis.com/3.36/dojox/color/_base.js

Requested by

Host: js.arcgis.com
URL: https://js.arcgis.com/3.36/init.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.33.139.113 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-33-139-113.cph50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

cf2f5f9d30bcf0ff1f6a17007e84ab32d4f802c3faf526959fb600e01039f2a7

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=6307200

Request headers

Referer: https://www.arcgis.com/apps/opsdashboard/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: Wv9LoVCyOPS.UY8iR8N_.um.eJM3K4vA
content-encoding: br
etag: "29ec01d1a3d42138e7d1c0f1496a8b93"
age: 47734
x-cache: Hit from cloudfront
access-control-max-age: 3000
content-length: 898
access-control-allow-origin: *
last-modified: Thu, 22 Apr 2021 04:41:53 GMT
server: AmazonS3
date: Sat, 24 Apr 2021 04:45:50 GMT
strict-transport-security: max-age=6307200
access-control-allow-methods: HEAD, GET
content-type: application/javascript
via: 1.1 3b78d7f6f4659eac59b9364313823247.cloudfront.net (CloudFront)
cache-control: max-age=86400
content-security-policy: upgrade-insecure-requests
x-amz-cf-pop: CPH50-C2
x-amz-cf-id: GtJ-azeLu7ZzD5ykrqhzl6GEYeJUt_YHvNOmkqX5GInhClPDK-hmsA==

GET
H2 200 basic.js Show response
js.arcgis.com/3.36/esri/styles/ Frame BE7A 3 KB
2 KB 29ms
29ms Script
application/javascript 13.33.139.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.arcgis.com/3.36/esri/styles/basic.js

Requested by

Host: js.arcgis.com
URL: https://js.arcgis.com/3.36/init.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.33.139.113 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-33-139-113.cph50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

94f2708eed961ed357f7793c4f955a2cfcbe65dc709c9431736794b43e24a740

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=6307200

Request headers

Referer: https://www.arcgis.com/apps/opsdashboard/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Apr 2021 19:30:21 GMT
content-encoding: br
age: 70203
x-cache: Hit from cloudfront
access-control-max-age: 3000
content-length: 1082
access-control-allow-origin: *
last-modified: Thu, 22 Apr 2021 04:43:24 GMT
server: AmazonS3
etag: "aefbbc83f57f64406488378ad4c1519d"
strict-transport-security: max-age=6307200
access-control-allow-methods: HEAD, GET
x-amz-version-id: lUZ_Xq.6gxWUPOHftJXYdSej_zzkjcnK
via: 1.1 3b78d7f6f4659eac59b9364313823247.cloudfront.net (CloudFront)
cache-control: max-age=86400
content-security-policy: upgrade-insecure-requests
x-amz-cf-pop: CPH50-C2
content-type: application/javascript
x-amz-cf-id: 3f7MUZv0apnqF4J2BZFFpvbREUQ4afVDhGHbFEd0MH1ckvPJCcUryw==

GET
H2 200 AddressCandidate.js Show response
js.arcgis.com/3.36/esri/tasks/ Frame BE7A 503 B
806 B 28ms
28ms Script
application/javascript 13.33.139.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.arcgis.com/3.36/esri/tasks/AddressCandidate.js

Requested by

Host: js.arcgis.com
URL: https://js.arcgis.com/3.36/init.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.33.139.113 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-33-139-113.cph50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

30a920278d553f254c65b1e36523e54f8168c0b38fbc0abf8abb796d84bded38

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=6307200

Request headers

Referer: https://www.arcgis.com/apps/opsdashboard/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: C_GN5axKvCb5.zz_P3ARMXhYelNsumVv
content-encoding: br
etag: "e3b83655fda9b492b3799b423dc6fe33"
age: 47734
x-cache: Hit from cloudfront
access-control-max-age: 3000
content-length: 273
access-control-allow-origin: *
last-modified: Thu, 22 Apr 2021 04:43:24 GMT
server: AmazonS3
date: Sat, 24 Apr 2021 04:45:50 GMT
strict-transport-security: max-age=6307200
access-control-allow-methods: HEAD, GET
content-type: application/javascript
via: 1.1 3b78d7f6f4659eac59b9364313823247.cloudfront.net (CloudFront)
cache-control: max-age=86400
content-security-policy: upgrade-insecure-requests
x-amz-cf-pop: CPH50-C2
x-amz-cf-id: 1fo769rYLKRnIIX3vLnXAOXn_qYoMj3guwghiUAuRcPyIQmK6Bj1Eg==

GET
H2 200 _toolbar.js Show response
js.arcgis.com/3.36/esri/toolbars/ Frame BE7A 2 KB
1 KB 29ms
28ms Script
application/javascript 13.33.139.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.arcgis.com/3.36/esri/toolbars/_toolbar.js

Requested by

Host: js.arcgis.com
URL: https://js.arcgis.com/3.36/init.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.33.139.113 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-33-139-113.cph50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

948d55f9942cb1783f48cf02ebb8d498c89bd9e286dab871c46e5e7708853853

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=6307200

Request headers

Referer: https://www.arcgis.com/apps/opsdashboard/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Apr 2021 22:50:00 GMT
content-encoding: br
age: 58224
x-cache: Hit from cloudfront
access-control-max-age: 3000
content-length: 643
access-control-allow-origin: *
last-modified: Thu, 22 Apr 2021 04:43:30 GMT
server: AmazonS3
etag: "ad1f1524a5fd31ca092907355409c6fc"
strict-transport-security: max-age=6307200
access-control-allow-methods: HEAD, GET
x-amz-version-id: XmHm97iLzLU_.Rnpu_bNQr6XaiUuNjAh
via: 1.1 3b78d7f6f4659eac59b9364313823247.cloudfront.net (CloudFront)
cache-control: max-age=86400
content-security-policy: upgrade-insecure-requests
x-amz-cf-pop: CPH50-C2
content-type: application/javascript
x-amz-cf-id: pYPvJsqejkFUvHy6lNxfSajdAVd5V9aBZ1Qbm0byOOqOnEac_L7JcQ==

GET
H2 200 WorkerClient.js Show response
js.arcgis.com/3.36/esri/workers/ Frame BE7A 4 KB
2 KB 34ms
29ms Script
application/javascript 13.33.139.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.arcgis.com/3.36/esri/workers/WorkerClient.js

Requested by

Host: js.arcgis.com
URL: https://js.arcgis.com/3.36/init.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.33.139.113 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-33-139-113.cph50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

dde403ee66cd211aa2508200015412a3a647420759c7be5a303614d4879b55fb

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=6307200

Request headers

Referer: https://www.arcgis.com/apps/opsdashboard/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Apr 2021 22:50:00 GMT
content-encoding: br
age: 58224
x-cache: Hit from cloudfront
access-control-max-age: 3000
content-length: 1540
access-control-allow-origin: *
last-modified: Thu, 22 Apr 2021 04:43:30 GMT
server: AmazonS3
etag: "e6bde104c1aad044960ffb58cdebcd1c"
strict-transport-security: max-age=6307200
access-control-allow-methods: HEAD, GET
x-amz-version-id: IZMzUZK9Q4WkneyHQBoLKZia9jNWu_KN
via: 1.1 3b78d7f6f4659eac59b9364313823247.cloudfront.net (CloudFront)
cache-control: max-age=86400
content-security-policy: upgrade-insecure-requests
x-amz-cf-pop: CPH50-C2
content-type: application/javascript
x-amz-cf-id: cYr_FKsPMLIkMQ5XVw6eKtyfOtCl_jhlvusS3yYmXkpOuCTS8SURFA==

GET
H2 200 GenerateRendererTask.js Show response
js.arcgis.com/3.36/esri/tasks/ Frame BE7A 4 KB
2 KB 33ms
30ms Script
application/javascript 13.33.139.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.arcgis.com/3.36/esri/tasks/GenerateRendererTask.js

Requested by

Host: js.arcgis.com
URL: https://js.arcgis.com/3.36/init.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.33.139.113 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-33-139-113.cph50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

5c349f09b427d969625994f292b90fd82b721675cb4489300bd2f9e9e7d3d736

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=6307200

Request headers

Referer: https://www.arcgis.com/apps/opsdashboard/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Apr 2021 22:50:00 GMT
content-encoding: br
age: 58224
x-cache: Hit from cloudfront
access-control-max-age: 3000
content-length: 1375
access-control-allow-origin: *
last-modified: Thu, 22 Apr 2021 04:43:24 GMT
server: AmazonS3
etag: "37cbd38545b5e7f9c9bfe3a6ab3cbd0c"
strict-transport-security: max-age=6307200
access-control-allow-methods: HEAD, GET
x-amz-version-id: K2fwNyMF2nKH1Fb64LDRPptCJc.ejS2e
via: 1.1 3b78d7f6f4659eac59b9364313823247.cloudfront.net (CloudFront)
cache-control: max-age=86400
content-security-policy: upgrade-insecure-requests
x-amz-cf-pop: CPH50-C2
content-type: application/javascript
x-amz-cf-id: wkxV0L6RMJ84_6zsu4Pesui2MFpwRLpm95IKM_5rD0wolirn6z56kg==

GET
H2 200 UniqueValueDefinition.js Show response
js.arcgis.com/3.36/esri/tasks/ Frame BE7A 991 B
900 B 33ms
31ms Script
application/javascript 13.33.139.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.arcgis.com/3.36/esri/tasks/UniqueValueDefinition.js

Requested by

Host: js.arcgis.com
URL: https://js.arcgis.com/3.36/init.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.33.139.113 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-33-139-113.cph50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

933d7247dc2de6f5e7c83388513bdb330b4af13790d490ca3c9d5e01bb0686c7

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=6307200

Request headers

Referer: https://www.arcgis.com/apps/opsdashboard/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 5mqUL__SVbSxYAu7Zt803wZ0aj0JQ1w1
content-encoding: br
etag: "13ade8a08e944272db04ae8ef3213b59"
age: 47733
x-cache: Hit from cloudfront
access-control-max-age: 3000
content-length: 368
access-control-allow-origin: *
last-modified: Thu, 22 Apr 2021 04:43:25 GMT
server: AmazonS3
date: Sat, 24 Apr 2021 04:45:50 GMT
strict-transport-security: max-age=6307200
access-control-allow-methods: HEAD, GET
content-type: application/javascript
via: 1.1 3b78d7f6f4659eac59b9364313823247.cloudfront.net (CloudFront)
cache-control: max-age=86400
content-security-policy: upgrade-insecure-requests
x-amz-cf-pop: CPH50-C2
x-amz-cf-id: RXzG3zwcK6yVXosuFAqe4cNGbW04yl4eJ__fzo1AejVyh3MFJ1TZNw==

GET
H2 200 ClassBreaksDefinition.js Show response
js.arcgis.com/3.36/esri/tasks/ Frame BE7A 2 KB
1 KB 33ms
31ms Script
application/javascript 13.33.139.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.arcgis.com/3.36/esri/tasks/ClassBreaksDefinition.js

Requested by

Host: js.arcgis.com
URL: https://js.arcgis.com/3.36/init.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.33.139.113 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-33-139-113.cph50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

50e8cf3917b8c3b4eadbc209800bf2afcdf659a24461f3ae7f9706a7c706a3f7

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=6307200

Request headers

Referer: https://www.arcgis.com/apps/opsdashboard/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: sOEH9HcNh2IeCeEpxg0MJEjZxM0MoSRb
content-encoding: br
etag: "fbab345132df87917b557dbca5573f38"
age: 36879
x-cache: Hit from cloudfront
access-control-max-age: 3000
content-length: 544
access-control-allow-origin: *
last-modified: Thu, 22 Apr 2021 04:43:24 GMT
server: AmazonS3
date: Sat, 24 Apr 2021 04:45:50 GMT
strict-transport-security: max-age=6307200
access-control-allow-methods: HEAD, GET
content-type: application/javascript
via: 1.1 3b78d7f6f4659eac59b9364313823247.cloudfront.net (CloudFront)
cache-control: max-age=86400
content-security-policy: upgrade-insecure-requests
x-amz-cf-pop: CPH50-C2
x-amz-cf-id: GSFe1FdOqFSsGyQnXCkf6bM3OOR0Z-DNAMAbJMyVM6JnWz9BS0NZBA==

GET
H2 200 GenerateRendererParameters.js Show response
js.arcgis.com/3.36/esri/tasks/ Frame BE7A 666 B
861 B 34ms
31ms Script
application/javascript 13.33.139.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.arcgis.com/3.36/esri/tasks/GenerateRendererParameters.js

Requested by

Host: js.arcgis.com
URL: https://js.arcgis.com/3.36/init.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.33.139.113 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-33-139-113.cph50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

42f1972e6fca28b256243fa99dd5eaf51035aad553637fe0ec7108fd5200c84c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=6307200

Request headers

Referer: https://www.arcgis.com/apps/opsdashboard/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: bTByGyrggt79piJLfLNqBKULRSzm5oGN
content-encoding: br
etag: "4448569ba51f642b32fc63ebe5ee7e54"
age: 36880
x-cache: Hit from cloudfront
access-control-max-age: 3000
content-length: 328
access-control-allow-origin: *
last-modified: Thu, 22 Apr 2021 04:43:24 GMT
server: AmazonS3
date: Sat, 24 Apr 2021 04:45:50 GMT
strict-transport-security: max-age=6307200
access-control-allow-methods: HEAD, GET
content-type: application/javascript
via: 1.1 3b78d7f6f4659eac59b9364313823247.cloudfront.net (CloudFront)
cache-control: max-age=86400
content-security-policy: upgrade-insecure-requests
x-amz-cf-pop: CPH50-C2
x-amz-cf-id: 2q5rOO70FngQn9UsynOpGbhetCGDURXj67womXn6rUVd2oBK3uHDNA==

GET
H2 200 generateRenderer.js Show response
js.arcgis.com/3.36/esri/tasks/ Frame BE7A 51 KB
15 KB 33ms
31ms Script
application/javascript 13.33.139.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.arcgis.com/3.36/esri/tasks/generateRenderer.js

Requested by

Host: js.arcgis.com
URL: https://js.arcgis.com/3.36/init.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.33.139.113 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-33-139-113.cph50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

5dfdc51d1edd6224a525e7722c33da89882d92e96ee1a4de5a1c291fde17a264

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=6307200

Request headers

Referer: https://www.arcgis.com/apps/opsdashboard/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Apr 2021 22:50:01 GMT
content-encoding: br
age: 58223
x-cache: Hit from cloudfront
access-control-max-age: 3000
content-length: 15177
access-control-allow-origin: *
last-modified: Thu, 22 Apr 2021 04:43:25 GMT
server: AmazonS3
etag: "ea920c9694ec176941294dd845c6ffac"
strict-transport-security: max-age=6307200
access-control-allow-methods: HEAD, GET
x-amz-version-id: w6Z30VW9qIy4CYxUq4YKdp8PV7O2KqEK
via: 1.1 3b78d7f6f4659eac59b9364313823247.cloudfront.net (CloudFront)
cache-control: max-age=86400
content-security-policy: upgrade-insecure-requests
x-amz-cf-pop: CPH50-C2
content-type: application/javascript
x-amz-cf-id: VZ_khCqBmV9kSsXE3GfceRaOjvAdOZLV910pCvHHezYdAVztSM9q0w==

GET
H2 200 ProjectParameters.js Show response
js.arcgis.com/3.36/esri/tasks/ Frame BE7A 1 KB
955 B 33ms
32ms Script
application/javascript 13.33.139.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.arcgis.com/3.36/esri/tasks/ProjectParameters.js

Requested by

Host: js.arcgis.com
URL: https://js.arcgis.com/3.36/init.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.33.139.113 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-33-139-113.cph50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

437c64eff55eee9b97154d616b2c111d4d92915acb02064984a01205708d8ceb

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=6307200

Request headers

Referer: https://www.arcgis.com/apps/opsdashboard/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Apr 2021 22:50:02 GMT
content-encoding: br
age: 58221
x-cache: Hit from cloudfront
access-control-max-age: 3000
content-length: 424
access-control-allow-origin: *
last-modified: Thu, 22 Apr 2021 04:43:25 GMT
server: AmazonS3
etag: "703396f863d906337487e43cad54ead8"
strict-transport-security: max-age=6307200
access-control-allow-methods: HEAD, GET
x-amz-version-id: oBvbPxNr9Osy4n__ssDRcv0Hvbptkmuk
via: 1.1 3b78d7f6f4659eac59b9364313823247.cloudfront.net (CloudFront)
cache-control: max-age=86400
content-security-policy: upgrade-insecure-requests
x-amz-cf-pop: CPH50-C2
content-type: application/javascript
x-amz-cf-id: sS04h004i-SQwPnXARU4w2ug_j15u-v7DGaj-tCb7UhZepFotnG_BA==

GET
H2 200 heatmapCalculator.js Show response
js.arcgis.com/3.36/esri/workers/ Frame BE7A 5 KB
3 KB 33ms
32ms Script
application/javascript 13.33.139.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.arcgis.com/3.36/esri/workers/heatmapCalculator.js

Requested by

Host: js.arcgis.com
URL: https://js.arcgis.com/3.36/init.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.33.139.113 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-33-139-113.cph50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

a1a24763a8e999c21fd249278227e9ba40b742a50834dae984bace1f2f092680

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=6307200

Request headers

Referer: https://www.arcgis.com/apps/opsdashboard/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: yVDBeOK_FzJ2lvPHiqbRz40QfAA8_sGu
content-encoding: br
etag: "5c6d91bdca7563964e3ea58491453ce7"
age: 36879
x-cache: Hit from cloudfront
access-control-max-age: 3000
content-length: 2116
access-control-allow-origin: *
last-modified: Thu, 22 Apr 2021 04:43:30 GMT
server: AmazonS3
date: Sat, 24 Apr 2021 04:45:50 GMT
strict-transport-security: max-age=6307200
access-control-allow-methods: HEAD, GET
content-type: application/javascript
via: 1.1 3b78d7f6f4659eac59b9364313823247.cloudfront.net (CloudFront)
cache-control: max-age=86400
content-security-policy: upgrade-insecure-requests
x-amz-cf-pop: CPH50-C2
x-amz-cf-id: PcTQA9L_KBE7NVspZSL0ty23-E3YQnaehADjqWWcswYLAR85hNodDQ==

GET
H2 200 filters.js Show response
js.arcgis.com/3.36/dojox/gfx/ Frame BE7A 17 KB
3 KB 30ms
30ms Script
application/javascript 13.33.139.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.arcgis.com/3.36/dojox/gfx/filters.js

Requested by

Host: js.arcgis.com
URL: https://js.arcgis.com/3.36/init.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.33.139.113 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-33-139-113.cph50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

6de5eda7615b74f15519e857edb1bdd2a89fbc4498f6dab99853cfaeec4dd53c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=6307200

Request headers

Referer: https://www.arcgis.com/apps/opsdashboard/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Apr 2021 22:50:03 GMT
content-encoding: br
age: 58221
x-cache: Hit from cloudfront
access-control-max-age: 3000
content-length: 2401
access-control-allow-origin: *
last-modified: Thu, 22 Apr 2021 04:42:02 GMT
server: AmazonS3
etag: "15697b12baa68e03a1917e161d769831"
strict-transport-security: max-age=6307200
access-control-allow-methods: HEAD, GET
x-amz-version-id: 84tJO7DXQSgZ50q2OGZjbQTabmLmIkAL
via: 1.1 3b78d7f6f4659eac59b9364313823247.cloudfront.net (CloudFront)
cache-control: max-age=86400
content-security-policy: upgrade-insecure-requests
x-amz-cf-pop: CPH50-C2
content-type: application/javascript
x-amz-cf-id: EVRoCim2DhRh4IJzlzaSUoSRXrPi2c7zcM-VTdKushpx72tYjQHgSQ==

GET
H2 200 svgext.js Show response
js.arcgis.com/3.36/dojox/gfx/ Frame BE7A 1 KB
976 B 31ms
30ms Script
application/javascript 13.33.139.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.arcgis.com/3.36/dojox/gfx/svgext.js

Requested by

Host: js.arcgis.com
URL: https://js.arcgis.com/3.36/init.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.33.139.113 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-33-139-113.cph50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

dcd53e0833ad20080f6fd0c09930c14ab8a8b7046d9b45f9cb411672ea0146ec

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=6307200

Request headers

Referer: https://www.arcgis.com/apps/opsdashboard/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Apr 2021 22:50:03 GMT
content-encoding: br
age: 58221
x-cache: Hit from cloudfront
access-control-max-age: 3000
content-length: 443
access-control-allow-origin: *
last-modified: Thu, 22 Apr 2021 04:42:02 GMT
server: AmazonS3
etag: "2cad710d328083aff93c58804bf6be68"
strict-transport-security: max-age=6307200
access-control-allow-methods: HEAD, GET
x-amz-version-id: dldbaP.j4bJ9CojYjdIU3opE71ddJzrB
via: 1.1 3b78d7f6f4659eac59b9364313823247.cloudfront.net (CloudFront)
cache-control: max-age=86400
content-security-policy: upgrade-insecure-requests
x-amz-cf-pop: CPH50-C2
content-type: application/javascript
x-amz-cf-id: jCdLAy0nE0ioXH9iKuQ-knP7VM0jgaMic_qG1TBlXCXp7v9Rgq3DZg==

GET
H2 200 BasemapGallery_ROOT.js Show response
js.arcgis.com/3.36/esri/dijit/nls/ Frame BE7A 259 B
732 B 34ms
29ms Script
application/javascript 13.33.139.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.arcgis.com/3.36/esri/dijit/nls/BasemapGallery_ROOT.js

Requested by

Host: js.arcgis.com
URL: https://js.arcgis.com/3.36/init.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.33.139.113 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-33-139-113.cph50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

1d227a6bc430bf14bb905c07e45bd1bf779ab63e009cfbef54ad59fc20a38c34

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=6307200

Request headers

Referer: https://www.arcgis.com/apps/opsdashboard/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 71rO8ym1GPHpYUUidwmef9RJ_NPlSN92
content-encoding: br
etag: "f857c4d802551a87e4b91815044b6f47"
age: 61956
x-cache: Hit from cloudfront
access-control-max-age: 3000
content-length: 191
access-control-allow-origin: *
last-modified: Thu, 22 Apr 2021 04:43:17 GMT
server: AmazonS3
date: Sat, 24 Apr 2021 04:49:12 GMT
strict-transport-security: max-age=6307200
access-control-allow-methods: HEAD, GET
content-type: application/javascript
via: 1.1 3b78d7f6f4659eac59b9364313823247.cloudfront.net (CloudFront)
cache-control: max-age=86400
content-security-policy: upgrade-insecure-requests
x-amz-cf-pop: CPH50-C2
x-amz-cf-id: wGHAsD67Lthck0Uxl1IEIiZGx_-QL6lgep36WaswsDPz0MEvs68hZA==

GET
H3-29 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 0D76 36 KB
12 KB 21ms
6ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://assets.scrippsdigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 14:14:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
age: 2762
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
expires: Sat, 24 Apr 2021 15:14:21 GMT

POST
H/1.1 200
OK ao Show response
capi.connatix.com/tr/ Frame 1FBF 0
293 B 111ms
111ms XHR
multipart/form-data 3.143.119.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/tr/ao?v=114867
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.143.119.104 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: multipart/form-data

Response headers

Date: Sat, 24 Apr 2021 15:00:23 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: multipart/form-data
Access-Control-Allow-Origin: https://www.tmj4.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 20

POST
H/1.1 200
OK g Show response
capi.connatix.com/rtb/ Frame 1FBF 232 B
469 B 346ms
194ms XHR
multipart/form-data 3.143.119.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/rtb/g?v=114867
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.143.119.104 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 6d3cb300ee1cbe976fef01355a3578aaf7f5e4269d1bfa5120063204de8cba60

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: multipart/form-data

Response headers

Date: Sat, 24 Apr 2021 15:00:23 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: multipart/form-data
Access-Control-Allow-Origin: https://www.tmj4.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 195

POST
H/1.1 200
OK ps Show response
capi.connatix.com/tr/ Frame 1FBF 0
293 B 220ms
111ms XHR
multipart/form-data 3.143.119.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/tr/ps?v=114867
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.143.119.104 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: multipart/form-data

Response headers

Date: Sat, 24 Apr 2021 15:00:23 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: multipart/form-data
Access-Control-Allow-Origin: https://www.tmj4.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 20

GET
H2 200 aaa14cab-2070-4458-bc3a-e116b42bbf82.jpg
img.connatix.com/3b349157-4b1d-491c-b0ad-fd9d6a811fc6/ 17 KB
17 KB 206ms
40ms Image
image/jpeg 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.connatix.com/3b349157-4b1d-491c-b0ad-fd9d6a811fc6/aaa14cab-2070-4458-bc3a-e116b42bbf82.jpg?crop=600:410,smart&width=600&height=410&format=jpeg&quality=60&fit=crop
Requested by: Host: www.tmj4.com
URL: https://www.tmj4.com/news/coronavirus/wisconsins-extended-safer-at-home-order-relaxes-restrictions-on-non-essential-businesses
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 70b0369558b54b6ce8d087a0e5bea17d48e68e34b56ace9e21b3c9ee971c64d5

Request headers

Referer: https://www.tmj4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 15:00:23 GMT
age: 873
etag: "fx7NA6Zu7vYiqAdp3lN96qg9A8B18+mCi13x9cqtWo0"
access-control-max-age: 86400
fastly-io-info: ifsz=72508 idim=1200x630 ifmt=jpeg ofsz=17329 odim=600x410 ofmt=jpeg
access-control-allow-origin: *
cache-control: max-age=31557600
fastly-stats: io=1
accept-ranges: bytes
content-type: image/jpeg
content-length: 17329

GET
H2 200 e.m3u8 Show response
content-zeuuks-up-1.uplynk.com/0741bce3458e4705a7a2e69ec4920c82/ Frame AF08 10 KB
865 B 281ms
280ms XHR
application/vnd.apple.mpegurl 20.50.105.246
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://content-zeuuks-up-1.uplynk.com/0741bce3458e4705a7a2e69ec4920c82/e.m3u8

Requested by

Host: assets.scrippsdigital.com
URL: https://assets.scrippsdigital.com/cms/videojs/videojs-combine.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.50.105.246 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

fe053b7ba38599bd4b21b9213a2e9f6e62d36bede01647d12cb429cf15fa6083

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://assets.scrippsdigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 15:00:23 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/vnd.apple.mpegurl
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store
x-services: 7cbfd5fb2cc14b828cea5a64b251ba7a
content-length: 568
x-content-type-options: nosniff

GET
H2 200 aaa14cab-2070-4458-bc3a-e116b42bbf82.jpg
img.connatix.com/3b349157-4b1d-491c-b0ad-fd9d6a811fc6/ 16 KB
16 KB 152ms
38ms Image
image/jpeg 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.connatix.com/3b349157-4b1d-491c-b0ad-fd9d6a811fc6/aaa14cab-2070-4458-bc3a-e116b42bbf82.jpg?crop=600:338,smart&width=600&height=338&format=jpeg&quality=60&fit=crop
Requested by: Host: www.tmj4.com
URL: https://www.tmj4.com/news/coronavirus/wisconsins-extended-safer-at-home-order-relaxes-restrictions-on-non-essential-businesses
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: c9d9d025eefd7c07d9973c309d72d12af54bda54c52a4e4ebe54215fdd25d2af

Request headers

Referer: https://www.tmj4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 15:00:23 GMT
age: 873
etag: "kGbbILiV0Rro0MBlTRva0Xz/c7YYUxrC8vyXM/QTW4s"
access-control-max-age: 86400
fastly-io-info: ifsz=72508 idim=1200x630 ifmt=jpeg ofsz=16372 odim=600x338 ofmt=jpeg
access-control-allow-origin: *
cache-control: max-age=31557600
fastly-stats: io=1
accept-ranges: bytes
content-type: image/jpeg
content-length: 16372

GET
H2 200 a669988b-1493-4efc-9acf-573f5924c09d.jpg
img.connatix.com/3b349157-4b1d-491c-b0ad-fd9d6a811fc6/ 14 KB
15 KB 187ms
74ms Image
image/jpeg 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.connatix.com/3b349157-4b1d-491c-b0ad-fd9d6a811fc6/a669988b-1493-4efc-9acf-573f5924c09d.jpg?crop=600:338,smart&width=600&height=338&format=jpeg&quality=60&fit=crop
Requested by: Host: www.tmj4.com
URL: https://www.tmj4.com/news/coronavirus/wisconsins-extended-safer-at-home-order-relaxes-restrictions-on-non-essential-businesses
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 53d827e70fb9335efb9aa119c9ad597a0054cdfb0430870b9b1e6beb5a62547d

Request headers

Referer: https://www.tmj4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 15:00:23 GMT
age: 873
etag: "UZw4vbh5h0utLtpiCwx3krGhJkDBHjIBPAU40svLsSs"
access-control-max-age: 86400
fastly-io-info: ifsz=396098 idim=1200x630 ifmt=png ofsz=14838 odim=600x338 ofmt=jpeg
access-control-allow-origin: *
cache-control: max-age=31557600
fastly-stats: io=1
accept-ranges: bytes
content-type: image/jpeg
content-length: 14838

GET
H2 200 9cf052a1-a8cf-4992-ac2f-2e5f9d498191.jpg
img.connatix.com/3b349157-4b1d-491c-b0ad-fd9d6a811fc6/ 24 KB
24 KB 162ms
51ms Image
image/jpeg 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.connatix.com/3b349157-4b1d-491c-b0ad-fd9d6a811fc6/9cf052a1-a8cf-4992-ac2f-2e5f9d498191.jpg?crop=600:338,smart&width=600&height=338&format=jpeg&quality=60&fit=crop
Requested by: Host: www.tmj4.com
URL: https://www.tmj4.com/news/coronavirus/wisconsins-extended-safer-at-home-order-relaxes-restrictions-on-non-essential-businesses
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 8207c0af414c34734df819d98100d586a40d79634c879285d5e3c07bdf4d6040

Request headers

Referer: https://www.tmj4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 15:00:23 GMT
age: 873
etag: "Qnn0/2fk4JygPjKv7y1wwTnczUsDHmhuVzqS5xQs3tw"
access-control-max-age: 86400
fastly-io-info: ifsz=171162 idim=1200x630 ifmt=jpeg ofsz=24568 odim=600x338 ofmt=jpeg
access-control-allow-origin: *
cache-control: max-age=31557600
fastly-stats: io=1
accept-ranges: bytes
content-type: image/jpeg
content-length: 24568

GET
H2 200 e55da43f-15a6-4537-9ead-250d1c2c7746.jpg
img.connatix.com/3b349157-4b1d-491c-b0ad-fd9d6a811fc6/ 30 KB
30 KB 154ms
45ms Image
image/jpeg 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.connatix.com/3b349157-4b1d-491c-b0ad-fd9d6a811fc6/e55da43f-15a6-4537-9ead-250d1c2c7746.jpg?crop=600:338,smart&width=600&height=338&format=jpeg&quality=60&fit=crop
Requested by: Host: www.tmj4.com
URL: https://www.tmj4.com/news/coronavirus/wisconsins-extended-safer-at-home-order-relaxes-restrictions-on-non-essential-businesses
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: d56e54ba583665a62f9aae54a0a9a7e08d95c3d7d46c43f0bd148899bd03ac6d

Request headers

Referer: https://www.tmj4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 15:00:23 GMT
age: 873
etag: "ZN5k4ugGlQC9vbP72aFWZFZpBeiRo9ySrUwFnS//hCU"
access-control-max-age: 86400
fastly-io-info: ifsz=108801 idim=1200x630 ifmt=jpeg ofsz=30746 odim=600x338 ofmt=jpeg
access-control-allow-origin: *
cache-control: max-age=31557600
fastly-stats: io=1
accept-ranges: bytes
content-type: image/jpeg
content-length: 30746

GET
H2 200 a5cba3ed-06a3-45ab-a838-fe614d433ef7.jpg
img.connatix.com/3b349157-4b1d-491c-b0ad-fd9d6a811fc6/ 26 KB
26 KB 157ms
49ms Image
image/jpeg 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.connatix.com/3b349157-4b1d-491c-b0ad-fd9d6a811fc6/a5cba3ed-06a3-45ab-a838-fe614d433ef7.jpg?crop=600:338,smart&width=600&height=338&format=jpeg&quality=60&fit=crop
Requested by: Host: www.tmj4.com
URL: https://www.tmj4.com/news/coronavirus/wisconsins-extended-safer-at-home-order-relaxes-restrictions-on-non-essential-businesses
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 5361f978aefe27cab555ecf461abee6adb4abb1f9fe357b37295623923b84bc9

Request headers

Referer: https://www.tmj4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 15:00:23 GMT
age: 873
etag: "yn1teHfq1RX9qNjduELPrycKUVq45NyIK+8x3yUAE2k"
access-control-max-age: 86400
fastly-io-info: ifsz=81096 idim=1200x630 ifmt=jpeg ofsz=26385 odim=600x338 ofmt=jpeg
access-control-allow-origin: *
cache-control: max-age=31557600
fastly-stats: io=1
accept-ranges: bytes
content-type: image/jpeg
content-length: 26385

GET
H2 200 get Show response
mv.outbrain.com/Multivac/api/ 8 KB
2 KB 289ms
196ms Script
application/json 151.101.114.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://mv.outbrain.com/Multivac/api/get?url=https%3A%2F%2Fwww.tmj4.com%2F%2Fnews%2Fcoronavirus%2Fwisconsins-extended-safer-at-home-order-relaxes-restrictions-on-non-essential-businesses&settings=true&recs=true&widgetJSId=AR_11&key=NANOWDGT01&version=2000299&apv=true&sig=iceAXfT6&format=html&rand=72174&pdobuid=-1&osLang=en-US&va=true&et=true&cmpStat=0&ccpaStat=0&scrW=1600&scrH=1200&t=OWNjMjY4MzMyNTRiZWNiNjY0ZjhkY2IwODczOGRhZmM=&winW=1600&winH=1200&adblck=false&abwl=false&secured=true&feedIdx=0&lastIdx=0&lastCardIdx=0&fAB=no_abtest&clss=N5KvSoT1x%2Ft7z7wBq%2BkFHg8NrwRiW9FxjYPCey0GiJnvAh9RsndqBdvzPDSL98Mztd4n3fVz9L0fC7Ad&pcer=p%3DrrKPNfOLjD82aTt4US19qAJQ3Hl4yme2lRvCesnEaTw%26c%3Dbda480bb%26v%3D3&dpr=1&cw=610&wdr-natlaz=true
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/2000299/module/streamFeed.js?e=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.114.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 9d776d9fe93c4789ba2cae4a0303766b998529331f94ef30f5f444fbde1230fb

Request headers

Referer: https://www.tmj4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 15:00:23 GMT
via: 1.1 varnish, 1.1 varnish
traffic-path: NYDC1, LGA, HHN, Europe1
x-timer: S1619276423.345396,VS0,VE191
accept-ranges: bytes
vary: Accept-Encoding, User-Agent
x-cache: MISS, MISS
content-type: application/json; charset=UTF-8
backend-ip: 157.52.117.49
expires: Thu, 01 Jan 1970 00:00:00 GMT
x-cache-hits: 0, 0
x-traceid: 2941e9fac45401a49d26d271383fbb86
content-encoding: gzip
content-length: 1489
x-served-by: cache-lga21949-LGA, cache-hhn4025-HHN

GET
H2 200 HorizontalRuleLabels.js Show response
js.arcgis.com/3.36/dijit/form/ Frame BE7A 2 KB
1 KB 29ms
28ms Script
application/javascript 13.33.139.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.arcgis.com/3.36/dijit/form/HorizontalRuleLabels.js

Requested by

Host: js.arcgis.com
URL: https://js.arcgis.com/3.36/init.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.33.139.113 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-33-139-113.cph50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

439138d5bef09aab469ca986ce84cfff5f416ad2617316881e016b64d0eaec4b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=6307200

Request headers

Referer: https://www.arcgis.com/apps/opsdashboard/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: wR8R4vAaomdX3SSh3Wj8zx1b_7yDeySz
content-encoding: br
etag: "bb3fc1a8d07cf9e5ad1c7c41716895e2"
age: 52515
x-cache: Hit from cloudfront
access-control-max-age: 3000
content-length: 674
access-control-allow-origin: *
last-modified: Thu, 22 Apr 2021 04:41:39 GMT
server: AmazonS3
date: Sat, 24 Apr 2021 04:45:50 GMT
strict-transport-security: max-age=6307200
access-control-allow-methods: HEAD, GET
content-type: application/javascript
via: 1.1 3b78d7f6f4659eac59b9364313823247.cloudfront.net (CloudFront)
cache-control: max-age=86400
content-security-policy: upgrade-insecure-requests
x-amz-cf-pop: CPH50-C2
x-amz-cf-id: YtaaT-q7CpSN-LjykGiePBgDla02YZSWZILSNbP3mnGjb_2JBhBr7g==

GET
H2 200 HorizontalSlider.js Show response
js.arcgis.com/3.36/dijit/form/ Frame BE7A 9 KB
3 KB 29ms
28ms Script
application/javascript 13.33.139.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.arcgis.com/3.36/dijit/form/HorizontalSlider.js

Requested by

Host: js.arcgis.com
URL: https://js.arcgis.com/3.36/init.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.33.139.113 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-33-139-113.cph50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

aef7a221e51f1951e6a349f2f65eef006ef7e3c885e773e6e317cc76b1c3728b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=6307200

Request headers

Referer: https://www.arcgis.com/apps/opsdashboard/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Apr 2021 22:50:03 GMT
content-encoding: br
age: 58221
x-cache: Hit from cloudfront
access-control-max-age: 3000
content-length: 2420
access-control-allow-origin: *
last-modified: Thu, 22 Apr 2021 04:41:39 GMT
server: AmazonS3
etag: "21504b3098654e7f9c55a86996379ad2"
strict-transport-security: max-age=6307200
access-control-allow-methods: HEAD, GET
x-amz-version-id: 9hIWcp0z3aMfsk14TBJZbbdjiBQblyKV
via: 1.1 3b78d7f6f4659eac59b9364313823247.cloudfront.net (CloudFront)
cache-control: max-age=86400
content-security-policy: upgrade-insecure-requests
x-amz-cf-pop: CPH50-C2
content-type: application/javascript
x-amz-cf-id: 4I0WtORWmoNYh2WhI_fuXZW8jFnlfvzxd5adbnMvDiZHtp5PjrjLDw==

GET
H2 200 CheckBox.js Show response
js.arcgis.com/3.36/dijit/form/ Frame BE7A 1 KB
1 KB 29ms
29ms Script
application/javascript 13.33.139.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.arcgis.com/3.36/dijit/form/CheckBox.js

Requested by

Host: js.arcgis.com
URL: https://js.arcgis.com/3.36/init.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.33.139.113 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-33-139-113.cph50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

b7f9a359c677e99be6a221dad3a16c45100e2665f0c5938b820774677109c259

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=6307200

Request headers

Referer: https://www.arcgis.com/apps/opsdashboard/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Apr 2021 22:50:03 GMT
content-encoding: br
age: 58221
x-cache: Hit from cloudfront
access-control-max-age: 3000
content-length: 582
access-control-allow-origin: *
last-modified: Thu, 22 Apr 2021 04:41:39 GMT
server: AmazonS3
etag: "524b12a40146bcccdf2d41a42cce2485"
strict-transport-security: max-age=6307200
access-control-allow-methods: HEAD, GET
x-amz-version-id: qFQn4qSgfqM5a1C..LVg8gz73PViAQzT
via: 1.1 3b78d7f6f4659eac59b9364313823247.cloudfront.net (CloudFront)
cache-control: max-age=86400
content-security-policy: upgrade-insecure-requests
x-amz-cf-pop: CPH50-C2
content-type: application/javascript
x-amz-cf-id: VSfTAxDjpTO5vr1xb72RIFXl3_Gz8bzNHsxHQCE92vTA77UAPRK6Kw==

GET
H2 200 _RadioButtonMixin.js Show response
js.arcgis.com/3.36/dijit/form/ Frame BE7A 1 KB
1 KB 29ms
29ms Script
application/javascript 13.33.139.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.arcgis.com/3.36/dijit/form/_RadioButtonMixin.js

Requested by

Host: js.arcgis.com
URL: https://js.arcgis.com/3.36/init.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.33.139.113 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-33-139-113.cph50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

e751c01e7c6a20bfca89f6df43aa02b40331e6e6a1d50a7b324649f27ddd64fc

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=6307200

Request headers

Referer: https://www.arcgis.com/apps/opsdashboard/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Apr 2021 22:50:03 GMT
content-encoding: br
age: 58221
x-cache: Hit from cloudfront
access-control-max-age: 3000
content-length: 495
access-control-allow-origin: *
last-modified: Thu, 22 Apr 2021 04:41:40 GMT
server: AmazonS3
etag: "02bda9e06c76ddc55a3412faacc7b4dd"
strict-transport-security: max-age=6307200
access-control-allow-methods: HEAD, GET
x-amz-version-id: fBv5liqrYBtA1dl7tqYrfkcp9tcbM1sx
via: 1.1 3b78d7f6f4659eac59b9364313823247.cloudfront.net (CloudFront)
cache-control: max-age=86400
content-security-policy: upgrade-insecure-requests
x-amz-cf-pop: CPH50-C2
content-type: application/javascript
x-amz-cf-id: IdSIirznxrj4cFxqzx9B4-04QWceIN-_Cdg38n33EqxxaYmYxZ-_ZQ==

GET
H2 200 CalendarLite.js Show response
js.arcgis.com/3.36/dijit/ Frame BE7A 9 KB
3 KB 29ms
28ms Script
application/javascript 13.33.139.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.arcgis.com/3.36/dijit/CalendarLite.js

Requested by

Host: js.arcgis.com
URL: https://js.arcgis.com/3.36/init.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.33.139.113 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-33-139-113.cph50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

4f1fd8017993bf185581fed51b5221226960c7af86dd94798c5871877b5c9b01

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=6307200

Request headers

Referer: https://www.arcgis.com/apps/opsdashboard/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Apr 2021 22:50:03 GMT
content-encoding: br
age: 58221
x-cache: Hit from cloudfront
access-control-max-age: 3000
content-length: 2579
access-control-allow-origin: *
last-modified: Thu, 22 Apr 2021 04:41:38 GMT
server: AmazonS3
etag: "d9397d12791ae447c969b486bb7e375d"
strict-transport-security: max-age=6307200
access-control-allow-methods: HEAD, GET
x-amz-version-id: TOgvT5sU450mMm8D0h35wVuMKiy9.5eY
via: 1.1 3b78d7f6f4659eac59b9364313823247.cloudfront.net (CloudFront)
cache-control: max-age=86400
content-security-policy: upgrade-insecure-requests
x-amz-cf-pop: CPH50-C2
content-type: application/javascript
x-amz-cf-id: OAJhKraux1R1flxDVupOOiZddvvXeuzyR45MVduFX3rPajpnC1J1fQ==

GET
H2 200 RangeBoundTextBox.js Show response
js.arcgis.com/3.36/dijit/form/ Frame BE7A 1 KB
1 KB 29ms
29ms Script
application/javascript 13.33.139.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.arcgis.com/3.36/dijit/form/RangeBoundTextBox.js

Requested by

Host: js.arcgis.com
URL: https://js.arcgis.com/3.36/init.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.33.139.113 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-33-139-113.cph50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

64241a8a248d60d28b3b4d06364c1f071f7d6b92c515c0f7b020743bc705c4b9

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=6307200

Request headers

Referer: https://www.arcgis.com/apps/opsdashboard/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Apr 2021 22:50:03 GMT
content-encoding: br
age: 58221
x-cache: Hit from cloudfront
access-control-max-age: 3000
content-length: 498
access-control-allow-origin: *
last-modified: Thu, 22 Apr 2021 04:41:39 GMT
server: AmazonS3
etag: "d22ebde79f5a6d812bd168db10510a14"
strict-transport-security: max-age=6307200
access-control-allow-methods: HEAD, GET
x-amz-version-id: L148YEivFa1ZPNsJk3SMdwRU7YiN0kOU
via: 1.1 3b78d7f6f4659eac59b9364313823247.cloudfront.net (CloudFront)
cache-control: max-age=86400
content-security-policy: upgrade-insecure-requests
x-amz-cf-pop: CPH50-C2
content-type: application/javascript
x-amz-cf-id: aPZo_-a7kZnN5XVEwtoFJVjRqkCOhAZxMOi4YQEAOXFke9kceNSgmw==

GET
H2 200 _ListMouseMixin.js Show response
js.arcgis.com/3.36/dijit/form/ Frame BE7A 1 KB
954 B 28ms
28ms Script
application/javascript 13.33.139.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.arcgis.com/3.36/dijit/form/_ListMouseMixin.js

Requested by

Host: js.arcgis.com
URL: https://js.arcgis.com/3.36/init.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.33.139.113 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-33-139-113.cph50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

d8d5b6a5031f19d2bef805c6d280c099d42ee52f29b94ffc867c604a27940fec

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=6307200

Request headers

Referer: https://www.arcgis.com/apps/opsdashboard/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Apr 2021 22:50:03 GMT
content-encoding: br
age: 58220
x-cache: Hit from cloudfront
access-control-max-age: 3000
content-length: 421
access-control-allow-origin: *
last-modified: Thu, 22 Apr 2021 04:41:40 GMT
server: AmazonS3
etag: "a8e7a5ebe9561dd92b39b4bc403115ae"
strict-transport-security: max-age=6307200
access-control-allow-methods: HEAD, GET
x-amz-version-id: qtmU8EK64t8i584oXYW7hB3SdTKHQITm
via: 1.1 3b78d7f6f4659eac59b9364313823247.cloudfront.net (CloudFront)
cache-control: max-age=86400
content-security-policy: upgrade-insecure-requests
x-amz-cf-pop: CPH50-C2
content-type: application/javascript
x-amz-cf-id: PzIJ327Ld0yNSEwrbhKjrFzw6NUfB2CbHASzeSq6PUJva4taFIbOXA==

GET
H2 200 main.js Show response
js.arcgis.com/3.36/dojox/ Frame BE7A 81 B
603 B 29ms
28ms Script
application/javascript 13.33.139.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.arcgis.com/3.36/dojox/main.js

Requested by

Host: js.arcgis.com
URL: https://js.arcgis.com/3.36/init.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.33.139.113 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-33-139-113.cph50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

4366a13e1a54ae42e01de38f49447d8831bf1685e30ffe08615ead570c5042c8

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=6307200

Request headers

Referer: https://www.arcgis.com/apps/opsdashboard/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Apr 2021 19:30:21 GMT
content-encoding: br
age: 70202
x-cache: Hit from cloudfront
access-control-max-age: 3000
content-length: 72
access-control-allow-origin: *
last-modified: Thu, 22 Apr 2021 04:42:05 GMT
server: AmazonS3
etag: "3cc1fa29b202de209f04353e58c7c740"
strict-transport-security: max-age=6307200
access-control-allow-methods: HEAD, GET
x-amz-version-id: sWxpHNO1LGpXZmXnIizyY4EsCxiWS8T1
via: 1.1 3b78d7f6f4659eac59b9364313823247.cloudfront.net (CloudFront)
cache-control: max-age=86400
content-security-policy: upgrade-insecure-requests
x-amz-cf-pop: CPH50-C2
content-type: application/javascript
x-amz-cf-id: 0hT5l0T6eiv013gfjlLrnM5I4OfN4NAzFu0I_1tFD5f0hMjpZVNbuA==

GET
H2 200 colors.js Show response
js.arcgis.com/3.36/dojo/ Frame BE7A 4 KB
2 KB 28ms
28ms Script
application/javascript 13.33.139.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.arcgis.com/3.36/dojo/colors.js

Requested by

Host: js.arcgis.com
URL: https://js.arcgis.com/3.36/init.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.33.139.113 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-33-139-113.cph50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

454dad7b602ad0fe21e8604157a3b9640cfab8b8986587980328049180dbb5d9

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=6307200

Request headers

Referer: https://www.arcgis.com/apps/opsdashboard/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Apr 2021 20:03:39 GMT
content-encoding: br
age: 68205
x-cache: Hit from cloudfront
access-control-max-age: 3000
content-length: 1849
access-control-allow-origin: *
last-modified: Thu, 22 Apr 2021 04:41:48 GMT
server: AmazonS3
etag: "5994749c7007e3bfee1fc4456f347b5a"
strict-transport-security: max-age=6307200
access-control-allow-methods: HEAD, GET
x-amz-version-id: sQRJjK_ob_MAvqfWWfWUe5nbdqN1Bfb4
via: 1.1 3b78d7f6f4659eac59b9364313823247.cloudfront.net (CloudFront)
cache-control: max-age=86400
content-security-policy: upgrade-insecure-requests
x-amz-cf-pop: CPH50-C2
content-type: application/javascript
x-amz-cf-id: 2A5yfdiIRpDCnbWz00j08JpB63PdjDuoU08TLsXpBg0_odGjc_rReA==

GET
H3-29 200 bridge3.453.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame CA86 570 KB
186 KB 6ms
6ms Document
text/html 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.453.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

03fa924099182c607c33fb7877f50e7de0ae3522e1bcff8f7247ae5e88a2b25b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.453.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.tmj4.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.tmj4.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 190793
date: Fri, 23 Apr 2021 03:56:55 GMT
expires: Sat, 23 Apr 2022 03:56:55 GMT
last-modified: Wed, 21 Apr 2021 20:50:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 126208
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 client.js Show response
s0.2mdn.net/instream/video/ Frame 1FBF 44 KB
16 KB 30ms
14ms Script
text/javascript 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 15:00:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
expires: Sat, 24 Apr 2021 15:00:23 GMT

GET
H3-29 200 bridge3.453.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 4A3C 570 KB
186 KB 9ms
8ms Document
text/html 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.453.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

03fa924099182c607c33fb7877f50e7de0ae3522e1bcff8f7247ae5e88a2b25b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.453.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.tmj4.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.tmj4.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 190793
date: Fri, 23 Apr 2021 03:56:55 GMT
expires: Sat, 23 Apr 2022 03:56:55 GMT
last-modified: Wed, 21 Apr 2021 20:50:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 126208
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 bridge3.453.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame DA78 570 KB
186 KB 10ms
10ms Document
text/html 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.453.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

03fa924099182c607c33fb7877f50e7de0ae3522e1bcff8f7247ae5e88a2b25b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.453.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.tmj4.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.tmj4.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 190793
date: Fri, 23 Apr 2021 03:56:55 GMT
expires: Sat, 23 Apr 2022 03:56:55 GMT
last-modified: Wed, 21 Apr 2021 20:50:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 126208
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 ClassificationDefinition.js Show response
js.arcgis.com/3.36/esri/tasks/ Frame BE7A 665 B
845 B 29ms
28ms Script
application/javascript 13.33.139.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.arcgis.com/3.36/esri/tasks/ClassificationDefinition.js

Requested by

Host: js.arcgis.com
URL: https://js.arcgis.com/3.36/init.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.33.139.113 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-33-139-113.cph50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

110566be12e8b6a4421878fbd81776c09b8b1773820ce3dbed7590b8606a7d67

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=6307200

Request headers

Referer: https://www.arcgis.com/apps/opsdashboard/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Apr 2021 18:53:53 GMT
content-encoding: br
age: 72391
x-cache: Hit from cloudfront
access-control-max-age: 3000
content-length: 311
access-control-allow-origin: *
last-modified: Thu, 22 Apr 2021 04:43:24 GMT
server: AmazonS3
etag: "a6df9b3dfab6fcc7193eaab291c88468"
strict-transport-security: max-age=6307200
access-control-allow-methods: HEAD, GET
x-amz-version-id: zUjnCKgQreEi1.UCX84EdEf9azlK5YZo
via: 1.1 3b78d7f6f4659eac59b9364313823247.cloudfront.net (CloudFront)
cache-control: max-age=86400
content-security-policy: upgrade-insecure-requests
x-amz-cf-pop: CPH50-C2
content-type: application/javascript
x-amz-cf-id: X_OJHPR6a2-7IWljNcOHVHjg0lafMHEod8jfXF4-TrazkbuYFCvNwA==

GET
H3-29 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 29ms
15ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.tmj4.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042001.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tmj4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 24 Apr 2021 15:00:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 30ms
16ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.tmj4.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042001.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tmj4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 24 Apr 2021 15:00:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 101 KB
31 KB 650ms
648ms XHR
text/plain 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2558641535189197&correlator=408329854335656&output=ldjh&impl=fifs&eid=31060805&vrg=2021042001&ptt=17&sc=1&sfv=1-0-38&ecs=20210424&iu_parts=6088%2Cssp.tmj4%2Cinview-bottom%2Cnews%2Ccoronavirus%2Cdetail&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F3%2F4%2F5&prev_iu_szs=728x90%2C300x600%7C300x250&prev_scp=kw%3Dnew%2520guidelines%252Ccoronavirus%2520milwaukee%2520county%252Cextension%252CLocal%2520business%252CMay%252026%252Cwhat%2520places%2520in%2520wisconsin%2520have%2520coronavirus%252Cmilwaukee%2520coronavirus%252Cbegins%252Crestaurants%2520still%2520open%252Ccoronaviurs%2520wisconsin%26categories%3Dhomepage%2520showcase%2520local%2520news%2520coronavirus%26pt%3Ddetail%252Ctrue%26fname%3Dwisconsins-extended-safer-at-home-order-relaxes-restrictions-on-non-essential-businesses%26site%3Dprod%26device%3Ddesktop%26pos%3Dabove%252C1%26au%3Dnews%252Fcoronavirus%252Fdetail%26refresh%3D0%26temp%3D50-59%26weather%3Dcloudy%26m_mv%3DslotNoSlotData%26m_gv%3DslotNoSlotData%26amznbid%3D2%26amznp%3D2%7Ckw%3Dnew%2520guidelines%252Ccoronavirus%2520milwaukee%2520county%252Cextension%252CLocal%2520business%252CMay%252026%252Cwhat%2520places%2520in%2520wisconsin%2520have%2520coronavirus%252Cmilwaukee%2520coronavirus%252Cbegins%252Crestaurants%2520still%2520open%252Ccoronaviurs%2520wisconsin%26categories%3Dhomepage%2520showcase%2520local%2520news%2520coronavirus%26pt%3Ddetail%252Ctrue%26fname%3Dwisconsins-extended-safer-at-home-order-relaxes-restrictions-on-non-essential-businesses%26site%3Dprod%26device%3Ddesktop%26pos%3Dabove%252C1%26au%3Dnews%252Fcoronavirus%252Fdetail%26refresh%3D0%26temp%3D50-59%26weather%3Dcloudy%26m_mv%3DslotNoSlotData%26m_gv%3DslotNoSlotData%26amznbid%3D2%26amznp%3D2&eri=1&cust_params=m_data%3D1%26m_safety%3Dsafe%26m_categories%3Dmoat_safe%26m_mv%3DdataAvailable%26m_gv%3DdataAvailable&cookie_enabled=1&bc=31&abxe=1&lmt=1619276423&dt=1619276423379&dlt=1619276421033&idt=1576&frm=20&biw=1600&bih=1200&oid=3&adxs=-12245933%2C975&adys=-12245933%2C1544&adks=768349490%2C1893566511&ucis=1%7C2&ifi=1&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.tmj4.com%2Fnews%2Fcoronavirus%2Fwisconsins-extended-safer-at-home-order-relaxes-restrictions-on-non-essential-businesses&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x0%7C300x630&msz=1600x-1%7C300x630&ga_vid=2108222984.1619276422&ga_sid=1619276423&ga_hid=1948437090&ga_fc=false&fws=644%2C4&ohw=1600%2C1070&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: d25dfknw9ghxs6.cloudfront.net
URL: https://d25dfknw9ghxs6.cloudfront.net/scsp.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

7bd981d2e66ce656c3891aee16b24222c563e0d3d4b9871c0cd17d2b6629ac1f

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16028495025338676622/300x600.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16028495025338676622/300x600.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CLT4jOCSl_ACFeHFEQgdPUYOzg&gqi=&layout=/sadbundle/%24csp%253Der3%24/16028495025338676622/300x600.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tmj4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16028495025338676622/300x600.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16028495025338676622/300x600.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CLT4jOCSl_ACFeHFEQgdPUYOzg&gqi=&layout=/sadbundle/%24csp%253Der3%24/16028495025338676622/300x600.html
content-encoding: br
x-content-type-options: nosniff
google-creative-id: -1,-1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32176
x-xss-protection: 0
google-lineitem-id: -1,-1
pragma: no-cache
server: cafe
date: Sat, 24 Apr 2021 15:00:24 GMT
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.tmj4.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
a3a96b9ff0f7528530d1f7c674196848.safeframe.googlesyndication.com/safeframe/1-0-38/html/ 0
0 143ms
52ms Other
text/html 2a00:1450:400d:804::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a3a96b9ff0f7528530d1f7c674196848.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042001.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400d:804::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.tmj4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-38/html/ 0
0 27ms
6ms Other
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042001.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.tmj4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 37 KB
9 KB 487ms
487ms XHR
text/plain 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2558641535189197&correlator=749449096844603&output=ldjh&impl=fifs&eid=31060805&vrg=2021042001&ptt=17&sc=1&sfv=1-0-38&ecs=20210424&iu_parts=6088%2Cssp.tmj4%2Cnews%2Ccoronavirus%2Cdetail&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2C%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=300x250%2C970x250%7C728x90%7C970x90%7C994x30%7C10x1&prev_scp=kw%3Dnew%2520guidelines%252Ccoronavirus%2520milwaukee%2520county%252Cextension%252CLocal%2520business%252CMay%252026%252Cwhat%2520places%2520in%2520wisconsin%2520have%2520coronavirus%252Cmilwaukee%2520coronavirus%252Cbegins%252Crestaurants%2520still%2520open%252Ccoronaviurs%2520wisconsin%26categories%3Dhomepage%2520showcase%2520local%2520news%2520coronavirus%26pt%3Ddetail%252Ctrue%26fname%3Dwisconsins-extended-safer-at-home-order-relaxes-restrictions-on-non-essential-businesses%26site%3Dprod%26device%3Ddesktop%26pos%3Dabove%252C2%26au%3Dnews%252Fcoronavirus%252Fdetail%26refresh%3D0%26temp%3D50-59%26weather%3Dcloudy%26m_mv%3DslotNoSlotData%26m_gv%3DslotNoSlotData%26amznbid%3D2%26amznp%3D2%7Ckw%3Dnew%2520guidelines%252Ccoronavirus%2520milwaukee%2520county%252Cextension%252CLocal%2520business%252CMay%252026%252Cwhat%2520places%2520in%2520wisconsin%2520have%2520coronavirus%252Cmilwaukee%2520coronavirus%252Cbegins%252Crestaurants%2520still%2520open%252Ccoronaviurs%2520wisconsin%26categories%3Dhomepage%2520showcase%2520local%2520news%2520coronavirus%26pt%3Ddetail%252Ctrue%26fname%3Dwisconsins-extended-safer-at-home-order-relaxes-restrictions-on-non-essential-businesses%26site%3Dprod%26device%3Ddesktop%26pos%3Dabove%252C2%26au%3Dnews%252Fcoronavirus%252Fdetail%26refresh%3D0%26temp%3D50-59%26weather%3Dcloudy%26m_mv%3DslotNoSlotData%26m_gv%3DslotNoSlotData%26amznbid%3D2%26amznp%3D2&eri=1&cust_params=m_data%3D1%26m_safety%3Dsafe%26m_categories%3Dmoat_safe%26m_mv%3DdataAvailable%26m_gv%3DdataAvailable&cookie_enabled=1&bc=31&abxe=1&lmt=1619276423&dt=1619276423396&dlt=1619276421033&idt=1576&frm=20&biw=1600&bih=1200&oid=3&adxs=325%2C-12245933&adys=2219%2C-12245933&adks=3433356893%2C2981508986&ucis=3%7C4&ifi=3&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.tmj4.com%2Fnews%2Fcoronavirus%2Fwisconsins-extended-safer-at-home-order-relaxes-restrictions-on-non-essential-businesses&vis=1&dmc=8&scr_x=0&scr_y=0&psz=610x280%7C1500x0&msz=610x280%7C970x250&ga_vid=2108222984.1619276422&ga_sid=1619276423&ga_hid=1948437090&ga_fc=false&fws=4%2C132&ohw=1070%2C1600&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: d25dfknw9ghxs6.cloudfront.net
URL: https://d25dfknw9ghxs6.cloudfront.net/scsp.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

4570bea518fb2252ea6e30022381714fb3e5bf5915e0272a092808e51c5fa6eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tmj4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 15:00:23 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9230
x-xss-protection: 0
google-lineitem-id: 5675218021,5221840051
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138347808742,138310725339
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.tmj4.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ Frame 469D 1 KB
2 KB 30ms
30ms Script
application/javascript 143.204.245.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.245.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-245-38.cph50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 14:50:46 GMT
via: 1.1 a2ff850ccdde2a6d47a8ef587e8cb536.cloudfront.net (CloudFront)
etag: "1827f116c73f319409b97f10b8a58ade"
last-modified: Fri, 26 Feb 2021 14:35:05 GMT
server: AmazonS3
age: 2219
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: CPH50-C1
accept-ranges: bytes
content-length: 1469
x-amz-cf-id: Hs-4ASId09TqtEZOSmubd-xAlAvLt3fHxfoHtyDbrL7Tn2EREemtqQ==

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame AF08 107 B
122 B 17ms
16ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=assets.scrippsdigital.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://assets.scrippsdigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 24 Apr 2021 15:00:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 0424.bin Show response
vid.connatix.com/00000000-0000-0000-0000-000000000002/ Frame 1FBF 3 KB
1 KB 8ms
7ms XHR
application/octet-stream 151.101.14.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.connatix.com/00000000-0000-0000-0000-000000000002/0424.bin
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.14.137 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 26b711e1ad6818d849a6ef19e3ce12d7e8f7a6d4ab62c6b781b9d55c8b3378bc

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 15:00:23 GMT
content-encoding: gzip
last-modified: Tue, 03 Mar 2020 09:30:38 GMT
age: 54022
etag: "95851dec9da836859eace5d0bb936286"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 1230

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 8767
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17632&endpoint=us-east
https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east

281 B
554 B

1076ms
15ms

Document
text/html

104.111.230.142
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
Requested by: Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000248.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-230-142.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.tmj4.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.tmj4.com/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 23 Feb 2021 20:47:52 GMT
ETag: "402b0-119-5bc0708346e00"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sat, 24 Apr 2021 15:00:24 GMT
Connection: keep-alive
Vary: Accept-Encoding

Redirect headers

Server: AkamaiGHost
Content-Length: 0
Location: https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
Date: Sat, 24 Apr 2021 15:00:23 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *

GET
H/1.1 200
OK Cookie set uc.html Show response
go.sonobi.com/ Frame DBC4 43 B
573 B 62ms
14ms Document
text/html 178.162.133.148
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://go.sonobi.com/uc.html?pubid=e55fb5d7c2

Requested by

Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000248.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.148 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

Software

sonobi-go /

Resource Hash

bcdf010ba3dc61605c33de9b33e7e76dbc3bb4326dcec49f33970345e517fb25

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Host: go.sonobi.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.tmj4.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.tmj4.com/

Response headers

Date: Sat, 24 Apr 2021 15:00:23 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Cache-Control: no-cache, no-store, private
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Pragma: no-cache
Tcn: Choice
Vary: negotiate,Accept-Encoding
X-Go-Server: go-ams-1-7-8
X-Xss-Protection: 0
Content-Encoding: gzip
Server: sonobi-go
Set-Cookie: HAPLB5G=s578|YIQyi; path=/; domain=.go.sonobi.com; SameSite=None; secure

GET
H/1.1 200
OK user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 8022 8 KB
3 KB 30ms
8ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&userIdMacro=PM_UID&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3DPM_UID
Requested by: Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000248.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 23371b5319a53a0a2d3c59d738d679c384822c244ea4e791ef87a4110b8a291e

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.tmj4.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.tmj4.com/

Response headers

Last-Modified: Wed, 21 Oct 2020 18:57:29 GMT
ETag: "1300708-1f78-5b232eb4914bb"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 2654
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=70472
Expires: Sun, 25 Apr 2021 10:34:55 GMT
Date: Sat, 24 Apr 2021 15:00:23 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H2 204 um
cs.emxdgt.com/ Frame BA46 0
0 1305ms
11ms Document
text/html 18.195.155.181
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cs.emxdgt.com/um?ssp=pbs&redirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D44%26userId%3D%24UID
Requested by: Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000248.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.155.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-155-181.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

:method: GET
:authority: cs.emxdgt.com
:scheme: https
:path: /um?ssp=pbs&redirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D44%26userId%3D%24UID
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.tmj4.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.tmj4.com/

Response headers

content-type: text/html
date: Sat, 24 Apr 2021 15:00:24 GMT
content-length: 0

GET
H2

200

cm Show response
gift-connect-d.openx.net/w/1.0/ Frame 8C2E
Redirect Chain

https://gift-connect-d.openx.net/w/1.0/cm?id=fd531c74-f5ed-4e60-8874-939fb2acafa1&r=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D19%26userId%3D
https://gift-connect-d.openx.net/w/1.0/cm?cc=1&id=fd531c74-f5ed-4e60-8874-939fb2acafa1&r=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D19%26userId%3D

780 B
815 B

17ms
16ms

Document
text/html

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://gift-connect-d.openx.net/w/1.0/cm?cc=1&id=fd531c74-f5ed-4e60-8874-939fb2acafa1&r=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D19%26userId%3D
Requested by: Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000248.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: OXGW/16.205.4 /
Resource Hash: c1479075e11198bc90d44ed9a137249c625ba8ff23f5450226c75670e70f07a5

Request headers

:method: GET
:authority: gift-connect-d.openx.net
:scheme: https
:path: /w/1.0/cm?cc=1&id=fd531c74-f5ed-4e60-8874-939fb2acafa1&r=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D19%26userId%3D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.tmj4.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: i=36c00cbb-b1a0-0981-3136-e818b39b3b5e|1619276423
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.tmj4.com/

Response headers

vary: Accept, Accept-Encoding
set-cookie: i=36c00cbb-b1a0-0981-3136-e818b39b3b5e|1619276423; Version=1; Expires=Sun, 24-Apr-2022 15:00:23 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1619276423|gekin0vNiygu; Version=1; Expires=Sun, 09-May-2021 15:00:23 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.205.4
p3p: CP="CUR ADM OUR NOR STA NID"
date: Sat, 24 Apr 2021 15:00:23 GMT
content-type: text/html
content-length: 481
content-encoding: gzip
via: 1.1 google
alt-svc: clear

Redirect headers

set-cookie: i=36c00cbb-b1a0-0981-3136-e818b39b3b5e|1619276423; Version=1; Expires=Sun, 24-Apr-2022 15:00:23 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.205.4
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://gift-connect-d.openx.net/w/1.0/cm?cc=1&id=fd531c74-f5ed-4e60-8874-939fb2acafa1&r=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D19%26userId%3D
date: Sat, 24 Apr 2021 15:00:23 GMT
content-length: 0
via: 1.1 google
alt-svc: clear

GET
H2

200

i.gif
e.serverbid.com/udb/9969/sync/
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=185073&cb=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D
https://ssum-sec.casalemedia.com/usermatchredir?s=185073&cb=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D&C=1
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=1&userId=YIQyh7FGtohipzVd8FPpJQAA%261150

0
44 B

98ms
98ms

Image
text/plain

134.209.131.220
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=1&userId=YIQyh7FGtohipzVd8FPpJQAA%261150
Requested by: Host: www.tmj4.com
URL: https://www.tmj4.com/news/coronavirus/wisconsins-extended-safer-at-home-order-relaxes-restrictions-on-non-essential-businesses
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 134.209.131.220 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.tmj4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 15:00:23 GMT
content-length: 0

Redirect headers

Pragma: no-cache
Date: Sat, 24 Apr 2021 15:00:23 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=1&userId=YIQyh7FGtohipzVd8FPpJQAA%261150
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 282
Expires: Sat, 24 Apr 2021 15:00:23 GMT

GET
H2

200

i.gif
e.serverbid.com/udb/9969/sync/
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D28%26userId%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fe.serverbid.com%252Fudb%252F9969%252Fsync%252Fi.gif%253FpartnerId%253D28%2526userId%253D%2524UID
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=28&userId=2327173575115661820

0
44 B

99ms
99ms

Image
text/plain

134.209.131.220
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=28&userId=2327173575115661820
Requested by: Host: www.tmj4.com
URL: https://www.tmj4.com/news/coronavirus/wisconsins-extended-safer-at-home-order-relaxes-restrictions-on-non-essential-businesses
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 134.209.131.220 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.tmj4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 15:00:32 GMT
content-length: 0

Redirect headers

Pragma: no-cache
Date: Sat, 24 Apr 2021 15:00:32 GMT
X-Proxy-Origin: 83.143.245.188; 83.143.245.188; 729.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.139:80
AN-X-Request-Uuid: 8531dea3-7f27-4dcc-a528-a526c82872d6
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=28&userId=2327173575115661820
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

i.gif
e.serverbid.com/udb/9969/sync/
Redirect Chain

https://pixel.advertising.com/ups/56621/occ
https://pixel.advertising.com/ups/56621/occ?verify=true
https://ups.analytics.yahoo.com/ups/56621/occ?apid=UPcba0c1fb-a50d-11eb-8cd5-06f3176763d2
https://ups.analytics.yahoo.com/ups/56621/occ?apid=UPcba0c1fb-a50d-11eb-8cd5-06f3176763d2&verify=true
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=29&userId=UPcba0c1fb-a50d-11eb-8cd5-06f3176763d2

0
44 B

99ms
98ms

Image
text/plain

134.209.131.220
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=29&userId=UPcba0c1fb-a50d-11eb-8cd5-06f3176763d2
Requested by: Host: www.tmj4.com
URL: https://www.tmj4.com/news/coronavirus/wisconsins-extended-safer-at-home-order-relaxes-restrictions-on-non-essential-businesses
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 134.209.131.220 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.tmj4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 15:00:23 GMT
content-length: 0

Redirect headers

Date: Sat, 24 Apr 2021 15:00:23 GMT
Server: ATS/7.1.2.128
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=29&userId=UPcba0c1fb-a50d-11eb-8cd5-06f3176763d2
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK usa
sync.go.sonobi.com/ 0
478 B 7112ms
14ms Image
text/plain 178.162.133.149
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/usa?https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=38&userId=

Requested by

Host: www.tmj4.com
URL: https://www.tmj4.com/news/coronavirus/wisconsins-extended-safer-at-home-order-relaxes-restrictions-on-non-essential-businesses

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-sync.go.sonobi.com

Software

sonobi-go /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.tmj4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 24 Apr 2021 15:00:30 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-129
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Type: text/plain; charset=utf8
Content-Length: 0
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2

200

verify
pbs.publishers.tremorhub.com/pubsync/
Redirect Chain

https://pbs.publishers.tremorhub.com/pubsync?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D50%26userId%3D%5Btvid%5D
https://pbs.publishers.tremorhub.com/pubsync/verify?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D50%26userId%3D%5Btvid%5D

43 B
182 B

91ms
91ms

Image
image/gif

2600:1f18:612b:4216:b3d7:e742:13a8:bd05
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pbs.publishers.tremorhub.com/pubsync/verify?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D50%26userId%3D%5Btvid%5D
Requested by: Host: www.tmj4.com
URL: https://www.tmj4.com/news/coronavirus/wisconsins-extended-safer-at-home-order-relaxes-restrictions-on-non-essential-businesses
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4216:b3d7:e742:13a8:bd05 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://www.tmj4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 15:00:23 GMT
server: Apache-Coyote/1.1
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type: image/gif

Redirect headers

location: pubsync/verify?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D50%26userId%3D%5Btvid%5D
date: Sat, 24 Apr 2021 15:00:23 GMT
server: Apache-Coyote/1.1
content-length: 0
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'

GET
H2

200

i.gif
e.serverbid.com/udb/9969/sync/
Redirect Chain

https://x.bidswitch.net/sync?ssp=consumable
https://x.bidswitch.net/ul_cb/sync?ssp=consumable
https://ads.betweendigital.com/match?bidder_id=43092&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dconsumable%26expires%3D30%26user_group%3D%...
https://ads.betweendigital.com/match?bidder_id=43092&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dconsumable%26expires%3D30%26user_group%3D%...
https://x.bidswitch.net/sync?dsp_id=429&user_id=892e3594-9377-5272-ab91-d94ccb15ebc0&ssp=consumable&expires=30&user_group=1
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=52&userId=979ac9f1-515e-45d2-9d7a-fc0024c81689

0
44 B

99ms
99ms

Image
text/plain

134.209.131.220
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=52&userId=979ac9f1-515e-45d2-9d7a-fc0024c81689
Requested by: Host: www.tmj4.com
URL: https://www.tmj4.com/news/coronavirus/wisconsins-extended-safer-at-home-order-relaxes-restrictions-on-non-essential-businesses
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 134.209.131.220 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.tmj4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 15:00:32 GMT
content-length: 0

Redirect headers

location: //e.serverbid.com/udb/9969/sync/i.gif?partnerId=52&userId=979ac9f1-515e-45d2-9d7a-fc0024c81689
date: Sat, 24 Apr 2021 15:00:32 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 14ms
14ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j90&a=1948437090&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.tmj4.com%2Fnews%2Fcoronavirus%2Fwisconsins-extended-safer-at-home-order-relaxes-restrictions-on-non-essential-businesses&ul=en-us&de=UTF-8&dt=Wisconsin%27s%20extended%20Safer%20at%20Home%20order%20relaxes%20restrictions%20on%20non-essential%20businesses&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Videos&ea=Video%20Start&el=Safer%20at%20Home%20order%20changes&ev=0&_u=aHDACEAjBAAAAG~&jid=1580795191&gjid=1334071201&cid=2108222984.1619276422&tid=UA-19051957-3&_gid=953076291.1619276422&_r=1&gtm=2wg4e1KZVQWL&cd12=2108222984.1619276422&cd20=2047&cd21=Ryan%20Jenkins&cd22=&cd23=Coronavirus&cd24=Homepage%20Showcase%2CLocal%20News%2CCoronavirus&cd25=false&z=986243641

Requested by

Host: d25dfknw9ghxs6.cloudfront.net
URL: https://d25dfknw9ghxs6.cloudfront.net/scsp.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.tmj4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 24 Apr 2021 15:00:23 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.tmj4.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 6ms
6ms Image
image/gif 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=1948437090&t=event&ni=0&_s=2&dl=https%3A%2F%2Fwww.tmj4.com%2Fnews%2Fcoronavirus%2Fwisconsins-extended-safer-at-home-order-relaxes-restrictions-on-non-essential-businesses&ul=en-us&de=UTF-8&dt=Wisconsin%27s%20extended%20Safer%20at%20Home%20order%20relaxes%20restrictions%20on%20non-essential%20businesses&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Videos&ea=Video%20Start&el=Safer%20at%20Home%20order%20changes&ev=0&_u=aHDAiEAjBAAAAG~&jid=&gjid=&cid=2108222984.1619276422&tid=UA-19051957-29&_gid=953076291.1619276422&gtm=2wg4e1KZVQWL&cd12=2108222984.1619276422&cd20=2047&cd21=Ryan%20Jenkins&cd22=&cd23=Coronavirus&cd24=Homepage%20Showcase%2CLocal%20News%2CCoronavirus&cd25=false&cd30=&cd31=true&cd33=true&z=443395021

Requested by

Host: www.tmj4.com
URL: https://www.tmj4.com/news/coronavirus/wisconsins-extended-safer-at-home-order-relaxes-restrictions-on-non-essential-businesses

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.tmj4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Apr 2021 05:24:01 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 34582
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 7ms
7ms Image
image/gif 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=1948437090&t=event&ni=0&_s=2&dl=https%3A%2F%2Fwww.tmj4.com%2Fnews%2Fcoronavirus%2Fwisconsins-extended-safer-at-home-order-relaxes-restrictions-on-non-essential-businesses&ul=en-us&de=UTF-8&dt=Wisconsin%27s%20extended%20Safer%20at%20Home%20order%20relaxes%20restrictions%20on%20non-essential%20businesses&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Videos&ea=Video%20Start&el=Safer%20at%20Home%20order%20changes&ev=0&_u=aHDAiEAjBAAAAG~&jid=&gjid=&cid=2108222984.1619276422&tid=UA-40066851-1&_gid=953076291.1619276422&gtm=2wg4e1KZVQWL&cd12=2108222984.1619276422&cd20=2047&cd21=Ryan%20Jenkins&cd22=&cd23=Coronavirus&cd24=Homepage%20Showcase%2CLocal%20News%2CCoronavirus&cd25=false&cd30=&cd31=true&cd33=true&cd34=false&z=1000988297

Requested by

Host: www.tmj4.com
URL: https://www.tmj4.com/news/coronavirus/wisconsins-extended-safer-at-home-order-relaxes-restrictions-on-non-essential-businesses

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.tmj4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Apr 2021 05:24:01 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 34582
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame AC1D 36 KB
12 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tmj4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 14:14:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
age: 2762
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
expires: Sat, 24 Apr 2021 15:14:21 GMT

GET
H3-29 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame AA7D 36 KB
12 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tmj4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 14:14:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
age: 2762
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
expires: Sat, 24 Apr 2021 15:14:21 GMT

GET
H3-29 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 5DC2 36 KB
12 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tmj4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 14:14:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
age: 2762
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
expires: Sat, 24 Apr 2021 15:14:21 GMT

GET
BLOB 200
OK 77d29b5b-8953-4bea-9386-01e1b739f2af
https://assets.scrippsdigital.com/ Frame AF08 182 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://assets.scrippsdigital.com/77d29b5b-8953-4bea-9386-01e1b739f2af
Requested by: Host: www.tmj4.com
URL: https://www.tmj4.com/news/coronavirus/wisconsins-extended-safer-at-home-order-relaxes-restrictions-on-non-essential-businesses
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 069f60bcfa765ce7929ddd12219d30dea374a695cb3f7ad73092d0471d86ea71

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length: 186288
Content-Type: text/javascript

GET
H2 200 check2 Show response
content-zeuuks-up-1.uplynk.com/ Frame AF08 16 B
281 B 225ms
225ms XHR
text/html 20.50.105.246
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://content-zeuuks-up-1.uplynk.com/check2?b=0741bce3458e4705a7a2e69ec4920c82&v=0741bce3458e4705a7a2e69ec4920c82&r=e&pbs=

Requested by

Host: assets.scrippsdigital.com
URL: https://assets.scrippsdigital.com/cms/videojs/videojs-combine.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.50.105.246 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

9298dbac786b906a88d0e7df5e697019ca26c3a002e63c0145354f2653d9e253

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://assets.scrippsdigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 15:00:23 GMT
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/html
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store
x-services: 5db4faaad5a44b36b04d6cb309d3921a
content-length: 16
x-content-type-options: nosniff

GET
H2 200 E00000000.ts Show response
x-default-stgec.uplynk.com/ausw/slices/074/44c3f81cadf84cf5a6f4e6d100388208/0741bce3458e4705a7a2e69ec4920c82/ Frame AF08 344 KB
345 KB 270ms
249ms XHR
application/octet-stream 2606:2800:133:202d:cd5:25f1:103b:1d26
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://x-default-stgec.uplynk.com/ausw/slices/074/44c3f81cadf84cf5a6f4e6d100388208/0741bce3458e4705a7a2e69ec4920c82/E00000000.ts?x=0&si=0
Requested by: Host: assets.scrippsdigital.com
URL: https://assets.scrippsdigital.com/cms/videojs/videojs-combine.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:133:202d:cd5:25f1:103b:1d26 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 282b904cdb65ec356a4e1a6102f78bc7d2d939312dd425c102daba73abcb1105

Request headers

Referer: https://assets.scrippsdigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 15:00:24 GMT
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id: 8C1JS0KC4ZCH1X2T
x-amz-server-side-encryption: AES256
content-length: 352512
x-amz-id-2: VyrH0XTobBrjynU0q14jEGbAJvQre6mwvXB5bc8SKUEmtr/YnWYPNd3bWERBQv2ueICOKNssM4s=
x-ec-put2cache: 1
last-modified: Fri, 24 Apr 2020 17:08:29 GMT
server: AmazonS3
etag: "057ef8eb35b251a8e2ab4a21e0b12a6c"
access-control-max-age: 3001
access-control-allow-methods: GET
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: no-cache
accept-ranges: bytes
expires: Sat, 24 Apr 2021 15:00:22 GMT

GET
H2 204 b
sb.scorecardresearch.com/ Frame 469D 0
337 B 48ms
45ms Image
text/plain 143.204.245.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=7&c2=14320224&c3=7231&cs_ucfr=1&ns__t=1619276423527&ns_c=UTF-8&ns_if=1&cv=3.5&c8=OB%20user%20sync&c7=https%3A%2F%2Fwidgets.outbrain.com%2FwidgetOBUserSync%2FobUserSync.html%23pid%3D7231%26dmpenabled%3Dfalse%26filterDMP%3D%26csenabled%3Dtrue%26d%3D%26obcnsnt%3Dfalse%26gdpr%3D1%26cmpNeeded%3Dfalse%26gdprVer%3Dnull%26ccpa%3D1---%26country%3DDE&c9=https%3A%2F%2Fwww.tmj4.com%2F
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.245.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-245-38.cph50.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 15:00:23 GMT
via: 1.1 a2ff850ccdde2a6d47a8ef587e8cb536.cloudfront.net (CloudFront)
x-amz-cf-pop: CPH50-C1
etag: W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
x-amz-cf-id: jXeqkfoGOU-qKDtikek6-rek2gDB5JVI1ZGleO1mDUMmWoXwAwDwdg==
x-cache: Miss from cloudfront

GET
H2 200 HorizontalRule.js Show response
js.arcgis.com/3.36/dijit/form/ Frame BE7A 977 B
930 B 33ms
30ms Script
application/javascript 13.33.139.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.arcgis.com/3.36/dijit/form/HorizontalRule.js

Requested by

Host: js.arcgis.com
URL: https://js.arcgis.com/3.36/init.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.33.139.113 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-33-139-113.cph50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

