urlscan.io logo urlscan.io
SecurityTrails logo

johnpavlovitz.com Open in urlscan Pro
2606:4700:3030::6815:513d  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://johnpavlovitz.com/
Effective URL: https://johnpavlovitz.com/
Submission Tags: tranco_l324
Submission: On November 29 via api from DE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 86 IPs in 12 countries across 65 domains to perform 322 HTTP transactions. The main IP is 2606:4700:3030::6815:513d, located in United States and belongs to CLOUDFLARENET, US. The main domain is johnpavlovitz.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 11th 2021. Valid for: a year.
This is the only time johnpavlovitz.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 15 2606:4700:303... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 2600:1901:0:3... 15169 (GOOGLE)
10 192.0.76.3 2635 (AUTOMATTIC)
5 2a00:1450:400... 15169 (GOOGLE)
4 192.0.77.32 2635 (AUTOMATTIC)
1 99.86.7.73 16509 (AMAZON-02)
2 151.101.65.194 54113 (FASTLY)
1 65.9.71.120 16509 (AMAZON-02)
1 2a01:7e01:1::... 63949 (LINODE-AP...)
3 2a00:1450:400... 15169 (GOOGLE)
1 99.86.7.76 16509 (AMAZON-02)
1 143.204.207.16 16509 (AMAZON-02)
1 13.32.22.118 16509 (AMAZON-02)
7 13.32.21.201 16509 (AMAZON-02)
7 40 184.51.9.98 16625 (AKAMAI-AS)
8 142.250.186.98 15169 (GOOGLE)
1 192.0.78.23 2635 (AUTOMATTIC)
6 12 3.33.220.150 16509 (AMAZON-02)
2 34.120.133.55 15169 (GOOGLE)
13 35.186.236.140 15169 (GOOGLE)
1 143.204.207.44 16509 (AMAZON-02)
4 34.149.20.76 15169 (GOOGLE)
12 52.208.210.171 16509 (AMAZON-02)
4 185.64.189.112 62713 (AS-PUBMATIC)
4 104.154.142.214 15169 (GOOGLE)
4 34.107.148.139 15169 (GOOGLE)
4 52.49.74.33 16509 (AMAZON-02)
8 104.16.190.66 13335 (CLOUDFLAR...)
2 7 185.33.221.52 29990 (ASN-APPNEX)
8 72.251.249.14 29791 (VOXEL-DOT...)
4 147.75.61.140 54825 (PACKET)
4 174.129.26.26 14618 (AMAZON-AES)
4 35.156.230.193 16509 (AMAZON-02)
4 178.162.133.150 60781 (LEASEWEB-...)
8 34.98.64.218 15169 (GOOGLE)
4 104.96.135.185 16625 (AKAMAI-AS)
2 2a03:2880:f01... 32934 (FACEBOOK)
7 2606:2800:234... 15133 (EDGECAST)
4 184.51.9.28 16625 (AKAMAI-AS)
4 2a03:2880:f01... 32934 (FACEBOOK)
2 4 2a03:2880:f11... 32934 (FACEBOOK)
1 2 104.244.42.200 13414 (TWITTER)
6 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 54.165.214.53 14618 (AMAZON-AES)
2 2a00:1450:400... 15169 (GOOGLE)
5 2606:2800:134... 15133 (EDGECAST)
2 2606:2800:233... 15133 (EDGECAST)
2 2606:2800:233... 15133 (EDGECAST)
1 8 2a00:1450:400... 15169 (GOOGLE)
1 213.202.235.10 24961 (MYLOC-AS ...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 3.127.133.197 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
8 34.192.117.147 14618 (AMAZON-AES)
5 184.51.9.34 16625 (AKAMAI-AS)
4 104.17.119.107 13335 (CLOUDFLAR...)
4 23.202.52.26 16625 (AKAMAI-AS)
2 67.202.105.21 32748 (STEADFAST)
1 198.47.127.19 3257 (GTT-BACKB...)
3 5 37.157.4.28 198622 (ADFORM)
2 2 213.155.156.164 1299 (TWELVE99 ...)
5 185.64.190.80 62713 (AS-PUBMATIC)
1 178.250.2.151 44788 (ASN-CRITE...)
12 12 142.250.184.194 15169 (GOOGLE)
2 2 185.29.132.241 30419 (MEDIAMATH...)
2 185.64.190.81 62713 (AS-PUBMATIC)
2 2 51.222.80.231 16276 (OVH)
1 2 2606:4700:10:... 13335 (CLOUDFLAR...)
1 169.50.137.184 36351 (SOFTLAYER)
3 185.64.189.110 62713 (AS-PUBMATIC)
1 3 2620:116:800d... 16509 (AMAZON-02)
1 2a05:d018:d29... 16509 (AMAZON-02)
2 3 18.156.0.31 16509 (AMAZON-02)
4 8 209.54.180.144 16509 (AMAZON-02)
1 1 54.236.185.42 14618 (AMAZON-AES)
2 2 135.125.160.160 16276 (OVH)
3 3 18.200.109.184 16509 (AMAZON-02)
1 72.251.241.204 29791 (VOXEL-DOT...)
2 2 2a02:fa8:8806... 41041 (VCLK-EU-SE)
1 2 18.213.10.151 14618 (AMAZON-AES)
2 2 18.185.171.80 16509 (AMAZON-02)
1 1 66.155.71.150 13768 (COGECO-PEER1)
1 185.33.221.15 29990 (ASN-APPNEX)
1 1 35.186.193.173 15169 (GOOGLE)
1 198.47.127.20 ()
1 2 99.86.7.38 ()
1 54.77.19.59 ()
1 2600:9000:211... ()
322 86
15    2606:4700:3030::6815:513d (United States)

ASN13335 (CLOUDFLARENET, US)
johnpavlovitz.com
2    2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:829::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    2600:1901:0:333a:: (Kansas City, United States)

ASN15169 (GOOGLE, US)
monu.delivery
10    192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
stats.wp.com
pixel.wp.com
5    2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
4    192.0.77.32 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: wordpress.com
widgets.wp.com
s0.wp.com
1    99.86.7.73 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-7-73.fra6.r.cloudfront.net
ats.rlcdn.com
2    151.101.65.194 (United States)

ASN54113 (FASTLY, US)
confiant-integrations.global.ssl.fastly.net
1    65.9.71.120 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-71-120.fra56.r.cloudfront.net
get.s-onetag.com
1    2a01:7e01:1::ac69:92e7 (Frankfurt am Main, Germany)

ASN63949 (LINODE-AP Linode, LLC, US)
ipwatch.monu.delivery
3    2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
encrypted-tbn2.gstatic.com
1    99.86.7.76 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-7-76.fra6.r.cloudfront.net
onetag-geo.s-onetag.com
1    143.204.207.16 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-207-16.fra53.r.cloudfront.net
signal-beacon.s-onetag.com
1    13.32.22.118 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-22-118.fra56.r.cloudfront.net
js.gumgum.com
7    13.32.21.201 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-21-201.fra56.r.cloudfront.net
c.amazon-adsystem.com
40    184.51.9.98 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a184-51-9-98.deploy.static.akamaitechnologies.com
js-sec.indexww.com
as-sec.casalemedia.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
8    142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net
securepubads.g.doubleclick.net
1    192.0.78.23 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
public-api.wordpress.com
12    3.33.220.150 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
2    34.120.133.55 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 55.133.120.34.bc.googleusercontent.com
api.rlcdn.com
13    35.186.236.140 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 140.236.186.35.bc.googleusercontent.com
imps.monu.delivery
1    143.204.207.44 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-207-44.fra53.r.cloudfront.net
geo.privacymanager.io
4    34.149.20.76 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 76.20.149.34.bc.googleusercontent.com
ssc.33across.com
12    52.208.210.171 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-208-210-171.eu-west-1.compute.amazonaws.com
g2.gumgum.com
4    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
4    104.154.142.214 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 214.142.154.104.bc.googleusercontent.com
lockerdome.com
4    34.107.148.139 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 139.148.107.34.bc.googleusercontent.com
prebid.media.net
4    52.49.74.33 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-49-74-33.eu-west-1.compute.amazonaws.com
ads.yieldmo.com
8    104.16.190.66 (None, )

ASN13335 (CLOUDFLARENET, US)
dmx.districtm.io
cdn.districtm.io
7    185.33.221.52 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 725.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com
8    72.251.249.14 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)
ap.lijit.com
4    147.75.61.140 (Ashburn, United States)

ASN54825 (PACKET, US)
prebid.a-mo.net
4    174.129.26.26 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-174-129-26-26.compute-1.amazonaws.com
display.bfmio.com
4    35.156.230.193 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-230-193.eu-central-1.compute.amazonaws.com
hb.emxdgt.com
4    178.162.133.150 (Rotterdam, Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-apex.go.sonobi.com
apex.go.sonobi.com
8    34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com
bloggernetwork-d.openx.net
u.openx.net
4    104.96.135.185 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a104-96-135-185.deploy.static.akamaitechnologies.com
htlb.casalemedia.com
2    2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
7    2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)
platform.twitter.com
4    184.51.9.28 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a184-51-9-28.deploy.static.akamaitechnologies.com
api.pinterest.com
4    2a03:2880:f01c:800e:face:b00c:0:2 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
graph.facebook.com
4    2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
2    104.244.42.200 (United States)

ASN13414 (TWITTER, US)
syndication.twitter.com
6    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
pagead2.googlesyndication.com
3    2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
2    2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
041bbc646772232ade25f58d9d587600.safeframe.googlesyndication.com
1    54.165.214.53 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-165-214-53.compute-1.amazonaws.com
1x1.a-mo.net
2    2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
5    2606:2800:134:fa2:1627:1fe:edb:1665 (United States)

ASN15133 (EDGECAST, US)
cdn.syndication.twimg.com
pbs.twimg.com
2    2606:2800:233:8173:898f:63b3:95c3:79d2 (United States)

ASN15133 (EDGECAST, US)
abs.twimg.com
2    2606:2800:233:7ee2:97c:ab4c:6c70:be36 (United States)

ASN15133 (EDGECAST, US)
ton.twimg.com
8    2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    213.202.235.10 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
tagm.tchibo.de
1    2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
1    2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    3.127.133.197 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-127-133-197.eu-central-1.compute.amazonaws.com
protected-by.clarium.io
1    2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
encrypted-tbn1.gstatic.com
2    2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
encrypted-tbn0.gstatic.com
3    2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
encrypted-tbn3.gstatic.com
1    2a00:1450:4001:829::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
8    34.192.117.147 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-192-117-147.compute-1.amazonaws.com
sync.bfmio.com
5    184.51.9.34 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a184-51-9-34.deploy.static.akamaitechnologies.com
ads.pubmatic.com
4    104.17.119.107 (None, )