34ed2d33c0b99138831e7d6249b757cfa8a255f5ac7087ef07efb592a63740f6

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=6307200

Request headers

Referer: https://www.arcgis.com/apps/opsdashboard/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: Zcdn_M8o4xwdgewrUBeythVD7nMFhHFr
content-encoding: br
etag: "d8246f944badddcf7351176a4a1fc31b"
age: 36879
x-cache: Hit from cloudfront
access-control-max-age: 3000
content-length: 396
access-control-allow-origin: *
last-modified: Thu, 22 Apr 2021 04:41:39 GMT
server: AmazonS3
date: Sat, 24 Apr 2021 04:45:50 GMT
strict-transport-security: max-age=6307200
access-control-allow-methods: HEAD, GET
content-type: application/javascript
via: 1.1 3b78d7f6f4659eac59b9364313823247.cloudfront.net (CloudFront)
cache-control: max-age=86400
content-security-policy: upgrade-insecure-requests
x-amz-cf-pop: CPH50-C2
x-amz-cf-id: ctCf2FEYLDTI9nlbeJD1RwTw_kSCIJfk2H57CNXjMpBgXV0mpdY2lw==

GET
H2 200 move.js Show response
js.arcgis.com/3.36/dojo/dnd/ Frame BE7A 2 KB
1 KB 33ms
30ms Script
application/javascript 13.33.139.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.arcgis.com/3.36/dojo/dnd/move.js

Requested by

Host: js.arcgis.com
URL: https://js.arcgis.com/3.36/init.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.33.139.113 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-33-139-113.cph50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

324f5f19e9ce907dfb15b8488800b11dae220cd92b1c4440b2dc8ff56a4353fc

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=6307200

Request headers

Referer: https://www.arcgis.com/apps/opsdashboard/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Apr 2021 22:50:04 GMT
content-encoding: br
age: 58219
x-cache: Hit from cloudfront
access-control-max-age: 3000
content-length: 605
access-control-allow-origin: *
last-modified: Thu, 22 Apr 2021 04:41:48 GMT
server: AmazonS3
etag: "a03335c18e69e9932177e24c7bdb6b34"
strict-transport-security: max-age=6307200
access-control-allow-methods: HEAD, GET
x-amz-version-id: wYVhVWryiYVikwcSpFjvvQCLxyPjfICL
via: 1.1 3b78d7f6f4659eac59b9364313823247.cloudfront.net (CloudFront)
cache-control: max-age=86400
content-security-policy: upgrade-insecure-requests
x-amz-cf-pop: CPH50-C2
content-type: application/javascript
x-amz-cf-id: 7RIclgWwZutly7eaK0gmU0ENpAr4Zw67L2PAvYdqXos3-0sNpKPtRA==

GET
H2 200 _CheckBoxMixin.js Show response
js.arcgis.com/3.36/dijit/form/ Frame BE7A 743 B
845 B 33ms
30ms Script
application/javascript 13.33.139.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.arcgis.com/3.36/dijit/form/_CheckBoxMixin.js

Requested by

Host: js.arcgis.com
URL: https://js.arcgis.com/3.36/init.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.33.139.113 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-33-139-113.cph50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

27e479db85f768dc2ddaf2f507a087518a43dae349c0bf383f4d915bd11dd1e7

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=6307200

Request headers

Referer: https://www.arcgis.com/apps/opsdashboard/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Apr 2021 22:50:04 GMT
content-encoding: br
age: 58219
x-cache: Hit from cloudfront
access-control-max-age: 3000
content-length: 312
access-control-allow-origin: *
last-modified: Thu, 22 Apr 2021 04:41:40 GMT
server: AmazonS3
etag: "628f2f13f522e21614fa56dbf6e3c7c3"
strict-transport-security: max-age=6307200
access-control-allow-methods: HEAD, GET
x-amz-version-id: F9VYHowVGZQe9ncnKs.5QrMo1BxUrm_W
via: 1.1 3b78d7f6f4659eac59b9364313823247.cloudfront.net (CloudFront)
cache-control: max-age=86400
content-security-policy: upgrade-insecure-requests
x-amz-cf-pop: CPH50-C2
content-type: application/javascript
x-amz-cf-id: VYCnnySAWbWvsKHNMb_gvWsMrtTkxqjd9Il_RNdwiLpvvGR5l2LWHw==

GET
H2 200 lite.js Show response
js.arcgis.com/3.36/dojo/selector/ Frame BE7A 4 KB
2 KB 33ms
31ms Script
application/javascript 13.33.139.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.arcgis.com/3.36/dojo/selector/lite.js

Requested by

Host: js.arcgis.com
URL: https://js.arcgis.com/3.36/init.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.33.139.113 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-33-139-113.cph50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

7f8e099bf441ca4818d70687ea8fbf3756feda7813c5b697c6898bfc4d87f82d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=6307200

Request headers

Referer: https://www.arcgis.com/apps/opsdashboard/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: _grD62CKnwOzm9DKaRIFUvF3up04cu_1
content-encoding: br
etag: "d45b5b1f4618e049c3f5ba10b3c24257"
age: 51911
x-cache: Hit from cloudfront
access-control-max-age: 3000
content-length: 1555
access-control-allow-origin: *
last-modified: Thu, 22 Apr 2021 04:41:49 GMT
server: AmazonS3
date: Sat, 24 Apr 2021 04:45:50 GMT
strict-transport-security: max-age=6307200
access-control-allow-methods: HEAD, GET
content-type: application/javascript
via: 1.1 3b78d7f6f4659eac59b9364313823247.cloudfront.net (CloudFront)
cache-control: max-age=86400
content-security-policy: upgrade-insecure-requests
x-amz-cf-pop: CPH50-C2
x-amz-cf-id: f2oB0pjbtFFY_-D_861JWB3wVFYCW-ZDCBZaU1LthNN3j-HcQ8NKwQ==

GET
H2 200 MappedTextBox.js Show response
js.arcgis.com/3.36/dijit/form/ Frame BE7A 856 B
915 B 33ms
31ms Script
application/javascript 13.33.139.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.arcgis.com/3.36/dijit/form/MappedTextBox.js

Requested by

Host: js.arcgis.com
URL: https://js.arcgis.com/3.36/init.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.33.139.113 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-33-139-113.cph50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

b73047138fd6534ec3f6b7e8fbceed0e68b17fe32e7e8db96888e00b5d0bf237

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=6307200

Request headers

Referer: https://www.arcgis.com/apps/opsdashboard/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Apr 2021 22:50:04 GMT
content-encoding: br
age: 58219
x-cache: Hit from cloudfront
access-control-max-age: 3000
content-length: 382
access-control-allow-origin: *
last-modified: Thu, 22 Apr 2021 04:41:39 GMT
server: AmazonS3
etag: "a1f211bcee94c31948ce576a2dd7e1e0"
strict-transport-security: max-age=6307200
access-control-allow-methods: HEAD, GET
x-amz-version-id: pZ0XIS4.dDhvXgJj0QSVg2WzaZc5PKJ4
via: 1.1 3b78d7f6f4659eac59b9364313823247.cloudfront.net (CloudFront)
cache-control: max-age=86400
content-security-policy: upgrade-insecure-requests
x-amz-cf-pop: CPH50-C2
content-type: application/javascript
x-amz-cf-id: VaES8pUePviII75Lo_mUzlSqxJu5tGd-VaYGl18yLe1GVYf_qJyarw==

GET
H2 200 _ListBase.js Show response
js.arcgis.com/3.36/dijit/form/ Frame BE7A 1 KB
922 B 33ms
31ms Script
application/javascript 13.33.139.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.arcgis.com/3.36/dijit/form/_ListBase.js

Requested by

Host: js.arcgis.com
URL: https://js.arcgis.com/3.36/init.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.33.139.113 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-33-139-113.cph50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

704ce78b61b228d8f6386708ca6ffb26901df872e9e3b83cf2abe366301fe945

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=6307200

Request headers

Referer: https://www.arcgis.com/apps/opsdashboard/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: GhK1L3uOVCslDTt3EnyQBIIVAE00J0ud
content-encoding: br
etag: "21ff4933d84c280e10c5c98b46b84b6a"
age: 44537
x-cache: Hit from cloudfront
access-control-max-age: 3000
content-length: 389
access-control-allow-origin: *
last-modified: Thu, 22 Apr 2021 04:41:40 GMT
server: AmazonS3
date: Sat, 24 Apr 2021 04:45:50 GMT
strict-transport-security: max-age=6307200
access-control-allow-methods: HEAD, GET
content-type: application/javascript
via: 1.1 3b78d7f6f4659eac59b9364313823247.cloudfront.net (CloudFront)
cache-control: max-age=86400
content-security-policy: upgrade-insecure-requests
x-amz-cf-pop: CPH50-C2
x-amz-cf-id: Ec0ITI0OpEFthsfaxP1ueGV351Eg6Z2b_KIXgheTZ5uftRfgMYVXww==

GET
H/1.1 200
OK showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 3C46 38 KB
14 KB 12ms
12ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&userIdMacro=PM_UID&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3DPM_UID
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 82f1fbe95dbd4e1128a973db542bf50ab7ac8fbf35bfefca2e782b0a0572e564

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&userIdMacro=PM_UID&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3DPM_UID
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&userIdMacro=PM_UID&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3DPM_UID

Response headers

Last-Modified: Wed, 14 Apr 2021 09:18:30 GMT
ETag: "13006b6-98c2-5bfeb3aef82b4"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 14060
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=65777
Expires: Sun, 25 Apr 2021 09:16:40 GMT
Date: Sat, 24 Apr 2021 15:00:23 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK widgetGlobalEvent Show response
log.outbrainimg.com/loggerServices/ 4 B
325 B 89ms
88ms Fetch
application/json 64.202.112.159
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: https://log.outbrainimg.com/loggerServices/widgetGlobalEvent?rId=9f73342ee83f90d695acdbbddab0671e&pvId=9cc26833254becb664f8dcb08738dafc&sid=5487513&pid=7231&idx=1&wId=974&pad=0&org=0&tm=2212&eT=0&cnsnt=no_consent&widgetWidth=610&widgetHeight=0&widgetX=325&widgetY=4697&wRV=2000299&pVis=0&lsd=-1&eIdx=&cnsnt=no_consent&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.159 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

Referer: https://www.tmj4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 24 Apr 2021 15:00:23 GMT
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
X-TraceId: a582be408fd14fe07e7928971f3927cf
Content-Length: 4
Expires: 0

GET
H/1.1 200
OK widgetGlobalEvent Show response
log.outbrainimg.com/loggerServices/ 4 B
325 B 88ms
87ms Fetch
application/json 64.202.112.159
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: https://log.outbrainimg.com/loggerServices/widgetGlobalEvent?rId=155da317b80710089434e6d50638ff4b&pvId=9cc26833254becb664f8dcb08738dafc&sid=5487513&pid=7231&idx=3&wId=975&pad=0&org=0&tm=2213&eT=0&cnsnt=no_consent&widgetWidth=610&widgetHeight=0&widgetX=325&widgetY=4697&wRV=2000299&pVis=0&lsd=-1&eIdx=&cnsnt=no_consent&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.159 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

Referer: https://www.tmj4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 24 Apr 2021 15:00:23 GMT
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
X-TraceId: 5410e1c770f807f07bdf1c716288b21c
Content-Length: 4
Expires: 0

GET
H/1.1 200
OK widgetGlobalEvent Show response
log.outbrainimg.com/loggerServices/ 4 B
324 B 175ms
87ms Fetch
application/json 64.202.112.159
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: https://log.outbrainimg.com/loggerServices/widgetGlobalEvent?rId=cbfecac47bef2f86bd1fde0f32429c8c&pvId=9cc26833254becb664f8dcb08738dafc&sid=5487513&pid=7231&idx=4&wId=974&pad=0&org=0&tm=2214&eT=0&cnsnt=no_consent&widgetWidth=610&widgetHeight=0&widgetX=325&widgetY=4697&wRV=2000299&pVis=0&lsd=-1&eIdx=&cnsnt=no_consent&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.159 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

Referer: https://www.tmj4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 24 Apr 2021 15:00:23 GMT
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
X-TraceId: 3176df5b701fdc50f7de6aa06fd3e0c
Content-Length: 4
Expires: 0

GET
H2 200 vendor-943b856b3076fb466965281d4a24dd85.js Show response
www.arcgis.com/apps/opsdashboard/assets/ Frame BE7A 2 MB
452 KB 101ms
100ms Script
application/javascript 18.234.22.28
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.arcgis.com/apps/opsdashboard/assets/vendor-943b856b3076fb466965281d4a24dd85.js

Requested by

Host: js.arcgis.com
URL: https://js.arcgis.com/3.36/init.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.234.22.28 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-234-22-28.compute-1.amazonaws.com

Software

AmazonS3 /

Resource Hash

f0c0a8c4c3a8246a87ffb70fb1bbd9007c8a3ab9b0bdd1594ac7c89e6b588f13

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://www.arcgis.com/apps/opsdashboard/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 15:00:23 GMT
content-encoding: br
last-modified: Tue, 15 Dec 2020 04:44:52 GMT
server: AmazonS3
etag: "ab105efdb842fc0d82ae95441b529783"
strict-transport-security: max-age=63072000
content-type: application/javascript
cache-control: max-age=1800
content-security-policy: upgrade-insecure-requests
link: <https://www.arcgis.com/apps/opsdashboard/assets/vendor-943b856b3076fb466965281d4a24dd85.js>; rel="canonical"
content-length: 462441
x-cached: HIT

GET
H/1.1 200
OK ads Show response
ads-alpha.ewscloud.com/ Frame 5942 946 B
1 KB 1087ms
843ms XHR
text/xml 3.223.71.232
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://ads-alpha.ewscloud.com/ads?sz=1x1000&iu=/6088/ssp.tmj4/news/coronavirus/detail&ciu_szs=300x250&impl=s&gdfp_req=1&env=vp&output=xml_vast3&unviewed_position_start=1&ad_rule=1&url=[referrer_url]&description_url=https%3A%2F%2Fwww.tmj4.com%2F&correlator=[timestamp]&cust_params=fname%3Dwisconsins-extended-safer-at-home-order-relaxes-restrictions-on-non-essential-businesses%26categories%3Dhomepage-showcase%2Clocal-news%2Ccoronavirus%26refdomain%3Dtmj4.com%26iframed%3D0%26kw%3Dnew%20guidelines%2Ccoronavirus%20milwaukee%20county%2Cextension%2CLocal%20business%2CMay%2026%2Cwhat%20places%20in%20wisconsin%20have%20coronavirus%2Cmilwaukee%20coronavirus%2Cbegins%2Crestaurants%20still%20open%26pxconfig%3Dweb-vod%26bidders%3Dpublica&ord=295257473256480300

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.453.0_en.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.223.71.232 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-223-71-232.compute-1.amazonaws.com

Software

cafe /

Resource Hash

09ff60c9ac2e0bab842d49e773bfd79d27d1a957544e338f269d8c6b05d6e1de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 24 Apr 2021 15:00:24 GMT
Content-Encoding: br
X-Content-Type-Options: nosniff
Access-Control-Allow-Origin: https://imasdk.googleapis.com
P3p: policyref="http://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Length: 563
X-Xss-Protection: 0
Google-Lineitem-Id: 0
Pragma: no-cache
Server: cafe
Google-Creative-Id: 0
Content-Type: text/xml; charset=UTF-8
Via: 1.1 vegur
Cache-Control: no-cache, must-revalidate
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: *
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 3C46 8 KB
9 KB 305ms
14ms Script
text/html 185.64.189.115
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=80801165&p=156319&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 1017de2c1c7e193cd96605a75354d0bf2f18314644e5f0f9b1f3ec5a37f090ce

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 24 Apr 2021 15:00:22 GMT
P3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H2 200 i.gif
e.serverbid.com/udb/9969/sync/ Frame 8C2E 0
44 B 99ms
97ms Image
text/plain 134.209.131.220
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=19&userId=a8f199f5-fd43-0944-2e49-389307f96455
Requested by: Host: gift-connect-d.openx.net
URL: https://gift-connect-d.openx.net/w/1.0/cm?cc=1&id=fd531c74-f5ed-4e60-8874-939fb2acafa1&r=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D19%26userId%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 134.209.131.220 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://gift-connect-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 15:00:23 GMT
content-length: 0

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame 8C2E
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=71fb6084-3287-4800-b60a-25198ddb4db0

43 B
106 B

22ms
16ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=536872786&val=71fb6084-3287-4800-b60a-25198ddb4db0
Requested by: Host: gift-connect-d.openx.net
URL: https://gift-connect-d.openx.net/w/1.0/cm?cc=1&id=fd531c74-f5ed-4e60-8874-939fb2acafa1&r=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D19%26userId%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: OXGW/16.205.4 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://gift-connect-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Apr 2021 15:00:23 GMT
via: 1.1 google
server: OXGW/16.205.4
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date: Sat, 24 Apr 2021 15:00:23 GMT
Server: MT3 3660 495c301 master zrh-pixel-x26
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://eu-u.openx.net/w/1.0/sd?id=536872786&val=71fb6084-3287-4800-b60a-25198ddb4db0
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Sat, 24 Apr 2021 15:00:22 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 8C2E
Redirect Chain

https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=P1cDRzpVA0UkUwgRawYWEGteDBIkX1lKPgbDGn2h

43 B
180 B

18ms
16ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=P1cDRzpVA0UkUwgRawYWEGteDBIkX1lKPgbDGn2h
Requested by: Host: gift-connect-d.openx.net
URL: https://gift-connect-d.openx.net/w/1.0/cm?cc=1&id=fd531c74-f5ed-4e60-8874-939fb2acafa1&r=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D19%26userId%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: OXGW/16.205.4 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://gift-connect-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Apr 2021 15:00:23 GMT
via: 1.1 google
server: OXGW/16.205.4
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 24 Apr 2021 15:00:23 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=P1cDRzpVA0UkUwgRawYWEGteDBIkX1lKPgbDGn2h
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame 8C2E
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=22
https://c1.adform.net/serving/cookie/match?CC=1&party=22
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=7693130459162871140
https://eu-u.openx.net/w/1.0/sd?cc=1&id=537113484&val=7693130459162871140

43 B
106 B

63ms
18ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?cc=1&id=537113484&val=7693130459162871140
Requested by: Host: gift-connect-d.openx.net
URL: https://gift-connect-d.openx.net/w/1.0/cm?cc=1&id=fd531c74-f5ed-4e60-8874-939fb2acafa1&r=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D19%26userId%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: OXGW/16.205.4 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://gift-connect-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Apr 2021 15:00:24 GMT
via: 1.1 google
server: OXGW/16.205.4
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://eu-u.openx.net/w/1.0/sd?cc=1&id=537113484&val=7693130459162871140
date: Sat, 24 Apr 2021 15:00:24 GMT
via: 1.1 google
server: OXGW/16.205.4
alt-svc: clear
content-length: 0
p3p: CP="CUR ADM OUR NOR STA NID"

GET
H2 200 openx
match.adsrvr.org/track/cmf/ Frame 8C2E 70 B
264 B 2658ms
30ms Image
image/gif 52.30.50.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/openx?oxid=e56c33e2-1827-3676-6be0-20f0d7bc08a3&gdpr=1
Requested by: Host: gift-connect-d.openx.net
URL: https://gift-connect-d.openx.net/w/1.0/cm?cc=1&id=fd531c74-f5ed-4e60-8874-939fb2acafa1&r=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D19%26userId%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.30.50.112 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://gift-connect-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Apr 2021 15:00:26 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 pixel
cm.g.doubleclick.net/ Frame 8C2E 170 B
243 B 1296ms
18ms Image
image/png 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YzkwM2UwMjgtZDE1MC02OGQyLTdlMDAtN2E0OTFkNWVjNmMz

Requested by

Host: gift-connect-d.openx.net
URL: https://gift-connect-d.openx.net/w/1.0/cm?cc=1&id=fd531c74-f5ed-4e60-8874-939fb2acafa1&r=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D19%26userId%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://gift-connect-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Apr 2021 15:00:25 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 8C2E
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDWIeu4eyqiMOhNL9AFMbck&google_cver=1

43 B
106 B

16ms
16ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDWIeu4eyqiMOhNL9AFMbck&google_cver=1
Requested by: Host: gift-connect-d.openx.net
URL: https://gift-connect-d.openx.net/w/1.0/cm?cc=1&id=fd531c74-f5ed-4e60-8874-939fb2acafa1&r=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D19%26userId%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: OXGW/16.205.4 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://gift-connect-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Apr 2021 15:00:25 GMT
via: 1.1 google
server: OXGW/16.205.4
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 24 Apr 2021 15:00:25 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDWIeu4eyqiMOhNL9AFMbck&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK pw.js Show response
includemodal.global.ssl.fastly.net/ Frame DBEE 32 KB
11 KB 38ms
7ms Script
application/javascript 151.101.13.194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://includemodal.global.ssl.fastly.net/pw.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042001.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.194 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fc030d8918c5968049401e0523c0dda5027745bc526b090e0b08a30451dc019f

Request headers

Referer: https://www.tmj4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 06nUkp5i9bkkXh8_cteY_BtzzXlVWVZE
Content-Encoding: gzip
ETag: "68a10f0c0f3d345bba1f230a84a01628"
Age: 2488
X-Cache: HIT
Connection: keep-alive
Content-Length: 10528
x-amz-id-2: 7jyTDHJoGGDUE/vmc8Ebu4coKy4MjmvlRidJfQM41H1u/4Pw2S/OuvphmU5HnJrQuzcuEqO/vy8=
X-Served-By: cache-fra19168-FRA
Last-Modified: Wed, 31 Mar 2021 21:28:39 GMT
Server: AmazonS3
X-Timer: S1619276424.962307,VS0,VE0
Date: Sat, 24 Apr 2021 15:00:23 GMT
Vary: Accept-Encoding
x-amz-request-id: S8N17C7ACAS36YMN
Via: 1.1 varnish
Accept-Ranges: bytes
Content-Type: application/javascript
X-Cache-Hits: 24

GET
H2 200 moatad.js Show response
z.moatads.com/ewscrippsdfp76939516016/ Frame DBEE 296 KB
101 KB 11ms
9ms Script
application/x-javascript 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/ewscrippsdfp76939516016/moatad.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042001.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: c04a2ae4fa6510b9351f2f01f0380de8fca951d99df0a7f8e399dc5f0f2ccf6f

Request headers

Referer: https://www.tmj4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 15:00:23 GMT
content-encoding: gzip
last-modified: Mon, 22 Mar 2021 15:18:30 GMT
server: AmazonS3
x-amz-request-id: AVZC272AYH1AZ8HF
etag: "2c63749e20ab9173fff690d193fda5c2"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=22355
accept-ranges: bytes
content-length: 102518
x-amz-id-2: YaMDRzMbZ0Bs3kIVKxXZHr2opo2o5Ww7kwik6t8zk0skaGjfO2h1l08GlGdr1LRLBB20luptJgs=

GET
H3-29 200 12120806882342344293
tpc.googlesyndication.com/simgad/ Frame DBEE 37 KB
37 KB 29ms
7ms Image
image/jpeg 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12120806882342344293

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042001.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b707b9729c652b5368dcdf5fb7529e239ff2b87ce4f330486027d4b123413f52

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tmj4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Apr 2021 17:06:12 GMT
x-content-type-options: nosniff
age: 78851
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38246
x-xss-protection: 0
last-modified: Fri, 23 Apr 2021 15:38:59 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 23 Apr 2022 17:06:12 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210422/r20110914/client/ Frame DBEE 2 KB
1 KB 27ms
6ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210422/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042001.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tmj4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 14:58:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 142
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 08 May 2021 14:58:01 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame DBEE 116 KB
35 KB 48ms
24ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dc015126841eaa9b1b79ee123e13d7d07ad7fe77f22366b05c480eff59a7a25e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tmj4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 15:00:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1619017370605640"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36032
x-xss-protection: 0
expires: Sat, 24 Apr 2021 15:00:23 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame DBEE 0
0 14ms
13ms Image
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSFTFewn_WVNo_FUMNALO1Cm1MNA2CixOQc5EscRv6VhiJdB_uDXI0lj-J5pydNbyGNHRXBcQr63Z8LCTyPHMichWD9MA
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042001.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.tmj4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 moatad.js Show response
z.moatads.com/ewscrippsdfp76939516016/ Frame C978 296 KB
101 KB 20ms
19ms Script
application/x-javascript 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/ewscrippsdfp76939516016/moatad.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042001.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: c04a2ae4fa6510b9351f2f01f0380de8fca951d99df0a7f8e399dc5f0f2ccf6f

Request headers

Referer: https://www.tmj4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 15:00:23 GMT
content-encoding: gzip
last-modified: Mon, 22 Mar 2021 15:18:30 GMT
server: AmazonS3
x-amz-request-id: AVZC272AYH1AZ8HF
etag: "2c63749e20ab9173fff690d193fda5c2"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=22355
accept-ranges: bytes
content-length: 102518
x-amz-id-2: YaMDRzMbZ0Bs3kIVKxXZHr2opo2o5Ww7kwik6t8zk0skaGjfO2h1l08GlGdr1LRLBB20luptJgs=

GET
H/1.1 200
OK pw.js Show response
includemodal.global.ssl.fastly.net/ Frame C978 32 KB
11 KB 41ms
7ms Script
application/javascript 151.101.13.194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://includemodal.global.ssl.fastly.net/pw.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042001.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.194 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fc030d8918c5968049401e0523c0dda5027745bc526b090e0b08a30451dc019f

Request headers

Referer: https://www.tmj4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 06nUkp5i9bkkXh8_cteY_BtzzXlVWVZE
Content-Encoding: gzip
ETag: "68a10f0c0f3d345bba1f230a84a01628"
Age: 2488
X-Cache: HIT
Connection: keep-alive
Content-Length: 10528
x-amz-id-2: 7jyTDHJoGGDUE/vmc8Ebu4coKy4MjmvlRidJfQM41H1u/4Pw2S/OuvphmU5HnJrQuzcuEqO/vy8=
X-Served-By: cache-fra19168-FRA
Last-Modified: Wed, 31 Mar 2021 21:28:39 GMT
Server: AmazonS3
X-Timer: S1619276424.970507,VS0,VE0
Date: Sat, 24 Apr 2021 15:00:23 GMT
Vary: Accept-Encoding
x-amz-request-id: S8N17C7ACAS36YMN
Via: 1.1 varnish
Accept-Ranges: bytes
Content-Type: application/javascript
X-Cache-Hits: 25

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C978 116 KB
36 KB 34ms
14ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dc015126841eaa9b1b79ee123e13d7d07ad7fe77f22366b05c480eff59a7a25e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tmj4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 15:00:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1619017370605640"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36032
x-xss-protection: 0
expires: Sat, 24 Apr 2021 15:00:23 GMT

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
28 KB 30ms
20ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4956137c69656045c048a157aaa84859657bbc7744019d26cce6b5bded84cc49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tmj4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 15:00:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1619017352525402"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28270
x-xss-protection: 0
expires: Sat, 24 Apr 2021 15:00:23 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame DBEE 0
0 43ms
42ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsucvP9CO0zxHG0khaVZuY9rtewCvULKtAs65bjBJUKR_wkaSRldCgRuF9h7IGMI2bgUCheWrd2mlThbug6egfd-Emubv0na0tWuZa63hAPqPbeDeA1rp9eRTPhumTOzAJsrSv3waIB9rIdcEFZ0jghYL2UNZpJFW48MioHkcChg-9tUg9k8Dh0ovD5AJqavQmx99ZnvMxKV1Ax4DYrC6Uuqh7dI50ulB1vH0wH_R_WZ1amLLY5uX7wcKbNFNxMTaR6sbq0yrR6mb_H0XHstsRc90slQqxg6Ht3qY_O98aONw3n59pF4pKtsOFzBk14&sig=Cg0ArKJSzNpQdQC4WvVfEAE&adurl=

Requested by

Host: www.tmj4.com
URL: https://www.tmj4.com/news/coronavirus/wisconsins-extended-safer-at-home-order-relaxes-restrictions-on-non-essential-businesses

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tmj4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 24 Apr 2021 15:00:24 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame C978 0
0 43ms
42ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst8P-D6GZo2u-491Je6Peut5BClyPPP-rtnyM-VxveHJVQnGLEqTEJp_golIYuQar1cUwqj59iBD90aiFYkbQT5ghGMRDRoSTyCVKJ6D3uB0aBdEwrYlxMqZSwQziyDpHkOl4-trzjId31BOWWKDYX9kTTHoH9HMnJ1Q7MAkFETmzkU1rTBxzCnJIHVj7DUUBXTpCIAvfFPDnk5cVOx_Lz3uqeQCngUAyJyy8f_yH1DiNu4Xmgdna4y1-BdJoN95yo5X5xKXubJYtBsPHw_4VWzBagHC-VtH45JQxCOifMhPQVCaXzol3DpzcoDq4JPg-8&sig=Cg0ArKJSzMNUI7xK4RQBEAE&urlfix=1&adurl=

Requested by

Host: www.tmj4.com
URL: https://www.tmj4.com/news/coronavirus/wisconsins-extended-safer-at-home-order-relaxes-restrictions-on-non-essential-businesses

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tmj4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 24 Apr 2021 15:00:24 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 unit.js Show response
yummy.consumable.com/8580/cnsmbl-video-970x250/widget/ Frame C978 17 KB
4 KB 52ms
52ms Script
application/javascript 13.33.139.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yummy.consumable.com/8580/cnsmbl-video-970x250/widget/unit.js?cb=1619276424015
Requested by: Host: www.tmj4.com
URL: https://www.tmj4.com/news/coronavirus/wisconsins-extended-safer-at-home-order-relaxes-restrictions-on-non-essential-businesses
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.139.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-139-93.cph50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4fb10251d6a59a6063ff281464dd9aac4b7cec8136158cca1283250f68712c71

Request headers

Referer: https://www.tmj4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 15:00:24 GMT
content-encoding: gzip
last-modified: Mon, 07 Dec 2020 20:18:01 GMT
server: AmazonS3
x-amz-cf-pop: CPH50-C2
etag: W/"683e910c68af42b6090fa1e942b9a82b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 c77c2d645cbeae90b436c4ed3b9c4718.cloudfront.net (CloudFront)
x-amz-cf-id: o2t4xPqXkinUe74TFsXkj4Jb9z2gF5dHHJRt5sZWR8zYqQe2lF1X7w==

GET
H2 200 /
includemodal.com/service/imp/ff983cd0-6c28-474c-9cc4-7a5281d11e05/ Frame C978 42 B
132 B 352ms
118ms Image
image/gif 18.216.222.118
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://includemodal.com/service/imp/ff983cd0-6c28-474c-9cc4-7a5281d11e05/?rand=605905&referer=https://www.tmj4.com/news/coronavirus/wisconsins-extended-safer-at-home-order-relaxes-restrictions-on-non-essential-businesses
Requested by: Host: www.tmj4.com
URL: https://www.tmj4.com/news/coronavirus/wisconsins-extended-safer-at-home-order-relaxes-restrictions-on-non-essential-businesses
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.216.222.118 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-216-222-118.us-east-2.compute.amazonaws.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://www.tmj4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 15:00:24 GMT
server: nginx/1.10.3 (Ubuntu)
content-length: 42
content-type: image/gif

GET
DATA 200
OK truncated
/ Frame C978 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9dbd77834084379153174c8b525babc99c180e2562917a19a5ce27630e58d5b3

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame DBEE 0
0 335ms
42ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsviPH2ZHWDmUa4IPSSZkdqQhOGCSdHRELCJpOlGWO9_PI4ci33QKtxfELTGt4Jan919gzaTqdbcwhLSL5KkgDuUBRvc-GmSX_1zDv-1DUH8gvxp8EEIuAzVYvPw5MJGXRCiSf_qdB3QspGqcmgSfNCDRzxNpK4umDgkKay5RbTHG3qGRJq6cIVI_uMND6KdEr5JynCWGjsf68NlxV3L4qLjKaSBCwtWCfJ070zqG01I3apytSRJ06e_O2UY53EBmjthbYu0lLVNsWBUoqZ4V6Z5R6imaTas0oVqKeN6lAl__jr-cIq5fgpKQ3EQLPtkbA&sig=Cg0ArKJSzBAa39TI__dUEAE&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tmj4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 24 Apr 2021 15:00:24 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Sat, 24 Apr 2021 15:00:24 GMT

GET
H2 200 /
includemodal.com/service/imp/ff983cd0-6c28-474c-9cc4-7a5281d11e05/ Frame DBEE 42 B
133 B 289ms
114ms Image
image/gif 18.216.222.118
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://includemodal.com/service/imp/ff983cd0-6c28-474c-9cc4-7a5281d11e05/?rand=152341&referer=https://www.tmj4.com/news/coronavirus/wisconsins-extended-safer-at-home-order-relaxes-restrictions-on-non-essential-businesses
Requested by: Host: www.tmj4.com
URL: https://www.tmj4.com/news/coronavirus/wisconsins-extended-safer-at-home-order-relaxes-restrictions-on-non-essential-businesses
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.216.222.118 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-216-222-118.us-east-2.compute.amazonaws.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://www.tmj4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 15:00:24 GMT
server: nginx/1.10.3 (Ubuntu)
content-length: 42
content-type: image/gif

GET
DATA 200
OK truncated
/ Frame DBEE 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3c4f7ab043211c80ac551a74c826032f4617054c96906601788b64eefdc762e2

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 container.html Show response
a3a96b9ff0f7528530d1f7c674196848.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame AB38 6 KB
3 KB 21ms
20ms Document
text/html 2a00:1450:400d:804::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://a3a96b9ff0f7528530d1f7c674196848.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:804::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: a3a96b9ff0f7528530d1f7c674196848.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.tmj4.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.tmj4.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Sat, 24 Apr 2021 15:00:23 GMT
expires: Sun, 24 Apr 2022 15:00:23 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 8ms
8ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=CRACKED_SCRIPPS_DFP_PREBID_HEADER1&hp=1&wf=1&vb=5&kq=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&bq=11&f=0&j=&t=1619276421514&de=392083320754&rx=927200626535&m=0&ar=31f9dba90d7-clean&iw=07d6456&q=3&cb=0&cu=1619276421514&ll=2&lm=0&ln=0&em=0&en=0&d=16839141%3A237842901%3A5250393788%3A138298488418&zMoatAdUnit1=ssp.tmj4&zMoatAdUnit2=inview-bottom&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.tmj4.com%2Fnews%2Fcoronavirus%2Fwisconsins-extended-safer-at-home-order-relaxes-restrictions-on-non-essential-businesses&id=1&gw=crackedscrippsdfpprebidheader262014341684&fd=1&ac=1&it=500&zMoatpage=-&zMoatpos=above%2C1&zMoatpt=detail%2Ctrue&pe=1%3A626%3A626%3A0%3A649&fs=180167&na=1042481382&cs=0
Requested by: Host: www.tmj4.com
URL: https://www.tmj4.com/news/coronavirus/wisconsins-extended-safer-at-home-order-relaxes-restrictions-on-non-essential-businesses
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.tmj4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Apr 2021 15:00:24 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Sat, 24 Apr 2021 15:00:24 GMT

GET
H3-29 200 container.html Show response
a3a96b9ff0f7528530d1f7c674196848.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 8636 6 KB
3 KB 63ms
21ms Document
text/html 2a00:1450:400d:804::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://a3a96b9ff0f7528530d1f7c674196848.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042001.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: a3a96b9ff0f7528530d1f7c674196848.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.tmj4.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.tmj4.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Sat, 24 Apr 2021 15:00:23 GMT
expires: Sun, 24 Apr 2022 15:00:23 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 nickel-d2e45f9de52e8c2b16506d4623d2a2d3.js Show response
www.arcgis.com/apps/opsdashboard/assets/ Frame BE7A 2 MB
186 KB 100ms
100ms Script
application/javascript 18.234.22.28
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.arcgis.com/apps/opsdashboard/assets/nickel-d2e45f9de52e8c2b16506d4623d2a2d3.js

Requested by

Host: js.arcgis.com
URL: https://js.arcgis.com/3.36/init.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.234.22.28 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-234-22-28.compute-1.amazonaws.com

Software

AmazonS3 /

Resource Hash

8b0120c8b29689033a418157e773c9895062cafd23c231795366b330e5c9168a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://www.arcgis.com/apps/opsdashboard/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 15:00:24 GMT
content-encoding: br
last-modified: Wed, 14 Apr 2021 02:56:28 GMT
server: AmazonS3
etag: "8902d6145991f586c845c9edc6401cf5"
strict-transport-security: max-age=63072000
content-type: application/javascript
cache-control: max-age=1800
content-security-policy: upgrade-insecure-requests
link: <https://www.arcgis.com/apps/opsdashboard/assets/nickel-d2e45f9de52e8c2b16506d4623d2a2d3.js>; rel="canonical"
content-length: 189788
x-cached: HIT

GET
H/1.1

200
OK

Cookie set Pug Show response
image2.pubmatic.com/AdServer/ Frame B3CF
Redirect Chain

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=6973586629705886346

42 B
769 B

58ms
14ms

Document
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=6973586629705886346
Requested by: Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=80801165&p=156319&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host: image2.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: KADUSERCOOKIE=B9FB84B7-AC9D-415B-B9D8-588946097E7A; chkChromeAb67Sec=1; DPSync3=1620432000%3A226_221_201_227; SyncRTB3=1619827200%3A67_2_223_15%7C1620086400%3A63%7C1621814400%3A203%7C1620432000%3A56_55_189_88_161_3_21_13_22_99_81_165_176_222_231_7_230_220_8_54_71_166_204%7C1620518400%3A35; KRTBCOOKIE_27=16735-uid:71476084-3287-4400-a031-89dc8adc7e71&KRTB&16736-uid:71476084-3287-4400-a031-89dc8adc7e71&KRTB&23019-uid:71476084-3287-4400-a031-89dc8adc7e71&KRTB&23114-uid:71476084-3287-4400-a031-89dc8adc7e71; PugT=1619276423; PUBMDCID=3; KRTBCOOKIE_391=22924-1925878208261557160&KRTB&23263-1925878208261557160
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

Server: nginx
Date: Sat, 24 Apr 2021 15:00:24 GMT
Content-Type: image/gif; charset=utf-8
Content-Length: 42
Connection: keep-alive
Set-Cookie: KRTBCOOKIE_336=5844-6973586629705886346; domain=pubmatic.com; SameSite=None; secure; expires=Mon, 24-May-2021 15:00:24 GMT; path=/ PugT=1619276424; domain=pubmatic.com; SameSite=None; secure; expires=Mon, 24-May-2021 15:00:24 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Fri, 23-Jul-2021 15:00:24 GMT; path=/
X-lat: amspug007:0:416
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private

Redirect headers

location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=6973586629705886346
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H2 200 usersync.aspx Show response
dis.criteo.com/dis/ Frame DAE4 43 B
325 B 56ms
14ms Document
image/gif 178.250.2.151
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by: Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=80801165&p=156319&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

:method: GET
:authority: dis.criteo.com
:scheme: https
:path: /dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

cache-control: no-cache
pragma: no-cache
content-type: image/gif
expires: Sat, 24 Apr 2021 00:00:00 GMT
server: Microsoft-IIS/10.0
x-errorlevel: 0
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
server-processing-duration-in-ticks: 999
x-powered-by: ASP.NET
date: Sat, 24 Apr 2021 15:00:23 GMT
content-length: 43

GET
H/1.1

200
OK

Cookie set Pug Show response
simage2.pubmatic.com/AdServer/ Frame D8DA
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=9
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6954739297158232203

42 B
771 B

15ms
15ms

Document
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6954739297158232203
Requested by: Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=80801165&p=156319&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host: simage2.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: SPugT=1619276425; PUBMDCID=3
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

Server: nginx
Date: Sat, 24 Apr 2021 15:00:27 GMT
Content-Type: image/gif; charset=utf-8
Content-Length: 42
Connection: keep-alive
Set-Cookie: KRTBCOOKIE_1101=23040-6954739297158232203; domain=pubmatic.com; SameSite=None; secure; expires=Mon, 24-May-2021 15:00:27 GMT; path=/ PugT=1619276427; domain=pubmatic.com; SameSite=None; secure; expires=Mon, 24-May-2021 15:00:27 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Fri, 23-Jul-2021 15:00:27 GMT; path=/
X-lat: amspug010:0:360
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private

Redirect headers

Server: nginx
Date: Sat, 24 Apr 2021 15:00:27 GMT
Transfer-Encoding: chunked
Connection: keep-alive
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Set-Cookie: UserID1=6954739297158232203; Max-Age=7776000; domain=.adfarm1.adition.com; Path=/; SameSite=None; Secure
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6954739297158232203

GET
H/1.1

200
OK

adx Show response
match.prod.bidr.io/cookie-sync/ Frame 43C6
Redirect Chain

https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFHSk4wN0JDR1VBQUNwLXNaeFlBQQ&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sy...
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1

43 B
430 B

431ms
431ms

Document
image/gif

52.209.246.140
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1

Requested by

Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=80801165&p=156319&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.209.246.140 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Host: match.prod.bidr.io
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: bito=AAGJN07BCGUAACp-sZxYAA; bitoIsSecure=ok
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

cache-control: no-cache, must-revalidate
content-type: image/gif
Date: Sat, 24 Apr 2021 15:00:26 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
pragma: no-cache
Server: nginx
strict-transport-security: max-age=2592000; includeSubDomains
Content-Length: 43
Connection: keep-alive

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
date: Sat, 24 Apr 2021 15:00:26 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)
content-length: 355
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1

200
OK

Cookie set Pug Show response
image2.pubmatic.com/AdServer/ Frame 2D68
Redirect Chain

https://green.erne.co/pubmatic/cm?
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=GUDd8qBA9gGQKyNEOXs9Wshk

42 B
775 B

14ms
14ms

Document
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=GUDd8qBA9gGQKyNEOXs9Wshk
Requested by: Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=80801165&p=156319&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host: image2.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: KADUSERCOOKIE=B9FB84B7-AC9D-415B-B9D8-588946097E7A; chkChromeAb67Sec=1; DPSync3=1620432000%3A226_221_201_227; SyncRTB3=1619827200%3A67_2_223_15%7C1620086400%3A63%7C1621814400%3A203%7C1620432000%3A56_55_189_88_161_3_21_13_22_99_81_165_176_222_231_7_230_220_8_54_71_166_204%7C1620518400%3A35; KRTBCOOKIE_27=16735-uid:71476084-3287-4400-a031-89dc8adc7e71&KRTB&16736-uid:71476084-3287-4400-a031-89dc8adc7e71&KRTB&23019-uid:71476084-3287-4400-a031-89dc8adc7e71&KRTB&23114-uid:71476084-3287-4400-a031-89dc8adc7e71; PUBMDCID=3; KRTBCOOKIE_391=22924-1925878208261557160&KRTB&23263-1925878208261557160; KRTBCOOKIE_336=5844-6973586629705886346; PugT=1619276424; SPugT=1619276423; KRTBCOOKIE_153=1923-kCCgQZUioEyLIaxGwie1EZ9x_UaLc_oTlylWxwnK&KRTB&19420-kCCgQZUioEyLIaxGwie1EZ9x_UaLc_oTlylWxwnK&KRTB&22979-kCCgQZUioEyLIaxGwie1EZ9x_UaLc_oTlylWxwnK
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

Server: nginx
Date: Sat, 24 Apr 2021 15:00:24 GMT
Content-Type: image/gif; charset=utf-8
Content-Length: 42
Connection: keep-alive
Set-Cookie: KRTBCOOKIE_409=22966-GUDd8qBA9gGQKyNEOXs9Wshk; domain=pubmatic.com; SameSite=None; secure; expires=Mon, 24-May-2021 15:00:24 GMT; path=/ PugT=1619276424; domain=pubmatic.com; SameSite=None; secure; expires=Mon, 24-May-2021 15:00:24 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Fri, 23-Jul-2021 15:00:24 GMT; path=/
X-lat: amspug013:0:540
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private

Redirect headers

server: openresty
date: Sat, 24 Apr 2021 15:00:25 GMT
content-length: 0
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
set-cookie: u=GUDd8qBA9gGQKyNEOXs9Wshk; Max-Age=63072000; Domain=.erne.co; Path=/; Secure; SameSite=None
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=GUDd8qBA9gGQKyNEOXs9Wshk
strict-transport-security: max-age=0; includeSubDomains;

GET
H/1.1 200
OK bridge Show response
cm.adgrx.com/ Frame 4B7C 43 B
408 B 1107ms
28ms Document
image/gif 173.231.180.197
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by: Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=80801165&p=156319&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 173.231.180.197 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: Cowboy /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Host: cm.adgrx.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

Date: Sat, 24 Apr 2021 15:00:25 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
server: Cowboy
X-RealServer-NX: ams-delivery-1
Cache-Control: no-cache, no-store, must-revalidate, proxy-revalidate
Pragma: no-cache
Expires: Thu, 23 Sep 2004 17:42:04 GMT
P3P: CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin: *

GET
H/1.1

200
OK

Cookie set Pug Show response
simage2.pubmatic.com/AdServer/ Frame E59A
Redirect Chain

https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=3813606125
https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=3813606125
https://sync.1rx.io/usersync/tradedesk/f33a31f7-4189-42f9-8459-23c75442979a
https://sync.targeting.unrulymedia.com/csync/RX-53f52b94-e826-43c8-8bad-d2a54a7fdea5-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-53f52b94-e826-43c8-8bad-d2a54a7fdea5-003

42 B
849 B

14ms
14ms

Document
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-53f52b94-e826-43c8-8bad-d2a54a7fdea5-003
Requested by: Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=80801165&p=156319&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host: simage2.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: KADUSERCOOKIE=B9FB84B7-AC9D-415B-B9D8-588946097E7A; chkChromeAb67Sec=1; DPSync3=1620432000%3A226_221_201_227; SyncRTB3=1619827200%3A67_2_223_15%7C1620086400%3A63%7C1621814400%3A203%7C1620432000%3A56_55_189_88_161_3_21_13_22_99_81_165_176_222_231_7_230_220_8_54_71_166_204%7C1620518400%3A35; KRTBCOOKIE_27=16735-uid:71476084-3287-4400-a031-89dc8adc7e71&KRTB&16736-uid:71476084-3287-4400-a031-89dc8adc7e71&KRTB&23019-uid:71476084-3287-4400-a031-89dc8adc7e71&KRTB&23114-uid:71476084-3287-4400-a031-89dc8adc7e71; PUBMDCID=3; KRTBCOOKIE_391=22924-1925878208261557160&KRTB&23263-1925878208261557160; KRTBCOOKIE_336=5844-6973586629705886346; SPugT=1619276423; KRTBCOOKIE_153=1923-kCCgQZUioEyLIaxGwie1EZ9x_UaLc_oTlylWxwnK&KRTB&19420-kCCgQZUioEyLIaxGwie1EZ9x_UaLc_oTlylWxwnK&KRTB&22979-kCCgQZUioEyLIaxGwie1EZ9x_UaLc_oTlylWxwnK; KRTBCOOKIE_409=22966-GUDd8qBA9gGQKyNEOXs9Wshk; KRTBCOOKIE_22=14911-2558916498258368330; KRTBCOOKIE_80=16514-CAESEGn3J1ilVnuWkHbt7Aca7h0&KRTB&22987-CAESEGn3J1ilVnuWkHbt7Aca7h0&KRTB&23025-CAESEGn3J1ilVnuWkHbt7Aca7h0; KRTBCOOKIE_218=22978-YIQyiQAAb44A5gA4&KRTB&23194-YIQyiQAAb44A5gA4&KRTB&23209-YIQyiQAAb44A5gA4&KRTB&23244-YIQyiQAAb44A5gA4; KRTBCOOKIE_1074=22956-e_42e97c65-53cb-4a68-b676-0bdfa5b01ad4; PugT=1619276425
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

Server: nginx
Date: Sat, 24 Apr 2021 15:00:24 GMT
Content-Type: image/gif; charset=utf-8
Content-Length: 42
Connection: keep-alive
Set-Cookie: KRTBCOOKIE_594=17105-RX-53f52b94-e826-43c8-8bad-d2a54a7fdea5-003&KRTB&17107-RX-53f52b94-e826-43c8-8bad-d2a54a7fdea5-003; domain=pubmatic.com; SameSite=None; secure; expires=Fri, 23-Jul-2021 15:00:24 GMT; path=/ PugT=1619276424; domain=pubmatic.com; SameSite=None; secure; expires=Mon, 24-May-2021 15:00:24 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Fri, 23-Jul-2021 15:00:24 GMT; path=/
X-lat: amspug005:0:387
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private

Redirect headers

server: Tengine
date: Sat, 24 Apr 2021 15:00:26 GMT
content-type: text/html
set-cookie: _rxuuid=%7B%22rx_uuid%22%3A%22RX-53f52b94-e826-43c8-8bad-d2a54a7fdea5-003%22%7D; path=/; expires=Sun, 24 Apr 2022 15:00:26 GMT; domain=.targeting.unrulymedia.com; samesite=none; secure; httponly
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-53f52b94-e826-43c8-8bad-d2a54a7fdea5-003
etag: RX53f52b94e82643c88badd2a54a7fdea5003

GET
H2 200 dpe Show response
ad4m.at/ad/ Frame D533 42 B
1 KB 59ms
18ms Document
image/gif 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox

Request headers

:method: GET
:authority: ad4m.at
:scheme: https
:path: /ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

date: Sat, 24 Apr 2021 15:00:24 GMT
content-type: image/gif
content-length: 42
set-cookie: __cfduid=d867a30998b3e804977a8843e4270bbda1619276424; expires=Mon, 24-May-21 15:00:24 GMT; path=/; domain=.ad4m.at; HttpOnly; SameSite=Lax; Secure
report-to: {"endpoints":[{"url":"https://as.ad4m.at/ad/vre"}],"group":"report-endpoint","max_age":86400}
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0"}
expires: 0
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
content-security-policy: block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
referrer-policy: same-origin
pragma: no-cache
surrogate-control: no-store
x-fastcgi-cache: BYPASS
x-backend-server: adsrv-wmp3
via: 1.1 google
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-request-id: 09a5fe7ce400001f4d8824a000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 645033749e8b1f4d-FRA

GET
H2

200

i.match Show response
s.tribalfusion.com/z/ Frame 87F6
Redirect Chain

https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...

43 B
445 B

167ms
165ms

Document
image/gif

2606:4700::6812:c05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by: Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=80801165&p=156319&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

:method: GET
:authority: s.tribalfusion.com
:scheme: https
:path: /z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: ANON_ID=abnoeUxlqLNnJVsVVd0ySZc1EMZcyGZaZalVlParsWZaY
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

date: Sat, 24 Apr 2021 15:00:24 GMT
content-type: image/gif; charset=utf-8
content-length: 43
set-cookie: __cfduid=d399658c1e348bd97128cea7b3f49289a1619276424; expires=Mon, 24-May-21 15:00:24 GMT; path=/; domain=.tribalfusion.com; HttpOnly; SameSite=Lax ANON_ID=aqns6EmMZaE9DXqwmyCEERWBWTZcY0wvrl5V8xUru2DlyZaiQTw3SBEF8qeHbJW1e8ccQmKZbj3GbHWGfF4j2QFj; path=/; domain=.tribalfusion.com; expires=Fri, 23-Jul-2021 15:00:24 GMT; SameSite=None; Secure; ANON_ID_old=aqns6EmMZaE9DXqwmyCEERWBWTZcY0wvrl5V8xUru2DlyZaiQTw3SBEF8qeHbJW1e8ccQmKZbj3GbHWGfF4j2QFj; path=/; domain=.tribalfusion.com; expires=Fri, 23-Jul-2021 15:00:24 GMT;
p3p: CP="NOI DEVo TAIa OUR BUS"
x-function: 302
cache-control: no-cache private
expires: Thu, 01 Jan 1970 00:00:00 GMT
pragma: no-cache
cf-cache-status: DYNAMIC
cf-request-id: 09a5fe7da500004eb0fc199000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 64503375d9364eb0-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

date: Sat, 24 Apr 2021 15:00:24 GMT
content-type: text/html
set-cookie: __cfduid=d399658c1e348bd97128cea7b3f49289a1619276424; expires=Mon, 24-May-21 15:00:24 GMT; path=/; domain=.tribalfusion.com; HttpOnly; SameSite=Lax ANON_ID=abnoeUxlqLNnJVsVVd0ySZc1EMZcyGZaZalVlParsWZaY; path=/; domain=.tribalfusion.com; expires=Fri, 23-Jul-2021 15:00:24 GMT; SameSite=None; Secure; ANON_ID_old=abnoeUxlqLNnJVsVVd0ySZc1EMZcyGZaZalVlParsWZaY; path=/; domain=.tribalfusion.com; expires=Fri, 23-Jul-2021 15:00:24 GMT;
p3p: CP="NOI DEVo TAIa OUR BUS"
x-function: 206
x-reuse-index: 216
cache-control: no-cache private
expires: Thu, 01 Jan 1970 00:00:00 GMT
pragma: no-cache
location: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
cf-cache-status: DYNAMIC
cf-request-id: 09a5fe7ce400004eb0bbba5000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 645033749e8b4eb0-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1

200
OK

Cookie set Pug Show response
simage2.pubmatic.com/AdServer/ Frame CDF8
Redirect Chain

https://bh.contextweb.com/bh/rtset?pid=557219&ev=1&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&piggybackCookie=%%VGUID%%
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=Cz7IaRwaunqF&pid=557219

1 B
463 B

14ms
14ms

Document
text/html

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=Cz7IaRwaunqF&pid=557219
Requested by: Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=80801165&p=156319&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Host: simage2.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: SPugT=1619276425; PUBMDCID=3; KRTBCOOKIE_1101=23040-6954739297158232203; PugT=1619276427
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

Server: nginx
Date: Sat, 24 Apr 2021 15:00:26 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 1
Connection: keep-alive
Set-Cookie: PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Fri, 23-Jul-2021 15:00:26 GMT; path=/
X-lat: amspug004:0:242
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private

Redirect headers

p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cw-server: bh-deployment-7c488d4f5b-nsp9m
cache-control: private, max-age=0, no-cache, no-store
expires: -1
content-language: en-US
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=Cz7IaRwaunqF&pid=557219
server: Jetty(9.4.14.v20181114)
strict-transport-security: max-age=15768000
set-cookie: INGRESSCOOKIE=ce5547dd5ba1a530; path=/; HttpOnly; Secure; SameSite=None

GET
H2

200

rtb-h Show response
match.taboola.com/sg/pubmatic-ssp-network/1/ Frame 2E3C
Redirect Chain

https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=7a4569dd-6e5a-4c1f-b226-b55bf4895d0a-tuct77db808&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdSe...

0
53 B

17ms
16ms

Document
text/plain

199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=7a4569dd-6e5a-4c1f-b226-b55bf4895d0a-tuct77db808&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Requested by: Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=80801165&p=156319&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method: GET
:authority: match.taboola.com
:scheme: https
:path: /sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=7a4569dd-6e5a-4c1f-b226-b55bf4895d0a-tuct77db808&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: t_gid=7a4569dd-6e5a-4c1f-b226-b55bf4895d0a-tuct77db808
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
accept-ranges: bytes
date: Sat, 24 Apr 2021 15:00:24 GMT
via: 1.1 varnish
x-served-by: cache-hhn11570-HHN
x-cache: MISS
x-cache-hits: 0
x-timer: S1619276424.450391,VS0,VE9
content-length: 0

Redirect headers

server: nginx
set-cookie: t_gid=7a4569dd-6e5a-4c1f-b226-b55bf4895d0a-tuct77db808;Version=1;Path=/;Domain=.taboola.com;Expires=Sun, 24-Apr-2022 15:00:24 GMT;Max-Age=31536000;Secure;SameSite=None
location: https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=7a4569dd-6e5a-4c1f-b226-b55bf4895d0a-tuct77db808&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
accept-ranges: bytes
date: Sat, 24 Apr 2021 15:00:24 GMT
via: 1.1 varnish
x-served-by: cache-hhn11570-HHN
x-cache: MISS
x-cache-hits: 0
x-timer: S1619276424.432233,VS0,VE9
x-vcl-time-ms: 9
content-length: 0

GET
H2 200 141 Show response
match.deepintent.com/usersync/ Frame ADBF 0
44 B 7391ms
98ms Document
text/plain 169.197.150.7
DEEPINTENT

General

Check archive.org

Show headers Download Go to

Full URL: https://match.deepintent.com/usersync/141?redir=https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw&piggybackCookie=${DI_USER_ID}&gdpr=0&gdpr_consent=
Requested by: Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=80801165&p=156319&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 169.197.150.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS: g.deepintent.com
Software: b /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method: GET
:authority: match.deepintent.com
:scheme: https
:path: /usersync/141?redir=https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw&piggybackCookie=${DI_USER_ID}&gdpr=0&gdpr_consent=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

content-length: 0
date: Sat, 24 Apr 2021 15:00:31 GMT
server: b

GET
H2 200 i.gif Show response
e.serverbid.com/udb/9969/sync/ Frame 0169 0
44 B 102ms
98ms Document
text/plain 134.209.131.220
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=4&userId=B9FB84B7-AC9D-415B-B9D8-588946097E7A
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 134.209.131.220 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method: GET
:authority: e.serverbid.com
:scheme: https
:path: /udb/9969/sync/i.gif?partnerId=4&userId=B9FB84B7-AC9D-415B-B9D8-588946097E7A
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

content-length: 0
date: Sat, 24 Apr 2021 15:00:24 GMT

GET
H/1.1

200
OK

user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 3C46
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=ufuEt6ydQVu52FiJRgl-eg%3D%3D
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=ufuEt6ydQVu52FiJRgl-eg%3D%3D&google_tc=
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

8 KB
8 KB

9ms
8ms

Image
text/html

2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 24 Apr 2021 15:00:25 GMT
Content-Encoding: gzip
Last-Modified: Wed, 21 Oct 2020 18:57:29 GMT
Server: Apache/2.2.15 (CentOS)
ETag: "1300708-1f78-5b232eb4914bb"
Vary: Accept-Encoding
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: max-age=70470
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: text/html; charset=UTF-8
Content-Length: 2654
Expires: Sun, 25 Apr 2021 10:34:55 GMT

Redirect headers

pragma: no-cache
date: Sat, 24 Apr 2021 15:00:25 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 272
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 mw
mwzeom.zeotap.com/ Frame 3C46 95 B
596 B 73ms
27ms Image
image/png 2606:4700:10::6816:1957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=B9FB84B7-AC9D-415B-B9D8-588946097E7A
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 15:00:24 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://ads.pubmatic.com
access-control-allow-credentials: true
cf-ray: 64503374ac434e08-FRA
access-control-allow-headers: *
content-length: 95
cf-request-id: 09a5fe7ced00004e08d12f8000000001

GET
H/1.1

200
OK

info2
uipglob.semasio.net/pubmatic/1/ Frame 3C46
Redirect Chain

https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=B9FB84B7-AC9D-415B-B9D8-588946097E7A&sInitiator=external&gdpr=0&gdpr_consent=
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=B9FB84B7-AC9D-415B-B9D8-588946097E7A&sInitiator=external&gdpr=0&gdpr_consent=

42 B
604 B

324ms
323ms

Image
image/gif

77.243.60.138
NETIC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=B9FB84B7-AC9D-415B-B9D8-588946097E7A&sInitiator=external&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 77.243.60.138 Aalborg, Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software: /
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Apr 2021 15:00:30 GMT
frontend-id: 13
p3p: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin: *
uip-response-status: Ok
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
content-length: 42
routing-server-id: -1
expires: Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 24 Apr 2021 15:00:29 GMT
frontend-id: 4
location: /pubmatic/1/info2?sType=sync&sExtCookieId=B9FB84B7-AC9D-415B-B9D8-588946097E7A&sInitiator=external&gdpr=0&gdpr_consent=
p3p: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin: *
uip-response-status: Ok
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 0
routing-server-id: -1
expires: Sat, 01 Jan 2011 12:00:00 GMT

GET
H/1.1

200
OK

Artemis
aud.pubmatic.com/AdServer/ Frame 3C46
Redirect Chain

https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=B9FB84B7-AC9D-415B-B9D8-588946097E7A&gdpr=
https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=B9FB84B7-AC9D-415B-B9D8-588946097E7A&gdpr=&fbounce=1
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=B9FB84B7-AC9D-415B-B9D8-588946097E7A&addseg=19,36,42

7 B
147 B

52ms
15ms

Image
text/plain

185.64.189.249
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=B9FB84B7-AC9D-415B-B9D8-588946097E7A&addseg=19,36,42
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.64.189.249 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 24 Apr 2021 15:00:32 GMT
Connection: keep-alive
Content-Length: 7
Content-Type: text/plain; charset=utf-8

Redirect headers

date: Sat, 24 Apr 2021 15:00:32 GMT
via: 1.1 google
p3p: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location: https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=B9FB84B7-AC9D-415B-B9D8-588946097E7A&addseg=19,36,42
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-type: text/html; charset=utf-8
alt-svc: clear
content-length: 141

GET
H/1.1

200
OK

Pug
image2.pubmatic.com/AdServer/ Frame 3C46
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QjlGQjg0QjctQUM5RC00MTVCLUI5RDgtNTg4OTQ2MDk3RTdB&gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QjlGQjg0QjctQUM5RC00MTVCLUI5RDgtNTg4OTQ2MDk3RTdB&gdpr=0&gdpr_consent=&google_tc=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

42 B
505 B

14ms
14ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 24 Apr 2021 15:00:25 GMT
X-lat: amspug008:0:348
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

pragma: no-cache
date: Sat, 24 Apr 2021 15:00:25 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

Pug
image2.pubmatic.com/AdServer/ Frame 3C46
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm=&google_sc=&gdpr=0&gdpr_consent=&google_tc=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEGn3J1ilVnuWkHbt7Aca7h0&google_cver=1

42 B
855 B

30ms
15ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEGn3J1ilVnuWkHbt7Aca7h0&google_cver=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 24 Apr 2021 15:00:25 GMT
X-lat: amspug002:0:395
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

pragma: no-cache
date: Sat, 24 Apr 2021 15:00:25 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEGn3J1ilVnuWkHbt7Aca7h0&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 379
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubmatic
um.simpli.fi/ Frame 3C46 43 B
609 B 7150ms
18ms Image
image/gif 159.253.128.188
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.253.128.188 Amsterdam, Netherlands, ASN36351 (SOFTLAYER, US),

Reverse DNS

bc.80.fd9f.ip4.static.sl-reverse.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 15:00:31 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Fri, 23 Apr 2021 15:00:31 GMT

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/ Frame 3C46
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=f33a31f7-4189-42f9-8459-23c75442979a

42 B
882 B

15ms
14ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=f33a31f7-4189-42f9-8459-23c75442979a
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 24 Apr 2021 15:00:26 GMT
X-lat: amspug010:0:409
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

pragma: no-cache
date: Sat, 24 Apr 2021 15:00:26 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=f33a31f7-4189-42f9-8459-23c75442979a
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 313

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/ Frame 3C46
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=1925878208261557160

42 B
801 B

22ms
14ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=1925878208261557160
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 24 Apr 2021 15:00:23 GMT
X-lat: amspug007:0:474
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

pragma: no-cache
date: Sat, 24 Apr 2021 15:00:24 GMT
server: nginx
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=1925878208261557160
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/ Frame 3C46
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:71476084-3287-4400-a031-89dc8adc7e71&gdpr=0&gdpr_consent=

42 B
946 B

15ms
15ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:71476084-3287-4400-a031-89dc8adc7e71&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 24 Apr 2021 15:00:23 GMT
X-lat: amspug014:0:386
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

Date: Sat, 24 Apr 2021 15:00:24 GMT
Server: MT3 3660 495c301 master zrh-pixel-x5
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:71476084-3287-4400-a031-89dc8adc7e71&gdpr=0&gdpr_consent=
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Sat, 24 Apr 2021 15:00:23 GMT

GET
H/1.1

200
OK

Pug
image2.pubmatic.com/AdServer/ Frame 3C46
Redirect Chain

https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA%3D%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2327173575115661820&gdpr=0&gdpr_consent=

42 B
769 B

14ms
14ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2327173575115661820&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 24 Apr 2021 15:00:30 GMT
X-lat: amspug011:0:462
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

Pragma: no-cache
Date: Sat, 24 Apr 2021 15:00:31 GMT
X-Proxy-Origin: 83.143.245.188; 83.143.245.188; 729.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.222.231:80
AN-X-Request-Uuid: f405b104-d7e0-4976-a2b8-e8e2833c8162
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2327173575115661820&gdpr=0&gdpr_consent=
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/ Frame 3C46
Redirect Chain

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
https://event.clientgear.com/cookie/bidswitch?partner=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=3012b04a-ac88-4329-96a6-d6d620ec02c6
https://x.bidswitch.net/sync?dsp_id=257&user_id=mkec72b583-2084-4041-8d44-4d71de6ae919&expires=7&user_group=5&ssp=pubmatic&bsw_param=3012b04a-ac88-4329-96a6-d6d620ec02c6
https://x.bidswitch.net/ul_cb/sync?dsp_id=257&user_id=mkec72b583-2084-4041-8d44-4d71de6ae919&expires=7&user_group=5&ssp=pubmatic&bsw_param=3012b04a-ac88-4329-96a6-d6d620ec02c6
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=979ac9f1-515e-45d2-9d7a-fc0024c81689&gdpr=&gdpr_consent=&gdpr_pd=

1 B
745 B

14ms
14ms

Image
text/html

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=979ac9f1-515e-45d2-9d7a-fc0024c81689&gdpr=&gdpr_consent=&gdpr_pd=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 24 Apr 2021 15:00:30 GMT
X-lat: amspug011:0:539
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 1

Redirect headers

location: //simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=979ac9f1-515e-45d2-9d7a-fc0024c81689&gdpr=&gdpr_consent=&gdpr_pd=
date: Sat, 24 Apr 2021 15:00:32 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2 200 B9FB84B7-AC9D-415B-B9D8-588946097E7A
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 3C46 43 B
840 B 139ms
33ms Image
image/gif 2a00:1288:110:c305::8000
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/pubmatic/B9FB84B7-AC9D-415B-B9D8-588946097E7A?gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 15:00:24 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
content-type: image/gif
x-xss-protection: 1; mode=block
content-length: 43
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

SPug
image4.pubmatic.com/AdServer/ Frame 3C46
Redirect Chain

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=B9FB84B7-AC9D-415B-B9D8-588946097E7A&redir=true&gdpr=0&gdpr_consent=
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-XkeGrChE2uUfi4.wLgDXfeLl6lFUisI-~A&gdpr=0&gdpr_consent=

0
587 B

309ms
15ms

Image
text/plain

185.64.189.114
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-XkeGrChE2uUfi4.wLgDXfeLl6lFUisI-~A&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-Cnection: close
Date: Sat, 24 Apr 2021 15:00:23 GMT
Content-Encoding: gzip
Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6
Vary: Accept-Encoding
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-cache
Transfer-Encoding: chunked
Content-Type: text/plain; charset=utf-8

Redirect headers

Date: Sat, 24 Apr 2021 15:00:24 GMT
Server: ATS/7.1.2.128
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-XkeGrChE2uUfi4.wLgDXfeLl6lFUisI-~A&gdpr=0&gdpr_consent=
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

Pug
image2.pubmatic.com/AdServer/ Frame 3C46
Redirect Chain

https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=kCCgQZUioEyLIaxGwie1EZ9x_UaLc_oTlylWxwnK

42 B
894 B

15ms
14ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=kCCgQZUioEyLIaxGwie1EZ9x_UaLc_oTlylWxwnK
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 24 Apr 2021 15:00:24 GMT
X-lat: amspug015:0:412
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

pragma: no-cache
date: Sat, 24 Apr 2021 15:00:25 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=kCCgQZUioEyLIaxGwie1EZ9x_UaLc_oTlylWxwnK
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/ Frame 3C46
Redirect Chain

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2558916498258368330&gdpr=0&gdpr_consent=&us_privacy=

1 B
727 B

14ms
14ms

Image
text/html

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2558916498258368330&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 24 Apr 2021 15:00:25 GMT
X-lat: amspug012:0:386
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 1

Redirect headers

location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2558916498258368330&gdpr=0&gdpr_consent=&us_privacy=
pragma: no-cache
date: Sat, 24 Apr 2021 15:00:25 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/ Frame 3C46
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YIQyiQAAb44A5gA4&gdpr=0&gdpr_consent=&_test=YIQyiQAAb44A5gA4

1 B
809 B

17ms
17ms

Image
text/html

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YIQyiQAAb44A5gA4&gdpr=0&gdpr_consent=&_test=YIQyiQAAb44A5gA4
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 24 Apr 2021 15:00:24 GMT
X-lat: amspug015:0:399
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 1

Redirect headers

pragma: no-cache
date: Sat, 24 Apr 2021 15:00:25 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1619276426.818297,VS0,VE0
x-served-by: cache-hhn4063-HHN
x-cache: HIT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YIQyiQAAb44A5gA4&gdpr=0&gdpr_consent=&_test=YIQyiQAAb44A5gA4
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/ Frame 3C46
Redirect Chain

https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:2153d520-0a2d-4fcd-a114-0ded323e82ba&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw

42 B
505 B

14ms
14ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:2153d520-0a2d-4fcd-a114-0ded323e82ba&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 24 Apr 2021 15:00:26 GMT
X-lat: amspug008:0:419
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

Location: https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:2153d520-0a2d-4fcd-a114-0ded323e82ba&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date: Sat, 24 Apr 2021 15:00:27 GMT
Server: Apache/2.4.41 (Ubuntu)
Connection: Keep-Alive
Keep-Alive: timeout=5, max=3000
Content-Length: 0
P3P: policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"

GET
H/1.1

200
OK

Pug
image2.pubmatic.com/AdServer/ Frame 3C46
Redirect Chain

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=

42 B
760 B

15ms
15ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 24 Apr 2021 15:00:25 GMT
X-lat: amspug009:0:390
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

pragma: no-cache
date: Sat, 24 Apr 2021 15:00:25 GMT
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
cache-control: max-age=0,no-cache,no-store
content-length: 0
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H2 204 current
pubmatic-match.dotomi.com/match/bounce/ Frame 3C46 0
104 B 86ms
60ms Image
text/plain 2a02:fa8:8806:13::1370
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=B9FB84B7-AC9D-415B-B9D8-588946097E7A&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:13::1370 , United States, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Apr 2021 15:00:25 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/ Frame 3C46
Redirect Chain

https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=2327173575115661820

42 B
505 B

14ms
14ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=2327173575115661820
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 24 Apr 2021 15:00:31 GMT
X-lat: amspug012:0:351
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

Pragma: no-cache
Date: Sat, 24 Apr 2021 15:00:32 GMT
X-Proxy-Origin: 83.143.245.188; 83.143.245.188; 729.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.223.59:80
AN-X-Request-Uuid: ec7ad8ca-9b88-4119-9c04-f0972eebaace
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=2327173575115661820
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/ Frame 3C46
Redirect Chain

https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_42e97c65-53cb-4a68-b676-0bdfa5b01ad4

42 B
790 B

14ms
14ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_42e97c65-53cb-4a68-b676-0bdfa5b01ad4
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 24 Apr 2021 15:00:25 GMT
X-lat: amspug002:0:390
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_42e97c65-53cb-4a68-b676-0bdfa5b01ad4
date: Sat, 24 Apr 2021 15:00:25 GMT
p3p: CP="This is not a P3P policy"
server: nginx
timing-allow-origin: *
content-length: 0
content-language: en-US

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 8ms
7ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=CRACKED_SCRIPPS_DFP_PREBID_HEADER1&hp=1&wf=1&vb=5&kq=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&bq=11&f=0&j=&t=1619276421514&de=348010815284&rx=927200626535&m=0&ar=31f9dba90d7-clean&iw=07d6456&q=4&cb=0&cu=1619276421514&ll=2&lm=0&ln=0&em=0&en=0&d=16839141%3A237842901%3A2053316181%3A115751243541&zMoatAdUnit1=ssp.tmj4&zMoatAdUnit2=news&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.tmj4.com%2Fnews%2Fcoronavirus%2Fwisconsins-extended-safer-at-home-order-relaxes-restrictions-on-non-essential-businesses&id=1&gw=crackedscrippsdfpprebidheader262014341684&fd=1&ac=1&it=500&zMoatpage=-&zMoatpos=above%2C1&zMoatpt=detail%2Ctrue&pe=1%3A626%3A626%3A0%3A649&fs=180167&na=872468849&cs=0
Requested by: Host: www.tmj4.com
URL: https://www.tmj4.com/news/coronavirus/wisconsins-extended-safer-at-home-order-relaxes-restrictions-on-non-essential-businesses
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.tmj4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Apr 2021 15:00:24 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Sat, 24 Apr 2021 15:00:24 GMT

GET
H3-29 200 css
fonts.googleapis.com/ Frame 67FB 6 KB
678 B 50ms
15ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,600,800

Requested by

Host: yummy.consumable.com
URL: https://yummy.consumable.com/8580/cnsmbl-video-970x250/widget/unit.js?cb=1619276424015

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

78862fceb28d06e4cc3de1d931443552a9616c2b8a066393c4f9d6fd0ff68de8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.tmj4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 24 Apr 2021 13:58:30 GMT
server: ESF
date: Sat, 24 Apr 2021 15:00:24 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 24 Apr 2021 15:00:24 GMT

GET
H3-29 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 67FB 62 KB
21 KB 35ms
34ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: yummy.consumable.com
URL: https://yummy.consumable.com/8580/cnsmbl-video-970x250/widget/unit.js?cb=1619276424015

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

sffe /

Resource Hash

47778cf60a04efe804de6d47ede576c117ddc5ad3bf3ac74f0a3a02a11ab5938

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tmj4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 15:00:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "851 / 620 of 1000 / last-modified: 1619215815"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21082
x-xss-protection: 0
expires: Sat, 24 Apr 2021 15:00:24 GMT

GET
H2 200 cool-by-consumable-2.svg
yummy.consumable.com/8580/cnsmbl-video-970x250/img/ Frame 67FB 6 KB
3 KB 46ms
45ms Image
image/svg+xml 13.33.139.93
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://yummy.consumable.com/8580/cnsmbl-video-970x250/img/cool-by-consumable-2.svg
Requested by: Host: yummy.consumable.com
URL: https://yummy.consumable.com/8580/cnsmbl-video-970x250/widget/unit.js?cb=1619276424015
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.139.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-139-93.cph50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d6aa3fcf04d6a362c2a082cd482606251de0e0129861145fca91cbdd3121af86

Request headers

Referer: https://www.tmj4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 15:00:24 GMT
content-encoding: gzip
last-modified: Mon, 07 Dec 2020 20:18:02 GMT
server: AmazonS3
x-amz-cf-pop: CPH50-C2
etag: W/"f7152d7a85b77d8f0ddc9786ef9cc0b3"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 c77c2d645cbeae90b436c4ed3b9c4718.cloudfront.net (CloudFront)
x-amz-cf-id: wtYz1JZhPkrOB687iD-gtviB8U7SBjABOkCnFVtMGYQSVqx9LFCVfA==

GET
H/1.1 200
OK pw.js Show response
includemodal.global.ssl.fastly.net/ Frame AB38 32 KB
11 KB 7ms
7ms Script
application/javascript 151.101.13.194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://includemodal.global.ssl.fastly.net/pw.js
Requested by: Host: a3a96b9ff0f7528530d1f7c674196848.safeframe.googlesyndication.com
URL: https://a3a96b9ff0f7528530d1f7c674196848.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.194 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fc030d8918c5968049401e0523c0dda5027745bc526b090e0b08a30451dc019f

Request headers

Referer: https://a3a96b9ff0f7528530d1f7c674196848.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 06nUkp5i9bkkXh8_cteY_BtzzXlVWVZE
Content-Encoding: gzip
ETag: "68a10f0c0f3d345bba1f230a84a01628"
Age: 2489
X-Cache: HIT
Connection: keep-alive
Content-Length: 10528
x-amz-id-2: 7jyTDHJoGGDUE/vmc8Ebu4coKy4MjmvlRidJfQM41H1u/4Pw2S/OuvphmU5HnJrQuzcuEqO/vy8=
X-Served-By: cache-fra19168-FRA
Last-Modified: Wed, 31 Mar 2021 21:28:39 GMT
Server: AmazonS3
X-Timer: S1619276425.546044,VS0,VE0
Date: Sat, 24 Apr 2021 15:00:24 GMT
Vary: Accept-Encoding
x-amz-request-id: S8N17C7ACAS36YMN
Via: 1.1 varnish
Accept-Ranges: bytes
Content-Type: application/javascript
X-Cache-Hits: 26

GET
H3-29 200 adview
securepubads.g.doubleclick.net/pagead/ Frame AB38 0
0 66ms
65ms Fetch
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CzxA9hzKEYPOYG-GLx_APvYy58AzPh46bXMCG2YLGAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi04NDE0NjI3MjgwMDU0NTkzyAEJ4AIAqAMBqgTaAk_Q-Wq-l2jZLPqstVPeaM49kd6vmkZwXGqFI5l3i0oIPqwwoz5m9p-fuFo9aCTPk64PuwYuNA7sGMOhC33vlUl3S7SdW84lLyJNwxsaeDilWRJtB7a0utSpT14K23zZovnFzJEodS1rS6t-1X5AM__6oBKA8T-rbTRExEJiUaPCFvvMurs7QjsW5wvZw0z6wwK5PMSq_rxD0iWJ7iVExwAB8uDWPzu6lfGeUnyMgK--x7Lz9nMY8TrxWEU2n5rWKwrgPV2pYBibBOeomHak1v_TUsv6nWaDkzfJLRTFefxgALx-B4AT51OPomR3nUaG6MEQRTYtkaUu6_s8HQNMkvqwsNY_HeezOu3uQelLSinhGYaQB0WXk3Sw79yB3NtFo3lP_-a2qwYl5r58ACOhvI4A9UXdHgmWOXEuY737DsK1QXrIlbodt4IisWPQ5QSZBSI9QwcFLFIa6c3gBAGABsrr6dDusIOqiQGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAYAKA_oLAggBgAwBshcYChYSFHB1Yi04NDE0NjI3MjgwMDU0NTkz&sigh=eKEycj5nehA&tpd=AGWhJmtojniicUIjIUbRUMGcj73QxskDb6qU28eiwbTErxz2bj1Hdqp-jMv-y5olepxcJnqaSPTOG6gSeS3hzcKIfU8uXdeiyU1Hb5nkrxNun5FoOs5cVWb63s3QcWVrMiIZLppEiAtS5gx8LQlKht0N_uEkUo7DOmWWN63b4W4IL8-rb8veAmIXjiFpnV1UtEZUIu5dSdXkE4EcVtwytwHfJf8wERSFRWIZ0P2dyN1vR5DGoCe5weY7i2s6ndODwKJr7e00nnFk2ENgau4I1jX9n2naJQ7OPPd7Wnjpg2iIML7ACK_kiAEe6i_pFVgTm2K9wnB81XCdrJ-P8p7AHskfX4rGY5RMpNCNOsOvHmnW75wYY5g-MKk16AL-gMlVBvahNsRt8yWb25eix2jLhneH7JmsdAH2HZamsYjA8j8yHugGdVvnCmwLNCDO_6u0_LCjiGcwPbIirHwCrtj-g77Ntqa0wmNLfwFwkwt79wxGQlkmV2Vq0z8JECDanHlrn6cmqJCykBcOV9iYV3tJFiCVZni_d0EXeCU-Le3EGwhMHycrNRZDhIqfNVWN6IGWbWnMmwc6wJKcJgVnnOhRz-8Q_rtUPO6CgF924KRQNZXL25u7pCf7ANHjEDyF4Xs6xmYghgfxGyGzxL6oN_neKtVrszBt17BKSWDTa_-ZUlwE6X4cTL6y7BMsl2G1Ou5hcGKi_cUjvykZjGc3sSfDX7xV6Gm0M6u0PBGmfm9F6vdbE2S8ktByTa0aE04i9DjqEW7paDQCCEeayofkd3hDqxYuFAKDowkBq0oCS5VMUne7472Jj4RL71fNNwxOpIIRGFIfWH_6V22VCIWyzpLgtfENoxZLzc8hiUZFvgPE-LfWjq_nWoY5YO_IJE3fJxJkppPTtEt6zTV47Usffjzfa7tcmOhaEvB1EtBHj7ABUB1xZlGJxiiY3JGLiXaA-R0JRXCFF6JP-2ucTVSQICmDXrtd5TQ3us6g-FpoStqL6zTXkrUZjfDu4aA5xg4M83RWMepqO1Cuj4xyf2TbseDXC2VNehPj5Vv41EV4nVDZgHUVRB4
Requested by: Host: www.tmj4.com
URL: https://www.tmj4.com/news/coronavirus/wisconsins-extended-safer-at-home-order-relaxes-restrictions-on-non-essential-businesses
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s05-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Referer: https://a3a96b9ff0f7528530d1f7c674196848.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H/1.1 200
OK js Show response
tags.mathtag.com/notify/ Frame AB38 3 KB
2 KB 1098ms
39ms Script
application/x-javascript 185.29.133.33
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvWlRReVltWTNPREl0WVdKa1pDMWtPVFUxTFRBd01EQXRNREF3TURBd01EQXdNREF3LzQ5OTE5NDkzOTg4NzY5MTkzMDMvNjYyMjMzMi80NTYyMzA2LzQvNFpuLThIaXRpQ2tMU1UzckdXNWh5REVBcFpPVlg5cGVRcUJhWTIwc1k4cy8xLzQvMC8wLzk1NjgwMy8xNDAxOTQzMjk2LzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC80OTkxOTQ5Mzk4ODc2OTE5MzAzL2Ftcy8wLzM2MC83MC85OTkvMzIyLzgzLjE0My4yNDUuMC8wLjAwMC8xNjE5Mjc2NDIzLzE2MTkyODkwMjMvNC9wdWItODQxNDYyNzI4MDA1NDU5My8/hhalcizwRRunlNLbEgCHo0Eh0Bg&nodeid=1604&group=eu&auctionid=4991949398876919303&sid=4562306&cid=6622332&bp=a_bjgfgc&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.133.233&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCVTQThzKEYPOYG-GLx_APvYy58AzPh46bXMCG2YLGAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi04NDE0NjI3MjgwMDU0NTkzyAEJ4AIAqAMBqgTdAk_Q-Wq-l2jZLPqstVPeaM49kd6vmkZwXGqFI5l3i0oIPqwwoz5m9p-fuFo9aCTPk64PuwYuNA7sGMOhC33vlUl3S7SdW84lLyJNwxsaeDilWRJtB7a0utSpT14K23zZovnFzJEodS1rS6t-1X5AM__6oBKA8T-rbTRExEJiUaPCFvvMurs7QjsW5wvZw0z6wwK5PMSq_rxD0iWJ7iVExwAB8uDWPzu6lfGeUnyMgK--x7Lz9nMY8TrxWEU2n5rWKwrgPV2pYBibBOeomHak1v_TUsv6nWaDkzfJLRTFefxgALx-B4AT51OPomR3nUaG6MEQRTYtkaUu6_s8HQNMkvqwsNY_HeezOu3uQelLSinhGYaQB0WXk3Sw79yB3NtFo3lP_-a2qwYl5r58ACOhvI4A9UXdHgmWOXEuY737DsK1QXrIlbodt4Jgs25CSZQ9Aq-ZC6zdbP3q9NnsL2ngBAGABsrr6dDusIOqiQGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB%26num%3D1%26sig%3DAOD64_00mdNJqdMyF0PeRuoW6DattXMdNw%26client%3Dca-pub-8414627280054593%26adurl%3D
Requested by: Host: a3a96b9ff0f7528530d1f7c674196848.safeframe.googlesyndication.com
URL: https://a3a96b9ff0f7528530d1f7c674196848.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.133.33 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.197.0 /
Resource Hash: 732f6ee95f7cf2c124665c62b54513b849b580b49c13430b64d16d464bb36423