ASN13335 (CLOUDFLARENET, US)
biddr.brealtime.com
4    23.202.52.26 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a23-202-52-26.deploy.static.akamaitechnologies.com
contextual.media.net
2    67.202.105.21 (United States)

ASN32748 (STEADFAST, US)
PTR: ip21.67-202-105.static.steadfastdns.net
ssc-cms.33across.com
1    198.47.127.19 (United States)

ASN3257 (GTT-BACKBONE GTT, US)
image6.pubmatic.com
5    37.157.4.28 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
2    213.155.156.164 (Uppsala, Sweden)

ASN1299 (TWELVE99 Twelve99, Telia Carrier, SE)
PTR: 213-155-156-164.teliacarrier-cust.com
d5p.de17a.com
5    185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
1    178.250.2.151 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
12    142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net
cm.g.doubleclick.net
2    185.29.132.241 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
2    185.64.190.81 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
2    51.222.80.231 (Canada)

ASN16276 (OVH, FR)
PTR: pikafka-4.cloudy.ovh
pixel.onaudience.com
2    2606:4700:10::ac43:db6 (United States)

ASN13335 (CLOUDFLARENET, US)
spl.zeotap.com
mwzeom.zeotap.com
1    169.50.137.184 (United States)

ASN36351 (SOFTLAYER, US)
PTR: b8.89.32a9.ip4.static.sl-reverse.com
um.simpli.fi
3    185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
3    2620:116:800d:21:51e4:db4b:4436:b305 (United States)

ASN16509 (AMAZON-02, US)
pixel.quantserve.com
secure.quantserve.com
1    2a05:d018:d29:3602:1794:1826:a9e8:a8ca (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
3    18.156.0.31 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
8    209.54.180.144 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
1    54.236.185.42 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-236-185-42.compute-1.amazonaws.com
sync.extend.tv
2    135.125.160.160 (France)

ASN16276 (OVH, FR)
PTR: ns3198892.ip-135-125-160.eu
gu.dyntrk.com
3    18.200.109.184 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-200-109-184.eu-west-1.compute.amazonaws.com
d.adroll.com
1    72.251.241.204 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)
cm.adgrx.com
2    2a02:fa8:8806:20::2010 (Singapore)

ASN41041 (VCLK-EU-SE, US)
casale-match.dotomi.com
2    18.213.10.151 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-213-10-151.compute-1.amazonaws.com
um2.eqads.com
2    18.185.171.80 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-185-171-80.eu-central-1.compute.amazonaws.com
pm.w55c.net
1    66.155.71.150 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
1    185.33.221.15 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
secure.adnxs.com
1    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
cm.ctnsnet.com
1    198.47.127.20 (None, )

ASN- ()
simage4.pubmatic.com
2    99.86.7.38 (None, )

ASN- ()
sb.scorecardresearch.com
1    54.77.19.59 (None, )

ASN- ()
ie-lb.gumgum.com
1    2600:9000:211e:e400:6:44e3:f8c0:93a1 (None, )

ASN- ()
rules.quantcount.com
Apex Domain
Subdomains		 Transfer
35 casalemedia.com
as-sec.casalemedia.com
htlb.casalemedia.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
42 KB
21 pubmatic.com
hbopenbid.pubmatic.com
ads.pubmatic.com
image6.pubmatic.com
image2.pubmatic.com
image4.pubmatic.com
simage2.pubmatic.com
simage4.pubmatic.com
43 KB
20 doubleclick.net
securepubads.g.doubleclick.net
cm.g.doubleclick.net
168 KB
17 monu.delivery
monu.delivery
ipwatch.monu.delivery
imps.monu.delivery
161 KB
15 googlesyndication.com
041bbc646772232ade25f58d9d587600.safeframe.googlesyndication.com
tpc.googlesyndication.com
pagead2.googlesyndication.com
178 KB
15 amazon-adsystem.com
c.amazon-adsystem.com
s.amazon-adsystem.com
47 KB
15 johnpavlovitz.com
johnpavlovitz.com
2 MB
14 gumgum.com
js.gumgum.com
g2.gumgum.com
ie-lb.gumgum.com
47 KB
14 wp.com
stats.wp.com
widgets.wp.com
s0.wp.com
pixel.wp.com
26 KB
13 gstatic.com
fonts.gstatic.com
www.gstatic.com
encrypted-tbn1.gstatic.com
encrypted-tbn0.gstatic.com
encrypted-tbn3.gstatic.com
encrypted-tbn2.gstatic.com
263 KB
12 bfmio.com
display.bfmio.com
sync.bfmio.com
7 KB
12 adsrvr.org
match.adsrvr.org
5 KB
9 twimg.com
cdn.syndication.twimg.com
abs.twimg.com
pbs.twimg.com
ton.twimg.com
90 KB
9 twitter.com
platform.twitter.com
syndication.twitter.com
214 KB
9 indexww.com
js-sec.indexww.com
21 KB
8 facebook.com
graph.facebook.com
www.facebook.com
5 KB
8 openx.net
bloggernetwork-d.openx.net
u.openx.net
1 KB
8 lijit.com
ap.lijit.com
5 KB
8 adnxs.com
ib.adnxs.com
secure.adnxs.com
5 KB
8 districtm.io
dmx.districtm.io
cdn.districtm.io
393 B
8 media.net
prebid.media.net
contextual.media.net
4 KB
6 33across.com
ssc.33across.com
ssc-cms.33across.com
764 B
5 adform.net
c1.adform.net
2 KB
5 a-mo.net
prebid.a-mo.net
1x1.a-mo.net
8 KB
4 yahoo.com
pr-bh.ybp.yahoo.com
ups.analytics.yahoo.com
2 KB
4 brealtime.com
biddr.brealtime.com
5 KB
4 google.com
adservice.google.com
www.google.com
2 KB
4 pinterest.com
api.pinterest.com
2 KB
4 sonobi.com
apex.go.sonobi.com
3 KB
4 emxdgt.com
hb.emxdgt.com
9 KB
4 yieldmo.com
ads.yieldmo.com
905 B
4 lockerdome.com
lockerdome.com
1 KB
3 adroll.com
d.adroll.com
334 B
3 quantserve.com
pixel.quantserve.com
secure.quantserve.com
11 KB
3 google.de
adservice.google.de
1 KB
3 s-onetag.com
get.s-onetag.com
onetag-geo.s-onetag.com
signal-beacon.s-onetag.com
17 KB
3 rlcdn.com
ats.rlcdn.com
api.rlcdn.com
61 KB
2 scorecardresearch.com
sb.scorecardresearch.com
823 B
2 w55c.net
pm.w55c.net
2 KB
2 eqads.com
um2.eqads.com
563 B
2 dotomi.com
casale-match.dotomi.com
373 B
2 dyntrk.com
gu.dyntrk.com
850 B
2 zeotap.com
spl.zeotap.com
mwzeom.zeotap.com
893 B
2 onaudience.com
pixel.onaudience.com
812 B
2 mathtag.com
sync.mathtag.com
1 KB
2 de17a.com
d5p.de17a.com
637 B
2 facebook.net
connect.facebook.net
83 KB
2 google-analytics.com
www.google-analytics.com
20 KB
2 fastly.net
confiant-integrations.global.ssl.fastly.net
135 KB
2 googleapis.com
fonts.googleapis.com
2 KB
1 quantcount.com
rules.quantcount.com
430 B
1 ctnsnet.com
cm.ctnsnet.com
444 B
1 sitescout.com
pixel-sync.sitescout.com
299 B
1 adgrx.com
cm.adgrx.com
408 B
1 extend.tv
sync.extend.tv
546 B
1 simpli.fi
um.simpli.fi
618 B
1 criteo.com
dis.criteo.com
334 B
1 clarium.io
protected-by.clarium.io
345 B
1 googletagservices.com
www.googletagservices.com
37 KB
1 tchibo.de
tagm.tchibo.de
1 KB
1 privacymanager.io
geo.privacymanager.io
594 B
1 wordpress.com
public-api.wordpress.com
3 KB
1 googletagmanager.com
www.googletagmanager.com
36 KB
0 creative-serving.com Failed
ads.creative-serving.com Failed
0 id5-sync.com Failed
id5-sync.com Failed
322 65
Domain Requested by
17 dsum-sec.casalemedia.com 4 redirects ssum-sec.casalemedia.com
um2.eqads.com
15 johnpavlovitz.com 1 redirects johnpavlovitz.com
13 imps.monu.delivery johnpavlovitz.com
12 cm.g.doubleclick.net 12 redirects
12 g2.gumgum.com monu.delivery
js.gumgum.com
12 match.adsrvr.org 6 redirects js-sec.indexww.com
monu.delivery
ssum-sec.casalemedia.com
11 ssum-sec.casalemedia.com 3 redirects js-sec.indexww.com
ssum-sec.casalemedia.com
9 pixel.wp.com johnpavlovitz.com
9 js-sec.indexww.com monu.delivery
ssum-sec.casalemedia.com
8 s.amazon-adsystem.com 4 redirects ssum-sec.casalemedia.com
8 sync.bfmio.com monu.delivery
sync.bfmio.com
8 tpc.googlesyndication.com 1 redirects 041bbc646772232ade25f58d9d587600.safeframe.googlesyndication.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
8 ap.lijit.com monu.delivery
8 securepubads.g.doubleclick.net monu.delivery
securepubads.g.doubleclick.net
johnpavlovitz.com
7 platform.twitter.com johnpavlovitz.com
platform.twitter.com
7 ib.adnxs.com 2 redirects monu.delivery
ssum-sec.casalemedia.com
7 c.amazon-adsystem.com monu.delivery
c.amazon-adsystem.com
5 image2.pubmatic.com ads.pubmatic.com
5 c1.adform.net 3 redirects ads.pubmatic.com
ssum-sec.casalemedia.com
5 ads.pubmatic.com monu.delivery
ads.pubmatic.com
5 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
5 fonts.gstatic.com fonts.googleapis.com
4 contextual.media.net monu.delivery
4 biddr.brealtime.com monu.delivery
4 u.openx.net monu.delivery
4 cdn.districtm.io monu.delivery
4 pbs.twimg.com johnpavlovitz.com
4 www.facebook.com 2 redirects connect.facebook.net
4 graph.facebook.com johnpavlovitz.com
4 api.pinterest.com johnpavlovitz.com
4 htlb.casalemedia.com monu.delivery
4 bloggernetwork-d.openx.net monu.delivery
4 apex.go.sonobi.com monu.delivery
4 hb.emxdgt.com monu.delivery
4 display.bfmio.com monu.delivery
4 prebid.a-mo.net monu.delivery
4 dmx.districtm.io monu.delivery
4 ads.yieldmo.com monu.delivery
4 prebid.media.net monu.delivery
4 lockerdome.com monu.delivery
4 hbopenbid.pubmatic.com monu.delivery
4 ssc.33across.com monu.delivery
3 d.adroll.com 3 redirects
3 ups.analytics.yahoo.com 2 redirects ssum-sec.casalemedia.com
3 simage2.pubmatic.com ads.pubmatic.com
3 encrypted-tbn3.gstatic.com 041bbc646772232ade25f58d9d587600.safeframe.googlesyndication.com
3 adservice.google.com securepubads.g.doubleclick.net
3 adservice.google.de securepubads.g.doubleclick.net
3 s0.wp.com widgets.wp.com
public-api.wordpress.com
3 monu.delivery johnpavlovitz.com
monu.delivery
2 sb.scorecardresearch.com 1 redirects
2 pm.w55c.net 2 redirects
2 um2.eqads.com 1 redirects ssum-sec.casalemedia.com
2 dsum.casalemedia.com ssum-sec.casalemedia.com
2 casale-match.dotomi.com 2 redirects
2 gu.dyntrk.com 2 redirects
2 pixel.quantserve.com 1 redirects johnpavlovitz.com
2 pixel.onaudience.com 2 redirects
2 image4.pubmatic.com ads.pubmatic.com
2 sync.mathtag.com 2 redirects
2 d5p.de17a.com 2 redirects
2 ssc-cms.33across.com monu.delivery
2 encrypted-tbn0.gstatic.com 041bbc646772232ade25f58d9d587600.safeframe.googlesyndication.com
2 ton.twimg.com platform.twitter.com
2 abs.twimg.com johnpavlovitz.com
platform.twitter.com
2 041bbc646772232ade25f58d9d587600.safeframe.googlesyndication.com securepubads.g.doubleclick.net
confiant-integrations.global.ssl.fastly.net
2 syndication.twitter.com 1 redirects platform.twitter.com
2 connect.facebook.net johnpavlovitz.com
connect.facebook.net
2 api.rlcdn.com js-sec.indexww.com
monu.delivery
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 confiant-integrations.global.ssl.fastly.net monu.delivery
confiant-integrations.global.ssl.fastly.net
2 fonts.googleapis.com johnpavlovitz.com
041bbc646772232ade25f58d9d587600.safeframe.googlesyndication.com
1 rules.quantcount.com secure.quantserve.com
1 ie-lb.gumgum.com
1 secure.quantserve.com johnpavlovitz.com
1 simage4.pubmatic.com ads.pubmatic.com
1 cm.ctnsnet.com 1 redirects
1 secure.adnxs.com ssum-sec.casalemedia.com
1 pixel-sync.sitescout.com 1 redirects
1 cm.adgrx.com ssum-sec.casalemedia.com
1 sync.extend.tv 1 redirects
1 pr-bh.ybp.yahoo.com ads.pubmatic.com
1 um.simpli.fi ads.pubmatic.com
1 mwzeom.zeotap.com ads.pubmatic.com
1 spl.zeotap.com 1 redirects
1 dis.criteo.com ads.pubmatic.com
1 image6.pubmatic.com ads.pubmatic.com
1 www.google.com tpc.googlesyndication.com
1 encrypted-tbn2.gstatic.com 041bbc646772232ade25f58d9d587600.safeframe.googlesyndication.com
1 encrypted-tbn1.gstatic.com 041bbc646772232ade25f58d9d587600.safeframe.googlesyndication.com
1 protected-by.clarium.io 041bbc646772232ade25f58d9d587600.safeframe.googlesyndication.com
1 www.gstatic.com 041bbc646772232ade25f58d9d587600.safeframe.googlesyndication.com
1 www.googletagservices.com 041bbc646772232ade25f58d9d587600.safeframe.googlesyndication.com
1 tagm.tchibo.de johnpavlovitz.com
1 cdn.syndication.twimg.com platform.twitter.com
1 1x1.a-mo.net johnpavlovitz.com
1 as-sec.casalemedia.com js-sec.indexww.com
1 geo.privacymanager.io ats.rlcdn.com
1 public-api.wordpress.com s0.wp.com
1 js.gumgum.com monu.delivery
1 signal-beacon.s-onetag.com get.s-onetag.com
1 onetag-geo.s-onetag.com get.s-onetag.com
1 ipwatch.monu.delivery monu.delivery
1 get.s-onetag.com monu.delivery
1 ats.rlcdn.com monu.delivery
1 widgets.wp.com johnpavlovitz.com
1 stats.wp.com johnpavlovitz.com
1 www.googletagmanager.com johnpavlovitz.com
0 ads.creative-serving.com Failed
0 id5-sync.com Failed
322 110