Request headers

Referer: https://a3a96b9ff0f7528530d1f7c674196848.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 24 Apr 2021 15:00:30 GMT
Content-Encoding: gzip
x-mm-bid-request-time: 1619276423
Last-Modified: Sat, 24 Apr 2021 15:00:23 GMT
Server: MMBD/3.197.0
x-mm-latency: 25 (1)
Content-Type: application/x-javascript; charset=UTF-8
x-mm-dbg: Count
Cache-Control: no-cache
x-mm-host: zrh-router-x71, cdg-bidder-x131
Connection: close
Expires: Sat, 24 Apr 2021 15:00:29 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210422/r20110914/client/ Frame AB38 2 KB
2 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210422/r20110914/client/window_focus_fy2019.js

Requested by

Host: a3a96b9ff0f7528530d1f7c674196848.safeframe.googlesyndication.com
URL: https://a3a96b9ff0f7528530d1f7c674196848.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a3a96b9ff0f7528530d1f7c674196848.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 14:58:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 143
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 08 May 2021 14:58:01 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame AB38 116 KB
35 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: a3a96b9ff0f7528530d1f7c674196848.safeframe.googlesyndication.com
URL: https://a3a96b9ff0f7528530d1f7c674196848.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dc015126841eaa9b1b79ee123e13d7d07ad7fe77f22366b05c480eff59a7a25e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a3a96b9ff0f7528530d1f7c674196848.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 15:00:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1619017370605640"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36032
x-xss-protection: 0
expires: Sat, 24 Apr 2021 15:00:24 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210422/r20110914/client/ Frame AB38 13 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210422/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: a3a96b9ff0f7528530d1f7c674196848.safeframe.googlesyndication.com
URL: https://a3a96b9ff0f7528530d1f7c674196848.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

439ab67fa3c312bb442bed574ea79be834dbd92f3bd7d2288b6f3fce4d0afb0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a3a96b9ff0f7528530d1f7c674196848.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 14:59:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 34
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5604
x-xss-protection: 0
server: cafe
etag: 2846967340006788112
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 08 May 2021 14:59:50 GMT

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame AB38 22 KB
7 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: a3a96b9ff0f7528530d1f7c674196848.safeframe.googlesyndication.com
URL: https://a3a96b9ff0f7528530d1f7c674196848.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a3a96b9ff0f7528530d1f7c674196848.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 13:14:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6347
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 24 Apr 2022 13:14:37 GMT

GET
H2 200 brid.min.js Show response
services.brid.tv/player/build/ Frame 67FB 462 KB
120 KB 47ms
17ms Script
application/javascript 13.224.95.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://services.brid.tv/player/build/brid.min.js
Requested by: Host: yummy.consumable.com
URL: https://yummy.consumable.com/8580/cnsmbl-video-970x250/widget/unit.js?cb=1619276424015
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.95.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-95-17.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: aad225f19a6d1133bc3f1a926c70a022d35a973ff2375e2212ab9eea9338f38a

Request headers

Referer: https://www.tmj4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 14:48:59 GMT
content-encoding: gzip
last-modified: Mon, 19 Apr 2021 10:20:39 GMT
server: AmazonS3
age: 808
etag: W/"9f42d2d9acbe07d7938389ab27265c64"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 e96895e7fdc48b58a3d95d2e8e23a8b0.cloudfront.net (CloudFront)
cache-control: max-age=1200, public
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: qfbCQtdhU5Hwbble9V-aimY0kiODyXvS8ml2bM-J0wufTSjzo8Yj8g==

GET
H3-29 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 8636 0
0 43ms
42ms Fetch
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CAAmVhzKEYPSYG-GLx_APvYy58AzxluvmYZyrjL2ZDb_hHhABIOaUhRhgleKQgqAHoAGbiNGfA8gBCakC6JrXqPFLtD7gAgCoAwHIAwiqBNkCT9DaX9rDb4SETTuePfX9Yamf_zymh6v7Es2pANbXCdQLQ5FgjWHK8Uwsv0-5os4UkpY_kJijZyjOKzi1F_wXNgfu1TVo1eMSMEkHGavNuv5gT8P_VnE8lsVnU1TzODcc4rxHxh8vLP2IMzFv1WKsb38QFcnPIIOeQwr3B6YorXL4pIVvfrwWlw5VmcASb9R23rcem8e1WUVJWGGzt0Cm2BKxRKmAOL90qMGqP2dGDKYYGcvjzCHzLLkCF-9WI-Ty9wBmiG6DmchEnLdP_NEIJODv6RtqUeVGCj403FoHVwMl539Rf_onpTSJ7C4iLRoD_7aGetFoR8wnUbUhCDpSwWqcWWR5EGu--ks5BEOUW56p5kgp04K7SLttR3lwK8-SmYk9tfPtrlfNXzzqkFhubTXRzmL2XpuQGFM5frjB0N_qjJpUvGqTgj9kQcjwgxEVlwc3vcwX5LoswATl7rXdswPgBAGSBQQIBBgBkgUECAUYBKAGLoAHzfeuYKgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAPIHBBDNvBXSCAkIgOGAEBABGB2ACgPICwHYEwyyFxoKGAgAEhRwdWItODQxNDYyNzI4MDA1NDU5Mw&sigh=qrvT-q_CXQE&template_id=419
Requested by: Host: www.tmj4.com
URL: https://www.tmj4.com/news/coronavirus/wisconsins-extended-safer-at-home-order-relaxes-restrictions-on-non-essential-businesses
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s05-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Referer: https://a3a96b9ff0f7528530d1f7c674196848.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210422/r20110914/ Frame 8636 17 KB
7 KB 13ms
7ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210422/r20110914/abg_lite_fy2019.js

Requested by

Host: a3a96b9ff0f7528530d1f7c674196848.safeframe.googlesyndication.com
URL: https://a3a96b9ff0f7528530d1f7c674196848.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e9f3358441fb5f83ee3575f81df787bbade8b416b009cbdcbd3b71c8b6f560e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a3a96b9ff0f7528530d1f7c674196848.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 14:57:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 203
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7028
x-xss-protection: 0
server: cafe
etag: 3134275839577271762
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 08 May 2021 14:57:01 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210422/r20110914/client/ Frame 8636 2 KB
1 KB 14ms
7ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210422/r20110914/client/window_focus_fy2019.js

Requested by

Host: a3a96b9ff0f7528530d1f7c674196848.safeframe.googlesyndication.com
URL: https://a3a96b9ff0f7528530d1f7c674196848.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a3a96b9ff0f7528530d1f7c674196848.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 14:58:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 143
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 08 May 2021 14:58:01 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8636 116 KB
35 KB 34ms
14ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: a3a96b9ff0f7528530d1f7c674196848.safeframe.googlesyndication.com
URL: https://a3a96b9ff0f7528530d1f7c674196848.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dc015126841eaa9b1b79ee123e13d7d07ad7fe77f22366b05c480eff59a7a25e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a3a96b9ff0f7528530d1f7c674196848.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 15:00:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1619017370605640"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36032
x-xss-protection: 0
expires: Sat, 24 Apr 2021 15:00:24 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210422/r20110914/client/ Frame 8636 13 KB
5 KB 13ms
7ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210422/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: a3a96b9ff0f7528530d1f7c674196848.safeframe.googlesyndication.com
URL: https://a3a96b9ff0f7528530d1f7c674196848.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

439ab67fa3c312bb442bed574ea79be834dbd92f3bd7d2288b6f3fce4d0afb0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a3a96b9ff0f7528530d1f7c674196848.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 14:59:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 34
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5604
x-xss-protection: 0
server: cafe
etag: 2846967340006788112
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 08 May 2021 14:59:50 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 8636 0
0 20ms
13ms Image
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQOehxdmycCOuclgPsEmZCNovJMWeVWTQmWRUJxieaoh7Yd7H9hUx0BACSWEq3fiCwv39ZOn8vPii04wyL8-BwHhzNwwQ
Requested by: Host: a3a96b9ff0f7528530d1f7c674196848.safeframe.googlesyndication.com
URL: https://a3a96b9ff0f7528530d1f7c674196848.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://a3a96b9ff0f7528530d1f7c674196848.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 pubads_impl_2021042001.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 67FB 301 KB
105 KB 15ms
15ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042001.js?31060870

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

sffe /

Resource Hash

a2aca9aa200ad3e4dd9afcd27fd2bd5b272a5d297e9f85d708394857ca6a1ffe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tmj4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 15:00:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 20 Apr 2021 08:40:14 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 107961
x-xss-protection: 0
expires: Sat, 24 Apr 2021 15:00:24 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 8767 31 KB
9 KB 15ms
14ms Script
text/html 104.111.230.142
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-230-142.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: ed2d993c35cd51826ee304739d91e554bd9faa1b120602fc4b3baa15941a9e35

Request headers

Referer: https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 24 Apr 2021 15:00:24 GMT
Content-Encoding: gzip
Last-Modified: Mon, 19 Apr 2021 20:34:13 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=53895
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9242
Expires: Sun, 25 Apr 2021 05:58:39 GMT

GET
H2 200 self Show response
www.arcgis.com/sharing/rest/portals/ Frame BE7A 13 KB
4 KB 110ms
109ms XHR
application/json 18.234.22.28
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.arcgis.com/sharing/rest/portals/self?culture=en&f=json

Requested by

Host: js.arcgis.com
URL: https://js.arcgis.com/3.36/init.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.234.22.28 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-234-22-28.compute-1.amazonaws.com

Software

Resource Hash

bb1f77a7949856c177544e219d9f2f47dd0c6cda93c36759f1e7479179c1a974

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.arcgis.com/apps/opsdashboard/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Apr 2021 15:00:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
vary: Origin, Accept-Encoding
content-type: application/json;charset=utf-8
cache-control: no-cache
expires: -1

GET
H2 200 moment-timezone-with-data.min-dcc8806ce821c3fb02ff945258c3c7a8.js Show response
www.arcgis.com/apps/opsdashboard/assets/ Frame BE7A 191 KB
24 KB 100ms
100ms Script
application/javascript 18.234.22.28
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.arcgis.com/apps/opsdashboard/assets/moment-timezone-with-data.min-dcc8806ce821c3fb02ff945258c3c7a8.js

Requested by

Host: js.arcgis.com
URL: https://js.arcgis.com/3.36/init.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.234.22.28 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-234-22-28.compute-1.amazonaws.com

Software

AmazonS3 /

Resource Hash

66d9129684c538ab8a65858664448c25cef1052da936b219c879bdeaec9804be

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://www.arcgis.com/apps/opsdashboard/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 15:00:24 GMT
content-encoding: br
last-modified: Tue, 15 Dec 2020 04:44:52 GMT
server: AmazonS3
etag: "a07aef6cd70e1acec892e04682fdd1c9"
strict-transport-security: max-age=63072000
content-type: application/javascript
cache-control: max-age=1800
content-security-policy: upgrade-insecure-requests
link: <https://www.arcgis.com/apps/opsdashboard/assets/moment-timezone-with-data.min-dcc8806ce821c3fb02ff945258c3c7a8.js>; rel="canonical"
content-length: 23707
x-cached: HIT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 8ms
8ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&wf=1&vb=5&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=https%3A%2F%2Fa3a96b9ff0f7528530d1f7c674196848.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&i=CRACKED_SCRIPPS_DFP_PREBID_HEADER1&ud=undefined&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8D4Sq_GVK61%5Dml%22ZzTm!ja8V%22%3BU%5DDTg%7Df%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5tWhX%3C%3Ce%24%26~1%3Axkr%2BUe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3Ft%40yUtKC&th=3321063859&tf=nMzjG---CSa7H-XSSptC-j7VIQD-xFQTS-nMzjG-&vi=111111&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=00&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.tmj4.com%2Fnews%2Fcoronavirus%2Fwisconsins-extended-safer-at-home-order-relaxes-restrictions-on-non-essential-businesses&confidence=2&pcode=crackedscrippsdfpprebidheader262014341684&ql=&qo=0&vf=1&vg=100&bq=11&zMoatpage=-&zMoatpos=above%2C1&zMoatpt=detail%2Ctrue&g=0&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=90&w=728&rm=1&fy=436&gp=1106&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.tmj4.com%2Fnews%2Fcoronavirus%2Fwisconsins-extended-safer-at-home-order-relaxes-restrictions-on-non-essential-businesses&id=1&f=0&j=&t=1619276421514&de=392083320754&rx=927200626535&cu=1619276421514&m=3268&ar=31f9dba90d7-clean&iw=07d6456&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A871043678126&td=1&lk=1106&lb=5496&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A626%3A626%3A0%3A649&as=0&ag=122&an=0&gf=122&gg=0&ix=122&ic=122&ez=1&aj=1&pg=100&pf=0&ib=1&cc=0&bw=122&bx=0&dj=1&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=244&cd=0&ah=244&am=0&rf=0&re=0&wb=1&cl=0&at=0&d=16839141%3A237842901%3A5250393788%3A138298488418&gw=crackedscrippsdfpprebidheader262014341684&zMoatAdUnit1=ssp.tmj4&zMoatAdUnit2=inview-bottom&hv=findIframeAds&ab=2&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&tc=0&fs=180167&na=72132769&cs=0
Requested by: Host: www.tmj4.com
URL: https://www.tmj4.com/news/coronavirus/wisconsins-extended-safer-at-home-order-relaxes-restrictions-on-non-essential-businesses
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.tmj4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Apr 2021 15:00:24 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Sat, 24 Apr 2021 15:00:24 GMT

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame 8767 284 B
536 B 33ms
9ms Image
image/jpg 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 284
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
Content-Type: image/jpg

GET
H2 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame E334 143 B
229 B 6ms
6ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: a3a96b9ff0f7528530d1f7c674196848.safeframe.googlesyndication.com
URL: https://a3a96b9ff0f7528530d1f7c674196848.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://a3a96b9ff0f7528530d1f7c674196848.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUkvCe6hKYHcvQYHQGdTBhk2HoGsXlp7j6gdeiV4GC1MV6pFSZUp58FqzHyR9rA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://a3a96b9ff0f7528530d1f7c674196848.safeframe.googlesyndication.com/

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Sat, 24 Apr 2021 14:29:19 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 1865
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 8636 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: feee625a1b242ce73bd7975c46680fe7d6d8c99dc5b5fb6e79289ba76b16e951

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame 67FB 107 B
313 B 15ms
15ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.tmj4.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042001.js?31060870

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tmj4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 24 Apr 2021 15:00:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 67FB 107 B
313 B 16ms
15ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.tmj4.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042001.js?31060870

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tmj4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 24 Apr 2021 15:00:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 67FB 8 KB
4 KB 49ms
48ms XHR
text/plain 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2445690610777572&correlator=2435935652532754&output=ldjh&impl=fifs&eid=31060790%2C31060870&vrg=2021042001&ptt=17&sc=1&sfv=1-0-38&ecs=20210424&iu_parts=133810016%2CCompanion_units%2Cscripps-8766-cnsmbl-container-300x250-ads-dr-d-companion&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250&cookie=ID%3D0d6c568d3f89d7ba%3AT%3D1619276423%3AS%3DALNI_ManKb9IT54_KgFnf7rHjv96BWYopg&cdm=www.tmj4.com&bc=31&abxe=1&lmt=1619276424&dt=1619276424863&dlt=1619276424470&idt=373&ea=0&frm=23&biw=1600&bih=1200&isw=970&ish=250&oid=3&adxs=985&adys=234&adks=1279007740&ucis=7nklzn1b0qxa&ifi=1&ifk=7705708&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=2&url=https%3A%2F%2Fwww.tmj4.com%2Fnews%2Fcoronavirus%2Fwisconsins-extended-safer-at-home-order-relaxes-restrictions-on-non-essential-businesses&top=https%3A%2F%2Fwww.tmj4.com%2Fnews%2Fcoronavirus%2Fwisconsins-extended-safer-at-home-order-relaxes-restrictions-on-non-essential-businesses&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x250&msz=300x-1&ga_vid=1406672544.1619276425&ga_sid=1619276425&ga_hid=680682734&ga_fc=false&fws=260&ohw=300&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042001.js?31060870

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

e1bab2ab548e40960a1eba6b5121eb4d45c24ba1a89d92044fb49d1284649f35

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tmj4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 15:00:24 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4237
x-xss-protection: 0
google-lineitem-id: 5345365560
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138308527878
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.tmj4.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
fc66110c3fcd50b272fa32068622ef60.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 67FB 0
0 67ms
51ms Other
text/html 2a00:1450:400d:804::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://fc66110c3fcd50b272fa32068622ef60.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042001.js?31060870
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400d:804::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.tmj4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 container.html
tpc.googlesyndication.com/safeframe/1-0-38/html/ Frame 67FB 0
0 8ms
6ms Other
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042001.js?31060870
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.tmj4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 adunit.js Show response
services.brid.tv/player/build/plugins/ Frame 67FB 30 B
422 B 14ms
14ms Script
application/javascript 13.224.95.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://services.brid.tv/player/build/plugins/adunit.js
Requested by: Host: services.brid.tv
URL: https://services.brid.tv/player/build/brid.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.95.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-95-17.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9c25c4e240bd28a308851f487711c88680072496bf9865fb73a258dff5ca3fd9

Request headers

Referer: https://www.tmj4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 01:01:01 GMT
content-encoding: gzip
last-modified: Wed, 06 Jun 2018 07:10:50 GMT
server: AmazonS3
age: 50364
etag: "00472f99064e3d4328bd208da8c0b958"
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 e96895e7fdc48b58a3d95d2e8e23a8b0.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-length: 50
x-amz-cf-id: mJ9c4UKEDKK7x_QdgyxaSpxYuxsoB1gwpDXd_CisKHHIvNMmDrWr9A==

GET
H2 200 consumable.min.js Show response
services.brid.tv/custom/ Frame 67FB 2 KB
2 KB 14ms
14ms Script
application/javascript 13.224.95.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://services.brid.tv/custom/consumable.min.js
Requested by: Host: yummy.consumable.com
URL: https://yummy.consumable.com/8580/cnsmbl-video-970x250/widget/unit.js?cb=1619276424015
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.95.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-95-17.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c41dae510b615df483a29bd00ef9d1224409a7dd96990f85bb78818335b0a475

Request headers

Referer: https://www.tmj4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 06:58:04 GMT
via: 1.1 e96895e7fdc48b58a3d95d2e8e23a8b0.cloudfront.net (CloudFront)
last-modified: Tue, 22 Oct 2019 10:36:41 GMT
server: AmazonS3
age: 29098
etag: "c1784798a0773aaeaf0b091994cd25bb"
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-length: 1923
x-amz-cf-id: kHIsjdzwIDU21Ijpn3JgkH8Mcj_e7rSeECm33-khCqmc3NDXulOPNQ==

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 8ms
7ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&wf=1&vb=5&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=https%3A%2F%2Fa3a96b9ff0f7528530d1f7c674196848.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&i=CRACKED_SCRIPPS_DFP_PREBID_HEADER1&ud=undefined&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8D4Sq_GVK61%5Dml%22ZzTm!ja8V%22%3BU%5DDTg%7Df%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5tWhX%3C%3Ce%24%26~1%3Axkr%2BUe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3Ft%40yUtKC&th=3321063859&tf=nMzjG---CSa7H-XSSptC-j7VIQD-xFQTS-nMzjG-&vi=111111&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=00&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.tmj4.com%2Fnews%2Fcoronavirus%2Fwisconsins-extended-safer-at-home-order-relaxes-restrictions-on-non-essential-businesses&confidence=2&pcode=crackedscrippsdfpprebidheader262014341684&ql=&qo=0&vf=1&vg=100&bq=11&zMoatpage=-&zMoatpos=above%2C1&zMoatpt=detail%2Ctrue&g=0&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=600&w=300&rm=1&fy=975&gp=1841.921875&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.tmj4.com%2Fnews%2Fcoronavirus%2Fwisconsins-extended-safer-at-home-order-relaxes-restrictions-on-non-essential-businesses&id=1&f=0&j=&t=1619276421514&de=348010815284&rx=927200626535&cu=1619276421514&m=3276&ar=31f9dba90d7-clean&iw=07d6456&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A871043678126&td=1&lk=1841.921875&lb=5496&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=0&vx=0%3A-%3A-&pe=1%3A626%3A626%3A0%3A649&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&im=0&in=0&pd=0&em=0&en=0&st=0&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5&cd=0&ah=5&am=0&rf=0&re=0&wb=1&cl=0&at=0&d=16839141%3A237842901%3A2053316181%3A115751243541&gw=crackedscrippsdfpprebidheader262014341684&zMoatAdUnit1=ssp.tmj4&zMoatAdUnit2=news&hv=findIframeAds&ab=2&ac=1&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=3%3A-&tc=0&fs=180167&na=42117645&cs=0
Requested by: Host: www.tmj4.com
URL: https://www.tmj4.com/news/coronavirus/wisconsins-extended-safer-at-home-order-relaxes-restrictions-on-non-essential-businesses
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.tmj4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Apr 2021 15:00:24 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Sat, 24 Apr 2021 15:00:24 GMT

GET
H2 200 85320e2ea5424dfaaa75ae62e5c06e61 Show response
www.arcgis.com/sharing/rest/content/items/ Frame BE7A 4 KB
2 KB 111ms
110ms XHR
application/json 18.234.22.28
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.arcgis.com/sharing/rest/content/items/85320e2ea5424dfaaa75ae62e5c06e61?f=json

Requested by

Host: js.arcgis.com
URL: https://js.arcgis.com/3.36/init.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.234.22.28 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-234-22-28.compute-1.amazonaws.com

Software

Resource Hash

a3a60115c0a956f7e4f055fb68d33ff9aa7be49ade323429e445e47cf3e8e874

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.arcgis.com/apps/opsdashboard/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Apr 2021 15:00:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
vary: Origin, Accept-Encoding
content-type: application/json;charset=utf-8
cache-control: no-cache
expires: -1

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 982A 0
0 44ms
43ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssvPAnXEamUIGm7U4gbD9kGRgT9FuKzxLc65eJ5nf7XGqFGC1kcNrjHu6Q6p0cJiepXvl6hGMtCpqkpKLIqD67EpatTq06d0DwdXDezZx5qGfsHgRi4bT-zoHRDvE3gaGz9jOce57b3MxNx4AAjdvRI_DZDIlvJG43ayP7nWTIfF-SrCnX3pugkoFzlB5VhevrEJ1Ae9HGRBWnd1vqT8e_TJg39usUCdxqwGPcEHBPZvmKSh_tzrLY8JLiWLfgaFkGJ2bajg70qkCymV93vioQGgmjPLc_aFPGnwH5Bio1f942TF5_BWeN7Bp9ItVepNiDL6YgnYX25_qD2LHgBle1WcyS6BvvN3GFXlUjsx4f4MqMfcQ5pRDlEEtM&sig=Cg0ArKJSzHjQtEg94tBSEAE&urlfix=1&adurl=

Requested by

Host: www.tmj4.com
URL: https://www.tmj4.com/news/coronavirus/wisconsins-extended-safer-at-home-order-relaxes-restrictions-on-non-essential-businesses

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tmj4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 24 Apr 2021 15:00:24 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 unit.js Show response
yummy.consumable.com/8766/cnsmbl-container-300x250-ads/widget/ Frame 982A 12 KB
4 KB 414ms
413ms Script
application/javascript 13.33.139.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yummy.consumable.com/8766/cnsmbl-container-300x250-ads/widget/unit.js?cb=1619276424973
Requested by: Host: www.tmj4.com
URL: https://www.tmj4.com/news/coronavirus/wisconsins-extended-safer-at-home-order-relaxes-restrictions-on-non-essential-businesses
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.139.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-139-93.cph50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6fdfbb21f12a4e5f7f13435ba02d698426da4b51c2eddca3f98e7ce0cb4b481e

Request headers

Referer: https://www.tmj4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 15:00:26 GMT
content-encoding: gzip
last-modified: Tue, 03 Nov 2020 23:01:02 GMT
server: AmazonS3
x-amz-cf-pop: CPH50-C2
etag: W/"495e67aa4c6f3d5ba8107bfbc24a0dd1"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
via: 1.1 c77c2d645cbeae90b436c4ed3b9c4718.cloudfront.net (CloudFront)
x-amz-cf-id: 24m7trg1Ne7TSnW_hvZDRabfr_nioyGlDZAra-_9LNibql4Z2g4edQ==

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 982A 116 KB
35 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042001.js?31060870

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dc015126841eaa9b1b79ee123e13d7d07ad7fe77f22366b05c480eff59a7a25e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tmj4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 15:00:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1619017370605640"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36032
x-xss-protection: 0
expires: Sat, 24 Apr 2021 15:00:24 GMT

GET
H3-29 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 67FB 73 KB
28 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042001.js?31060870

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4956137c69656045c048a157aaa84859657bbc7744019d26cce6b5bded84cc49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tmj4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 15:00:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1619017352525402"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28270
x-xss-protection: 0
expires: Sat, 24 Apr 2021 15:00:24 GMT

GET
H2 200 moatvideo.js Show response
z.moatads.com/scrippsjsimavideo263172958560/ Frame AF08 305 KB
102 KB 10ms
10ms Script
application/x-javascript 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/scrippsjsimavideo263172958560/moatvideo.js
Requested by: Host: assets.scrippsdigital.com
URL: https://assets.scrippsdigital.com/cms/js/ScrippsEmbeddedVideoIframe.js?v=09102020
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 6f7f3ffd0d077621d4235bf26ca7af9d6f88316a5b172008612db7bc42abd9da

Request headers

Referer: https://assets.scrippsdigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 15:00:24 GMT
content-encoding: gzip
last-modified: Mon, 22 Mar 2021 15:31:50 GMT
server: AmazonS3
x-amz-request-id: AVZFANFETXD28NE8
etag: "62ec6b0d6f07b843b5df88c4c3f90de3"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=24910
accept-ranges: bytes
content-length: 104332
x-amz-id-2: mQ5ANBKZDAgnz4GjuTVSfuL1Yt6qC+UP7zUoZxR5i5SMNVyKcvqRbFffbuV8/kUXVZBgMGAHwuI=

GET
H2 200 77caabd3-1877-4634-85c8-8e398a093b99.woff2
www.arcgis.com/apps/opsdashboard/assets/fonts/ Frame BE7A 21 KB
21 KB 100ms
100ms Font
binary/octet-stream 18.234.22.28
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.arcgis.com/apps/opsdashboard/assets/fonts/77caabd3-1877-4634-85c8-8e398a093b99.woff2

Requested by

Host: www.arcgis.com
URL: https://www.arcgis.com/apps/opsdashboard/assets/app-light-5ed0e2bb193abeae6bc320ed581e8a3a.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.234.22.28 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-234-22-28.compute-1.amazonaws.com

Software

AmazonS3 /

Resource Hash

3ec4bde6c46b80e7b398a379cbd8ea5170a6eae708a6978bd90e065da28f6acd

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000

Request headers

Origin: https://www.arcgis.com
Referer: https://www.arcgis.com/apps/opsdashboard/assets/app-light-5ed0e2bb193abeae6bc320ed581e8a3a.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 15:00:25 GMT
content-encoding: br
last-modified: Tue, 15 Dec 2020 04:44:51 GMT
server: AmazonS3
etag: "261abf29190ff067c5f4852838e8999b"
strict-transport-security: max-age=63072000
content-type: binary/octet-stream
cache-control: max-age=1800
content-security-policy: upgrade-insecure-requests
link: <https://www.arcgis.com/apps/opsdashboard/assets/fonts/77caabd3-1877-4634-85c8-8e398a093b99.woff2>; rel="canonical"
content-length: 21133
x-cached: HIT

GET
H2 200 iframe.js Show response
yummy.consumable.com/8580/cnsmbl-video-970x250/widget/ Frame 67FB 384 KB
120 KB 102ms
102ms Script
application/javascript 13.33.139.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yummy.consumable.com/8580/cnsmbl-video-970x250/widget/iframe.js?cb=1619276425053
Requested by: Host: yummy.consumable.com
URL: https://yummy.consumable.com/8580/cnsmbl-video-970x250/widget/unit.js?cb=1619276424015
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.139.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-139-93.cph50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 31aff64d0957bacb78a34911b9e8318b0c6d506429ee72bf7d07ae06e691a5d3

Request headers

Referer: https://www.tmj4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 15:00:25 GMT
content-encoding: gzip
last-modified: Mon, 07 Dec 2020 20:18:00 GMT
server: AmazonS3
x-amz-cf-pop: CPH50-C2
etag: W/"d375c4ca9f74c88d3e472a52a920d8e7"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 c77c2d645cbeae90b436c4ed3b9c4718.cloudfront.net (CloudFront)
x-amz-cf-id: RT2LO4KyV5sinuLgmq2--OOktQAI3jIvPmZ2ioD8rP6EhBQggIasYA==

GET
H2 200 data Show response
www.arcgis.com/sharing/rest/content/items/85320e2ea5424dfaaa75ae62e5c06e61/ Frame BE7A 31 KB
8 KB 139ms
138ms XHR
application/json 18.234.22.28
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.arcgis.com/sharing/rest/content/items/85320e2ea5424dfaaa75ae62e5c06e61/data?f=json

Requested by

Host: js.arcgis.com
URL: https://js.arcgis.com/3.36/init.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.234.22.28 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-234-22-28.compute-1.amazonaws.com

Software

Resource Hash

6cf1262a19d2b967ecb23844b10de44183efed7d65f4cde264bba58f9d76aee0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.arcgis.com/apps/opsdashboard/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 15:00:25 GMT
cache-control: max-age=0, must-revalidate
x-content-type-options: nosniff
content-encoding: gzip
etag: 177e5f4f908--gzip
vary: Origin, Accept-Encoding
content-type: application/json;charset=utf-8

GET
DATA 200
OK truncated
/ Frame 982A 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5b3e74a2e1217bd2ab20d14acf9b782888defde38b9f389eef9b2eaa343a8943

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 5942 21 KB
4 KB 273ms
271ms XHR
text/xml 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?slotname=%2F6088%2Fssp.tmj4%2Fnews%2Fcoronavirus%2Fdetail&sz=1x1000&ciu_szs=300x250&cust_params=fname%3Dwisconsins-extended-safer-at-home-order-relaxes-restrictions-on-non-essential-businesses%26categories%3Dhomepage-showcase%2Clocal-news%2Ccoronavirus%26refdomain%3Dtmj4.com%26iframed%3D0%26kw%3Dnew%20guidelines%2Ccoronavirus%20milwaukee%20county%2Cextension%2CLocal%20business%2CMay%2026%2Cwhat%20places%20in%20wisconsin%20have%20coronavirus%2Cmilwaukee%20coronavirus%2Cbegins%2Crestaurants%20still%20open%26pxconfig%3Dweb-vod%26bidders%3Dpublica&url=https%3A%2F%2Fwww.tmj4.com%2F&unviewed_position_start=1&env=vp&gdfp_req=1&ad_rule=0&output=xml_vast4&video_url_to_fetch=https%3A%2F%2Fwww.tmj4.com%2F&vad_type=linear&vpos=preroll&pod=1&vrid=621&min_ad_duration=0&max_ad_duration=60000&ppos=1&lip=true&ord=295257473256480300&kfa=0&tfcd=0&vpa=click&sdkv=h.3.453.0&osd=2&frm=2&vis=1&sdr=1&hl=en&afvsz=450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&u_so=l&ctv=0&mpt=videojs-ima&mpv=0.2.0&sdki=44d&adk=2531432181&sdk_apis=2%2C8&media_url=blob%3Ahttps%253a%2F%2Fassets.scrippsdigital.com%2Fb055080f-f668-4864-b20f-328ccd9ce057&sid=D8333FB1-274A-4457-B323-88433DDEC6DE&eid=44739826&ref=https%3A%2F%2Fwww.tmj4.com%2F&dt=1619276425079&correlator=1725819793083755&scor=546384902412858&ged=ve4_td3_tt2_pd3_la3000_er0.0.343.610_vi0.0.343.610_vp100_ts1_eb24427

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.453.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

42bb514bb04613d9030f75bfb054a6f3966d8119efcdfa29b04dc7025c52eff9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 15:00:25 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3876
x-xss-protection: 0
google-lineitem-id: 5578383560
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138345476649
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame E334
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

15ms
14ms

Document
text/html

2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Host: a3a96b9ff0f7528530d1f7c674196848.safeframe.googlesyndication.com
URL: https://a3a96b9ff0f7528530d1f7c674196848.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUkvCe6hKYHcvQYHQGdTBhk2HoGsXlp7j6gdeiV4GC1MV6pFSZUp58FqzHyR9rA; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sat, 24 Apr 2021 15:00:25 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Sat, 24-Apr-2021 16:00:25 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 24 Apr 2021 15:00:25 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sat, 24 Apr 2021 15:00:25 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 61d52e06bdd9490b96ce363f236cb4b1 Show response
www.arcgis.com/sharing/rest/content/items/ Frame BE7A 4 KB
2 KB 108ms
108ms XHR
application/json 18.234.22.28
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.arcgis.com/sharing/rest/content/items/61d52e06bdd9490b96ce363f236cb4b1?f=json

Requested by

Host: js.arcgis.com
URL: https://js.arcgis.com/3.36/init.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.234.22.28 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-234-22-28.compute-1.amazonaws.com

Software

Resource Hash

d7d78c0fb9b8a3d5842a5a0736087e50ceec2b16df8560eaff3d555536e694b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.arcgis.com/apps/opsdashboard/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Apr 2021 15:00:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
vary: Origin, Accept-Encoding
content-type: application/json;charset=utf-8
cache-control: no-cache
expires: -1

GET
H2 200 app-dark-ef3d57d5cd2caa1fef4ca4eef9d58c2f.css
www.arcgis.com/apps/opsdashboard/assets/ Frame BE7A 271 KB
31 KB 100ms
100ms Stylesheet
text/css 18.234.22.28
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.arcgis.com/apps/opsdashboard/assets/app-dark-ef3d57d5cd2caa1fef4ca4eef9d58c2f.css

Requested by

Host: www.arcgis.com
URL: https://www.arcgis.com/apps/opsdashboard/assets/nickel-d2e45f9de52e8c2b16506d4623d2a2d3.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.234.22.28 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-234-22-28.compute-1.amazonaws.com

Software

AmazonS3 /

Resource Hash

7cbfe713206ec62f1c478c977ed4add0cf42432cc54a9c90204b05cb9880c6be

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://www.arcgis.com/apps/opsdashboard/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 15:00:25 GMT
content-encoding: br
last-modified: Tue, 15 Dec 2020 04:44:30 GMT
server: AmazonS3
etag: "8a89bd943480f8e2b08ededb405e31b8"
strict-transport-security: max-age=63072000
content-type: text/css
cache-control: max-age=1800
content-security-policy: upgrade-insecure-requests
link: <https://www.arcgis.com/apps/opsdashboard/assets/app-dark-ef3d57d5cd2caa1fef4ca4eef9d58c2f.css>; rel="canonical"
content-length: 31348
x-cached: HIT

GET
H2 200 014f2daa-c310-4a36-b9fd-79a8e0c48d44.woff2
www.arcgis.com/apps/opsdashboard/assets/fonts/ Frame BE7A 22 KB
23 KB 105ms
104ms Font
binary/octet-stream 18.234.22.28
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.arcgis.com/apps/opsdashboard/assets/fonts/014f2daa-c310-4a36-b9fd-79a8e0c48d44.woff2

Requested by

Host: www.arcgis.com
URL: https://www.arcgis.com/apps/opsdashboard/assets/app-light-5ed0e2bb193abeae6bc320ed581e8a3a.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.234.22.28 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-234-22-28.compute-1.amazonaws.com

Software

AmazonS3 /

Resource Hash

a3fec784d48cbf7e416468ce0f949a2844bd3baed82555b0381b18f6c8258de6

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000

Request headers

Origin: https://www.arcgis.com
Referer: https://www.arcgis.com/apps/opsdashboard/assets/app-light-5ed0e2bb193abeae6bc320ed581e8a3a.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 15:00:25 GMT
content-encoding: br
last-modified: Tue, 15 Dec 2020 04:44:51 GMT
server: AmazonS3
etag: "318810f79acc3ccf026bb69a8e13a356"
strict-transport-security: max-age=63072000
content-type: binary/octet-stream
cache-control: max-age=1800
content-security-policy: upgrade-insecure-requests
link: <https://www.arcgis.com/apps/opsdashboard/assets/fonts/014f2daa-c310-4a36-b9fd-79a8e0c48d44.woff2>; rel="canonical"
content-length: 22719
x-cached: HIT

GET
H2 200 e78b17bb-11fb-4860-8d66-4ee0d0c1e117.woff2
www.arcgis.com/apps/opsdashboard/assets/fonts/ Frame BE7A 21 KB
22 KB 107ms
106ms Font
binary/octet-stream 18.234.22.28
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.arcgis.com/apps/opsdashboard/assets/fonts/e78b17bb-11fb-4860-8d66-4ee0d0c1e117.woff2

Requested by

Host: www.arcgis.com
URL: https://www.arcgis.com/apps/opsdashboard/assets/app-light-5ed0e2bb193abeae6bc320ed581e8a3a.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.234.22.28 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-234-22-28.compute-1.amazonaws.com

Software

AmazonS3 /

Resource Hash

f5b4417af8dcc4ebd49452d0d5fa39617038d9b4f790a73f56c57fc4ea20479f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000

Request headers

Origin: https://www.arcgis.com
Referer: https://www.arcgis.com/apps/opsdashboard/assets/app-light-5ed0e2bb193abeae6bc320ed581e8a3a.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 15:00:25 GMT
content-encoding: br
last-modified: Tue, 15 Dec 2020 04:44:51 GMT
server: AmazonS3
etag: "def67b06fc5e4f3668d411c7446083a8"
strict-transport-security: max-age=63072000
content-type: binary/octet-stream
cache-control: max-age=1800
content-security-policy: upgrade-insecure-requests
link: <https://www.arcgis.com/apps/opsdashboard/assets/fonts/e78b17bb-11fb-4860-8d66-4ee0d0c1e117.woff2>; rel="canonical"
content-length: 21723
x-cached: HIT

GET
H2 200 sprite-24-f.svg Show response
www.arcgis.com/apps/opsdashboard/assets/icons/ Frame BE7A 145 KB
42 KB 103ms
102ms XHR
image/svg+xml 18.234.22.28
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.arcgis.com/apps/opsdashboard/assets/icons/sprite-24-f.svg

Requested by

Host: www.arcgis.com
URL: https://www.arcgis.com/apps/opsdashboard/assets/vendor-943b856b3076fb466965281d4a24dd85.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.234.22.28 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-234-22-28.compute-1.amazonaws.com

Software

AmazonS3 /

Resource Hash

50dd5a07651886a6e0027d5dcec0147e9df2a41cb5771471c6a932391197ac4f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://www.arcgis.com/apps/opsdashboard/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 15:00:25 GMT
content-encoding: br
last-modified: Tue, 15 Dec 2020 04:44:51 GMT
server: AmazonS3
etag: "1df5aa0244b8e43cd992b6965e1b660b"
strict-transport-security: max-age=63072000
content-type: image/svg+xml
cache-control: max-age=1800
content-security-policy: upgrade-insecure-requests
link: <https://www.arcgis.com/apps/opsdashboard/assets/icons/sprite-24-f.svg>; rel="canonical"
content-length: 42685
x-cached: HIT

GET
H2 200 sprite-32.svg Show response
www.arcgis.com/apps/opsdashboard/assets/icons/ Frame BE7A 202 KB
60 KB 100ms
100ms XHR
image/svg+xml 18.234.22.28
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.arcgis.com/apps/opsdashboard/assets/icons/sprite-32.svg

Requested by

Host: www.arcgis.com
URL: https://www.arcgis.com/apps/opsdashboard/assets/vendor-943b856b3076fb466965281d4a24dd85.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.234.22.28 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-234-22-28.compute-1.amazonaws.com

Software

AmazonS3 /

Resource Hash

87f374ab0ef1c198a3b73eef085f657229f000c92b71a2161c17c99c00a5b2d3

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://www.arcgis.com/apps/opsdashboard/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 15:00:25 GMT
content-encoding: br
last-modified: Tue, 15 Dec 2020 04:44:51 GMT
server: AmazonS3
etag: "7b5dcb414f4019ca20612dafcd49ed6c"
strict-transport-security: max-age=63072000
content-type: image/svg+xml
cache-control: max-age=1800
content-security-policy: upgrade-insecure-requests
link: <https://www.arcgis.com/apps/opsdashboard/assets/icons/sprite-32.svg>; rel="canonical"
content-length: 61144
x-cached: HIT

GET
H2 200 calcite-ui.woff
www.arcgis.com/apps/opsdashboard/assets/fonts/ Frame BE7A 18 KB
18 KB 100ms
100ms Font
application/font-woff 18.234.22.28
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.arcgis.com/apps/opsdashboard/assets/fonts/calcite-ui.woff

Requested by

Host: www.arcgis.com
URL: https://www.arcgis.com/apps/opsdashboard/assets/app-light-5ed0e2bb193abeae6bc320ed581e8a3a.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.234.22.28 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-234-22-28.compute-1.amazonaws.com

Software

AmazonS3 /

Resource Hash

c1e944d81c3fcc3f5bd4615878e0d352050ae7fcf9c5d3d4aed7e42b22f1602d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000

Request headers

Origin: https://www.arcgis.com
Referer: https://www.arcgis.com/apps/opsdashboard/assets/app-light-5ed0e2bb193abeae6bc320ed581e8a3a.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 15:00:25 GMT
content-encoding: br
last-modified: Tue, 15 Dec 2020 04:44:51 GMT
server: AmazonS3
etag: "e516dae4f8d2a23d0e94eab64b5996ea"
strict-transport-security: max-age=63072000
content-type: application/font-woff
cache-control: max-age=0
content-security-policy: upgrade-insecure-requests
link: <https://www.arcgis.com/apps/opsdashboard/assets/fonts/calcite-ui.woff>; rel="canonical"
content-length: 18101
x-cached: HIT

GET
H2 200 sprite-16.svg Show response
www.arcgis.com/apps/opsdashboard/assets/icons/ Frame BE7A 158 KB
45 KB 105ms
104ms XHR
image/svg+xml 18.234.22.28
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.arcgis.com/apps/opsdashboard/assets/icons/sprite-16.svg

Requested by

Host: www.arcgis.com
URL: https://www.arcgis.com/apps/opsdashboard/assets/vendor-943b856b3076fb466965281d4a24dd85.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.234.22.28 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-234-22-28.compute-1.amazonaws.com

Software

AmazonS3 /

Resource Hash

eb80cda151300becfb31b173348efd745a3adbdffe5c8032472bfaf42da0ce3e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://www.arcgis.com/apps/opsdashboard/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 15:00:25 GMT
content-encoding: br
last-modified: Tue, 15 Dec 2020 04:44:51 GMT
server: AmazonS3
etag: "77ff063305b009c7c26a59b862dabadd"
strict-transport-security: max-age=63072000
content-type: image/svg+xml
cache-control: max-age=1800
content-security-policy: upgrade-insecure-requests
link: <https://www.arcgis.com/apps/opsdashboard/assets/icons/sprite-16.svg>; rel="canonical"
content-length: 46159
x-cached: HIT

POST
H2 204 csi
csi.gstatic.com/ Frame 5942 0
54 B 1022ms
374ms Ping
image/gif 2404:6800:4003:c04::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~knvvdgwm&c=8626685582984&slotId=4313342791492&qqid=CML68eCSl_ACFcnJuwgdASAEFA&gqid=iTKEYL7JBaaV7_UPm-6LsAU&fb=ima-html5&sdkv=h.3.453.0&ppt=videojs-ima&ppv=0.2.0&mrd=4&aab=1&itv=1&eee=missing-element&bi=missing-id&vmfc=13&vhc=0&ghmsh_eids=44739826
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.453.0_en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4003:c04::5e Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 24 Apr 2021 15:00:26 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 5942 0
23 B 42ms
42ms Image
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssLXFOjLOrZ9RjZwmV0fM1Z4qsVW-auKvpgFyp41PvBvACd9XsE7GI7qlf65Y0wgfb4Cff9SnPnDcUmnBhosm7vwkRaehErBiULpr0KKGTEIOuO_-vfI-9cSZWXg3ikqqsHo1D8d2AT4OT0e5vGPjHJt4tbj7lR52eax8rO2ha9UIAkswOVRbXJhdIfIlFjaUR5mw0i2rjglT8Z-pzVl35TJ8xBC1NByH6fV8U1IU7caPKMDOUsFeyMWEZRwzvX_uB3uO4F8rhqkNzMoM8tvDyG8XcWDdt-khuP_iixpL8nKHKoLb0Pi2Wmz1wuKZ9J6jDOfMk&sig=Cg0ArKJSzM0FSD0xbC6JEAE&sdkv=h.3.453.0&vci=CmsIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgRHREZQIAQqCjU1NzgzODM1NjAyDDEzODM0NTQ3NjY0OUDBBFIoCPIFEBIlAABwQSgBOgtKQVJJWkZTQUI0SUILZ29vZ2xldmlkZW9QABgB&adurl=

Requested by

Host: www.tmj4.com
URL: https://www.tmj4.com/news/coronavirus/wisconsins-extended-safer-at-home-order-relaxes-restrictions-on-non-essential-businesses

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 24 Apr 2021 15:00:25 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 data Show response
www.arcgis.com/sharing/rest/content/items/61d52e06bdd9490b96ce363f236cb4b1/ Frame BE7A 21 KB
3 KB 101ms
99ms XHR
text/plain 18.234.22.28
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.arcgis.com/sharing/rest/content/items/61d52e06bdd9490b96ce363f236cb4b1/data?f=json
Requested by: Host: js.arcgis.com
URL: https://js.arcgis.com/3.36/init.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.234.22.28 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-234-22-28.compute-1.amazonaws.com
Software: /
Resource Hash: b80338b26c59f20fe38b2014103851d8cad136d21f286a9950ef39b955950f00

Request headers

Referer: https://www.arcgis.com/apps/opsdashboard/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 15:00:25 GMT
content-encoding: gzip
cache-control: max-age=300
etag: 1761a03db08--gzip
vary: Origin,Accept-Encoding
x-cached: HIT
content-type: text/plain;charset=utf-8

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 8ms
8ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=0&hp=1&wf=1&vb=5&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=CRACKED_SCRIPPS_DFP_PREBID_HEADER1&ud=undefined&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8D4Sq_GVK61%5Dml%22ZzTm!ja8V%22%3BU%5DDTg%7Df%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5tWhX%3C%3Ce%24%26~1%3Axkr%2BUe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3Ft%40yUtKC&th=3321063859&tf=nMzjG---CSa7H-XSSptC-j7VIQD-xFQTS-nMzjG-&vi=111111&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=00&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.tmj4.com%2Fnews%2Fcoronavirus%2Fwisconsins-extended-safer-at-home-order-relaxes-restrictions-on-non-essential-businesses&confidence=2&pcode=crackedscrippsdfpprebidheader262014341684&ql=&qo=0&vf=1&vg=100&bq=11&zMoatpage=-&zMoatpos=above%2C1&zMoatpt=detail%2Ctrue&g=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=90&w=728&rm=1&fy=436&gp=1106&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.tmj4.com%2Fnews%2Fcoronavirus%2Fwisconsins-extended-safer-at-home-order-relaxes-restrictions-on-non-essential-businesses&id=1&f=0&j=&t=1619276421514&de=392083320754&rx=927200626535&cu=1619276421514&m=4187&ar=31f9dba90d7-clean&iw=07d6456&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A871043678126&td=1&lk=1106&lb=5496&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A626%3A626%3A0%3A649&as=1&ag=1048&an=122&gi=1&gf=1048&gg=122&ix=1048&ic=1048&ez=1&ck=1048&kw=504&aj=1&pg=100&pf=100&ib=1&cc=1&bw=1048&bx=122&ci=1048&jz=504&dj=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=504&cd=244&ah=504&am=244&rf=0&re=0&wb=1&cl=0&at=0&d=16839141%3A237842901%3A5250393788%3A138298488418&gw=crackedscrippsdfpprebidheader262014341684&zMoatAdUnit1=ssp.tmj4&zMoatAdUnit2=inview-bottom&hv=findIframeAds&ab=2&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&tc=0&fs=180167&na=810951554&cs=0
Requested by: Host: www.tmj4.com
URL: https://www.tmj4.com/news/coronavirus/wisconsins-extended-safer-at-home-order-relaxes-restrictions-on-non-essential-businesses
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.tmj4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Apr 2021 15:00:25 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Sat, 24 Apr 2021 15:00:25 GMT

GET
H2 200 pixel.gif
px.moatads.com/ Frame AF08 43 B
260 B 9ms
8ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=SCRIPPSJSIMAINT1&hp=1&pxm=7&vz=-&zp=4&vb=-1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&bq=8&f=1&nh=1&j=https%3A%2F%2Fwww.tmj4.com&lp=https%3A%2F%2Fwww.tmj4.com&t=1619276425098&de=960360889283&m=0&ar=e4967b0-clean&iw=a9fcec9&q=1&cb=0&ym=0&cu=1619276425098&ll=2&lm=1&ln=1&r=0&em=0&en=0&d=-%3A-%3A5578383560%3A138345476649&zGSRC=1&gu=https%3A%2F%2Fwww.tmj4.com%2F&id=0&ii=3&dfp=0%2C1&la=5578383560&zMoatPL=tmj4.com&zMoatPL2=tmj4.com&bo=tmj4.com&bd=tmj4.com&zMoatOrigSlicer1=__SLICER1__&zMoatOrigSlicer2=__SLICER2__&gw=scrippsjsimavideo263172958560&fd=1&ac=1&it=500&ti=0&ih=1&pe=0%3A880%3A880%3A835%3A831&fs=189983&na=1519508612&cs=0
Requested by: Host: www.tmj4.com
URL: https://www.tmj4.com/news/coronavirus/wisconsins-extended-safer-at-home-order-relaxes-restrictions-on-non-essential-businesses
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://assets.scrippsdigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Apr 2021 15:00:25 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Sat, 24 Apr 2021 15:00:25 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame AF08 0
331 B 925ms
363ms Ping
image/gif 2404:6800:4003:c04::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~knvvdfxr&c=8626685582984&slotId=4313342791492&eee=missing-element&bi=missing-id
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4003:c04::5e Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://assets.scrippsdigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 24 Apr 2021 15:00:26 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK ajk4xlebn4mw Show response
hal9000.redintelligence.net/zone/ Frame AB38 11 KB
4 KB 290ms
13ms Script
text/html 138.201.63.165
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/ajk4xlebn4mw?subid=&gdpr=1&gdpr_consent=BAAAAAAAAAAAAAAAAAluAA%2F%2F%2F%2F%2F%2F%2BABgCeAJ4Ang&rnd=4991949398876919303&extVar[]=DOUBLEBORDER:1&extVar[]=MMA_SSP:adx&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D4991949398876919303%26mt_id%3D6622332%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D71476084-3287-4400-a031-89dc8adc7e71%26mt_cid%3D71476084-3287-4400-a031-89dc8adc7e71%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCVTQThzKEYPOYG-GLx_APvYy58AzPh46bXMCG2YLGAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi04NDE0NjI3MjgwMDU0NTkzyAEJ4AIAqAMBqgTdAk_Q-Wq-l2jZLPqstVPeaM49kd6vmkZwXGqFI5l3i0oIPqwwoz5m9p-fuFo9aCTPk64PuwYuNA7sGMOhC33vlUl3S7SdW84lLyJNwxsaeDilWRJtB7a0utSpT14K23zZovnFzJEodS1rS6t-1X5AM__6oBKA8T-rbTRExEJiUaPCFvvMurs7QjsW5wvZw0z6wwK5PMSq_rxD0iWJ7iVExwAB8uDWPzu6lfGeUnyMgK--x7Lz9nMY8TrxWEU2n5rWKwrgPV2pYBibBOeomHak1v_TUsv6nWaDkzfJLRTFefxgALx-B4AT51OPomR3nUaG6MEQRTYtkaUu6_s8HQNMkvqwsNY_HeezOu3uQelLSinhGYaQB0WXk3Sw79yB3NtFo3lP_-a2qwYl5r58ACOhvI4A9UXdHgmWOXEuY737DsK1QXrIlbodt4Jgs25CSZQ9Aq-ZC6zdbP3q9NnsL2ngBAGABsrr6dDusIOqiQGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB%2526num%253D1%2526sig%253DAOD64_00mdNJqdMyF0PeRuoW6DattXMdNw%2526client%253Dca-pub-8414627280054593%2526adurl%253D%26redirect%3D
Requested by: Host: www.tmj4.com
URL: https://www.tmj4.com/news/coronavirus/wisconsins-extended-safer-at-home-order-relaxes-restrictions-on-non-essential-businesses
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.165 Ketsch, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache /
Resource Hash: 86bfd5c1e5b5313934ddd0b42f334ecb8d2405dba6aedcc9b638a977c26104b4

Request headers

Referer: https://a3a96b9ff0f7528530d1f7c674196848.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 24 Apr 2021 15:00:26 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 3584
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK img
pixel.mathtag.com/event/ Frame AB38 43 B
360 B 3073ms
29ms Image
image/gif 2.18.233.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/event/img?mt_id=1368875&mt_adid=216764&v1=4&v2=4991949398876919303&v3=651871&v4=4562306&v5=6622332&mt_nsync=1&no_attr=1
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvWlRReVltWTNPREl0WVdKa1pDMWtPVFUxTFRBd01EQXRNREF3TURBd01EQXdNREF3LzQ5OTE5NDkzOTg4NzY5MTkzMDMvNjYyMjMzMi80NTYyMzA2LzQvNFpuLThIaXRpQ2tMU1UzckdXNWh5REVBcFpPVlg5cGVRcUJhWTIwc1k4cy8xLzQvMC8wLzk1NjgwMy8xNDAxOTQzMjk2LzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC80OTkxOTQ5Mzk4ODc2OTE5MzAzL2Ftcy8wLzM2MC83MC85OTkvMzIyLzgzLjE0My4yNDUuMC8wLjAwMC8xNjE5Mjc2NDIzLzE2MTkyODkwMjMvNC9wdWItODQxNDYyNzI4MDA1NDU5My8/hhalcizwRRunlNLbEgCHo0Eh0Bg&nodeid=1604&group=eu&auctionid=4991949398876919303&sid=4562306&cid=6622332&bp=a_bjgfgc&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.133.233&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCVTQThzKEYPOYG-GLx_APvYy58AzPh46bXMCG2YLGAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi04NDE0NjI3MjgwMDU0NTkzyAEJ4AIAqAMBqgTdAk_Q-Wq-l2jZLPqstVPeaM49kd6vmkZwXGqFI5l3i0oIPqwwoz5m9p-fuFo9aCTPk64PuwYuNA7sGMOhC33vlUl3S7SdW84lLyJNwxsaeDilWRJtB7a0utSpT14K23zZovnFzJEodS1rS6t-1X5AM__6oBKA8T-rbTRExEJiUaPCFvvMurs7QjsW5wvZw0z6wwK5PMSq_rxD0iWJ7iVExwAB8uDWPzu6lfGeUnyMgK--x7Lz9nMY8TrxWEU2n5rWKwrgPV2pYBibBOeomHak1v_TUsv6nWaDkzfJLRTFefxgALx-B4AT51OPomR3nUaG6MEQRTYtkaUu6_s8HQNMkvqwsNY_HeezOu3uQelLSinhGYaQB0WXk3Sw79yB3NtFo3lP_-a2qwYl5r58ACOhvI4A9UXdHgmWOXEuY737DsK1QXrIlbodt4Jgs25CSZQ9Aq-ZC6zdbP3q9NnsL2ngBAGABsrr6dDusIOqiQGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB%26num%3D1%26sig%3DAOD64_00mdNJqdMyF0PeRuoW6DattXMdNw%26client%3Dca-pub-8414627280054593%26adurl%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-201.deploy.static.akamaitechnologies.com
Software: MT3 3660 495c301 master cdg-pixel-x12 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://a3a96b9ff0f7528530d1f7c674196848.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 24 Apr 2021 15:00:28 GMT
Server: MT3 3660 495c301 master cdg-pixel-x12
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sat, 24 Apr 2021 15:02:02 GMT

GET
H/1.1 200
OK img
tags.mathtag.com/event/ Frame AB38 49 B
330 B 53ms
26ms Image
image/gif 185.29.133.33
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.mathtag.com/event/img?type=mmImpTrack&exch=adx&bid=4991949398876919303&st=4562306&time=1619276425&nodeid=1604
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvWlRReVltWTNPREl0WVdKa1pDMWtPVFUxTFRBd01EQXRNREF3TURBd01EQXdNREF3LzQ5OTE5NDkzOTg4NzY5MTkzMDMvNjYyMjMzMi80NTYyMzA2LzQvNFpuLThIaXRpQ2tMU1UzckdXNWh5REVBcFpPVlg5cGVRcUJhWTIwc1k4cy8xLzQvMC8wLzk1NjgwMy8xNDAxOTQzMjk2LzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC80OTkxOTQ5Mzk4ODc2OTE5MzAzL2Ftcy8wLzM2MC83MC85OTkvMzIyLzgzLjE0My4yNDUuMC8wLjAwMC8xNjE5Mjc2NDIzLzE2MTkyODkwMjMvNC9wdWItODQxNDYyNzI4MDA1NDU5My8/hhalcizwRRunlNLbEgCHo0Eh0Bg&nodeid=1604&group=eu&auctionid=4991949398876919303&sid=4562306&cid=6622332&bp=a_bjgfgc&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.133.233&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCVTQThzKEYPOYG-GLx_APvYy58AzPh46bXMCG2YLGAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi04NDE0NjI3MjgwMDU0NTkzyAEJ4AIAqAMBqgTdAk_Q-Wq-l2jZLPqstVPeaM49kd6vmkZwXGqFI5l3i0oIPqwwoz5m9p-fuFo9aCTPk64PuwYuNA7sGMOhC33vlUl3S7SdW84lLyJNwxsaeDilWRJtB7a0utSpT14K23zZovnFzJEodS1rS6t-1X5AM__6oBKA8T-rbTRExEJiUaPCFvvMurs7QjsW5wvZw0z6wwK5PMSq_rxD0iWJ7iVExwAB8uDWPzu6lfGeUnyMgK--x7Lz9nMY8TrxWEU2n5rWKwrgPV2pYBibBOeomHak1v_TUsv6nWaDkzfJLRTFefxgALx-B4AT51OPomR3nUaG6MEQRTYtkaUu6_s8HQNMkvqwsNY_HeezOu3uQelLSinhGYaQB0WXk3Sw79yB3NtFo3lP_-a2qwYl5r58ACOhvI4A9UXdHgmWOXEuY737DsK1QXrIlbodt4Jgs25CSZQ9Aq-ZC6zdbP3q9NnsL2ngBAGABsrr6dDusIOqiQGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB%26num%3D1%26sig%3DAOD64_00mdNJqdMyF0PeRuoW6DattXMdNw%26client%3Dca-pub-8414627280054593%26adurl%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.133.33 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.197.0 /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

Referer: https://a3a96b9ff0f7528530d1f7c674196848.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 24 Apr 2021 15:00:30 GMT
Server: MMBD/3.197.0
Content-Type: image/gif
Cache-Control: no-cache
x-mm-host: zrh-router-x37, cdg-bidder-x131
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 49
Expires: Sat, 24 Apr 2021 15:00:29 GMT

GET
H/1.1 200
OK js Show response
sync.mathtag.com/sync/ Frame AB38 656 B
708 B 17ms
16ms Script
text/javascript 185.29.132.144
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.mathtag.com/sync/js?sync=auto&source=bidder&mt_lim=1&type=1&synclist=4&gdpr=1&gdpr_consent=BAAAAAAAAAAAAAAAAAluAA//////+ABgCeAJ4Ang
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvWlRReVltWTNPREl0WVdKa1pDMWtPVFUxTFRBd01EQXRNREF3TURBd01EQXdNREF3LzQ5OTE5NDkzOTg4NzY5MTkzMDMvNjYyMjMzMi80NTYyMzA2LzQvNFpuLThIaXRpQ2tMU1UzckdXNWh5REVBcFpPVlg5cGVRcUJhWTIwc1k4cy8xLzQvMC8wLzk1NjgwMy8xNDAxOTQzMjk2LzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC80OTkxOTQ5Mzk4ODc2OTE5MzAzL2Ftcy8wLzM2MC83MC85OTkvMzIyLzgzLjE0My4yNDUuMC8wLjAwMC8xNjE5Mjc2NDIzLzE2MTkyODkwMjMvNC9wdWItODQxNDYyNzI4MDA1NDU5My8/hhalcizwRRunlNLbEgCHo0Eh0Bg&nodeid=1604&group=eu&auctionid=4991949398876919303&sid=4562306&cid=6622332&bp=a_bjgfgc&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.133.233&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCVTQThzKEYPOYG-GLx_APvYy58AzPh46bXMCG2YLGAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi04NDE0NjI3MjgwMDU0NTkzyAEJ4AIAqAMBqgTdAk_Q-Wq-l2jZLPqstVPeaM49kd6vmkZwXGqFI5l3i0oIPqwwoz5m9p-fuFo9aCTPk64PuwYuNA7sGMOhC33vlUl3S7SdW84lLyJNwxsaeDilWRJtB7a0utSpT14K23zZovnFzJEodS1rS6t-1X5AM__6oBKA8T-rbTRExEJiUaPCFvvMurs7QjsW5wvZw0z6wwK5PMSq_rxD0iWJ7iVExwAB8uDWPzu6lfGeUnyMgK--x7Lz9nMY8TrxWEU2n5rWKwrgPV2pYBibBOeomHak1v_TUsv6nWaDkzfJLRTFefxgALx-B4AT51OPomR3nUaG6MEQRTYtkaUu6_s8HQNMkvqwsNY_HeezOu3uQelLSinhGYaQB0WXk3Sw79yB3NtFo3lP_-a2qwYl5r58ACOhvI4A9UXdHgmWOXEuY737DsK1QXrIlbodt4Jgs25CSZQ9Aq-ZC6zdbP3q9NnsL2ngBAGABsrr6dDusIOqiQGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB%26num%3D1%26sig%3DAOD64_00mdNJqdMyF0PeRuoW6DattXMdNw%26client%3Dca-pub-8414627280054593%26adurl%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.132.144 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MT3 3660 495c301 master zrh-pixel-x7 /
Resource Hash: 9a989dca206f015e2bc7ad9a3f32e27e9ba2e01125c6a800a35173adc16ac4f5

Request headers

Referer: https://a3a96b9ff0f7528530d1f7c674196848.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 24 Apr 2021 15:00:25 GMT
Content-Encoding: gzip
Server: MT3 3660 495c301 master zrh-pixel-x7
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: close
Content-Type: text/javascript
Expires: Sat, 24 Apr 2021 15:00:24 GMT

GET
H2 200 action.json Show response
yummy.consumable.com/8580/cnsmbl-video-970x250/js/ Frame 67FB 2 B
455 B 1750ms
428ms XHR
application/json 13.33.139.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yummy.consumable.com/8580/cnsmbl-video-970x250/js/action.json?ac=IMPRESSION&fp=&a=%7B%7D&ts=1619276425767&tba=0&et=0&furl=https%3A%2F%2Fv.traileraddict.com%2Fvidtest.php&dd=0&vi=true&vd=0&sid=dacf65f5-f561-42e0-84cb-7ecc474df31e&cb=1619276425767&hr=https%3A%2F%2Fwww.tmj4.com%2Fnews%2Fcoronavirus%2Fwisconsins-extended-safer-at-home-order-relaxes-restrictions-on-non-essential-businesses&hn=www.tmj4.com&pl=
Requested by: Host: yummy.consumable.com
URL: https://yummy.consumable.com/8580/cnsmbl-video-970x250/widget/iframe.js?cb=1619276425053
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.139.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-139-93.cph50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.tmj4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 15:00:28 GMT
via: 1.1 91dfa0ccf808a1c0b41f43736ca93f80.cloudfront.net (CloudFront)
last-modified: Mon, 07 Dec 2020 20:18:01 GMT
server: AmazonS3
x-amz-cf-pop: CPH50-C2
etag: "d751713988987e9331980363e24189ce"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, HEAD
content-type: application/json
access-control-allow-origin: *
access-control-max-age: 60
x-cache: RefreshHit from cloudfront
accept-ranges: bytes
content-length: 2
x-amz-cf-id: gGRB4umyglsTEQnt7cOmmm0WF7vQ2QRHD1OoNxQ3Xd9Mnozp1BIkog==

POST auction
prebid-server.rubiconproject.com/openrtb2/ Frame 67FB 0
0

POST openrtb
ads.adaptv.advertising.com/rtb/ Frame 67FB 0
0

GET cygnus
as-sec.casalemedia.com/ Frame 67FB 0
0

GET
H/1.1 200
OK trinity.json Show response
apex.go.sonobi.com/ Frame 67FB 152 B
788 B 1096ms
26ms XHR
application/json 178.162.133.150
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker=%7B%22%2F133810016%2FScripps%2Fscripps-8580-cnsmbl-video-970x250-dr-d%7C8d0bfe22c3e9c6%22%3A%22%22%7D&ref=https%3A%2F%2Fwww.tmj4.com%2Fnews%2Fcoronavirus%2Fwisconsins-extended-safer-at-home-order-relaxes-restrictions-on-non-essential-businesses&s=f596d955-057b-4193-a9f9-b3d3a2a691cc&pv=f59e9e46-4a65-4914-9e36-94e95f51ebc7&vp=tablet&lib_name=prebid&lib_v=3.10.0&us=999&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22consumable.com%22%2C%22sid%22%3A%222000248%22%2C%22hp%22%3A1%7D%5D%7D&

Requested by

Host: yummy.consumable.com
URL: https://yummy.consumable.com/8580/cnsmbl-video-970x250/widget/iframe.js?cb=1619276425053

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.150 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-apex.go.sonobi.com

Software

sonobi-go /

Resource Hash

01ea8a8eec39a60b2adc27d44ecf90e922bd97fe23183611cb3cc0731e17515d

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.tmj4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sat, 24 Apr 2021 15:00:26 GMT
Content-Encoding: gzip
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: apex-ams-1-6-129
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: https://www.tmj4.com
Cache-Control: no-cache, no-store, private
Access-Control-Allow-Credentials: true
Tcn: Choice
Content-Type: application/json
Content-Length: 177
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

POST 284289
search.spotxchange.com/openrtb/2.3/dados/ Frame 67FB 0
0

POST /
hb.emxdgt.com/ Frame 67FB 0
0

GET
H2 200 avjp Show response
gift-connect-d.openx.net/v/1.0/ Frame 67FB 106 B
354 B 20ms
20ms XHR
application/json 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://gift-connect-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.tmj4.com%2Fnews%2Fcoronavirus%2Fwisconsins-extended-safer-at-home-order-relaxes-restrictions-on-non-essential-businesses&ch=UTF-8&res=1600x1200x24&ifr=true&tz=-120&tws=1600x1200&be=1&bc=hb_pb_3.0.1&dddid=bacc0469-6d73-48f4-8a78-62e3ec239bac&nocache=1619276425783&schain=1.0%2C1!consumable.com%2C2000248%2C1%2C%2C%2C&auid=541033538&vwd=640&vht=480&
Requested by: Host: yummy.consumable.com
URL: https://yummy.consumable.com/8580/cnsmbl-video-970x250/widget/iframe.js?cb=1619276425053
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: OXGW/16.205.4 /
Resource Hash: 730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer: https://www.tmj4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 24 Apr 2021 15:00:25 GMT
via: 1.1 google
server: OXGW/16.205.4
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.tmj4.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 106
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST prebid
ib.adnxs.com/ut/v3/ Frame 67FB 0
0

GET
H2 200 tag Show response
vtrdn-wjdav.ads.tremorhub.com/ad/ Frame 67FB 55 B
407 B 460ms
220ms XHR
application/json 2600:1f18:612b:4264:5a80:73c5:9cbd:79d9
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://vtrdn-wjdav.ads.tremorhub.com/ad/tag?adCode=vtrdn-3yglg&playerWidth=640&playerHeight=480&srcPageUrl=https%3A%2F%2Fwww.tmj4.com%2Fnews%2Fcoronavirus%2Fwisconsins-extended-safer-at-home-order-relaxes-restrictions-on-non-essential-businesses&supplyCode=vtrdn-wjdav&schain=1.0,1!consumable.com,2000248,,,,&transactionId=bacc0469-6d73-48f4-8a78-62e3ec239bac&referrer=https%3A%2F%2Fwww.tmj4.com%2Fnews%2Fcoronavirus%2Fwisconsins-extended-safer-at-home-order-relaxes-restrictions-on-non-essential-businesses&hb=1&fmt=json
Requested by: Host: yummy.consumable.com
URL: https://yummy.consumable.com/8580/cnsmbl-video-970x250/widget/iframe.js?cb=1619276425053
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4264:5a80:73c5:9cbd:79d9 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: 4f9f0f0ac60cabbbc4886dc60b2f97e6ad1da9590ace7dd054eec5b9ae8b6e68

Request headers

Referer: https://www.tmj4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 24 Apr 2021 15:00:26 GMT
content-encoding: gzip
server: Apache-Coyote/1.1
vary: accept-encoding
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
access-control-allow-origin: https://www.tmj4.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-tremorvideo-status: NO_AD
content-type: application/json;charset=UTF-8

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame 67FB 0
114 B 1380ms
71ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: yummy.consumable.com
URL: https://yummy.consumable.com/8580/cnsmbl-video-970x250/widget/iframe.js?cb=1619276425053
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.tmj4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.tmj4.com
date: Sat, 24 Apr 2021 15:00:27 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H3-29

206

file.webm
r10---sn-4g5e6nzy.gvt1.com/videoplayback/id/54a06471f87f2f12/itag/43/source/gfp_video_ads/requiressl/yes/acao/yes/mime/video%2Fwebm/ctier/L/ip/0.0.0.0/ipbits/0/expire/1619298025/sparams/acao,ctier,... Frame AF08
Redirect Chain

https://redirector.gvt1.com/videoplayback/id/54a06471f87f2f12/itag/43/source/gfp_video_ads/requiressl/yes/acao/yes/mime/video%2Fwebm/ctier/L/ip/0.0.0.0/ipbits/0/expire/1619298025/sparams/ip,ipbits,...
https://r10---sn-4g5e6nzy.gvt1.com/videoplayback/id/54a06471f87f2f12/itag/43/source/gfp_video_ads/requiressl/yes/acao/yes/mime/video%2Fwebm/ctier/L/ip/0.0.0.0/ipbits/0/expire/1619298025/sparams/aca...