This site contains links to these domains. Also see Links.

Domain
www.etsy.com
mailchi.mp
www.amazon.com
www.barnesandnoble.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-06-11 -
2022-06-10		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
*.monu.delivery
Sectigo RSA Domain Validation Secure Server CA		 2020-08-18 -
2022-02-11		 a year crt.sh
*.wp.com
Sectigo RSA Domain Validation Secure Server CA		 2020-04-02 -
2022-07-05		 2 years crt.sh
*.gstatic.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-25 -
2022-03-28		 a year crt.sh
*.freetls.fastly.net
GlobalSign Atlas R3 DV TLS CA 2020		 2021-04-27 -
2022-05-29		 a year crt.sh
*.s-onetag.com
Amazon		 2021-02-03 -
2022-03-04		 a year crt.sh
*.gumgum.com
Amazon		 2021-10-15 -
2022-11-12		 a year crt.sh
c.amazon-adsystem.com
Amazon		 2021-07-06 -
2022-06-27		 a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-02-05 -
2022-02-09		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
*.wordpress.com
Sectigo RSA Domain Validation Secure Server CA		 2020-08-12 -
2022-11-14		 2 years crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-18 -
2022-04-19		 a year crt.sh
imps.monu.delivery
GTS CA 1D4		 2021-10-20 -
2022-01-18		 3 months crt.sh
*.privacymanager.io
Amazon		 2021-09-25 -
2022-10-24		 a year crt.sh
ssc.33across.com
GTS CA 1D4		 2021-11-26 -
2022-02-24		 3 months crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2021-08-04 -
2022-09-04		 a year crt.sh
*.lockerdome.com
Go Daddy Secure Certificate Authority - G2		 2021-09-27 -
2022-10-29		 a year crt.sh
*.media.net
Sectigo RSA Domain Validation Secure Server CA		 2021-04-12 -
2022-05-05		 a year crt.sh
*.yieldmo.com
Amazon		 2021-05-25 -
2022-06-23		 a year crt.sh
districtm.io
Cloudflare Inc ECC CA-3		 2021-06-02 -
2022-06-01		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2021-03-05 -
2022-02-19		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2021-03-11 -
2022-04-12		 a year crt.sh
*.a-mo.net
R3		 2021-10-21 -
2022-01-19		 3 months crt.sh
*.bfmio.com
Amazon		 2021-04-23 -
2022-05-22		 a year crt.sh
*.emxdgt.com
Amazon		 2021-07-02 -
2022-07-31		 a year crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2		 2020-12-06 -
2022-01-07		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2021-07-08 -
2022-08-08		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-09-07 -
2021-12-06		 3 months crt.sh
*.twimg.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-20 -
2022-10-19		 a year crt.sh
*.pinterest.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-07-26 -
2022-08-05		 a year crt.sh
syndication.twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-02-05 -
2022-02-04		 a year crt.sh
*.google.de
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
*.google.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
tagm.tchibo.de
GeoTrust RSA CA 2018		 2021-10-22 -
2022-10-22		 a year crt.sh
protected-by.clarium.io
Gandi Standard SSL CA 2		 2020-04-03 -
2022-04-26		 2 years crt.sh
www.google.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
*.brealtime.com
Go Daddy Secure Certificate Authority - G2		 2020-01-22 -
2022-03-22		 2 years crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA		 2021-09-23 -
2022-09-30		 a year crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-06 -
2022-10-07		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-09-09 -
2021-12-07		 3 months crt.sh
*.simpli.fi
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-27 -
2022-11-27		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-08-24 -
2022-02-16		 6 months crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-24 -
2022-03-26		 a year crt.sh
um3.eqads.com
Amazon		 2021-06-26 -
2022-07-25		 a year crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-08-17 -
2022-02-09		 6 months crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-22 -
2022-09-21		 a year crt.sh

This page contains 56 frames:

Primary Page: https://johnpavlovitz.com/
Frame ID: C3664572C2FD5DE60744155093CFFC6B
Requests: 185 HTTP requests in this frame

Frame: https://widgets.wp.com/likes/master.html?ver=202148
Frame ID: 0D35D1FF83211DE183DAD58B9CF5D373
Requests: 3 HTTP requests in this frame

Frame: https://public-api.wordpress.com/wp-admin/rest-proxy/
Frame ID: 54E18107CB934C716022B91443DD926F
Requests: 2 HTTP requests in this frame

Frame: https://monu.delivery/assets/scripts/vendors/xdomain/1.0.8a/xdomain_cookie.html
Frame ID: 2EF638314885AF4CD40EBD734162D7FE
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fapp_id%3D249643311490%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df1ad4b06d6e6c08%2526domain%253Djohnpavlovitz.com%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fjohnpavlovitz.com%25252Ff24509f3e5ece74%2526relation%253Dparent.parent%26container_width%3D312%26height%3D130%26hide_cover%3Dfalse%26hide_cta%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Fjohnpavlovitzofficial%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dfalse%26small_header%3Dfalse%26tabs%3Dfalse%26width%3D340
Frame ID: 2FB4FD256B66034229B6E9A315406F1A
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.a53eecb4584348a2ad32ec2ae21f6eae.html?origin=https%3A%2F%2Fjohnpavlovitz.com
Frame ID: 9460B9598822E43EE1FBC09748557618
Requests: 2 HTTP requests in this frame

Frame: https://041bbc646772232ade25f58d9d587600.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 57E7700A8639EEBB3F91106913F71781
Requests: 1 HTTP requests in this frame

Frame: https://abs.twimg.com/emoji/v2/72x72/1f447.png
Frame ID: 5B7140E4805D58F078EB151A7D47E7CF
Requests: 13 HTTP requests in this frame

Frame: https://041bbc646772232ade25f58d9d587600.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: E97CF0490BDCCEB66436F62D78D5AAE0
Requests: 22 HTTP requests in this frame