192 KB
0

120ms
98ms

Media
video/webm

2a00:1450:4001:c::a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r10---sn-4g5e6nzy.gvt1.com/videoplayback/id/54a06471f87f2f12/itag/43/source/gfp_video_ads/requiressl/yes/acao/yes/mime/video%2Fwebm/ctier/L/ip/0.0.0.0/ipbits/0/expire/1619298025/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mime,mip,mm,mn,ms,mv,mvi,pl,requiressl,source/signature/2F824A98FA164DF99D2C5545BF104EFE7790AB7F.800C116C10627D22419451FB273F4169D80E9447/key/cms1/cms_redirect/yes/mh/rc/mip/2a01:4f8:192:5414::2/mm/28/mn/sn-4g5e6nzy/ms/nvh/mt/1619276076/mv/u/mvi/10/pl/50/file/file.webm

Requested by

Host: www.tmj4.com
URL: https://www.tmj4.com/news/coronavirus/wisconsins-extended-safer-at-home-order-relaxes-restrictions-on-non-essential-businesses

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:c::a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://assets.scrippsdigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 15:00:25 GMT
x-content-type-options: nosniff
last-modified: Mon, 05 Apr 2021 18:36:56 GMT
server: gvs 1.0
vary: Origin
content-type: video/webm
Content-Range: bytes 0-1471912/1471913
client-protocol: quic
cache-control: private, max-age=21300
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 1471913
expires: Sat, 24 Apr 2021 15:00:25 GMT

Redirect headers

pragma: no-cache
date: Sat, 24 Apr 2021 15:00:25 GMT
x-content-type-options: nosniff
server: ClientMapServer
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://r10---sn-4g5e6nzy.gvt1.com/videoplayback/id/54a06471f87f2f12/itag/43/source/gfp_video_ads/requiressl/yes/acao/yes/mime/video%2Fwebm/ctier/L/ip/0.0.0.0/ipbits/0/expire/1619298025/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mime,mip,mm,mn,ms,mv,mvi,pl,requiressl,source/signature/2F824A98FA164DF99D2C5545BF104EFE7790AB7F.800C116C10627D22419451FB273F4169D80E9447/key/cms1/cms_redirect/yes/mh/rc/mip/2a01:4f8:192:5414::2/mm/28/mn/sn-4g5e6nzy/ms/nvh/mt/1619276076/mv/u/mvi/10/pl/50/file/file.webm
cache-control: no-cache, must-revalidate
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 699
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 8ms
8ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=5&q=0&hp=1&wf=1&vb=5&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=CRACKED_SCRIPPS_DFP_PREBID_HEADER1&ud=undefined&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8D4Sq_GVK61%5Dml%22ZzTm!ja8V%22%3BU%5DDTg%7Df%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5tWhX%3C%3Ce%24%26~1%3Axkr%2BUe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3Ft%40yUtKC&th=3321063859&tf=nMzjG---CSa7H-XSSptC-j7VIQD-xFQTS-nMzjG-&vi=111111&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=00&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.tmj4.com%2Fnews%2Fcoronavirus%2Fwisconsins-extended-safer-at-home-order-relaxes-restrictions-on-non-essential-businesses&confidence=2&pcode=crackedscrippsdfpprebidheader262014341684&ql=&qo=0&vf=1&vg=100&bq=11&zMoatpage=-&zMoatpos=above%2C1&zMoatpt=detail%2Ctrue&g=2&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=90&w=728&rm=1&fy=436&gp=1106&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.tmj4.com%2Fnews%2Fcoronavirus%2Fwisconsins-extended-safer-at-home-order-relaxes-restrictions-on-non-essential-businesses&id=1&f=0&j=&t=1619276421514&de=392083320754&rx=927200626535&cu=1619276421514&m=4187&ar=31f9dba90d7-clean&iw=07d6456&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A871043678126&td=1&lk=1106&lb=5496&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A626%3A626%3A0%3A649&as=1&ag=1048&an=1048&gi=1&gf=1048&gg=1048&ix=1048&ic=1048&ez=1&ck=1048&kw=504&aj=1&pg=100&pf=100&ib=1&cc=1&bw=1048&bx=1048&ci=1048&jz=504&dj=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=504&cd=504&ah=504&am=504&rf=0&re=0&wb=1&cl=0&at=0&d=16839141%3A237842901%3A5250393788%3A138298488418&gw=crackedscrippsdfpprebidheader262014341684&zMoatAdUnit1=ssp.tmj4&zMoatAdUnit2=inview-bottom&hv=findIframeAds&ab=2&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&tc=0&fs=180167&na=2045131654&cs=0
Requested by: Host: www.tmj4.com
URL: https://www.tmj4.com/news/coronavirus/wisconsins-extended-safer-at-home-order-relaxes-restrictions-on-non-essential-businesses
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.tmj4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Apr 2021 15:00:25 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Sat, 24 Apr 2021 15:00:25 GMT

GET
H2 200 data Show response
www.arcgis.com/sharing/rest/content/items/0a80b84ab22a4db8a9b0f841255a9e86/ Frame BE7A 11 KB
888 B 99ms
99ms XHR
application/json 18.234.22.28
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.arcgis.com/sharing/rest/content/items/0a80b84ab22a4db8a9b0f841255a9e86/data?f=json

Requested by

Host: js.arcgis.com
URL: https://js.arcgis.com/3.36/init.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.234.22.28 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-234-22-28.compute-1.amazonaws.com

Software

Resource Hash

bb1d7dc3a831490a7254a9965af7c212563be2edcedee414312039f23e0ec621

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.arcgis.com/apps/opsdashboard/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 15:00:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
etag: 179044e7bf8--gzip
vary: Origin,Accept-Encoding
content-type: application/json;charset=utf-8
cache-control: max-age=300
x-cached: HIT

GET
H2 200 data Show response
www.arcgis.com/sharing/rest/content/items/0a80b84ab22a4db8a9b0f841255a9e86/ Frame BE7A 11 KB
888 B 100ms
99ms XHR
application/json 18.234.22.28
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.arcgis.com/sharing/rest/content/items/0a80b84ab22a4db8a9b0f841255a9e86/data?f=json

Requested by

Host: js.arcgis.com
URL: https://js.arcgis.com/3.36/init.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.234.22.28 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-234-22-28.compute-1.amazonaws.com

Software

Resource Hash

bb1d7dc3a831490a7254a9965af7c212563be2edcedee414312039f23e0ec621

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.arcgis.com/apps/opsdashboard/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 15:00:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
etag: 179044e7bf8--gzip
vary: Origin,Accept-Encoding
content-type: application/json;charset=utf-8
cache-control: max-age=300
x-cached: HIT

GET
H2 200 data Show response
www.arcgis.com/sharing/rest/content/items/0a80b84ab22a4db8a9b0f841255a9e86/ Frame BE7A 11 KB
888 B 100ms
99ms XHR
application/json 18.234.22.28
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.arcgis.com/sharing/rest/content/items/0a80b84ab22a4db8a9b0f841255a9e86/data?f=json

Requested by

Host: js.arcgis.com
URL: https://js.arcgis.com/3.36/init.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.234.22.28 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-234-22-28.compute-1.amazonaws.com

Software

Resource Hash

bb1d7dc3a831490a7254a9965af7c212563be2edcedee414312039f23e0ec621

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.arcgis.com/apps/opsdashboard/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 15:00:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
etag: 179044e7bf8--gzip
vary: Origin,Accept-Encoding
content-type: application/json;charset=utf-8
cache-control: max-age=300
x-cached: HIT

GET
H2 200 data Show response
www.arcgis.com/sharing/rest/content/items/0a80b84ab22a4db8a9b0f841255a9e86/ Frame BE7A 11 KB
920 B 99ms
99ms XHR
application/json 18.234.22.28
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.arcgis.com/sharing/rest/content/items/0a80b84ab22a4db8a9b0f841255a9e86/data?f=json

Requested by

Host: js.arcgis.com
URL: https://js.arcgis.com/3.36/init.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.234.22.28 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-234-22-28.compute-1.amazonaws.com

Software

Resource Hash

bb1d7dc3a831490a7254a9965af7c212563be2edcedee414312039f23e0ec621

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.arcgis.com/apps/opsdashboard/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 15:00:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
etag: 179044e7bf8--gzip
strict-transport-security: max-age=31536000
content-type: application/json;charset=utf-8
cache-control: max-age=300
vary: Origin,Accept-Encoding
x-cached: HIT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 982A 0
0 64ms
46ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv2yGW-kgCYOzC3MjZZr2H-t8vYZGrTSToJk11TAmWaZuzl180p8p-VnYPq8tU_xeECKZYA48UMQaflNCvea_kFvoI0BJM2C1NveY_tOlhKubjnYwh82jEkibQvWJr1gtMJKey6ck6BLt322mGHyC2fka9yhroB755B6z3Y9wtNCO0r7VtD6AJDLs3WRd61jwL3dyPk8uu-5_puRAoecAC11eRTtMxBfA36UkEBcuhgcCqmBPQzD32OdlNAK67VzBOyi14cypLtqnX8EqTu8ciFT2XZHXZIfsufPz8WWzdOV23JN7Xwm9bgFMmYSyox4FpHAgz1_uhhu3dtZXfLa4K-BFe1IT2zm6wL431hb5IBrGwWq1XlJit2O6yjbw&sig=Cg0ArKJSzJegEKUG6BVJEAE&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tmj4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 24 Apr 2021 15:00:25 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Sat, 24 Apr 2021 15:00:25 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 67FB 9 KB
7 KB 37ms
18ms XHR
application/json 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021042001&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042001.js?31060870

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c2ff9ee54e4577b88abdaa8c123422196412be375fafa72e246957effa5c88c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tmj4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 24 Apr 2021 15:00:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6933
x-xss-protection: 0

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame C978 0
0 55ms
45ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuI94vhtACo1QFEBsGkoXscYxNCYWBNOxkbxoHIroyFhRWi9Te1zSNbFNanY8zCveIsv-6rfl_IBP2Sy_jJy3orYsjsUEN65NjDfTc5cLuWXljGccihPtMxfmjhNxI-UtpXpwpRNZbtL8cXbcaPxUrPt8iog6clrr6gzSusr_84Fa7p4hwmXi8kSw3GHHm7PCchXxqt4pFWIkFC024apO0iSO2gnije-LX6Go9NNAa973naeKM2R_TzfC-TEG3lc_Wp6IkrPwLa_dLI6qE4NUFfzEKmjEDnxNojlmhv030lv38VqaYAINB3QqiBP8FD4-uS6Q&sig=Cg0ArKJSzGnkyGRujcPBEAE&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tmj4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 24 Apr 2021 15:00:25 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Sat, 24 Apr 2021 15:00:25 GMT

GET
H3-29 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame 445F 62 KB
21 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: yummy.consumable.com
URL: https://yummy.consumable.com/8766/cnsmbl-container-300x250-ads/widget/unit.js?cb=1619276424973

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ad309904b3882d0bc665ba54e6fc9a708e89a6155fdce036c73ab386c80086c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tmj4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 15:00:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "851 / 375 of 1000 / last-modified: 1619215752"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21081
x-xss-protection: 0
expires: Sat, 24 Apr 2021 15:00:25 GMT

GET
H/1.1 200
OK wrap.js Show response
clarium.global.ssl.fastly.net/gpt/a/ Frame 445F 142 KB
42 KB 292ms
17ms Script
text/javascript 151.101.113.194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://clarium.global.ssl.fastly.net/gpt/a/wrap.js?v2_1
Requested by: Host: www.tmj4.com
URL: https://www.tmj4.com/news/coronavirus/wisconsins-extended-safer-at-home-order-relaxes-restrictions-on-non-essential-businesses
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.194 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 4925165c70b3264de4eb9fcb82c4e25329fd65e6ee1b1fcc336af0e72d011b58

Request headers

Referer: https://www.tmj4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 24 Apr 2021 15:00:26 GMT
Via: 1.1 varnish
Server: nginx
Age: 72
X-Served-By: cache-hhn4069-HHN
Vary: Accept-Encoding
X-Cache: HIT
Content-Type: text/javascript;charset=UTF-8
Content-Encoding: gzip
Cache-Control: private, max-age=900, stale-while-revalidate=3600
Connection: keep-alive
Accept-Ranges: bytes
X-Timer: S1619276426.138806,VS0,VE0
Content-Length: 42289
X-Cache-Hits: 51

GET
H2 200 iframe.js Show response
yummy.consumable.com/8766/cnsmbl-container-300x250-ads/widget/ Frame 445F 259 KB
82 KB 431ms
431ms Script
application/javascript 13.33.139.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yummy.consumable.com/8766/cnsmbl-container-300x250-ads/widget/iframe.js
Requested by: Host: yummy.consumable.com
URL: https://yummy.consumable.com/8766/cnsmbl-container-300x250-ads/widget/unit.js?cb=1619276424973
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.139.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-139-93.cph50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9b44784210dc4d49e0011783bbee473ab4582b284ad092a49b8d113ea9c28158

Request headers

Referer: https://www.tmj4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 15:00:27 GMT
content-encoding: gzip
last-modified: Tue, 03 Nov 2020 23:01:01 GMT
server: AmazonS3
x-amz-cf-pop: CPH50-C2
etag: W/"4d4fc655a55cef6d5a1be96f9785fe8a"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
via: 1.1 c77c2d645cbeae90b436c4ed3b9c4718.cloudfront.net (CloudFront)
x-amz-cf-id: LHpwM0HGwAUL6ylGtB81Gjbks-ToD28Jx2qNTZWfUfpLXPs5p694vw==

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 10ms
8ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=1&hp=1&wf=1&vb=5&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=CRACKED_SCRIPPS_DFP_PREBID_HEADER1&ud=undefined&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8D4Sq_GVK61%5Dml%22ZzTm!ja8V%22%3BU%5DDTg%7Df%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5tWhX%3C%3Ce%24%26~1%3Axkr%2BUe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3Ft%40yUtKC&th=3321063859&tf=nMzjG---CSa7H-XSSptC-j7VIQD-xFQTS-nMzjG-&vi=111111&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=00&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.tmj4.com%2Fnews%2Fcoronavirus%2Fwisconsins-extended-safer-at-home-order-relaxes-restrictions-on-non-essential-businesses&confidence=2&pcode=crackedscrippsdfpprebidheader262014341684&ql=&qo=0&vf=1&vg=100&bq=11&zMoatpage=-&zMoatpos=above%2C1&zMoatpt=detail%2Ctrue&g=3&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=90&w=728&rm=1&fy=436&gp=1106&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.tmj4.com%2Fnews%2Fcoronavirus%2Fwisconsins-extended-safer-at-home-order-relaxes-restrictions-on-non-essential-businesses&id=1&f=0&j=&t=1619276421514&de=392083320754&rx=927200626535&cu=1619276421514&m=4188&ar=31f9dba90d7-clean&iw=07d6456&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A871043678126&td=1&lk=1106&lb=5496&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A626%3A626%3A0%3A649&as=1&ag=1048&an=1048&gi=1&gf=1048&gg=1048&ix=1048&ic=1048&ez=1&ck=1048&kw=504&aj=1&pg=100&pf=100&ib=1&cc=1&bw=1048&bx=1048&ci=1048&jz=504&dj=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=504&cd=504&ah=504&am=504&rf=0&re=0&wb=1&cl=0&at=0&d=16839141%3A237842901%3A5250393788%3A138298488418&gw=crackedscrippsdfpprebidheader262014341684&zMoatAdUnit1=ssp.tmj4&zMoatAdUnit2=inview-bottom&hv=findIframeAds&ab=2&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&tc=0&fs=180167&na=454077272&cs=0
Requested by: Host: www.tmj4.com
URL: https://www.tmj4.com/news/coronavirus/wisconsins-extended-safer-at-home-order-relaxes-restrictions-on-non-essential-businesses
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.tmj4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Apr 2021 15:00:25 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Sat, 24 Apr 2021 15:00:25 GMT

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 67FB 17 KB
6 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042001.js?31060870

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tmj4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 15:00:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616005470650935"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Sat, 24 Apr 2021 15:00:25 GMT

GET
H3-29 200 pubads_impl_2021042001.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 445F 301 KB
105 KB 19ms
17ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042001.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

sffe /

Resource Hash

a2aca9aa200ad3e4dd9afcd27fd2bd5b272a5d297e9f85d708394857ca6a1ffe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tmj4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 15:00:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 20 Apr 2021 08:40:14 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 107961
x-xss-protection: 0
expires: Sat, 24 Apr 2021 15:00:25 GMT

GET
H2 200 3 Show response
services9.arcgis.com/N9p5hsImWXAccRNI/arcgis/rest/services/Nc2JKvYFoAEOFCG5JSI6/FeatureServer/ Frame BE7A 11 KB
3 KB 97ms
33ms XHR
text/plain 143.204.245.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://services9.arcgis.com/N9p5hsImWXAccRNI/arcgis/rest/services/Nc2JKvYFoAEOFCG5JSI6/FeatureServer/3?f=json

Requested by

Host: js.arcgis.com
URL: https://js.arcgis.com/3.36/init.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.245.14 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-245-14.cph50.r.cloudfront.net

Software

Microsoft-IIS/10.0 /

Resource Hash

2010531392a242368efc64bb9ec889335acae3dd08953b06208b0466cdcae142

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://www.arcgis.com/apps/opsdashboard/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=63072000
content-encoding: br
etag: 771937454
age: 57
x-cache: Hit from cloudfront
content-length: 2311
x-arcgis-instance: MTSDS_Web_IN_0
access-control-allow-origin: *
last-modified: Sat, 24 Apr 2021 14:35:14 GMT
server: Microsoft-IIS/10.0
date: Sat, 24 Apr 2021 14:59:32 GMT
content-type: text/plain; charset=utf-8
via: 1.1 fdf9e7e5ec65d753124196745d150f16.cloudfront.net (CloudFront)
cache-control: public, max-age=30, s-maxage=30
x-arcgis-correlation-id: 00-923be738014ed54495854466329d674c-be5d7380093bea49-00
x-arcgis-trace-id: 923be738014ed54495854466329d674c
x-amz-cf-pop: CPH50-C1
x-amz-cf-id: 3gDEMIdD_8Hp5I8O4B5DLPinvy0L-y4oQeRRgXuUbC-SsJQpaDsWyw==

GET
H2 200 2 Show response
services9.arcgis.com/N9p5hsImWXAccRNI/arcgis/rest/services/Nc2JKvYFoAEOFCG5JSI6/FeatureServer/ Frame BE7A 8 KB
2 KB 94ms
33ms XHR
text/plain 143.204.245.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://services9.arcgis.com/N9p5hsImWXAccRNI/arcgis/rest/services/Nc2JKvYFoAEOFCG5JSI6/FeatureServer/2?f=json

Requested by

Host: js.arcgis.com
URL: https://js.arcgis.com/3.36/init.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.245.14 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-245-14.cph50.r.cloudfront.net

Software

Microsoft-IIS/10.0 /

Resource Hash

e6fbf96164ab2fb9bebb98fa3d9ef1620973d7e34e61b8a792a59b604bf958b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://www.arcgis.com/apps/opsdashboard/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=63072000
content-encoding: br
etag: -1557293174
age: 409
x-cache: Hit from cloudfront
content-length: 1965
x-arcgis-instance: MTSDS_Web_IN_3
access-control-allow-origin: *
last-modified: Sat, 24 Apr 2021 14:35:14 GMT
server: Microsoft-IIS/10.0
date: Sat, 24 Apr 2021 14:53:37 GMT
content-type: text/plain; charset=utf-8
via: 1.1 fdf9e7e5ec65d753124196745d150f16.cloudfront.net (CloudFront)
cache-control: public, max-age=30, s-maxage=30
x-arcgis-correlation-id: 00-4a3d3e37dfc4234db340ce6fd1331d61-93fc4085280a0943-00
x-arcgis-trace-id: 4a3d3e37dfc4234db340ce6fd1331d61
x-amz-cf-pop: CPH50-C1
x-amz-cf-id: RGh9WS5ibZpOvUjAiEnILGBGhmp65PGv2Sw6UoUpS19Kq_XsOhqX1w==

GET
H2 200 1 Show response
services9.arcgis.com/N9p5hsImWXAccRNI/arcgis/rest/services/Nc2JKvYFoAEOFCG5JSI6/FeatureServer/ Frame BE7A 10 KB
3 KB 92ms
33ms XHR
text/plain 143.204.245.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://services9.arcgis.com/N9p5hsImWXAccRNI/arcgis/rest/services/Nc2JKvYFoAEOFCG5JSI6/FeatureServer/1?f=json

Requested by

Host: js.arcgis.com
URL: https://js.arcgis.com/3.36/init.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.245.14 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-245-14.cph50.r.cloudfront.net

Software

Microsoft-IIS/10.0 /

Resource Hash

7f0def1c829a19e6fedc71b63db8ea4686919a34c0a56f5c1db6f43255bec31c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://www.arcgis.com/apps/opsdashboard/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=63072000
content-encoding: br
etag: 1198053092
age: 505
x-cache: Hit from cloudfront
content-length: 2277
x-arcgis-instance: MTSDS_Web_IN_3
access-control-allow-origin: *
last-modified: Sat, 24 Apr 2021 14:35:24 GMT
server: Microsoft-IIS/10.0
date: Sat, 24 Apr 2021 14:52:01 GMT
content-type: text/plain; charset=utf-8
via: 1.1 fdf9e7e5ec65d753124196745d150f16.cloudfront.net (CloudFront)
cache-control: public, max-age=30, s-maxage=30
x-arcgis-correlation-id: 00-31a17d134666494fbab0898e531c53a8-fe253d755c05be4e-00
x-arcgis-trace-id: 31a17d134666494fbab0898e531c53a8
x-amz-cf-pop: CPH50-C1
x-amz-cf-id: 9eQdy7TlfT6UHjBJgvzfxppX8FHYpeikgnlw_LUfY_Y9jGxecuDr4g==

GET
H2 200 4 Show response
services9.arcgis.com/N9p5hsImWXAccRNI/arcgis/rest/services/Nc2JKvYFoAEOFCG5JSI6/FeatureServer/ Frame BE7A 8 KB
2 KB 89ms
33ms XHR
text/plain 143.204.245.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://services9.arcgis.com/N9p5hsImWXAccRNI/arcgis/rest/services/Nc2JKvYFoAEOFCG5JSI6/FeatureServer/4?f=json

Requested by

Host: js.arcgis.com
URL: https://js.arcgis.com/3.36/init.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.245.14 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-245-14.cph50.r.cloudfront.net

Software

Microsoft-IIS/10.0 /

Resource Hash

ea84d48942f4e2ddb1c08fcd8dc5d4d5ab2310b5c54a8ddf0300b69ce72392cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://www.arcgis.com/apps/opsdashboard/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=63072000
content-encoding: br
etag: -1773395687
age: 631
x-cache: Hit from cloudfront
content-length: 1932
via: 1.1 fdf9e7e5ec65d753124196745d150f16.cloudfront.net (CloudFront)
x-arcgis-instance: MTSDS_Web_IN_2
last-modified: Sat, 24 Apr 2021 14:35:14 GMT
server: Microsoft-IIS/10.0
date: Sat, 24 Apr 2021 14:49:55 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30, s-maxage=30
x-arcgis-correlation-id: 00-bc064e47e4abc54080c003a3931850b2-6329f1e8cfcfa849-00
x-arcgis-trace-id: bc064e47e4abc54080c003a3931850b2
x-amz-cf-pop: CPH50-C1
x-amz-cf-id: 6wvPNjSKYmE-OTmHvufrTDm8zHh_IYUDgi91v0daVrvf3sVDtlbJbw==

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/222/ Frame 3DC0 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/222/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.tmj4.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.tmj4.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Sat, 24 Apr 2021 14:44:08 GMT
expires: Sun, 24 Apr 2022 14:44:08 GMT
last-modified: Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 977
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 N0cNQz_bqY1YohNAUNIZQryLecw2v8JwvqvBktlc8tc.js Show response
pagead2.googlesyndication.com/bg/ Frame 3DC0 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/N0cNQz_bqY1YohNAUNIZQryLecw2v8JwvqvBktlc8tc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

37470d433fdba98d58a2134050d21942bc8b79cc36bfc270beabc192d95cf2d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Apr 2021 09:08:09 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 08 Apr 2021 09:18:00 GMT
server: sffe
age: 107536
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5655
x-xss-protection: 0
expires: Sat, 23 Apr 2022 09:08:09 GMT

GET
H3-29 206 file.webm
r10---sn-4g5e6nzy.gvt1.com/videoplayback/id/54a06471f87f2f12/itag/43/source/gfp_video_ads/requiressl/yes/acao/yes/mime/video%2Fwebm/ctier/L/ip/0.0.0.0/ipbits/0/expire/1619298025/sparams/acao,ctier,... Frame AF08 29 KB
29 KB 58ms
58ms Media
video/webm 2a00:1450:4001:c::a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.tmj4.com
URL: https://www.tmj4.com/news/coronavirus/wisconsins-extended-safer-at-home-order-relaxes-restrictions-on-non-essential-businesses

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:c::a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

fa47b4d616a81135d5535b850e8576a98a0bd2dc8833c86027f0c8688453a13b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://assets.scrippsdigital.com/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=1441792-

Response headers

date: Sat, 24 Apr 2021 15:00:26 GMT
x-content-type-options: nosniff
last-modified: Mon, 05 Apr 2021 18:36:56 GMT
server: gvs 1.0
vary: Origin
content-type: video/webm
Content-Range: bytes 1441792-1471912/1471913
client-protocol: quic
cache-control: private, max-age=21299
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 30121
expires: Sat, 24 Apr 2021 15:00:26 GMT

GET
H3-29 200 /
pubads.g.doubleclick.net/pagead/interaction/ Frame 5942 42 B
64 B 18ms
18ms Image
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: www.tmj4.com
URL: https://www.tmj4.com/news/coronavirus/wisconsins-extended-safer-at-home-order-relaxes-restrictions-on-non-essential-businesses

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Apr 2021 15:00:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 5942 0
23 B 45ms
42ms Image
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvY9DBB9xo2sqENf7GbtkUVdPqbHD-NdOi-DljYjmuUhSrb4Yqi04PU_iywD0uJseGLfohLFjGVamsC796dKl-m4wziXpW3FoDHZcqjAivmvtTorPg97dIPtkxaXJUZJUSgNlkXad4-NL9VHLKIX5OoDfbuUPgkmBpfpFJ_5UAtphRMRSoX0D5LoYUoq8q99L9V4U7BBs3u7DKr-BnH_F3D4W-eIEezCXIEgfjQ4FQ5uEZnnsOCifKWlT0ga4Zzrcbf4R_c-vHtFgyFqZXjAg7Ob-T5kxDvV2gRDuYoZvPFQg5URx9lqiedCqMwcPk6rOiM&sig=Cg0ArKJSzK_6oDQbk2vIEAE&sdkv=h.3.453.0&adurl=

Requested by

Host: www.tmj4.com
URL: https://www.tmj4.com/news/coronavirus/wisconsins-extended-safer-at-home-order-relaxes-restrictions-on-non-essential-businesses

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 24 Apr 2021 15:00:26 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 /
pubads.g.doubleclick.net/pagead/interaction/ Frame 5942 42 B
64 B 21ms
18ms Image
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pubads.g.doubleclick.net/pagead/interaction/?ai=B1YtIiTKEYIKSBsmT7_UPgcCQoAGahfLzRQAAABABIL2i3h84AFip5KGwgwRgleKQgqAHsgEMd3d3LnRtajQuY29tugEKMXgxMDAwX3htbMgBBdoBFWh0dHBzOi8vd3d3LnRtajQuY29tL5gCmHXAAgLgAgDqAiYvNjA4OC9zc3AudG1qNC9uZXdzL2Nvcm9uYXZpcnVzL2RldGFpbPgCgdIekAPIBpgD4AOoAwHgBAHSBQYQyMH94xSQBgGgBiOoB-zVG6gH89EbqAeW2BvYBwHgBw_SCAkIgOGAEBABGB3YCAKACgWYCwE&sigh=dgec9gaba9U&label=vast_creativeview&ad_mt=0&acvw=sv%3D894%26cb%3Dj%26e%3D19%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,343,610%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D15042%26vmtime%3D-1%26is%3D275%26cs%3D274%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D2156%26femvt%3D0%26emc%3D2%26emuc%3D0%26emb%3D1,0,0,0,0%26avms%3Dexc%26qi%3D353618271%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26ptlt%3D1619276426044%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0.1%26t%3D1619276425792&sdkv=h.3.453.0&vci=Cm4IARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgRHREZQIAQqCjU1NzgzODM1NjAyDDEzODM0NTQ3NjY0OUDBBFIrCPIFEBIlAABwQSgBOgtKQVJJWkZTQUI0SUILZ29vZ2xldmlkZW9I1QJQABgB

Requested by

Host: www.tmj4.com
URL: https://www.tmj4.com/news/coronavirus/wisconsins-extended-safer-at-home-order-relaxes-restrictions-on-non-essential-businesses

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Apr 2021 15:00:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 /
pubads.g.doubleclick.net/pagead/interaction/ Frame 5942 42 B
64 B 21ms
18ms Image
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pubads.g.doubleclick.net/pagead/interaction/?ai=B1YtIiTKEYIKSBsmT7_UPgcCQoAGahfLzRQAAABABIL2i3h84AFip5KGwgwRgleKQgqAHsgEMd3d3LnRtajQuY29tugEKMXgxMDAwX3htbMgBBdoBFWh0dHBzOi8vd3d3LnRtajQuY29tL5gCmHXAAgLgAgDqAiYvNjA4OC9zc3AudG1qNC9uZXdzL2Nvcm9uYXZpcnVzL2RldGFpbPgCgdIekAPIBpgD4AOoAwHgBAHSBQYQyMH94xSQBgGgBiOoB-zVG6gH89EbqAeW2BvYBwHgBw_SCAkIgOGAEBABGB3YCAKACgWYCwE&sigh=dgec9gaba9U&label=videoclickedtoplay&ad_mt=0&acvw=sv%3D894%26cb%3Dj%26e%3D19%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,343,610%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D15042%26vmtime%3D-1%26is%3D275%26cs%3D274%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D2156%26femvt%3D0%26emc%3D2%26emuc%3D0%26emb%3D1,0,0,0,0%26avms%3Dexc%26qi%3D353618271%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26ptlt%3D1619276426044%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0.1%26t%3D1619276425792&sdkv=h.3.453.0&vci=Cm4IARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgRHREZQIAQqCjU1NzgzODM1NjAyDDEzODM0NTQ3NjY0OUDBBFIrCPIFEBIlAABwQSgBOgtKQVJJWkZTQUI0SUILZ29vZ2xldmlkZW9I1QJQABgB

Requested by

Host: www.tmj4.com
URL: https://www.tmj4.com/news/coronavirus/wisconsins-extended-safer-at-home-order-relaxes-restrictions-on-non-essential-businesses

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Apr 2021 15:00:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 5942 42 B
64 B 42ms
39ms Image
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuuM6U-k_i9KBioxVQFHpsJq8kfcgYpSIpnZ4HA_UKVk8RXgcaSk7f8IN1rbxIoN3LG2K0ehpquDZupXa8ZzWXAGiwiztIX-1G27oJWV3g&sig=Cg0ArKJSzBVgkPFvSy7gEAE&id=lidarv&acvw=sv%3D894%26cb%3Dj%26e%3D15%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,343,610%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D15042%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D275%26ic%3D274%26cs%3D274%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D2156%26femvt%3D0%26emc%3D2%26emuc%3D0%26emb%3D1,0,0,0,0%26avms%3Dexc%26qi%3D353618271%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26ptlt%3D1619276426047%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.1%26t%3D1619276425792&avm=1

Requested by

Host: www.tmj4.com
URL: https://www.tmj4.com/news/coronavirus/wisconsins-extended-safer-at-home-order-relaxes-restrictions-on-non-essential-businesses

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Apr 2021 15:00:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 /
pubads.g.doubleclick.net/pagead/interaction/ Frame 5942 42 B
64 B 21ms
19ms Image
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pubads.g.doubleclick.net/pagead/interaction/?ai=B1YtIiTKEYIKSBsmT7_UPgcCQoAGahfLzRQAAABABIL2i3h84AFip5KGwgwRgleKQgqAHsgEMd3d3LnRtajQuY29tugEKMXgxMDAwX3htbMgBBdoBFWh0dHBzOi8vd3d3LnRtajQuY29tL5gCmHXAAgLgAgDqAiYvNjA4OC9zc3AudG1qNC9uZXdzL2Nvcm9uYXZpcnVzL2RldGFpbPgCgdIekAPIBpgD4AOoAwHgBAHSBQYQyMH94xSQBgGgBiOoB-zVG6gH89EbqAeW2BvYBwHgBw_SCAkIgOGAEBABGB3YCAKACgWYCwE&sigh=dgec9gaba9U&label=part2viewed&ad_mt=0&acvw=sv%3D894%26cb%3Dj%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,343,610%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D15042%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D275%26i0%3D275%26ic%3D0%26cs%3D274%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D2156%26femvt%3D0%26emc%3D2%26emuc%3D0%26emb%3D1,0,0,0,0%26avms%3Dexc%26qi%3D353618271%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26ptlt%3D1619276426051%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.1%26t%3D1619276425792&sdkv=h.3.453.0&vci=Cm4IARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgRHREZQIAQqCjU1NzgzODM1NjAyDDEzODM0NTQ3NjY0OUDBBFIrCPIFEBIlAABwQSgBOgtKQVJJWkZTQUI0SUILZ29vZ2xldmlkZW9I1QJQABgB

Requested by

Host: www.tmj4.com
URL: https://www.tmj4.com/news/coronavirus/wisconsins-extended-safer-at-home-order-relaxes-restrictions-on-non-essential-businesses

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Apr 2021 15:00:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 /
pubads.g.doubleclick.net/pagead/interaction/ Frame 5942 42 B
64 B 21ms
19ms Image
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pubads.g.doubleclick.net/pagead/interaction/?ai=B1YtIiTKEYIKSBsmT7_UPgcCQoAGahfLzRQAAABABIL2i3h84AFip5KGwgwRgleKQgqAHsgEMd3d3LnRtajQuY29tugEKMXgxMDAwX3htbMgBBdoBFWh0dHBzOi8vd3d3LnRtajQuY29tL5gCmHXAAgLgAgDqAiYvNjA4OC9zc3AudG1qNC9uZXdzL2Nvcm9uYXZpcnVzL2RldGFpbPgCgdIekAPIBpgD4AOoAwHgBAHSBQYQyMH94xSQBgGgBiOoB-zVG6gH89EbqAeW2BvYBwHgBw_SCAkIgOGAEBABGB3YCAKACgWYCwE&sigh=dgec9gaba9U&label=admute&ad_mt=0&acvw=sv%3D894%26cb%3Dj%26e%3D10%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,343,610%26tos%3D32,0,0,0,0%26mtos%3D32,32,32,32,32%26amtos%3D0,0,0,0,0%26mcvt%3D32%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D32%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D32%26pst%3D-1%26dur%3D15042%26vmtime%3D-1%26dvs%3D32%26dfvs%3D32%26dvpt%3D32%26is%3D275%26i0%3D275%26ic%3D4096%26cs%3D4370%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D2156%26femvt%3D0%26emc%3D2%26emuc%3D0%26emb%3D1,0,0,0,0%26avms%3Dexc%26qi%3D353618271%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26ptlt%3D1619276426055%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,32,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.1%26t%3D1619276425792&sdkv=h.3.453.0&vci=Cm4IARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgRHREZQIAQqCjU1NzgzODM1NjAyDDEzODM0NTQ3NjY0OUDBBFIrCPIFEBIlAABwQSgBOgtKQVJJWkZTQUI0SUILZ29vZ2xldmlkZW9I1QJQABgB

Requested by

Host: www.tmj4.com
URL: https://www.tmj4.com/news/coronavirus/wisconsins-extended-safer-at-home-order-relaxes-restrictions-on-non-essential-businesses

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Apr 2021 15:00:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 77caabd3-1877-4634-85c8-8e398a093b99.woff2
www.arcgis.com/apps/opsdashboard/assets/fonts/ Frame BE7A 21 KB
21 KB 101ms
101ms Font
binary/octet-stream 18.234.22.28
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.arcgis.com/apps/opsdashboard/assets/fonts/77caabd3-1877-4634-85c8-8e398a093b99.woff2

Requested by

Host: www.arcgis.com
URL: https://www.arcgis.com/apps/opsdashboard/assets/app-dark-ef3d57d5cd2caa1fef4ca4eef9d58c2f.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.234.22.28 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-234-22-28.compute-1.amazonaws.com

Software

AmazonS3 /

Resource Hash

3ec4bde6c46b80e7b398a379cbd8ea5170a6eae708a6978bd90e065da28f6acd

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000

Request headers

Origin: https://www.arcgis.com
Referer: https://www.arcgis.com/apps/opsdashboard/assets/app-dark-ef3d57d5cd2caa1fef4ca4eef9d58c2f.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 15:00:26 GMT
content-encoding: br
last-modified: Tue, 15 Dec 2020 04:44:51 GMT
server: AmazonS3
etag: "261abf29190ff067c5f4852838e8999b"
strict-transport-security: max-age=63072000
content-type: binary/octet-stream
cache-control: max-age=1800
content-security-policy: upgrade-insecure-requests
link: <https://www.arcgis.com/apps/opsdashboard/assets/fonts/77caabd3-1877-4634-85c8-8e398a093b99.woff2>; rel="canonical"
content-length: 21133
x-cached: HIT

GET
H2 200 014f2daa-c310-4a36-b9fd-79a8e0c48d44.woff2
www.arcgis.com/apps/opsdashboard/assets/fonts/ Frame BE7A 22 KB
23 KB 101ms
100ms Font
binary/octet-stream 18.234.22.28
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.arcgis.com/apps/opsdashboard/assets/fonts/014f2daa-c310-4a36-b9fd-79a8e0c48d44.woff2

Requested by

Host: www.arcgis.com
URL: https://www.arcgis.com/apps/opsdashboard/assets/app-dark-ef3d57d5cd2caa1fef4ca4eef9d58c2f.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.234.22.28 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-234-22-28.compute-1.amazonaws.com

Software

AmazonS3 /

Resource Hash

a3fec784d48cbf7e416468ce0f949a2844bd3baed82555b0381b18f6c8258de6

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000

Request headers

Origin: https://www.arcgis.com
Referer: https://www.arcgis.com/apps/opsdashboard/assets/app-dark-ef3d57d5cd2caa1fef4ca4eef9d58c2f.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 15:00:26 GMT
content-encoding: br
last-modified: Tue, 15 Dec 2020 04:44:51 GMT
server: AmazonS3
etag: "318810f79acc3ccf026bb69a8e13a356"
strict-transport-security: max-age=63072000
content-type: binary/octet-stream
cache-control: max-age=1800
content-security-policy: upgrade-insecure-requests
link: <https://www.arcgis.com/apps/opsdashboard/assets/fonts/014f2daa-c310-4a36-b9fd-79a8e0c48d44.woff2>; rel="canonical"
content-length: 22719
x-cached: HIT

GET
H2 200 e78b17bb-11fb-4860-8d66-4ee0d0c1e117.woff2
www.arcgis.com/apps/opsdashboard/assets/fonts/ Frame BE7A 21 KB
22 KB 100ms
99ms Font
binary/octet-stream 18.234.22.28
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.arcgis.com/apps/opsdashboard/assets/fonts/e78b17bb-11fb-4860-8d66-4ee0d0c1e117.woff2

Requested by

Host: www.arcgis.com
URL: https://www.arcgis.com/apps/opsdashboard/assets/app-dark-ef3d57d5cd2caa1fef4ca4eef9d58c2f.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.234.22.28 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-234-22-28.compute-1.amazonaws.com

Software

AmazonS3 /

Resource Hash

f5b4417af8dcc4ebd49452d0d5fa39617038d9b4f790a73f56c57fc4ea20479f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000

Request headers

Origin: https://www.arcgis.com
Referer: https://www.arcgis.com/apps/opsdashboard/assets/app-dark-ef3d57d5cd2caa1fef4ca4eef9d58c2f.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 15:00:26 GMT
content-encoding: br
last-modified: Tue, 15 Dec 2020 04:44:51 GMT
server: AmazonS3
etag: "def67b06fc5e4f3668d411c7446083a8"
strict-transport-security: max-age=63072000
content-type: binary/octet-stream
cache-control: max-age=1800
content-security-policy: upgrade-insecure-requests
link: <https://www.arcgis.com/apps/opsdashboard/assets/fonts/e78b17bb-11fb-4860-8d66-4ee0d0c1e117.woff2>; rel="canonical"
content-length: 21723
x-cached: HIT

GET
H2 200 calcite-ui.woff
www.arcgis.com/apps/opsdashboard/assets/fonts/ Frame BE7A 18 KB
18 KB 100ms
100ms Font
application/font-woff 18.234.22.28
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.arcgis.com/apps/opsdashboard/assets/fonts/calcite-ui.woff

Requested by

Host: www.arcgis.com
URL: https://www.arcgis.com/apps/opsdashboard/assets/app-dark-ef3d57d5cd2caa1fef4ca4eef9d58c2f.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.234.22.28 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-234-22-28.compute-1.amazonaws.com

Software

AmazonS3 /

Resource Hash

c1e944d81c3fcc3f5bd4615878e0d352050ae7fcf9c5d3d4aed7e42b22f1602d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000

Request headers

Origin: https://www.arcgis.com
Referer: https://www.arcgis.com/apps/opsdashboard/assets/app-dark-ef3d57d5cd2caa1fef4ca4eef9d58c2f.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 15:00:26 GMT
content-encoding: br
last-modified: Tue, 15 Dec 2020 04:44:51 GMT
server: AmazonS3
etag: "e516dae4f8d2a23d0e94eab64b5996ea"
strict-transport-security: max-age=63072000
content-type: application/font-woff
cache-control: max-age=0
content-security-policy: upgrade-insecure-requests
link: <https://www.arcgis.com/apps/opsdashboard/assets/fonts/calcite-ui.woff>; rel="canonical"
content-length: 18101
x-cached: HIT

GET
H2 200 pixel.gif
px.moatads.com/ Frame AF08 43 B
260 B 8ms
8ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&pxm=7&vz=-&zp=4&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=https%3A%2F%2Fassets.scrippsdigital.com%2F%2Fcms%2F-&i=SCRIPPSJSIMAINT1&ol=3852000540&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8D4Sq_GVK61%5Dml%22ZzTm!ja8V%22%3BU%5DDTg%7Df%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5tWhX%3C%3Ce%24%26~1%3Axkr%2BUe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3Ft%40yUtKC&th=4007238046&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&rc=2%2C0%2C0%2C0%2C0%2C1%2C0%2C0%2Cprobably%2Cprobably&rb=1-L6SP6bDFBj7g4pVV8xztRIWnSYK6kwU2JeJbBer2APsOGgK%2Ftq%2F3Cytr&sc=1&os=&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=610&qe=343&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&ql=&qo=0&qr=0&bq=8&g=0&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=343&w=610&zGSRC=1&gu=https%3A%2F%2Fwww.tmj4.com%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwww.tmj4.com&lp=https%3A%2F%2Fwww.tmj4.com&t=1619276425098&de=960360889283&cu=1619276425098&m=1055&ar=e4967b0-clean&iw=a9fcec9&cb=0&ym=0&ll=2&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=343&le=1&gm=1&io=1&vv=3&vw=0%3A3%3A0&vp=-&vx=-%3A-%3A-&pe=0%3A880%3A880%3A835%3A831&aa=0&ad=0&cn=0&gk=0&gl=0&hj=0&pv=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1001&cd=0&ah=1001&am=0&dq=220&dr=0&ds=220&dt=0&zx=0&tb=0&vm=0&vl=0&vt=0&vd=0&zMoatSRE=0&zMoatVSD=0&hc=0&er=0&es=0&gs=0&gt=0&eu=0&ev=0&et=1&dz=1&rf=0&re=1&cl=0&at=0&d=-%3A-%3A5578383560%3A138345476649&dfp=0%2C1&la=5578383560&zMoatPL=tmj4.com&zMoatPL2=tmj4.com&bo=tmj4.com&bd=tmj4.com&gw=scrippsjsimavideo263172958560&zMoatOrigSlicer1=__SLICER1__&zMoatOrigSlicer2=__SLICER2__&ab=3&ac=1&fd=1&kt=sframe&it=500&fz=1&or=0&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=189983&na=1625833302&cs=0
Requested by: Host: www.tmj4.com
URL: https://www.tmj4.com/news/coronavirus/wisconsins-extended-safer-at-home-order-relaxes-restrictions-on-non-essential-businesses
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://assets.scrippsdigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Apr 2021 15:00:26 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Sat, 24 Apr 2021 15:00:26 GMT

GET
H2 200 3 Show response
services9.arcgis.com/N9p5hsImWXAccRNI/arcgis/rest/services/Nc2JKvYFoAEOFCG5JSI6/FeatureServer/ Frame BE7A 11 KB
3 KB 33ms
30ms XHR
text/plain 143.204.245.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://services9.arcgis.com/N9p5hsImWXAccRNI/arcgis/rest/services/Nc2JKvYFoAEOFCG5JSI6/FeatureServer/3?f=json

Requested by

Host: js.arcgis.com
URL: https://js.arcgis.com/3.36/init.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.245.14 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-245-14.cph50.r.cloudfront.net

Software

Microsoft-IIS/10.0 /

Resource Hash

2010531392a242368efc64bb9ec889335acae3dd08953b06208b0466cdcae142

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://www.arcgis.com/apps/opsdashboard/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=63072000
content-encoding: br
etag: 771937454
age: 57
x-cache: Hit from cloudfront
content-length: 2311
x-arcgis-instance: MTSDS_Web_IN_0
access-control-allow-origin: *
last-modified: Sat, 24 Apr 2021 14:35:14 GMT
server: Microsoft-IIS/10.0
date: Sat, 24 Apr 2021 14:59:32 GMT
content-type: text/plain; charset=utf-8
via: 1.1 fdf9e7e5ec65d753124196745d150f16.cloudfront.net (CloudFront)
cache-control: public, max-age=30, s-maxage=30
x-arcgis-correlation-id: 00-923be738014ed54495854466329d674c-be5d7380093bea49-00
x-arcgis-trace-id: 923be738014ed54495854466329d674c
x-amz-cf-pop: CPH50-C1
x-amz-cf-id: 5l-sEArtiC9AAyWwEn7PyY_nLrFDckJf8DJYMNQw7iX8foDu_s6t1Q==

GET
H2 200 4 Show response
services9.arcgis.com/N9p5hsImWXAccRNI/arcgis/rest/services/Nc2JKvYFoAEOFCG5JSI6/FeatureServer/ Frame BE7A 8 KB
2 KB 30ms
30ms XHR
text/plain 143.204.245.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://services9.arcgis.com/N9p5hsImWXAccRNI/arcgis/rest/services/Nc2JKvYFoAEOFCG5JSI6/FeatureServer/4?f=json

Requested by

Host: js.arcgis.com
URL: https://js.arcgis.com/3.36/init.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.245.14 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-245-14.cph50.r.cloudfront.net

Software

Microsoft-IIS/10.0 /

Resource Hash

ea84d48942f4e2ddb1c08fcd8dc5d4d5ab2310b5c54a8ddf0300b69ce72392cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://www.arcgis.com/apps/opsdashboard/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=63072000
content-encoding: br
etag: -1773395687
age: 631
x-cache: Hit from cloudfront
content-length: 1932
via: 1.1 fdf9e7e5ec65d753124196745d150f16.cloudfront.net (CloudFront)
x-arcgis-instance: MTSDS_Web_IN_2
last-modified: Sat, 24 Apr 2021 14:35:14 GMT
server: Microsoft-IIS/10.0
date: Sat, 24 Apr 2021 14:49:55 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30, s-maxage=30
x-arcgis-correlation-id: 00-bc064e47e4abc54080c003a3931850b2-6329f1e8cfcfa849-00
x-arcgis-trace-id: bc064e47e4abc54080c003a3931850b2
x-amz-cf-pop: CPH50-C1
x-amz-cf-id: N6fqYwRfN21pWRUszRIY2jIwMWLxPekXnk9eZz5qRhtO_plHk2htaA==

GET
H2 200 2 Show response
services9.arcgis.com/N9p5hsImWXAccRNI/arcgis/rest/services/Nc2JKvYFoAEOFCG5JSI6/FeatureServer/ Frame BE7A 8 KB
2 KB 35ms
30ms XHR
text/plain 143.204.245.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://services9.arcgis.com/N9p5hsImWXAccRNI/arcgis/rest/services/Nc2JKvYFoAEOFCG5JSI6/FeatureServer/2?f=json

Requested by

Host: js.arcgis.com
URL: https://js.arcgis.com/3.36/init.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.245.14 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-245-14.cph50.r.cloudfront.net

Software

Microsoft-IIS/10.0 /

Resource Hash

e6fbf96164ab2fb9bebb98fa3d9ef1620973d7e34e61b8a792a59b604bf958b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://www.arcgis.com/apps/opsdashboard/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=63072000
content-encoding: br
etag: -1557293174
age: 409
x-cache: Hit from cloudfront
content-length: 1965
x-arcgis-instance: MTSDS_Web_IN_3
access-control-allow-origin: *
last-modified: Sat, 24 Apr 2021 14:35:14 GMT
server: Microsoft-IIS/10.0
date: Sat, 24 Apr 2021 14:53:37 GMT
content-type: text/plain; charset=utf-8
via: 1.1 fdf9e7e5ec65d753124196745d150f16.cloudfront.net (CloudFront)
cache-control: public, max-age=30, s-maxage=30
x-arcgis-correlation-id: 00-4a3d3e37dfc4234db340ce6fd1331d61-93fc4085280a0943-00
x-arcgis-trace-id: 4a3d3e37dfc4234db340ce6fd1331d61
x-amz-cf-pop: CPH50-C1
x-amz-cf-id: 4hARAkVcLgbWaD_UHa3s_dfcZSTakfhoCG1fDxf9vnSUJtMWU__uGg==

GET
H2 200 1 Show response
services9.arcgis.com/N9p5hsImWXAccRNI/arcgis/rest/services/Nc2JKvYFoAEOFCG5JSI6/FeatureServer/ Frame BE7A 10 KB
3 KB 31ms
30ms XHR
text/plain 143.204.245.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://services9.arcgis.com/N9p5hsImWXAccRNI/arcgis/rest/services/Nc2JKvYFoAEOFCG5JSI6/FeatureServer/1?f=json

Requested by

Host: js.arcgis.com
URL: https://js.arcgis.com/3.36/init.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.245.14 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-245-14.cph50.r.cloudfront.net

Software

Microsoft-IIS/10.0 /

Resource Hash

7f0def1c829a19e6fedc71b63db8ea4686919a34c0a56f5c1db6f43255bec31c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://www.arcgis.com/apps/opsdashboard/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=63072000
content-encoding: br
etag: 1198053092
age: 505
x-cache: Hit from cloudfront
content-length: 2277
x-arcgis-instance: MTSDS_Web_IN_3
access-control-allow-origin: *
last-modified: Sat, 24 Apr 2021 14:35:24 GMT
server: Microsoft-IIS/10.0
date: Sat, 24 Apr 2021 14:52:01 GMT
content-type: text/plain; charset=utf-8
via: 1.1 fdf9e7e5ec65d753124196745d150f16.cloudfront.net (CloudFront)
cache-control: public, max-age=30, s-maxage=30
x-arcgis-correlation-id: 00-31a17d134666494fbab0898e531c53a8-fe253d755c05be4e-00
x-arcgis-trace-id: 31a17d134666494fbab0898e531c53a8
x-amz-cf-pop: CPH50-C1
x-amz-cf-id: 8Pu8tuTpXcBkFSoOjELenF5_d2ErB3DeHAxlJuLkruY8uac2WAsW9g==

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 15ms
13ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j90&a=1948437090&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.tmj4.com%2Fnews%2Fcoronavirus%2Fwisconsins-extended-safer-at-home-order-relaxes-restrictions-on-non-essential-businesses&ul=en-us&de=UTF-8&dt=Wisconsin%27s%20extended%20Safer%20at%20Home%20order%20relaxes%20restrictions%20on%20non-essential%20businesses&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Videos&ea=Video%20Ad%20Start&el=Safer%20at%20Home%20order%20changes&ev=0&_u=aHjACEAjBAAAAG~&jid=2091534509&gjid=1572900947&cid=2108222984.1619276422&tid=UA-19051957-3&_gid=13361712.1619276426&_r=1&gtm=2wg4e1KZVQWL&cd20=2047&cd21=Ryan%20Jenkins&cd22=&cd23=Coronavirus&cd24=Homepage%20Showcase%2CLocal%20News%2CCoronavirus&cd25=false&z=1666695321

Requested by

Host: d25dfknw9ghxs6.cloudfront.net
URL: https://d25dfknw9ghxs6.cloudfront.net/scsp.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.tmj4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 24 Apr 2021 15:00:26 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.tmj4.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-29 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
22 B 16ms
16ms XHR
text/plain 2a00:1450:400c:c00::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-19051957-29&cid=2108222984.1619276422&jid=600986672&gjid=1730618816&_gid=953076291.1619276422&_u=aHjAiEAjBAAAAG~&z=1580205877

Requested by

Host: d25dfknw9ghxs6.cloudfront.net
URL: https://d25dfknw9ghxs6.cloudfront.net/scsp.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.tmj4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sat, 24 Apr 2021 15:00:26 GMT
content-type: text/plain
access-control-allow-origin: https://www.tmj4.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-29 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
22 B 16ms
16ms XHR
text/plain 2a00:1450:400c:c00::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-40066851-1&cid=2108222984.1619276422&jid=1859251961&gjid=511996283&_gid=953076291.1619276422&_u=aHjAiEAjBAAAAG~&z=701779123

Requested by

Host: d25dfknw9ghxs6.cloudfront.net
URL: https://d25dfknw9ghxs6.cloudfront.net/scsp.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.tmj4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sat, 24 Apr 2021 15:00:26 GMT
content-type: text/plain
access-control-allow-origin: https://www.tmj4.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 6ms
6ms Image
image/gif 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=1948437090&t=event&ni=0&_s=3&dl=https%3A%2F%2Fwww.tmj4.com%2Fnews%2Fcoronavirus%2Fwisconsins-extended-safer-at-home-order-relaxes-restrictions-on-non-essential-businesses&ul=en-us&de=UTF-8&dt=Wisconsin%27s%20extended%20Safer%20at%20Home%20order%20relaxes%20restrictions%20on%20non-essential%20businesses&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Videos&ea=Video%20Ad%20Start&el=Safer%20at%20Home%20order%20changes&ev=0&_u=aHjAiEAjBAAAAG~&jid=600986672&gjid=1730618816&cid=2108222984.1619276422&tid=UA-19051957-29&_gid=953076291.1619276422&gtm=2wg4e1KZVQWL&cd12=2108222984.1619276422&cd20=2047&cd21=Ryan%20Jenkins&cd22=&cd23=Coronavirus&cd24=Homepage%20Showcase%2CLocal%20News%2CCoronavirus&cd25=false&cd30=&cd31=true&cd33=true&z=825008102

Requested by

Host: www.tmj4.com
URL: https://www.tmj4.com/news/coronavirus/wisconsins-extended-safer-at-home-order-relaxes-restrictions-on-non-essential-businesses

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.tmj4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Apr 2021 05:24:01 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 34585
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 7ms
6ms Image
image/gif 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=1948437090&t=event&ni=0&_s=3&dl=https%3A%2F%2Fwww.tmj4.com%2Fnews%2Fcoronavirus%2Fwisconsins-extended-safer-at-home-order-relaxes-restrictions-on-non-essential-businesses&ul=en-us&de=UTF-8&dt=Wisconsin%27s%20extended%20Safer%20at%20Home%20order%20relaxes%20restrictions%20on%20non-essential%20businesses&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Videos&ea=Video%20Ad%20Start&el=Safer%20at%20Home%20order%20changes&ev=0&_u=aHjAiEAjBAAAAG~&jid=1859251961&gjid=511996283&cid=2108222984.1619276422&tid=UA-40066851-1&_gid=953076291.1619276422&gtm=2wg4e1KZVQWL&cd12=2108222984.1619276422&cd20=2047&cd21=Ryan%20Jenkins&cd22=&cd23=Coronavirus&cd24=Homepage%20Showcase%2CLocal%20News%2CCoronavirus&cd25=false&cd30=&cd31=true&cd33=true&cd34=false&z=1380736804

Requested by

Host: www.tmj4.com
URL: https://www.tmj4.com/news/coronavirus/wisconsins-extended-safer-at-home-order-relaxes-restrictions-on-non-essential-businesses

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.tmj4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Apr 2021 05:24:01 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 34585
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

request.php Show response
hal90008.redintelligence.net/ Frame AB38
Redirect Chain

https://hal90008.redintelligence.net/request.php?zone=ajk4xlebn4mw&nw=20&renderingType=javascript&namespace=56cdcefb3a&subid=&uid=39117b375f19d0b0&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...
https://hal90008.redintelligence.net/request.php?zone=ajk4xlebn4mw&nw=20&renderingType=javascript&namespace=56cdcefb3a&subid=&uid=39117b375f19d0b0&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...

2 KB
1 KB

96ms
73ms

Script
application/x-javascript

138.201.63.150
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90008.redintelligence.net/request.php?zone=ajk4xlebn4mw&nw=20&renderingType=javascript&namespace=56cdcefb3a&subid=&uid=39117b375f19d0b0&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=BAAAAAAAAAAAAAAAAAluAA%2F%2F%2F%2F%2F%2F%2BABgCeAJ4Ang&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D4991949398876919303%26mt_id%3D6622332%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D71476084-3287-4400-a031-89dc8adc7e71%26mt_cid%3D71476084-3287-4400-a031-89dc8adc7e71%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCVTQThzKEYPOYG-GLx_APvYy58AzPh46bXMCG2YLGAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi04NDE0NjI3MjgwMDU0NTkzyAEJ4AIAqAMBqgTdAk_Q-Wq-l2jZLPqstVPeaM49kd6vmkZwXGqFI5l3i0oIPqwwoz5m9p-fuFo9aCTPk64PuwYuNA7sGMOhC33vlUl3S7SdW84lLyJNwxsaeDilWRJtB7a0utSpT14K23zZovnFzJEodS1rS6t-1X5AM__6oBKA8T-rbTRExEJiUaPCFvvMurs7QjsW5wvZw0z6wwK5PMSq_rxD0iWJ7iVExwAB8uDWPzu6lfGeUnyMgK--x7Lz9nMY8TrxWEU2n5rWKwrgPV2pYBibBOeomHak1v_TUsv6nWaDkzfJLRTFefxgALx-B4AT51OPomR3nUaG6MEQRTYtkaUu6_s8HQNMkvqwsNY_HeezOu3uQelLSinhGYaQB0WXk3Sw79yB3NtFo3lP_-a2qwYl5r58ACOhvI4A9UXdHgmWOXEuY737DsK1QXrIlbodt4Jgs25CSZQ9Aq-ZC6zdbP3q9NnsL2ngBAGABsrr6dDusIOqiQGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB%2526num%253D1%2526sig%253DAOD64_00mdNJqdMyF0PeRuoW6DattXMdNw%2526client%253Dca-pub-8414627280054593%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fwww.tmj4.com%2F&ancestorOrigins=https%3A%2F%2Fwww.tmj4.com&random=5020761757213&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by: Host: a3a96b9ff0f7528530d1f7c674196848.safeframe.googlesyndication.com
URL: https://a3a96b9ff0f7528530d1f7c674196848.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.150 Ketsch, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache /
Resource Hash: 729d89b3d27ffe142ac86f1854c89a3e1f1dc4e81d4c3255f8edfd026ce54e38

Request headers

Referer: https://a3a96b9ff0f7528530d1f7c674196848.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 24 Apr 2021 15:00:26 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 70161200119445700951389011574008
Connection: close
Content-Type: application/x-javascript; charset=utf-8
Content-Length: 894
Expires: Sat, 24 Apr 2021 16:00:26 +0200

Redirect headers

Pragma: no-cache
Date: Sat, 24 Apr 2021 15:00:26 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=ajk4xlebn4mw&nw=20&renderingType=javascript&namespace=56cdcefb3a&subid=&uid=39117b375f19d0b0&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=BAAAAAAAAAAAAAAAAAluAA%2F%2F%2F%2F%2F%2F%2BABgCeAJ4Ang&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D4991949398876919303%26mt_id%3D6622332%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D71476084-3287-4400-a031-89dc8adc7e71%26mt_cid%3D71476084-3287-4400-a031-89dc8adc7e71%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCVTQThzKEYPOYG-GLx_APvYy58AzPh46bXMCG2YLGAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi04NDE0NjI3MjgwMDU0NTkzyAEJ4AIAqAMBqgTdAk_Q-Wq-l2jZLPqstVPeaM49kd6vmkZwXGqFI5l3i0oIPqwwoz5m9p-fuFo9aCTPk64PuwYuNA7sGMOhC33vlUl3S7SdW84lLyJNwxsaeDilWRJtB7a0utSpT14K23zZovnFzJEodS1rS6t-1X5AM__6oBKA8T-rbTRExEJiUaPCFvvMurs7QjsW5wvZw0z6wwK5PMSq_rxD0iWJ7iVExwAB8uDWPzu6lfGeUnyMgK--x7Lz9nMY8TrxWEU2n5rWKwrgPV2pYBibBOeomHak1v_TUsv6nWaDkzfJLRTFefxgALx-B4AT51OPomR3nUaG6MEQRTYtkaUu6_s8HQNMkvqwsNY_HeezOu3uQelLSinhGYaQB0WXk3Sw79yB3NtFo3lP_-a2qwYl5r58ACOhvI4A9UXdHgmWOXEuY737DsK1QXrIlbodt4Jgs25CSZQ9Aq-ZC6zdbP3q9NnsL2ngBAGABsrr6dDusIOqiQGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB%2526num%253D1%2526sig%253DAOD64_00mdNJqdMyF0PeRuoW6DattXMdNw%2526client%253Dca-pub-8414627280054593%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fwww.tmj4.com%2F&ancestorOrigins=https%3A%2F%2Fwww.tmj4.com&random=5020761757213&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Expires: Sat, 24 Apr 2021 16:00:26 +0200

GET
H2 200 query Show response
services9.arcgis.com/N9p5hsImWXAccRNI/arcgis/rest/services/Nc2JKvYFoAEOFCG5JSI6/FeatureServer/3/ Frame BE7A 382 B
788 B 34ms
33ms XHR
text/plain 143.204.245.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://services9.arcgis.com/N9p5hsImWXAccRNI/arcgis/rest/services/Nc2JKvYFoAEOFCG5JSI6/FeatureServer/3/query?f=json&where=Country_Region%3D%27US%27&returnGeometry=false&spatialRel=esriSpatialRelIntersects&outFields=*&outStatistics=%5B%7B%22statisticType%22%3A%22sum%22%2C%22onStatisticField%22%3A%22Confirmed%22%2C%22outStatisticFieldName%22%3A%22value%22%7D%5D&resultType=standard&cacheHint=true

Requested by

Host: js.arcgis.com
URL: https://js.arcgis.com/3.36/init.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.245.14 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-245-14.cph50.r.cloudfront.net

Software

Microsoft-IIS/10.0 /

Resource Hash

30f11d013cefc63d2c78d3465eef7c6c245ba451ea07e3162640362e2226a865

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://www.arcgis.com/apps/opsdashboard/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=63072000
content-encoding: br
etag: sd197484_620588446
age: 243
x-cache: Hit from cloudfront
x-arcgis-instance: MTSDS_Web_IN_0
access-control-allow-origin: *
last-modified: Sat, 24 Apr 2021 14:35:14 GMT
server: Microsoft-IIS/10.0
date: Sat, 24 Apr 2021 14:56:22 GMT
content-type: text/plain; charset=utf-8
via: 1.1 fdf9e7e5ec65d753124196745d150f16.cloudfront.net (CloudFront)
cache-control: public, max-age=30, s-maxage=30
x-arcgis-correlation-id: 00-36c7272e5b509040a67ce198cf3e0a53-774c4fbd15934d44-00
x-arcgis-trace-id: 36c7272e5b509040a67ce198cf3e0a53
x-amz-cf-pop: CPH50-C1
x-amz-cf-id: XAiqyYaCjb8GtiyuDdiv8n_vQVM5SuoCRGHu9UKskNzF4kWomMjUiw==
x-esri-cache-hint-features: true

GET
H2 200 query Show response
services9.arcgis.com/N9p5hsImWXAccRNI/arcgis/rest/services/Nc2JKvYFoAEOFCG5JSI6/FeatureServer/3/ Frame BE7A 27 KB
5 KB 34ms
33ms XHR
text/plain 143.204.245.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://services9.arcgis.com/N9p5hsImWXAccRNI/arcgis/rest/services/Nc2JKvYFoAEOFCG5JSI6/FeatureServer/3/query?f=json&where=Country_Region%3D%27US%27&returnGeometry=false&spatialRel=esriSpatialRelIntersects&outFields=*&orderByFields=Confirmed%20desc&resultOffset=0&resultRecordCount=60&resultType=standard&cacheHint=true

Requested by

Host: js.arcgis.com
URL: https://js.arcgis.com/3.36/init.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.245.14 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-245-14.cph50.r.cloudfront.net

Software

Microsoft-IIS/10.0 /

Resource Hash

2a4ef1e5f3ca01e5f8c9971311d71b3a3ccd55529425656ed9b2eb550b08e8dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://www.arcgis.com/apps/opsdashboard/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=63072000
content-encoding: br
etag: sd197484_620588446
age: 332
x-cache: Hit from cloudfront
x-arcgis-instance: MTSDS_Web_IN_3
access-control-allow-origin: *
last-modified: Sat, 24 Apr 2021 14:35:14 GMT
server: Microsoft-IIS/10.0
date: Sat, 24 Apr 2021 14:54:54 GMT
content-type: text/plain; charset=utf-8
via: 1.1 fdf9e7e5ec65d753124196745d150f16.cloudfront.net (CloudFront)
cache-control: public, max-age=30, s-maxage=30
x-arcgis-correlation-id: 00-c4f7fbf3c16fa0429aab8f5d375cc9a6-9c68950d949cae40-00
x-arcgis-trace-id: c4f7fbf3c16fa0429aab8f5d375cc9a6
x-amz-cf-pop: CPH50-C1
x-amz-cf-id: OYdGRSoLEGdTKa2XxbVsWBJpvpxSR7SGXL8a-A8mVl_-TLl6kw6lhg==
x-esri-cache-hint-features: true

GET
H2 200 query Show response
services9.arcgis.com/N9p5hsImWXAccRNI/arcgis/rest/services/Nc2JKvYFoAEOFCG5JSI6/FeatureServer/4/ Frame BE7A 3 MB
135 KB 35ms
35ms XHR
text/plain 143.204.245.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://services9.arcgis.com/N9p5hsImWXAccRNI/arcgis/rest/services/Nc2JKvYFoAEOFCG5JSI6/FeatureServer/4/query?f=json&where=UID%20%3C%3E%20840&returnGeometry=false&spatialRel=esriSpatialRelIntersects&outFields=OBJECTID%2CDelta_Deaths%2CReport_Date_String&orderByFields=Report_Date_String%20asc&resultOffset=0&resultRecordCount=32000&resultType=standard&cacheHint=true

Requested by

Host: js.arcgis.com
URL: https://js.arcgis.com/3.36/init.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.245.14 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-245-14.cph50.r.cloudfront.net

Software

Microsoft-IIS/10.0 /

Resource Hash

32d6a58cee780a5389129ec9410976a815e44d4a8430d7e5be24726ff6804af9

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://www.arcgis.com/apps/opsdashboard/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=63072000
content-encoding: br
etag: sd197485_620588446
age: 415
x-cache: Hit from cloudfront
x-arcgis-instance: MTSDS_Web_IN_3
access-control-allow-origin: *
last-modified: Sat, 24 Apr 2021 14:35:14 GMT
server: Microsoft-IIS/10.0
date: Sat, 24 Apr 2021 14:53:31 GMT
content-type: text/plain; charset=utf-8
via: 1.1 fdf9e7e5ec65d753124196745d150f16.cloudfront.net (CloudFront)
cache-control: public, max-age=30, s-maxage=30
x-arcgis-correlation-id: 00-edd9f190f3014b43b1e30c053b57f86b-ff16c834a3fe6148-00
x-arcgis-trace-id: edd9f190f3014b43b1e30c053b57f86b
x-amz-cf-pop: CPH50-C1
x-amz-cf-id: 36vwpQLUT-HMRTasyNlGabZczbrnBdyarTi9flTKWcsETr42IxSKPA==
x-esri-cache-hint-features: true

GET
H2 200 query Show response
services9.arcgis.com/N9p5hsImWXAccRNI/arcgis/rest/services/Nc2JKvYFoAEOFCG5JSI6/FeatureServer/4/ Frame BE7A 3 MB
158 KB 80ms
80ms XHR
text/plain 143.204.245.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://services9.arcgis.com/N9p5hsImWXAccRNI/arcgis/rest/services/Nc2JKvYFoAEOFCG5JSI6/FeatureServer/4/query?f=json&where=UID%20%3C%3E%20840&returnGeometry=false&spatialRel=esriSpatialRelIntersects&outFields=OBJECTID%2CDelta_Confirmed%2CReport_Date_String&orderByFields=Report_Date_String%20asc&resultOffset=0&resultRecordCount=32000&resultType=standard&cacheHint=true

Requested by

Host: js.arcgis.com
URL: https://js.arcgis.com/3.36/init.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.245.14 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-245-14.cph50.r.cloudfront.net

Software

Microsoft-IIS/10.0 /

Resource Hash

1d9b4f9d80d659f7bab074ca2a1b2aea309f39b7b26d45b7b0907ee62c36776b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://www.arcgis.com/apps/opsdashboard/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=63072000
content-encoding: br
etag: sd197485_620588446
age: 610
x-cache: Hit from cloudfront
via: 1.1 fdf9e7e5ec65d753124196745d150f16.cloudfront.net (CloudFront)
x-arcgis-instance: MTSDS_Web_IN_3
last-modified: Sat, 24 Apr 2021 14:35:14 GMT
server: Microsoft-IIS/10.0
date: Sat, 24 Apr 2021 14:50:16 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30, s-maxage=30
x-arcgis-correlation-id: 00-386eb8810c6130488312829622341d67-e46743c0e200604d-00
x-arcgis-trace-id: 386eb8810c6130488312829622341d67
x-amz-cf-pop: CPH50-C1
x-amz-cf-id: Duzy1fBeKiOGoPwwDd8FEFdr0fYqcUcdriHusrellli23CXrcqeq6Q==
x-esri-cache-hint-features: true

GET
H2 200 query Show response
services9.arcgis.com/N9p5hsImWXAccRNI/arcgis/rest/services/Nc2JKvYFoAEOFCG5JSI6/FeatureServer/2/ Frame BE7A 377 B
784 B 97ms
97ms XHR
text/plain 143.204.245.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://services9.arcgis.com/N9p5hsImWXAccRNI/arcgis/rest/services/Nc2JKvYFoAEOFCG5JSI6/FeatureServer/2/query?f=json&where=1%3D1&returnGeometry=false&spatialRel=esriSpatialRelIntersects&outFields=*&outStatistics=%5B%7B%22statisticType%22%3A%22count%22%2C%22onStatisticField%22%3A%22OBJECTID%22%2C%22outStatisticFieldName%22%3A%22value%22%7D%5D&resultType=standard&cacheHint=true

Requested by

Host: js.arcgis.com
URL: https://js.arcgis.com/3.36/init.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.245.14 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-245-14.cph50.r.cloudfront.net

Software

Microsoft-IIS/10.0 /

Resource Hash

d266f6d765103111aaae955bc50d1c979f85ee85adbd1567cad8304b6b013f35

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://www.arcgis.com/apps/opsdashboard/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=63072000
content-encoding: br
etag: sd197483_620588446
age: 287
x-cache: Hit from cloudfront
x-arcgis-instance: MTSDS_Web_IN_2
access-control-allow-origin: *
last-modified: Sat, 24 Apr 2021 14:35:14 GMT
server: Microsoft-IIS/10.0
date: Sat, 24 Apr 2021 14:56:07 GMT
content-type: text/plain; charset=utf-8
via: 1.1 fdf9e7e5ec65d753124196745d150f16.cloudfront.net (CloudFront)
cache-control: public, max-age=30, s-maxage=30
x-arcgis-correlation-id: 00-769b602d6bfb7e449ef9f8a1a1bfad04-b998f45f72076c46-00
x-arcgis-trace-id: 769b602d6bfb7e449ef9f8a1a1bfad04
x-amz-cf-pop: CPH50-C1
x-amz-cf-id: R9v--01Z6xINSehTPhLXBTfosws4gbnuCwC6i-GNUmaHqWseOiNfNg==
x-esri-cache-hint-features: true

GET
H2 200 query Show response
services9.arcgis.com/N9p5hsImWXAccRNI/arcgis/rest/services/Nc2JKvYFoAEOFCG5JSI6/FeatureServer/2/ Frame BE7A 62 KB
14 KB 92ms
91ms XHR
text/plain 143.204.245.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://services9.arcgis.com/N9p5hsImWXAccRNI/arcgis/rest/services/Nc2JKvYFoAEOFCG5JSI6/FeatureServer/2/query?f=json&where=1%3D1&returnGeometry=false&spatialRel=esriSpatialRelIntersects&outFields=*&orderByFields=Confirmed%20desc&resultOffset=0&resultRecordCount=300&resultType=standard&cacheHint=true

Requested by

Host: js.arcgis.com
URL: https://js.arcgis.com/3.36/init.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.245.14 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-245-14.cph50.r.cloudfront.net

Software

Microsoft-IIS/10.0 /

Resource Hash

f6f44038b952c4c1cfe89b2df669d467a4532491b683c290dfef9cd6b2fae79d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://www.arcgis.com/apps/opsdashboard/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=63072000
content-encoding: br
etag: sd197483_620588446
age: 482
x-cache: Hit from cloudfront
x-arcgis-instance: MTSDS_Web_IN_0
access-control-allow-origin: *
last-modified: Sat, 24 Apr 2021 14:35:14 GMT
server: Microsoft-IIS/10.0
date: Sat, 24 Apr 2021 14:52:43 GMT
content-type: text/plain; charset=utf-8
via: 1.1 fdf9e7e5ec65d753124196745d150f16.cloudfront.net (CloudFront)
cache-control: public, max-age=30, s-maxage=30
x-arcgis-correlation-id: 00-970e16182d033246a81768a4a37b8e60-bd3c5538e486e74f-00
x-arcgis-trace-id: 970e16182d033246a81768a4a37b8e60
x-amz-cf-pop: CPH50-C1
x-amz-cf-id: BZyduORLA_qiLbNT6GPbubkUilQ1XeSXXDF2Ye9SqYMqYsGJKdv5Rg==
x-esri-cache-hint-features: true

GET
H2 200 query Show response
services9.arcgis.com/N9p5hsImWXAccRNI/arcgis/rest/services/Nc2JKvYFoAEOFCG5JSI6/FeatureServer/1/ Frame BE7A 381 B
788 B 95ms
94ms XHR
text/plain 143.204.245.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://services9.arcgis.com/N9p5hsImWXAccRNI/arcgis/rest/services/Nc2JKvYFoAEOFCG5JSI6/FeatureServer/1/query?f=json&where=1%3D1&returnGeometry=false&spatialRel=esriSpatialRelIntersects&outFields=*&outStatistics=%5B%7B%22statisticType%22%3A%22sum%22%2C%22onStatisticField%22%3A%22Deaths%22%2C%22outStatisticFieldName%22%3A%22value%22%7D%5D&resultType=standard&cacheHint=true

Requested by

Host: js.arcgis.com
URL: https://js.arcgis.com/3.36/init.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.245.14 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-245-14.cph50.r.cloudfront.net

Software

Microsoft-IIS/10.0 /

Resource Hash

b9cd0c28d08f92929d1c294e2aa09fa17b8d34f872a65aa59c4483ff9d06e67c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://www.arcgis.com/apps/opsdashboard/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=63072000
content-encoding: br
etag: sd197482_983152734
age: 881
x-cache: Hit from cloudfront
via: 1.1 fdf9e7e5ec65d753124196745d150f16.cloudfront.net (CloudFront)
x-arcgis-instance: MTSDS_Web_IN_2
last-modified: Sat, 24 Apr 2021 14:35:24 GMT
server: Microsoft-IIS/10.0
date: Sat, 24 Apr 2021 14:45:44 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30, s-maxage=30
x-arcgis-correlation-id: 00-6fecff91f0dc5f49806a87aebb05d305-69f06db5b6915a42-00
x-arcgis-trace-id: 6fecff91f0dc5f49806a87aebb05d305
x-amz-cf-pop: CPH50-C1
x-amz-cf-id: Vz2fCSYujVU_AhyGw-S7hqOFnzZ9RadFnPBY1CjnZiAQF2MRC8EYvw==
x-esri-cache-hint-features: true

GET
H2 200 query Show response
services9.arcgis.com/N9p5hsImWXAccRNI/arcgis/rest/services/Nc2JKvYFoAEOFCG5JSI6/FeatureServer/1/ Frame BE7A 383 B
789 B 95ms
95ms XHR
text/plain 143.204.245.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://services9.arcgis.com/N9p5hsImWXAccRNI/arcgis/rest/services/Nc2JKvYFoAEOFCG5JSI6/FeatureServer/1/query?f=json&where=1%3D1&returnGeometry=false&spatialRel=esriSpatialRelIntersects&outFields=*&outStatistics=%5B%7B%22statisticType%22%3A%22sum%22%2C%22onStatisticField%22%3A%22Confirmed%22%2C%22outStatisticFieldName%22%3A%22value%22%7D%5D&resultType=standard&cacheHint=true

Requested by

Host: js.arcgis.com
URL: https://js.arcgis.com/3.36/init.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.245.14 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-245-14.cph50.r.cloudfront.net

Software

Microsoft-IIS/10.0 /

Resource Hash

7f2be1b377d41e11e513011f672f5c480c9c483ed3fa8b2bba5876ca6e3a739e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://www.arcgis.com/apps/opsdashboard/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=63072000
content-encoding: br
etag: sd197482_983152734
age: 774
x-cache: Hit from cloudfront
via: 1.1 fdf9e7e5ec65d753124196745d150f16.cloudfront.net (CloudFront)
x-arcgis-instance: MTSDS_Web_IN_1
last-modified: Sat, 24 Apr 2021 14:35:24 GMT
server: Microsoft-IIS/10.0
date: Sat, 24 Apr 2021 14:47:32 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30, s-maxage=30
x-arcgis-correlation-id: 00-60abb10a3f03264ca33fb30bf3295776-827f37fd0248c843-00
x-arcgis-trace-id: 60abb10a3f03264ca33fb30bf3295776
x-amz-cf-pop: CPH50-C1
x-amz-cf-id: oZvySk3Sn47YQegXaAglFG1bWEqcvJNNgyalP1AW64Q8bGyZb-Tbqw==
x-esri-cache-hint-features: true

GET
H2 200 pixel.gif
px.moatads.com/ Frame AF08 43 B
260 B 9ms
9ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=29&q=0&hp=1&pxm=7&vz=-&zp=4&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=SCRIPPSJSIMAINT1&ol=3852000540&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8D4Sq_GVK61%5Dml%22ZzTm!ja8V%22%3BU%5DDTg%7Df%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5tWhX%3C%3Ce%24%26~1%3Axkr%2BUe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3Ft%40yUtKC&th=4007238046&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&rc=2%2C0%2C0%2C0%2C0%2C1%2C0%2C0%2Cprobably%2Cprobably&rb=1-L6SP6bDFBj7g4pVV8xztRIWnSYK6kwU2JeJbBer2APsOGgK%2Ftq%2F3Cytr&sc=1&os=&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=610&qe=343&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&ql=&qo=0&qr=0&bq=8&g=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=343&w=610&zGSRC=1&gu=https%3A%2F%2Fwww.tmj4.com%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwww.tmj4.com&lp=https%3A%2F%2Fwww.tmj4.com&t=1619276425098&de=960360889283&cu=1619276425098&m=1058&ar=e4967b0-clean&iw=a9fcec9&cb=0&ym=0&ll=2&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=343&le=1&gm=1&io=1&vv=3&vw=0%3A3%3A0&vp=-&vx=-%3A-%3A-&pe=0%3A880%3A880%3A835%3A831&aa=0&ad=0&cn=0&gk=0&gl=0&hj=0&pv=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1001&cd=1001&ah=1001&am=1001&dq=220&dr=220&ds=220&dt=220&zx=0&tb=0&vm=0&vl=0&vt=0&vd=0&zMoatSRE=0&zMoatVSD=0&hc=0&er=0&es=0&gs=0&gt=0&eu=0&ev=0&et=1&dz=1&ef=0&rf=0&re=1&cl=0&at=0&d=-%3A-%3A5578383560%3A138345476649&dfp=0%2C1&la=5578383560&zMoatPL=tmj4.com&zMoatPL2=tmj4.com&bo=tmj4.com&bd=tmj4.com&gw=scrippsjsimavideo263172958560&zMoatOrigSlicer1=__SLICER1__&zMoatOrigSlicer2=__SLICER2__&ab=3&ac=1&fd=1&kt=sframe&it=500&fz=1&or=0&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=189983&na=148350405&cs=0
Requested by: Host: www.tmj4.com
URL: https://www.tmj4.com/news/coronavirus/wisconsins-extended-safer-at-home-order-relaxes-restrictions-on-non-essential-businesses
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://assets.scrippsdigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Apr 2021 15:00:26 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Sat, 24 Apr 2021 15:00:26 GMT

GET
H3-29 206 file.webm
r10---sn-4g5e6nzy.gvt1.com/videoplayback/id/54a06471f87f2f12/itag/43/source/gfp_video_ads/requiressl/yes/acao/yes/mime/video%2Fwebm/ctier/L/ip/0.0.0.0/ipbits/0/expire/1619298025/sparams/acao,ctier,... Frame AF08 1 MB
1 MB 9ms
8ms Media
video/webm 2a00:1450:4001:c::a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.tmj4.com
URL: https://www.tmj4.com/news/coronavirus/wisconsins-extended-safer-at-home-order-relaxes-restrictions-on-non-essential-businesses

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:c::a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

4d59a6c3df1fe09ee0b4cceee83f461186cd7cf4243ca30c2523c74f82725fe7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://assets.scrippsdigital.com/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=131072-

Response headers

date: Sat, 24 Apr 2021 15:00:26 GMT
x-content-type-options: nosniff
last-modified: Mon, 05 Apr 2021 18:36:56 GMT
server: gvs 1.0
vary: Origin
content-type: video/webm
Content-Range: bytes 131072-1471912/1471913
client-protocol: quic
cache-control: private, max-age=21299
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 1340841
expires: Sat, 24 Apr 2021 15:00:26 GMT

GET
H2 200 pixel.gif
px.moatads.com/ Frame AF08 43 B
260 B 9ms
9ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=0&hp=1&pxm=7&vz=-&zp=4&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=SCRIPPSJSIMAINT1&ol=3852000540&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8D4Sq_GVK61%5Dml%22ZzTm!ja8V%22%3BU%5DDTg%7Df%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5tWhX%3C%3Ce%24%26~1%3Axkr%2BUe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3Ft%40yUtKC&th=4007238046&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&rc=2%2C0%2C0%2C0%2C0%2C1%2C0%2C0%2Cprobably%2Cprobably&rb=1-L6SP6bDFBj7g4pVV8xztRIWnSYK6kwU2JeJbBer2APsOGgK%2Ftq%2F3Cytr&sc=1&os=&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=610&qe=343&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&ql=&qo=0&qr=0&vf=1&vg=100&bq=8&g=2&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=343&w=610&zGSRC=1&gu=https%3A%2F%2Fwww.tmj4.com%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwww.tmj4.com&lp=https%3A%2F%2Fwww.tmj4.com&t=1619276425098&de=960360889283&cu=1619276425098&m=1818&ar=e4967b0-clean&iw=a9fcec9&cb=0&ym=0&ll=2&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=343&le=1&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A880%3A880%3A835%3A831&aa=0&ad=367&cn=0&gk=367&gl=0&ez=1&cq=0&hj=0&pv=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1042&cd=1001&ah=1042&am=1001&dq=261&dr=220&ds=261&dt=220&zx=0&tb=0&fc=1&fk=1&vm=0&vl=0&vt=0&vd=0&zMoatSRE=0&zMoatVSD=0&hc=0&er=0&es=0&gs=0&gt=0&eu=0&ev=0&et=1&dz=1&ef=0&rf=0&re=1&cl=0&at=0&d=-%3A-%3A5578383560%3A138345476649&dfp=0%2C1&la=5578383560&zMoatPL=tmj4.com&zMoatPL2=tmj4.com&bo=tmj4.com&bd=tmj4.com&gw=scrippsjsimavideo263172958560&zMoatOrigSlicer1=__SLICER1__&zMoatOrigSlicer2=__SLICER2__&ab=3&ac=1&fd=1&kt=sframe&it=500&fz=1&or=0&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=189983&na=583656936&cs=0
Requested by: Host: www.tmj4.com
URL: https://www.tmj4.com/news/coronavirus/wisconsins-extended-safer-at-home-order-relaxes-restrictions-on-non-essential-businesses
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://assets.scrippsdigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Apr 2021 15:00:26 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Sat, 24 Apr 2021 15:00:26 GMT

GET
H/1.1 200
OK SPug Show response
simage4.pubmatic.com/AdServer/ Frame 3C46 0
418 B 309ms
15ms Script
text/plain 185.64.189.114
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage4.pubmatic.com/AdServer/SPug?partnerID=156319&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 24 Apr 2021 15:00:25 GMT
Cache-Control: no-store, no-cache, private
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame C978 42 B
64 B 29ms
15ms Fetch
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvtGXQLKUohARjyMEIIhr9cAI9NGfdzd2UPSJcG0FV0CN4gNkh1DBjCS3JUtrjOVKjwQbVhsg3RmpcqtGLEDQviX5qXkDC1ZONCD7DYDeQ&sig=Cg0ArKJSzGMwJEmPFPL-EAE&id=lidar2&mcvt=1095&p=234,315,484,1285&mtos=1095,1095,1095,1095,1095&tos=1095,0,0,0,0&v=20210421&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=19&adk=2981508986&rs=4&met=mue&la=1&cr=0&osd=1&vs=4&rst=1619276423941&dlt=0&rpt=472&isd=0&msd=0&r=v&fum=1

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tmj4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Apr 2021 15:00:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 982A 42 B
64 B 52ms
40ms Fetch
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuiAl49o6UGzM3Di9Jx__TRPjOUnPT-aJE9quDm4LIwF2Ohwyp1hb2f7IgySuP3iahal26rwzY37m2dfejrHU79f4FoekE92ZScXK8XDU0&sig=Cg0ArKJSzB-w6FW37q6dEAE&id=lidar2&mcvt=1097&p=0,670,250,970&mtos=1097,1097,1097,1097,1097&tos=1097,0,0,0,0&v=20210421&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=19&adk=1279007740&rs=4&met=ce&la=0&cr=0&osd=1&vs=4&rst=1619276424975&dlt=0&rpt=857&isd=0&msd=0&r=v&fum=1

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tmj4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Apr 2021 15:00:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29

200

activityi;dc_pre=CMS95OGSl_ACFdiIdwodmcsA0Q;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2372805976790.5376 Show response
5994599.fls.doubleclick.net/ Frame 7140
Redirect Chain

https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2372805976790.5376?
https://5994599.fls.doubleclick.net/activityi;dc_pre=CMS95OGSl_ACFdiIdwodmcsA0Q;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2372805976790.5376?

392 B
346 B

25ms
24ms

Document
text/html

142.250.185.166
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5994599.fls.doubleclick.net/activityi;dc_pre=CMS95OGSl_ACFdiIdwodmcsA0Q;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2372805976790.5376?