Frame: https://platform.twitter.com/jot.html
Frame ID: 747A771179BD59F4B2F71661BAC8E0B6
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fapp_id%3D249643311490%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df1ca09fe74b2528%2526domain%253Djohnpavlovitz.com%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fjohnpavlovitz.com%25252Ff24509f3e5ece74%2526relation%253Dparent.parent%26container_width%3D0%26height%3D130%26hide_cover%3Dfalse%26hide_cta%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Fjohnpavlovitzofficial%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dfalse%26small_header%3Dfalse%26tabs%3Dfalse%26width%3D340
Frame ID: 32EE5F17F370D5970A87D19D55629CE0
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: CF2B38328B35108DF9F3C186232769CF
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 518DBD2CDEDC575A0A2CCCD841E4BF01
Requests: 2 HTTP requests in this frame

Frame: https://sync.bfmio.com/sync_iframe?ifpl=5&ifg=1&id=Monumetric+-+Display+-+Header+Bidding&gdpr=0&gc=&gce=1&cb=1638151649620
Frame ID: 219BB8CB0359A29335D300C6F9840424
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156972
Frame ID: 83386937B13F3D61A8D2CA30F867608F
Requests: 16 HTTP requests in this frame

Frame: https://cdn.districtm.io/ids/index.html
Frame ID: BC42816D9B146169BF7ECFA5A4404213
Requests: 1 HTTP requests in this frame

Frame: https://sync.bfmio.com/sync_iframe?ifpl=5&ifg=1&id=Monumetric+-+Display+-+Header+Bidding&gdpr=0&gc=&gce=1&cb=1638151649494
Frame ID: C49A2DC67346FBC12A36FE9136BFED32
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156972
Frame ID: 3A1CF53535DBD4518C4A4EF85EE473B1
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 26B84547385D1FC233EEA4BFC145566E
Requests: 1 HTTP requests in this frame

Frame: https://sync.bfmio.com/sync_iframe?ifpl=5&ifg=1&id=Monumetric+-+Display+-+Header+Bidding&gdpr=0&gc=&gce=1&cb=1638151649493
Frame ID: 87E6852BD5AD442DFB4682B5F1123698
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156972
Frame ID: AE277BFD98A2AF123FC298D8D1304CE9
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 19E15C582BCD1D7EEC9DC1661DC8F619
Requests: 1 HTTP requests in this frame

Frame: https://biddr.brealtime.com/check.html
Frame ID: 0464F945D930BCC455754E13AD17F0BE
Requests: 1 HTTP requests in this frame

Frame: https://cdn.districtm.io/ids/index.html
Frame ID: C518EAD7FE0049787991794240B22189
Requests: 1 HTTP requests in this frame

Frame: https://biddr.brealtime.com/check.html
Frame ID: D96572812968D24853047A373B0D76BB
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 489244803CAE1697C1FE0735F81FE499
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon?informer=13208641
Frame ID: B186E8233616B3B7DA7D9DC6EABD4B55
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUWWG7OK&prvid=2033%2C2030%2C251%2C175%2C3018%2C157%2C3017%2C2027%2C3016%2C214%2C2026%2C159%2C117%2C97%2C99%2C77%2C56%2C59%2C3012%2C141%2C222%2C3007%2C201%2C4%2C246%2C203%2C126%2C226%2C80%2C10000%2C9%2C229%2C108%2C82%2C109&purpose1=1&gdprconsent=0&gdpr=1&usp_status=0&usp_consent=1&itype=PREBID
Frame ID: 2629776AEB7F77EFE8FEB24FCBB693BA
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUWWG7OK&prvid=2033%2C2030%2C251%2C175%2C3018%2C157%2C3017%2C2027%2C3016%2C214%2C2026%2C159%2C117%2C97%2C99%2C77%2C56%2C59%2C3012%2C141%2C222%2C3007%2C201%2C4%2C246%2C203%2C126%2C226%2C80%2C10000%2C9%2C229%2C108%2C82%2C109&purpose1=1&gdprconsent=0&gdpr=1&usp_status=0&usp_consent=1&itype=PREBID
Frame ID: B6FCC4EFA0749A0BF21C29F4BBFE50EE
Requests: 1 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=dcEu7yseur6PS9aKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
Frame ID: 5814FBB4BFC439CB8311D81084A15778
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156972
Frame ID: FFAD8E030C6981BCAC0D88C35F91A50B
Requests: 1 HTTP requests in this frame

Frame: https://biddr.brealtime.com/check.html
Frame ID: 13166C002429E11508C20EDE3BC7EEE6
Requests: 1 HTTP requests in this frame

Frame: https://sync.bfmio.com/sync_iframe?ifpl=5&ifg=1&id=Monumetric+-+Display+-+Header+Bidding&gdpr=0&gc=&gce=1&cb=1638151649492
Frame ID: 756B3D47263C664ED791C80ACAA14241
Requests: 2 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 0632AE88D1C4CEA6112B4A2C62C49608
Requests: 1 HTTP requests in this frame

Frame: https://biddr.brealtime.com/check.html
Frame ID: 215F1EB1E8625359557965597FA1D462
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 267BC8C29F0ACDFE762A6D41853B61EA
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: DF1389C3C982D85A4215CC05BADC66DA
Requests: 1 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=dcEu7yseur6PS9aKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
Frame ID: 12AFC2B0D4BC56BFB69F5EE913BE534D
Requests: 1 HTTP requests in this frame

Frame: https://cdn.districtm.io/ids/index.html
Frame ID: 7EB47F31C69CA2F92EE991061BD4D79C
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon?informer=13208641
Frame ID: 708E24135B200AD0973DBE2D0CD99036
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 015952A0F14A6BDE448F407AFCD20AE2
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUWWG7OK&prvid=2033%2C2030%2C251%2C175%2C3018%2C157%2C3017%2C2027%2C3016%2C214%2C2026%2C159%2C117%2C97%2C99%2C77%2C56%2C59%2C3012%2C141%2C222%2C3007%2C201%2C4%2C246%2C203%2C126%2C226%2C80%2C10000%2C9%2C229%2C108%2C82%2C109&purpose1=1&gdprconsent=0&gdpr=1&usp_status=0&usp_consent=1&itype=PREBID
Frame ID: DBA59F70EF399200B359B0ADD0BDC908
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon?informer=13208641
Frame ID: BC70DB787F9885DB2C6E3E0C70A2768D
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: DC0C422E1288058DCB34296EF771ABD0
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon?informer=13208641
Frame ID: 99CAF9AF1DE810A1F171FFD666C4A0B1
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUWWG7OK&prvid=2033%2C2030%2C251%2C175%2C3018%2C157%2C3017%2C2027%2C3016%2C214%2C2026%2C159%2C117%2C97%2C99%2C77%2C56%2C59%2C3012%2C141%2C222%2C3007%2C201%2C4%2C246%2C203%2C126%2C226%2C80%2C10000%2C9%2C229%2C108%2C82%2C109&purpose1=1&gdprconsent=0&gdpr=1&usp_status=0&usp_consent=1&itype=PREBID
Frame ID: E863CC08612B32AF70CCC8D61F3C9558
Requests: 1 HTTP requests in this frame

Frame: https://cdn.districtm.io/ids/index.html
Frame ID: C8ECAC168F72A2E1D6CAFE6B80AF6CA8
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: 4969AC0A41404586D0BDD4691B89116E
Requests: 9 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: F35690B3D5AFE05C76CF1AB5B80D3DE0
Requests: 10 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: 64674720E07CB655539A81A029A6F0BA
Requests: 10 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 9E35C4640A9720B3F7069FE4E6BC6921
Requests: 10 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=F729DA14-8AE5-4433-B7C0-6F63D9E8303B
Frame ID: E2A437742E0BD56AE0FD1F040208AF45
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5962049199002859928
Frame ID: CBB348F441F74559D85BBDDB6903F50A
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 4BF027AAF9C94EA13D5A656300547436
Requests: 1 HTTP requests in this frame

Frame: https://um2.eqads.com/um/cs&eq_cc=1
Frame ID: 01BC870A620FC468A07FC76C86392225
Requests: 2 HTTP requests in this frame

Frame: https://secure.quantserve.com/quant.js
Frame ID: 9C357F1C87405D553122E67709C064AB
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

john pavlovitz - Stuff That Needs To Be Said

Page URL History Show full URLs

  1. http://johnpavlovitz.com/ HTTP 301
    https://johnpavlovitz.com/ Page URL

Page Statistics

322
Requests

86 %
HTTPS

31 %
IPv6

65
Domains

110
Subdomains

86
IPs

12
Countries

3345 kB
Transfer

6331 kB
Size

82
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://johnpavlovitz.com/ HTTP 301
    https://johnpavlovitz.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 156
  • https://www.facebook.com/v2.3/plugins/page.php?app_id=249643311490&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1ad4b06d6e6c08%26domain%3Djohnpavlovitz.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fjohnpavlovitz.com%252Ff24509f3e5ece74%26relation%3Dparent.parent&container_width=312&height=130&hide_cover=false&hide_cta=false&href=https%3A%2F%2Fwww.facebook.com%2Fjohnpavlovitzofficial&locale=en_US&sdk=joey&show_facepile=false&small_header=false&tabs=false&width=340 HTTP 302
  • https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fapp_id%3D249643311490%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df1ad4b06d6e6c08%2526domain%253Djohnpavlovitz.com%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fjohnpavlovitz.com%25252Ff24509f3e5ece74%2526relation%253Dparent.parent%26container_width%3D312%26height%3D130%26hide_cover%3Dfalse%26hide_cta%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Fjohnpavlovitzofficial%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dfalse%26small_header%3Dfalse%26tabs%3Dfalse%26width%3D340
Request Chain 210
  • https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDP-7vrpAEQ6AcY6AcyCEPlfr8JziOv HTTP 301
  • https://tpc.googlesyndication.com/simgad/6940406974179512899
Request Chain 214
  • https://syndication.twitter.com/i/jot HTTP 302
  • https://platform.twitter.com/jot.html
Request Chain 215
  • https://www.facebook.com/v2.3/plugins/page.php?app_id=249643311490&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1ca09fe74b2528%26domain%3Djohnpavlovitz.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fjohnpavlovitz.com%252Ff24509f3e5ece74%26relation%3Dparent.parent&container_width=0&height=130&hide_cover=false&hide_cta=false&href=https%3A%2F%2Fwww.facebook.com%2Fjohnpavlovitzofficial&locale=en_US&sdk=joey&show_facepile=false&small_header=false&tabs=false&width=340 HTTP 302
  • https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fapp_id%3D249643311490%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df1ca09fe74b2528%2526domain%253Djohnpavlovitz.com%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fjohnpavlovitz.com%25252Ff24509f3e5ece74%2526relation%253Dparent.parent%26container_width%3D0%26height%3D130%26hide_cover%3Dfalse%26hide_cta%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Fjohnpavlovitzofficial%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dfalse%26small_header%3Dfalse%26tabs%3Dfalse%26width%3D340
Request Chain 261
  • https://id5-sync.com/s/441/9.gif?puid=e_c5d34f70-3303-4660-a272-d232cd6e23bd&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/441/441/9/1.gif?puid=e_c5d34f70-3303-4660-a272-d232cd6e23bd&gdpr=1&gdpr_consent= HTTP 302
  • https://ice.360yield.com/match?publisher_dsp_id=313&dsp_callback=1&external_user_id=ID5-ZHMOgDW08hSEheVcllVyPWe_ReBAA-ui-EkkkPZlgw&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F441%2F916%2F8%2F2.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
  • https://ice.360yield.com/ul_cb/match?publisher_dsp_id=313&dsp_callback=1&external_user_id=ID5-ZHMOgDW08hSEheVcllVyPWe_ReBAA-ui-EkkkPZlgw&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F441%2F916%2F8%2F2.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/cq/441/916/8/2.gif?puid=4ddfa8db-4408-4c6b-ae75-d61ed6765844&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent= HTTP 302
  • https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOgDW08hSEheVcllVyPWe_ReBAA-ui-EkkkPZlgw&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F441%2F124%2F7%2F3.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/cq/441/124/7/3.gif?puid=4ddfa8db-4408-4c6b-ae75-d61ed6765844&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent= HTTP 302
  • https://ads.avocet.io/getuid?url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F146%2F6%2F4.gif%3Fpuid%3D%7B%7BUUID%7D%7D%26gdpr%3D1%26gdpr_consent%3D HTTP 307
  • https://ads.avct.cloud/getuid?r=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F146%2F6%2F4.gif%3Fpuid%3D%7B%7BUUID%7D%7D%26gdpr%3D1%26gdpr_consent%3D HTTP 307
  • https://ads.avct.cloud/getuid?bounce=true&r=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F146%2F6%2F4.gif%3Fpuid%3D%7B%7BUUID%7D%7D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
  • https://id5-sync.com/c/441/146/6/4.gif?puid=5d66e664-c9da-4c55-b379-ab59dc8b492f&gdpr=1&gdpr_consent= HTTP 302
  • https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=id517&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY HTTP 303
  • https://cookie-matching.mediarithmics.com/v1/get_or_create?sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&domid=1033 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domid=1033&ops=apx HTTP 302
  • https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domid=1033&ops=apx&google_gid=CAESEH94So5ahEs1JtICUsE1Fww&google_cver=1 HTTP 303
  • https://ib.adnxs.com/getuid?https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=$UID&opid=apx&ops=&utidl=tech:goo:CAESEH94So5ahEs1JtICUsE1Fww&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&action=GET_ID&etid=&domid=1033 HTTP 302
  • https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=3760716256186545712&opid=apx&ops=&utidl=tech:goo:CAESEH94So5ahEs1JtICUsE1Fww&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&action=GET_ID&etid=&domid=1033 HTTP 303
  • https://id5-sync.com/qp/18.gif?puid=vec%3A22857839086&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY HTTP 302
  • https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/441/19/4/6.gif?puid=${profile_id}&gdpr=1&gdpr_consent= HTTP 302
  • https://sync.crwdcntrl.net/map/ct=y/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/441/19/4/6.gif?puid=${profile_id}&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/441/19/4/6.gif?puid=c96acd7f2209eb2ee4ae6e970b53564a&gdpr=1&gdpr_consent=
Request Chain 262
  • https://id5-sync.com/s/441/9.gif?puid=e_cb0e67b4-894b-4dff-a3a4-d0327bc690c2&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/441/441/9/1.gif?puid=e_cb0e67b4-894b-4dff-a3a4-d0327bc690c2&gdpr=1&gdpr_consent= HTTP 302
  • https://ice.360yield.com/match?publisher_dsp_id=313&dsp_callback=1&external_user_id=ID5-ZHMOgDW08hSEheVcllVyPWe_ReBAA-ui-EkkkPZlgw&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F441%2F916%2F8%2F2.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
  • https://ice.360yield.com/ul_cb/match?publisher_dsp_id=313&dsp_callback=1&external_user_id=ID5-ZHMOgDW08hSEheVcllVyPWe_ReBAA-ui-EkkkPZlgw&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F441%2F916%2F8%2F2.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/cq/441/916/8/2.gif?puid=4ddfa8db-4408-4c6b-ae75-d61ed6765844&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent= HTTP 302
  • https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOgDW08hSEheVcllVyPWe_ReBAA-ui-EkkkPZlgw&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F441%2F124%2F7%2F3.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/cq/441/124/7/3.gif?puid=4ddfa8db-4408-4c6b-ae75-d61ed6765844&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent= HTTP 302
  • https://ads.avocet.io/getuid?url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F146%2F6%2F4.gif%3Fpuid%3D%7B%7BUUID%7D%7D%26gdpr%3D1%26gdpr_consent%3D HTTP 307
  • https://ads.avct.cloud/getuid?r=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F146%2F6%2F4.gif%3Fpuid%3D%7B%7BUUID%7D%7D%26gdpr%3D1%26gdpr_consent%3D HTTP 307
  • https://ads.avct.cloud/getuid?bounce=true&r=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F146%2F6%2F4.gif%3Fpuid%3D%7B%7BUUID%7D%7D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
  • https://id5-sync.com/c/441/146/6/4.gif?puid=5d66e664-c9da-4c55-b379-ab59dc8b492f&gdpr=1&gdpr_consent= HTTP 302
  • https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=id517&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY HTTP 303
  • https://cookie-matching.mediarithmics.com/v1/get_or_create?sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&domid=1033 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domid=1033&ops=apx HTTP 302
  • https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domid=1033&ops=apx&google_gid=CAESEH94So5ahEs1JtICUsE1Fww&google_cver=1 HTTP 303
  • https://ib.adnxs.com/getuid?https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=$UID&opid=apx&ops=&utidl=tech:goo:CAESEH94So5ahEs1JtICUsE1Fww&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&action=GET_ID&etid=&domid=1033 HTTP 302
  • https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=3760716256186545712&opid=apx&ops=&utidl=tech:goo:CAESEH94So5ahEs1JtICUsE1Fww&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&action=GET_ID&etid=&domid=1033 HTTP 303
  • https://id5-sync.com/qp/18.gif?puid=vec%3A22857839086&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY HTTP 302
  • https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/441/19/4/6.gif?puid=${profile_id}&gdpr=1&gdpr_consent= HTTP 302
  • https://sync.crwdcntrl.net/map/ct=y/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/441/19/4/6.gif?puid=${profile_id}&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/441/19/4/6.gif?puid=c96acd7f2209eb2ee4ae6e970b53564a&gdpr=1&gdpr_consent=
Request Chain 263
  • https://id5-sync.com/s/441/9.gif?puid=e_155de862-e828-48b6-b346-176bf8ea2626&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/441/441/9/1.gif?puid=e_155de862-e828-48b6-b346-176bf8ea2626&gdpr=1&gdpr_consent= HTTP 302
  • https://ice.360yield.com/match?publisher_dsp_id=313&dsp_callback=1&external_user_id=ID5-ZHMOgDW08hSEheVcllVyPWe_ReBAA-ui-EkkkPZlgw&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F441%2F916%2F8%2F2.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
  • https://ice.360yield.com/ul_cb/match?publisher_dsp_id=313&dsp_callback=1&external_user_id=ID5-ZHMOgDW08hSEheVcllVyPWe_ReBAA-ui-EkkkPZlgw&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F441%2F916%2F8%2F2.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/cq/441/916/8/2.gif?puid=4ddfa8db-4408-4c6b-ae75-d61ed6765844&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent= HTTP 302
  • https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOgDW08hSEheVcllVyPWe_ReBAA-ui-EkkkPZlgw&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F441%2F124%2F7%2F3.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/cq/441/124/7/3.gif?puid=4ddfa8db-4408-4c6b-ae75-d61ed6765844&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent= HTTP 302
  • https://ads.avocet.io/getuid?url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F146%2F6%2F4.gif%3Fpuid%3D%7B%7BUUID%7D%7D%26gdpr%3D1%26gdpr_consent%3D HTTP 307
  • https://ads.avct.cloud/getuid?r=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F146%2F6%2F4.gif%3Fpuid%3D%7B%7BUUID%7D%7D%26gdpr%3D1%26gdpr_consent%3D HTTP 307
  • https://ads.avct.cloud/getuid?bounce=true&r=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F146%2F6%2F4.gif%3Fpuid%3D%7B%7BUUID%7D%7D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
  • https://id5-sync.com/c/441/146/6/4.gif?puid=5d66e664-c9da-4c55-b379-ab59dc8b492f&gdpr=1&gdpr_consent= HTTP 302
  • https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=id517&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY HTTP 303
  • https://cookie-matching.mediarithmics.com/v1/get_or_create?sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&domid=1033 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domid=1033&ops=apx HTTP 302
  • https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domid=1033&ops=apx&google_gid=CAESEH94So5ahEs1JtICUsE1Fww&google_cver=1 HTTP 303
  • https://ib.adnxs.com/getuid?https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=$UID&opid=apx&ops=&utidl=tech:goo:CAESEH94So5ahEs1JtICUsE1Fww&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&action=GET_ID&etid=&domid=1033 HTTP 302
  • https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=3760716256186545712&opid=apx&ops=&utidl=tech:goo:CAESEH94So5ahEs1JtICUsE1Fww&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&action=GET_ID&etid=&domid=1033 HTTP 303
  • https://id5-sync.com/qp/18.gif?puid=vec%3A22857839086&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY HTTP 302
  • https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/441/19/4/6.gif?puid=${profile_id}&gdpr=1&gdpr_consent= HTTP 302
  • https://sync.crwdcntrl.net/map/ct=y/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/441/19/4/6.gif?puid=${profile_id}&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/441/19/4/6.gif?puid=c96acd7f2209eb2ee4ae6e970b53564a&gdpr=1&gdpr_consent=
Request Chain 264
  • https://id5-sync.com/s/441/9.gif?puid=e_15f03c63-9786-4117-9772-48e7539e9ab1&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/441/441/9/1.gif?puid=e_15f03c63-9786-4117-9772-48e7539e9ab1&gdpr=1&gdpr_consent= HTTP 302