Requested by

Host: www.tmj4.com
URL: https://www.tmj4.com/news/coronavirus/wisconsins-extended-safer-at-home-order-relaxes-restrictions-on-non-essential-businesses

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f6.1e100.net

Software

cafe /

Resource Hash

d302ebe868124a246d8b2463b3c96f6d5e745231c38d9957f1f0943bef542e93

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 5994599.fls.doubleclick.net
:scheme: https
:path: /activityi;dc_pre=CMS95OGSl_ACFdiIdwodmcsA0Q;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2372805976790.5376?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://a3a96b9ff0f7528530d1f7c674196848.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUkvCe6hKYHcvQYHQGdTBhk2HoGsXlp7j6gdeiV4GC1MV6pFSZUp58FqzHyR9rA; test_cookie=CheckForPermission; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://a3a96b9ff0f7528530d1f7c674196848.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 24 Apr 2021 15:00:27 GMT
expires: Sat, 24 Apr 2021 15:00:27 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 323
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 24 Apr 2021 15:00:26 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://5994599.fls.doubleclick.net/activityi;dc_pre=CMS95OGSl_ACFdiIdwodmcsA0Q;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2372805976790.5376?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK request_content.php Show response
hal90008.redintelligence.net/ Frame 8773 6 KB
2 KB 287ms
12ms Document
text/html 138.201.63.150
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90008.redintelligence.net/request_content.php?s=70161200119445700951389011574008&a=9828d99d
Requested by: Host: hal90008.redintelligence.net
URL: https://hal90008.redintelligence.net/request.php?zone=ajk4xlebn4mw&nw=20&renderingType=javascript&namespace=56cdcefb3a&subid=&uid=39117b375f19d0b0&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=BAAAAAAAAAAAAAAAAAluAA%2F%2F%2F%2F%2F%2F%2BABgCeAJ4Ang&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D4991949398876919303%26mt_id%3D6622332%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D71476084-3287-4400-a031-89dc8adc7e71%26mt_cid%3D71476084-3287-4400-a031-89dc8adc7e71%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCVTQThzKEYPOYG-GLx_APvYy58AzPh46bXMCG2YLGAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi04NDE0NjI3MjgwMDU0NTkzyAEJ4AIAqAMBqgTdAk_Q-Wq-l2jZLPqstVPeaM49kd6vmkZwXGqFI5l3i0oIPqwwoz5m9p-fuFo9aCTPk64PuwYuNA7sGMOhC33vlUl3S7SdW84lLyJNwxsaeDilWRJtB7a0utSpT14K23zZovnFzJEodS1rS6t-1X5AM__6oBKA8T-rbTRExEJiUaPCFvvMurs7QjsW5wvZw0z6wwK5PMSq_rxD0iWJ7iVExwAB8uDWPzu6lfGeUnyMgK--x7Lz9nMY8TrxWEU2n5rWKwrgPV2pYBibBOeomHak1v_TUsv6nWaDkzfJLRTFefxgALx-B4AT51OPomR3nUaG6MEQRTYtkaUu6_s8HQNMkvqwsNY_HeezOu3uQelLSinhGYaQB0WXk3Sw79yB3NtFo3lP_-a2qwYl5r58ACOhvI4A9UXdHgmWOXEuY737DsK1QXrIlbodt4Jgs25CSZQ9Aq-ZC6zdbP3q9NnsL2ngBAGABsrr6dDusIOqiQGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB%2526num%253D1%2526sig%253DAOD64_00mdNJqdMyF0PeRuoW6DattXMdNw%2526client%253Dca-pub-8414627280054593%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fwww.tmj4.com%2F&ancestorOrigins=https%3A%2F%2Fwww.tmj4.com&random=5020761757213&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.150 Ketsch, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache /
Resource Hash: 8a000454303ae67eaae8a11198cc868386637b02dbbec0e0435926baa315239c

Request headers

Host: hal90008.redintelligence.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://a3a96b9ff0f7528530d1f7c674196848.safeframe.googlesyndication.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: 8lcfmzhxc8d6_uid=7da4b799c2373112
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://a3a96b9ff0f7528530d1f7c674196848.safeframe.googlesyndication.com/

Response headers

Date: Sat, 24 Apr 2021 15:00:27 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Expires: Sat, 24 Apr 2021 16:00:27 +0200
Pragma: no-cache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2104
Connection: close
Content-Type: text/html; charset=utf-8

GET
H2 200 action.json Show response
yummy.consumable.com/8766/cnsmbl-container-300x250-ads/js/ Frame 445F 2 B
456 B 545ms
424ms XHR
application/json 13.33.139.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yummy.consumable.com/8766/cnsmbl-container-300x250-ads/js/action.json?ac=IMPRESSION&fp=&ts=1619276426969&tba=0&et=0&furl=&dd=0&vi=true&vd=0&sid=5a82fe1c-8823-4096-ced7-09f0507081f7&cb=1619276426969&hr=https%3A%2F%2Fwww.tmj4.com%2Fnews%2Fcoronavirus%2Fwisconsins-extended-safer-at-home-order-relaxes-restrictions-on-non-essential-businesses&hn=www.tmj4.com&pl=
Requested by: Host: yummy.consumable.com
URL: https://yummy.consumable.com/8766/cnsmbl-container-300x250-ads/widget/iframe.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.139.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-139-93.cph50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.tmj4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 15:00:28 GMT
via: 1.1 91dfa0ccf808a1c0b41f43736ca93f80.cloudfront.net (CloudFront)
last-modified: Tue, 03 Nov 2020 23:01:02 GMT
server: AmazonS3
x-amz-cf-pop: CPH50-C2
etag: "d751713988987e9331980363e24189ce"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, HEAD
content-type: application/json
access-control-allow-origin: *
access-control-max-age: 60
x-cache: RefreshHit from cloudfront
accept-ranges: bytes
content-length: 2
x-amz-cf-id: hiBnEgFkCh_eCkzIibX5R-sCFDEFZMGmzZP7D2XqX5n0Mr7khwmURQ==

POST
H2 200 v2 Show response
e.serverbid.com/api/ Frame 445F 16 B
166 B 99ms
99ms XHR
application/json 134.209.131.220
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://e.serverbid.com/api/v2
Requested by: Host: yummy.consumable.com
URL: https://yummy.consumable.com/8766/cnsmbl-container-300x250-ads/widget/iframe.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 134.209.131.220 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: 903eb8f1cc364e01930ba03579f049a72794aa91d1a5842a2edb6365e436bb7c

Request headers

Referer: https://www.tmj4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.tmj4.com
date: Sat, 24 Apr 2021 15:00:27 GMT
access-control-allow-credentials: true
content-length: 16
vary: Origin
content-type: application/json

GET
H3-29 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 233A 1 KB
749 B 7ms
6ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: a3a96b9ff0f7528530d1f7c674196848.safeframe.googlesyndication.com
URL: https://a3a96b9ff0f7528530d1f7c674196848.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://a3a96b9ff0f7528530d1f7c674196848.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://a3a96b9ff0f7528530d1f7c674196848.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sat, 24 Apr 2021 06:38:34 GMT
expires: Sun, 25 Apr 2021 06:38:34 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
cache-control: public, max-age=86400
age: 30113
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 ff983cd0-6c28-474c-9cc4-7a5281d11e05.js Show response
d2s8wlbatk24s7.cloudfront.net/service/js/ Frame AB38 48 KB
16 KB 8ms
8ms XHR
application/javascript 2600:9000:21f3:f200:d:77c3:2dc0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2s8wlbatk24s7.cloudfront.net/service/js/ff983cd0-6c28-474c-9cc4-7a5281d11e05.js
Requested by: Host: includemodal.global.ssl.fastly.net
URL: https://includemodal.global.ssl.fastly.net/pw.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:f200:d:77c3:2dc0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: e412d030d3c3190d3d15fc6d1b5aff09c1c6d62a60f452b96c3e370520ad93ad

Request headers

Referer: https://a3a96b9ff0f7528530d1f7c674196848.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 13:03:53 GMT
content-encoding: gzip
server: nginx/1.10.3 (Ubuntu)
age: 6994
vary: Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 14400
cache-control: public, max-age=14400
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA2-C2
access-control-allow-headers: *
x-amz-cf-id: fPkV6SedV3jyo7VdWUcZa4ZTb6x8j8dFIZqiNlDxe8HWfmLpEliIqA==
via: 1.1 debe291145dc27044f50d04bac101cd9.cloudfront.net (CloudFront)

GET
H2 200 /
includemodal.com/service/imp/ff983cd0-6c28-474c-9cc4-7a5281d11e05/ Frame AB38 42 B
132 B 116ms
116ms Image
image/gif 18.216.222.118
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://includemodal.com/service/imp/ff983cd0-6c28-474c-9cc4-7a5281d11e05/?rand=789618&referer=https://www.tmj4.com/
Requested by: Host: a3a96b9ff0f7528530d1f7c674196848.safeframe.googlesyndication.com
URL: https://a3a96b9ff0f7528530d1f7c674196848.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.216.222.118 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-216-222-118.us-east-2.compute.amazonaws.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://a3a96b9ff0f7528530d1f7c674196848.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 15:00:27 GMT
server: nginx/1.10.3 (Ubuntu)
content-length: 42
content-type: image/gif

GET
DATA 200
OK truncated
/ Frame AB38 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3c2c68bf0d2455bb75b74413bf0d81d0e3128d6a1a7e6c9f3cd82bc9ed11ec8e

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK img
sync.mathtag.com/misc/ Frame AB38 43 B
504 B 311ms
22ms Image
image/gif 185.29.132.144
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.mathtag.com/misc/img?mm_bnc&gdpr=1&gdpr_consent=BAAAAAAAAAAAAAAAAAluAA//////+ABgCeAJ4Ang&bcdv=0
Requested by: Host: a3a96b9ff0f7528530d1f7c674196848.safeframe.googlesyndication.com
URL: https://a3a96b9ff0f7528530d1f7c674196848.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.132.144 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MT3 3660 495c301 master zrh-pixel-x4 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://a3a96b9ff0f7528530d1f7c674196848.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 24 Apr 2021 15:00:27 GMT
Server: MT3 3660 495c301 master zrh-pixel-x4
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 43
Expires: Sat, 24 Apr 2021 15:00:26 GMT

GET
H2 200 log.gif
includemodal.com/static/ Frame AB38 42 B
199 B 113ms
112ms Image
image/gif 18.216.222.118
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://includemodal.com/static/log.gif?logger=4&token=acc937ab-7d22-424d-ab59-a49de99ada50&url=https://hal9000.redintelligence.net/zone/ajk4xlebn4mw%3F&o=https://www.tmj4.com/
Requested by: Host: a3a96b9ff0f7528530d1f7c674196848.safeframe.googlesyndication.com
URL: https://a3a96b9ff0f7528530d1f7c674196848.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.216.222.118 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-216-222-118.us-east-2.compute.amazonaws.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://a3a96b9ff0f7528530d1f7c674196848.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 15:00:27 GMT
last-modified: Thu, 26 Sep 2019 18:10:35 GMT
server: nginx/1.10.3 (Ubuntu)
accept-ranges: bytes
etag: "5d8cff1b-2a"
content-length: 42
content-type: image/gif

GET
H2 200 log.gif
includemodal.com/static/ Frame AB38 42 B
199 B 113ms
113ms Image
image/gif 18.216.222.118
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://includemodal.com/static/log.gif?logger=4&token=acc937ab-7d22-424d-ab59-a49de99ada50&url=https://sync.mathtag.com/sync/js%3Fsync%3Dauto%26amp%253Bsource%3Dbidder%26amp%253Bmt_lim%3D1%26amp%253Btype%3D1%26amp%253Bsynclist%3D4%26amp%253Bgdpr%3D1%26amp%253Bgdpr_consent%3DBAAAAAAAAAAAAAAAAAluAA%252F%252F%252F%252F%252F%252F%2BABgCeAJ4Ang&o=https://www.tmj4.com/
Requested by: Host: a3a96b9ff0f7528530d1f7c674196848.safeframe.googlesyndication.com
URL: https://a3a96b9ff0f7528530d1f7c674196848.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.216.222.118 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-216-222-118.us-east-2.compute.amazonaws.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://a3a96b9ff0f7528530d1f7c674196848.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 15:00:27 GMT
last-modified: Thu, 26 Sep 2019 18:10:35 GMT
server: nginx/1.10.3 (Ubuntu)
accept-ranges: bytes
etag: "5d8cff1b-2a"
content-length: 42
content-type: image/gif

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame 445F 107 B
165 B 15ms
14ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.tmj4.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tmj4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 24 Apr 2021 15:00:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 445F 107 B
165 B 15ms
15ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.tmj4.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tmj4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 24 Apr 2021 15:00:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 445F 35 KB
14 KB 284ms
283ms XHR
text/plain 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3631689589428918&correlator=408760446781868&output=ldjh&impl=fifs&eid=31060789%2C31060825&vrg=2021042001&ptt=17&sc=1&sfv=1-0-38&ecs=20210424&iu_parts=133810016%2CScripps%2Cscripps-8766-cnsmbl-container-300x250-ads-dr-d&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250&prev_scp=rfsh%3D1%26invw%3Dtrue%26rfshtime%3D11&eri=1&cookie_enabled=1&cdm=www.tmj4.com&bc=31&abxe=1&lmt=1619276427&dt=1619276427145&dlt=1619276425844&idt=147&ea=0&frm=23&biw=1600&bih=1200&isw=300&ish=250&oid=3&adxs=985&adys=234&adks=1744008382&ucis=3utqimwwhme&ifi=1&ifk=1078239775&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=4&url=https%3A%2F%2Fwww.tmj4.com%2Fnews%2Fcoronavirus%2Fwisconsins-extended-safer-at-home-order-relaxes-restrictions-on-non-essential-businesses&top=https%3A%2F%2Fwww.tmj4.com%2Fnews%2Fcoronavirus%2Fwisconsins-extended-safer-at-home-order-relaxes-restrictions-on-non-essential-businesses&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x-1&msz=300x-1&ga_vid=913600349.1619276427&ga_sid=1619276427&ga_hid=1147758924&ga_fc=false&fws=260&ohw=300&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

94851d0a76f234e18f8461f57f3cd16556db7a7c413b9fb890fe89ceb8ad0ff0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tmj4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 15:00:27 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13756
x-xss-protection: 0
google-lineitem-id: 4538451035
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138222539677
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.tmj4.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
405fe409071c52a544271c00a7b1f864.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 445F 0
0 97ms
57ms Other
text/html 2a00:1450:400d:804::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://405fe409071c52a544271c00a7b1f864.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=4
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042001.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400d:804::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.tmj4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-38/html/ Frame 445F 0
0 8ms
6ms Other
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html?n=4
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042001.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.tmj4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 dc_pre=CMS95OGSl_ACFdiIdwodmcsA0Q;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2372805976790.5376
adservice.google.com/ddm/fls/z/ Frame 7140 42 B
63 B 42ms
42ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CMS95OGSl_ACFdiIdwodmcsA0Q;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2372805976790.5376

Requested by

Host: 5994599.fls.doubleclick.net
URL: https://5994599.fls.doubleclick.net/activityi;dc_pre=CMS95OGSl_ACFdiIdwodmcsA0Q;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2372805976790.5376?

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5994599.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Apr 2021 15:00:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame 233A 35 B
462 B 11ms
7ms Image
image/gif 2620:116:800d:21:5a23:9c4e:e774:96c1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEDALupr11z8BA82RpXQB2-g&google_cver=1&google_push=AQvitUIco50_0pGUTNAEiOlQ37DbL0vstfYT4rWT2qqvU6OGmvOoSRll1ROwKxeBxZIDXBOiL3cqF3GNo5H_y0D8Pjm5EkhpiCip

Requested by

Host: a3a96b9ff0f7528530d1f7c674196848.safeframe.googlesyndication.com
URL: https://a3a96b9ff0f7528530d1f7c674196848.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:5a23:9c4e:e774:96c1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Apr 2021 15:00:27 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 233A 70 B
264 B 33ms
29ms Image
image/gif 52.30.50.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEOgEUI5FL73lT7cw08wGusw&google_cver=1&google_push=AQvitUIrVd0J1jhf6YhhKrfxykKmrTEIuBjt3n7K_g_KmRb-0RqfTXXYIaj6xevYeI93BrjzNhJaJehkjMcnupv5eGnMuQM7Dl9Y
Requested by: Host: a3a96b9ff0f7528530d1f7c674196848.safeframe.googlesyndication.com
URL: https://a3a96b9ff0f7528530d1f7c674196848.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.30.50.112 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Apr 2021 15:00:27 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 233A
Redirect Chain

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEEiO_F3vlsXLuJkdLrtknZU&google_cver=1&google_push=AQvitUI6gdsiu0gBTgdJP4q5WhxmsDZgXBMU5PxUBNWyFmD4jSFrqZ8zRZhHYudt4oSL9kaHo91okjEpXrg...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AQvitUI6gdsiu0gBTgdJP4q5WhxmsDZgXBMU5PxUBNWyFmD4jSFrqZ8zRZhHYudt4oSL9kaHo91okjEpXrgvgJEC9knKzerzF1EQ&google_hm=NASC_-Q4RwmMTkAhSfQB8rw

170 B
188 B

17ms
17ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AQvitUI6gdsiu0gBTgdJP4q5WhxmsDZgXBMU5PxUBNWyFmD4jSFrqZ8zRZhHYudt4oSL9kaHo91okjEpXrgvgJEC9knKzerzF1EQ&google_hm=NASC_-Q4RwmMTkAhSfQB8rw

Requested by

Host: a3a96b9ff0f7528530d1f7c674196848.safeframe.googlesyndication.com
URL: https://a3a96b9ff0f7528530d1f7c674196848.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Apr 2021 15:00:27 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 24 Apr 2021 15:00:26 GMT
via: 1.1 google
server: Apache-Coyote/1.1
status: 302
p3p: CP="NOI DSP COR NID CUR OUR NOR"
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AQvitUI6gdsiu0gBTgdJP4q5WhxmsDZgXBMU5PxUBNWyFmD4jSFrqZ8zRZhHYudt4oSL9kaHo91okjEpXrgvgJEC9knKzerzF1EQ&google_hm=NASC_-Q4RwmMTkAhSfQB8rw
cache-control: no-cache, must-revalidate
content-type: text/html;charset=UTF-8
alt-svc: clear
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET match
um.wbtrk.net/doubleclick/user/ Frame 233A 0
0

GET
H2 200 dot.gif
s0.2mdn.net/ Frame 233A 43 B
175 B 17ms
14ms Image
image/gif 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dot.gif?google_gid=CAESEP-ZGVaZp-jfoBzp6GDsHZM&google_cver=1&google_push=AQvitUIb7hodwhUJJW1OIiU-opPgzpF8fR0-TYg6Zs85VEsJ9NZx2-rRJWyACmO8xLlkbpeQ3eWzhEmEsICuz3EbV7Yn8sTDD6F5

Requested by

Host: a3a96b9ff0f7528530d1f7c674196848.safeframe.googlesyndication.com
URL: https://a3a96b9ff0f7528530d1f7c674196848.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 15:00:27 GMT
x-content-type-options: nosniff
last-modified: Sun, 01 Feb 2009 08:00:00 GMT
server: sffe
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
expires: Sun, 25 Apr 2021 15:00:27 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 233A
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEMktL4oexxiMkuGaDj3_1uo&google_cver=1&google_push=AQvitUKROQeOdMSAWMjCs-sb5Oe5ZehOOx36FjWTWMx7jWEBHAEs_BNPKA-NOScefZYg0FoKc9mu_tbx...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEMktL4oexxiMkuGaDj3_1uo&google_cver=1&google_push=AQvitUKROQeOdMSAWMjCs-sb5Oe5ZehOOx36FjWTWMx7jWEBHAEs_BNPKA-NOScefZYg0FoKc9m...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTM4OTI1NDEwMzExNTQ2Mzc2Ng&google_push=AQvitUKROQeOdMSAWMjCs-sb5Oe5ZehOOx36FjWTWMx7jWEBHAEs_BNPKA-NOScefZYg0FoKc9mu_t...

170 B
188 B

16ms
16ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTM4OTI1NDEwMzExNTQ2Mzc2Ng&google_push=AQvitUKROQeOdMSAWMjCs-sb5Oe5ZehOOx36FjWTWMx7jWEBHAEs_BNPKA-NOScefZYg0FoKc9mu_tbxvbgmlDyULHlbzwFYnDA1

Requested by

Host: a3a96b9ff0f7528530d1f7c674196848.safeframe.googlesyndication.com
URL: https://a3a96b9ff0f7528530d1f7c674196848.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Apr 2021 15:00:27 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 24 Apr 2021 15:00:27 GMT
server: nginx
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTM4OTI1NDEwMzExNTQ2Mzc2Ng&google_push=AQvitUKROQeOdMSAWMjCs-sb5Oe5ZehOOx36FjWTWMx7jWEBHAEs_BNPKA-NOScefZYg0FoKc9mu_tbxvbgmlDyULHlbzwFYnDA1
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 233A
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEI...
https://sync.targeting.unrulymedia.com/csync/RX-8d25ab97-ac2c-4190-bb12-53bee023be24-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAQvitULctARqG7psnQstTqRVz...
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AQvitULctARqG7psnQstTqRVzu2YvBbfPMVBufOxz877h0l6jRMjUnNJOIml0ur-51bgYJMeAVx3lJ3wWsJ4xDsUKPVSsc8ruJlD&google_hm=A40lq5esLEGQuxJTvuAjviQ
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AQvitULctARqG7psnQstTqRVzu2YvBbfPMVBufOxz877h0l6jRMjUnNJOIml0ur-51bgYJMeAVx3lJ3wWsJ4xDsUKPVSsc8ruJlD&google_hm=A40lq5esLEGQuxJTvuAjviQ&g...

170 B
188 B

18ms
17ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AQvitULctARqG7psnQstTqRVzu2YvBbfPMVBufOxz877h0l6jRMjUnNJOIml0ur-51bgYJMeAVx3lJ3wWsJ4xDsUKPVSsc8ruJlD&google_hm=A40lq5esLEGQuxJTvuAjviQ&google_tc=

Requested by

Host: a3a96b9ff0f7528530d1f7c674196848.safeframe.googlesyndication.com
URL: https://a3a96b9ff0f7528530d1f7c674196848.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Apr 2021 15:00:27 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 24 Apr 2021 15:00:27 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AQvitULctARqG7psnQstTqRVzu2YvBbfPMVBufOxz877h0l6jRMjUnNJOIml0ur-51bgYJMeAVx3lJ3wWsJ4xDsUKPVSsc8ruJlD&google_hm=A40lq5esLEGQuxJTvuAjviQ&google_tc=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 415
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 233A 0
50 B 18ms
15ms Image
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IH1vMv4NrHmLRdDxunf7G-kgFTk_kAEu1WC-VkyHjlHP6Evn2Phj6u6LskPgWaRXT_yg2l

Requested by

Host: a3a96b9ff0f7528530d1f7c674196848.safeframe.googlesyndication.com
URL: https://a3a96b9ff0f7528530d1f7c674196848.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 15:00:27 GMT
server: HTTP server (unknown)
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 67FB 0
66 B 42ms
40ms Image
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gpt_2021042001&jk=2445690610777572&bg=!lJell9PNAAZUuIlwVLg7ACkAdvg8Wpim4f4233rkbHaWyKYqD_VWIhETLduKro6M_Ft5170nQe7CvQIAAAReUgAAABZoAQeZAlaqaFMG9jIuO5xOrlWCpe-ZHLLQShZAo0rd54I7lgKRP9XlfxAzw_eXUhMYAmRC3aREfEbEJ5p2dy_9EYkWN7rGMHdW5XHhAUqipg-9lnTHra2SyGj7jPI9G_x22G5kt7KK-8yQ-J5-1o0iDUrsbXdBC4ENWM83WeXH7yq6GqSe-RxrtZYLj1So_ox5lCxREeYT3iUftQr2s60DrN5JEWk6pTY5OUWd4oW5mO5KrMX01bzLB9EvvztvEg85u_6X7UxqR7yU63jJ7tz-wLsOT3snEthCKxHS-IQuhntMI_xyWrNfV16ZASklawVCzXoZu02eTPgQMjdlEP-ZcpCLCDv7QJZU-tvsdfGuzmBj9Ntj4hl05zz7XPI4swhdEdZU-PJI2pDuOVIA4N7we-XHy2okOyf3yQpyoNnBDDZhz3CPUyvYjSekysJ6xHKbuj0qVkpBBBH45rXgns2b3r53oLNpdr2h_6wiCqKJHTHQWmT3OrlmZVIbKuJFwFp3U9c3GCKUwbtIL0sHUKiuE8DNgGMoSlmv4-7MwPB2Ms-fQRz5fo2lx2UB-X7R1fFdmb4AfoLFjxZg8vRfbi5QbNuoCzhNFtYNuiLPYBwq1uRC3DROfYWEWPe4Rfy1LZRbsmi9pjSO-BBz5VT0QrQaAMhJhcMtGINEkiMUZ_GQEueYaoRVvGdla6O8xZoF9Wsh9EL4hO-NLM6-fK0QKOpjUM52K6BiH37Qqguo6V6qNA3V4AyoP17U26zVkPHBxfmg6BLBx1O48PWkfjn3epI4_KEPN6ICjoxlaFgA

Requested by

Host: www.tmj4.com
URL: https://www.tmj4.com/news/coronavirus/wisconsins-extended-safer-at-home-order-relaxes-restrictions-on-non-essential-businesses

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tmj4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Apr 2021 15:00:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 query Show response
services9.arcgis.com/N9p5hsImWXAccRNI/arcgis/rest/services/Nc2JKvYFoAEOFCG5JSI6/FeatureServer/4/ Frame BE7A 3 MB
158 KB 33ms
33ms XHR
text/plain 143.204.245.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://services9.arcgis.com/N9p5hsImWXAccRNI/arcgis/rest/services/Nc2JKvYFoAEOFCG5JSI6/FeatureServer/4/query?f=json&where=UID%20%3C%3E%20840&returnGeometry=false&spatialRel=esriSpatialRelIntersects&outFields=OBJECTID%2CDelta_Deaths%2CReport_Date_String&orderByFields=Report_Date_String%20asc&resultOffset=32000&resultRecordCount=32000&resultType=standard&cacheHint=true

Requested by

Host: js.arcgis.com
URL: https://js.arcgis.com/3.36/init.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.245.14 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-245-14.cph50.r.cloudfront.net

Software

Microsoft-IIS/10.0 /

Resource Hash

c98b7d8fd0fc6d7eb8a02ba0ab0bd3c53fb05367fb3efe453a0c163e2b64e8f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://www.arcgis.com/apps/opsdashboard/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=63072000
content-encoding: br
etag: sd197485_620588446
age: 612
x-cache: Hit from cloudfront
via: 1.1 fdf9e7e5ec65d753124196745d150f16.cloudfront.net (CloudFront)
x-arcgis-instance: MTSDS_Web_IN_3
last-modified: Sat, 24 Apr 2021 14:35:14 GMT
server: Microsoft-IIS/10.0
date: Sat, 24 Apr 2021 14:50:15 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30, s-maxage=30
x-arcgis-correlation-id: 00-7bc1f32373e36f4587aba33417f28238-6af036adbb35b74f-00
x-arcgis-trace-id: 7bc1f32373e36f4587aba33417f28238
x-amz-cf-pop: CPH50-C1
x-amz-cf-id: FkZgMXo3SqSUF7YtUX5kmvO8uPbwHu90i3NPIRw-psWGJByN-wRwuw==
x-esri-cache-hint-features: true

GET
H2 200 query Show response
services9.arcgis.com/N9p5hsImWXAccRNI/arcgis/rest/services/Nc2JKvYFoAEOFCG5JSI6/FeatureServer/4/ Frame BE7A 3 MB
194 KB 32ms
32ms XHR
text/plain 143.204.245.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://services9.arcgis.com/N9p5hsImWXAccRNI/arcgis/rest/services/Nc2JKvYFoAEOFCG5JSI6/FeatureServer/4/query?f=json&where=UID%20%3C%3E%20840&returnGeometry=false&spatialRel=esriSpatialRelIntersects&outFields=OBJECTID%2CDelta_Confirmed%2CReport_Date_String&orderByFields=Report_Date_String%20asc&resultOffset=32000&resultRecordCount=32000&resultType=standard&cacheHint=true

Requested by

Host: js.arcgis.com
URL: https://js.arcgis.com/3.36/init.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.245.14 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-245-14.cph50.r.cloudfront.net

Software

Microsoft-IIS/10.0 /

Resource Hash

035503a0a50481982ffcbbfd91fcb529bf21cc5ade9a950463a7dde9f3703dbd

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://www.arcgis.com/apps/opsdashboard/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=63072000
content-encoding: br
etag: sd197485_620588446
age: 610
x-cache: Hit from cloudfront
content-length: 197513
x-arcgis-instance: MTSDS_Web_IN_1
access-control-allow-origin: *
last-modified: Sat, 24 Apr 2021 14:35:14 GMT
server: Microsoft-IIS/10.0
date: Sat, 24 Apr 2021 14:51:05 GMT
content-type: text/plain; charset=utf-8
via: 1.1 fdf9e7e5ec65d753124196745d150f16.cloudfront.net (CloudFront)
cache-control: public, max-age=30, s-maxage=30
x-arcgis-correlation-id: 00-d23fbaa90737c241829e6f1f0603fb54-16efe7bea9e49041-00
x-arcgis-trace-id: d23fbaa90737c241829e6f1f0603fb54
x-amz-cf-pop: CPH50-C1
x-amz-cf-id: kKGV-7MRGz1k1v7b2WwpOpqC4FqWG2zQmkjiewHtwPvpMGRbbEhC3Q==

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame AD44 0
0 42ms
42ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstfB0Y5sPDj566HieY1kvtkCQLKeH_EsKycOsD0pOjVPS30MAcUrPNJugw4aP8S91jJ5oLbobFBx2GKI_NWLxe7hMhTprq8RB6E29lOJFMdE5SEoj2t8hTi470uZD3RCqAEUgSDesnzIWMQkQXBoTsEyriv7rPzp7I34GGDap-9Ber8c5jTe9AUv2G2_uVs_7Wy8UYG_iofbsz0su9YzlwO_xpb19GqBVWroHMkScjuKhHSBEguLC9sHyVtjwY0_n5rtG6WgvRKRMAHRyoY1KEs8U8ahTddZ9PSpAH0nTrjJrmJ7zJb77GsjbC_G2Ah0XYCWoUGDY6PAoJSmFWBfB3tXePnCAlIkLo&sai=AMfl-YS9YQoTKogWQLI1s_uygt4mesDlYjOQT4QW_sHD3JMwQdT5tdAr-B0E9pu_csR45eNofXGBl3QJd5TG2eyKjWOU4cD6qmCb__lG3zJc9eL4nRXC5ASgwWPN8TOFQ1DE&sig=Cg0ArKJSzLBNWq7NyP3GEAE&adurl=

Requested by

Host: www.tmj4.com
URL: https://www.tmj4.com/news/coronavirus/wisconsins-extended-safer-at-home-order-relaxes-restrictions-on-non-essential-businesses

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tmj4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 24 Apr 2021 15:00:27 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Sat, 24 Apr 2021 15:00:27 GMT

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210422/r20110914/ Frame AD44 17 KB
7 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210422/r20110914/abg_lite_fy2019.js

Requested by

Host: www.tmj4.com
URL: https://www.tmj4.com/news/coronavirus/wisconsins-extended-safer-at-home-order-relaxes-restrictions-on-non-essential-businesses

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e9f3358441fb5f83ee3575f81df787bbade8b416b009cbdcbd3b71c8b6f560e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tmj4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 14:57:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 206
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7028
x-xss-protection: 0
server: cafe
etag: 3134275839577271762
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 08 May 2021 14:57:01 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210422/r20110914/client/ Frame AD44 2 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210422/r20110914/client/window_focus_fy2019.js

Requested by

Host: www.tmj4.com
URL: https://www.tmj4.com/news/coronavirus/wisconsins-extended-safer-at-home-order-relaxes-restrictions-on-non-essential-businesses

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tmj4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 14:58:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 146
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 08 May 2021 14:58:01 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame AD44 116 KB
35 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: www.tmj4.com
URL: https://www.tmj4.com/news/coronavirus/wisconsins-extended-safer-at-home-order-relaxes-restrictions-on-non-essential-businesses

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dc015126841eaa9b1b79ee123e13d7d07ad7fe77f22366b05c480eff59a7a25e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tmj4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 15:00:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1619017370605640"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36032
x-xss-protection: 0
expires: Sat, 24 Apr 2021 15:00:27 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame AD44 0
0 14ms
13ms Image
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQEghDCxzZ15vQlPerB1kxgLkaAFi7WQb1m3E_nGhuLD_AxvW2o-T0bqWXjjE9cz10bX4UK
Requested by: Host: www.tmj4.com
URL: https://www.tmj4.com/news/coronavirus/wisconsins-extended-safer-at-home-order-relaxes-restrictions-on-non-essential-businesses
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.tmj4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 5305678281706130699
tpc.googlesyndication.com/simgad/ Frame AD44 49 KB
49 KB 7ms
7ms Image
image/jpeg 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/5305678281706130699

Requested by

Host: www.tmj4.com
URL: https://www.tmj4.com/news/coronavirus/wisconsins-extended-safer-at-home-order-relaxes-restrictions-on-non-essential-businesses

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c9640b4008edd77014c3d31defa43f80015daf003dd0db7e80d4df387b846505

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tmj4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Apr 2021 04:34:59 GMT
x-content-type-options: nosniff
age: 555928
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49847
x-xss-protection: 0
last-modified: Tue, 20 Nov 2018 18:27:49 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 18 Apr 2022 04:34:59 GMT

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 445F 73 KB
28 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4956137c69656045c048a157aaa84859657bbc7744019d26cce6b5bded84cc49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tmj4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 15:00:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1619017352525402"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28270
x-xss-protection: 0
expires: Sat, 24 Apr 2021 15:00:27 GMT

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 445F 9 KB
7 KB 21ms
19ms XHR
application/json 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021042001&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042001.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

72a7f7eb96fc8a3686d558b95ab19d431608f10add39dd66850da690c03a91b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tmj4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 24 Apr 2021 15:00:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6972
x-xss-protection: 0

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 445F 17 KB
6 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042001.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tmj4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 15:00:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616005470650935"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Sat, 24 Apr 2021 15:00:27 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.6.2/ Frame 8773 89 KB
32 KB 9ms
6ms Script
text/javascript 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.6.2/jquery.min.js

Requested by

Host: hal90008.redintelligence.net
URL: https://hal90008.redintelligence.net/request_content.php?s=70161200119445700951389011574008&a=9828d99d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d16d07a0353405fcec95f7efc50a2621bc7425f9a5e8895078396fb0dc460c4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hal90008.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Apr 2021 13:27:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 91957
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32245
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 23 Apr 2022 13:27:50 GMT

GET
H/1.1 200
OK S-728x90.gif
cdn.contentspread.net/24i/content/soberfb/DE/ Frame 8773 24 KB
24 KB 44ms
17ms Image
image/gif 188.138.33.34
GD-EMEA-DC-SXB1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.contentspread.net/24i/content/soberfb/DE/S-728x90.gif
Requested by: Host: hal90008.redintelligence.net
URL: https://hal90008.redintelligence.net/request_content.php?s=70161200119445700951389011574008&a=9828d99d
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 188.138.33.34 Strasbourg, France, ASN8972 (GD-EMEA-DC-SXB1, DE),
Reverse DNS: loft9037.serverprofi24.de
Software: nginx /
Resource Hash: 7c67dc1e9ecce0d3757d97792fd606effaa6fe799ebe7423aff81e26e07900a1

Request headers

Referer: https://hal90008.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 24 Apr 2021 15:00:27 GMT
Last-Modified: Tue, 24 Jul 2018 05:08:56 GMT
Server: nginx
ETag: "5b56b468-5f90"
Content-Type: image/gif
Connection: close
Accept-Ranges: bytes
Content-Length: 24464

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame AD44 0
0 43ms
43ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssdiSKgSOY3eDeT0UKclKqMeVi72zAYW783tfzfgcYQQpi5Mx2nn8FOiOxggBewqtUc-0Qpx1q9DH8GU0APFKGe3RRESxvwpQqJy0sr7_7NRI_IWhD7b3Qb-jDnpSa34L3sYgsKIiuCbP_QhOyTaH1KPmfXrIIuwQmVGxbyRktsZ0C1kw-JmHZAXdhk1TCYt18wv8tnWLygPEwbNSrFFB1AgaJDPZ_RoR0h78mRlG6PSmlFHPBoifnKMXOuN8kGqfhCeE0ox9CzF5STKInKAA4HaTR63BPtiCnaKii5J_zjBAUoK697owWUjZVwLdqRz9O4C2chEq4FSI7d3mcLL-c_mxfPwt9goiOkNw&sai=AMfl-YQFy8DJ8Ov3DNa9BaWZdkn0_fyBoPN-nvlQR2SzL75vapXmjuV3HQ9JEri3Z-O2NSFf-uO-UzCafiWCZdl75MiJAWhIuCi8HevQV9f5KL4Wy0L_xYDwbakBRQzsBXoy&sig=Cg0ArKJSzMYFngnSTYBmEAE&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tmj4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 24 Apr 2021 15:00:27 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Sat, 24 Apr 2021 15:00:27 GMT

GET
DATA 200
OK truncated
/ Frame AD44 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ac94eb65cbe3bfd92b34d936245d978f743ce5c75f5338b74165604a9f028e50

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK viewability Show response
hal90008.redintelligence.net/ Frame 8773 0
150 B 35ms
12ms Script
text/html 138.201.63.150
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90008.redintelligence.net/viewability?s=70161200119445700951389011574008&a=8a15d1ec&vb=m
Requested by: Host: hal90008.redintelligence.net
URL: https://hal90008.redintelligence.net/request_content.php?s=70161200119445700951389011574008&a=9828d99d
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.150 Ketsch, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://hal90008.redintelligence.net/request_content.php?s=70161200119445700951389011574008&a=9828d99d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 24 Apr 2021 15:00:27 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
DATA 200
OK truncated
/ Frame 8773 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/222/ Frame 7740 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/222/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.tmj4.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.tmj4.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Sat, 24 Apr 2021 14:44:08 GMT
expires: Sun, 24 Apr 2022 14:44:08 GMT
last-modified: Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 979
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 pixel.gif
px.moatads.com/ Frame AF08 43 B
260 B 9ms
8ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=5&q=0&hp=1&pxm=7&vz=-&zp=4&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=SCRIPPSJSIMAINT1&ol=3852000540&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8D4Sq_GVK61%5Dml%22ZzTm!ja8V%22%3BU%5DDTg%7Df%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5tWhX%3C%3Ce%24%26~1%3Axkr%2BUe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3Ft%40yUtKC&th=4007238046&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&rc=2%2C0%2C0%2C0%2C0%2C1%2C0%2C0%2Cprobably%2Cprobably&rb=1-L6SP6bDFBj7g4pVV8xztRIWnSYK6kwU2JeJbBer2APsOGgK%2Ftq%2F3Cytr&sc=1&os=&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=610&qe=343&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&ql=&qo=0&qr=0&vf=1&vg=100&bq=8&g=3&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=343&w=610&zGSRC=1&gu=https%3A%2F%2Fwww.tmj4.com%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwww.tmj4.com&lp=https%3A%2F%2Fwww.tmj4.com&t=1619276425098&de=960360889283&cu=1619276425098&m=2598&ar=e4967b0-clean&iw=a9fcec9&cb=0&ym=0&ll=2&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=343&le=1&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A880%3A880%3A835%3A831&aa=1&ad=1147&cn=367&gn=1&gk=1147&gl=367&ez=1&cp=2351&cq=0&cr=1&hj=0&pv=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=2351&cd=1042&ah=2351&am=1042&dq=1570&dr=261&ds=1570&dt=261&zx=0&tb=0&fc=1&fk=1&vm=1&vl=0&vt=57&vd=0&zMoatSRE=0.10897395833333333&zMoatVSD=15&hc=0&er=0&es=0&gs=0&gt=0&eu=0&ev=0&et=1&dz=1&ef=0&rf=0&re=1&cl=0&at=0&d=-%3A-%3A5578383560%3A138345476649&dfp=0%2C1&la=5578383560&zMoatPL=tmj4.com&zMoatPL2=tmj4.com&bo=tmj4.com&bd=tmj4.com&gw=scrippsjsimavideo263172958560&zMoatOrigSlicer1=__SLICER1__&zMoatOrigSlicer2=__SLICER2__&ab=3&ac=1&fd=1&kt=sframe&it=500&fz=1&or=0&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=189983&na=1530422991&cs=0
Requested by: Host: www.tmj4.com
URL: https://www.tmj4.com/news/coronavirus/wisconsins-extended-safer-at-home-order-relaxes-restrictions-on-non-essential-businesses
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://assets.scrippsdigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Apr 2021 15:00:27 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Sat, 24 Apr 2021 15:00:27 GMT

GET
H2 200 pixel.gif
px.moatads.com/ Frame AF08 43 B
260 B 11ms
11ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=1&hp=1&pxm=7&vz=-&zp=4&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=SCRIPPSJSIMAINT1&ol=3852000540&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8D4Sq_GVK61%5Dml%22ZzTm!ja8V%22%3BU%5DDTg%7Df%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5tWhX%3C%3Ce%24%26~1%3Axkr%2BUe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3Ft%40yUtKC&th=4007238046&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&rc=2%2C0%2C0%2C0%2C0%2C1%2C0%2C0%2Cprobably%2Cprobably&rb=1-L6SP6bDFBj7g4pVV8xztRIWnSYK6kwU2JeJbBer2APsOGgK%2Ftq%2F3Cytr&sc=1&os=&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=610&qe=343&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&ql=&qo=0&qr=0&vf=1&vg=100&bq=8&g=4&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=343&w=610&zGSRC=1&gu=https%3A%2F%2Fwww.tmj4.com%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwww.tmj4.com&lp=https%3A%2F%2Fwww.tmj4.com&t=1619276425098&de=960360889283&cu=1619276425098&m=2599&ar=e4967b0-clean&iw=a9fcec9&cb=0&ym=0&ll=2&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=343&le=1&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A880%3A880%3A835%3A831&aa=1&ad=1147&cn=1147&gn=1&gk=1147&gl=1147&ez=1&cp=2351&cq=0&cr=1&hj=0&pv=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=2351&cd=2351&ah=2351&am=2351&dq=1570&dr=1570&ds=1570&dt=1570&zx=0&tb=0&fc=1&fk=1&vm=1&vl=57&vt=57&vd=0&zMoatSRE=0.10897395833333333&zMoatVSD=15&hc=0&er=0&es=0&gs=0&gt=0&eu=0&ev=0&et=1&dz=1&ef=0&rf=0&re=1&cl=0&at=0&d=-%3A-%3A5578383560%3A138345476649&dfp=0%2C1&la=5578383560&zMoatPL=tmj4.com&zMoatPL2=tmj4.com&bo=tmj4.com&bd=tmj4.com&gw=scrippsjsimavideo263172958560&zMoatOrigSlicer1=__SLICER1__&zMoatOrigSlicer2=__SLICER2__&ab=3&ac=1&fd=1&kt=sframe&it=500&fz=1&or=0&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=189983&na=1391679287&cs=0
Requested by: Host: www.tmj4.com
URL: https://www.tmj4.com/news/coronavirus/wisconsins-extended-safer-at-home-order-relaxes-restrictions-on-non-essential-businesses
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://assets.scrippsdigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Apr 2021 15:00:27 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Sat, 24 Apr 2021 15:00:27 GMT

GET
H3-29 200 N0cNQz_bqY1YohNAUNIZQryLecw2v8JwvqvBktlc8tc.js Show response
pagead2.googlesyndication.com/bg/ Frame 7740 14 KB
6 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/N0cNQz_bqY1YohNAUNIZQryLecw2v8JwvqvBktlc8tc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

37470d433fdba98d58a2134050d21942bc8b79cc36bfc270beabc192d95cf2d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Apr 2021 09:08:09 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 08 Apr 2021 09:18:00 GMT
server: sffe
age: 107538
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5655
x-xss-protection: 0
expires: Sat, 23 Apr 2022 09:08:09 GMT

GET
H2 200 query Show response
services9.arcgis.com/N9p5hsImWXAccRNI/arcgis/rest/services/Nc2JKvYFoAEOFCG5JSI6/FeatureServer/4/ Frame BE7A 3 MB
167 KB 32ms
32ms XHR
text/plain 143.204.245.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://services9.arcgis.com/N9p5hsImWXAccRNI/arcgis/rest/services/Nc2JKvYFoAEOFCG5JSI6/FeatureServer/4/query?f=json&where=UID%20%3C%3E%20840&returnGeometry=false&spatialRel=esriSpatialRelIntersects&outFields=OBJECTID%2CDelta_Deaths%2CReport_Date_String&orderByFields=Report_Date_String%20asc&resultOffset=64000&resultRecordCount=32000&resultType=standard&cacheHint=true

Requested by

Host: js.arcgis.com
URL: https://js.arcgis.com/3.36/init.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.245.14 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-245-14.cph50.r.cloudfront.net

Software

Microsoft-IIS/10.0 /

Resource Hash

92371d8a93567516b67e7d7f80671a5f1820a4d4c088bc832d32c8a1e4b86925

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://www.arcgis.com/apps/opsdashboard/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=63072000
content-encoding: br
etag: sd197485_620588446
age: 615
x-cache: Hit from cloudfront
via: 1.1 fdf9e7e5ec65d753124196745d150f16.cloudfront.net (CloudFront)
x-arcgis-instance: MTSDS_Web_IN_2
last-modified: Sat, 24 Apr 2021 14:35:14 GMT
server: Microsoft-IIS/10.0
date: Sat, 24 Apr 2021 14:50:12 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30, s-maxage=30
x-arcgis-correlation-id: 00-6e5ee7f2cc66f14bbbfcf414a5be7d5a-877b22d215956043-00
x-arcgis-trace-id: 6e5ee7f2cc66f14bbbfcf414a5be7d5a
x-amz-cf-pop: CPH50-C1
x-amz-cf-id: g4t8acKKUoKeNTEBjwlg86WQTgPvxSUpa3I73aYuk-A4NkYJnHjb2A==
x-esri-cache-hint-features: true

GET v1
prebid.digitru.st/id/ Frame 67FB 0
0

GET
H2 200 vidtest.php Show response
v.traileraddict.com/ Frame 67FB 4 KB
1 KB 367ms
349ms XHR
application/json 2606:4700:20::681a:236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://v.traileraddict.com/vidtest.php
Requested by: Host: yummy.consumable.com
URL: https://yummy.consumable.com/8580/cnsmbl-video-970x250/widget/iframe.js?cb=1619276425053
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:236 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/5.6.31
Resource Hash: 7a9c7947e8e97888530f5d8cc0e0cc78951b7b1b735f297c864af1cbd28d720f

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.tmj4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 15:00:28 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: EXPIRED
nel: {"report_to":"cf-nel","max_age":604800}
x-powered-by: PHP/5.6.31
access-control-allow-methods: GET, PUT, POST, OPTIONS
cf-request-id: 09a5fe8a6a0000dfef661db000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=KsYJbQtp12WJKUnJmxayZBl%2FvLixLo9VmzMfS%2B4VRONLDQA2E3J57uq9Z912KNV9u1js8lzI2fCkte4OYafJqapSoSXufmoV8P0nMZ%2BPapoMyoo4b8xugL%2BgedLK6weg"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=1800
cf-ray: 6450338a4fc9dfef-FRA
access-control-allow-headers: Content-Type, Authorization, X-Requested-With

GET
H2 200 query Show response
services9.arcgis.com/N9p5hsImWXAccRNI/arcgis/rest/services/Nc2JKvYFoAEOFCG5JSI6/FeatureServer/4/ Frame BE7A 3 MB
207 KB 32ms
31ms XHR
text/plain 143.204.245.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://services9.arcgis.com/N9p5hsImWXAccRNI/arcgis/rest/services/Nc2JKvYFoAEOFCG5JSI6/FeatureServer/4/query?f=json&where=UID%20%3C%3E%20840&returnGeometry=false&spatialRel=esriSpatialRelIntersects&outFields=OBJECTID%2CDelta_Confirmed%2CReport_Date_String&orderByFields=Report_Date_String%20asc&resultOffset=64000&resultRecordCount=32000&resultType=standard&cacheHint=true

Requested by

Host: js.arcgis.com
URL: https://js.arcgis.com/3.36/init.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.245.14 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-245-14.cph50.r.cloudfront.net

Software

Microsoft-IIS/10.0 /

Resource Hash

fe1b425aae19ee042de5ce00dde8f64933dc82a83203569995189e0dd6dc921a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://www.arcgis.com/apps/opsdashboard/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=63072000
content-encoding: br
etag: sd197485_620588446
age: 525
x-cache: Hit from cloudfront
x-arcgis-instance: MTSDS_Web_IN_1
access-control-allow-origin: *
last-modified: Sat, 24 Apr 2021 14:35:14 GMT
server: Microsoft-IIS/10.0
date: Sat, 24 Apr 2021 14:52:47 GMT
content-type: text/plain; charset=utf-8
via: 1.1 fdf9e7e5ec65d753124196745d150f16.cloudfront.net (CloudFront)
cache-control: public, max-age=30, s-maxage=30
x-arcgis-correlation-id: 00-37b404619d2c024b8f00633088bd56d8-7acd3d2383ef8d42-00
x-arcgis-trace-id: 37b404619d2c024b8f00633088bd56d8
x-amz-cf-pop: CPH50-C1
x-amz-cf-id: KIU-lfc-iE38_tTYs0DPbpuQj88u3mkNd7EZ9wGLTHS_bGQ7p5Aevg==
x-esri-cache-hint-features: true

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame AB38 42 B
64 B 41ms
39ms Fetch
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssyi948h83XzAMJMXZKffL_XHySoLZ17tFuGJj1GHVgi_2LeyIXjJhep1LRnL1COqa_KEiz8WWa1RL1g5ua8CsQIitzpeeTSg&sig=Cg0ArKJSzI7e1GtBahW_EAE&cid=CAASF-RoGjxLjR2MEkdtQYx9ZiBuB8-7SDis&id=lidar2&mcvt=1021&p=1106,436,1196,1164&mtos=1021,1021,1021,1021,1021&tos=1021,0,0,0,0&v=20210421&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=768349490&rs=4&met=mue&la=0&cr=0&osd=1&vs=4&rst=1619276424180&dlt=78&rpt=38&isd=0&msd=0&r=v&fum=1

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a3a96b9ff0f7528530d1f7c674196848.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Apr 2021 15:00:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 5942 42 B
64 B 15ms
14ms Image
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuuM6U-k_i9KBioxVQFHpsJq8kfcgYpSIpnZ4HA_UKVk8RXgcaSk7f8IN1rbxIoN3LG2K0ehpquDZupXa8ZzWXAGiwiztIX-1G27oJWV3g&sig=Cg0ArKJSzBVgkPFvSy7gEAE&id=lidarv&acvw=sv%3D894%26cb%3Dj%26e%3D9%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,343,610%26tos%3D2133,0,0,0,0%26mtos%3D2133,2133,2133,2133,2133%26amtos%3D0,0,0,0,0%26mcvt%3D2133%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2133%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D1093%26pst%3D902%26dur%3D15042%26vmtime%3D1678%26dtos%3D2133%26dtoss%3D1%26dvs%3D2101%26dfvs%3D2101%26dvpt%3D2101%26is%3D275%26i0%3D275%26ic%3D16777217%26cs%3D16781587%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D2156%26femvt%3D0%26emc%3D8%26emuc%3D0%26emb%3D7,0,0,0,0%26avms%3Dexc%26qi%3D353618271%26psm%3D-2147483645%26psv%3D-2147483645%26psfv%3D-2147483645%26psa%3D0%26ptlt%3D1619276428156%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,2133,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.1%26t%3D1619276425792

Requested by

Host: www.tmj4.com
URL: https://www.tmj4.com/news/coronavirus/wisconsins-extended-safer-at-home-order-relaxes-restrictions-on-non-essential-businesses

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Apr 2021 15:00:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 query Show response
services9.arcgis.com/N9p5hsImWXAccRNI/arcgis/rest/services/Nc2JKvYFoAEOFCG5JSI6/FeatureServer/4/ Frame BE7A 1 MB
92 KB 31ms
31ms XHR
text/plain 143.204.245.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://services9.arcgis.com/N9p5hsImWXAccRNI/arcgis/rest/services/Nc2JKvYFoAEOFCG5JSI6/FeatureServer/4/query?f=json&where=UID%20%3C%3E%20840&returnGeometry=false&spatialRel=esriSpatialRelIntersects&outFields=OBJECTID%2CDelta_Deaths%2CReport_Date_String&orderByFields=Report_Date_String%20asc&resultOffset=96000&resultRecordCount=32000&resultType=standard&cacheHint=true

Requested by

Host: js.arcgis.com
URL: https://js.arcgis.com/3.36/init.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.245.14 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-245-14.cph50.r.cloudfront.net

Software

Microsoft-IIS/10.0 /

Resource Hash

41f441aa622ab6ff01e178d23657a608f70d1e4536cfe0c3ae635918c5e67616

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://www.arcgis.com/apps/opsdashboard/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=63072000
content-encoding: br
etag: sd197485_620588446
age: 610
x-cache: Hit from cloudfront
content-length: 93944
x-arcgis-instance: MTSDS_Web_IN_2
access-control-allow-origin: *
last-modified: Sat, 24 Apr 2021 14:35:14 GMT
server: Microsoft-IIS/10.0
date: Sat, 24 Apr 2021 14:51:07 GMT
content-type: text/plain; charset=utf-8
via: 1.1 fdf9e7e5ec65d753124196745d150f16.cloudfront.net (CloudFront)
cache-control: public, max-age=30, s-maxage=30
x-arcgis-correlation-id: 00-b357b650c3af36498efafa59465f71f3-11f65a88cf038243-00
x-arcgis-trace-id: b357b650c3af36498efafa59465f71f3
x-amz-cf-pop: CPH50-C1
x-amz-cf-id: T8bwmVpQJ2_oa9YMi2KYhE7-gjeef0OLoeuo3nuLIz91ze1VA20mDw==

GET
H2 200 chevron-left.svg
yummy.consumable.com/8580/cnsmbl-video-970x250/img/ Frame 67FB 509 B
834 B 419ms
418ms Image
image/svg+xml 13.33.139.93
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://yummy.consumable.com/8580/cnsmbl-video-970x250/img/chevron-left.svg
Requested by: Host: www.tmj4.com
URL: https://www.tmj4.com/news/coronavirus/wisconsins-extended-safer-at-home-order-relaxes-restrictions-on-non-essential-businesses
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.139.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-139-93.cph50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 62965052035405846c2a82a5f9c8e662db24ff92100bad81ec4b82d5135a7a78

Request headers

Referer: https://www.tmj4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 15:00:29 GMT
via: 1.1 c77c2d645cbeae90b436c4ed3b9c4718.cloudfront.net (CloudFront)
last-modified: Mon, 07 Dec 2020 20:18:02 GMT
server: AmazonS3
x-amz-cf-pop: CPH50-C2
etag: "06debc4a8c892312c85a5868e3f1683d"
x-cache: RefreshHit from cloudfront
content-type: image/svg+xml
accept-ranges: bytes
content-length: 509
x-amz-cf-id: YeJq7jwTQlZ9AOH-jsJeIAGb4K9NtE62a1mYsMfNvE_4Uqm9Ezr2Mw==

GET
H2 200 chevron-right.svg
yummy.consumable.com/8580/cnsmbl-video-970x250/img/ Frame 67FB 516 B
842 B 417ms
417ms Image
image/svg+xml 13.33.139.93
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://yummy.consumable.com/8580/cnsmbl-video-970x250/img/chevron-right.svg
Requested by: Host: www.tmj4.com
URL: https://www.tmj4.com/news/coronavirus/wisconsins-extended-safer-at-home-order-relaxes-restrictions-on-non-essential-businesses
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.139.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-139-93.cph50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0aae9ffbfef06b0b5ef60ef6c0aebfceebb2e9f0deca58dcd9aacacda7e0d7fe

Request headers

Referer: https://www.tmj4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 15:00:29 GMT
via: 1.1 c77c2d645cbeae90b436c4ed3b9c4718.cloudfront.net (CloudFront)
last-modified: Mon, 07 Dec 2020 20:18:01 GMT
server: AmazonS3
x-amz-cf-pop: CPH50-C2
etag: "f25ffe73c2ef159c89576cd693340ac5"
x-cache: RefreshHit from cloudfront
content-type: image/svg+xml
accept-ranges: bytes
content-length: 516
x-amz-cf-id: idIT47nsHdCwZMh9bR1dyYkj3Srad1kN4kbInHTr2oC5eMWNVWe4cQ==

GET
H2 200 g3-blue.jpg
cdn.traileraddict.com/content/consumable/ Frame 67FB 14 KB
15 KB 194ms
15ms Image
image/webp 2606:4700:20::ac43:453b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.traileraddict.com/content/consumable/g3-blue.jpg
Requested by: Host: www.tmj4.com
URL: https://www.tmj4.com/news/coronavirus/wisconsins-extended-safer-at-home-order-relaxes-restrictions-on-non-essential-businesses
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:453b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 76e5591612f2b00c68824472590a1101ed872ed70cf5a40e8c665dcc5a5abb22

Request headers

Referer: https://www.tmj4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 15:00:28 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 112422
cf-polished: qual=85, origFmt=jpeg, origSize=37489
content-disposition: inline; filename="g3-blue.webp"
content-length: 14520
cf-request-id: 09a5fe8d13000006211713e000000001
last-modified: Sun, 06 Dec 2020 19:24:44 GMT
server: cloudflare
etag: "5fcd2ffc-9271"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=GS7jWEoirsFLm2zps%2Bh4se1cBYBe5tyL%2FBQtTTNIrYrPnlDOaJLpSG%2Bs3AhfW8pCe4ignTXSVi%2B7w9sTIwHX7HxqyhAcV4iUaCvbPVWyHqQlu1CFvhiOSKtsg6yBZJHpV0c%3D"}],"group":"cf-nel"}
content-type: image/webp
expires: Sun, 23 May 2021 07:40:27 GMT
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 6450338e8fc20621-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 17750.json Show response
services.brid.tv/services/get/config/ Frame 67FB 7 KB
3 KB 65ms
23ms XHR
application/json 13.224.95.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://services.brid.tv/services/get/config/17750.json
Requested by: Host: services.brid.tv
URL: https://services.brid.tv/player/build/brid.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.95.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-95-17.zrh50.r.cloudfront.net
Software: nginx /
Resource Hash: 727823e6ebd1c140c38e1c1d201ee0d37bf9dc549661986eb712e01d657283ba

Request headers

Referer: https://www.tmj4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 14:57:45 GMT
content-encoding: br
age: 163
x-cache-status: HIT
x-cache: Hit from cloudfront
x-served-by: i-0668fa4bbc0bbef31
access-control-allow-origin: *
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json; charset=UTF-8
via: 1.1 a4f3f56409fe4e0b42683dc15dd52ef8.cloudfront.net (CloudFront)
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-amz-cf-pop: ZRH50-C1
access-control-allow-headers: origin, x-requested-with, content-type, accept
x-amz-cf-id: 8F7y6C9lf-G3xzfXTEk1a-IAj06gbgraCdVzK5rXj8aVq1sXrovPOg==

GET
H2 200 query Show response
services9.arcgis.com/N9p5hsImWXAccRNI/arcgis/rest/services/Nc2JKvYFoAEOFCG5JSI6/FeatureServer/4/ Frame BE7A 2 MB
114 KB 33ms
33ms XHR
text/plain 143.204.245.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://services9.arcgis.com/N9p5hsImWXAccRNI/arcgis/rest/services/Nc2JKvYFoAEOFCG5JSI6/FeatureServer/4/query?f=json&where=UID%20%3C%3E%20840&returnGeometry=false&spatialRel=esriSpatialRelIntersects&outFields=OBJECTID%2CDelta_Confirmed%2CReport_Date_String&orderByFields=Report_Date_String%20asc&resultOffset=96000&resultRecordCount=32000&resultType=standard&cacheHint=true

Requested by

Host: js.arcgis.com
URL: https://js.arcgis.com/3.36/init.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.245.14 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-245-14.cph50.r.cloudfront.net

Software

Microsoft-IIS/10.0 /

Resource Hash

766dea2c6bbc0ce5e870c79e861fa253bce092c792327c55ec45990c4811540a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://www.arcgis.com/apps/opsdashboard/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=63072000
content-encoding: br
etag: sd197485_620588446
age: 518
x-cache: Hit from cloudfront
x-arcgis-instance: MTSDS_Web_IN_1
access-control-allow-origin: *
last-modified: Sat, 24 Apr 2021 14:35:14 GMT
server: Microsoft-IIS/10.0
date: Sat, 24 Apr 2021 14:51:49 GMT
content-type: text/plain; charset=utf-8
via: 1.1 fdf9e7e5ec65d753124196745d150f16.cloudfront.net (CloudFront)
cache-control: public, max-age=30, s-maxage=30
x-arcgis-correlation-id: 00-0fef17bfa8222e4a8cd969fffa895c69-7363cbbc76bd0b47-00
x-arcgis-trace-id: 0fef17bfa8222e4a8cd969fffa895c69
x-amz-cf-pop: CPH50-C1
x-amz-cf-id: wKGwTKulr2BktDp904jhfeWKCAwhxzv9DML1DiyZKcw2Kh9oqn4x3g==
x-esri-cache-hint-features: true

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 445F 0
20 B 41ms
40ms Image
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gpt_2021042001&jk=3631689589428918&bg=!QEOlQwfNAAZUuIlwVLg7ACkAdvg8Wu8LZquGJpuD3ccruHahURPJy8bVAKeGnw409qr0Nz5rAlk1fQIAAAFCUgAAAIJoAQeZAn3b3dEePO26voQhEPGsZCCAP0AkGMktjGKL6dr8ZvRHS2F4dE6p1sEZQwoUY91VvDB8xqxVa41zcsQDzujWUYgylohIIWPxtj6oSveDR-D8of3_JXEY2pYj_aWW_nfpULOCJXWC0u-daO1ftb-cNv3ev6mlHW0hZMVOYsFkK5T3cfZr1L4HKhWMb9boLxmQfGTvRGEejOB3mizEbeVmrSZYkx4pQZgdQPLGhxd-5Bk13b4DWVcMk5k09v56C6MhzKG-AoIdhCGHqkdJ3WYurCWCq8S2PiJ7ut5YhQwkT4sb5dkuJTPT4cjPQSUXjlp8M5TrW_XpA53uL5pNaoLUHSiXCokblIiROAr_r_ii0Lb8zmcXt7D1VWLxqq_4GK8Y39EI2W8ye9ApKJx5w0e6pgZIVoIyk03KbNMRcqWpOZAQj_RKh8McO70pE4linkxy6Mmj65pVEI7F1M6IegYT5tc8Zhr_BFAzc5IQkuGYjYWJt8ROwe0sBhhGRWzp8TGiRBfrolAJiRU4P6LZRFTFGiVWH61_yL_nXBCxNh-22SkSyNbgwNF_CVqX-KGMpXQ-H3_lqutSyoogwEZ7eeCPA6ulbFc6qCFZyD8K1aYUf9zgDaaukseDatgztAozSpQPhUR6KSrn_-64Fwom-n9pKoSrdp4Z-x7hZ3htdUEEQ5K7c2U6npvBike8zVNKojytic6JViU4rf8JDqC20m6bfhEywXC4pPIe7pCiv6izLrO2fD9-a5KfzMBihemdd4EAe5qeifGgw5dvev_AYmTiitCbt0sqkLsbNCpiFLH_wO5BgBobEoEScLYLtCCT_t-ld1t-K5QfJ-FdCFCEgwMv

Requested by

Host: www.tmj4.com
URL: https://www.tmj4.com/news/coronavirus/wisconsins-extended-safer-at-home-order-relaxes-restrictions-on-non-essential-businesses

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tmj4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Apr 2021 15:00:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 brid.hls.min.js Show response
p.brid.tv/player/build/plugins/hls/1.0.13/ Frame 67FB 250 KB
75 KB 108ms
39ms Script
application/javascript 143.204.245.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://p.brid.tv/player/build/plugins/hls/1.0.13/brid.hls.min.js
Requested by: Host: services.brid.tv
URL: https://services.brid.tv/player/build/brid.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.245.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-245-88.cph50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 326d77891415f82cdfafe9b74ede6ba52b2a3f2c33efd26ee18a7ce9053f31c7

Request headers

Referer: https://www.tmj4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 14:06:54 GMT
content-encoding: gzip
last-modified: Wed, 23 Dec 2020 10:40:06 GMT
server: AmazonS3
age: 3226
etag: W/"d093466a4034ca23d62ed5575bab2d21"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 c0f81b73b25f5689e5357fd24a5fcb0d.cloudfront.net (CloudFront)
cache-control: max-age=31536000, public, immutable
x-amz-cf-pop: CPH50-C1
x-amz-cf-id: LWX1aaWAMAX2ncEdNtYDdO42Ki3CtC67eA2evZdWyk9qzdHu2GJa1A==

GET
H2 200 consumable.css
c.brid.tv/live/partners/style/ Frame 67FB 10 KB
2 KB 35ms
8ms Stylesheet
text/css 143.204.90.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.brid.tv/live/partners/style/consumable.css
Requested by: Host: services.brid.tv
URL: https://services.brid.tv/player/build/brid.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.90.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-90-102.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 77d61926f7acef295665e8bc3705000e21c1a4db847338f5969af47c37822bad

Request headers

Referer: https://www.tmj4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 27 Nov 2020 19:29:23 GMT
content-encoding: gzip
last-modified: Fri, 07 Feb 2020 07:55:48 GMT
server: AmazonS3
age: 12771066
etag: "b4c80903a0a8c1ef4957058a948f9f2f"
x-cache: Hit from cloudfront
x-amz-version-id: null
via: 1.1 ef13dd533b8dc9dcfdc35449cf88f808.cloudfront.net (CloudFront)
cache-control: max-age=604800, public
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-type: text/css
content-length: 1952
x-amz-cf-id: gwoaibZLUhNdTg9Lek99oLe_dkHTegNEtziRorlhtQ1Ri18LyiRuqQ==

GET
H2 200 css
fonts.googleapis.com/ Frame 67FB 708 B
462 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato&display=swap

Requested by

Host: c.brid.tv
URL: https://c.brid.tv/live/partners/style/consumable.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1b21d7945f9a9e83d3218aa05a9a97c91d0db52e4682e6392dac56496134ce2d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://c.brid.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 24 Apr 2021 13:20:06 GMT
server: ESF
date: Sat, 24 Apr 2021 15:00:31 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 24 Apr 2021 15:00:31 GMT

GET
H2 200 pixel.gif
px.moatads.com/ Frame AF08 43 B
260 B 10ms
10ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=2&hp=1&pxm=7&vz=-&zp=4&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=SCRIPPSJSIMAINT1&ol=3852000540&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8D4Sq_GVK61%5Dml%22ZzTm!ja8V%22%3BU%5DDTg%7Df%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5tWhX%3C%3Ce%24%26~1%3Axkr%2BUe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3Ft%40yUtKC&th=4007238046&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&rc=2%2C0%2C0%2C0%2C0%2C1%2C0%2C0%2Cprobably%2Cprobably&rb=1-L6SP6bDFBj7g4pVV8xztRIWnSYK6kwU2JeJbBer2APsOGgK%2Ftq%2F3Cytr&sc=1&os=&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=610&qe=343&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&ql=&qo=0&qr=0&vf=1&vg=100&bq=8&g=5&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=343&w=610&zGSRC=1&gu=https%3A%2F%2Fwww.tmj4.com%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwww.tmj4.com&lp=https%3A%2F%2Fwww.tmj4.com&t=1619276425098&de=960360889283&cu=1619276425098&m=6898&ar=e4967b0-clean&iw=a9fcec9&cb=0&ym=0&ll=2&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=343&le=1&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A880%3A880%3A835%3A831&aa=1&ad=5447&cn=1147&gn=1&gk=5447&gl=1147&ez=1&co=5447&cp=2351&cq=0&cr=1&ew=1&hj=0&pv=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=3256&cd=2351&ah=3256&am=2351&dq=2475&dr=1570&ds=2475&dt=1570&zx=0&tb=0&fc=1&fk=1&vm=1&vl=57&vt=270&vd=0&zMoatSRE=0.10897395833333333&zMoatVSD=15&hc=0&er=0&es=0&gs=0&gt=0&eu=0&ev=0&et=1&dz=1&ef=0&rf=0&re=1&cl=0&at=0&d=-%3A-%3A5578383560%3A138345476649&dfp=0%2C1&la=5578383560&zMoatPL=tmj4.com&zMoatPL2=tmj4.com&bo=tmj4.com&bd=tmj4.com&gw=scrippsjsimavideo263172958560&zMoatOrigSlicer1=__SLICER1__&zMoatOrigSlicer2=__SLICER2__&ab=3&ac=1&fd=1&kt=sframe&it=500&fz=1&or=0&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=189983&na=122161176&cs=0
Requested by: Host: www.tmj4.com
URL: https://www.tmj4.com/news/coronavirus/wisconsins-extended-safer-at-home-order-relaxes-restrictions-on-non-essential-businesses
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://assets.scrippsdigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Apr 2021 15:00:32 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Sat, 24 Apr 2021 15:00:32 GMT

GET
H2

200

pd Show response
u.openx.net/w/1.0/ Frame 269C
Redirect Chain

https://u.openx.net/w/1.0/pd
https://u.openx.net/w/1.0/pd?cc=1

668 B
723 B

20ms
19ms

Document
text/html

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://u.openx.net/w/1.0/pd?cc=1
Requested by: Host: yummy.consumable.com
URL: https://yummy.consumable.com/8580/cnsmbl-video-970x250/widget/iframe.js?cb=1619276425053
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: OXGW/16.205.4 /
Resource Hash: aaba65ed9064daf813908cafaa8a9520ab798b95373849537524c5b8caf5199c

Request headers

:method: GET
:authority: u.openx.net
:scheme: https
:path: /w/1.0/pd?cc=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.tmj4.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: i=c4cd35e2-31ee-41ba-9c7a-ce30165a36b5|1619276432
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.tmj4.com/

Response headers

vary: Accept, Accept-Encoding
set-cookie: i=c4cd35e2-31ee-41ba-9c7a-ce30165a36b5|1619276432; Version=1; Expires=Sun, 24-Apr-2022 15:00:32 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1619276432|gekin0vNiygu; Version=1; Expires=Sun, 09-May-2021 15:00:32 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.205.4
p3p: CP="CUR ADM OUR NOR STA NID"
date: Sat, 24 Apr 2021 15:00:32 GMT
content-type: text/html
content-length: 420
content-encoding: gzip
via: 1.1 google
alt-svc: clear

Redirect headers

set-cookie: i=c4cd35e2-31ee-41ba-9c7a-ce30165a36b5|1619276432; Version=1; Expires=Sun, 24-Apr-2022 15:00:32 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.205.4
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://u.openx.net/w/1.0/pd?cc=1
date: Sat, 24 Apr 2021 15:00:32 GMT
content-length: 0
via: 1.1 google
alt-svc: clear

GET
H/1.1 200
OK showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 5E86 38 KB
14 KB 9ms
9ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: yummy.consumable.com
URL: https://yummy.consumable.com/8580/cnsmbl-video-970x250/widget/iframe.js?cb=1619276425053
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 82f1fbe95dbd4e1128a973db542bf50ab7ac8fbf35bfefca2e782b0a0572e564

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.tmj4.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: SPugT=1619276425; PUBMDCID=3; KRTBCOOKIE_1101=23040-6954739297158232203; PugT=1619276427
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.tmj4.com/

Response headers

Last-Modified: Wed, 14 Apr 2021 09:18:30 GMT
ETag: "13006b6-98c2-5bfeb3aef82b4"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 14060
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=65768
Expires: Sun, 25 Apr 2021 09:16:40 GMT
Date: Sat, 24 Apr 2021 15:00:32 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK Cookie set check.html Show response
biddr.brealtime.com/ Frame 8724 926 B
1 KB 77ms
28ms Document
text/html 104.17.119.107
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://biddr.brealtime.com/check.html
Requested by: Host: yummy.consumable.com
URL: https://yummy.consumable.com/8580/cnsmbl-video-970x250/widget/iframe.js?cb=1619276425053
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.17.119.107 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 868a78df4f3d0a21f89c48ccc709df44d3875f5fb33e22bf51ca8b5c28be4202

Request headers

Host: biddr.brealtime.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.tmj4.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.tmj4.com/

Response headers

Date: Sat, 24 Apr 2021 15:00:32 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __cfduid=dfd572332da568d20bc283047071b763f1619276432; expires=Mon, 24-May-21 15:00:32 GMT; path=/; domain=.brealtime.com; HttpOnly; SameSite=Lax
x-amz-id-2: Ff6EmSueVNfPi17r8wKQ854J0NpJ39gY216tMHqXcfMY1v0rRcILngP83+CS+PYF1s5zxwa4TEI=
x-amz-request-id: YWKEY68YY6XM5CJE
Last-Modified: Tue, 08 Sep 2020 13:51:51 GMT
CF-Cache-Status: HIT
Age: 318
Expires: Sat, 24 Apr 2021 15:01:32 GMT
Cache-Control: public, max-age=60
cf-request-id: 09a5fe9aca0000ee7d8f296000000001
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 645033a47c3eee7d-CDG
Content-Encoding: gzip

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame D6A6 281 B
554 B 15ms
15ms Document
text/html 104.111.230.142
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: yummy.consumable.com
URL: https://yummy.consumable.com/8580/cnsmbl-video-970x250/widget/iframe.js?cb=1619276425053
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-230-142.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.tmj4.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.tmj4.com/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 23 Feb 2021 20:47:52 GMT
ETag: "402b0-119-5bc0708346e00"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sat, 24 Apr 2021 15:00:32 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 11ms
11ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&wf=1&vb=5&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=CRACKED_SCRIPPS_DFP_PREBID_HEADER1&ud=undefined&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8D4Sq_GVK61%5Dml%22ZzTm!ja8V%22%3BU%5DDTg%7Df%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5tWhX%3C%3Ce%24%26~1%3Axkr%2BUe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3Ft%40yUtKC&th=3321063859&tf=nMzjG---CSa7H-XSSptC-j7VIQD-xFQTS-nMzjG-&vi=111111&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=00&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.tmj4.com%2Fnews%2Fcoronavirus%2Fwisconsins-extended-safer-at-home-order-relaxes-restrictions-on-non-essential-businesses&confidence=2&pcode=crackedscrippsdfpprebidheader262014341684&ql=&qo=0&vf=1&vg=100&bq=11&zMoatpage=-&zMoatpos=above%2C1&zMoatpt=detail%2Ctrue&g=4&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=90&w=728&rm=1&fy=436&gp=1105&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.tmj4.com%2Fnews%2Fcoronavirus%2Fwisconsins-extended-safer-at-home-order-relaxes-restrictions-on-non-essential-businesses&id=1&f=0&j=&t=1619276421514&de=392083320754&rx=927200626535&cu=1619276421514&m=10521&ar=31f9dba90d7-clean&iw=07d6456&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A871043678126&td=1&lk=1105&lb=5512&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A626%3A626%3A0%3A649&as=1&ag=7382&an=1048&gi=1&gf=7382&gg=1048&ix=7382&ic=7382&ez=1&ck=1048&kw=504&aj=1&pg=100&pf=100&ib=1&cc=1&bw=7382&bx=1048&ci=1048&jz=504&dj=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=3858&cd=504&ah=3858&am=504&rf=0&re=0&wb=2&cl=0&at=0&d=16839141%3A237842901%3A5250393788%3A138298488418&gw=crackedscrippsdfpprebidheader262014341684&zMoatAdUnit1=ssp.tmj4&zMoatAdUnit2=inview-bottom&hv=findIframeAds&ab=2&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&tc=0&fs=180167&na=8025840&cs=0
Requested by: Host: www.tmj4.com
URL: https://www.tmj4.com/news/coronavirus/wisconsins-extended-safer-at-home-order-relaxes-restrictions-on-non-essential-businesses
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.tmj4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Apr 2021 15:00:32 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Sat, 24 Apr 2021 15:00:32 GMT

GET
H/1.1

200
OK

2000248.html Show response
serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/ Frame 322A
Redirect Chain

https://sync.serverbid.com/ss/2000248.html
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html

4 KB
5 KB

10ms
10ms

Document
text/html

205.185.216.42
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html

Requested by

Host: yummy.consumable.com
URL: https://yummy.consumable.com/8766/cnsmbl-container-300x250-ads/widget/iframe.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

205.185.216.42 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

map2.hwcdn.net

Software

Resource Hash

d47b0a558d4b3c185baeca529965752d946921f4a10cb7c442b9bbee6985c4a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.tmj4.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.tmj4.com/

Response headers

Date: Sat, 24 Apr 2021 15:00:32 GMT
Connection: Keep-Alive
Cache-Control: max-age=2495
Content-Length: 4376
Content-Type: text/html
Last-Modified: Thu, 31 Jan 2019 14:12:06 GMT
Accept-Ranges: bytes
ETag: "8ca299ba400101b6642362a2bceff771"
x-amz-request-id: tx00000000000000292b4bb-006082eacf-4d93f15-nyc3a
strict-transport-security: max-age=15552000; includeSubDomains; preload
Age: 0
Vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
X-HW: 1619276423.dop132.fr8.t,1619276423.cds239.fr8.shn,1619276432.dop132.fr8.t,1619276432.cds018.fr8.c

Redirect headers

content-length: 0
location: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
cache-control: no-cache

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame AD44 42 B
64 B 15ms
15ms Fetch
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstXMHPwO_JuVnVmEhsN1CXPJ4LtZtnCpCClLopWvrp8Jc5clY3VuhzMFxqNO7XeO4k4XgpMYTiPTDMmOjUrSrbLUxrg8X_H6Fuk_J3LyYM&sig=Cg0ArKJSzOQkCgJY4rUBEAE&id=lidar2&mcvt=4419&p=0,0,250,300&mtos=4419,4419,4419,4419,4419&tos=4419,0,0,0,0&v=20210421&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=3&adk=1744008382&rs=4&met=mue&la=0&cr=0&osd=1&vs=4&rst=1619276427541&dlt=0&rpt=114&isd=0&msd=0&r=v&fum=1

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tmj4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Apr 2021 15:00:32 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK viewability Show response
hal90008.redintelligence.net/ Frame 8773 0
150 B 34ms
12ms Script
text/html 138.201.63.150
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90008.redintelligence.net/viewability?s=70161200119445700951389011574008&a=8a15d1ec&vb=v
Requested by: Host: hal90008.redintelligence.net
URL: https://hal90008.redintelligence.net/request_content.php?s=70161200119445700951389011574008&a=9828d99d
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.150 Ketsch, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://hal90008.redintelligence.net/request_content.php?s=70161200119445700951389011574008&a=9828d99d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 24 Apr 2021 15:00:32 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

POST
H/1.1 200
OK st Show response
capi.connatix.com/tr/ Frame 1FBF 0
293 B 111ms
111ms XHR
multipart/form-data 3.143.119.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/tr/st?v=114867
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.143.119.104 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: multipart/form-data

Response headers

Date: Sat, 24 Apr 2021 15:00:32 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: multipart/form-data
Access-Control-Allow-Origin: https://www.tmj4.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 20

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 67FB 334 KB
115 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: services.brid.tv
URL: https://services.brid.tv/player/build/brid.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d25942b7da85bc7cdb258cdb436227b1de7e3a2b50c61f7d7050eff911f88f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tmj4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 15:00:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 117044
x-xss-protection: 0
expires: Sat, 24 Apr 2021 15:00:32 GMT

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v17/ Frame 67FB 23 KB
23 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v17/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.tmj4.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Apr 2021 15:44:07 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:10:46 GMT
server: sffe
age: 170185
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23484
x-xss-protection: 0
expires: Fri, 22 Apr 2022 15:44:07 GMT

GET
H2 200 ping.gif
stats-dev.brid.tv/ Frame 67FB 0
346 B 94ms
30ms Image
image/gif 13.33.139.11
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stats-dev.brid.tv/ping.gif?p=13841&pr=p&b=c&pid=17750&s=450|250&apa=0&df=0&os=l&m=0&ow=14722&e=l
Requested by: Host: www.tmj4.com
URL: https://www.tmj4.com/news/coronavirus/wisconsins-extended-safer-at-home-order-relaxes-restrictions-on-non-essential-businesses
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.139.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-139-11.cph50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.tmj4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 10:06:45 GMT
via: 1.1 272207cd716e9cf4826b7bb013eea27e.cloudfront.net (CloudFront)
last-modified: Tue, 04 Dec 2018 09:25:32 GMT
server: AmazonS3
age: 36649
etag: "d41d8cd98f00b204e9800998ecf8427e"
x-cache: Hit from cloudfront
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
x-amz-cf-pop: CPH50-C2
accept-ranges: bytes
content-length: 0
x-amz-cf-id: epPsJ5XUOjoct8x_njFfNH-EjCTf2MtEu03xxU_K2RF5L4sRRK5fHw==

GET
H2 200 pixel.gif
px.moatads.com/ Frame AF08 43 B
260 B 10ms
10ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=5&q=1&hp=1&pxm=7&vz=-&zp=4&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=SCRIPPSJSIMAINT1&ol=3852000540&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8D4Sq_GVK61%5Dml%22ZzTm!ja8V%22%3BU%5DDTg%7Df%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5tWhX%3C%3Ce%24%26~1%3Axkr%2BUe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3Ft%40yUtKC&th=4007238046&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&rc=2%2C0%2C0%2C0%2C0%2C1%2C0%2C0%2Cprobably%2Cprobably&rb=1-L6SP6bDFBj7g4pVV8xztRIWnSYK6kwU2JeJbBer2APsOGgK%2Ftq%2F3Cytr&sc=1&os=&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=610&qe=343&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&ql=&qo=0&qr=0&vf=1&vg=100&bq=8&g=6&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=343&w=610&zGSRC=1&gu=https%3A%2F%2Fwww.tmj4.com%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwww.tmj4.com&lp=https%3A%2F%2Fwww.tmj4.com&t=1619276425098&de=960360889283&cu=1619276425098&m=6899&ar=e4967b0-clean&iw=a9fcec9&cb=0&ym=0&ll=2&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=343&le=1&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A880%3A880%3A835%3A831&aa=1&ad=5447&cn=5447&gn=1&gk=5447&gl=5447&ez=1&co=5447&cp=2351&cq=0&cr=1&ew=1&hj=0&pv=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=3256&cd=3256&ah=3256&am=3256&dq=2475&dr=2475&ds=2475&dt=2475&zx=0&tb=0&fc=1&fk=1&vm=1&vl=270&vt=270&vd=0&zMoatSRE=0.10897395833333333&zMoatVSD=15&hc=0&er=0&es=0&gs=0&gt=0&eu=0&ev=0&et=1&dz=1&ef=0&rf=0&re=1&cl=0&at=0&d=-%3A-%3A5578383560%3A138345476649&dfp=0%2C1&la=5578383560&zMoatPL=tmj4.com&zMoatPL2=tmj4.com&bo=tmj4.com&bd=tmj4.com&gw=scrippsjsimavideo263172958560&zMoatOrigSlicer1=__SLICER1__&zMoatOrigSlicer2=__SLICER2__&ab=3&ac=1&fd=1&kt=sframe&it=500&fz=1&or=0&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=189983&na=1561089885&cs=0
Requested by: Host: www.tmj4.com
URL: https://www.tmj4.com/news/coronavirus/wisconsins-extended-safer-at-home-order-relaxes-restrictions-on-non-essential-businesses
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://assets.scrippsdigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Apr 2021 15:00:32 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Sat, 24 Apr 2021 15:00:32 GMT

GET
H2 200 /
pubads.g.doubleclick.net/pagead/interaction/ Frame 5942 42 B
121 B 18ms
18ms Image
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pubads.g.doubleclick.net/pagead/interaction/?ai=B1YtIiTKEYIKSBsmT7_UPgcCQoAGahfLzRQAAABABIL2i3h84AFip5KGwgwRgleKQgqAHsgEMd3d3LnRtajQuY29tugEKMXgxMDAwX3htbMgBBdoBFWh0dHBzOi8vd3d3LnRtajQuY29tL5gCmHXAAgLgAgDqAiYvNjA4OC9zc3AudG1qNC9uZXdzL2Nvcm9uYXZpcnVzL2RldGFpbPgCgdIekAPIBpgD4AOoAwHgBAHSBQYQyMH94xSQBgGgBiOoB-zVG6gH89EbqAeW2BvYBwHgBw_SCAkIgOGAEBABGB3YCAKACgWYCwE&sigh=dgec9gaba9U&label=videoplaytime25&ad_mt=5684&acvw=sv%3D894%26cb%3Dj%26e%3D1%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,343,610%26tos%3D6145,0,0,0,0%26mtos%3D6145,6145,6145,6145,6145%26amtos%3D0,0,0,0,0%26mcvt%3D6145%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D6145%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D4556%26pst%3D902%26dur%3D15042%26vmtime%3D5683%26dtos%3D4012%26dtoss%3D2%26dvs%3D4012%26dfvs%3D4012%26dvpt%3D4012%26is%3D275%26i0%3D275%26i1%3D275%26ic%3D0%26cs%3D16781587%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26qmt%3D6145,6145,6145,6145,6145%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D1%26ces%26femt%3D2156%26femvt%3D0%26emc%3D11%26emuc%3D0%26emb%3D10,0,0,0,0%26avms%3Dexc%26qi%3D353618271%26psm%3D-2147483609%26psv%3D-2147483609%26psfv%3D-2147483609%26psa%3D0%26ptlt%3D1619276432168%26pngs%3D9s,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,6145,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.1%26t%3D1619276425792&sdkv=h.3.453.0&vci=Cm4IARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgRHREZQIAQqCjU1NzgzODM1NjAyDDEzODM0NTQ3NjY0OUDBBFIrCPIFEBIlAABwQSgBOgtKQVJJWkZTQUI0SUILZ29vZ2xldmlkZW9I1QJQABgB

Requested by

Host: www.tmj4.com
URL: https://www.tmj4.com/news/coronavirus/wisconsins-extended-safer-at-home-order-relaxes-restrictions-on-non-essential-businesses

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Apr 2021 15:00:32 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 g3-blue.jpg
cdn.traileraddict.com/content/consumable/ Frame 67FB 14 KB
15 KB 14ms
13ms Image
image/webp 2606:4700:20::ac43:453b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.traileraddict.com/content/consumable/g3-blue.jpg
Requested by: Host: yummy.consumable.com
URL: https://yummy.consumable.com/8580/cnsmbl-video-970x250/widget/iframe.js?cb=1619276425053
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:453b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 76e5591612f2b00c68824472590a1101ed872ed70cf5a40e8c665dcc5a5abb22

Request headers

Referer: https://www.tmj4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 15:00:32 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 112426
cf-polished: qual=85, origFmt=jpeg, origSize=37489
content-disposition: inline; filename="g3-blue.webp"
content-length: 14520
cf-request-id: 09a5fe9b4000000621b71ec000000001
last-modified: Sun, 06 Dec 2020 19:24:44 GMT
server: cloudflare
etag: "5fcd2ffc-9271"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=MxKqmnP9qbXNDOZgAvj0SRYWFPdKpmBp3O%2FEkWlZpLLd%2FPfgXrPMgV2fXcYRdpX5WK2RpS8fqBptT7tj03QHn2phZEC9H93po0vT9%2F5AS3HxVEBjUYrrGUkqgzvKRkycU8E%3D"}],"group":"cf-nel"}
content-type: image/webp
expires: Sun, 23 May 2021 07:40:27 GMT
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 645033a53edf0621-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 ping.gif
stats-dev.brid.tv/ Frame 67FB 0
346 B 52ms
30ms Image
image/gif 13.33.139.11
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stats-dev.brid.tv/ping.gif?p=13841&pr=p&b=c&pid=17750&s=450|250&os=l&m=0&apa=0&df=0&ow=14722&id=undefined&pub=p&e=r&aid=0&par=i&pp=0&wp=0&at=0
Requested by: Host: www.tmj4.com
URL: https://www.tmj4.com/news/coronavirus/wisconsins-extended-safer-at-home-order-relaxes-restrictions-on-non-essential-businesses
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.139.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-139-11.cph50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.tmj4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 10:06:45 GMT
via: 1.1 272207cd716e9cf4826b7bb013eea27e.cloudfront.net (CloudFront)
last-modified: Tue, 04 Dec 2018 09:25:32 GMT
server: AmazonS3
age: 36649
etag: "d41d8cd98f00b204e9800998ecf8427e"
x-cache: Hit from cloudfront
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
x-amz-cf-pop: CPH50-C2
accept-ranges: bytes
content-length: 0
x-amz-cf-id: bzyOKaNlurH2_lCeWiocvTt5HMbHmfmyLDcVXrYBkXRjgyDdsQTTdA==

GET
H/1.1 200
OK PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 5E86 6 KB
6 KB 15ms
14ms Script
text/html 185.64.189.115
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=51622761&p=156319&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1&async=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: ba011cf89a3b4610f2c3eee32eb45343ebe31e8f0fc634cd9519e5c9baecaff8

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 24 Apr 2021 15:00:30 GMT
P3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame D6A6 31 KB
9 KB 21ms
20ms Script
text/html 104.111.230.142
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-230-142.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: ed2d993c35cd51826ee304739d91e554bd9faa1b120602fc4b3baa15941a9e35

Request headers

Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 24 Apr 2021 15:00:32 GMT
Content-Encoding: gzip
Last-Modified: Mon, 19 Apr 2021 20:34:13 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=53887
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9242
Expires: Sun, 25 Apr 2021 05:58:39 GMT

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame 269C
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=a5266084-328f-4400-9c87-0778f57855a0
https://eu-u.openx.net/w/1.0/sd?cc=1&id=536872786&val=a5266084-328f-4400-9c87-0778f57855a0

43 B
106 B

17ms
17ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?cc=1&id=536872786&val=a5266084-328f-4400-9c87-0778f57855a0
Requested by: Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd?cc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: OXGW/16.205.4 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Apr 2021 15:00:35 GMT
via: 1.1 google
server: OXGW/16.205.4
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://eu-u.openx.net/w/1.0/sd?cc=1&id=536872786&val=a5266084-328f-4400-9c87-0778f57855a0
date: Sat, 24 Apr 2021 15:00:35 GMT
via: 1.1 google
server: OXGW/16.205.4
alt-svc: clear
content-length: 0
p3p: CP="CUR ADM OUR NOR STA NID"

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 269C
Redirect Chain

https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=WdMAjVzRANtC0V3cWtEVgQmCCY5Ch1yODdY-0JUt
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072956&gdpr=1&val=WdMAjVzRANtC0V3cWtEVgQmCCY5Ch1yODdY-0JUt

43 B
106 B

17ms
16ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?cc=1&id=537072956&gdpr=1&val=WdMAjVzRANtC0V3cWtEVgQmCCY5Ch1yODdY-0JUt
Requested by: Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd?cc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: OXGW/16.205.4 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Apr 2021 15:00:35 GMT
via: 1.1 google
server: OXGW/16.205.4
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://us-u.openx.net/w/1.0/sd?cc=1&id=537072956&gdpr=1&val=WdMAjVzRANtC0V3cWtEVgQmCCY5Ch1yODdY-0JUt
date: Sat, 24 Apr 2021 15:00:35 GMT
via: 1.1 google
server: OXGW/16.205.4
alt-svc: clear
content-length: 0
p3p: CP="CUR ADM OUR NOR STA NID"

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame 269C
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=22
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=5389254103115463766
https://eu-u.openx.net/w/1.0/sd?cc=1&id=537113484&val=5389254103115463766

43 B
106 B

19ms
15ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?cc=1&id=537113484&val=5389254103115463766
Requested by: Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd?cc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: OXGW/16.205.4 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Apr 2021 15:00:35 GMT
via: 1.1 google
server: OXGW/16.205.4
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://eu-u.openx.net/w/1.0/sd?cc=1&id=537113484&val=5389254103115463766
date: Sat, 24 Apr 2021 15:00:35 GMT
via: 1.1 google
server: OXGW/16.205.4
alt-svc: clear
content-length: 0
p3p: CP="CUR ADM OUR NOR STA NID"

GET
H2 200 openx
match.adsrvr.org/track/cmf/ Frame 269C 70 B
264 B 32ms
30ms Image
image/gif 52.30.50.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/openx?oxid=17610abb-9869-7e4d-c6ac-06d8727d0548&gdpr=1
Requested by: Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd?cc=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.30.50.112 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Apr 2021 15:00:32 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3-29 200 pixel
cm.g.doubleclick.net/ Frame 269C 170 B
188 B 18ms
17ms Image
image/png 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=M2IwZWQ5NzEtNTExZS0yMGU5LWQzNGMtNWM2MWI4OWZjYjI4

Requested by

Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd?cc=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Apr 2021 15:00:32 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 269C
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEMQgsahfFZaSUoh9aDiqB5M&google_cver=1
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESEMQgsahfFZaSUoh9aDiqB5M&google_cver=1

43 B
106 B

17ms
17ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESEMQgsahfFZaSUoh9aDiqB5M&google_cver=1
Requested by: Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd?cc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: OXGW/16.205.4 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Apr 2021 15:00:35 GMT
via: 1.1 google
server: OXGW/16.205.4
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESEMQgsahfFZaSUoh9aDiqB5M&google_cver=1
date: Sat, 24 Apr 2021 15:00:35 GMT
via: 1.1 google
server: OXGW/16.205.4
alt-svc: clear
content-length: 0
p3p: CP="CUR ADM OUR NOR STA NID"

GET
H2 200 pixel.gif
px.moatads.com/ Frame AF08 43 B
260 B 10ms
8ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=30&q=0&hp=1&pxm=7&vz=-&zp=4&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=SCRIPPSJSIMAINT1&ol=3852000540&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8D4Sq_GVK61%5Dml%22ZzTm!ja8V%22%3BU%5DDTg%7Df%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5tWhX%3C%3Ce%24%26~1%3Axkr%2BUe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3Ft%40yUtKC&th=4007238046&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&rc=2%2C0%2C0%2C0%2C0%2C1%2C0%2C0%2Cprobably%2Cprobably&rb=1-L6SP6bDFBj7g4pVV8xztRIWnSYK6kwU2JeJbBer2APsOGgK%2Ftq%2F3Cytr&sc=1&os=&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=610&qe=343&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&ql=&qo=0&qr=0&vf=1&vg=100&bq=8&g=7&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=343&w=610&zGSRC=1&gu=https%3A%2F%2Fwww.tmj4.com%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwww.tmj4.com&lp=https%3A%2F%2Fwww.tmj4.com&t=1619276425098&de=960360889283&cu=1619276425098&m=6900&ar=e4967b0-clean&iw=a9fcec9&cb=0&ym=0&ll=2&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=343&le=1&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A880%3A880%3A835%3A831&aa=1&ad=5447&cn=5447&gn=1&gk=5447&gl=5447&ez=1&co=5447&cp=2351&cq=0&cr=1&ew=1&hj=0&pv=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=6856&cd=3256&ah=6856&am=3256&dq=6075&dr=2475&ds=6075&dt=2475&zx=0&tb=0&fc=1&fk=1&vm=1&vl=270&vt=135&vd=0&zMoatSRE=0.10897395833333333&zMoatVSD=30&hc=0&er=0&es=0&gs=0&gt=0&eu=0&ev=0&et=1&dz=1&ek=1&ef=0&rf=0&re=1&cl=0&at=0&d=-%3A-%3A5578383560%3A138345476649&dfp=0%2C1&la=5578383560&zMoatPL=tmj4.com&zMoatPL2=tmj4.com&bo=tmj4.com&bd=tmj4.com&gw=scrippsjsimavideo263172958560&zMoatOrigSlicer1=__SLICER1__&zMoatOrigSlicer2=__SLICER2__&ab=3&ac=1&fd=1&kt=sframe&it=500&fz=1&or=0&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=189983&na=1592662811&cs=0
Requested by: Host: www.tmj4.com
URL: https://www.tmj4.com/news/coronavirus/wisconsins-extended-safer-at-home-order-relaxes-restrictions-on-non-essential-businesses
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://assets.scrippsdigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Apr 2021 15:00:32 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Sat, 24 Apr 2021 15:00:32 GMT

GET
H2 200 brid.parser.min.js Show response
p.brid.tv/player/build/plugins/parser/1.1.55/ Frame 67FB 81 KB
23 KB 31ms
31ms Script
application/javascript 143.204.245.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://p.brid.tv/player/build/plugins/parser/1.1.55/brid.parser.min.js
Requested by: Host: services.brid.tv
URL: https://services.brid.tv/player/build/brid.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.245.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-245-88.cph50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d7229b2a53e66eda3fb318b555fc6d3c244e5219db8f705287989010f7e836f8

Request headers

Referer: https://www.tmj4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 09:03:07 GMT
content-encoding: gzip
last-modified: Wed, 24 Mar 2021 09:08:56 GMT
server: AmazonS3
age: 21448
etag: W/"234a13c82e0b7980eebf391cface1b48"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 c0f81b73b25f5689e5357fd24a5fcb0d.cloudfront.net (CloudFront)
cache-control: max-age=31536000, public, immutable
x-amz-cf-pop: CPH50-C1
x-amz-cf-id: NYBqMn33tp4pNcW6wnWbtju5fexfK-Bg2A-k5lAI5yOnngSC6A7lTg==

GET
H3-29 200 bridge3.453.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 78B0 570 KB
186 KB 8ms
7ms Document
text/html 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.453.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

03fa924099182c607c33fb7877f50e7de0ae3522e1bcff8f7247ae5e88a2b25b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.453.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.tmj4.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.tmj4.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 190793
date: Fri, 23 Apr 2021 03:56:55 GMT
expires: Sat, 23 Apr 2022 03:56:55 GMT
last-modified: Wed, 21 Apr 2021 20:50:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 126217
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 client.js Show response
s0.2mdn.net/instream/video/ Frame 67FB 44 KB
16 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tmj4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 15:00:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
expires: Sat, 24 Apr 2021 15:00:32 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.de/adsid/ Frame 67FB 107 B
122 B 21ms
19ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.tmj4.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tmj4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 24 Apr 2021 15:00:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame 67FB 107 B
122 B 15ms
15ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.tmj4.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tmj4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 24 Apr 2021 15:00:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 g3-blue.jpg
cdn.traileraddict.com/content/consumable/ Frame 67FB 14 KB
15 KB 13ms
12ms Image
image/webp 2606:4700:20::ac43:453b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.traileraddict.com/content/consumable/g3-blue.jpg
Requested by: Host: yummy.consumable.com
URL: https://yummy.consumable.com/8580/cnsmbl-video-970x250/widget/iframe.js?cb=1619276425053
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:453b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 76e5591612f2b00c68824472590a1101ed872ed70cf5a40e8c665dcc5a5abb22

Request headers

Referer: https://www.tmj4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 15:00:35 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 112429
cf-polished: qual=85, origFmt=jpeg, origSize=37489
content-disposition: inline; filename="g3-blue.webp"
content-length: 14520
cf-request-id: 09a5fea7c700000621d8110000000001
last-modified: Sun, 06 Dec 2020 19:24:44 GMT
server: cloudflare
etag: "5fcd2ffc-9271"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=xch689oR427FtdeLKvwjvpEW6GU5GHdiWcoPamKPbadSWNumKlUR10PqbyOzzp6nlcbVuwxygY1cE52pXYSAl3m%2Fdr2sK5HBYKxUtU%2FtMvVn9dTr%2BxA1rjePLHn%2BiihMlKo%3D"}],"group":"cf-nel"}
content-type: image/webp
expires: Sun, 23 May 2021 07:40:27 GMT
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 645033b93f220621-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 8ms
8ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=1&hp=1&wf=1&vb=5&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=CRACKED_SCRIPPS_DFP_PREBID_HEADER1&ud=undefined&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8D4Sq_GVK61%5Dml%22ZzTm!ja8V%22%3BU%5DDTg%7Df%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5tWhX%3C%3Ce%24%26~1%3Axkr%2BUe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3Ft%40yUtKC&th=3321063859&tf=nMzjG---CSa7H-XSSptC-j7VIQD-xFQTS-nMzjG-&vi=111111&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=00&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.tmj4.com%2Fnews%2Fcoronavirus%2Fwisconsins-extended-safer-at-home-order-relaxes-restrictions-on-non-essential-businesses&confidence=2&pcode=crackedscrippsdfpprebidheader262014341684&ql=&qo=0&vf=1&vg=100&bq=11&zMoatpage=-&zMoatpos=above%2C1&zMoatpt=detail%2Ctrue&g=5&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=90&w=728&rm=1&fy=436&gp=1105&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.tmj4.com%2Fnews%2Fcoronavirus%2Fwisconsins-extended-safer-at-home-order-relaxes-restrictions-on-non-essential-businesses&id=1&f=0&j=&t=1619276421514&de=392083320754&rx=927200626535&cu=1619276421514&m=13898&ar=31f9dba90d7-clean&iw=07d6456&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A871043678126&td=1&lk=1105&lb=5512&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A626%3A626%3A0%3A649&as=1&ag=10758&an=7382&gi=1&gf=10758&gg=7382&ix=10758&ic=10758&ez=1&ck=1048&kw=504&aj=1&pg=100&pf=100&ib=1&cc=1&bw=10758&bx=7382&ci=1048&jz=504&dj=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=7504&cd=3858&ah=7504&am=3858&rf=0&re=0&wb=2&cl=0&at=0&d=16839141%3A237842901%3A5250393788%3A138298488418&gw=crackedscrippsdfpprebidheader262014341684&zMoatAdUnit1=ssp.tmj4&zMoatAdUnit2=inview-bottom&hv=findIframeAds&ab=2&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&tc=0&fs=180167&na=1641257312&cs=0
Requested by: Host: www.tmj4.com
URL: https://www.tmj4.com/news/coronavirus/wisconsins-extended-safer-at-home-order-relaxes-restrictions-on-non-essential-businesses
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.tmj4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Apr 2021 15:00:35 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Sat, 24 Apr 2021 15:00:35 GMT

GET v1
prebid.digitru.st/id/ Frame 445F 0
0

GET
H2 200 pixel.gif
px.moatads.com/ Frame AF08 43 B
260 B 10ms
10ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=29&q=1&hp=1&pxm=7&vz=-&zp=4&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=SCRIPPSJSIMAINT1&ol=3852000540&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8D4Sq_GVK61%5Dml%22ZzTm!ja8V%22%3BU%5DDTg%7Df%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5tWhX%3C%3Ce%24%26~1%3Axkr%2BUe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3Ft%40yUtKC&th=4007238046&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&rc=2%2C0%2C0%2C0%2C0%2C1%2C0%2C0%2Cprobably%2Cprobably&rb=1-L6SP6bDFBj7g4pVV8xztRIWnSYK6kwU2JeJbBer2APsOGgK%2Ftq%2F3Cytr&sc=1&os=&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=610&qe=343&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&ql=&qo=0&qr=0&vf=1&vg=100&bq=8&g=8&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=343&w=610&zGSRC=1&gu=https%3A%2F%2Fwww.tmj4.com%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwww.tmj4.com&lp=https%3A%2F%2Fwww.tmj4.com&t=1619276425098&de=960360889283&cu=1619276425098&m=7110&ar=e4967b0-clean&iw=a9fcec9&cb=0&ym=0&ll=2&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=343&le=1&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A880%3A880%3A835%3A831&aa=1&ad=5447&cn=5447&gn=1&gk=5447&gl=5447&ez=1&co=5447&cp=2351&cq=0&cr=1&ew=1&hj=0&pv=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=6856&cd=6856&ah=6856&am=6856&dq=6075&dr=6075&ds=6075&dt=6075&zx=0&tb=0&fc=1&fk=1&vm=1&vl=135&vt=173&vd=0&zMoatSRE=0.10897395833333333&zMoatVSD=23.42&hc=0&er=0&es=0&gs=0&gt=0&eu=0&ev=0&et=1&dz=1&ek=1&ef=0&eg=1&rf=0&re=1&cl=0&at=0&d=-%3A-%3A5578383560%3A138345476649&dfp=0%2C1&la=5578383560&zMoatPL=tmj4.com&zMoatPL2=tmj4.com&bo=tmj4.com&bd=tmj4.com&gw=scrippsjsimavideo263172958560&zMoatOrigSlicer1=__SLICER1__&zMoatOrigSlicer2=__SLICER2__&ab=3&ac=1&fd=1&kt=sframe&it=500&fz=1&or=0&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=189983&na=931101347&cs=0
Requested by: Host: www.tmj4.com
URL: https://www.tmj4.com/news/coronavirus/wisconsins-extended-safer-at-home-order-relaxes-restrictions-on-non-essential-businesses
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://assets.scrippsdigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Apr 2021 15:00:35 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Sat, 24 Apr 2021 15:00:35 GMT

POST
H/1.1 200
OK g Show response
capi.connatix.com/rtb/ Frame 1FBF 232 B
492 B 154ms
154ms XHR
multipart/form-data 3.143.119.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/rtb/g?v=114867
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.143.119.104 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 6d3cb300ee1cbe976fef01355a3578aaf7f5e4269d1bfa5120063204de8cba60

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: multipart/form-data

Response headers

Date: Sat, 24 Apr 2021 15:00:35 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: multipart/form-data
Access-Control-Allow-Origin: https://www.tmj4.com
transfer-encoding: chunked
Connection: keep-alive
Access-Control-Allow-Credentials: true

GET
H/1.1

200
OK

Pug
image2.pubmatic.com/AdServer/ Frame 5E86
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm=&google_sc=&gdpr=0&gdpr_consent=&google_tc=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESENkf0g0bJlj8ADXADbXsU_8&google_cver=1

42 B
855 B

14ms
14ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESENkf0g0bJlj8ADXADbXsU_8&google_cver=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 24 Apr 2021 15:00:33 GMT
X-lat: amspug020:0:290
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

pragma: no-cache
date: Sat, 24 Apr 2021 15:00:35 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESENkf0g0bJlj8ADXADbXsU_8&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 379
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubmatic
um.simpli.fi/ Frame 5E86 43 B
609 B 14ms
13ms Image
image/gif 159.253.128.188
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.253.128.188 Amsterdam, Netherlands, ASN36351 (SOFTLAYER, US),

Reverse DNS

bc.80.fd9f.ip4.static.sl-reverse.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 15:00:35 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Fri, 23 Apr 2021 15:00:35 GMT

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/ Frame 5E86
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=4c0fb35a-432f-4192-8e94-0e0dc6eaf333

42 B
882 B

17ms
15ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=4c0fb35a-432f-4192-8e94-0e0dc6eaf333
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 24 Apr 2021 15:00:35 GMT
X-lat: amspug012:0:424
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

pragma: no-cache
date: Sat, 24 Apr 2021 15:00:35 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=4c0fb35a-432f-4192-8e94-0e0dc6eaf333
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 313

GET
H/1.1

200
OK

Cookie set Pug Show response
image2.pubmatic.com/AdServer/ Frame 0ECC
Redirect Chain

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=7448561412368900957

42 B
769 B

15ms
14ms

Document
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=7448561412368900957
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host: image2.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: KRTBCOOKIE_1101=23040-6954739331519477899; PUBMDCID=3; KRTBCOOKIE_409=22966-GUDd8qBA9gGQKyNEOXs9Wshk; KRTBCOOKIE_153=1923-l_OME5LxjRSM9IISxaaZEMOhgxOM8tAekfe6ljlQ&KRTB&19420-l_OME5LxjRSM9IISxaaZEMOhgxOM8tAekfe6ljlQ&KRTB&22979-l_OME5LxjRSM9IISxaaZEMOhgxOM8tAekfe6ljlQ; PugT=1619276434
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

Server: nginx
Date: Sat, 24 Apr 2021 15:00:34 GMT
Content-Type: image/gif; charset=utf-8
Content-Length: 42
Connection: keep-alive
Set-Cookie: KRTBCOOKIE_336=5844-7448561412368900957; domain=pubmatic.com; SameSite=None; secure; expires=Mon, 24-May-2021 15:00:34 GMT; path=/ PugT=1619276434; domain=pubmatic.com; SameSite=None; secure; expires=Mon, 24-May-2021 15:00:34 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Fri, 23-Jul-2021 15:00:34 GMT; path=/
X-lat: amspug002:0:300
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private

Redirect headers

location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=7448561412368900957
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H2 200 usersync.aspx Show response
dis.criteo.com/dis/ Frame 49D7 43 B
326 B 46ms
14ms Document
image/gif 178.250.2.151
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

:method: GET
:authority: dis.criteo.com
:scheme: https
:path: /dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

cache-control: no-cache
pragma: no-cache
content-type: image/gif
expires: Sat, 24 Apr 2021 00:00:00 GMT
server: Microsoft-IIS/10.0
x-errorlevel: 0
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
server-processing-duration-in-ticks: 1233
x-powered-by: ASP.NET
date: Sat, 24 Apr 2021 15:00:34 GMT
content-length: 43

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/ Frame 5E86
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=2650122518224243743

42 B
801 B

30ms
14ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=2650122518224243743
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 24 Apr 2021 15:00:34 GMT
X-lat: amspug014:0:414
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

pragma: no-cache
date: Sat, 24 Apr 2021 15:00:35 GMT
server: nginx
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=2650122518224243743
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/ Frame 5E86
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:b13a6084-3293-4700-ba3e-86e159cff04e&gdpr=0&gdpr_consent=

42 B
946 B

15ms
14ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:b13a6084-3293-4700-ba3e-86e159cff04e&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 24 Apr 2021 15:00:34 GMT
X-lat: amspug008:0:398
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

Date: Sat, 24 Apr 2021 15:00:35 GMT
Server: MT3 3660 495c301 master zrh-pixel-x8
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:b13a6084-3293-4700-ba3e-86e159cff04e&gdpr=0&gdpr_consent=
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Sat, 24 Apr 2021 15:00:34 GMT

GET
H/1.1

200
OK

Pug
image2.pubmatic.com/AdServer/ Frame 5E86
Redirect Chain

https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA%3D%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5315332890397927562&gdpr=0&gdpr_consent=

42 B
769 B

16ms
14ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5315332890397927562&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 24 Apr 2021 15:00:34 GMT
X-lat: amspug002:0:493
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

Pragma: no-cache
Date: Sat, 24 Apr 2021 15:00:35 GMT
X-Proxy-Origin: 83.143.245.188; 83.143.245.188; 729.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.69:80
AN-X-Request-Uuid: f3db90f1-a2d3-454c-8f2a-bd48b1669a4e
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5315332890397927562&gdpr=0&gdpr_consent=
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

Pug
image2.pubmatic.com/AdServer/ Frame 5E86
Redirect Chain

https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=l_OME5LxjRSM9IISxaaZEMOhgxOM8tAekfe6ljlQ

42 B
894 B

14ms
14ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=l_OME5LxjRSM9IISxaaZEMOhgxOM8tAekfe6ljlQ
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 24 Apr 2021 15:00:34 GMT
X-lat: amspug018:0:358
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

pragma: no-cache
date: Sat, 24 Apr 2021 15:00:35 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=l_OME5LxjRSM9IISxaaZEMOhgxOM8tAekfe6ljlQ
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H/1.1

200
OK

Cookie set Pug Show response
simage2.pubmatic.com/AdServer/ Frame 6C73
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=9
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6954739331519477899

42 B
771 B

16ms
16ms

Document
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6954739331519477899
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host: simage2.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

Server: nginx
Date: Sat, 24 Apr 2021 15:00:35 GMT
Content-Type: image/gif; charset=utf-8
Content-Length: 42
Connection: keep-alive
Set-Cookie: KRTBCOOKIE_1101=23040-6954739331519477899; domain=pubmatic.com; SameSite=None; secure; expires=Mon, 24-May-2021 15:00:35 GMT; path=/ PugT=1619276435; domain=pubmatic.com; SameSite=None; secure; expires=Mon, 24-May-2021 15:00:35 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Fri, 23-Jul-2021 15:00:35 GMT; path=/
X-lat: amspug016:0:396
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private

Redirect headers

Server: nginx
Date: Sat, 24 Apr 2021 15:00:35 GMT
Transfer-Encoding: chunked
Connection: keep-alive
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Set-Cookie: UserID1=6954739331519477899; Max-Age=7776000; domain=.adfarm1.adition.com; Path=/; SameSite=None; Secure
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6954739331519477899

GET
H/1.1

200
OK

adx Show response
match.prod.bidr.io/cookie-sync/ Frame 8F25
Redirect Chain

https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFDNXcwN0JDR1VBQUN0U1RJVkEzUQ&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sy...
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1

43 B
430 B

44ms
43ms

Document
image/gif

52.209.246.140
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.209.246.140 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Host: match.prod.bidr.io
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: bito=AAC5w07BCGUAACtSTIVA3Q; bitoIsSecure=ok
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

cache-control: no-cache, must-revalidate
content-type: image/gif
Date: Sat, 24 Apr 2021 15:00:35 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
pragma: no-cache
Server: nginx
strict-transport-security: max-age=2592000; includeSubDomains
Content-Length: 43
Connection: keep-alive

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
date: Sat, 24 Apr 2021 15:00:35 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)
content-length: 355
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/ Frame 5E86
Redirect Chain

https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:607567c3-51a9-473f-b565-4f12fc5525e7&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw

42 B
505 B

17ms
14ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:607567c3-51a9-473f-b565-4f12fc5525e7&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 24 Apr 2021 15:00:34 GMT
X-lat: amspug015:0:340
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

Location: https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:607567c3-51a9-473f-b565-4f12fc5525e7&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date: Sat, 24 Apr 2021 15:00:35 GMT
Server: Apache/2.4.41 (Ubuntu)
Connection: Keep-Alive
Keep-Alive: timeout=5, max=3000
Content-Length: 0
P3P: policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"

GET
H/1.1

200
OK

Pug
image2.pubmatic.com/AdServer/ Frame 5E86
Redirect Chain

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=

42 B
760 B

21ms
20ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 24 Apr 2021 15:00:35 GMT
X-lat: amspug016:0:521
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

pragma: no-cache
date: Sat, 24 Apr 2021 15:00:34 GMT
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
cache-control: max-age=0,no-cache,no-store
content-length: 0
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/ Frame 5E86
Redirect Chain

https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=5315332890397927562

42 B
505 B

26ms
25ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=5315332890397927562
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 24 Apr 2021 15:00:35 GMT
X-lat: amspug010:0:351
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

Pragma: no-cache
Date: Sat, 24 Apr 2021 15:00:35 GMT
X-Proxy-Origin: 83.143.245.188; 83.143.245.188; 729.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.221.68:80
AN-X-Request-Uuid: 09cba937-0e21-4b1d-98a0-0ba93a65e13f
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=5315332890397927562
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

Cookie set Pug Show response
image2.pubmatic.com/AdServer/ Frame 32C1
Redirect Chain

https://green.erne.co/pubmatic/cm?
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=GUDd8qBA9gGQKyNEOXs9Wshk

42 B
775 B

15ms
15ms

Document
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=GUDd8qBA9gGQKyNEOXs9Wshk
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host: image2.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: KRTBCOOKIE_1101=23040-6954739331519477899; PugT=1619276435; PUBMDCID=3
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

Server: nginx
Date: Sat, 24 Apr 2021 15:00:33 GMT
Content-Type: image/gif; charset=utf-8
Content-Length: 42
Connection: keep-alive
Set-Cookie: KRTBCOOKIE_409=22966-GUDd8qBA9gGQKyNEOXs9Wshk; domain=pubmatic.com; SameSite=None; secure; expires=Mon, 24-May-2021 15:00:33 GMT; path=/ PugT=1619276433; domain=pubmatic.com; SameSite=None; secure; expires=Mon, 24-May-2021 15:00:33 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Fri, 23-Jul-2021 15:00:33 GMT; path=/
X-lat: amspug020:0:432
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private

Redirect headers

server: openresty
date: Sat, 24 Apr 2021 15:00:35 GMT
content-length: 0
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
set-cookie: u=GUDd8qBA9gGQKyNEOXs9Wshk; Max-Age=63072000; Domain=.erne.co; Path=/; Secure; SameSite=None
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=GUDd8qBA9gGQKyNEOXs9Wshk
strict-transport-security: max-age=0; includeSubDomains;

GET
H/1.1 200
OK bridge Show response
cm.adgrx.com/ Frame BA7E 43 B
408 B 27ms
26ms Document
image/gif 173.231.180.197
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 173.231.180.197 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: Cowboy /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Host: cm.adgrx.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

Date: Sat, 24 Apr 2021 15:00:35 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
server: Cowboy
X-RealServer-NX: ams-delivery-1
Cache-Control: no-cache, no-store, must-revalidate, proxy-revalidate
Pragma: no-cache
Expires: Thu, 23 Sep 2004 17:42:04 GMT
P3P: CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin: *

GET
H/1.1

200
OK

Cookie set Pug Show response
simage2.pubmatic.com/AdServer/ Frame 129A
Redirect Chain

https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=7369145341
https://sync.1rx.io/usersync/tradedesk/4c0fb35a-432f-4192-8e94-0e0dc6eaf333
https://sync.targeting.unrulymedia.com/csync/RX-38854f3a-ae98-4d81-8b7c-6c3d996fe28f-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-38854f3a-ae98-4d81-8b7c-6c3d996fe28f-003

42 B
849 B

15ms
14ms

Document
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-38854f3a-ae98-4d81-8b7c-6c3d996fe28f-003
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host: simage2.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: KRTBCOOKIE_1101=23040-6954739331519477899; PUBMDCID=3; KRTBCOOKIE_409=22966-GUDd8qBA9gGQKyNEOXs9Wshk; KRTBCOOKIE_153=1923-l_OME5LxjRSM9IISxaaZEMOhgxOM8tAekfe6ljlQ&KRTB&19420-l_OME5LxjRSM9IISxaaZEMOhgxOM8tAekfe6ljlQ&KRTB&22979-l_OME5LxjRSM9IISxaaZEMOhgxOM8tAekfe6ljlQ; KRTBCOOKIE_27=16735-uid:b13a6084-3293-4700-ba3e-86e159cff04e&KRTB&16736-uid:b13a6084-3293-4700-ba3e-86e159cff04e&KRTB&23019-uid:b13a6084-3293-4700-ba3e-86e159cff04e&KRTB&23114-uid:b13a6084-3293-4700-ba3e-86e159cff04e; KRTBCOOKIE_1074=22956-e_19a9f609-ebbe-4eee-be8a-f0bba58aab5b; KRTBCOOKIE_336=5844-7448561412368900957; KRTBCOOKIE_80=16514-CAESENkf0g0bJlj8ADXADbXsU_8&KRTB&22987-CAESENkf0g0bJlj8ADXADbXsU_8&KRTB&23025-CAESENkf0g0bJlj8ADXADbXsU_8; KRTBCOOKIE_57=22776-5315332890397927562; KRTBCOOKIE_188=3189-no-consent; PugT=1619276435; KRTBCOOKIE_377=6810-4c0fb35a-432f-4192-8e94-0e0dc6eaf333&KRTB&22918-4c0fb35a-432f-4192-8e94-0e0dc6eaf333&KRTB&23031-4c0fb35a-432f-4192-8e94-0e0dc6eaf333
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

Server: nginx
Date: Sat, 24 Apr 2021 15:00:35 GMT
Content-Type: image/gif; charset=utf-8
Content-Length: 42
Connection: keep-alive
Set-Cookie: KRTBCOOKIE_594=17105-RX-38854f3a-ae98-4d81-8b7c-6c3d996fe28f-003&KRTB&17107-RX-38854f3a-ae98-4d81-8b7c-6c3d996fe28f-003; domain=pubmatic.com; SameSite=None; secure; expires=Fri, 23-Jul-2021 15:00:35 GMT; path=/ PugT=1619276435; domain=pubmatic.com; SameSite=None; secure; expires=Mon, 24-May-2021 15:00:35 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Fri, 23-Jul-2021 15:00:35 GMT; path=/
X-lat: amspug016:0:423
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private

Redirect headers

server: Tengine
date: Sat, 24 Apr 2021 15:00:35 GMT
content-type: text/html
set-cookie: _rxuuid=%7B%22rx_uuid%22%3A%22RX-38854f3a-ae98-4d81-8b7c-6c3d996fe28f-003%22%7D; path=/; expires=Sun, 24 Apr 2022 15:00:35 GMT; domain=.targeting.unrulymedia.com; samesite=none; secure; httponly
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-38854f3a-ae98-4d81-8b7c-6c3d996fe28f-003
etag: RX38854f3aae984d818b7c6c3d996fe28f003

GET
H2 200 dpe Show response
ad4m.at/ad/ Frame 1CE2 42 B
275 B 30ms
30ms Document
image/gif 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox

Request headers

:method: GET
:authority: ad4m.at
:scheme: https
:path: /ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

date: Sat, 24 Apr 2021 15:00:35 GMT
content-type: image/gif
content-length: 42
set-cookie: __cfduid=debb07756b06630dc53183d394a89137e1619276435; expires=Mon, 24-May-21 15:00:35 GMT; path=/; domain=.ad4m.at; HttpOnly; SameSite=Lax; Secure
report-to: {"endpoints":[{"url":"https://as.ad4m.at/ad/vre"}],"group":"report-endpoint","max_age":86400}
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0"}
expires: 0
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
content-security-policy: block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
referrer-policy: same-origin
pragma: no-cache
surrogate-control: no-store
x-fastcgi-cache: BYPASS
x-backend-server: adsrv-7d3s
via: 1.1 google
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-request-id: 09a5fea82200001f4df21f2000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 645033b9ce111f4d-FRA

GET
H2

200

i.match Show response
s.tribalfusion.com/z/ Frame 4C41
Redirect Chain

https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...

43 B
443 B

768ms
768ms

Document
image/gif

2606:4700::6812:c05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

:method: GET
:authority: s.tribalfusion.com
:scheme: https
:path: /z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: ANON_ID=apnoeURkP6M6eCnq8oZcW3dOUZbUNqqycHWgFkmmbR
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

date: Sat, 24 Apr 2021 15:00:36 GMT
content-type: image/gif; charset=utf-8
content-length: 43
set-cookie: __cfduid=da1b56f71aae1789cfc54dc8662727d5e1619276435; expires=Mon, 24-May-21 15:00:35 GMT; path=/; domain=.tribalfusion.com; HttpOnly; SameSite=Lax ANON_ID=a9nsIHs2aF9pAJsbYL7IZa6RcrdpTDJlDbQLWQtQdWZdHU5w2Tgc3VqVsiRwLFeW1Yyfe4piAqvqxirmM9UyZaa89Sg; path=/; domain=.tribalfusion.com; expires=Fri, 23-Jul-2021 15:00:36 GMT; SameSite=None; Secure; ANON_ID_old=a9nsIHs2aF9pAJsbYL7IZa6RcrdpTDJlDbQLWQtQdWZdHU5w2Tgc3VqVsiRwLFeW1Yyfe4piAqvqxirmM9UyZaa89Sg; path=/; domain=.tribalfusion.com; expires=Fri, 23-Jul-2021 15:00:36 GMT;
p3p: CP="NOI DEVo TAIa OUR BUS"
x-function: 302
cache-control: no-cache private
expires: Thu, 01 Jan 1970 00:00:00 GMT
pragma: no-cache
cf-cache-status: DYNAMIC
cf-request-id: 09a5fea8cb00004eb016bbb000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 645033badb764eb0-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

date: Sat, 24 Apr 2021 15:00:35 GMT
content-type: text/html
set-cookie: __cfduid=da1b56f71aae1789cfc54dc8662727d5e1619276435; expires=Mon, 24-May-21 15:00:35 GMT; path=/; domain=.tribalfusion.com; HttpOnly; SameSite=Lax ANON_ID=apnoeURkP6M6eCnq8oZcW3dOUZbUNqqycHWgFkmmbR; path=/; domain=.tribalfusion.com; expires=Fri, 23-Jul-2021 15:00:35 GMT; SameSite=None; Secure; ANON_ID_old=apnoeURkP6M6eCnq8oZcW3dOUZbUNqqycHWgFkmmbR; path=/; domain=.tribalfusion.com; expires=Fri, 23-Jul-2021 15:00:35 GMT;
p3p: CP="NOI DEVo TAIa OUR BUS"
x-function: 206
x-reuse-index: 686
cache-control: no-cache private
expires: Thu, 01 Jan 1970 00:00:00 GMT
pragma: no-cache
location: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
cf-cache-status: DYNAMIC
cf-request-id: 09a5fea81f00004eb012ac6000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 645033b9c8d44eb0-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/ Frame 5E86
Redirect Chain

https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_19a9f609-ebbe-4eee-be8a-f0bba58aab5b

42 B
790 B

15ms
14ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_19a9f609-ebbe-4eee-be8a-f0bba58aab5b
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 24 Apr 2021 15:00:34 GMT
X-lat: amspug017:0:432
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_19a9f609-ebbe-4eee-be8a-f0bba58aab5b
date: Sat, 24 Apr 2021 15:00:35 GMT
p3p: CP="This is not a P3P policy"
server: nginx
timing-allow-origin: *
content-length: 0
content-language: en-US

GET
H/1.1

200
OK

Cookie set Pug Show response
simage2.pubmatic.com/AdServer/ Frame 2D8C
Redirect Chain

https://bh.contextweb.com/bh/rtset?pid=557219&ev=1&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&piggybackCookie=%%VGUID%%
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=1StNWF3AFRGf&pid=557219

1 B
463 B

18ms
14ms

Document
text/html

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=1StNWF3AFRGf&pid=557219
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Host: simage2.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: KRTBCOOKIE_1101=23040-6954739331519477899; PUBMDCID=3; KRTBCOOKIE_409=22966-GUDd8qBA9gGQKyNEOXs9Wshk; KRTBCOOKIE_153=1923-l_OME5LxjRSM9IISxaaZEMOhgxOM8tAekfe6ljlQ&KRTB&19420-l_OME5LxjRSM9IISxaaZEMOhgxOM8tAekfe6ljlQ&KRTB&22979-l_OME5LxjRSM9IISxaaZEMOhgxOM8tAekfe6ljlQ; KRTBCOOKIE_27=16735-uid:b13a6084-3293-4700-ba3e-86e159cff04e&KRTB&16736-uid:b13a6084-3293-4700-ba3e-86e159cff04e&KRTB&23019-uid:b13a6084-3293-4700-ba3e-86e159cff04e&KRTB&23114-uid:b13a6084-3293-4700-ba3e-86e159cff04e; KRTBCOOKIE_1074=22956-e_19a9f609-ebbe-4eee-be8a-f0bba58aab5b; KRTBCOOKIE_336=5844-7448561412368900957; KRTBCOOKIE_80=16514-CAESENkf0g0bJlj8ADXADbXsU_8&KRTB&22987-CAESENkf0g0bJlj8ADXADbXsU_8&KRTB&23025-CAESENkf0g0bJlj8ADXADbXsU_8; KRTBCOOKIE_57=22776-5315332890397927562; KRTBCOOKIE_188=3189-no-consent; PugT=1619276435; KRTBCOOKIE_377=6810-4c0fb35a-432f-4192-8e94-0e0dc6eaf333&KRTB&22918-4c0fb35a-432f-4192-8e94-0e0dc6eaf333&KRTB&23031-4c0fb35a-432f-4192-8e94-0e0dc6eaf333
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

Server: nginx
Date: Sat, 24 Apr 2021 15:00:34 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 1
Connection: keep-alive
Set-Cookie: PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Fri, 23-Jul-2021 15:00:34 GMT; path=/
X-lat: amspug011:0:351
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private

Redirect headers

p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cw-server: bh-deployment-7c488d4f5b-jwn8p
cache-control: private, max-age=0, no-cache, no-store
expires: -1
content-language: en-US
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=1StNWF3AFRGf&pid=557219
server: Jetty(9.4.14.v20181114)
strict-transport-security: max-age=15768000
set-cookie: INGRESSCOOKIE=77a4f9b444a09d67; path=/; HttpOnly; Secure; SameSite=None

GET
H2

200

rtb-h Show response
match.taboola.com/sg/pubmatic-ssp-network/1/ Frame ECBD
Redirect Chain

https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=eab59cc3-d4b8-45be-b11a-6f8ec72b8b7e-tuct77db813&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdSe...

0
52 B

16ms
15ms

Document
text/plain

199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=eab59cc3-d4b8-45be-b11a-6f8ec72b8b7e-tuct77db813&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method: GET
:authority: match.taboola.com
:scheme: https
:path: /sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=eab59cc3-d4b8-45be-b11a-6f8ec72b8b7e-tuct77db813&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: t_gid=eab59cc3-d4b8-45be-b11a-6f8ec72b8b7e-tuct77db813
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
accept-ranges: bytes
date: Sat, 24 Apr 2021 15:00:35 GMT
via: 1.1 varnish
x-served-by: cache-hhn11570-HHN
x-cache: MISS
x-cache-hits: 0
x-timer: S1619276436.515321,VS0,VE8
content-length: 0

Redirect headers

server: nginx
set-cookie: t_gid=eab59cc3-d4b8-45be-b11a-6f8ec72b8b7e-tuct77db813;Version=1;Path=/;Domain=.taboola.com;Expires=Sun, 24-Apr-2022 15:00:35 GMT;Max-Age=31536000;Secure;SameSite=None
location: https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=eab59cc3-d4b8-45be-b11a-6f8ec72b8b7e-tuct77db813&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
accept-ranges: bytes
date: Sat, 24 Apr 2021 15:00:35 GMT
via: 1.1 varnish
x-served-by: cache-hhn11570-HHN
x-cache: MISS
x-cache-hits: 0
x-timer: S1619276435.492018,VS0,VE9
x-vcl-time-ms: 9
content-length: 0

GET
H2 200 141 Show response
match.deepintent.com/usersync/ Frame BA26 0
39 B 96ms
96ms Document
text/plain 169.197.150.7
DEEPINTENT

General

Check archive.org

Show headers Download Go to

Full URL: https://match.deepintent.com/usersync/141?redir=https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw&piggybackCookie=${DI_USER_ID}&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 169.197.150.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS: g.deepintent.com
Software: b /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method: GET
:authority: match.deepintent.com
:scheme: https
:path: /usersync/141?redir=https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw&piggybackCookie=${DI_USER_ID}&gdpr=0&gdpr_consent=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

content-length: 0
date: Sat, 24 Apr 2021 15:00:35 GMT
server: b

GET
H/1.1

200
OK

user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 5E86
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=BCg5_Xo1Rn-rYTqrNd59fA%3D%3D
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

8 KB
8 KB

10ms
9ms

Image
text/html

2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 24 Apr 2021 15:00:35 GMT
Content-Encoding: gzip
Last-Modified: Wed, 21 Oct 2020 18:57:29 GMT
Server: Apache/2.2.15 (CentOS)
ETag: "1300708-1f78-5b232eb4914bb"
Vary: Accept-Encoding
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: max-age=70460
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: text/html; charset=UTF-8
Content-Length: 2654
Expires: Sun, 25 Apr 2021 10:34:55 GMT

Redirect headers

pragma: no-cache
date: Sat, 24 Apr 2021 15:00:35 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 272
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 mw
mwzeom.zeotap.com/ Frame 5E86 95 B
387 B 30ms
28ms Image
image/png 2606:4700:10::6816:1957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=042839FD-7A35-467F-AB61-3AAB35DE7D7C
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 15:00:35 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://ads.pubmatic.com
access-control-allow-credentials: true
cf-ray: 645033ba1e9f4e08-FRA
access-control-allow-headers: *
content-length: 95
cf-request-id: 09a5fea84d00004e0890245000000001

GET
H/1.1

200
OK

info2
uipglob.semasio.net/pubmatic/1/ Frame 5E86
Redirect Chain

https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=042839FD-7A35-467F-AB61-3AAB35DE7D7C&sInitiator=external&gdpr=0&gdpr_consent=
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=042839FD-7A35-467F-AB61-3AAB35DE7D7C&sInitiator=external&gdpr=0&gdpr_consent=

42 B
603 B

170ms
169ms

Image
image/gif

77.243.60.138
NETIC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=042839FD-7A35-467F-AB61-3AAB35DE7D7C&sInitiator=external&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 77.243.60.138 Aalborg, Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software: /
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Apr 2021 15:00:33 GMT
frontend-id: 1
p3p: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin: *
uip-response-status: Ok
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
content-length: 42
routing-server-id: -1
expires: Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 24 Apr 2021 15:00:33 GMT
frontend-id: 15
location: /pubmatic/1/info2?sType=sync&sExtCookieId=042839FD-7A35-467F-AB61-3AAB35DE7D7C&sInitiator=external&gdpr=0&gdpr_consent=
p3p: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin: *
uip-response-status: Ok
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 0
routing-server-id: -1
expires: Sat, 01 Jan 2011 12:00:00 GMT

GET
H/1.1

200
OK

Artemis
aud.pubmatic.com/AdServer/ Frame 5E86
Redirect Chain

https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=042839FD-7A35-467F-AB61-3AAB35DE7D7C&gdpr=
https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=042839FD-7A35-467F-AB61-3AAB35DE7D7C&gdpr=&fbounce=1
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=042839FD-7A35-467F-AB61-3AAB35DE7D7C&addseg=19,36,42

7 B
147 B

15ms
15ms

Image
text/plain

185.64.189.249
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=042839FD-7A35-467F-AB61-3AAB35DE7D7C&addseg=19,36,42
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.64.189.249 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 24 Apr 2021 15:00:35 GMT
Connection: keep-alive
Content-Length: 7
Content-Type: text/plain; charset=utf-8

Redirect headers

date: Sat, 24 Apr 2021 15:00:35 GMT
via: 1.1 google
p3p: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location: https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=042839FD-7A35-467F-AB61-3AAB35DE7D7C&addseg=19,36,42
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-type: text/html; charset=utf-8
alt-svc: clear
content-length: 141

GET
H/1.1

200
OK

Pug
image2.pubmatic.com/AdServer/ Frame 5E86
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MDQyODM5RkQtN0EzNS00NjdGLUFCNjEtM0FBQjM1REU3RDdD&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

42 B
505 B

17ms
17ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 24 Apr 2021 15:00:35 GMT
X-lat: amspug002:0:332
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

pragma: no-cache
date: Sat, 24 Apr 2021 15:00:35 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/ Frame 5E86
Redirect Chain

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
https://event.clientgear.com/cookie/bidswitch?partner=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=b85b6b29-735d-4e70-b33b-c214efcc539c
https://x.bidswitch.net/sync?dsp_id=257&user_id=mk99d1e74c-d35f-4a1f-900b-bb29c0a4e58d&expires=7&user_group=5&ssp=pubmatic&bsw_param=b85b6b29-735d-4e70-b33b-c214efcc539c
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=b85b6b29-735d-4e70-b33b-c214efcc539c&gdpr=&gdpr_consent=&gdpr_pd=

1 B
745 B

16ms
14ms

Image
text/html

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=b85b6b29-735d-4e70-b33b-c214efcc539c&gdpr=&gdpr_consent=&gdpr_pd=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 24 Apr 2021 15:00:34 GMT
X-lat: amspug003:0:413
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 1

Redirect headers

location: //simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=b85b6b29-735d-4e70-b33b-c214efcc539c&gdpr=&gdpr_consent=&gdpr_pd=
date: Sat, 24 Apr 2021 15:00:35 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2 200 042839FD-7A35-467F-AB61-3AAB35DE7D7C
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 5E86 43 B
577 B 34ms
33ms Image
image/gif 2a00:1288:110:c305::8000
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/pubmatic/042839FD-7A35-467F-AB61-3AAB35DE7D7C?gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 15:00:35 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
content-type: image/gif
x-xss-protection: 1; mode=block
content-length: 43
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

SPug
image4.pubmatic.com/AdServer/ Frame 5E86
Redirect Chain

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=042839FD-7A35-467F-AB61-3AAB35DE7D7C&redir=true&gdpr=0&gdpr_consent=
https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=042839FD-7A35-467F-AB61-3AAB35DE7D7C&redir=true&gdpr=0&gdpr_consent=&verify=true
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-7FhdTQhE2uX7IGqOLQ0ZPlW5vS_3.80-~A&gdpr=0&gdpr_consent=

0
742 B

17ms
15ms

Image
text/plain

185.64.189.114
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-7FhdTQhE2uX7IGqOLQ0ZPlW5vS_3.80-~A&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-Cnection: close
Date: Sat, 24 Apr 2021 15:00:35 GMT
Content-Encoding: gzip
Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6
Vary: Accept-Encoding
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-cache
Transfer-Encoding: chunked
Content-Type: text/plain; charset=utf-8

Redirect headers

Date: Sat, 24 Apr 2021 15:00:35 GMT
Server: ATS/7.1.2.128
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-7FhdTQhE2uX7IGqOLQ0ZPlW5vS_3.80-~A&gdpr=0&gdpr_consent=
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/ Frame 5E86
Redirect Chain

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4105589595274140268&gdpr=0&gdpr_consent=&us_privacy=

1 B
727 B

15ms
14ms

Image
text/html

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4105589595274140268&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 24 Apr 2021 15:00:35 GMT
X-lat: amspug010:0:437
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 1

Redirect headers

location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4105589595274140268&gdpr=0&gdpr_consent=&us_privacy=
pragma: no-cache
date: Sat, 24 Apr 2021 15:00:35 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/ Frame 5E86
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YIQykwAAbAgJrwBg&gdpr=0&gdpr_consent=&_test=YIQykwAAbAgJrwBg

1 B
809 B

15ms
15ms

Image
text/html

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YIQykwAAbAgJrwBg&gdpr=0&gdpr_consent=&_test=YIQykwAAbAgJrwBg
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 24 Apr 2021 15:00:34 GMT
X-lat: amspug020:0:450
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 1

Redirect headers

pragma: no-cache
date: Sat, 24 Apr 2021 15:00:35 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1619276436.730297,VS0,VE0
x-served-by: cache-hhn4063-HHN
x-cache: HIT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YIQykwAAbAgJrwBg&gdpr=0&gdpr_consent=&_test=YIQykwAAbAgJrwBg
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2 204 current
pubmatic-match.dotomi.com/match/bounce/ Frame 5E86 0
103 B 11ms
11ms Image
text/plain 2a02:fa8:8806:13::1370
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=042839FD-7A35-467F-AB61-3AAB35DE7D7C&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:13::1370 , United States, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Apr 2021 15:00:35 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame FDAA 36 KB
12 KB 7ms
5ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tmj4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 14:14:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
age: 2774
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
expires: Sat, 24 Apr 2021 15:14:21 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 14ms
14ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&wf=1&vb=5&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=CRACKED_SCRIPPS_DFP_PREBID_HEADER1&ud=undefined&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8D4Sq_GVK61%5Dml%22ZzTm!ja8V%22%3BU%5DDTg%7Df%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5tWhX%3C%3Ce%24%26~1%3Axkr%2BUe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3Ft%40yUtKC&th=3321063859&tf=nMzjG---CSa7H-XSSptC-j7VIQD-xFQTS-nMzjG-&vi=111111&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=00&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.tmj4.com%2Fnews%2Fcoronavirus%2Fwisconsins-extended-safer-at-home-order-relaxes-restrictions-on-non-essential-businesses&confidence=2&pcode=crackedscrippsdfpprebidheader262014341684&ql=&qo=0&vf=1&vg=100&bq=11&zMoatpage=-&zMoatpos=above%2C1&zMoatpt=detail%2Ctrue&g=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=600&w=300&rm=1&fy=975&gp=1841.921875&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.tmj4.com%2Fnews%2Fcoronavirus%2Fwisconsins-extended-safer-at-home-order-relaxes-restrictions-on-non-essential-businesses&id=1&f=0&j=&t=1619276421514&de=348010815284&rx=927200626535&cu=1619276421514&m=13899&ar=31f9dba90d7-clean&iw=07d6456&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A871043678126&td=1&lk=1841.921875&lb=5512&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=0&vx=0%3A-%3A-&pe=1%3A626%3A626%3A0%3A649&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&aj=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&dj=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=7250&cd=5&ah=7250&am=5&rf=0&re=0&wb=1&cl=0&at=0&d=16839141%3A237842901%3A2053316181%3A115751243541&gw=crackedscrippsdfpprebidheader262014341684&zMoatAdUnit1=ssp.tmj4&zMoatAdUnit2=news&hv=findIframeAds&ab=2&ac=1&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=3%3A-&tc=0&fs=180167&na=467980538&cs=0
Requested by: Host: www.tmj4.com
URL: https://www.tmj4.com/news/coronavirus/wisconsins-extended-safer-at-home-order-relaxes-restrictions-on-non-essential-businesses
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.tmj4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Apr 2021 15:00:35 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Sat, 24 Apr 2021 15:00:35 GMT

GET
H2 200 /
pubads.g.doubleclick.net/pagead/interaction/ Frame 5942 42 B
336 B 21ms
18ms Image
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pubads.g.doubleclick.net/pagead/interaction/?ai=B1YtIiTKEYIKSBsmT7_UPgcCQoAGahfLzRQAAABABIL2i3h84AFip5KGwgwRgleKQgqAHsgEMd3d3LnRtajQuY29tugEKMXgxMDAwX3htbMgBBdoBFWh0dHBzOi8vd3d3LnRtajQuY29tL5gCmHXAAgLgAgDqAiYvNjA4OC9zc3AudG1qNC9uZXdzL2Nvcm9uYXZpcnVzL2RldGFpbPgCgdIekAPIBpgD4AOoAwHgBAHSBQYQyMH94xSQBgGgBiOoB-zVG6gH89EbqAeW2BvYBwHgBw_SCAkIgOGAEBABGB3YCAKACgWYCwE&sigh=dgec9gaba9U&label=videoplaytime50&ad_mt=9097&acvw=sv%3D894%26cb%3Dj%26e%3D2%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,343,610%26tos%3D9501,0,0,0,0%26mtos%3D9501,9501,9501,9501,9501%26amtos%3D0,0,0,0,0%26mcvt%3D9501%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D9501%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D7653%26pst%3D902%26dur%3D15042%26vmtime%3D9097%26dtos%3D3356%26dtoss%3D3%26dvs%3D3356%26dfvs%3D3356%26dvpt%3D3356%26is%3D275%26i0%3D275%26i1%3D275%26i2%3D275%26ic%3D512%26cs%3D16782099%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26qmt%3D3356,3356,3356,3356,3356%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D1%26ces%26femt%3D2156%26femvt%3D0%26emc%3D13%26emuc%3D0%26emb%3D12,0,0,0,0%26avms%3Dexc%26qi%3D353618271%26psm%3D-2147483097%26psv%3D-2147483097%26psfv%3D-2147483097%26psa%3D0%26ptlt%3D1619276435524%26pngs%3D9s,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,9501,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.1%26t%3D1619276425792&sdkv=h.3.453.0&vci=Cm4IARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgRHREZQIAQqCjU1NzgzODM1NjAyDDEzODM0NTQ3NjY0OUDBBFIrCPIFEBIlAABwQSgBOgtKQVJJWkZTQUI0SUILZ29vZ2xldmlkZW9I1QJQABgB

Requested by

Host: www.tmj4.com
URL: https://www.tmj4.com/news/coronavirus/wisconsins-extended-safer-at-home-order-relaxes-restrictions-on-non-essential-businesses

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Apr 2021 15:00:35 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel.gif
px.moatads.com/ Frame AF08 43 B
260 B 8ms
8ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=5&q=2&hp=1&pxm=7&vz=-&zp=4&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=SCRIPPSJSIMAINT1&ol=3852000540&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8D4Sq_GVK61%5Dml%22ZzTm!ja8V%22%3BU%5DDTg%7Df%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5tWhX%3C%3Ce%24%26~1%3Axkr%2BUe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3Ft%40yUtKC&th=4007238046&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&rc=2%2C0%2C0%2C0%2C0%2C1%2C0%2C0%2Cprobably%2Cprobably&rb=1-L6SP6bDFBj7g4pVV8xztRIWnSYK6kwU2JeJbBer2APsOGgK%2Ftq%2F3Cytr&sc=1&os=&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=610&qe=343&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&ql=&qo=0&qr=0&vf=1&vg=100&bq=8&g=9&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=343&w=610&zGSRC=1&gu=https%3A%2F%2Fwww.tmj4.com%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwww.tmj4.com&lp=https%3A%2F%2Fwww.tmj4.com&t=1619276425098&de=960360889283&cu=1619276425098&m=10359&ar=e4967b0-clean&iw=a9fcec9&cb=0&ym=0&ll=2&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=343&le=1&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A880%3A880%3A835%3A831&aa=1&ad=8908&cn=5447&gn=1&gk=8908&gl=5447&ez=1&co=5447&cp=2351&cq=0&cr=1&ew=1&hj=1&pv=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=7075&cd=6856&ah=7075&am=6856&dq=6294&dr=6075&ds=6294&dt=6075&zx=0&tb=0&fc=1&fk=1&vm=1&vl=173&vt=283&vd=0&zMoatSRE=0.10897395833333333&zMoatVSD=23.42&hc=0&er=0&es=0&gs=0&gt=0&eu=0&ev=0&et=1&dz=1&ek=1&ef=0&eg=1&rf=0&re=1&cl=0&at=0&d=-%3A-%3A5578383560%3A138345476649&dfp=0%2C1&la=5578383560&zMoatPL=tmj4.com&zMoatPL2=tmj4.com&bo=tmj4.com&bd=tmj4.com&gw=scrippsjsimavideo263172958560&zMoatOrigSlicer1=__SLICER1__&zMoatOrigSlicer2=__SLICER2__&ab=3&ac=1&fd=1&kt=sframe&it=500&fz=1&or=0&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=189983&na=1710527689&cs=0
Requested by: Host: www.tmj4.com
URL: https://www.tmj4.com/news/coronavirus/wisconsins-extended-safer-at-home-order-relaxes-restrictions-on-non-essential-businesses
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://assets.scrippsdigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Apr 2021 15:00:35 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Sat, 24 Apr 2021 15:00:35 GMT

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame B69B
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17632&endpoint=us-east
https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east

281 B
554 B

14ms
13ms

Document
text/html

104.111.230.142
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
Requested by: Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-230-142.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 23 Feb 2021 20:47:52 GMT
ETag: "402b0-119-5bc0708346e00"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sat, 24 Apr 2021 15:00:35 GMT
Connection: keep-alive
Vary: Accept-Encoding

Redirect headers

Server: AkamaiGHost
Content-Length: 0
Location: https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
Date: Sat, 24 Apr 2021 15:00:35 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *

GET
H/1.1 200
OK user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 00A8 8 KB
3 KB 11ms
10ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Requested by: Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 23371b5319a53a0a2d3c59d738d679c384822c244ea4e791ef87a4110b8a291e

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: KRTBCOOKIE_1101=23040-6954739331519477899; PUBMDCID=3; KRTBCOOKIE_409=22966-GUDd8qBA9gGQKyNEOXs9Wshk; KRTBCOOKIE_153=1923-l_OME5LxjRSM9IISxaaZEMOhgxOM8tAekfe6ljlQ&KRTB&19420-l_OME5LxjRSM9IISxaaZEMOhgxOM8tAekfe6ljlQ&KRTB&22979-l_OME5LxjRSM9IISxaaZEMOhgxOM8tAekfe6ljlQ; PugT=1619276434
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/

Response headers

Last-Modified: Wed, 21 Oct 2020 18:57:29 GMT
ETag: "1300708-1f78-5b232eb4914bb"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 2654
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=70460
Expires: Sun, 25 Apr 2021 10:34:55 GMT
Date: Sat, 24 Apr 2021 15:00:35 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/ib/static/usersync/v3/ Frame 40E2 995 B
1 KB 27ms
7ms Document
text/html 151.101.113.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by: Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.108 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.13.10 /
Resource Hash: 8730c26defc411dd8a51f1da47e5ae3804fab6868f7914a26b09d8e0791bbe39

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: uuid2=5315332890397927562
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/

Response headers

Connection: keep-alive
Content-Length: 506
Server: nginx/1.13.10
Content-Type: text/html
Last-Modified: Fri, 20 May 2016 02:07:09 GMT
ETag: W/"573e714d-3e3"
Expires: Thu, 06 May 2021 05:24:22 GMT
Cache-Control: max-age=31536000
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Sat, 24 Apr 2021 15:00:35 GMT
Age: 30533773
X-Served-By: cache-lga21943-LGA, cache-hhn4073-HHN
X-Cache: HIT, HIT
X-Cache-Hits: 503850, 1844334
X-Timer: S1619276436.569752,VS0,VE0
Vary: Accept-Encoding

GET
H2

200

i.gif
e.serverbid.com/udb/9969/sync/ Frame 322A
Redirect Chain

https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D19%26userId%3D%24%7BUID%7D
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=19&userId=c737811b-5627-4e92-a15e-8eb82e642b72

0
44 B

101ms
101ms

Image
text/plain

134.209.131.220
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=19&userId=c737811b-5627-4e92-a15e-8eb82e642b72
Requested by: Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 134.209.131.220 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 15:00:35 GMT
content-length: 0

Redirect headers

pragma: no-cache
date: Sat, 24 Apr 2021 15:00:35 GMT
via: 1.1 google
server: Cowboy
access-control-allow-origin: null
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=19&userId=c737811b-5627-4e92-a15e-8eb82e642b72
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
content-length: 0
x-request-id: ohdh20sc7e7ajkfcqi4tstg28mt1l0o3

GET
H2

200

i.gif
e.serverbid.com/udb/9969/sync/ Frame 322A
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D28%26userId%3D%24UID
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=28&userId=5315332890397927562

0
44 B

100ms
98ms

Image
text/plain

134.209.131.220
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=28&userId=5315332890397927562
Requested by: Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 134.209.131.220 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 15:00:35 GMT
content-length: 0

Redirect headers

Pragma: no-cache
Date: Sat, 24 Apr 2021 15:00:35 GMT
X-Proxy-Origin: 83.143.245.188; 83.143.245.188; 729.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.41:80
AN-X-Request-Uuid: bbe96043-edc4-46a1-ad65-233c983e70d5
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=28&userId=5315332890397927562
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

i.gif
e.serverbid.com/udb/9969/sync/ Frame 322A
Redirect Chain

https://pixel.advertising.com/ups/56621/occ
https://pixel.advertising.com/ups/56621/occ?verify=true
https://ups.analytics.yahoo.com/ups/56621/occ?apid=UPd2d90daf-a50d-11eb-8cd5-06f3176763d2
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=29&userId=UPd2d90daf-a50d-11eb-8cd5-06f3176763d2

0
44 B

99ms
98ms

Image
text/plain

134.209.131.220
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=29&userId=UPd2d90daf-a50d-11eb-8cd5-06f3176763d2
Requested by: Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 134.209.131.220 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 15:00:35 GMT
content-length: 0

Redirect headers

Date: Sat, 24 Apr 2021 15:00:35 GMT
Server: ATS/7.1.2.128
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=29&userId=UPd2d90daf-a50d-11eb-8cd5-06f3176763d2
Connection: keep-alive
Content-Length: 0

GET
H2

200

i.gif
e.serverbid.com/udb/9969/sync/ Frame 322A
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=185073&cb=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D
https://ssum-sec.casalemedia.com/usermatchredir?s=185073&cb=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D&C=1
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=1&userId=YIQykz5zG25OFp25goLkUQAA%261142

0
44 B

98ms
98ms

Image
text/plain

134.209.131.220
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=1&userId=YIQykz5zG25OFp25goLkUQAA%261142
Requested by: Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 134.209.131.220 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 15:00:35 GMT
content-length: 0

Redirect headers

Pragma: no-cache
Date: Sat, 24 Apr 2021 15:00:35 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=1&userId=YIQykz5zG25OFp25goLkUQAA%261142
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 282
Expires: Sat, 24 Apr 2021 15:00:35 GMT

GET
H2

200

i.gif
e.serverbid.com/udb/9969/sync/ Frame 322A
Redirect Chain

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D24%26userId%3D%24UID
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D24%26userId%3D%24UID&sovrn_retry=true
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=24&userId=5b502b91e4569ee242619ab9

0
44 B

98ms
98ms

Image
text/plain

134.209.131.220
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=24&userId=5b502b91e4569ee242619ab9
Requested by: Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 134.209.131.220 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 15:00:35 GMT
content-length: 0

Redirect headers

Date: Sat, 24 Apr 2021 15:00:35 GMT
Server: nginx
Location: https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=24&userId=5b502b91e4569ee242619ab9
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap7ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H/1.1 200
OK usa
sync.go.sonobi.com/ Frame 322A 0
474 B 43ms
15ms Image
text/plain 178.162.133.149
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/usa?https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=38&userId=

Requested by

Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-sync.go.sonobi.com

Software

sonobi-go /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 24 Apr 2021 15:00:35 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-9
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Type: text/plain; charset=utf8
Content-Length: 0
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 match
e.serverbid.com/udb/9969/ Frame 322A 0
44 B 99ms
98ms Image
text/plain 134.209.131.220
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e.serverbid.com/udb/9969/match?redir=https://p.adsymptotic.com/d/px/?_pid=15964%26_rand=0.18976082506763037%26_psign=7af0e337a8b79b30c2c8126809252942%26_puuid=
Requested by: Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 134.209.131.220 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 15:00:35 GMT
content-length: 0

GET
H2 200 pixel.gif
px.moatads.com/ Frame AF08 43 B
260 B 10ms
8ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=29&q=2&hp=1&pxm=7&vz=-&zp=4&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=SCRIPPSJSIMAINT1&ol=3852000540&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8D4Sq_GVK61%5Dml%22ZzTm!ja8V%22%3BU%5DDTg%7Df%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5tWhX%3C%3Ce%24%26~1%3Axkr%2BUe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3Ft%40yUtKC&th=4007238046&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&rc=2%2C0%2C0%2C0%2C0%2C1%2C0%2C0%2Cprobably%2Cprobably&rb=1-L6SP6bDFBj7g4pVV8xztRIWnSYK6kwU2JeJbBer2APsOGgK%2Ftq%2F3Cytr&sc=1&os=&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=610&qe=343&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&ql=&qo=0&qr=0&vf=1&vg=100&bq=8&g=10&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=343&w=610&zGSRC=1&gu=https%3A%2F%2Fwww.tmj4.com%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwww.tmj4.com&lp=https%3A%2F%2Fwww.tmj4.com&t=1619276425098&de=960360889283&cu=1619276425098&m=10454&ar=e4967b0-clean&iw=a9fcec9&cb=0&ym=0&ll=2&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=343&le=1&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A880%3A880%3A835%3A831&aa=1&ad=8908&cn=8908&gn=1&gk=8908&gl=8908&ez=1&co=5447&cp=2351&cq=0&cr=1&ew=1&hj=1&pv=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=10317&cd=7075&ah=10317&am=7075&dq=9536&dr=6294&ds=9536&dt=6294&zx=0&tb=0&fc=1&fk=1&vm=1&vl=283&vt=283&vd=0&zMoatSRE=0.10897395833333333&zMoatVSD=23.42&dh=23420&hc=1&er=0&es=0&gs=0&gt=0&eu=0&ev=0&et=1&dz=1&ek=1&fh=8908&fi=8908&fj=0&ef=0&eg=1&eh=1&rf=0&re=1&cl=0&at=0&d=-%3A-%3A5578383560%3A138345476649&dfp=0%2C1&la=5578383560&zMoatPL=tmj4.com&zMoatPL2=tmj4.com&bo=tmj4.com&bd=tmj4.com&gw=scrippsjsimavideo263172958560&zMoatOrigSlicer1=__SLICER1__&zMoatOrigSlicer2=__SLICER2__&ab=3&ac=1&fd=1&kt=sframe&it=500&fz=1&or=0&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=189983&na=1640554407&cs=0
Requested by: Host: www.tmj4.com
URL: https://www.tmj4.com/news/coronavirus/wisconsins-extended-safer-at-home-order-relaxes-restrictions-on-non-essential-businesses
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://assets.scrippsdigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Apr 2021 15:00:35 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Sat, 24 Apr 2021 15:00:35 GMT

GET
H/1.1 200
OK showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame BFBC 38 KB
14 KB 10ms
9ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 82f1fbe95dbd4e1128a973db542bf50ab7ac8fbf35bfefca2e782b0a0572e564

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: KRTBCOOKIE_1101=23040-6954739331519477899; PUBMDCID=3; KRTBCOOKIE_409=22966-GUDd8qBA9gGQKyNEOXs9Wshk; KRTBCOOKIE_153=1923-l_OME5LxjRSM9IISxaaZEMOhgxOM8tAekfe6ljlQ&KRTB&19420-l_OME5LxjRSM9IISxaaZEMOhgxOM8tAekfe6ljlQ&KRTB&22979-l_OME5LxjRSM9IISxaaZEMOhgxOM8tAekfe6ljlQ; KRTBCOOKIE_27=16735-uid:b13a6084-3293-4700-ba3e-86e159cff04e&KRTB&16736-uid:b13a6084-3293-4700-ba3e-86e159cff04e&KRTB&23019-uid:b13a6084-3293-4700-ba3e-86e159cff04e&KRTB&23114-uid:b13a6084-3293-4700-ba3e-86e159cff04e; KRTBCOOKIE_1074=22956-e_19a9f609-ebbe-4eee-be8a-f0bba58aab5b; KRTBCOOKIE_336=5844-7448561412368900957; KRTBCOOKIE_80=16514-CAESENkf0g0bJlj8ADXADbXsU_8&KRTB&22987-CAESENkf0g0bJlj8ADXADbXsU_8&KRTB&23025-CAESENkf0g0bJlj8ADXADbXsU_8; KRTBCOOKIE_57=22776-5315332890397927562; KRTBCOOKIE_188=3189-no-consent; KRTBCOOKIE_377=6810-4c0fb35a-432f-4192-8e94-0e0dc6eaf333&KRTB&22918-4c0fb35a-432f-4192-8e94-0e0dc6eaf333&KRTB&23031-4c0fb35a-432f-4192-8e94-0e0dc6eaf333; KRTBCOOKIE_391=22924-2650122518224243743&KRTB&23263-2650122518224243743; KRTBCOOKIE_594=17105-RX-38854f3a-ae98-4d81-8b7c-6c3d996fe28f-003&KRTB&17107-RX-38854f3a-ae98-4d81-8b7c-6c3d996fe28f-003; PugT=1619276435
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D

Response headers

Last-Modified: Wed, 14 Apr 2021 09:18:30 GMT
ETag: "13006b6-98c2-5bfeb3aef82b4"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 14060
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=65765
Expires: Sun, 25 Apr 2021 09:16:40 GMT
Date: Sat, 24 Apr 2021 15:00:35 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H2 200 pixel.gif
px.moatads.com/ Frame AF08 43 B
260 B 8ms
8ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&pxm=7&vz=-&zp=4&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=SCRIPPSJSIMAINT1&ol=3852000540&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8D4Sq_GVK61%5Dml%22ZzTm!ja8V%22%3BU%5DDTg%7Df%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5tWhX%3C%3Ce%24%26~1%3Axkr%2BUe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3Ft%40yUtKC&th=4007238046&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&rc=2%2C0%2C0%2C0%2C0%2C1%2C0%2C0%2Cprobably%2Cprobably&rb=1-L6SP6bDFBj7g4pVV8xztRIWnSYK6kwU2JeJbBer2APsOGgK%2Ftq%2F3Cytr&sc=1&os=&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=610&qe=343&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&ql=&qo=0&qr=0&vf=1&vg=100&bq=8&g=11&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=343&w=610&zGSRC=1&gu=https%3A%2F%2Fwww.tmj4.com%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwww.tmj4.com&lp=https%3A%2F%2Fwww.tmj4.com&t=1619276425098&de=960360889283&cu=1619276425098&m=10455&ar=e4967b0-clean&iw=a9fcec9&cb=0&ym=0&ll=2&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=343&le=1&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A880%3A880%3A835%3A831&aa=1&ad=8908&cn=8908&gn=1&gk=8908&gl=8908&ez=1&co=5447&cp=2351&cq=0&cr=1&ew=1&hj=1&pv=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=10317&cd=10317&ah=10317&am=10317&dq=9536&dr=9536&ds=9536&dt=9536&zx=0&tb=0&fc=1&fk=1&vm=1&vl=283&vt=283&vd=0&zMoatSRE=0.10897395833333333&zMoatVSD=23.42&dh=23420&hc=1&er=0&es=0&gs=0&gt=0&eu=0&ev=0&et=1&dz=1&ek=1&fh=8908&fi=8908&fj=8908&ef=0&eg=1&eh=1&rf=0&re=1&cl=0&at=0&d=-%3A-%3A5578383560%3A138345476649&dfp=0%2C1&la=5578383560&zMoatPL=tmj4.com&zMoatPL2=tmj4.com&bo=tmj4.com&bd=tmj4.com&gw=scrippsjsimavideo263172958560&zMoatOrigSlicer1=__SLICER1__&zMoatOrigSlicer2=__SLICER2__&ab=3&ac=1&fd=1&kt=sframe&it=500&fz=1&or=0&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=189983&na=216464376&cs=0
Requested by: Host: www.tmj4.com
URL: https://www.tmj4.com/news/coronavirus/wisconsins-extended-safer-at-home-order-relaxes-restrictions-on-non-essential-businesses
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://assets.scrippsdigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Apr 2021 15:00:35 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Sat, 24 Apr 2021 15:00:35 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame B69B 31 KB
9 KB 21ms
20ms Script
text/html 104.111.230.142
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-230-142.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: ed2d993c35cd51826ee304739d91e554bd9faa1b120602fc4b3baa15941a9e35

Request headers

Referer: https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 24 Apr 2021 15:00:35 GMT
Content-Encoding: gzip
Last-Modified: Mon, 19 Apr 2021 20:34:13 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=53884
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9242
Expires: Sun, 25 Apr 2021 05:58:39 GMT

GET
H/1.1 200
OK async_usersync Show response
secure.adnxs.com/ Frame 40E2 0
745 B 15ms
14ms Script
text/html 185.33.221.13
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/async_usersync?cbfn=AN_async_load

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.13 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 24 Apr 2021 15:00:35 GMT
X-Proxy-Origin: 83.143.245.188; 83.143.245.188; 729.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.222.230:80
AN-X-Request-Uuid: ddeee7ca-23b0-4d92-ad4c-b61706279b94
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 pixel.gif
px.moatads.com/ Frame AF08 43 B
260 B 8ms
7ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=3&hp=1&pxm=7&vz=-&zp=4&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=SCRIPPSJSIMAINT1&ol=3852000540&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8D4Sq_GVK61%5Dml%22ZzTm!ja8V%22%3BU%5DDTg%7Df%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5tWhX%3C%3Ce%24%26~1%3Axkr%2BUe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3Ft%40yUtKC&th=4007238046&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&rc=2%2C0%2C0%2C0%2C0%2C1%2C0%2C0%2Cprobably%2Cprobably&rb=1-L6SP6bDFBj7g4pVV8xztRIWnSYK6kwU2JeJbBer2APsOGgK%2Ftq%2F3Cytr&sc=1&os=&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=610&qe=343&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&ql=&qo=0&qr=0&vf=1&vg=100&bq=8&g=12&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=343&w=610&zGSRC=1&gu=https%3A%2F%2Fwww.tmj4.com%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwww.tmj4.com&lp=https%3A%2F%2Fwww.tmj4.com&t=1619276425098&de=960360889283&cu=1619276425098&m=10569&ar=e4967b0-clean&iw=a9fcec9&cb=0&ym=0&ll=2&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=343&le=1&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A880%3A880%3A835%3A831&aa=1&ad=9118&cn=8908&gn=1&gk=9118&gl=8908&ez=1&co=5447&cp=2351&cq=0&cr=1&ew=1&hj=1&pv=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=10527&cd=10317&ah=10527&am=10317&dq=9746&dr=9536&ds=9746&dt=9536&zx=0&tb=0&fc=1&fk=1&vm=1&vl=283&vt=290&vd=0&zMoatSRE=0.10897395833333333&zMoatVSD=23.42&dh=23420&hc=1&er=0&es=0&gs=0&gt=0&eu=0&ev=0&et=1&dz=1&ek=1&fh=8908&fi=9118&fj=8908&ef=0&eg=1&eh=1&rf=0&re=1&cl=0&at=0&d=-%3A-%3A5578383560%3A138345476649&dfp=0%2C1&la=5578383560&zMoatPL=tmj4.com&zMoatPL2=tmj4.com&bo=tmj4.com&bd=tmj4.com&gw=scrippsjsimavideo263172958560&zMoatOrigSlicer1=__SLICER1__&zMoatOrigSlicer2=__SLICER2__&ab=3&ac=1&fd=1&kt=sframe&it=500&fz=1&or=0&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=189983&na=925215853&cs=0
Requested by: Host: www.tmj4.com
URL: https://www.tmj4.com/news/coronavirus/wisconsins-extended-safer-at-home-order-relaxes-restrictions-on-non-essential-businesses
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://assets.scrippsdigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Apr 2021 15:00:35 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Sat, 24 Apr 2021 15:00:35 GMT

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame B69B 284 B
536 B 10ms
9ms Image
image/jpg 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 284
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
Content-Type: image/jpg

GET
H/1.1 200
OK PugMaster Show response
image6.pubmatic.com/AdServer/ Frame BFBC 8 KB
9 KB 15ms
15ms Script
text/html 185.64.189.115
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=36333380&p=156319&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e368e37cdf224d5eb72e6d23ff616f9bd6f1bfbfad5b29cd5071f8ed96472471

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 24 Apr 2021 15:00:34 GMT
P3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 78B0 156 B
196 B 214ms
214ms XHR
text/xml 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?env=vp&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&correlator=4152678316410127&sz=640x480&url=https%3A%2F%2Fwww.tmj4.com%2Fnews%2Fcoronavirus%2Fwisconsins-extended-safer-at-home-order-relaxes-restrictions-on-non-essential-businesses&description_url=https%3A%2F%2Fwww.tmj4.com%2Fnews%2Fcoronavirus%2Fwisconsins-extended-safer-at-home-order-relaxes-restrictions-on-non-essential-businesses&iu=%2F133810016%2FScripps%2Fscripps-8580-cnsmbl-video-970x250-dr-d&cust_params=hb_uuid%3Dundefined%26hb_cache_id%3Dundefined&vpa=auto&vpmute=1&vconp=1&sdkv=h.3.453.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=450x50&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&u_so=l&ctv=0&mpt=brid-player&mpv=2.7.18&sdki=44d&adk=1144634723&sdk_apis=2%2C7%2C8&sid=B9D33167-A68D-451D-BC39-CD652F023BFA&eid=420706097%2C44725355%2C44739826&dt=1619276435729&cookie=ID%3D89179df639f3fe2f-22b5241cf0c70086%3AT%3D1619276427%3AS%3DALNI_MZc90WrfrfdZ9a8X19_wSdLmIXHsw&scor=2467311466890821&ged=ve4_td12_tt0_pd12_la12000_er234.420.384.720_vi0.0.1200.1600_vp100_eb24299

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.453.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 15:00:35 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

Pug
image2.pubmatic.com/AdServer/ Frame BFBC
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEA-ShnHD7NcLOc63ekbd9BE&google_cver=1

42 B
855 B

16ms
14ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEA-ShnHD7NcLOc63ekbd9BE&google_cver=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 24 Apr 2021 15:00:35 GMT
X-lat: amspug012:0:536
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

pragma: no-cache
date: Sat, 24 Apr 2021 15:00:35 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEA-ShnHD7NcLOc63ekbd9BE&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 379
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubmatic
um.simpli.fi/ Frame BFBC 43 B
409 B 13ms
12ms Image
image/gif 159.253.128.188
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=

Requested by

Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=36333380&p=156319&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.253.128.188 Amsterdam, Netherlands, ASN36351 (SOFTLAYER, US),

Reverse DNS

bc.80.fd9f.ip4.static.sl-reverse.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 15:00:35 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Fri, 23 Apr 2021 15:00:35 GMT

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/ Frame BFBC
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=4c0fb35a-432f-4192-8e94-0e0dc6eaf333

42 B
882 B

14ms
14ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=4c0fb35a-432f-4192-8e94-0e0dc6eaf333
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 24 Apr 2021 15:00:34 GMT
X-lat: amspug009:0:450
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

pragma: no-cache
date: Sat, 24 Apr 2021 15:00:35 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=4c0fb35a-432f-4192-8e94-0e0dc6eaf333
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 313

GET
H/1.1

200
OK

Cookie set Pug Show response
image2.pubmatic.com/AdServer/ Frame 61D3
Redirect Chain

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=7448561412368900957

42 B
769 B

19ms
14ms

Document
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=7448561412368900957
Requested by: Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=36333380&p=156319&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host: image2.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: KRTBCOOKIE_1101=23040-6954739331519477899; PUBMDCID=3; KRTBCOOKIE_409=22966-GUDd8qBA9gGQKyNEOXs9Wshk; KRTBCOOKIE_153=1923-l_OME5LxjRSM9IISxaaZEMOhgxOM8tAekfe6ljlQ&KRTB&19420-l_OME5LxjRSM9IISxaaZEMOhgxOM8tAekfe6ljlQ&KRTB&22979-l_OME5LxjRSM9IISxaaZEMOhgxOM8tAekfe6ljlQ; KRTBCOOKIE_27=16735-uid:b13a6084-3293-4700-ba3e-86e159cff04e&KRTB&16736-uid:b13a6084-3293-4700-ba3e-86e159cff04e&KRTB&23019-uid:b13a6084-3293-4700-ba3e-86e159cff04e&KRTB&23114-uid:b13a6084-3293-4700-ba3e-86e159cff04e; KRTBCOOKIE_1074=22956-e_19a9f609-ebbe-4eee-be8a-f0bba58aab5b; KRTBCOOKIE_336=5844-7448561412368900957; KRTBCOOKIE_80=16514-CAESENkf0g0bJlj8ADXADbXsU_8&KRTB&22987-CAESENkf0g0bJlj8ADXADbXsU_8&KRTB&23025-CAESENkf0g0bJlj8ADXADbXsU_8; KRTBCOOKIE_57=22776-5315332890397927562; KRTBCOOKIE_188=3189-no-consent; KRTBCOOKIE_377=6810-4c0fb35a-432f-4192-8e94-0e0dc6eaf333&KRTB&22918-4c0fb35a-432f-4192-8e94-0e0dc6eaf333&KRTB&23031-4c0fb35a-432f-4192-8e94-0e0dc6eaf333; KRTBCOOKIE_391=22924-2650122518224243743&KRTB&23263-2650122518224243743; KRTBCOOKIE_594=17105-RX-38854f3a-ae98-4d81-8b7c-6c3d996fe28f-003&KRTB&17107-RX-38854f3a-ae98-4d81-8b7c-6c3d996fe28f-003; KADUSERCOOKIE=CC35BD80-53DC-498D-8996-79DB92000082; SPugT=1619276435; KRTBCOOKIE_22=14911-4105589595274140268; chkChromeAb67Sec=1; DPSync3=1620432000%3A201_227_226_221; SyncRTB3=1620432000%3A204_231_220_161_99_189_88_165_222_71_166_22_3_176_54_8_81_230_21_56_7_13_55%7C1619827200%3A67_2_223_15%7C1620518400%3A35%7C1621814400%3A203%7C1620086400%3A63; KRTBCOOKIE_218=22978-YIQykwAAbAgJrwBg&KRTB&23194-YIQykwAAbAgJrwBg&KRTB&23209-YIQykwAAbAgJrwBg&KRTB&23244-YIQykwAAbAgJrwBg; PugT=1619276434; KRTBCOOKIE_466=16530-b85b6b29-735d-4e70-b33b-c214efcc539c
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

Server: nginx
Date: Sat, 24 Apr 2021 15:00:34 GMT
Content-Type: image/gif; charset=utf-8
Content-Length: 42
Connection: keep-alive
Set-Cookie: KRTBCOOKIE_336=5844-7448561412368900957; domain=pubmatic.com; SameSite=None; secure; expires=Mon, 24-May-2021 15:00:34 GMT; path=/ PugT=1619276434; domain=pubmatic.com; SameSite=None; secure; expires=Mon, 24-May-2021 15:00:34 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Fri, 23-Jul-2021 15:00:34 GMT; path=/
X-lat: amspug009:0:514
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private

Redirect headers

location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=7448561412368900957
set-cookie: guid=1.7448561412368900957; Max-Age=31104000; Path=/; Domain=.de17a.com;
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H2 200 usersync.aspx Show response
dis.criteo.com/dis/ Frame 993E 43 B
326 B 16ms
13ms Document
image/gif 178.250.2.151
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by: Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=36333380&p=156319&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

:method: GET
:authority: dis.criteo.com
:scheme: https
:path: /dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

cache-control: no-cache
pragma: no-cache
content-type: image/gif
expires: Sat, 24 Apr 2021 00:00:00 GMT
server: Microsoft-IIS/10.0
x-errorlevel: 0
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
server-processing-duration-in-ticks: 1778
x-powered-by: ASP.NET
date: Sat, 24 Apr 2021 15:00:35 GMT
content-length: 43

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/ Frame BFBC
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=2650122518224243743

42 B
801 B

15ms
14ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=2650122518224243743
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 24 Apr 2021 15:00:35 GMT
X-lat: amspug010:0:447
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

pragma: no-cache
date: Sat, 24 Apr 2021 15:00:35 GMT
server: nginx
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=2650122518224243743
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/ Frame BFBC
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:b13a6084-3293-4700-ba3e-86e159cff04e&gdpr=0&gdpr_consent=

42 B
946 B

16ms
15ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:b13a6084-3293-4700-ba3e-86e159cff04e&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 24 Apr 2021 15:00:34 GMT
X-lat: amspug015:0:471
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

Date: Sat, 24 Apr 2021 15:00:35 GMT
Server: MT3 3660 495c301 master zrh-pixel-x27
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:b13a6084-3293-4700-ba3e-86e159cff04e&gdpr=0&gdpr_consent=
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Sat, 24 Apr 2021 15:00:34 GMT

GET
H/1.1

200
OK

Pug
image2.pubmatic.com/AdServer/ Frame BFBC
Redirect Chain

https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5315332890397927562&gdpr=0&gdpr_consent=

42 B
769 B

46ms
17ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5315332890397927562&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 24 Apr 2021 15:00:34 GMT
X-lat: amspug013:0:551
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

Pragma: no-cache
Date: Sat, 24 Apr 2021 15:00:35 GMT
X-Proxy-Origin: 83.143.245.188; 83.143.245.188; 729.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.223.138:80
AN-X-Request-Uuid: 67422796-91b7-47b9-bfa0-bfbe98bd7bf8
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5315332890397927562&gdpr=0&gdpr_consent=
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET

bum
ums.acuityplatform.com/ Frame BFBC
Redirect Chain

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
https://ums.acuityplatform.com/bum?tpid=29&uid=b85b6b29-735d-4e70-b33b-c214efcc539c&bidswitch_ssp_id=pubmatic

0
0

GET
H/1.1

200
OK

Pug
image2.pubmatic.com/AdServer/ Frame BFBC
Redirect Chain

https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=l_OME5LxjRSM9IISxaaZEMOhgxOM8tAekfe6ljlQ

42 B
894 B

17ms
14ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=l_OME5LxjRSM9IISxaaZEMOhgxOM8tAekfe6ljlQ
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 24 Apr 2021 15:00:35 GMT
X-lat: amspug010:0:414
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

location: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=l_OME5LxjRSM9IISxaaZEMOhgxOM8tAekfe6ljlQ
pragma: no-cache
date: Sat, 24 Apr 2021 15:00:35 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
strict-transport-security: max-age=86400
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H/1.1

200
OK

Cookie set Pug Show response
simage2.pubmatic.com/AdServer/ Frame ED49
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=9
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6954739331519477899

42 B
771 B

16ms
14ms

Document
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6954739331519477899
Requested by: Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=36333380&p=156319&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host: simage2.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: KRTBCOOKIE_1101=23040-6954739331519477899; PUBMDCID=3; KRTBCOOKIE_409=22966-GUDd8qBA9gGQKyNEOXs9Wshk; KRTBCOOKIE_153=1923-l_OME5LxjRSM9IISxaaZEMOhgxOM8tAekfe6ljlQ&KRTB&19420-l_OME5LxjRSM9IISxaaZEMOhgxOM8tAekfe6ljlQ&KRTB&22979-l_OME5LxjRSM9IISxaaZEMOhgxOM8tAekfe6ljlQ; KRTBCOOKIE_27=16735-uid:b13a6084-3293-4700-ba3e-86e159cff04e&KRTB&16736-uid:b13a6084-3293-4700-ba3e-86e159cff04e&KRTB&23019-uid:b13a6084-3293-4700-ba3e-86e159cff04e&KRTB&23114-uid:b13a6084-3293-4700-ba3e-86e159cff04e; KRTBCOOKIE_1074=22956-e_19a9f609-ebbe-4eee-be8a-f0bba58aab5b; KRTBCOOKIE_336=5844-7448561412368900957; KRTBCOOKIE_80=16514-CAESENkf0g0bJlj8ADXADbXsU_8&KRTB&22987-CAESENkf0g0bJlj8ADXADbXsU_8&KRTB&23025-CAESENkf0g0bJlj8ADXADbXsU_8; KRTBCOOKIE_57=22776-5315332890397927562; KRTBCOOKIE_188=3189-no-consent; KRTBCOOKIE_377=6810-4c0fb35a-432f-4192-8e94-0e0dc6eaf333&KRTB&22918-4c0fb35a-432f-4192-8e94-0e0dc6eaf333&KRTB&23031-4c0fb35a-432f-4192-8e94-0e0dc6eaf333; KRTBCOOKIE_391=22924-2650122518224243743&KRTB&23263-2650122518224243743; KRTBCOOKIE_594=17105-RX-38854f3a-ae98-4d81-8b7c-6c3d996fe28f-003&KRTB&17107-RX-38854f3a-ae98-4d81-8b7c-6c3d996fe28f-003; KADUSERCOOKIE=CC35BD80-53DC-498D-8996-79DB92000082; SPugT=1619276435; KRTBCOOKIE_22=14911-4105589595274140268; chkChromeAb67Sec=1; DPSync3=1620432000%3A201_227_226_221; SyncRTB3=1620432000%3A204_231_220_161_99_189_88_165_222_71_166_22_3_176_54_8_81_230_21_56_7_13_55%7C1619827200%3A67_2_223_15%7C1620518400%3A35%7C1621814400%3A203%7C1620086400%3A63; KRTBCOOKIE_218=22978-YIQykwAAbAgJrwBg&KRTB&23194-YIQykwAAbAgJrwBg&KRTB&23209-YIQykwAAbAgJrwBg&KRTB&23244-YIQykwAAbAgJrwBg; PugT=1619276434
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

Server: nginx
Date: Sat, 24 Apr 2021 15:00:35 GMT
Content-Type: image/gif; charset=utf-8
Content-Length: 42
Connection: keep-alive
Set-Cookie: KRTBCOOKIE_1101=23040-6954739331519477899; domain=pubmatic.com; SameSite=None; secure; expires=Mon, 24-May-2021 15:00:35 GMT; path=/ PugT=1619276435; domain=pubmatic.com; SameSite=None; secure; expires=Mon, 24-May-2021 15:00:35 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Fri, 23-Jul-2021 15:00:35 GMT; path=/
X-lat: amspug007:0:310
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private

Redirect headers

Server: nginx
Date: Sat, 24 Apr 2021 15:00:35 GMT
Transfer-Encoding: chunked
Connection: keep-alive
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Set-Cookie: UserID1=6954739331519477899; Max-Age=7776000; domain=.adfarm1.adition.com; Path=/; SameSite=None; Secure
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6954739331519477899

GET
H/1.1

200
OK

redir Show response
rtb-csync.smartadserver.com/ Frame 816B
Redirect Chain

https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAC5w07BCGUAACtSTIVA3Q&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Cpm%26bee_sync_curre...