  • https://ice.360yield.com/match?publisher_dsp_id=313&dsp_callback=1&external_user_id=ID5-ZHMOgDW08hSEheVcllVyPWe_ReBAA-ui-EkkkPZlgw&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F441%2F916%2F8%2F2.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
  • https://ice.360yield.com/ul_cb/match?publisher_dsp_id=313&dsp_callback=1&external_user_id=ID5-ZHMOgDW08hSEheVcllVyPWe_ReBAA-ui-EkkkPZlgw&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F441%2F916%2F8%2F2.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/cq/441/916/8/2.gif?puid=4ddfa8db-4408-4c6b-ae75-d61ed6765844&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent= HTTP 302
  • https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOgDW08hSEheVcllVyPWe_ReBAA-ui-EkkkPZlgw&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F441%2F124%2F7%2F3.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/cq/441/124/7/3.gif?puid=4ddfa8db-4408-4c6b-ae75-d61ed6765844&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent= HTTP 302
  • https://ads.avocet.io/getuid?url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F146%2F6%2F4.gif%3Fpuid%3D%7B%7BUUID%7D%7D%26gdpr%3D1%26gdpr_consent%3D HTTP 307
  • https://ads.avct.cloud/getuid?r=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F146%2F6%2F4.gif%3Fpuid%3D%7B%7BUUID%7D%7D%26gdpr%3D1%26gdpr_consent%3D HTTP 307
  • https://ads.avct.cloud/getuid?bounce=true&r=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F146%2F6%2F4.gif%3Fpuid%3D%7B%7BUUID%7D%7D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
  • https://id5-sync.com/c/441/146/6/4.gif?puid=5d66e664-c9da-4c55-b379-ab59dc8b492f&gdpr=1&gdpr_consent= HTTP 302
  • https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=id517&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY HTTP 303
  • https://cookie-matching.mediarithmics.com/v1/get_or_create?sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&domid=1033 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domid=1033&ops=apx HTTP 302
  • https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domid=1033&ops=apx&google_gid=CAESEH94So5ahEs1JtICUsE1Fww&google_cver=1 HTTP 303
  • https://ib.adnxs.com/getuid?https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=$UID&opid=apx&ops=&utidl=tech:goo:CAESEH94So5ahEs1JtICUsE1Fww&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&action=GET_ID&etid=&domid=1033 HTTP 302
  • https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=3760716256186545712&opid=apx&ops=&utidl=tech:goo:CAESEH94So5ahEs1JtICUsE1Fww&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&action=GET_ID&etid=&domid=1033 HTTP 303
  • https://id5-sync.com/qp/18.gif?puid=vec%3A22857839086&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY HTTP 302
  • https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/441/19/4/6.gif?puid=${profile_id}&gdpr=1&gdpr_consent= HTTP 302
  • https://sync.crwdcntrl.net/map/ct=y/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/441/19/4/6.gif?puid=${profile_id}&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/441/19/4/6.gif?puid=c96acd7f2209eb2ee4ae6e970b53564a&gdpr=1&gdpr_consent=
Request Chain 265
  • https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Request Chain 266
  • https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Request Chain 268
  • https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Request Chain 270
  • https://c1.adform.net/serving/cookie/match?party=14&cid=F729DA14-8AE5-4433-B7C0-6F63D9E8303B HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=F729DA14-8AE5-4433-B7C0-6F63D9E8303B
Request Chain 271
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5962049199002859928
Request Chain 273
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=9ynaFIrlRDO3wG9j2egwOw%3D%3D HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Request Chain 274
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=b8b361a4-35e4-4800-af5b-2eb0b62244e6
Request Chain 275
  • https://pixel.onaudience.com/?partner=214&mapped=F729DA14-8AE5-4433-B7C0-6F63D9E8303B HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1 HTTP 302
  • https://pixel.onaudience.com/?partner=147&mapped=450ba572-3972-453b-bf9f-3a7ceefaac83&icm HTTP 302
  • https://spl.zeotap.com/?zdid=1332&zcluid=117101dff7937900 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=c890ba4b-30e9-48c5-77af-51a9258d57ec&reqId=8a419f33-1a96-4e47-7977-c4954ecf5b8f&zcluid=117101dff7937900&zdid=1332 HTTP 302
  • https://mwzeom.zeotap.com/mw?google_gid=CAESEPEgy1SCMU4CySqQRPXw2VA&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=c890ba4b-30e9-48c5-77af-51a9258d57ec&reqId=8a419f33-1a96-4e47-7977-c4954ecf5b8f&zcluid=117101dff7937900&zdid=1332
Request Chain 276
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RjcyOURBMTQtOEFFNS00NDMzLUI3QzAtNkY2M0Q5RTgzMDNC&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 277
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEJnUX2YpEzp2TqswLTd26wk&google_cver=1
Request Chain 279
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:7a6161a4-35e4-4300-9710-c23e7a69a521&gdpr=0&gdpr_consent=
Request Chain 280
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=6449653121832713678
Request Chain 281
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=450ba572-3972-453b-bf9f-3a7ceefaac83
Request Chain 282
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA%3D%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3760716256186545712&gdpr=0&gdpr_consent=
Request Chain 283
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=ZbAXpWC0E6V-5ULwY-Jbp2LgRfR-4BDwYrDpPzrA
Request Chain 285
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=F729DA14-8AE5-4433-B7C0-6F63D9E8303B&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=F729DA14-8AE5-4433-B7C0-6F63D9E8303B&redir=true&gdpr=0&gdpr_consent=&verify=true HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-cd8BOapE2uUpzgOujSKcNq0.oDFcwWk-~A&gdpr=0&gdpr_consent=
Request Chain 286
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YaQ15LafI8WC4afQ7O2ASQAABE8AAAAB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YaQ15LafI8WC4afQ7O2ASQAABE8AAAAB&dcc=t
Request Chain 287
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YaQ15LafI8WC4afQ7O2ASQAABE8AAAAB&gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESENrS0GT4NyWpqfqKoa5_HmY&google_cver=1
Request Chain 288
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YaQ15LafI8WC4afQ7O2ASQAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEMPRT8QaxYOKiVPOKmcPa4o&google_cver=1&gdpr=1
Request Chain 290
  • https://sync.extend.tv/r.gif?exchange=index HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=1e115553-82e0-46f8-b857-5af9ad172164
Request Chain 291
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1 HTTP 302
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1&prevuid=&knw=0 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
Request Chain 292
  • https://d.adroll.com/cm/index/ssp?gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
Request Chain 295
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YaQ15LafI8WC4afQ7O2ASQAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEMPRT8QaxYOKiVPOKmcPa4o&google_cver=1&gdpr=1
Request Chain 296
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YaQ15LafI8WC4afQ7O2ASQAABE8AAAAB&gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESENrS0GT4NyWpqfqKoa5_HmY&google_cver=1
Request Chain 297
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YaQ15LafI8WC4afQ7O2ASQAABE8AAAAB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YaQ15LafI8WC4afQ7O2ASQAABE8AAAAB&dcc=t
Request Chain 298
  • https://d.adroll.com/cm/index/ssp?gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
Request Chain 300
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1&gdpr=1 HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1638238052&gdpr=1
Request Chain 303
  • https://um2.eqads.com/um/cs HTTP 302
  • https://um2.eqads.com/um/cs&eq_cc=1
Request Chain 304
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YaQ15LafI8WC4afQ7O2ASgAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEMPRT8QaxYOKiVPOKmcPa4o&google_cver=1&gdpr=1
Request Chain 306
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YaQ15LafI8WC4afQ7O2ASQAABE8AAAAB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YaQ15LafI8WC4afQ7O2ASQAABE8AAAAB&dcc=t
Request Chain 307
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YaQ15LafI8WC4afQ7O2ASQAABE8AAAAB&gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESENrS0GT4NyWpqfqKoa5_HmY&google_cver=1
Request Chain 308
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1 HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=0PCZiIHO1MRw4Q5&gdpr=1
Request Chain 309
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1640743653
Request Chain 313
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YaQ15LafI8WC4afQ7O2ASgAABIIAAAIB&gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESENrS0GT4NyWpqfqKoa5_HmY&google_cver=1
Request Chain 314
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YaQ15LafI8WC4afQ7O2ASgAABIIAAAIB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YaQ15LafI8WC4afQ7O2ASgAABIIAAAIB&dcc=t
Request Chain 315
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YaQ15LafI8WC4afQ7O2ASgAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEMPRT8QaxYOKiVPOKmcPa4o&google_cver=1&gdpr=1
Request Chain 317
  • https://cm.ctnsnet.com/int/cm?exc=19&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=6bf1e482c67c4a48967f9cb108e728e0&expiration=1640743652
Request Chain 319
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1&gdpr=1 HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1638238052&gdpr=1
Request Chain 320
  • https://d.adroll.com/cm/index/ssp?gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
Request Chain 322
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=rwuq9ny&ttd_tpi=1 HTTP 302
  • https://sync.bfmio.com/sync?pid=106&uid=450ba572-3972-453b-bf9f-3a7ceefaac83
Request Chain 323
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=rwuq9ny&ttd_tpi=1 HTTP 302
  • https://sync.bfmio.com/sync?pid=106&uid=450ba572-3972-453b-bf9f-3a7ceefaac83
Request Chain 324
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=rwuq9ny&ttd_tpi=1 HTTP 302
  • https://sync.bfmio.com/sync?pid=106&uid=450ba572-3972-453b-bf9f-3a7ceefaac83
Request Chain 325
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=rwuq9ny&ttd_tpi=1 HTTP 302
  • https://sync.bfmio.com/sync?pid=106&uid=450ba572-3972-453b-bf9f-3a7ceefaac83
Request Chain 329
  • https://sb.scorecardresearch.com/p?c1=8&c2=15039634&c3=16&c4=8d405bb9&c7=https%3A%2F%2Fjohnpavlovitz.com%2F&c8=john%20pavlovitz%20-%20Stuff%20That%20Needs%20To%20Be%20Said&c9=&cv=2.0&cj=1&ns__t=1638151654903 HTTP 302
  • https://sb.scorecardresearch.com/p2?c1=8&c2=15039634&c3=16&c4=8d405bb9&c7=https%3A%2F%2Fjohnpavlovitz.com%2F&c8=john%20pavlovitz%20-%20Stuff%20That%20Needs%20To%20Be%20Said&c9=&cv=2.0&cj=1&ns__t=1638151654903
Request Chain 332
  • https://id5-sync.com/s/441/9.gif?puid=e_cb0e67b4-894b-4dff-a3a4-d0327bc690c2&gdpr=1&gdpr_consent= HTTP 302
  • https://dpm.demdex.net/ibs:dpid=463291&dpuuid=ID5-ZHMOgDW08hSEheVcllVyPWe_ReBAA-ui-EkkkPZlgw&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F160%2F8%2F2.gif%3Fpuid%3D%24%7BDD_UUID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/441/160/8/2.gif?puid=78880239340303206747814395341066464523&gdpr=1&gdpr_consent= HTTP 302
  • https://dpm.demdex.net/ibs:dpid=494279&dpuuid=ID5-ZHMOgDW08hSEheVcllVyPWe_ReBAA-ui-EkkkPZlgw&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F340%2F7%2F3.gif%3Fpuid%3D%24%7BDD_UUID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/441/340/7/3.gif?puid=78880239340303206747814395341066464523&gdpr=1&gdpr_consent= HTTP 302
  • https://a.audrte.com/match?uid=ID5-ZHMOgDW08hSEheVcllVyPWe_ReBAA-ui-EkkkPZlgw&p=M1950936503&r=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F473%2F6%2F4.gif%3Fpuid%3D%24UID%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9pZDUtc3luYy5jb20vYy80NDEvNDczLzYvNC5naWY_cHVpZFx1MDAzZDFmOUJHOFFpREpnUTgtd3pLUE9MOVpVNVFcdTAwMjZnZHByXHUwMDNkMVx1MDAyNmdkcHJfY29uc2VudFx1MDAzZCIsImQiOltdfQ%3D%3D&gdpr=1&gdpr_consent= HTTP 302
  • https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9pZDUtc3luYy5jb20vYy80NDEvNDczLzYvNC5naWY_cHVpZFx1MDAzZDFmOUJHOFFpREpnUTgtd3pLUE9MOVpVNVFcdTAwMjZnZHByXHUwMDNkMVx1MDAyNmdkcHJfY29uc2VudFx1MDAzZCIsImQiOltdfQ%3D%3D&gdpr=1&gdpr_consent=&google_gid=CAESEP451uUPScyBVW3fK_9ybiw&google_cver=1 HTTP 302
  • https://id5-sync.com/c/441/473/6/4.gif?puid=1f9BG8QiDJgQ8-wzKPOL9ZU5Q&gdpr=1&gdpr_consent= HTTP 302
  • https://dpm.demdex.net/ibs:dpid=483047&dpuuid=ID5-ZHMOgDW08hSEheVcllVyPWe_ReBAA-ui-EkkkPZlgw&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F349%2F5%2F5.gif%3Fpuid%3D%24%7BDD_UUID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/441/349/5/5.gif?puid=78880239340303206747814395341066464523&gdpr=1&gdpr_consent= HTTP 302
  • https://dpm.demdex.net/ibs:dpid=121998&dpuuid=c96acd7f2209eb2ee4ae6e970b53564a&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F485%2F4%2F6.gif%3Fpuid%3D%24%7BDD_UUID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/441/485/4/6.gif?puid=69839936772581035112067384150265314919&gdpr=1&gdpr_consent= HTTP 302
  • https://ads.creative-serving.com/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F101%2F3%2F7.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D