43 B
163 B

55ms
17ms

Document
image/gif

185.86.138.143
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAC5w07BCGUAACtSTIVA3Q&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dpm%26bee_sync_hop_count%3D1%26userid%3DSMART_USER_ID
Requested by: Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=36333380&p=156319&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.143 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Host: rtb-csync.smartadserver.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

date: Sat, 24 Apr 2021 15:00:35 GMT
content-type: image/gif
transfer-encoding: chunked

Redirect headers

Date: Sat, 24 Apr 2021 15:00:35 GMT
location: https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAC5w07BCGUAACtSTIVA3Q&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dpm%26bee_sync_hop_count%3D1%26userid%3DSMART_USER_ID
Server: nginx
strict-transport-security: max-age=2592000; includeSubDomains
Content-Length: 0
Connection: keep-alive

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/ Frame BFBC
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YIQykwAAbAgJrwBg&gdpr=0&gdpr_consent=

1 B
809 B

17ms
14ms

Image
text/html

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YIQykwAAbAgJrwBg&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 24 Apr 2021 15:00:34 GMT
X-lat: amspug017:0:442
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 1

Redirect headers

pragma: no-cache
date: Sat, 24 Apr 2021 15:00:35 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1619276436.754921,VS0,VE0
x-served-by: cache-hhn4063-HHN
x-cache: HIT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YIQykwAAbAgJrwBg&gdpr=0&gdpr_consent=
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/ Frame BFBC
Redirect Chain

https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:607567c3-51a9-473f-b565-4f12fc5525e7&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw

42 B
505 B

17ms
14ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:607567c3-51a9-473f-b565-4f12fc5525e7&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 24 Apr 2021 15:00:34 GMT
X-lat: amspug006:0:343
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

Location: https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:607567c3-51a9-473f-b565-4f12fc5525e7&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date: Sat, 24 Apr 2021 15:00:35 GMT
Server: Apache/2.4.41 (Ubuntu)
Connection: Keep-Alive
Keep-Alive: timeout=5, max=2999
Content-Length: 0
P3P: policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"

GET
H/1.1

200
OK

Pug
image2.pubmatic.com/AdServer/ Frame BFBC
Redirect Chain

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=

42 B
760 B

30ms
15ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 24 Apr 2021 15:00:34 GMT
X-lat: amspug006:0:426
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

pragma: no-cache
date: Sat, 24 Apr 2021 15:00:34 GMT
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
cache-control: max-age=0,no-cache,no-store
content-length: 0
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/ Frame BFBC
Redirect Chain

https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=5315332890397927562

42 B
505 B

15ms
14ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=5315332890397927562
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 24 Apr 2021 15:00:34 GMT
X-lat: amspug014:0:391
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

Pragma: no-cache
Date: Sat, 24 Apr 2021 15:00:35 GMT
X-Proxy-Origin: 83.143.245.188; 83.143.245.188; 729.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.49:80
AN-X-Request-Uuid: a5605c28-d3cb-409a-815e-eacdbc11b8dc
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=5315332890397927562
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

Cookie set Pug Show response
image2.pubmatic.com/AdServer/ Frame B5B5
Redirect Chain

https://green.erne.co/pubmatic/cm?
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=GUDd8qBA9gGQKyNEOXs9Wshk

42 B
775 B

28ms
14ms

Document
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=GUDd8qBA9gGQKyNEOXs9Wshk
Requested by: Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=36333380&p=156319&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host: image2.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: KRTBCOOKIE_1101=23040-6954739331519477899; PUBMDCID=3; KRTBCOOKIE_409=22966-GUDd8qBA9gGQKyNEOXs9Wshk; KRTBCOOKIE_153=1923-l_OME5LxjRSM9IISxaaZEMOhgxOM8tAekfe6ljlQ&KRTB&19420-l_OME5LxjRSM9IISxaaZEMOhgxOM8tAekfe6ljlQ&KRTB&22979-l_OME5LxjRSM9IISxaaZEMOhgxOM8tAekfe6ljlQ; KRTBCOOKIE_27=16735-uid:b13a6084-3293-4700-ba3e-86e159cff04e&KRTB&16736-uid:b13a6084-3293-4700-ba3e-86e159cff04e&KRTB&23019-uid:b13a6084-3293-4700-ba3e-86e159cff04e&KRTB&23114-uid:b13a6084-3293-4700-ba3e-86e159cff04e; KRTBCOOKIE_1074=22956-e_19a9f609-ebbe-4eee-be8a-f0bba58aab5b; KRTBCOOKIE_336=5844-7448561412368900957; KRTBCOOKIE_80=16514-CAESENkf0g0bJlj8ADXADbXsU_8&KRTB&22987-CAESENkf0g0bJlj8ADXADbXsU_8&KRTB&23025-CAESENkf0g0bJlj8ADXADbXsU_8; KRTBCOOKIE_57=22776-5315332890397927562; KRTBCOOKIE_188=3189-no-consent; KRTBCOOKIE_377=6810-4c0fb35a-432f-4192-8e94-0e0dc6eaf333&KRTB&22918-4c0fb35a-432f-4192-8e94-0e0dc6eaf333&KRTB&23031-4c0fb35a-432f-4192-8e94-0e0dc6eaf333; KRTBCOOKIE_391=22924-2650122518224243743&KRTB&23263-2650122518224243743; KRTBCOOKIE_594=17105-RX-38854f3a-ae98-4d81-8b7c-6c3d996fe28f-003&KRTB&17107-RX-38854f3a-ae98-4d81-8b7c-6c3d996fe28f-003; KADUSERCOOKIE=CC35BD80-53DC-498D-8996-79DB92000082; SPugT=1619276435; KRTBCOOKIE_22=14911-4105589595274140268; chkChromeAb67Sec=1; DPSync3=1620432000%3A201_227_226_221; SyncRTB3=1620432000%3A204_231_220_161_99_189_88_165_222_71_166_22_3_176_54_8_81_230_21_56_7_13_55%7C1619827200%3A67_2_223_15%7C1620518400%3A35%7C1621814400%3A203%7C1620086400%3A63; KRTBCOOKIE_218=22978-YIQykwAAbAgJrwBg&KRTB&23194-YIQykwAAbAgJrwBg&KRTB&23209-YIQykwAAbAgJrwBg&KRTB&23244-YIQykwAAbAgJrwBg; PugT=1619276434
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

Server: nginx
Date: Sat, 24 Apr 2021 15:00:35 GMT
Content-Type: image/gif; charset=utf-8
Content-Length: 42
Connection: keep-alive
Set-Cookie: KRTBCOOKIE_409=22966-GUDd8qBA9gGQKyNEOXs9Wshk; domain=pubmatic.com; SameSite=None; secure; expires=Mon, 24-May-2021 15:00:35 GMT; path=/ PugT=1619276435; domain=pubmatic.com; SameSite=None; secure; expires=Mon, 24-May-2021 15:00:35 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Fri, 23-Jul-2021 15:00:35 GMT; path=/
X-lat: amspug008:0:465
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private

Redirect headers

server: openresty
date: Sat, 24 Apr 2021 15:00:35 GMT
content-length: 0
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=GUDd8qBA9gGQKyNEOXs9Wshk
strict-transport-security: max-age=0; includeSubDomains;

GET
H/1.1 200
OK bridge Show response
cm.adgrx.com/ Frame 0DC4 43 B
408 B 33ms
30ms Document
image/gif 173.231.180.197
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by: Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=36333380&p=156319&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 173.231.180.197 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: Cowboy /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Host: cm.adgrx.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

Date: Sat, 24 Apr 2021 15:00:35 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
server: Cowboy
X-RealServer-NX: ams-delivery-1
Cache-Control: no-cache, no-store, must-revalidate, proxy-revalidate
Pragma: no-cache
Expires: Thu, 23 Sep 2004 17:42:04 GMT
P3P: CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin: *

GET
H/1.1

200
OK

Cookie set Pug Show response
simage2.pubmatic.com/AdServer/ Frame 287A
Redirect Chain

https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-38854f3a-ae98-4d81-8b7c-6c3d996fe28f-003&rndcb=4601500639
https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=adconductor&bsw_param=b85b6b29-735d-4e70-b33b-c214efcc539c&google_hm=Yjg1YjZiMjktNzM1ZC00ZTcwLWIzM2ItYzIxNGVmY2M1...
https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEGsKos7MNz4EUHsuOgnfi94&google_cver=1&ssp=adconductor&bsw_param=b85b6b29-735d-4e70-b33b-c214efcc539c
https://sync.1rx.io/usersync/bidswitch/b85b6b29-735d-4e70-b33b-c214efcc539c?gdpr=&gdpr_consent=
https://sync.targeting.unrulymedia.com/csync/RX-38854f3a-ae98-4d81-8b7c-6c3d996fe28f-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-38854f3a-ae98-4d81-8b7c-6c3d996fe28f-003

42 B
849 B

56ms
55ms

Document
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-38854f3a-ae98-4d81-8b7c-6c3d996fe28f-003
Requested by: Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=36333380&p=156319&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host: simage2.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: KRTBCOOKIE_1101=23040-6954739331519477899; PUBMDCID=3; KRTBCOOKIE_409=22966-GUDd8qBA9gGQKyNEOXs9Wshk; KRTBCOOKIE_153=1923-l_OME5LxjRSM9IISxaaZEMOhgxOM8tAekfe6ljlQ&KRTB&19420-l_OME5LxjRSM9IISxaaZEMOhgxOM8tAekfe6ljlQ&KRTB&22979-l_OME5LxjRSM9IISxaaZEMOhgxOM8tAekfe6ljlQ; KRTBCOOKIE_27=16735-uid:b13a6084-3293-4700-ba3e-86e159cff04e&KRTB&16736-uid:b13a6084-3293-4700-ba3e-86e159cff04e&KRTB&23019-uid:b13a6084-3293-4700-ba3e-86e159cff04e&KRTB&23114-uid:b13a6084-3293-4700-ba3e-86e159cff04e; KRTBCOOKIE_1074=22956-e_19a9f609-ebbe-4eee-be8a-f0bba58aab5b; KRTBCOOKIE_336=5844-7448561412368900957; KRTBCOOKIE_57=22776-5315332890397927562; KRTBCOOKIE_188=3189-no-consent; KRTBCOOKIE_377=6810-4c0fb35a-432f-4192-8e94-0e0dc6eaf333&KRTB&22918-4c0fb35a-432f-4192-8e94-0e0dc6eaf333&KRTB&23031-4c0fb35a-432f-4192-8e94-0e0dc6eaf333; KRTBCOOKIE_391=22924-2650122518224243743&KRTB&23263-2650122518224243743; KRTBCOOKIE_594=17105-RX-38854f3a-ae98-4d81-8b7c-6c3d996fe28f-003&KRTB&17107-RX-38854f3a-ae98-4d81-8b7c-6c3d996fe28f-003; KADUSERCOOKIE=CC35BD80-53DC-498D-8996-79DB92000082; KRTBCOOKIE_22=14911-4105589595274140268; chkChromeAb67Sec=1; DPSync3=1620432000%3A201_227_226_221; SyncRTB3=1620432000%3A204_231_220_161_99_189_88_165_222_71_166_22_3_176_54_8_81_230_21_56_7_13_55%7C1619827200%3A67_2_223_15%7C1620518400%3A35%7C1621814400%3A203%7C1620086400%3A63; KRTBCOOKIE_218=22978-YIQykwAAbAgJrwBg&KRTB&23194-YIQykwAAbAgJrwBg&KRTB&23209-YIQykwAAbAgJrwBg&KRTB&23244-YIQykwAAbAgJrwBg; KRTBCOOKIE_466=16530-b85b6b29-735d-4e70-b33b-c214efcc539c; KRTBCOOKIE_80=16514-CAESEA-ShnHD7NcLOc63ekbd9BE&KRTB&22987-CAESEA-ShnHD7NcLOc63ekbd9BE&KRTB&23025-CAESEA-ShnHD7NcLOc63ekbd9BE; PugT=1619276434; SPugT=1619276434
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

Server: nginx
Date: Sat, 24 Apr 2021 15:00:34 GMT
Content-Type: image/gif; charset=utf-8
Content-Length: 42
Connection: keep-alive
Set-Cookie: KRTBCOOKIE_594=17105-RX-38854f3a-ae98-4d81-8b7c-6c3d996fe28f-003&KRTB&17107-RX-38854f3a-ae98-4d81-8b7c-6c3d996fe28f-003; domain=pubmatic.com; SameSite=None; secure; expires=Fri, 23-Jul-2021 15:00:34 GMT; path=/ PugT=1619276434; domain=pubmatic.com; SameSite=None; secure; expires=Mon, 24-May-2021 15:00:34 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Fri, 23-Jul-2021 15:00:34 GMT; path=/
X-lat: amspug019:0:431
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private

Redirect headers

server: Tengine
date: Sat, 24 Apr 2021 15:00:35 GMT
content-type: text/html
set-cookie: _rxuuid=%7B%22rx_uuid%22%3A%22RX-38854f3a-ae98-4d81-8b7c-6c3d996fe28f-003%22%7D; path=/; expires=Sun, 24 Apr 2022 15:00:35 GMT; domain=.targeting.unrulymedia.com; samesite=none; secure; httponly
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-38854f3a-ae98-4d81-8b7c-6c3d996fe28f-003
etag: RX38854f3aae984d818b7c6c3d996fe28f003

GET
H3-29 200 dpe Show response
ad4m.at/ad/ Frame 3FEA 42 B
1 KB 39ms
27ms Document
image/gif 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox

Request headers

:method: GET
:authority: ad4m.at
:scheme: https
:path: /ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

date: Sat, 24 Apr 2021 15:00:35 GMT
content-type: image/gif
content-length: 42
set-cookie: __cfduid=d125b4e5e1a4c0c85d8145e26598ac7881619276435; expires=Mon, 24-May-21 15:00:35 GMT; path=/; domain=.ad4m.at; HttpOnly; SameSite=Lax; Secure
report-to: {"endpoints":[{"url":"https://as.ad4m.at/ad/vre"}],"group":"report-endpoint","max_age":86400}
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0"}
expires: 0
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
content-security-policy: block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
referrer-policy: same-origin
pragma: no-cache
surrogate-control: no-store
x-fastcgi-cache: BYPASS
x-backend-server: adsrv-wmp3
via: 1.1 google
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-request-id: 09a5fea9360000d6e9b3356000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 645033bb8c3cd6e9-FRA

GET
H3-29 200 i.match Show response
a.tribalfusion.com/ Frame CAAD 43 B
836 B 180ms
169ms Document
image/gif 2606:4700::6812:c05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by: Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=36333380&p=156319&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

:method: GET
:authority: a.tribalfusion.com
:scheme: https
:path: /i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: ANON_ID=apnoeURkP6M6eCnq8oZcW3dOUZbUNqqycHWgFkmmbR
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

date: Sat, 24 Apr 2021 15:00:35 GMT
content-type: image/gif; charset=utf-8
content-length: 43
set-cookie: __cfduid=d65b1269d97f0f281771d180107de77f11619276435; expires=Mon, 24-May-21 15:00:35 GMT; path=/; domain=.tribalfusion.com; HttpOnly; SameSite=Lax ANON_ID=aGnseFoNIvbpmVrCJZalXmFQpjEoZd4ON56N1SyWw9mBM8btQFBltiV9sYrGOdd0ZdVkFAlBQ15js2h3Jok9yy1; path=/; domain=.tribalfusion.com; expires=Fri, 23-Jul-2021 15:00:35 GMT; SameSite=None; Secure; ANON_ID_old=aGnseFoNIvbpmVrCJZalXmFQpjEoZd4ON56N1SyWw9mBM8btQFBltiV9sYrGOdd0ZdVkFAlBQ15js2h3Jok9yy1; path=/; domain=.tribalfusion.com; expires=Fri, 23-Jul-2021 15:00:35 GMT;
p3p: CP="NOI DEVo TAIa OUR BUS"
x-function: 302
cache-control: no-cache private
expires: Thu, 01 Jan 1970 00:00:00 GMT
pragma: no-cache
cf-cache-status: DYNAMIC
cf-request-id: 09a5fea93500004a92bca96000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 645033bb8df24a92-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/ Frame BFBC
Redirect Chain

https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_19a9f609-ebbe-4eee-be8a-f0bba58aab5b

42 B
790 B

20ms
19ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_19a9f609-ebbe-4eee-be8a-f0bba58aab5b
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 24 Apr 2021 15:00:34 GMT
X-lat: amspug006:0:387
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_19a9f609-ebbe-4eee-be8a-f0bba58aab5b
date: Sat, 24 Apr 2021 15:00:35 GMT
p3p: CP="This is not a P3P policy"
server: nginx
timing-allow-origin: *
content-length: 0
content-language: en-US

GET
H/1.1

200
OK

Cookie set Pug Show response
simage2.pubmatic.com/AdServer/ Frame 1CC6
Redirect Chain

https://bh.contextweb.com/bh/rtset?pid=557219&ev=1&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&piggybackCookie=%%VGUID%%
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=Q4fwa6JAT1NU&pid=557219

1 B
463 B

59ms
59ms

Document
text/html

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=Q4fwa6JAT1NU&pid=557219
Requested by: Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=36333380&p=156319&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Host: simage2.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: KRTBCOOKIE_1101=23040-6954739331519477899; PUBMDCID=3; KRTBCOOKIE_409=22966-GUDd8qBA9gGQKyNEOXs9Wshk; KRTBCOOKIE_153=1923-l_OME5LxjRSM9IISxaaZEMOhgxOM8tAekfe6ljlQ&KRTB&19420-l_OME5LxjRSM9IISxaaZEMOhgxOM8tAekfe6ljlQ&KRTB&22979-l_OME5LxjRSM9IISxaaZEMOhgxOM8tAekfe6ljlQ; KRTBCOOKIE_27=16735-uid:b13a6084-3293-4700-ba3e-86e159cff04e&KRTB&16736-uid:b13a6084-3293-4700-ba3e-86e159cff04e&KRTB&23019-uid:b13a6084-3293-4700-ba3e-86e159cff04e&KRTB&23114-uid:b13a6084-3293-4700-ba3e-86e159cff04e; KRTBCOOKIE_1074=22956-e_19a9f609-ebbe-4eee-be8a-f0bba58aab5b; KRTBCOOKIE_336=5844-7448561412368900957; KRTBCOOKIE_57=22776-5315332890397927562; KRTBCOOKIE_188=3189-no-consent; KRTBCOOKIE_377=6810-4c0fb35a-432f-4192-8e94-0e0dc6eaf333&KRTB&22918-4c0fb35a-432f-4192-8e94-0e0dc6eaf333&KRTB&23031-4c0fb35a-432f-4192-8e94-0e0dc6eaf333; KRTBCOOKIE_391=22924-2650122518224243743&KRTB&23263-2650122518224243743; KRTBCOOKIE_594=17105-RX-38854f3a-ae98-4d81-8b7c-6c3d996fe28f-003&KRTB&17107-RX-38854f3a-ae98-4d81-8b7c-6c3d996fe28f-003; KADUSERCOOKIE=CC35BD80-53DC-498D-8996-79DB92000082; KRTBCOOKIE_22=14911-4105589595274140268; chkChromeAb67Sec=1; DPSync3=1620432000%3A201_227_226_221; SyncRTB3=1620432000%3A204_231_220_161_99_189_88_165_222_71_166_22_3_176_54_8_81_230_21_56_7_13_55%7C1619827200%3A67_2_223_15%7C1620518400%3A35%7C1621814400%3A203%7C1620086400%3A63; KRTBCOOKIE_218=22978-YIQykwAAbAgJrwBg&KRTB&23194-YIQykwAAbAgJrwBg&KRTB&23209-YIQykwAAbAgJrwBg&KRTB&23244-YIQykwAAbAgJrwBg; KRTBCOOKIE_466=16530-b85b6b29-735d-4e70-b33b-c214efcc539c; KRTBCOOKIE_80=16514-CAESEA-ShnHD7NcLOc63ekbd9BE&KRTB&22987-CAESEA-ShnHD7NcLOc63ekbd9BE&KRTB&23025-CAESEA-ShnHD7NcLOc63ekbd9BE; PugT=1619276434; SPugT=1619276434
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

Server: nginx
Date: Sat, 24 Apr 2021 15:00:35 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 1
Connection: keep-alive
Set-Cookie: PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Fri, 23-Jul-2021 15:00:35 GMT; path=/
X-lat: amspug007:0:360
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private

Redirect headers

p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cw-server: bh-deployment-7c488d4f5b-jwn8p
cache-control: private, max-age=0, no-cache, no-store
expires: -1
content-language: en-US
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=Q4fwa6JAT1NU&pid=557219
server: Jetty(9.4.14.v20181114)
strict-transport-security: max-age=15768000

GET
H2

200

rtb-h Show response
match.taboola.com/sg/pubmatic-ssp-network/1/ Frame 0FE7
Redirect Chain

https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=eab59cc3-d4b8-45be-b11a-6f8ec72b8b7e-tuct77db813&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdSe...

0
52 B

15ms
15ms

Document
text/plain

199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=eab59cc3-d4b8-45be-b11a-6f8ec72b8b7e-tuct77db813&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Requested by: Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=36333380&p=156319&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method: GET
:authority: match.taboola.com
:scheme: https
:path: /sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=eab59cc3-d4b8-45be-b11a-6f8ec72b8b7e-tuct77db813&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: t_gid=eab59cc3-d4b8-45be-b11a-6f8ec72b8b7e-tuct77db813
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
accept-ranges: bytes
date: Sat, 24 Apr 2021 15:00:35 GMT
via: 1.1 varnish
x-served-by: cache-hhn11570-HHN
x-cache: MISS
x-cache-hits: 0
x-timer: S1619276436.779075,VS0,VE8
content-length: 0

Redirect headers

server: nginx
set-cookie: t_gid=eab59cc3-d4b8-45be-b11a-6f8ec72b8b7e-tuct77db813;Version=1;Path=/;Domain=.taboola.com;Expires=Sun, 24-Apr-2022 15:00:35 GMT;Max-Age=31536000;Secure;SameSite=None
location: https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=eab59cc3-d4b8-45be-b11a-6f8ec72b8b7e-tuct77db813&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
accept-ranges: bytes
date: Sat, 24 Apr 2021 15:00:35 GMT
via: 1.1 varnish
x-served-by: cache-hhn11570-HHN
x-cache: MISS
x-cache-hits: 0
x-timer: S1619276436.760249,VS0,VE9
x-vcl-time-ms: 9
content-length: 0

GET
H2 200 141 Show response
match.deepintent.com/usersync/ Frame 0C1A 0
16 B 95ms
92ms Document
text/plain 169.197.150.7
DEEPINTENT

General

Check archive.org

Show headers Download Go to

Full URL: https://match.deepintent.com/usersync/141?redir=https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw&piggybackCookie=${DI_USER_ID}&gdpr=0&gdpr_consent=
Requested by: Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=36333380&p=156319&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 169.197.150.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS: g.deepintent.com
Software: b /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method: GET
:authority: match.deepintent.com
:scheme: https
:path: /usersync/141?redir=https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw&piggybackCookie=${DI_USER_ID}&gdpr=0&gdpr_consent=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

content-length: 0
date: Sat, 24 Apr 2021 15:00:35 GMT
server: b

GET
H2 200 i.gif Show response
e.serverbid.com/udb/9969/sync/ Frame 8B91 0
44 B 99ms
98ms Document
text/plain 134.209.131.220
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=4&userId=CC35BD80-53DC-498D-8996-79DB92000082
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 134.209.131.220 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method: GET
:authority: e.serverbid.com
:scheme: https
:path: /udb/9969/sync/i.gif?partnerId=4&userId=CC35BD80-53DC-498D-8996-79DB92000082
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

content-length: 0
date: Sat, 24 Apr 2021 15:00:35 GMT

GET
H/1.1

200
OK

user_sync.html
ads.pubmatic.com/AdServer/js/ Frame BFBC
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=zDW9gFPcSY2JlnnbkgAAgg%3D%3D
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

8 KB
8 KB

14ms
12ms

Image
text/html

2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 24 Apr 2021 15:00:35 GMT
Content-Encoding: gzip
Last-Modified: Wed, 21 Oct 2020 18:57:29 GMT
Server: Apache/2.2.15 (CentOS)
ETag: "1300708-1f78-5b232eb4914bb"
Vary: Accept-Encoding
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: max-age=70460
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: text/html; charset=UTF-8
Content-Length: 2654
Expires: Sun, 25 Apr 2021 10:34:55 GMT

Redirect headers

pragma: no-cache
date: Sat, 24 Apr 2021 15:00:35 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 272
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 mw
mwzeom.zeotap.com/ Frame BFBC 95 B
179 B 30ms
27ms Image
image/png 2606:4700:10::6816:1957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=CC35BD80-53DC-498D-8996-79DB92000082
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 15:00:35 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://ads.pubmatic.com
access-control-allow-credentials: true
cf-ray: 645033bba9d64e08-FRA
access-control-allow-headers: *
content-length: 95
cf-request-id: 09a5fea94a00004e0884afd000000001

GET
H/1.1 200
OK info
uipglob.semasio.net/pubmatic/1/ Frame BFBC 42 B
603 B 142ms
140ms Image
image/gif 77.243.60.138
NETIC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=CC35BD80-53DC-498D-8996-79DB92000082&sInitiator=external&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 77.243.60.138 Aalborg, Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software: /
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Apr 2021 15:00:33 GMT
frontend-id: 1
p3p: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin: *
uip-response-status: Ok
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
content-length: 42
routing-server-id: -1
expires: Sat, 01 Jan 2011 12:00:00 GMT

GET
H/1.1

200
OK

Artemis
aud.pubmatic.com/AdServer/ Frame BFBC
Redirect Chain

https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=CC35BD80-53DC-498D-8996-79DB92000082&gdpr=
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=CC35BD80-53DC-498D-8996-79DB92000082&addseg=19,36,42

7 B
147 B

16ms
15ms

Image
text/plain

185.64.189.249
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=CC35BD80-53DC-498D-8996-79DB92000082&addseg=19,36,42
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.64.189.249 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 24 Apr 2021 15:00:35 GMT
Connection: keep-alive
Content-Length: 7
Content-Type: text/plain; charset=utf-8

Redirect headers

date: Sat, 24 Apr 2021 15:00:35 GMT
via: 1.1 google
p3p: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location: https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=CC35BD80-53DC-498D-8996-79DB92000082&addseg=19,36,42
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-type: text/html; charset=utf-8
alt-svc: clear
content-length: 141

GET
H/1.1

200
OK

Pug
image2.pubmatic.com/AdServer/ Frame BFBC
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=Q0MzNUJEODAtNTNEQy00OThELTg5OTYtNzlEQjkyMDAwMDgy&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

42 B
505 B

34ms
15ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 24 Apr 2021 15:00:34 GMT
X-lat: amspug003:0:463
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

pragma: no-cache
date: Sat, 24 Apr 2021 15:00:35 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 CC35BD80-53DC-498D-8996-79DB92000082
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame BFBC 43 B
683 B 34ms
33ms Image
image/gif 2a00:1288:110:c305::8000
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/pubmatic/CC35BD80-53DC-498D-8996-79DB92000082?gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 15:00:35 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
content-type: image/gif
x-xss-protection: 1; mode=block
content-length: 43
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

SPug
image4.pubmatic.com/AdServer/ Frame BFBC
Redirect Chain

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=CC35BD80-53DC-498D-8996-79DB92000082&redir=true&gdpr=0&gdpr_consent=
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-7FhdTQhE2uX7IGqOLQ0ZPlW5vS_3.80-~A&gdpr=0&gdpr_consent=

0
587 B

15ms
15ms

Image
text/plain

185.64.189.114
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-7FhdTQhE2uX7IGqOLQ0ZPlW5vS_3.80-~A&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-Cnection: close
Date: Sat, 24 Apr 2021 15:00:34 GMT
Content-Encoding: gzip
Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6
Vary: Accept-Encoding
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-cache
Transfer-Encoding: chunked
Content-Type: text/plain; charset=utf-8

Redirect headers

Date: Sat, 24 Apr 2021 15:00:35 GMT
Server: ATS/7.1.2.128
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-7FhdTQhE2uX7IGqOLQ0ZPlW5vS_3.80-~A&gdpr=0&gdpr_consent=
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/ Frame BFBC
Redirect Chain

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4105589595274140268&gdpr=0&gdpr_consent=&us_privacy=

1 B
727 B

15ms
14ms

Image
text/html

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4105589595274140268&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 24 Apr 2021 15:00:34 GMT
X-lat: amspug009:0:431
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 1

Redirect headers

location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4105589595274140268&gdpr=0&gdpr_consent=&us_privacy=
pragma: no-cache
date: Sat, 24 Apr 2021 15:00:35 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2 204 current
pubmatic-match.dotomi.com/match/bounce/ Frame BFBC 0
103 B 12ms
11ms Image
text/plain 2a02:fa8:8806:13::1370
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=CC35BD80-53DC-498D-8996-79DB92000082&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:13::1370 , United States, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Apr 2021 15:00:35 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2 200 ping.gif
stats-dev.brid.tv/ Frame 67FB 0
347 B 30ms
30ms Image
image/gif 13.33.139.11
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stats-dev.brid.tv/ping.gif?p=13841&pr=p&b=c&pid=17750&s=450|250&os=l&m=0&apa=0&df=0&ow=14722&id=undefined&e=ae&pub=p&v=1009&aid=0&par=i&pp=0&wp=0&at=0
Requested by: Host: www.tmj4.com
URL: https://www.tmj4.com/news/coronavirus/wisconsins-extended-safer-at-home-order-relaxes-restrictions-on-non-essential-businesses
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.139.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-139-11.cph50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.tmj4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 10:06:45 GMT
via: 1.1 272207cd716e9cf4826b7bb013eea27e.cloudfront.net (CloudFront)
last-modified: Tue, 04 Dec 2018 09:25:32 GMT
server: AmazonS3
age: 36653
etag: "d41d8cd98f00b204e9800998ecf8427e"
x-cache: Hit from cloudfront
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
x-amz-cf-pop: CPH50-C2
accept-ranges: bytes
content-length: 0
x-amz-cf-id: PP7R4lXLxOOBalyOvrqPoREab6kWHjKfwSTdIvKzvi0AspKAFS_zDw==

GET
H/1.1 200
OK 400_hls_g3-blueberry.mov.m3u8 Show response
traileraddict-converted-assets.s3.amazonaws.com/g3-blueberry.mov/ Frame 67FB 213 B
731 B 470ms
134ms XHR
application/x-mpegurl 52.217.15.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://traileraddict-converted-assets.s3.amazonaws.com/g3-blueberry.mov/400_hls_g3-blueberry.mov.m3u8
Requested by: Host: p.brid.tv
URL: https://p.brid.tv/player/build/plugins/hls/1.0.13/brid.hls.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.15.52 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 7781cd022eac1fd79c5beafdca03213f8b62e971528f30b53110b88f181cc30a

Request headers

Referer: https://www.tmj4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 24 Apr 2021 15:00:37 GMT
Last-Modified: Sun, 06 Dec 2020 19:14:45 GMT
Server: AmazonS3
x-amz-request-id: 0QHSXA19JYDSE2JV
ETag: "f4eaab6dfe20112ebd5517ba9c0b608f"
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods: GET, HEAD
Content-Type: application/x-mpegURL
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Content-Length: 213
x-amz-id-2: LlMpTVP/sClwK5jNxOHdStF5U6hM7bUA9GWmYE5u1bNNGLOSZsQRPUNm7QiucLJ3r/tMcqIrS60=

GET
H2 200 ping.gif
stats-dev.brid.tv/ Frame 67FB 0
347 B 30ms
30ms Image
image/gif 13.33.139.11
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stats-dev.brid.tv/ping.gif?p=13841&pr=p&d=NaN&b=c&pid=17750&s=450|250&os=l&m=0&id=undefined&ow=14722&e=s
Requested by: Host: www.tmj4.com
URL: https://www.tmj4.com/news/coronavirus/wisconsins-extended-safer-at-home-order-relaxes-restrictions-on-non-essential-businesses
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.139.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-139-11.cph50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.tmj4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 10:06:45 GMT
via: 1.1 272207cd716e9cf4826b7bb013eea27e.cloudfront.net (CloudFront)
last-modified: Tue, 04 Dec 2018 09:25:32 GMT
server: AmazonS3
age: 36653
etag: "d41d8cd98f00b204e9800998ecf8427e"
x-cache: Hit from cloudfront
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
x-amz-cf-pop: CPH50-C2
accept-ranges: bytes
content-length: 0
x-amz-cf-id: Ke2gw_w9Xp2pXYPEmcLod9ee9QGGjL5JGXkDuMLwqBCrhr8nvzsPKQ==

GET
H/1.1 200
OK 400_hls_g3-blueberry.mov00000.ts Show response
traileraddict-converted-assets.s3.amazonaws.com/g3-blueberry.mov/ Frame 67FB 455 KB
455 KB 119ms
119ms XHR
video/mp2t 52.217.15.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://traileraddict-converted-assets.s3.amazonaws.com/g3-blueberry.mov/400_hls_g3-blueberry.mov00000.ts
Requested by: Host: p.brid.tv
URL: https://p.brid.tv/player/build/plugins/hls/1.0.13/brid.hls.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.15.52 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 59c22bdd53f2052132d16d8407be18df867b0cb585191c1a8ec7edeb12e529f6

Request headers

Referer: https://www.tmj4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 24 Apr 2021 15:00:37 GMT
Last-Modified: Sun, 06 Dec 2020 19:14:45 GMT
Server: AmazonS3
x-amz-request-id: 0QHTTZFQNX441HYM
ETag: "b1f87cbb6fad9ea68f674dd41c18c6af"
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods: GET, HEAD
Content-Type: video/MP2T
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Content-Length: 465676
x-amz-id-2: SAbNKk/AxrrOymVi8vrNR9KhOqLX/ZL+dmvyVtsznQ6dgayuU3/1pdOF/5XHMEZbHwiOHGfGZKU=

GET
BLOB 200
OK 3add55d4-15b7-497c-8f73-5b8e48375366
https://www.tmj4.com/ Frame 67FB 62 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.tmj4.com/3add55d4-15b7-497c-8f73-5b8e48375366
Requested by: Host: www.tmj4.com
URL: https://www.tmj4.com/news/coronavirus/wisconsins-extended-safer-at-home-order-relaxes-restrictions-on-non-essential-businesses
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b700af27f9274a3f0cef8aacb276903c896b408cbc27b2372bf172547567901a

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length: 62982
Content-Type: text/javascript

GET
H/1.1 200
OK img
sync.mathtag.com/misc/ Frame AB38 43 B
513 B 25ms
24ms Image
image/gif 185.29.132.144
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.mathtag.com/misc/img?mm_bnc&gdpr=1&gdpr_consent=BAAAAAAAAAAAAAAAAAluAA//////+ABgCeAJ4Ang&bcdv=1
Requested by: Host: www.tmj4.com
URL: https://www.tmj4.com/news/coronavirus/wisconsins-extended-safer-at-home-order-relaxes-restrictions-on-non-essential-businesses
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.132.144 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MT3 3660 495c301 master zrh-pixel-x7 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://a3a96b9ff0f7528530d1f7c674196848.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 24 Apr 2021 15:00:36 GMT
Server: MT3 3660 495c301 master zrh-pixel-x7
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 43
Expires: Sat, 24 Apr 2021 15:00:35 GMT

GET
H/1.1 200
OK 400_hls_g3-blueberry.mov00001.ts Show response
traileraddict-converted-assets.s3.amazonaws.com/g3-blueberry.mov/ Frame 67FB 486 KB
487 KB 124ms
123ms XHR
video/mp2t 52.217.15.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://traileraddict-converted-assets.s3.amazonaws.com/g3-blueberry.mov/400_hls_g3-blueberry.mov00001.ts
Requested by: Host: p.brid.tv
URL: https://p.brid.tv/player/build/plugins/hls/1.0.13/brid.hls.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.15.52 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: d001c97bfe76a9130aba268942620edc108c4ca005f3974062fe1c96f5e6ad07

Request headers

Referer: https://www.tmj4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 24 Apr 2021 15:00:38 GMT
Last-Modified: Sun, 06 Dec 2020 19:14:45 GMT
Server: AmazonS3
x-amz-request-id: 3WA6DSQVZN45J7J1
ETag: "69bba2dd0cb1be0844f186178afc9d30"
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods: GET, HEAD
Content-Type: video/MP2T
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Content-Length: 498012
x-amz-id-2: DloLB+VSY4psRGjl+tiVogTGIUE+oqkzUErK5XX8U9Lz4lFXCjrKjEpn0wzv/zRSojHazDTwHPA=

GET
H/1.1 200
OK SPug Show response
simage4.pubmatic.com/AdServer/ Frame BFBC 0
587 B 15ms
15ms Script
text/plain 185.64.189.114
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage4.pubmatic.com/AdServer/SPug?partnerID=156319&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-Cnection: close
Date: Sat, 24 Apr 2021 15:00:36 GMT
Content-Encoding: gzip
Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6
Vary: Accept-Encoding
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-cache
Transfer-Encoding: chunked
Content-Type: text/plain; charset=utf-8

GET
H3-29 200 /
pubads.g.doubleclick.net/pagead/interaction/ Frame 5942 42 B
64 B 18ms
18ms Image
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pubads.g.doubleclick.net/pagead/interaction/?ai=B1YtIiTKEYIKSBsmT7_UPgcCQoAGahfLzRQAAABABIL2i3h84AFip5KGwgwRgleKQgqAHsgEMd3d3LnRtajQuY29tugEKMXgxMDAwX3htbMgBBdoBFWh0dHBzOi8vd3d3LnRtajQuY29tL5gCmHXAAgLgAgDqAiYvNjA4OC9zc3AudG1qNC9uZXdzL2Nvcm9uYXZpcnVzL2RldGFpbPgCgdIekAPIBpgD4AOoAwHgBAHSBQYQyMH94xSQBgGgBiOoB-zVG6gH89EbqAeW2BvYBwHgBw_SCAkIgOGAEBABGB3YCAKACgWYCwE&sigh=dgec9gaba9U&label=videoplaytime75&ad_mt=11491&acvw=sv%3D894%26cb%3Dj%26e%3D3%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,343,610%26tos%3D11931,0,0,0,0%26mtos%3D11931,11931,11931,11931,11931%26amtos%3D0,0,0,0,0%26mcvt%3D11931%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D11931%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D8155%26pst%3D902%26dur%3D15042%26vmtime%3D11491%26dtos%3D2430%26dtoss%3D4%26dvs%3D2430%26dfvs%3D2430%26dvpt%3D2430%26is%3D275%26i0%3D275%26i1%3D275%26i2%3D275%26i3%3D275%26ic%3D0%26cs%3D16782099%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26qmt%3D2430,2430,2430,2430,2430%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D1%26ces%26femt%3D2156%26femvt%3D0%26emc%3D24%26emuc%3D0%26emb%3D23,0,0,0,0%26avms%3Dexc%26qi%3D353618271%26psm%3D-2147480025%26psv%3D-2147480025%26psfv%3D-2147480025%26psa%3D0%26ptlt%3D1619276437955%26pngs%3D9s,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,11931,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.1%26t%3D1619276425792&sdkv=h.3.453.0&vci=Cm4IARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgRHREZQIAQqCjU1NzgzODM1NjAyDDEzODM0NTQ3NjY0OUDBBFIrCPIFEBIlAABwQSgBOgtKQVJJWkZTQUI0SUILZ29vZ2xldmlkZW9I1QJQABgB

Requested by

Host: www.tmj4.com
URL: https://www.tmj4.com/news/coronavirus/wisconsins-extended-safer-at-home-order-relaxes-restrictions-on-non-essential-businesses

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Apr 2021 15:00:37 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel.gif
px.moatads.com/ Frame AF08 43 B
260 B 8ms
8ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=29&q=3&hp=1&pxm=7&vz=-&zp=4&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=SCRIPPSJSIMAINT1&ol=3852000540&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8D4Sq_GVK61%5Dml%22ZzTm!ja8V%22%3BU%5DDTg%7Df%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5tWhX%3C%3Ce%24%26~1%3Axkr%2BUe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3Ft%40yUtKC&th=4007238046&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&rc=2%2C0%2C0%2C0%2C0%2C1%2C0%2C0%2Cprobably%2Cprobably&rb=1-L6SP6bDFBj7g4pVV8xztRIWnSYK6kwU2JeJbBer2APsOGgK%2Ftq%2F3Cytr&sc=1&os=&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=610&qe=343&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&ql=&qo=0&qr=0&vf=1&vg=100&bq=8&g=13&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=343&w=610&zGSRC=1&gu=https%3A%2F%2Fwww.tmj4.com%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwww.tmj4.com&lp=https%3A%2F%2Fwww.tmj4.com&t=1619276425098&de=960360889283&cu=1619276425098&m=12865&ar=e4967b0-clean&iw=a9fcec9&cb=0&ym=0&ll=2&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=343&le=1&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A880%3A880%3A835%3A831&aa=1&ad=11296&cn=9118&gn=1&gk=11296&gl=9118&ez=1&co=5447&cp=2351&cq=0&cr=1&ew=1&hj=1&pv=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=12705&cd=10527&ah=12705&am=10527&dq=11924&dr=9746&ds=11924&dt=9746&zx=0&tb=0&fc=1&fk=1&vm=1&vl=290&vt=359&vd=0&zMoatSRE=0.10897395833333333&zMoatVSD=23.42&dh=23420&hc=1&er=0&es=0&gs=0&gt=0&eu=0&ev=0&et=1&dz=1&ek=1&fh=8908&fi=11296&fj=9118&ef=0&eg=1&eh=1&ei=1&rf=0&re=1&cl=0&at=0&d=-%3A-%3A5578383560%3A138345476649&dfp=0%2C1&la=5578383560&zMoatPL=tmj4.com&zMoatPL2=tmj4.com&bo=tmj4.com&bd=tmj4.com&gw=scrippsjsimavideo263172958560&zMoatOrigSlicer1=__SLICER1__&zMoatOrigSlicer2=__SLICER2__&ab=3&ac=1&fd=1&kt=sframe&it=500&fz=1&or=0&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=189983&na=1818467248&cs=0
Requested by: Host: www.tmj4.com
URL: https://www.tmj4.com/news/coronavirus/wisconsins-extended-safer-at-home-order-relaxes-restrictions-on-non-essential-businesses
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://assets.scrippsdigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Apr 2021 15:00:37 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Sat, 24 Apr 2021 15:00:37 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 9 KB
7 KB 17ms
17ms XHR
application/json 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021042001&st=env

Requested by

Host: d25dfknw9ghxs6.cloudfront.net
URL: https://d25dfknw9ghxs6.cloudfront.net/scsp.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5974c3c6bb845c9a4e9b619bb0714660391c8db1e3c979421b0a0ffa7371768b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tmj4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 24 Apr 2021 15:00:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6940
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tmj4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 15:00:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616005470650935"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Sat, 24 Apr 2021 15:00:39 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/222/ Frame 1146 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/222/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.tmj4.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.tmj4.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Sat, 24 Apr 2021 14:44:08 GMT
expires: Sun, 24 Apr 2022 14:44:08 GMT
last-modified: Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 991
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 N0cNQz_bqY1YohNAUNIZQryLecw2v8JwvqvBktlc8tc.js Show response
pagead2.googlesyndication.com/bg/ Frame 1146 14 KB
6 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/N0cNQz_bqY1YohNAUNIZQryLecw2v8JwvqvBktlc8tc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

37470d433fdba98d58a2134050d21942bc8b79cc36bfc270beabc192d95cf2d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Apr 2021 09:08:09 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 08 Apr 2021 09:18:00 GMT
server: sffe
age: 107550
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5655
x-xss-protection: 0
expires: Sat, 23 Apr 2022 09:08:09 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 42ms
42ms Image
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gpt_2021042001&jk=2558641535189197&bg=!ra6lrurNAAZUuIlwVLg7ACkAdvg8WnKEKsjhZVfGvfprOMdP59vakOGUskI_7QT5rn4S6wW903nFbwIAAACFUgAAAA1oAQcKAV_dr7SkqeSBHHTQZG0N23yu-Okfo1vMduNvX3sCbxcyMiBZzO3bWsIn1KXdkIzmJtnpiyCISFcjvbt9FFtIuRODNOH14vAVXEyFrUwsPpKsM-UOeGESLDFQu38xT_jE02rRUNR-t7fJknApheyGeUngZyngmXj55x_4yqGde3x5tBo1opiPEY2fmCjIqDGIP1LTpFwAhQJDLMnTp5TJ47ZqhG1TpApOS9cApbfhJuoIt6N3yj-iHnm06PJH3oDxqBbnHU0j5qIkg4JS-JCPXNqKPsRiPrm9Q-fC6b8GPKwcE-2OfSIzT1a5W_wtMeWsZsxts5G2SGoFTJ5eN0wYfJuZKrGRJgKOHTRzPEX4DxRoQHuCOoQyrr6hrmiumbiW29k-C7cIRYwYoyHoXEcsikIZzPrLuH92TKPoWA-CcDfrYSBqYoAXcICeIERYvnAGqv2EJ5F3StUtW-HomQBLEx6ZAhqp2i4XqDqki3ZeaEk8RAB5V43I4NINmtHOh7C9K5GHY6D94jCCggTrOGKsDPPIonv_1_V0hNmoWQGb52ZxpPt59G4cO2GiOWn3yPpV2p5dAC0d0Zi8_UHqZ1xDjcIGy8bnRqbdpioxR8U4-bZecaTw9XJDP-W6jfNVo2j7JrbxSVwKlMiuGz9kCyknrGjsgCNAnagNIokY_Ig7RX3aOLhEGoObJy1nX46nAi-KuU6nlAPHf8D_veaFz7eb71n1bAaIxi4Yn8Tju8kV0l1UU2o8Vl6MTH1OcBq5Ev9GQc7qJZMr7qrebIOAaJkpUoDCIX646AJ5GBVwTVQNIzBk2YjFFY2EqtAfGwudLd8jWxmOKRG21rvK4i8TI2fl5-4-tn8CHK47YdGizR_nfEtQVc-88wpKxPjN9P80gjlWtq83c_evydTmQirKbIbniUBHqcuAY2-o5Id0gM8aceoeyMDq5WLgEhQGWVD7DoTn2M77JmLUSFm0duX8cwXdq5NGIB5WCPbw9GOsTWlO8E0h8USLbyR7_gv51d6sJ1_JGJG5TeCJ2tmGhGq0y7W0IhQaRzlZGzhj-vAr3fKJx7EW09PflIGL003dseR2gAigRF4SuDTfZ5r4enn_uCwdmbY4Z8DsMDjrNiut0oNtJmtLN5z2FEPDScCffxxH2jt3afVyLkwX3fOLP3LXJk3ZqPK5kMCsXqZCHwjDzzDq

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tmj4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Apr 2021 15:00:39 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 10ms
10ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=25&q=2&hp=1&wf=1&vb=5&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=https%3A%2F%2Fa3a96b9ff0f7528530d1f7c674196848.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&i=CRACKED_SCRIPPS_DFP_PREBID_HEADER1&ud=undefined&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8D4Sq_GVK61%5Dml%22ZzTm!ja8V%22%3BU%5DDTg%7Df%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5tWhX%3C%3Ce%24%26~1%3Axkr%2BUe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3Ft%40yUtKC&th=3321063859&tf=nMzjG---CSa7H-XSSptC-j7VIQD-xFQTS-nMzjG-&vi=111111&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=00&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.tmj4.com%2Fnews%2Fcoronavirus%2Fwisconsins-extended-safer-at-home-order-relaxes-restrictions-on-non-essential-businesses&confidence=2&pcode=crackedscrippsdfpprebidheader262014341684&ql=&qo=0&vf=1&vg=100&bq=11&zMoatpage=-&zMoatpos=above%2C1&zMoatpt=detail%2Ctrue&g=6&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=90&w=728&rm=1&fy=436&gp=1105&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.tmj4.com%2Fnews%2Fcoronavirus%2Fwisconsins-extended-safer-at-home-order-relaxes-restrictions-on-non-essential-businesses&id=1&f=0&j=&t=1619276421514&de=392083320754&rx=927200626535&cu=1619276421514&m=18297&ar=31f9dba90d7-clean&iw=07d6456&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A871043678126&td=1&lk=1105&lb=5496&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A626%3A626%3A0%3A649&as=1&ag=15158&an=10758&gi=1&gf=15158&gg=10758&ix=15158&ic=15158&ez=1&ck=1048&kw=504&aj=1&pg=100&pf=100&ib=1&cc=1&bw=15158&bx=10758&ci=1048&jz=504&dj=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=15079&cd=7504&ah=15079&am=7504&rf=0&re=0&wb=2&cl=0&at=0&d=16839141%3A237842901%3A5250393788%3A138298488418&gw=crackedscrippsdfpprebidheader262014341684&zMoatAdUnit1=ssp.tmj4&zMoatAdUnit2=inview-bottom&hv=findIframeAds&ab=2&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&tc=0&fs=180167&na=800003033&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.tmj4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Apr 2021 15:00:39 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Sat, 24 Apr 2021 15:00:39 GMT

POST
H/1.1 200
OK st Show response
capi.connatix.com/tr/ Frame 1FBF 0
293 B 111ms
111ms XHR
multipart/form-data 3.143.119.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/tr/st?v=114867
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.143.119.104 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: multipart/form-data

Response headers

Date: Sat, 24 Apr 2021 15:00:40 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: multipart/form-data
Access-Control-Allow-Origin: https://www.tmj4.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 20

GET
H2 200 ping.gif
stats-dev.brid.tv/ Frame 67FB 0
347 B 31ms
30ms Image
image/gif 13.33.139.11
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stats-dev.brid.tv/ping.gif?p=13841&pr=p&d=14&b=c&pid=17750&s=450|250&os=l&m=0&id=undefined&ow=14722&e=fq
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.139.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-139-11.cph50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.tmj4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 10:06:45 GMT
via: 1.1 272207cd716e9cf4826b7bb013eea27e.cloudfront.net (CloudFront)
last-modified: Tue, 04 Dec 2018 09:25:32 GMT
server: AmazonS3
age: 36657
etag: "d41d8cd98f00b204e9800998ecf8427e"
x-cache: Hit from cloudfront
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
x-amz-cf-pop: CPH50-C2
accept-ranges: bytes
content-length: 0
x-amz-cf-id: _q4_qbetGTKd69CMJlMYT8hflP-GT9UiChjVcS0BREyExpzwMA33vw==

GET
H2 200 /
pubads.g.doubleclick.net/pagead/interaction/ Frame 5942 42 B
210 B 18ms
18ms Image
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pubads.g.doubleclick.net/pagead/interaction/?ai=B1YtIiTKEYIKSBsmT7_UPgcCQoAGahfLzRQAAABABIL2i3h84AFip5KGwgwRgleKQgqAHsgEMd3d3LnRtajQuY29tugEKMXgxMDAwX3htbMgBBdoBFWh0dHBzOi8vd3d3LnRtajQuY29tL5gCmHXAAgLgAgDqAiYvNjA4OC9zc3AudG1qNC9uZXdzL2Nvcm9uYXZpcnVzL2RldGFpbPgCgdIekAPIBpgD4AOoAwHgBAHSBQYQyMH94xSQBgGgBiOoB-zVG6gH89EbqAeW2BvYBwHgBw_SCAkIgOGAEBABGB3YCAKACgWYCwE&sigh=dgec9gaba9U&label=videoplaytime100&ad_mt=15042&acvw=sv%3D894%26cb%3Dj%26e%3D4%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,343,610%26p0%3D0,0,343,610%26p1%3D0,0,343,610%26p2%3D0,0,343,610%26p3%3D0,0,343,610%26tos%3D15510,0,0,0,0%26mtos%3D15510,15510,15510,15510,15510%26amtos%3D0,0,0,0,0%26mtos1%3D6145,0,0%26mtos2%3D3356,0,0%26mtos3%3D2430,0,0%26mcvt%3D15510%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26a0%3D0%26a1%3D0%26a2%3D0%26a3%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D15510%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D8957%26pst%3D902%26dur%3D15042%26vmtime%3D15042%26dtos%3D3579%26dtoss%3D5%26dvs%3D3579%26dfvs%3D3579%26dvpt%3D3579%26is%3D275%26i0%3D275%26i1%3D275%26i2%3D275%26i3%3D275%26ic%3D0%26cs%3D16782099%26c%3D1%26c0%3D1%26c1%3D1%26c2%3D1%26c3%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26qmt%3D3579,3579,3579,3579,3579%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D1%26ces%26femt%3D2156%26femvt%3D0%26emc%3D42%26emuc%3D0%26emb%3D41,0,0,0,0%26avms%3Dexc%26qi%3D353618271%26psm%3D-2147418585%26psv%3D-2147418585%26psfv%3D-2147418585%26psa%3D0%26ptlt%3D1619276441532%26pngs%3D9s,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,15510,0%26ss0%3D0.1%26ss1%3D0.1%26ss2%3D0.1%26ss3%3D0.1&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.1%26t%3D1619276425792&sdkv=h.3.453.0&vci=Cm4IARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgRHREZQIAQqCjU1NzgzODM1NjAyDDEzODM0NTQ3NjY0OUDBBFIrCPIFEBIlAABwQSgBOgtKQVJJWkZTQUI0SUILZ29vZ2xldmlkZW9I1QJQABgB

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Apr 2021 15:00:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel.gif
px.moatads.com/ Frame AF08 43 B
260 B 10ms
9ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=29&q=4&hp=1&pxm=7&vz=-&zp=4&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=SCRIPPSJSIMAINT1&ol=3852000540&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8D4Sq_GVK61%5Dml%22ZzTm!ja8V%22%3BU%5DDTg%7Df%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5tWhX%3C%3Ce%24%26~1%3Axkr%2BUe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3Ft%40yUtKC&th=4007238046&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&rc=2%2C0%2C0%2C0%2C0%2C1%2C0%2C0%2Cprobably%2Cprobably&rb=1-L6SP6bDFBj7g4pVV8xztRIWnSYK6kwU2JeJbBer2APsOGgK%2Ftq%2F3Cytr&sc=1&os=&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=610&qe=343&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&ql=&qo=0&qr=0&vf=1&vg=100&bq=8&g=14&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=343&w=610&zGSRC=1&gu=https%3A%2F%2Fwww.tmj4.com%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwww.tmj4.com&lp=https%3A%2F%2Fwww.tmj4.com&t=1619276425098&de=960360889283&cu=1619276425098&m=16440&ar=e4967b0-clean&iw=a9fcec9&cb=0&ym=0&ll=2&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=343&le=1&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A880%3A880%3A835%3A831&aa=1&ad=14905&cn=11296&gn=1&gk=14905&gl=11296&ez=1&co=5447&cp=2351&cq=0&cr=1&ew=1&hj=1&pv=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=16314&cd=12705&ah=16314&am=12705&dq=15533&dr=11924&ds=15533&dt=11924&zx=0&tb=0&fc=1&fk=1&vm=1&vl=359&vt=474&vd=0&zMoatSRE=0.10897395833333333&zMoatVSD=23.42&dh=23420&hc=1&er=0&es=0&gs=0&gt=0&eu=0&ev=0&et=1&dz=1&ek=1&fh=8908&fi=14905&fj=11296&ef=0&eg=1&eh=1&ei=1&ej=1&rf=0&re=1&cl=0&at=0&d=-%3A-%3A5578383560%3A138345476649&dfp=0%2C1&la=5578383560&zMoatPL=tmj4.com&zMoatPL2=tmj4.com&bo=tmj4.com&bd=tmj4.com&gw=scrippsjsimavideo263172958560&zMoatOrigSlicer1=__SLICER1__&zMoatOrigSlicer2=__SLICER2__&ab=3&ac=1&fd=1&kt=sframe&it=500&fz=1&or=0&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=189983&na=193818894&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://assets.scrippsdigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Apr 2021 15:00:41 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Sat, 24 Apr 2021 15:00:41 GMT

GET
H2 200 pixel.gif
px.moatads.com/ Frame AF08 43 B
260 B 10ms
9ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=21&q=0&hp=1&pxm=7&vz=-&zp=4&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=SCRIPPSJSIMAINT1&ol=3852000540&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8D4Sq_GVK61%5Dml%22ZzTm!ja8V%22%3BU%5DDTg%7Df%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5tWhX%3C%3Ce%24%26~1%3Axkr%2BUe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3Ft%40yUtKC&th=4007238046&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&rc=2%2C0%2C0%2C0%2C0%2C1%2C0%2C0%2Cprobably%2Cprobably&rb=1-L6SP6bDFBj7g4pVV8xztRIWnSYK6kwU2JeJbBer2APsOGgK%2Ftq%2F3Cytr&sc=1&os=&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=610&qe=343&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&ql=&qo=0&qr=0&vf=1&vg=100&bq=8&g=16&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=343&w=610&zGSRC=1&gu=https%3A%2F%2Fwww.tmj4.com%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwww.tmj4.com&lp=https%3A%2F%2Fwww.tmj4.com&t=1619276425098&de=960360889283&cu=1619276425098&m=16444&ar=e4967b0-clean&iw=a9fcec9&cb=0&ym=0&ll=2&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=343&le=1&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A880%3A880%3A835%3A831&aa=1&ad=14905&cn=14905&gn=1&gk=14905&gl=14905&ez=1&co=5447&cp=2351&cq=0&cr=1&ew=1&hj=1&pv=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=16314&cd=16314&ah=16314&am=16314&dq=15533&dr=15533&ds=15533&dt=15533&zx=0&tb=0&fc=1&fk=1&vm=1&vl=474&vt=474&vd=0&zMoatSRE=0.10897395833333333&zMoatVSD=23.42&dh=23420&hc=1&er=0&es=0&gs=0&gt=0&eu=0&ev=0&et=1&dz=1&ea=1&ek=1&fh=8908&fi=14905&fj=14905&ef=0&eg=1&eh=1&ei=1&ej=1&rf=0&re=1&cl=0&at=0&d=-%3A-%3A5578383560%3A138345476649&dfp=0%2C1&la=5578383560&zMoatPL=tmj4.com&zMoatPL2=tmj4.com&bo=tmj4.com&bd=tmj4.com&gw=scrippsjsimavideo263172958560&zMoatOrigSlicer1=__SLICER1__&zMoatOrigSlicer2=__SLICER2__&ab=3&ac=1&fd=1&kt=sframe&it=500&fz=1&or=0&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=189983&na=104819724&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://assets.scrippsdigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Apr 2021 15:00:41 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Sat, 24 Apr 2021 15:00:41 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
107 B 17ms
16ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j90&a=1948437090&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.tmj4.com%2Fnews%2Fcoronavirus%2Fwisconsins-extended-safer-at-home-order-relaxes-restrictions-on-non-essential-businesses&ul=en-us&de=UTF-8&dt=Wisconsin%27s%20extended%20Safer%20at%20Home%20order%20relaxes%20restrictions%20on%20non-essential%20businesses&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Videos&ea=Video%20Ad%20End&el=Safer%20at%20Home%20order%20changes&ev=0&_u=aHjACEAjBAAAAG~&jid=1785366345&gjid=1903053085&cid=2108222984.1619276422&tid=UA-19051957-3&_gid=435960710.1619276442&_r=1&gtm=2wg4e1KZVQWL&cd20=2047&cd21=Ryan%20Jenkins&cd22=&cd23=Coronavirus&cd24=Homepage%20Showcase%2CLocal%20News%2CCoronavirus&cd25=false&z=322233526

Requested by

Host: d25dfknw9ghxs6.cloudfront.net
URL: https://d25dfknw9ghxs6.cloudfront.net/scsp.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.tmj4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 24 Apr 2021 15:00:41 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.tmj4.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
67 B 76ms
75ms XHR
text/plain 2a00:1450:400c:c00::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-19051957-29&cid=2108222984.1619276422&jid=383232396&gjid=1467289147&_gid=953076291.1619276422&_u=aHjAiEAjBAAAAG~&z=1671459907

Requested by

Host: d25dfknw9ghxs6.cloudfront.net
URL: https://d25dfknw9ghxs6.cloudfront.net/scsp.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.tmj4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sat, 24 Apr 2021 15:00:41 GMT
content-type: text/plain
access-control-allow-origin: https://www.tmj4.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
67 B 70ms
70ms XHR
text/plain 2a00:1450:400c:c00::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-40066851-1&cid=2108222984.1619276422&jid=1650822916&gjid=1587534973&_gid=953076291.1619276422&_u=aHjAiEAjBAAAAG~&z=217569888

Requested by

Host: d25dfknw9ghxs6.cloudfront.net
URL: https://d25dfknw9ghxs6.cloudfront.net/scsp.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.tmj4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sat, 24 Apr 2021 15:00:41 GMT
content-type: text/plain
access-control-allow-origin: https://www.tmj4.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 7ms
6ms Image
image/gif 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=1948437090&t=event&ni=0&_s=4&dl=https%3A%2F%2Fwww.tmj4.com%2Fnews%2Fcoronavirus%2Fwisconsins-extended-safer-at-home-order-relaxes-restrictions-on-non-essential-businesses&ul=en-us&de=UTF-8&dt=Wisconsin%27s%20extended%20Safer%20at%20Home%20order%20relaxes%20restrictions%20on%20non-essential%20businesses&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Videos&ea=Video%20Ad%20End&el=Safer%20at%20Home%20order%20changes&ev=0&_u=aHjAiEAjBAAAAG~&jid=383232396&gjid=1467289147&cid=2108222984.1619276422&tid=UA-19051957-29&_gid=953076291.1619276422&gtm=2wg4e1KZVQWL&cd12=2108222984.1619276422&cd20=2047&cd21=Ryan%20Jenkins&cd22=&cd23=Coronavirus&cd24=Homepage%20Showcase%2CLocal%20News%2CCoronavirus&cd25=false&cd30=&cd31=true&cd33=true&z=1365245281

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.tmj4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Apr 2021 05:24:01 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 34600
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 7ms
6ms Image
image/gif 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=1948437090&t=event&ni=0&_s=4&dl=https%3A%2F%2Fwww.tmj4.com%2Fnews%2Fcoronavirus%2Fwisconsins-extended-safer-at-home-order-relaxes-restrictions-on-non-essential-businesses&ul=en-us&de=UTF-8&dt=Wisconsin%27s%20extended%20Safer%20at%20Home%20order%20relaxes%20restrictions%20on%20non-essential%20businesses&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Videos&ea=Video%20Ad%20End&el=Safer%20at%20Home%20order%20changes&ev=0&_u=aHjAiEAjBAAAAG~&jid=1650822916&gjid=1587534973&cid=2108222984.1619276422&tid=UA-40066851-1&_gid=953076291.1619276422&gtm=2wg4e1KZVQWL&cd12=2108222984.1619276422&cd20=2047&cd21=Ryan%20Jenkins&cd22=&cd23=Coronavirus&cd24=Homepage%20Showcase%2CLocal%20News%2CCoronavirus&cd25=false&cd30=&cd31=true&cd33=true&cd34=false&z=947272328

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.tmj4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Apr 2021 05:24:01 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 34600
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel.gif
px.moatads.com/ Frame AF08 43 B
260 B 9ms
9ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=28&q=0&hp=1&pxm=7&vz=-&zp=4&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=SCRIPPSJSIMAINT1&ol=3852000540&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8D4Sq_GVK61%5Dml%22ZzTm!ja8V%22%3BU%5DDTg%7Df%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5tWhX%3C%3Ce%24%26~1%3Axkr%2BUe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3Ft%40yUtKC&th=4007238046&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&rc=2%2C0%2C0%2C0%2C0%2C1%2C0%2C0%2Cprobably%2Cprobably&rb=1-L6SP6bDFBj7g4pVV8xztRIWnSYK6kwU2JeJbBer2APsOGgK%2Ftq%2F3Cytr&sc=1&os=&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=610&qe=343&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&ql=&qo=0&qr=0&vf=1&vg=100&bq=8&g=15&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=343&w=610&zGSRC=1&gu=https%3A%2F%2Fwww.tmj4.com%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwww.tmj4.com&lp=https%3A%2F%2Fwww.tmj4.com&t=1619276425098&de=960360889283&cu=1619276425098&m=16441&ar=e4967b0-clean&iw=a9fcec9&cb=0&ym=0&ll=2&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=343&le=1&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A880%3A880%3A835%3A831&aa=1&ad=14905&cn=14905&gn=1&gk=14905&gl=14905&ez=1&co=5447&cp=2351&cq=0&cr=1&ew=1&hj=1&pv=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=16314&cd=16314&ah=16314&am=16314&dq=15533&dr=15533&ds=15533&dt=15533&zx=0&tb=0&fc=1&fk=1&vm=1&vl=474&vt=474&vd=0&zMoatSRE=0.10897395833333333&zMoatVSD=23.42&dh=23420&hc=1&er=0&es=0&gs=0&gt=0&eu=0&ev=0&et=1&dz=1&ea=1&ek=1&fh=8908&fi=14905&fj=14905&ef=0&eg=1&eh=1&ei=1&ej=1&rf=0&re=1&cl=0&at=0&d=-%3A-%3A5578383560%3A138345476649&dfp=0%2C1&la=5578383560&zMoatPL=tmj4.com&zMoatPL2=tmj4.com&bo=tmj4.com&bd=tmj4.com&gw=scrippsjsimavideo263172958560&zMoatOrigSlicer1=__SLICER1__&zMoatOrigSlicer2=__SLICER2__&ab=3&ac=1&fd=1&kt=sframe&it=500&fz=1&or=0&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=189983&na=341785687&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://assets.scrippsdigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Apr 2021 15:00:41 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Sat, 24 Apr 2021 15:00:41 GMT

GET
H2 200 check2 Show response
content-zeuuks-up-1.uplynk.com/ Frame AF08 16 B
281 B 229ms
228ms XHR
text/html 20.50.105.246
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://content-zeuuks-up-1.uplynk.com/check2?b=0741bce3458e4705a7a2e69ec4920c82&v=0741bce3458e4705a7a2e69ec4920c82&r=e&pbs=

Requested by

Host: assets.scrippsdigital.com
URL: https://assets.scrippsdigital.com/cms/videojs/videojs-combine.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.50.105.246 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

9298dbac786b906a88d0e7df5e697019ca26c3a002e63c0145354f2653d9e253

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://assets.scrippsdigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 15:00:42 GMT
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/html
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store
x-services: 12dff450871e4bebb77bbed1ed2cdb13
content-length: 16
x-content-type-options: nosniff

GET
H2 200 E00000001.ts Show response
x-default-stgec.uplynk.com/ausw/slices/074/44c3f81cadf84cf5a6f4e6d100388208/0741bce3458e4705a7a2e69ec4920c82/ Frame AF08 359 KB
359 KB 253ms
252ms XHR
application/octet-stream 2606:2800:133:202d:cd5:25f1:103b:1d26
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://x-default-stgec.uplynk.com/ausw/slices/074/44c3f81cadf84cf5a6f4e6d100388208/0741bce3458e4705a7a2e69ec4920c82/E00000001.ts?x=0&si=0
Requested by: Host: assets.scrippsdigital.com
URL: https://assets.scrippsdigital.com/cms/videojs/videojs-combine.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:133:202d:cd5:25f1:103b:1d26 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a275fcf25220fcd68440627cea5194bbc1bd422740c0c973c566328583a6cfc5

Request headers

Referer: https://assets.scrippsdigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 15:00:42 GMT
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id: KRZXJFRARJ0ESCC9
x-amz-server-side-encryption: AES256
content-length: 367552
x-amz-id-2: vKDV4ZVJvKFnnZF/3RM/F6MOMCvgVSGdzxx6duJbT2yC+ROC+rD12YLfCHiAJg1Vpzh6lTC69o4=
x-ec-put2cache: 1
last-modified: Fri, 24 Apr 2020 17:08:29 GMT
server: AmazonS3
etag: "33aabf63d9100b11b1eb4d74b759ea1b"
access-control-max-age: 3001
access-control-allow-methods: GET
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: no-cache
accept-ranges: bytes
expires: Sat, 24 Apr 2021 15:00:41 GMT

GET
H2 200 check2 Show response
content-zeuuks-up-1.uplynk.com/ Frame AF08 16 B
281 B 218ms
217ms XHR
text/html 20.50.105.246
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://content-zeuuks-up-1.uplynk.com/check2?b=0741bce3458e4705a7a2e69ec4920c82&v=0741bce3458e4705a7a2e69ec4920c82&r=e&pbs=

Requested by

Host: assets.scrippsdigital.com
URL: https://assets.scrippsdigital.com/cms/videojs/videojs-combine.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.50.105.246 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

9298dbac786b906a88d0e7df5e697019ca26c3a002e63c0145354f2653d9e253

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://assets.scrippsdigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 15:00:42 GMT
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/html
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store
x-services: 331a0ea39f674f36821c051d75595c80
content-length: 16
x-content-type-options: nosniff

GET
H2 200 E00000002.ts Show response
x-default-stgec.uplynk.com/ausw/slices/074/44c3f81cadf84cf5a6f4e6d100388208/0741bce3458e4705a7a2e69ec4920c82/ Frame AF08 356 KB
356 KB 245ms
245ms XHR
application/octet-stream 2606:2800:133:202d:cd5:25f1:103b:1d26
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://x-default-stgec.uplynk.com/ausw/slices/074/44c3f81cadf84cf5a6f4e6d100388208/0741bce3458e4705a7a2e69ec4920c82/E00000002.ts?x=0&si=0
Requested by: Host: assets.scrippsdigital.com
URL: https://assets.scrippsdigital.com/cms/videojs/videojs-combine.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:133:202d:cd5:25f1:103b:1d26 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5c37bcca10661ba6fa5f4343c25170ac45cad763041f4f08d24d9578563b55ae

Request headers

Referer: https://assets.scrippsdigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 15:00:43 GMT
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id: AGRKYWG0E0DBQ1D0
x-amz-server-side-encryption: AES256
content-length: 364544
x-amz-id-2: skI69iXErSC+1XklIqhCtjL/swXeYVFyo8XRqtSmsQzTWVV6pD9JzxFcLCg3oe7k3k3/MDPpNh8=
x-ec-put2cache: 1
last-modified: Fri, 24 Apr 2020 17:08:29 GMT
server: AmazonS3
etag: "7161eb3c2d37bb1b6ec6858c4c23d21f"
access-control-max-age: 3001
access-control-allow-methods: GET
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: no-cache
accept-ranges: bytes
expires: Sat, 24 Apr 2021 15:00:41 GMT

GET
H2 200 check2 Show response
content-zeuuks-up-1.uplynk.com/ Frame AF08 16 B
281 B 71ms
71ms XHR
text/html 20.50.105.246
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://content-zeuuks-up-1.uplynk.com/check2?b=0741bce3458e4705a7a2e69ec4920c82&v=0741bce3458e4705a7a2e69ec4920c82&r=e&pbs=