322 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
johnpavlovitz.com/
Redirect Chain
  • http://johnpavlovitz.com/
  • https://johnpavlovitz.com/
85 KB
21 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://johnpavlovitz.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:513d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / WP Engine
Resource Hash
d2005ffb6baec4d0e7c807ef788202c58b7033d4d680544717b666f2abea0d49
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content;
Strict-Transport-Security max-age=2592000;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Mon, 29 Nov 2021 02:07:27 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding Accept-Encoding Accept-Encoding,Cookie
strict-transport-security
max-age=2592000;
content-security-policy
block-all-mixed-content;
x-frame-options
SAMEORIGIN
referrer-policy
no-referrer
x-xss-protection
1; mode=block
x-content-type-options
nosniff
link
<https://johnpavlovitz.com/wp-json/>; rel="https://api.w.org/" <https://wp.me/7ka6l>; rel=shortlink
x-powered-by
WP Engine
x-cacheable
SHORT
cache-control
max-age=600, must-revalidate
x-cache
HIT: 9
x-cache-group
normal
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=68zNA%2BXcoFV89f%2BRBri6Y3VcXXS0%2BXzA3mW6e0ByDQQwzb%2Btxw34RSUvAyGUabAKljEOb%2Fk0x3X0HH2hFAHx4efDrelgafAfAucW7Hi2HZ64yBtXC9DsfJKfWF82qR7PNt%2BmRakjj1A0qjHrqiZ4%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6b58484deeba374d-MXP
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

Date
Mon, 29 Nov 2021 02:07:26 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
location
https://johnpavlovitz.com/
CF-Cache-Status
DYNAMIC
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OSOoBwpSk2uCz%2Bd42OobMZg04VQmPsAPY8c1dAAHvXZi7IpnINunidYeP7y7JeBJVvYrlrUi0CjugWlwmKOQHPgnypB8RH2Osm0W6N7X9IaGCfDZZII23VXVCOcz29RvcPgKKsR5qH6C9KFKAsSTEw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
CF-RAY
6b58484b9eeb3762-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
css
fonts.googleapis.com/ 		8 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Raleway%3A400%2C300%2C700%7CLato%3A400%2C700%2C400italic%2C700italic&subset=latin%2Clatin-ext&display=swap
Requested by
Host: johnpavlovitz.com
URL: https://johnpavlovitz.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8dc9395e36e058fbf9bb3ebc4109cc053f4dcbd5d0b70a002a81a3adf27ecc2b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 29 Nov 2021 02:07:27 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 29 Nov 2021 02:07:27 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 29 Nov 2021 02:07:27 GMT
8019cc799048edd4550b8b089a7cc294.css
johnpavlovitz.com/wp-content/cache/min/1/ 		349 KB
76 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://johnpavlovitz.com/wp-content/cache/min/1/8019cc799048edd4550b8b089a7cc294.css
Requested by
Host: johnpavlovitz.com
URL: https://johnpavlovitz.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:513d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
065bc1eafc13b6c5d8134d591cbf1668da79cd57c393b5386f80a3498248635a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 29 Nov 2021 02:07:28 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 05 Nov 2021 14:04:52 GMT
server
cloudflare
etag
W/"61853a04-575ef"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1sanb5p9v7OSs1dM15rwypyQWl6TpYXZX0o19mSs9Q2EWW2SZvQk4n%2BVcvdE9tTJ4erW5hTnZe3q0aN%2BYvVT6KEAXywfd6Cn3NsleKzIzNKNPucMqgNdOnNztW9nhnINErXmYYbGYzI1gebfoeqrag%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6b584852fbbb374d-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
jquery.min.js
johnpavlovitz.com/wp-includes/js/jquery/ 		87 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://johnpavlovitz.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by
Host: johnpavlovitz.com
URL: https://johnpavlovitz.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:513d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 29 Nov 2021 02:07:27 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
8538916
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Mon, 02 Aug 2021 18:03:14 GMT
server
cloudflare
etag
W/"61083362-15db1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yeyZi15X%2FmTwNiiKDDMvmJcgnVkyJVQRKiAHn5bBunaPngMD23Sh8Wavr2Ij0R6WzqXzlxFjCyL1XADuSysPvfcwBVRR9i9vzGLuUM1t7dKn9llDpuBOR3MBjz8LaQQFpEw907o0FAtnJZzadCsfFg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
6b584852fbbc374d-MXP
js
www.googletagmanager.com/gtag/ 		90 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-75688011-1
Requested by
Host: johnpavlovitz.com
URL: https://johnpavlovitz.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
de75d10803886e88f3ef10a21bcd9373a22e01646db19d6435fb7e9dd39e23ec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 29 Nov 2021 02:07:27 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36130
x-xss-protection
0
last-modified
Mon, 29 Nov 2021 00:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 29 Nov 2021 02:07:27 GMT
f132ae-8194-442b-b0b9-5817f19b3ccd.js
monu.delivery/site/4/4/ 		552 KB
155 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://monu.delivery/site/4/4/f132ae-8194-442b-b0b9-5817f19b3ccd.js
Requested by
Host: johnpavlovitz.com
URL: https://johnpavlovitz.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:333a:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
nginx /
Resource Hash
390cd7655f12b128edd9e052babe974401adc1fe32130212338c76b0c3cd3e05

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 29 Nov 2021 02:07:27 GMT
content-encoding
gzip
age
0
x-guploader-uploadid
ADPycduf3cu_pJ1gJpIx-IEKqm5JFLPOmj6iQKJvVOL3JEWk1msr59ER_X4OlWxfzQO4eWKSpjNl6uUrgks8tCb_v1k
x-cache
MISS
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
clear
last-modified
Fri, 19 Nov 2021 17:38:55 GMT
server
nginx
vary
Accept-Encoding
x-goog-hash
crc32c=4lUDKg==, md5=uGbyV1YSCVRVlSDNCAOnSQ==
x-goog-generation
1637343535629624
via
1.1 google
cache-control
max-age=7200
x-goog-stored-content-length
564892
content-type
application/javascript
expires
Mon, 29 Nov 2021 04:07:27 GMT
navigation.js
johnpavlovitz.com/wp-content/themes/hemingway-rewritten-wpcom/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://johnpavlovitz.com/wp-content/themes/hemingway-rewritten-wpcom/js/navigation.js?ver=20120206
Requested by
Host: johnpavlovitz.com
URL: https://johnpavlovitz.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:513d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8354ab149470cfe096f84a0161180dd9dd0177ffeb2bac6ea77e3452ca829bac

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 29 Nov 2021 02:07:28 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 06 Apr 2018 04:18:07 GMT
server
cloudflare
etag
W/"5ac6f4ff-992"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I9AFpMPqm%2FngX050kWAE6LfqsPnhThyPT%2Ft3cq5IKK8NiSvmoN1%2FkaLF%2BY9d1lmrk9ocVmJ4Dmzb2%2BxMg5lPci5x%2B7BuqvqKmAFLZqksXhEAbGzSTInvMf3AkO3taEE%2F0ICgbts1m%2FJ6j2lzrFGSsA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6b5848559cfd375b-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
postmessage.min.js
johnpavlovitz.com/wp-content/plugins/jetpack/_inc/build/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://johnpavlovitz.com/wp-content/plugins/jetpack/_inc/build/postmessage.min.js?ver=10.3
Requested by
Host: johnpavlovitz.com
URL: https://johnpavlovitz.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:513d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
672e29b030b9b17c9cc70beb24af4c41eaf8ce9a0491c655ab9a1c88ab287021