Requested by

Host: assets.scrippsdigital.com
URL: https://assets.scrippsdigital.com/cms/videojs/videojs-combine.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.50.105.246 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

9298dbac786b906a88d0e7df5e697019ca26c3a002e63c0145354f2653d9e253

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://assets.scrippsdigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 15:00:42 GMT
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/html
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store
x-services: 7cbfd5fb2cc14b828cea5a64b251ba7a
content-length: 16
x-content-type-options: nosniff

GET
H2 200 E00000003.ts Show response
x-default-stgec.uplynk.com/ausw/slices/074/44c3f81cadf84cf5a6f4e6d100388208/0741bce3458e4705a7a2e69ec4920c82/ Frame AF08 350 KB
350 KB 258ms
258ms XHR
application/octet-stream 2606:2800:133:202d:cd5:25f1:103b:1d26
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://x-default-stgec.uplynk.com/ausw/slices/074/44c3f81cadf84cf5a6f4e6d100388208/0741bce3458e4705a7a2e69ec4920c82/E00000003.ts?x=0&si=0
Requested by: Host: assets.scrippsdigital.com
URL: https://assets.scrippsdigital.com/cms/videojs/videojs-combine.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:133:202d:cd5:25f1:103b:1d26 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 19bbbc30769803d0a05606c396e8277302300dedd378f19937a094ba06b536aa

Request headers

Referer: https://assets.scrippsdigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 15:00:43 GMT
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id: AGRYZX9N6RM9KPJZ
x-amz-server-side-encryption: AES256
content-length: 358528
x-amz-id-2: 83tZkyiE6AZZdwVR+iZaYm2ZjJ0nQgCErs4mR4BWIAVM+eSZsI2Heuot2GSXHtV88/36gOay2AM=
x-ec-put2cache: 1
last-modified: Fri, 24 Apr 2020 17:08:29 GMT
server: AmazonS3
etag: "60cdedfc58936b968606cf0219f2c5e4"
access-control-max-age: 3001
access-control-allow-methods: GET
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: no-cache
accept-ranges: bytes
expires: Sat, 24 Apr 2021 15:00:42 GMT

GET
H2 200 check2 Show response
content-zeuuks-up-1.uplynk.com/ Frame AF08 16 B
281 B 24ms
24ms XHR
text/html 20.50.105.246
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://content-zeuuks-up-1.uplynk.com/check2?b=0741bce3458e4705a7a2e69ec4920c82&v=0741bce3458e4705a7a2e69ec4920c82&r=e&pbs=

Requested by

Host: assets.scrippsdigital.com
URL: https://assets.scrippsdigital.com/cms/videojs/videojs-combine.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.50.105.246 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

9298dbac786b906a88d0e7df5e697019ca26c3a002e63c0145354f2653d9e253

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://assets.scrippsdigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 15:00:43 GMT
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/html
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store
x-services: 331a0ea39f674f36821c051d75595c80
content-length: 16
x-content-type-options: nosniff

GET
H2 200 E00000004.ts Show response
x-default-stgec.uplynk.com/ausw/slices/074/44c3f81cadf84cf5a6f4e6d100388208/0741bce3458e4705a7a2e69ec4920c82/ Frame AF08 356 KB
356 KB 224ms
224ms XHR
application/octet-stream 2606:2800:133:202d:cd5:25f1:103b:1d26
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://x-default-stgec.uplynk.com/ausw/slices/074/44c3f81cadf84cf5a6f4e6d100388208/0741bce3458e4705a7a2e69ec4920c82/E00000004.ts?x=0&si=0
Requested by: Host: assets.scrippsdigital.com
URL: https://assets.scrippsdigital.com/cms/videojs/videojs-combine.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:133:202d:cd5:25f1:103b:1d26 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 531f32a46e2e78a886f99954e42179a5bc04a914ad3f9fa78d3440e7c668b733

Request headers

Referer: https://assets.scrippsdigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 15:00:44 GMT
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id: JZHN3VZB7564SAVK
x-amz-server-side-encryption: AES256
content-length: 364544
x-amz-id-2: C0M4e4LXuynSRNVwpMBClYf0nrUlS+Sjh4pGPwLnhJdorIAVr5i+9uT/y7zxHP+S6P/NZvzDjGk=
x-ec-put2cache: 1
last-modified: Fri, 24 Apr 2020 17:08:29 GMT
server: AmazonS3
etag: "17e0b63bbe4ef1ba88e55e41d5639bdf"
access-control-max-age: 3001
access-control-allow-methods: GET
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: no-cache
accept-ranges: bytes
expires: Sat, 24 Apr 2021 15:00:42 GMT

GET
H2 200 check2 Show response
content-zeuuks-up-1.uplynk.com/ Frame AF08 16 B
281 B 62ms
61ms XHR
text/html 20.50.105.246
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://content-zeuuks-up-1.uplynk.com/check2?b=0741bce3458e4705a7a2e69ec4920c82&v=0741bce3458e4705a7a2e69ec4920c82&r=e&pbs=

Requested by

Host: assets.scrippsdigital.com
URL: https://assets.scrippsdigital.com/cms/videojs/videojs-combine.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.50.105.246 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

9298dbac786b906a88d0e7df5e697019ca26c3a002e63c0145354f2653d9e253

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://assets.scrippsdigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 15:00:43 GMT
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/html
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store
x-services: 5db4faaad5a44b36b04d6cb309d3921a
content-length: 16
x-content-type-options: nosniff

GET
H2 200 E00000005.ts Show response
x-default-stgec.uplynk.com/ausw/slices/074/44c3f81cadf84cf5a6f4e6d100388208/0741bce3458e4705a7a2e69ec4920c82/ Frame AF08 359 KB
359 KB 239ms
239ms XHR
application/octet-stream 2606:2800:133:202d:cd5:25f1:103b:1d26
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://x-default-stgec.uplynk.com/ausw/slices/074/44c3f81cadf84cf5a6f4e6d100388208/0741bce3458e4705a7a2e69ec4920c82/E00000005.ts?x=0&si=0
Requested by: Host: assets.scrippsdigital.com
URL: https://assets.scrippsdigital.com/cms/videojs/videojs-combine.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:133:202d:cd5:25f1:103b:1d26 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b38bfc65e3256f28d5709b5db1e7cb639e580f579777c374e3ea286dd7540935

Request headers

Referer: https://assets.scrippsdigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 15:00:44 GMT
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id: JZHWS9RMWZFAWST8
x-amz-server-side-encryption: AES256
content-length: 367552
x-amz-id-2: PNLLZBudHILGhriaEUaJnJmSGMpIOWByMa0Qgt07Ixl3cJ89vfX6b1HOkT1e9jDIoRLbY6t6x38=
x-ec-put2cache: 1
last-modified: Fri, 24 Apr 2020 17:08:31 GMT
server: AmazonS3
etag: "9ec0bc02fea594ac0c49fdd1e5a42d2c"
access-control-max-age: 3001
access-control-allow-methods: GET
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: no-cache
accept-ranges: bytes
expires: Sat, 24 Apr 2021 15:00:43 GMT

GET
H2 200 check2 Show response
content-zeuuks-up-1.uplynk.com/ Frame AF08 16 B
281 B 25ms
24ms XHR
text/html 20.50.105.246
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://content-zeuuks-up-1.uplynk.com/check2?b=0741bce3458e4705a7a2e69ec4920c82&v=0741bce3458e4705a7a2e69ec4920c82&r=e&pbs=

Requested by

Host: assets.scrippsdigital.com
URL: https://assets.scrippsdigital.com/cms/videojs/videojs-combine.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.50.105.246 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

9298dbac786b906a88d0e7df5e697019ca26c3a002e63c0145354f2653d9e253

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://assets.scrippsdigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 15:00:44 GMT
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/html
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store
x-services: 331a0ea39f674f36821c051d75595c80
content-length: 16
x-content-type-options: nosniff

GET
H2 200 E00000006.ts Show response
x-default-stgec.uplynk.com/ausw/slices/074/44c3f81cadf84cf5a6f4e6d100388208/0741bce3458e4705a7a2e69ec4920c82/ Frame AF08 353 KB
353 KB 235ms
234ms XHR
application/octet-stream 2606:2800:133:202d:cd5:25f1:103b:1d26
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://x-default-stgec.uplynk.com/ausw/slices/074/44c3f81cadf84cf5a6f4e6d100388208/0741bce3458e4705a7a2e69ec4920c82/E00000006.ts?x=0&si=0
Requested by: Host: assets.scrippsdigital.com
URL: https://assets.scrippsdigital.com/cms/videojs/videojs-combine.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:133:202d:cd5:25f1:103b:1d26 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e4ab817223b0be68317a825eddeee4b1b22bf1d53bd90e925682cb48dcfa4c78

Request headers

Referer: https://assets.scrippsdigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 15:00:45 GMT
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id: TNT3Z9QRJZ8A5WAR
x-amz-server-side-encryption: AES256
content-length: 361536
x-amz-id-2: xXr/R3276NLZ7jFDjCzZNiS4rVSw5LMCRXCVzBzxopLZ3AZZgS9eaIrroU0eyptwTwq1TJLWVX0=
x-ec-put2cache: 1
last-modified: Fri, 24 Apr 2020 17:08:32 GMT
server: AmazonS3
etag: "caf38bfa4216f1b5f4a4fd07c47c2568"
access-control-max-age: 3001
access-control-allow-methods: GET
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: no-cache
accept-ranges: bytes
expires: Sat, 24 Apr 2021 15:00:43 GMT

GET
H2 200 check2 Show response
content-zeuuks-up-1.uplynk.com/ Frame AF08 16 B
281 B 26ms
26ms XHR
text/html 20.50.105.246
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://content-zeuuks-up-1.uplynk.com/check2?b=0741bce3458e4705a7a2e69ec4920c82&v=0741bce3458e4705a7a2e69ec4920c82&r=e&pbs=

Requested by

Host: assets.scrippsdigital.com
URL: https://assets.scrippsdigital.com/cms/videojs/videojs-combine.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.50.105.246 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

9298dbac786b906a88d0e7df5e697019ca26c3a002e63c0145354f2653d9e253

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://assets.scrippsdigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 15:00:44 GMT
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/html
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store
x-services: 331a0ea39f674f36821c051d75595c80
content-length: 16
x-content-type-options: nosniff

GET
H2 200 E00000007.ts Show response
x-default-stgec.uplynk.com/ausw/slices/074/44c3f81cadf84cf5a6f4e6d100388208/0741bce3458e4705a7a2e69ec4920c82/ Frame AF08 353 KB
353 KB 228ms
227ms XHR
application/octet-stream 2606:2800:133:202d:cd5:25f1:103b:1d26
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://x-default-stgec.uplynk.com/ausw/slices/074/44c3f81cadf84cf5a6f4e6d100388208/0741bce3458e4705a7a2e69ec4920c82/E00000007.ts?x=0&si=0
Requested by: Host: assets.scrippsdigital.com
URL: https://assets.scrippsdigital.com/cms/videojs/videojs-combine.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:133:202d:cd5:25f1:103b:1d26 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a30cfdb98ad44817471cd52be36d61399e29ab5549d7eb11ff18c2b723ae2a91

Request headers

Referer: https://assets.scrippsdigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 15:00:45 GMT
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id: TNT608NWEB3B84XC
x-amz-server-side-encryption: AES256
content-length: 361536
x-amz-id-2: qHrOTJy8hVrfj6orM0akxA2t7e3wZWXw4dEieYESSuvRkOBX2B18S5wWMkFcdmBGlDF5aA7FXPA=
x-ec-put2cache: 1
last-modified: Fri, 24 Apr 2020 17:08:31 GMT
server: AmazonS3
etag: "1139a29248eebb40f6f7d5b408f10b89"
access-control-max-age: 3001
access-control-allow-methods: GET
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: no-cache
accept-ranges: bytes
expires: Sat, 24 Apr 2021 15:00:43 GMT

GET
H2 200 ping.gif
stats-dev.brid.tv/ Frame 67FB 0
347 B 30ms
30ms Image
image/gif 13.33.139.11
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stats-dev.brid.tv/ping.gif?p=13841&pr=p&d=14&b=c&pid=17750&s=450|250&os=l&m=0&id=undefined&ow=14722&e=sq
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.139.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-139-11.cph50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.tmj4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 10:06:45 GMT
via: 1.1 272207cd716e9cf4826b7bb013eea27e.cloudfront.net (CloudFront)
last-modified: Tue, 04 Dec 2018 09:25:32 GMT
server: AmazonS3
age: 36661
etag: "d41d8cd98f00b204e9800998ecf8427e"
x-cache: Hit from cloudfront
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
x-amz-cf-pop: CPH50-C2
accept-ranges: bytes
content-length: 0
x-amz-cf-id: RpRIZLVTimqjwfUrPNyPj2riFwa3dgi6P2V-kqckKSwW-vOqkUwapQ==

GET
H2 200 check2 Show response
content-zeuuks-up-1.uplynk.com/ Frame AF08 16 B
281 B 218ms
217ms XHR
text/html 20.50.105.246
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://content-zeuuks-up-1.uplynk.com/check2?b=0741bce3458e4705a7a2e69ec4920c82&v=0741bce3458e4705a7a2e69ec4920c82&r=e&pbs=

Requested by

Host: assets.scrippsdigital.com
URL: https://assets.scrippsdigital.com/cms/videojs/videojs-combine.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.50.105.246 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

9298dbac786b906a88d0e7df5e697019ca26c3a002e63c0145354f2653d9e253

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://assets.scrippsdigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 15:00:45 GMT
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/html
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store
x-services: aac069df51cf44f8b12d88cd9253c3af
content-length: 16
x-content-type-options: nosniff

GET
H2 200 E00000008.ts Show response
x-default-stgec.uplynk.com/ausw/slices/074/44c3f81cadf84cf5a6f4e6d100388208/0741bce3458e4705a7a2e69ec4920c82/ Frame AF08 353 KB
353 KB 232ms
231ms XHR
application/octet-stream 2606:2800:133:202d:cd5:25f1:103b:1d26
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://x-default-stgec.uplynk.com/ausw/slices/074/44c3f81cadf84cf5a6f4e6d100388208/0741bce3458e4705a7a2e69ec4920c82/E00000008.ts?x=0&si=0
Requested by: Host: assets.scrippsdigital.com
URL: https://assets.scrippsdigital.com/cms/videojs/videojs-combine.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:133:202d:cd5:25f1:103b:1d26 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a3f2cc371691ab2b27def3ada9dca6870ef4461f036f1983e1e69a91b9a678e7

Request headers

Referer: https://assets.scrippsdigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 15:00:46 GMT
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id: 0S69R0JCTEHTY19X
x-amz-server-side-encryption: AES256
content-length: 361536
x-amz-id-2: Bxr1/rq6PsCNWgqxEAKXVOITQoHjM1KY7C6j7y2JsuBrpnd0MzMmuWB5c4lO8J/bsec53W5P5XQ=
x-ec-put2cache: 1
last-modified: Fri, 24 Apr 2020 17:08:32 GMT
server: AmazonS3
etag: "8a3ed200d25d35f45c13c475be28537f"
access-control-max-age: 3001
access-control-allow-methods: GET
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: no-cache
accept-ranges: bytes
expires: Sat, 24 Apr 2021 15:00:44 GMT

POST
H/1.1 200
OK g Show response
capi.connatix.com/rtb/ Frame 1FBF 117 B
398 B 148ms
147ms XHR
multipart/form-data 3.143.119.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/rtb/g?v=114867
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.143.119.104 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: d82bc67f3819ec83479ddff116a54731f59196b9ccb80624a25a8168aa523c00

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: multipart/form-data

Response headers

Date: Sat, 24 Apr 2021 15:00:46 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: multipart/form-data
Access-Control-Allow-Origin: https://www.tmj4.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 124

POST
H2 200 v2 Show response
e.serverbid.com/api/ Frame 445F 16 B
166 B 296ms
99ms XHR
application/json 134.209.131.220
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://e.serverbid.com/api/v2
Requested by: Host: yummy.consumable.com
URL: https://yummy.consumable.com/8766/cnsmbl-container-300x250-ads/widget/iframe.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 134.209.131.220 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: 903eb8f1cc364e01930ba03579f049a72794aa91d1a5842a2edb6365e436bb7c

Request headers

Referer: https://www.tmj4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.tmj4.com
date: Sat, 24 Apr 2021 15:00:47 GMT
access-control-allow-credentials: true
content-length: 16
vary: Origin
content-type: application/json

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame 445F 107 B
165 B 15ms
15ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.tmj4.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tmj4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 24 Apr 2021 15:00:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 445F 107 B
165 B 14ms
14ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.tmj4.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tmj4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 24 Apr 2021 15:00:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 445F 35 KB
14 KB 313ms
313ms XHR
text/plain 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3631689589428918&correlator=891179857754900&output=ldjh&impl=fifs&eid=31060789%2C31060825&vrg=2021042001&ptt=17&sc=1&sfv=1-0-38&ecs=20210424&iu_parts=133810016%2CScripps%2Cscripps-8766-cnsmbl-container-300x250-ads-dr-d&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250&ris=20&rcs=1&prev_scp=rfsh%3D2%26invw%3Dtrue%26rfshtime%3D11&eri=1&cookie_enabled=1&cdm=www.tmj4.com&bc=31&abxe=1&lmt=1619276447&dt=1619276447457&dlt=1619276425844&idt=147&ea=0&frm=23&biw=1600&bih=1200&isw=300&ish=250&oid=3&adxs=985&adys=234&adks=1744008382&ucis=p50ytzrfh0el&ifi=2&ifk=1078239775&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=4&url=https%3A%2F%2Fwww.tmj4.com%2Fnews%2Fcoronavirus%2Fwisconsins-extended-safer-at-home-order-relaxes-restrictions-on-non-essential-businesses&top=https%3A%2F%2Fwww.tmj4.com%2Fnews%2Fcoronavirus%2Fwisconsins-extended-safer-at-home-order-relaxes-restrictions-on-non-essential-businesses&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x-1&msz=300x-1&ga_vid=913600349.1619276427&ga_sid=1619276427&ga_hid=1147758924&ga_fc=false&fws=260&ohw=300&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

24b42c68e51513c6742ce4194ddc30f49a49cc4a8e612ef0f41912ce53c84779

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tmj4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 15:00:47 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13744
x-xss-protection: 0
google-lineitem-id: 4538451035
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138222539677
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.tmj4.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET activeview
pagead2.googlesyndication.com/pcs/ Frame AD44 0
0

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame CC82 0
0 43ms
43ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvdMQrER44D6t2eHUQMncMJT1UgVxPazgA5-8JEAvOGPyE9GdFcaG961XPBQ0doSQ3yFX6OsoGrUgZjuLW4aroC1FEZxVdgPKoItMf1Ad7Efcpv1IbPH7ydShPUhCFdM0MIOBB0JDXTDSKNX8NhqLQGbxZAzBPBCeRp58-c_d8aIEeneX7drhqqoH468q56I9nBD3M2m6ZV1leanr7--Ll4eBfXWksYm_cMIKVF-x7VdVtauoDWEsdiX0tbSoKe5zglzJY3PFfLEisjdP0AkrdPsh9dsqxEuDDhQndQKCR6nBbFGQQdL8nXc0IiHnNvKhrrmhhlKRUrT_Q81qdGBUXn2QqR8Z3NJb0&sai=AMfl-YQBIlI6zSUu_fy03h_K-27hJRl0KkrQdJ2wQT9Y3DHIySHOn3QXjArE29xrmJs_SzkrU9CGz5-MV5fZM4hZL6WeT6tJ4b3u7dGRD0jIbysk2S2QWyPWcMAJkSI8cCU&sig=Cg0ArKJSzIslGBcHA4fdEAE&adurl=

Requested by

Host: www.tmj4.com
URL: https://www.tmj4.com/news/coronavirus/wisconsins-extended-safer-at-home-order-relaxes-restrictions-on-non-essential-businesses

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tmj4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 24 Apr 2021 15:00:47 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Sat, 24 Apr 2021 15:00:47 GMT

GET
H2 200 5305678281706130699
tpc.googlesyndication.com/simgad/ Frame CC82 49 KB
49 KB 9ms
8ms Image
image/jpeg 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/5305678281706130699

Requested by

Host: www.tmj4.com
URL: https://www.tmj4.com/news/coronavirus/wisconsins-extended-safer-at-home-order-relaxes-restrictions-on-non-essential-businesses

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c9640b4008edd77014c3d31defa43f80015daf003dd0db7e80d4df387b846505

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tmj4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Apr 2021 04:34:59 GMT
x-content-type-options: nosniff
age: 555948
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49847
x-xss-protection: 0
last-modified: Tue, 20 Nov 2018 18:27:49 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 18 Apr 2022 04:34:59 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210422/r20110914/ Frame CC82 17 KB
7 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210422/r20110914/abg_lite_fy2019.js

Requested by

Host: www.tmj4.com
URL: https://www.tmj4.com/news/coronavirus/wisconsins-extended-safer-at-home-order-relaxes-restrictions-on-non-essential-businesses

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e9f3358441fb5f83ee3575f81df787bbade8b416b009cbdcbd3b71c8b6f560e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tmj4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 14:57:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 226
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7028
x-xss-protection: 0
server: cafe
etag: 3134275839577271762
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 08 May 2021 14:57:01 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210422/r20110914/client/ Frame CC82 2 KB
1 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210422/r20110914/client/window_focus_fy2019.js

Requested by

Host: www.tmj4.com
URL: https://www.tmj4.com/news/coronavirus/wisconsins-extended-safer-at-home-order-relaxes-restrictions-on-non-essential-businesses

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tmj4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 14:58:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 166
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 08 May 2021 14:58:01 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame CC82 116 KB
35 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: www.tmj4.com
URL: https://www.tmj4.com/news/coronavirus/wisconsins-extended-safer-at-home-order-relaxes-restrictions-on-non-essential-businesses

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dc015126841eaa9b1b79ee123e13d7d07ad7fe77f22366b05c480eff59a7a25e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tmj4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 15:00:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1619017370605640"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36032
x-xss-protection: 0
expires: Sat, 24 Apr 2021 15:00:47 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame CC82 0
0 14ms
13ms Image
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRZ5pawxzurWbj23CZl8siq6M6zoTEpNTSswKsedqjyUDHkc39fIa6sDz5p3hpTA9JcbVQT
Requested by: Host: www.tmj4.com
URL: https://www.tmj4.com/news/coronavirus/wisconsins-extended-safer-at-home-order-relaxes-restrictions-on-non-essential-businesses
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.tmj4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame CC82 0
0 44ms
43ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssgXFAFLRDej9MKZPo7k8zIqkchnybqyJqhRC0WIoWttuPrhEV2UQsLNU9BTLa3jG6C8ggm7cTt8R1OBiaLsjA466yS9izhLIilRoadJLoUNjEUCxer4A9BRBS-rZiGY6dYfpm4JnTVdMM16BV7hiucPlin8nViSpoxTj4Eajie2Euyj4ths-tJf-7yShyPZN5RIgh1b9u1Sa0yo6WQwVB4hPMIj2zZ0OYQyEestZrgFMPZDnOaK5EPC2wUGCSsgCO3jzby5yFuRoimm4YKge3ELXOtNVMGUhoKdu7A4qa2u0A7hgPWKRjyKijYMBGbzSzV8jKhPOyWjn4OsDVT-pkc5bO4Fqqxp7IHIA&sai=AMfl-YRNl2h19YUJkft24wKIY71xhzl7S2HKCIpzSkadwebk3LyBIL-oCoOT0B0UkPAd3630N_4KqtG9FRV57ZoFE2ymeNNl3YkD8dEWNj8ohdEQHmHEAAPXv7kNEi-gqHc&sig=Cg0ArKJSzJV2fbhtL0PPEAE&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tmj4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 24 Apr 2021 15:00:47 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Sat, 24 Apr 2021 15:00:47 GMT

GET
DATA 200
OK truncated
/ Frame CC82 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3b2a68cab2e4a664833720df4c6580f57698dc9b3b36fbdb3256e4d8bcfb6167

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 check2 Show response
content-zeuuks-up-1.uplynk.com/ Frame AF08 16 B
281 B 98ms
98ms XHR
text/html 20.50.105.246
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://content-zeuuks-up-1.uplynk.com/check2?b=0741bce3458e4705a7a2e69ec4920c82&v=0741bce3458e4705a7a2e69ec4920c82&r=e&pbs=

Requested by

Host: assets.scrippsdigital.com
URL: https://assets.scrippsdigital.com/cms/videojs/videojs-combine.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.50.105.246 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

9298dbac786b906a88d0e7df5e697019ca26c3a002e63c0145354f2653d9e253

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://assets.scrippsdigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 15:00:48 GMT
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/html
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store
x-services: aac069df51cf44f8b12d88cd9253c3af
content-length: 16
x-content-type-options: nosniff

GET
H2 200 E00000009.ts Show response
x-default-stgec.uplynk.com/ausw/slices/074/44c3f81cadf84cf5a6f4e6d100388208/0741bce3458e4705a7a2e69ec4920c82/ Frame AF08 335 KB
336 KB 240ms
240ms XHR
application/octet-stream 2606:2800:133:202d:cd5:25f1:103b:1d26
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://x-default-stgec.uplynk.com/ausw/slices/074/44c3f81cadf84cf5a6f4e6d100388208/0741bce3458e4705a7a2e69ec4920c82/E00000009.ts?x=0&si=0
Requested by: Host: assets.scrippsdigital.com
URL: https://assets.scrippsdigital.com/cms/videojs/videojs-combine.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:133:202d:cd5:25f1:103b:1d26 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3f989bc347aac79d20b7235c9882bd9504c81494a378cefd98fb449287d76ce0

Request headers

Referer: https://assets.scrippsdigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 15:00:49 GMT
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id: 5PWB51QQZGDZ5P5R
x-amz-server-side-encryption: AES256
content-length: 343488
x-amz-id-2: 6htBvxTUVf+ASqj1ZNa2lfmpOAtFET4H29Nn0QsdHRQUSkgJkryWTpFheBvUOa5NJ8iZ/0ZBYO0=
x-ec-put2cache: 1
last-modified: Fri, 24 Apr 2020 17:08:33 GMT
server: AmazonS3
etag: "484d450c6b86d762ff809bd85e4f9e82"
access-control-max-age: 3001
access-control-allow-methods: GET
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: no-cache
accept-ranges: bytes
expires: Sat, 24 Apr 2021 15:00:47 GMT

GET
H2 200 ping.gif
stats-dev.brid.tv/ Frame 67FB 0
346 B 30ms
30ms Image
image/gif 13.33.139.11
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stats-dev.brid.tv/ping.gif?p=13841&pr=p&d=14&b=c&pid=17750&s=450|250&os=l&m=0&id=undefined&ow=14722&e=tq
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.139.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-139-11.cph50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.tmj4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 10:06:45 GMT
via: 1.1 272207cd716e9cf4826b7bb013eea27e.cloudfront.net (CloudFront)
last-modified: Tue, 04 Dec 2018 09:25:32 GMT
server: AmazonS3
age: 36665
etag: "d41d8cd98f00b204e9800998ecf8427e"
x-cache: Hit from cloudfront
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
x-amz-cf-pop: CPH50-C2
accept-ranges: bytes
content-length: 0
x-amz-cf-id: kno6ncqnGX-mt7xLVZC-td8SfnVWFX9qlLF8ULmNi9KdSTEd8gUkag==

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame CC82 42 B
64 B 15ms
15ms Fetch
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssn1Qrr_ySgiScfJUZyWQYMB_difacrH0W6WpB6jG2nqntNe8HYg7pKJwlqeCoV-pBAk7Nm_wMCg3tBz4CNEAJlTv-jYVTNuW2o8RWCwfU&sig=Cg0ArKJSzBPoK6FLaC_6EAE&id=lidar2&mcvt=1000&p=0,0,250,300&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210421&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=3&adk=1744008382&rs=4&met=mue&la=0&cr=0&osd=1&vs=4&rst=1619276447825&dlt=0&rpt=63&isd=0&msd=0&r=v&fum=1

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tmj4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Apr 2021 15:00:48 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: prebid-server.rubiconproject.com
URL: https://prebid-server.rubiconproject.com/openrtb2/auction

Domain: ads.adaptv.advertising.com
URL: https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=Consumable

Domain: as-sec.casalemedia.com
URL: https://as-sec.casalemedia.com/cygnus?s=489464&v=8.1&r=%7B%22id%22%3A%225c0d380a10670e%22%2C%22imp%22%3A%5B%7B%22id%22%3A%2260436b57045d79%22%2C%22ext%22%3A%7B%22siteID%22%3A%22489464%22%2C%22sid%22%3A%22640x480%22%7D%2C%22video%22%3A%7B%22size%22%3A%5B640%2C480%5D%2C%22context%22%3A%22instream%22%2C%22mimes%22%3A%5B%22application%2Fjavascript%22%2C%22application%2Fx-mpegurl%22%2C%22video%2F3gpp%22%2C%22video%2Fmp4%22%2C%22video%2Fmpeg%22%2C%22video%2Fogg%22%2C%22video%2Fwebm%22%2C%22video%2Fx-m4v%22%2C%22video%2Fx-ms-asf%22%2C%22video%2Fx-ms-wmv%22%2C%22video%2Fx-msvideo%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A120%2C%22protocols%22%3A%5B1%2C2%2C3%2C4%2C5%2C6%2C7%2C8%5D%2C%22api%22%3A%5B1%2C2%5D%2C%22linearity%22%3A1%2C%22w%22%3A640%2C%22h%22%3A480%2C%22placement%22%3A1%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.tmj4.com%2Fnews%2Fcoronavirus%2Fwisconsins-extended-safer-at-home-order-relaxes-restrictions-on-non-essential-businesses%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22consumable.com%22%2C%22sid%22%3A%222000248%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%7D&ac=j&sd=1&nf=1&

Domain: search.spotxchange.com
URL: https://search.spotxchange.com/openrtb/2.3/dados/284289

Domain: hb.emxdgt.com
URL: https://hb.emxdgt.com/?t=2000&ts=1619276425781&src=pbjs

Domain: ib.adnxs.com
URL: https://ib.adnxs.com/ut/v3/prebid

Domain: um.wbtrk.net
URL: https://um.wbtrk.net/doubleclick/user/match?google_gid=CAESEN57KJZNC_ZW4kfFdXu7S8s&google_cver=1&google_push=AQvitULvFhOPnJOMEurFjBGt7aT-Rndej4fmN2AMB8MWJnIDnF-EfLMT5lD6Pn151kfoVKR5FHxfksJ6GDfP019lLelPWY1Rwv72

Domain: prebid.digitru.st
URL: https://prebid.digitru.st/id/v1

Domain: prebid.digitru.st
URL: https://prebid.digitru.st/id/v1

Domain: ums.acuityplatform.com
URL: https://ums.acuityplatform.com/bum?tpid=29&uid=b85b6b29-735d-4e70-b33b-c214efcc539c&bidswitch_ssp_id=pubmatic

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstXMHPwO_JuVnVmEhsN1CXPJ4LtZtnCpCClLopWvrp8Jc5clY3VuhzMFxqNO7XeO4k4XgpMYTiPTDMmOjUrSrbLUxrg8X_H6Fuk_J3LyYM&sig=Cg0ArKJSzOQkCgJY4rUBEAE&id=lidartos&mcvt=20136&p=0,0,250,300&mtos=20136,20136,20136,20136,20136&tos=20136,0,0,0,0&v=20210421&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=3&adk=1744008382&rs=4&met=mue&la=0&cr=0&osd=1&vs=4&rst=1619276427541&dlt=0&rpt=114&isd=0&msd=0&r=u&fum=1

Verdicts & Comments Add Verdict or Comment

199 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.google.com/	1970-01-19 22:11:27	Name: NID Value: 214=NFZl8AI9CsSEjdpysjHqkGD7EP-URLCznGj5ZendAeQq585eVQ-8lfGbPfivfGtlE5S_jMkKqkTNZPugn8Bz5uqfPOTgLqan19k1M1wy9dxBXwlz5mL4KHftQRse3ckqtwYX7rS67QOTDKJ8sNdMf24yGP6NHhxWtmdrhgr0hcw

53 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://ewscripps.brightspotcdn.com/resource/00000178-eb24-d424-adfc-efad9ac60000/styleguide/All.min.2f9624d512372d25bc9ce2c3f2c34682.gz.js(Line 8) Message: we are running the javascript modules
console-api	log	URL: https://ewscripps.brightspotcdn.com/resource/00000178-eb24-d424-adfc-efad9ac60000/styleguide/All.min.2f9624d512372d25bc9ce2c3f2c34682.gz.js(Line 6) Message: starting the state machine
console-api	log	URL: https://ewscripps.brightspotcdn.com/resource/00000178-eb24-d424-adfc-efad9ac60000/styleguide/All.min.2f9624d512372d25bc9ce2c3f2c34682.gz.js(Line 8) Message: gooooood
console-api	log	URL: https://ewscripps.brightspotcdn.com/resource/00000178-eb24-d424-adfc-efad9ac60000/styleguide/All.min.2f9624d512372d25bc9ce2c3f2c34682.gz.js(Line 5) Message: **** [object Object]
console-api	log	URL: https://ewscripps.brightspotcdn.com/resource/00000178-eb24-d424-adfc-efad9ac60000/styleguide/All.min.2f9624d512372d25bc9ce2c3f2c34682.gz.js(Line 8) Message: returning data
console-api	log	URL: https://ewscripps.brightspotcdn.com/resource/00000178-eb24-d424-adfc-efad9ac60000/styleguide/All.min.2f9624d512372d25bc9ce2c3f2c34682.gz.js(Line 8) Message: [object Object]
console-api	log	URL: https://ewscripps.brightspotcdn.com/resource/00000178-eb24-d424-adfc-efad9ac60000/styleguide/All.min.2f9624d512372d25bc9ce2c3f2c34682.gz.js(Line 6) Message: [object Object]
console-api	log	URL: https://ewscripps.brightspotcdn.com/resource/00000178-eb24-d424-adfc-efad9ac60000/styleguide/All.min.2f9624d512372d25bc9ce2c3f2c34682.gz.js(Line 8) Message: returning data
console-api	log	URL: https://ewscripps.brightspotcdn.com/resource/00000178-eb24-d424-adfc-efad9ac60000/styleguide/All.min.2f9624d512372d25bc9ce2c3f2c34682.gz.js(Line 8) Message: [object Object]
console-api	log	URL: https://ewscripps.brightspotcdn.com/resource/00000178-eb24-d424-adfc-efad9ac60000/styleguide/All.min.2f9624d512372d25bc9ce2c3f2c34682.gz.js(Line 6) Message: [object Object]
console-api	log	URL: https://ewscripps.brightspotcdn.com/resource/00000178-eb24-d424-adfc-efad9ac60000/styleguide/All.min.2f9624d512372d25bc9ce2c3f2c34682.gz.js(Line 8) Message: returning data
console-api	log	URL: https://ewscripps.brightspotcdn.com/resource/00000178-eb24-d424-adfc-efad9ac60000/styleguide/All.min.2f9624d512372d25bc9ce2c3f2c34682.gz.js(Line 8) Message: [object Object]
console-api	log	URL: https://ewscripps.brightspotcdn.com/resource/00000178-eb24-d424-adfc-efad9ac60000/styleguide/All.min.2f9624d512372d25bc9ce2c3f2c34682.gz.js(Line 6) Message: [object Object]
console-api	log	URL: https://ewscripps.brightspotcdn.com/resource/00000178-eb24-d424-adfc-efad9ac60000/styleguide/All.min.2f9624d512372d25bc9ce2c3f2c34682.gz.js(Line 6) Message: [object Object]
console-api	log	URL: https://ewscripps.brightspotcdn.com/resource/00000178-eb24-d424-adfc-efad9ac60000/styleguide/All.min.2f9624d512372d25bc9ce2c3f2c34682.gz.js(Line 6) Message: the end of fetchschedules
console-api	log	URL: https://ewscripps.brightspotcdn.com/resource/00000178-eb24-d424-adfc-efad9ac60000/styleguide/All.min.2f9624d512372d25bc9ce2c3f2c34682.gz.js(Line 6) Message: STATE ISwatch
console-api	log	URL: https://ewscripps.brightspotcdn.com/resource/00000178-eb24-d424-adfc-efad9ac60000/styleguide/All.min.2f9624d512372d25bc9ce2c3f2c34682.gz.js(Line 6) Message: WATCHING
console-api	log	URL: https://ewscripps.brightspotcdn.com/resource/00000178-eb24-d424-adfc-efad9ac60000/styleguide/All.min.2f9624d512372d25bc9ce2c3f2c34682.gz.js(Line 6) Message: TOGGLING ELEMENTS
console-api	log	URL: https://ewscripps.brightspotcdn.com/resource/00000178-eb24-d424-adfc-efad9ac60000/styleguide/All.min.2f9624d512372d25bc9ce2c3f2c34682.gz.js(Line 6) Message: REMOVING HIDDENhttps://www.tmj4.com/videos
console-api	log	URL: https://ewscripps.brightspotcdn.com/resource/00000178-eb24-d424-adfc-efad9ac60000/styleguide/All.min.2f9624d512372d25bc9ce2c3f2c34682.gz.js(Line 6) Message: REMOVING HIDDENhttps://www.tmj4.com/videos
console-api	log	URL: https://ewscripps.brightspotcdn.com/resource/00000178-eb24-d424-adfc-efad9ac60000/styleguide/All.min.2f9624d512372d25bc9ce2c3f2c34682.gz.js(Line 6) Message: REMOVING HIDDENhttps://www.tmj4.com/videos
console-api	log	URL: https://ewscripps.brightspotcdn.com/resource/00000178-eb24-d424-adfc-efad9ac60000/styleguide/All.min.2f9624d512372d25bc9ce2c3f2c34682.gz.js(Line 8) Message: returning data
console-api	log	URL: https://ewscripps.brightspotcdn.com/resource/00000178-eb24-d424-adfc-efad9ac60000/styleguide/All.min.2f9624d512372d25bc9ce2c3f2c34682.gz.js(Line 8) Message: [object Object]
console-api	log	URL: https://ewscripps.brightspotcdn.com/resource/00000178-eb24-d424-adfc-efad9ac60000/styleguide/All.min.2f9624d512372d25bc9ce2c3f2c34682.gz.js(Line 6) Message: [object Object]
console-api	log	URL: https://ewscripps.brightspotcdn.com/resource/00000178-eb24-d424-adfc-efad9ac60000/styleguide/All.min.2f9624d512372d25bc9ce2c3f2c34682.gz.js(Line 5) Message: processEvent VIDEO_START [object Object]
console-api	log	URL: https://ewscripps.brightspotcdn.com/resource/00000178-eb24-d424-adfc-efad9ac60000/styleguide/All.min.2f9624d512372d25bc9ce2c3f2c34682.gz.js(Line 5) Message: sendToGTM Video Start [object Object]
console-api	log	URL: https://ewscripps.brightspotcdn.com/resource/00000178-eb24-d424-adfc-efad9ac60000/styleguide/All.min.2f9624d512372d25bc9ce2c3f2c34682.gz.js(Line 5) Message: VIDEO_START [object Object]
console-api	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042001.js(Line 6) Message: This ad's html cannot be accessed using the getHtml method on googletag.Slot. Returning the empty string instead.
console-api	log	URL: https://yummy.consumable.com/8580/cnsmbl-video-970x250/widget/unit.js?cb=1619276424015(Line 1) Message: not in breakout
console-api	log	URL: https://yummy.consumable.com/8580/cnsmbl-video-970x250/widget/unit.js?cb=1619276424015(Line 1) Message: true
console-api	info	URL: https://www.arcgis.com/apps/opsdashboard/assets/nickel-d2e45f9de52e8c2b16506d4623d2a2d3.js(Line 5) Message: ArcGIS Dashboards opsdashboard 03/24/2021, 21:16 +01:00 (c187029b)
console-api	log	URL: https://www.arcgis.com/apps/opsdashboard/assets/vendor-943b856b3076fb466965281d4a24dd85.js(Line 11212) Message: ember-i18n has been deprecated in favor of ember-intl
console-api	log	URL: https://yummy.consumable.com/8580/cnsmbl-video-970x250/widget/unit.js?cb=1619276424015(Line 1) Message: true
console-api	log	URL: https://yummy.consumable.com/8580/cnsmbl-video-970x250/widget/unit.js?cb=1619276424015(Line 1) Message: true
console-api	warning	URL: https://yummy.consumable.com/8580/cnsmbl-video-970x250/widget/iframe.js?cb=1619276425053(Line 5) Message: fun-hooks: referenced 'registerAdserver' but it was never created
console-api	log	URL: https://yummy.consumable.com/8580/cnsmbl-video-970x250/widget/unit.js?cb=1619276424015(Line 1) Message: iframeLoaded called
console-api	log	URL: https://yummy.consumable.com/8580/cnsmbl-video-970x250/widget/unit.js?cb=1619276424015(Line 1) Message: iframeResized called
console-api	log	URL: https://ewscripps.brightspotcdn.com/resource/00000178-eb24-d424-adfc-efad9ac60000/styleguide/All.min.2f9624d512372d25bc9ce2c3f2c34682.gz.js(Line 5) Message: processEvent AD_START [object Object]
console-api	log	URL: https://ewscripps.brightspotcdn.com/resource/00000178-eb24-d424-adfc-efad9ac60000/styleguide/All.min.2f9624d512372d25bc9ce2c3f2c34682.gz.js(Line 5) Message: sendToGTM Video Ad Start [object Object]
console-api	log	URL: https://ewscripps.brightspotcdn.com/resource/00000178-eb24-d424-adfc-efad9ac60000/styleguide/All.min.2f9624d512372d25bc9ce2c3f2c34682.gz.js(Line 5) Message: AD_START [object Object]
console-api	log	URL: https://yummy.consumable.com/8580/cnsmbl-video-970x250/widget/iframe.js?cb=1619276425053(Line 20) Message: loadTrack called
console-api	log	URL: https://yummy.consumable.com/8580/cnsmbl-video-970x250/widget/iframe.js?cb=1619276425053(Line 20) Message: bindbuttons called
console-api	log	URL: https://yummy.consumable.com/8580/cnsmbl-video-970x250/widget/iframe.js?cb=1619276425053(Line 20) Message: player ready
console-api	log	URL: https://yummy.consumable.com/8580/cnsmbl-video-970x250/widget/iframe.js?cb=1619276425053(Line 20) Message: bindPlayerMethods called
console-api	log	URL: https://yummy.consumable.com/8580/cnsmbl-video-970x250/widget/iframe.js?cb=1619276425053(Line 20) Message: mutechange event
console-api	log	URL: https://yummy.consumable.com/8580/cnsmbl-video-970x250/widget/iframe.js?cb=1619276425053(Line 20) Message: requestAd
console-api	log	URL: https://yummy.consumable.com/8580/cnsmbl-video-970x250/widget/iframe.js?cb=1619276425053(Line 20) Message: adEnd
console-api	log	URL: https://yummy.consumable.com/8580/cnsmbl-video-970x250/widget/iframe.js?cb=1619276425053(Line 20) Message: adEnd
console-api	log	URL: https://yummy.consumable.com/8580/cnsmbl-video-970x250/widget/iframe.js?cb=1619276425053(Line 20) Message: Video start
console-api	log	URL: https://yummy.consumable.com/8580/cnsmbl-video-970x250/widget/iframe.js?cb=1619276425053(Line 20) Message: Video start
console-api	log	URL: https://ewscripps.brightspotcdn.com/resource/00000178-eb24-d424-adfc-efad9ac60000/styleguide/All.min.2f9624d512372d25bc9ce2c3f2c34682.gz.js(Line 5) Message: processEvent AD_END [object Object]
console-api	log	URL: https://ewscripps.brightspotcdn.com/resource/00000178-eb24-d424-adfc-efad9ac60000/styleguide/All.min.2f9624d512372d25bc9ce2c3f2c34682.gz.js(Line 5) Message: sendToGTM Video Ad End [object Object]
console-api	log	URL: https://ewscripps.brightspotcdn.com/resource/00000178-eb24-d424-adfc-efad9ac60000/styleguide/All.min.2f9624d512372d25bc9ce2c3f2c34682.gz.js(Line 5) Message: AD_END [object Object]

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

405fe409071c52a544271c00a7b1f864.safeframe.googlesyndication.com
4394967.fls.doubleclick.net
5994599.fls.doubleclick.net
a.tribalfusion.com
a3a96b9ff0f7528530d1f7c674196848.safeframe.googlesyndication.com
acdn.adnxs.com
ad.turn.com
ad4m.at
ads-alpha.ewscloud.com
ads.adaptv.advertising.com
ads.betweendigital.com
ads.playground.xyz
ads.pubmatic.com
adservice.google.com
adservice.google.de
ajax.googleapis.com
ap.lijit.com
apex.go.sonobi.com
api.ewscloud.com
api.pymx5.com
as-sec.casalemedia.com
assets.scrippsdigital.com
aud.pubmatic.com
bh.contextweb.com
biddr.brealtime.com
c.amazon-adsystem.com
c.brid.tv
c1.adform.net
capi.connatix.com
cd.connatix.com
cdn.contentspread.net
cdn.traileraddict.com
cdn5.userzoom.com
cds.connatix.com
clarium.global.ssl.fastly.net
cm.adgrx.com
cm.g.doubleclick.net
cms.quantserve.com
code.jquery.com
connect.facebook.net
content-zeuuks-up-1.uplynk.com
content.uplynk.com
contextual.media.net
cs.emxdgt.com
csi.gstatic.com
d25dfknw9ghxs6.cloudfront.net
d2s8wlbatk24s7.cloudfront.net
d5p.de17a.com
dis.criteo.com
dsp.adfarm1.adition.com
e.serverbid.com
eu-u.openx.net
eus.rubiconproject.com
event.clientgear.com
ewscripps.brightspotcdn.com
fc66110c3fcd50b272fa32068622ef60.safeframe.googlesyndication.com
fonts.googleapis.com
fonts.gstatic.com
gcm.ctnsnet.com
gift-connect-d.openx.net
go.sonobi.com
googleads.g.doubleclick.net
green.erne.co
hal9000.redintelligence.net
hal90008.redintelligence.net
hb.emxdgt.com
hblg.media.net
hbopenbid.pubmatic.com
ib.adnxs.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
imasdk.googleapis.com
img.connatix.com
includemodal.com
includemodal.global.ssl.fastly.net
jelly.mdhv.io
js.arcgis.com
lit.connatix.com
log.outbrainimg.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
match.taboola.com
maxcdn.bootstrapcdn.com
mb.moatads.com
mcdp-nydc1.outbrain.com
mv.outbrain.com
mwzeom.zeotap.com
ob.cheqzone.com
obs.cheqzone.com
odb.outbrain.com
p.brid.tv
p.skimresources.com
p.typekit.net
pagead2.googlesyndication.com
pbs.publishers.tremorhub.com
pixel-sync.sitescout.com
pixel.advertising.com
pixel.mathtag.com
pixel.quantserve.com
pr-bh.ybp.yahoo.com
prebid-server.rubiconproject.com
prebid.digitru.st
pubads.g.doubleclick.net
pubmatic-match.dotomi.com
px.moatads.com
pymx5.com
r.skimresources.com
r10---sn-4g5e6nzy.gvt1.com
redirector.gvt1.com
rtb-csync.smartadserver.com
rtb.gumgum.com
rtb.openx.net
rules.quantcount.com
s.skimresources.com
s.tribalfusion.com
s0.2mdn.net
sb.scorecardresearch.com
search.spotxchange.com
secure-assets.rubiconproject.com
secure.adnxs.com
secure.quantserve.com
securepubads.g.doubleclick.net
sejs.moatads.com
serverbid-sync.nyc3.cdn.digitaloceanspaces.com
services.brid.tv
services9.arcgis.com
simage2.pubmatic.com
simage4.pubmatic.com
ssum-sec.casalemedia.com
static.ewscloud.com
stats-dev.brid.tv
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.go.sonobi.com
sync.mathtag.com
sync.serverbid.com
sync.targeting.unrulymedia.com
t.skimresources.com
tags.mathtag.com
tcheck.outbrainimg.com
token.rubiconproject.com
tpc.googlesyndication.com
traileraddict-converted-assets.s3.amazonaws.com
trc.taboola.com
u.openx.net
uipglob.semasio.net
um.simpli.fi
um.wbtrk.net
ums.acuityplatform.com
ups.analytics.yahoo.com
us-u.openx.net
use.fontawesome.com
use.typekit.net
v.traileraddict.com
vid.connatix.com
visitor.fiftyt.com
vtrdn-wjdav.ads.tremorhub.com
widget-pixels.outbrain.com
widgets.outbrain.com
www.arcgis.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.tmj4.com
x-default-stgec.uplynk.com
x.bidswitch.net
yummy.consumable.com
z.moatads.com
ads.adaptv.advertising.com
as-sec.casalemedia.com
hb.emxdgt.com
ib.adnxs.com
pagead2.googlesyndication.com
prebid-server.rubiconproject.com
prebid.digitru.st
search.spotxchange.com
um.wbtrk.net
ums.acuityplatform.com
104.111.230.142
104.17.119.107
13.224.95.115
13.224.95.126
13.224.95.17
13.224.95.61
13.33.139.11
13.33.139.113
13.33.139.93
134.209.131.220
138.201.63.150
138.201.63.165
142.250.185.166
142.250.186.162
142.250.186.66
143.204.245.11
143.204.245.14
143.204.245.38
143.204.245.88
143.204.247.127
143.204.90.102
151.101.113.108
151.101.113.194
151.101.114.132
151.101.114.137
151.101.114.49
151.101.13.194
151.101.14.132
151.101.14.137
151.101.2.137
151.139.128.11
159.253.128.188
169.197.150.7
173.231.180.197
178.162.133.148
178.162.133.149
178.162.133.150
178.250.2.151
178.62.202.251
18.195.155.181
18.216.222.118
18.234.22.28
185.29.132.144
185.29.133.33
185.33.221.13
185.59.220.199
185.64.189.110
185.64.189.112
185.64.189.114
185.64.189.115
185.64.189.249
185.86.138.143
188.138.33.34
188.42.191.196
198.148.27.140
199.232.137.44
2.18.232.28
2.18.233.180
2.18.233.201
2.18.234.190
2.18.234.21
2.18.235.40
2.18.235.93
20.50.105.246
2001:4de0:ac18::1:a:2a
2001:678:cb4:bbbb::11
205.185.216.42
206.189.254.17
209.197.3.16
213.155.156.180
213.19.147.45
216.239.38.21
216.52.2.39
23.111.9.35
23.37.42.132
2404:6800:4003:c04::5e
2600:1f18:612b:4216:b3d7:e742:13a8:bd05
2600:1f18:612b:4264:5a80:73c5:9cbd:79d9
2600:1f18:e8a:cd10:3bb7:12f:ec6a:dc8a
2600:9000:2021:400:9:4c16:5180:21
2600:9000:20eb:7800:10:618e:d880:93a1
2600:9000:215d:a600:6:44e3:f8c0:93a1
2600:9000:21f3:f200:d:77c3:2dc0:21
2606:2800:133:202d:cd5:25f1:103b:1d26
2606:4700:10::6816:1957
2606:4700:20::681a:236
2606:4700:20::681a:bd1
2606:4700:20::ac43:453b
2606:4700::6812:acf
2606:4700::6812:c05
2620:116:800d:21:5a23:9c4e:e774:96c1
2a00:1288:110:c305::8000
2a00:1450:4001:800::200a
2a00:1450:4001:801::200a
2a00:1450:4001:802::2002
2a00:1450:4001:803::2002
2a00:1450:4001:803::2006
2a00:1450:4001:803::200a
2a00:1450:4001:808::2003
2a00:1450:4001:811::2004
2a00:1450:4001:812::2008
2a00:1450:4001:813::2002
2a00:1450:4001:828::2002
2a00:1450:4001:828::200e
2a00:1450:4001:829::2001
2a00:1450:4001:82a::200e
2a00:1450:4001:c::a
2a00:1450:400c:c00::9b
2a00:1450:400d:804::2001
2a02:26f0:6c00:2ae::19fd
2a02:26f0:6c00::210:ba0a
2a02:fa8:8806:13::1370
2a03:2880:f03d:1c:face:b00c:0:3
3.11.4.3
3.126.56.137
3.143.119.104
3.223.71.232
34.96.74.203
34.98.107.212
35.186.193.173
35.190.59.101
35.190.91.160
35.201.67.47
35.201.96.126
35.227.203.93
35.227.252.103
35.244.159.8
37.157.4.39
47.252.78.131
52.208.41.69
52.209.246.140
52.217.15.52
52.30.50.112
52.57.10.248
52.57.142.16
64.202.112.159
66.155.71.150
69.173.144.165
77.243.60.138
85.114.159.118
87.98.242.60
01ea8a8eec39a60b2adc27d44ecf90e922bd97fe23183611cb3cc0731e17515d
035503a0a50481982ffcbbfd91fcb529bf21cc5ade9a950463a7dde9f3703dbd
03fa924099182c607c33fb7877f50e7de0ae3522e1bcff8f7247ae5e88a2b25b
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
06243cd40ffe29de1e22920a2d0ad394009962eebc1469a774dd43bba6a833ca
069f60bcfa765ce7929ddd12219d30dea374a695cb3f7ad73092d0471d86ea71
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
09c3b6a5703fb63a02456ba0e7c5c747600a7b12eecc2d7c1abac7237373bb90
09ff60c9ac2e0bab842d49e773bfd79d27d1a957544e338f269d8c6b05d6e1de
0aae9ffbfef06b0b5ef60ef6c0aebfceebb2e9f0deca58dcd9aacacda7e0d7fe
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0bfa9232e799a5ceb61b8494b43dcb279071e855079a664a6e5ac22247aa2407
1017de2c1c7e193cd96605a75354d0bf2f18314644e5f0f9b1f3ec5a37f090ce
110566be12e8b6a4421878fbd81776c09b8b1773820ce3dbed7590b8606a7d67
1109c8eee8360d25c3736e2fefd75ba3b29d6feca4370f0c96db9ae88c26886c
11947b1c7fd4361e0a062a78a8cbe02ec43102b8cebb37c63d64dd65071e61aa
120892938457bac6b762c5cba9bb3c2b0bc8a778ec4c387b01f499f6383765d9
13086c68f899dc06f5b51da8efc563f7e6d005c20e524f64aa437d0985b0e9d7
15e23c26e5a921044bff42508a48ab366137ccbe6d59db5ae841f1282876962c
1799b98931eb002e5e30b01b1ae1c4ff9094c5e2fab291401880fa3857205a52
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
19bbbc30769803d0a05606c396e8277302300dedd378f19937a094ba06b536aa
1a59329497187b99641cf0cd1eb55d3d4b2324ef9e5d037b8c00347d1692b23c
1b21d7945f9a9e83d3218aa05a9a97c91d0db52e4682e6392dac56496134ce2d
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
1d227a6bc430bf14bb905c07e45bd1bf779ab63e009cfbef54ad59fc20a38c34
1d9b4f9d80d659f7bab074ca2a1b2aea309f39b7b26d45b7b0907ee62c36776b
2010531392a242368efc64bb9ec889335acae3dd08953b06208b0466cdcae142
23371b5319a53a0a2d3c59d738d679c384822c244ea4e791ef87a4110b8a291e
2359d383bf2d4ab65ebf7923bdf74ce40e4093f6e58251b395a64034b3c39772
24b42c68e51513c6742ce4194ddc30f49a49cc4a8e612ef0f41912ce53c84779
25b88bf9d929543f95693a526b8a0e803eb7190cfa60042b0487a4b6b749ae71
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
26b711e1ad6818d849a6ef19e3ce12d7e8f7a6d4ab62c6b781b9d55c8b3378bc
27c13b9a3a8393852e9ca69a521eccee111f8ec9b7faefc8d3c1221a5a9a601d
27e479db85f768dc2ddaf2f507a087518a43dae349c0bf383f4d915bd11dd1e7
282b904cdb65ec356a4e1a6102f78bc7d2d939312dd425c102daba73abcb1105
2a4ef1e5f3ca01e5f8c9971311d71b3a3ccd55529425656ed9b2eb550b08e8dd
2c0d8f53c22e1fc0296c1954cb303af90746030b70136effa16c76bb1947c397
2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
2d9c617688e8ac94805bc712099b4a3800c88815a71147e2320881f33005e3e2
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e905b3a493c6d9c62737e1ece3bc83ea52ffdb0f8574dddf815ae1d5cbcebcd
30a920278d553f254c65b1e36523e54f8168c0b38fbc0abf8abb796d84bded38
30f11d013cefc63d2c78d3465eef7c6c245ba451ea07e3162640362e2226a865
31aff64d0957bacb78a34911b9e8318b0c6d506429ee72bf7d07ae06e691a5d3
324f5f19e9ce907dfb15b8488800b11dae220cd92b1c4440b2dc8ff56a4353fc
326d77891415f82cdfafe9b74ede6ba52b2a3f2c33efd26ee18a7ce9053f31c7
32d6a58cee780a5389129ec9410976a815e44d4a8430d7e5be24726ff6804af9
3302ef568a096b5d784190fc4a27a5360a9e0a22c069d90253c6341e311024d8
34e3f618db625fef9f9d3efb096053c1a63a9c3cd725ba2275829d6218d942fa
34ed2d33c0b99138831e7d6249b757cfa8a255f5ac7087ef07efb592a63740f6
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
371e8ae51e1a4d13e9f876aa36664fbcaff1b0bdb7cd7777247bea333060cdef
373230acfd98e6e8704812d39c2288ce9ca1d1a20c2884586b16f3ea3e4774cb
37470d433fdba98d58a2134050d21942bc8b79cc36bfc270beabc192d95cf2d7
38e9bd17fbfa765f2baa1c982e1a6fc707972a39701cbd70ed48662781363b1b
39b576e0da6026221c6efaeb013bc44a49c917700427deb40e0d924c2a388492
39d160e97e2bea07b0cf1c647259ffa4f0bd07069dba4e6c19a22d38b408510f
39e0774e46c1665887dfda10b5fae9af78233715f9eca8c7431d24b551894a39
3ae0a056c3b312c36c66e1533966eec0b02a8096f87f73bf18092e138ff7f3f7
3b2a68cab2e4a664833720df4c6580f57698dc9b3b36fbdb3256e4d8bcfb6167
3c2c68bf0d2455bb75b74413bf0d81d0e3128d6a1a7e6c9f3cd82bc9ed11ec8e
3c4f7ab043211c80ac551a74c826032f4617054c96906601788b64eefdc762e2
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3ec4bde6c46b80e7b398a379cbd8ea5170a6eae708a6978bd90e065da28f6acd
3f989bc347aac79d20b7235c9882bd9504c81494a378cefd98fb449287d76ce0
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
41f441aa622ab6ff01e178d23657a608f70d1e4536cfe0c3ae635918c5e67616
425f48810738e2e4a59f1432f8b66a0b895f4e91d8988154289e453f1499d2a9
42bb514bb04613d9030f75bfb054a6f3966d8119efcdfa29b04dc7025c52eff9
42f1972e6fca28b256243fa99dd5eaf51035aad553637fe0ec7108fd5200c84c
43425033eafa0432d367080621dbe0b9d5eab20913d0b58443d3a0cb79b2adad
4366a13e1a54ae42e01de38f49447d8831bf1685e30ffe08615ead570c5042c8
437c64eff55eee9b97154d616b2c111d4d92915acb02064984a01205708d8ceb
439138d5bef09aab469ca986ce84cfff5f416ad2617316881e016b64d0eaec4b
439ab67fa3c312bb442bed574ea79be834dbd92f3bd7d2288b6f3fce4d0afb0c
454dad7b602ad0fe21e8604157a3b9640cfab8b8986587980328049180dbb5d9
4570bea518fb2252ea6e30022381714fb3e5bf5915e0272a092808e51c5fa6eb
47778cf60a04efe804de6d47ede576c117ddc5ad3bf3ac74f0a3a02a11ab5938
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4925165c70b3264de4eb9fcb82c4e25329fd65e6ee1b1fcc336af0e72d011b58
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
492f490d3a8cae053f8ab9f525210cfcd792987a02d65783aa81ce4edf926fa2
4956137c69656045c048a157aaa84859657bbc7744019d26cce6b5bded84cc49
4ab6396c4320590be355403d8dc3ef757f9a13df3cf6d5d1f6c337a8ef67877d
4aeb54d91d16c17e491410291fe303f31fba89bacecae91ac30ef24e8206e475
4b14b4c3da1c4b81de90d8b9cb92d117ad6c5e7053d19dc2acd34adf09be9ce2
4d59a6c3df1fe09ee0b4cceee83f461186cd7cf4243ca30c2523c74f82725fe7
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e3b3a51d01b3e6681c50739023e564c6055cb419a1f8ea257ec7b743c46a003
4f1fd8017993bf185581fed51b5221226960c7af86dd94798c5871877b5c9b01
4f3b933077b738b503f7543ffc82fa0a061f0fe7d0ff1470865fde561a324bcc
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
4f65c38ed3681b49cf4f86c0e1fcd4143fa78015121b20e69e11c1c422dd0bfa
4f9f0f0ac60cabbbc4886dc60b2f97e6ad1da9590ace7dd054eec5b9ae8b6e68
4fb10251d6a59a6063ff281464dd9aac4b7cec8136158cca1283250f68712c71
4febba3d38968f9582ce70d2fdaec56aaa975519a953cd02283fd91abc96e5fa
50dd5a07651886a6e0027d5dcec0147e9df2a41cb5771471c6a932391197ac4f
50e8cf3917b8c3b4eadbc209800bf2afcdf659a24461f3ae7f9706a7c706a3f7
522fc3437f63d9dea2d5a213f29ebb8bdf15483e9863c61db235cec4cadeedc2
531f32a46e2e78a886f99954e42179a5bc04a914ad3f9fa78d3440e7c668b733
5361f978aefe27cab555ecf461abee6adb4abb1f9fe357b37295623923b84bc9
53d827e70fb9335efb9aa119c9ad597a0054cdfb0430870b9b1e6beb5a62547d
541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd
56bae8ed4c1cd2eb42fcb7b26752e478880806f7229ee1b9103653e3d279d15e
572d12de3a11c9e43e0c6457baab46f8efa2028b64ba1b3b23b212daecf6d753
576561fc32468323e4257d17824b4b57bdb4aa7bace8b5afd97345f1c9cfe07e
5974c3c6bb845c9a4e9b619bb0714660391c8db1e3c979421b0a0ffa7371768b
59c22bdd53f2052132d16d8407be18df867b0cb585191c1a8ec7edeb12e529f6
5a5c7b2868f83cd1ffdd6f2102c55e0bfbfee025fb56aa42ef94c977b2286951
5b3e74a2e1217bd2ab20d14acf9b782888defde38b9f389eef9b2eaa343a8943
5c349f09b427d969625994f292b90fd82b721675cb4489300bd2f9e9e7d3d736
5c37bcca10661ba6fa5f4343c25170ac45cad763041f4f08d24d9578563b55ae
5d25942b7da85bc7cdb258cdb436227b1de7e3a2b50c61f7d7050eff911f88f1
5dfdc51d1edd6224a525e7722c33da89882d92e96ee1a4de5a1c291fde17a264
6108b8efc385bdb66a47e004b1e8b37ea774036850e34dedb51d37697265292a
6127a41b0cb4ecdbf2b95669560589ee2cd011e730a7ecb10b3082017ac9d3d0
6139e1fc0d3709eebbe2b18510cf24361b9f8a538c3529a73c282bafe6c78474
62965052035405846c2a82a5f9c8e662db24ff92100bad81ec4b82d5135a7a78
62b5e7ae9e2ed60dcd7cb2e0823dd0884575f2176aff629f2df1e912dfae20e1
64241a8a248d60d28b3b4d06364c1f071f7d6b92c515c0f7b020743bc705c4b9
66d9129684c538ab8a65858664448c25cef1052da936b219c879bdeaec9804be
67b21b433f99c5ad0b124f568a0614fa54740af754630f76572ea46164c5e54e
682956186052c62a648b149b129f4df856d61e42b49ec3ec21eab7e139798ab1
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6cf1262a19d2b967ecb23844b10de44183efed7d65f4cde264bba58f9d76aee0
6d3cb300ee1cbe976fef01355a3578aaf7f5e4269d1bfa5120063204de8cba60
6de5eda7615b74f15519e857edb1bdd2a89fbc4498f6dab99853cfaeec4dd53c
6e3376d5e0c17e4f6f28b0590ae80f6a723eeba77fc1238f142396e74881d149
6f5263acc03126555b7b6523f5d006e769527f08a8f84ffcc0422f278d411276
6f7f3ffd0d077621d4235bf26ca7af9d6f88316a5b172008612db7bc42abd9da
6fdfbb21f12a4e5f7f13435ba02d698426da4b51c2eddca3f98e7ce0cb4b481e
704ce78b61b228d8f6386708ca6ffb26901df872e9e3b83cf2abe366301fe945
70b0369558b54b6ce8d087a0e5bea17d48e68e34b56ace9e21b3c9ee971c64d5
71dcbcb413db00a140bfe5b3077135c5b8d1a9268cba4a85dbc6ecfa858b350f
727823e6ebd1c140c38e1c1d201ee0d37bf9dc549661986eb712e01d657283ba
727f93b09ab81ccfabda8af76bbd53e3e99a3eafce122b52fac24f9e13872e33
729d89b3d27ffe142ac86f1854c89a3e1f1dc4e81d4c3255f8edfd026ce54e38
72a7f7eb96fc8a3686d558b95ab19d431608f10add39dd66850da690c03a91b8
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
73298c8f5a6114815ba00b891f7f36b6030d6817c12c7c160c039b277ea725b6
732f6ee95f7cf2c124665c62b54513b849b580b49c13430b64d16d464bb36423
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
749b2850aeb0e6162d4e695799798d29341ce9acbbeef7db71bee11e17dc3636
766dea2c6bbc0ce5e870c79e861fa253bce092c792327c55ec45990c4811540a
76e5591612f2b00c68824472590a1101ed872ed70cf5a40e8c665dcc5a5abb22
7781cd022eac1fd79c5beafdca03213f8b62e971528f30b53110b88f181cc30a
77d61926f7acef295665e8bc3705000e21c1a4db847338f5969af47c37822bad
78862fceb28d06e4cc3de1d931443552a9616c2b8a066393c4f9d6fd0ff68de8
78be4e93a54d1fb5069eaa01a4fb90c89f51236c7933280a8839df53d8bd8825
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
7a9c7947e8e97888530f5d8cc0e0cc78951b7b1b735f297c864af1cbd28d720f
7bb367be2e371b37129fa9d71ef2504b76df0730545cced82ef97086e198fd76
7bd981d2e66ce656c3891aee16b24222c563e0d3d4b9871c0cd17d2b6629ac1f
7c67dc1e9ecce0d3757d97792fd606effaa6fe799ebe7423aff81e26e07900a1
7cbfe713206ec62f1c478c977ed4add0cf42432cc54a9c90204b05cb9880c6be
7d34a992dba48b7a2ae6893d726bd86360ba678d137ef7d31e746fcfd4de03fc
7dc95e5b1831ab2871016d3e7119b0c8a1d4176e046e75b77ecc77c61d93dc83
7f0def1c829a19e6fedc71b63db8ea4686919a34c0a56f5c1db6f43255bec31c
7f2be1b377d41e11e513011f672f5c480c9c483ed3fa8b2bba5876ca6e3a739e
7f8e099bf441ca4818d70687ea8fbf3756feda7813c5b697c6898bfc4d87f82d
8000d797097e74bfff377d2f3fca7e046ee4490ea4edb70c2c0b189575847629
8050f05c230d74be333b63cef230e786094e9100f55fa19c6c0831e95870768d
8186902052c6aad7092970d4cdb2e61bf0c9878f42c05dba58ff0f2b18dadaaa
8207c0af414c34734df819d98100d586a40d79634c879285d5e3c07bdf4d6040
82f1fbe95dbd4e1128a973db542bf50ab7ac8fbf35bfefca2e782b0a0572e564
8314a990a5fb9dcdd342c7c8fda368167056d55ab3e48224d6c0eb5af555e363
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83b9de17a90789c0c650d05f2b72a607b55bff98828cca2339edd8944e47a5a4
868a78df4f3d0a21f89c48ccc709df44d3875f5fb33e22bf51ca8b5c28be4202
86bfd5c1e5b5313934ddd0b42f334ecb8d2405dba6aedcc9b638a977c26104b4
8711e50058f6a714b6e9091223a2db931ba9e4ad4db8256271107ef946869f51
8730c26defc411dd8a51f1da47e5ae3804fab6868f7914a26b09d8e0791bbe39
87f374ab0ef1c198a3b73eef085f657229f000c92b71a2161c17c99c00a5b2d3
88e071a02a5adf92b172da587c1d4469a2984108aa6d90ab042f2887859d053e
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8a000454303ae67eaae8a11198cc868386637b02dbbec0e0435926baa315239c
8b0120c8b29689033a418157e773c9895062cafd23c231795366b330e5c9168a
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e62232beaf69feddd671db91004b098c8ecf7b1f3f6694c41b8546faea5e4f1
903eb8f1cc364e01930ba03579f049a72794aa91d1a5842a2edb6365e436bb7c
90bf686f30e8bfcc224e5af0495606f031d6d5970a5701f45fc94951b2fae966
92371d8a93567516b67e7d7f80671a5f1820a4d4c088bc832d32c8a1e4b86925
926023069cae76acfe583c903c17d46c97a02b297f54d999dcffdb919d282aa1
9298dbac786b906a88d0e7df5e697019ca26c3a002e63c0145354f2653d9e253
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
933d7247dc2de6f5e7c83388513bdb330b4af13790d490ca3c9d5e01bb0686c7
9346137917230c2daf742c1d0eb891e1e826e66d4005787cf670f00f8095fc19
93c534596c81954c36de4959c6dd091e4614a0ee768cd441b54ce417c67916dd
94851d0a76f234e18f8461f57f3cd16556db7a7c413b9fb890fe89ceb8ad0ff0
948d55f9942cb1783f48cf02ebb8d498c89bd9e286dab871c46e5e7708853853
94f2708eed961ed357f7793c4f955a2cfcbe65dc709c9431736794b43e24a740
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a989dca206f015e2bc7ad9a3f32e27e9ba2e01125c6a800a35173adc16ac4f5
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b44784210dc4d49e0011783bbee473ab4582b284ad092a49b8d113ea9c28158
9c25c4e240bd28a308851f487711c88680072496bf9865fb73a258dff5ca3fd9
9d762aa796ceda8e7d83bf237b7ce812a57c9236c17786f9ee52cfc9d5e43651
9d776d9fe93c4789ba2cae4a0303766b998529331f94ef30f5f444fbde1230fb
9dbd77834084379153174c8b525babc99c180e2562917a19a5ce27630e58d5b3
9dd1ed208fd2b1d465233fcf7a7a4b0deec30f908b174fbed4e2f7f8d7c98156
9e5a3984c873d9f7009795b85f0d9bfa38e8f9dddc2309d83556aea4d7ee41a0
9fcd0153277b6a8867e92dd6860d2e2ca51642f521c5c9d83f37bb6df2e27907
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e
a1a24763a8e999c21fd249278227e9ba40b742a50834dae984bace1f2f092680
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a275fcf25220fcd68440627cea5194bbc1bd422740c0c973c566328583a6cfc5
a2aca9aa200ad3e4dd9afcd27fd2bd5b272a5d297e9f85d708394857ca6a1ffe
a30cfdb98ad44817471cd52be36d61399e29ab5549d7eb11ff18c2b723ae2a91
a39d9acefe24437ed2d4031241c6a1e19751f7e2010681b9320dd2264d27ef54
a3a60115c0a956f7e4f055fb68d33ff9aa7be49ade323429e445e47cf3e8e874
a3f2cc371691ab2b27def3ada9dca6870ef4461f036f1983e1e69a91b9a678e7
a3fec784d48cbf7e416468ce0f949a2844bd3baed82555b0381b18f6c8258de6
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a62ad98ec95d11bee0312b3c13e7640234d02f0ae250aefac7f3f74daa10bec3
a6de81df734ae58ec16d83c4ad847e1b90c16b2da34fc625e5bbabfe642e9a55
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a83079124373d924ad1402fbc08d2e24d0043234d4c26565f1c368745f55f5d9
aaba65ed9064daf813908cafaa8a9520ab798b95373849537524c5b8caf5199c
aad225f19a6d1133bc3f1a926c70a022d35a973ff2375e2212ab9eea9338f38a
ac94eb65cbe3bfd92b34d936245d978f743ce5c75f5338b74165604a9f028e50
ad309904b3882d0bc665ba54e6fc9a708e89a6155fdce036c73ab386c80086c1
aef7a221e51f1951e6a349f2f65eef006ef7e3c885e773e6e317cc76b1c3728b
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b25958853b22bed60f3f024d71487e43b310f90b777eeea9519f9d4b4d7d5894
b38bfc65e3256f28d5709b5db1e7cb639e580f579777c374e3ea286dd7540935
b4d1b435e4d711dd3c239db10733cc869d22d11dda5961c2ce66ce8748732e46
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
b700af27f9274a3f0cef8aacb276903c896b408cbc27b2372bf172547567901a
b707b9729c652b5368dcdf5fb7529e239ff2b87ce4f330486027d4b123413f52
b70d0b6b6860c1b51d7436b44dae909fdf0d7897ada90de0993315262f35fe6c
b73047138fd6534ec3f6b7e8fbceed0e68b17fe32e7e8db96888e00b5d0bf237
b7f9a359c677e99be6a221dad3a16c45100e2665f0c5938b820774677109c259
b80338b26c59f20fe38b2014103851d8cad136d21f286a9950ef39b955950f00
b9cd0c28d08f92929d1c294e2aa09fa17b8d34f872a65aa59c4483ff9d06e67c
ba011cf89a3b4610f2c3eee32eb45343ebe31e8f0fc634cd9519e5c9baecaff8
bb1d7dc3a831490a7254a9965af7c212563be2edcedee414312039f23e0ec621
bb1f77a7949856c177544e219d9f2f47dd0c6cda93c36759f1e7479179c1a974
bcdf010ba3dc61605c33de9b33e7e76dbc3bb4326dcec49f33970345e517fb25
c04a2ae4fa6510b9351f2f01f0380de8fca951d99df0a7f8e399dc5f0f2ccf6f
c09fb1577f4e4dbb6bf7b93ed0dc44f8f430437522b81d22e18285e53632918f
c1479075e11198bc90d44ed9a137249c625ba8ff23f5450226c75670e70f07a5
c1e944d81c3fcc3f5bd4615878e0d352050ae7fcf9c5d3d4aed7e42b22f1602d
c2ff9ee54e4577b88abdaa8c123422196412be375fafa72e246957effa5c88c1
c3358d4ece0875b468d1f3cca15c7a9cddd82c4e8b6a825a0ed1deb088013fc1
c3b0517ae016f5bafd0663854c828542a43daac1430c0cffd6a8c78e0bf15fe3
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
c41dae510b615df483a29bd00ef9d1224409a7dd96990f85bb78818335b0a475
c466a21ad4cb9a6d05655821aab3f9881631226ab6be1bd6272c094ecca36376
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
c8b5d984e6d2cdaf64b8a50c9b645e347e74ffa712aa0b9422015700c98f9bb9
c8d2551c545c7556a6abf32ece25d1b8e12c1d31964919fb5a3b73e3ca0c67c4
c9640b4008edd77014c3d31defa43f80015daf003dd0db7e80d4df387b846505
c98b7d8fd0fc6d7eb8a02ba0ab0bd3c53fb05367fb3efe453a0c163e2b64e8f5
c9d9d025eefd7c07d9973c309d72d12af54bda54c52a4e4ebe54215fdd25d2af
cc60a4f8be2f6490be740098f9b6c74ddced16855d46073f5fbc73b392c7f1fd
ce91e2144ea27f82292ef2c87c5d9e1d0b9994df63836130293865aca18fc550
cf2f5f9d30bcf0ff1f6a17007e84ab32d4f802c3faf526959fb600e01039f2a7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d001c97bfe76a9130aba268942620edc108c4ca005f3974062fe1c96f5e6ad07
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d16d07a0353405fcec95f7efc50a2621bc7425f9a5e8895078396fb0dc460c4f
d266f6d765103111aaae955bc50d1c979f85ee85adbd1567cad8304b6b013f35
d302ebe868124a246d8b2463b3c96f6d5e745231c38d9957f1f0943bef542e93
d47b0a558d4b3c185baeca529965752d946921f4a10cb7c442b9bbee6985c4a5
d56e54ba583665a62f9aae54a0a9a7e08d95c3d7d46c43f0bd148899bd03ac6d
d66c157e60a88623fc6bb87393d303096b3a2db235ad33c1cdb80ed71ee38c42
d6aa3fcf04d6a362c2a082cd482606251de0e0129861145fca91cbdd3121af86
d7229b2a53e66eda3fb318b555fc6d3c244e5219db8f705287989010f7e836f8
d7d78c0fb9b8a3d5842a5a0736087e50ceec2b16df8560eaff3d555536e694b0
d82bc67f3819ec83479ddff116a54731f59196b9ccb80624a25a8168aa523c00
d8d5b6a5031f19d2bef805c6d280c099d42ee52f29b94ffc867c604a27940fec
d9dc7cc0bfcc9ed47707ecb3ebbcc2cb724265af8bd0cfe18bbfb01597a5636d
db137a6af0c93b9e8a4303780ce166ecd74bd208e7f55f0f79ea741c88f8e9b3
dc015126841eaa9b1b79ee123e13d7d07ad7fe77f22366b05c480eff59a7a25e
dc0cbcda5db3d177f58159b656fde36a74322f9ee5b732454bc5558c346e4262
dcd53e0833ad20080f6fd0c09930c14ab8a8b7046d9b45f9cb411672ea0146ec
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dde403ee66cd211aa2508200015412a3a647420759c7be5a303614d4879b55fb
e1bab2ab548e40960a1eba6b5121eb4d45c24ba1a89d92044fb49d1284649f35
e27b395dd390b36ff73915d6736d8c30721b8f2c88d69bbfe7d9baba127bd0a7
e368e37cdf224d5eb72e6d23ff616f9bd6f1bfbfad5b29cd5071f8ed96472471
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e412d030d3c3190d3d15fc6d1b5aff09c1c6d62a60f452b96c3e370520ad93ad
e4447831baf6690d632168390edfd95679cb7b5a09aec2c54d47b0a2343e54aa
e4ab817223b0be68317a825eddeee4b1b22bf1d53bd90e925682cb48dcfa4c78
e6fbf96164ab2fb9bebb98fa3d9ef1620973d7e34e61b8a792a59b604bf958b7
e751c01e7c6a20bfca89f6df43aa02b40331e6e6a1d50a7b324649f27ddd64fc
e963e7196beb9123059ec3534b042ebcd1ef0a470fa568bfbebfeab2f33c4fda
e9af5c2ca5d3fbdc490a787ad1d25fde4916a7526b97f6f911c7f99c5475300f
e9f3358441fb5f83ee3575f81df787bbade8b416b009cbdcbd3b71c8b6f560e0
ea84d48942f4e2ddb1c08fcd8dc5d4d5ab2310b5c54a8ddf0300b69ce72392cf
eb80cda151300becfb31b173348efd745a3adbdffe5c8032472bfaf42da0ce3e
ed2d993c35cd51826ee304739d91e554bd9faa1b120602fc4b3baa15941a9e35
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0240bee9e6bcfd0f100b50ac6b0be53b78c24d37c33778565e5c3aeac8cdf7c
f0c0a8c4c3a8246a87ffb70fb1bbd9007c8a3ab9b0bdd1594ac7c89e6b588f13
f2b9ac40ccbcb8c4e6b6bf4bcc67d2efcd0b729aeb79780af7d31dc6be12286e
f2dcd9cd8327f9a74903074baf5a2af793df8d8a706c220e2ab4516e775596eb
f3501358874a785e40a5c5137d83bedd3295664e0b6e7363b6357d3a92b9876d
f37e21c653607facbf39ad55a0d09b23fbda4ee1be8202257bd4c218eb1544ee
f5b4417af8dcc4ebd49452d0d5fa39617038d9b4f790a73f56c57fc4ea20479f
f685d36f3f62589ffc7cb9633a82850958978f8803780ece24c613ca6f8cf563
f6d28ce81ea894ee02fa55889d2fba70e61f61dbc60250c8b2f3d7297dba6372
f6dedb6d899127a39505eaab087c3e053c260066ce63e5726a48377ddc0ab364
f6f44038b952c4c1cfe89b2df669d467a4532491b683c290dfef9cd6b2fae79d
f94366efc6314725e16b4002b1e6903913b1f6d9f5757aec611205dcd0db3596
fa47b4d616a81135d5535b850e8576a98a0bd2dc8833c86027f0c8688453a13b
fc030d8918c5968049401e0523c0dda5027745bc526b090e0b08a30451dc019f
fca948980be87c8f70e7866a750f6328b654e4347c09172f3a720cc612dac473
fcc83a5b6aef86420c1ad553167106df96bd0ff4192ffe52b1647599948edbcf
fe053b7ba38599bd4b21b9213a2e9f6e62d36bede01647d12cb429cf15fa6083
fe1b425aae19ee042de5ce00dde8f64933dc82a83203569995189e0dd6dc921a
fe832d4fce90ea0d84d760da1b63ff8644d522b399cee6c991972ff9a2a1078f
feee625a1b242ce73bd7975c46680fe7d6d8c99dc5b5fb6e79289ba76b16e951

www.tmj4.com Open in urlscan Pro 13.224.95.126 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

677 Requests

98 %HTTPS

28 %IPv6

95 Domains

173 Subdomains

116 IPs

11 Countries

14857 kBTransfer

52190 kBSize

1 Cookies

23 Outgoing links

Redirected requests

677 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 9 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

www.tmj4.com Open in urlscan Pro
13.224.95.126 Public Scan

Screenshot
Live screenshot

Full Image

677
Requests

98 %
HTTPS

28 %
IPv6

95
Domains

173
Subdomains

116
IPs

11
Countries

14857 kB
Transfer

52190 kB
Size

1
Cookies

677 HTTP transactions
9 data transactions