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 29 Nov 2021 02:07:28 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1113727
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Fri, 05 Nov 2021 14:04:21 GMT
server
cloudflare
etag
W/"618539e5-1887"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JIsGhek5eAuGcuie4WrLEA6dXfZ9N4FPsC%2FGm%2FL8cxAlxHWsO7u2CwQOXpJrKJ0Sv0BSqaVlUXFkIrnPvEsaMR7QHI74deXbuPfAREBgAFU5t56RM3bU3un6AubGEVSbhN1650QOvzCwoSQGKSRqCQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
6b5848590863375b-MXP
queuehandler.min.js
johnpavlovitz.com/wp-content/plugins/jetpack/_inc/build/likes/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://johnpavlovitz.com/wp-content/plugins/jetpack/_inc/build/likes/queuehandler.min.js?ver=10.3
Requested by
Host: johnpavlovitz.com
URL: https://johnpavlovitz.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:513d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
37a14da858caee742741d5f558bc6489f9abcefee4aebb9f68db96106e38f2c1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 29 Nov 2021 02:07:28 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 05 Nov 2021 14:04:21 GMT
server
cloudflare
etag
W/"618539e5-180c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BftrXjoAIyV%2Fh9TXlBYkPXhCQkgXUhF6YOWaCE5R2YMSeF%2F6KggiXzqhFurU3r%2FF%2FdMU68L0Vt02xfDLKR6Y6O40JxcOz%2Bixcwvlwz7zyhbZ6DTYxGtVEA4AAZU%2B5DwTOEMNwMExKjNmlYQy1tmkbA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6b5848592879375b-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
e-202148.js
stats.wp.com/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stats.wp.com/e-202148.js
Requested by
Host: johnpavlovitz.com
URL: https://johnpavlovitz.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-nc
HIT hhn
date
Mon, 29 Nov 2021 02:07:28 GMT
content-encoding
br
server
nginx
etag
W/"6197c5cf-3508"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
expires
Mon, 21 Nov 2022 07:46:06 GMT
lazyload.min.js
johnpavlovitz.com/wp-content/plugins/wp-rocket/assets/js/lazyload/17.5/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://johnpavlovitz.com/wp-content/plugins/wp-rocket/assets/js/lazyload/17.5/lazyload.min.js
Requested by
Host: johnpavlovitz.com
URL: https://johnpavlovitz.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:513d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8ceb3992861ed1fda25855c2e500e76842ae0d788405e50e3a9f45df36499cf6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 29 Nov 2021 02:07:28 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 22 Nov 2021 09:30:34 GMT
server
cloudflare
etag
W/"619b633a-2063"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MT4C8dkN7NB4lw4UCOo1M5%2FiX16fPDGdXRqHZghpTYE2YtPFeXxxmA%2BCexXcYLYHop6hABcNbGru4nka9bpl5m1ACQJgDsy4zqF66Bc%2BhnaVSkZbcnytHOKu3xAMwsFNGVZ3SokXnoqHngQOrMXrcA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6b584859287a375b-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
6d15bbad000db3c9b2fbcdd80bdb49ef.js
johnpavlovitz.com/wp-content/cache/min/1/ 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://johnpavlovitz.com/wp-content/cache/min/1/6d15bbad000db3c9b2fbcdd80bdb49ef.js
Requested by
Host: johnpavlovitz.com
URL: https://johnpavlovitz.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:513d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d1dc7109f359c0320af1b2361599487ef8e5f9fccb95273618b77884f2fd902b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 29 Nov 2021 02:07:28 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 08 Nov 2021 09:30:25 GMT
server
cloudflare
etag
W/"6188ee31-9f8e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gDh0WbDUGLjHPNkpLEJQQGh65GEDTs%2B4OQQ0T36iXpvQieTTjpDJljNmt0FjtsUUijy1qXvx5spxtq%2FOrhGb2LZ0sbIt1rbsG19w1MHAwBdabJUgaqdF%2BmGJoY4GMvR8isA4HG0kDAH8U6QsSPR9aA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6b584859287b375b-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
truncated
/ 		69 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c1068ef200c8a6c6277cbd93017ff1258930ce4af82c104bb12abb5043152de1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		70 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fb652eea7e8a6ed2f6a665324928abb32f2b366bd620c2b6e553145d6b3045a5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		69 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1ee2c7157682bfe3593130b726f0710e158d91aaf2528a3461c561855114a7c0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		69 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4a0d9016fc1bf1b86eb04b291ceb57a99b1aeeb2501d2b87b4d7f2ce7d35a07d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4269ead89e227900c7f573a611f34e97645b943af511189e7a7c571dc094a138

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		64 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b6dcc1490a0cc33cdeed8970677b89bbec6fa095675af198b8e923b64563c70a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type
image/svg+xml
Microphone-header-5.jpg
johnpavlovitz.com/wp-content/uploads/2019/08/ 		54 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://johnpavlovitz.com/wp-content/uploads/2019/08/Microphone-header-5.jpg
Requested by
Host: johnpavlovitz.com
URL: https://johnpavlovitz.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:513d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fb107795f806d47e6b650d71731c36f73d8cbd24b212827afc36558eb22819a4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://johnpavlovitz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 29 Nov 2021 02:07:29 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
55177
last-modified
Tue, 20 Aug 2019 19:40:30 GMT
server
cloudflare
etag
"5d5c4cae-d789"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HaSjsCRSVxdyZUdsJEDdAK7sD8u4fS%2FlC%2BqQnXGbKn6EDTQkyFVzHZMBFtditM5G2BRun515Jct7O%2BSUfT9o%2BdQKSPivAIgYstIcKNnb6d7wZEqx58SKkfoWXe4x%2BrAxyEFihL3N7ypqr%2BDHCUrwhA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
6b5848593885375b-MXP
S6u8w4BMUTPHjxsAXC-q.woff2
fonts.gstatic.com/s/lato/v20/ 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v20/S6u8w4BMUTPHjxsAXC-q.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Raleway%3A400%2C300%2C700%7CLato%3A400%2C700%2C400italic%2C700italic&subset=latin%2Clatin-ext&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ccb5febf8ac335a1b768a7a2087fa4362cb3a0a9392e2e451df9d9825e88e5db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://johnpavlovitz.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 24 Nov 2021 09:35:45 GMT
x-content-type-options
nosniff
age
405103
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24440
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:19:02 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 24 Nov 2022 09:35:45 GMT
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v20/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v20/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Raleway%3A400%2C300%2C700%7CLato%3A400%2C700%2C400italic%2C700italic&subset=latin%2Clatin-ext&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://johnpavlovitz.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 21:26:28 GMT
x-content-type-options
nosniff
age
535260
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23484
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:19:01 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Tue, 22 Nov 2022 21:26:28 GMT
1Ptug8zYS_SKggPNyC0ITw.woff2
fonts.gstatic.com/s/raleway/v22/ 		46 KB
46 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/raleway/v22/1Ptug8zYS_SKggPNyC0ITw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Raleway%3A400%2C300%2C700%7CLato%3A400%2C700%2C400italic%2C700italic&subset=latin%2Clatin-ext&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2101735d43a8d486dbc5139500a78420766cc673a3610363ce9525526c3f5149
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://johnpavlovitz.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 23 Nov 2021 17:19:18 GMT
x-content-type-options
nosniff
age
463690
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47312
x-xss-protection
0
last-modified
Tue, 29 Jun 2021 19:40:30 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 23 Nov 2022 17:19:18 GMT
S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v20/ 		22 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v20/S6u9w4BMUTPHh6UVSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Raleway%3A400%2C300%2C700%7CLato%3A400%2C700%2C400italic%2C700italic&subset=latin%2Clatin-ext&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://johnpavlovitz.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 04:27:49 GMT
x-content-type-options
nosniff
age
250779
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22992
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:18:57 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sat, 26 Nov 2022 04:27:49 GMT
truncated
/ 		7 KB
7 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cdf3f88beb166e98d2656e957b247c886d1702027559a290e74a02d58d950c8c

Request headers

Referer
Origin
https://johnpavlovitz.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type
application/font-woff;charset=utf-8
truncated
/ 		66 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f940145d1097c70852b1c9f1d8439ac44967a36c5383b41e6874b0cd8e9a8373

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type
image/svg+xml
master.html
widgets.wp.com/likes/ Frame 0D35 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://widgets.wp.com/likes/master.html?ver=202148
Requested by
Host: johnpavlovitz.com
URL: https://johnpavlovitz.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
2a86ce391c624d39a1366f4668930c41af63b9d681233bfe0d08279c9bb10c4d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Mon, 29 Nov 2021 02:07:28 GMT
content-type
text/html
last-modified
Tue, 23 Nov 2021 21:54:57 GMT
vary
Accept-Encoding
etag
W/"619d6331-ae1"
content-encoding
br
x-ac
2.hhn _dfw
access-control-allow-methods
GET, HEAD
access-control-allow-origin
*
timing-allow-origin
*
x-nc
HIT hhn 2
ats.js
ats.rlcdn.com/ 		185 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ats.rlcdn.com/ats.js
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/4/4/f132ae-8194-442b-b0b9-5817f19b3ccd.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.7.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-7-73.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cceefd476057bb3f36703d027ec405887d25d05311d491b9a203d4c60a2d75fb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id
TIXEr4j9ZaZJgKeoVZ8ehYwv1bF6gSxj
content-encoding
gzip
etag
W/"a8f24de78b4dc3ecbbff83b08aa9e411"
age
70684
x-amz-server-side-encryption
AES256
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:eu-west-1:469675294282:build/ATSLibrary-prod:73702bf1-4472-485c-9bda-886a8f21cacd
x-cache
Hit from cloudfront
x-amz-meta-codebuild-content-md5
6bc77264d69b4716594d8b5229cafdb9
last-modified
Wed, 17 Nov 2021 08:31:53 GMT
server
AmazonS3
date
Sun, 28 Nov 2021 06:30:48 GMT
vary
Accept-Encoding
x-amz-meta-codebuild-content-sha256
67c429bc2e760b9ca91a98648469be411bfcccf8bfb6ea245b28e6585b1861aa
via
1.1 7ed7afde326861e358c3c83359e99895.cloudfront.net (CloudFront)
cache-control
must-revalidate,public,max-age=86400
x-amz-cf-pop
FRA6-C1
content-type
application/x-javascript
x-amz-cf-id
UqE0GDqBcOkSNUCJlnKQGGBn8e82Tf1YA3YWYglgX7XC7uaHj4HK-Q==
config.js
confiant-integrations.global.ssl.fastly.net/OOh3bTrtb2nHyOwGk2LTO5SWo54/gpt_and_prebid/ 		462 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://confiant-integrations.global.ssl.fastly.net/OOh3bTrtb2nHyOwGk2LTO5SWo54/gpt_and_prebid/config.js
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/4/4/f132ae-8194-442b-b0b9-5817f19b3ccd.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7a2968d4b8d4c1b7005751edf0e5a5c2968bdb0432afafde1fb3b7acdd815ea3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Mon, 29 Nov 2021 02:07:28 GMT
Content-Encoding
gzip
Age
1272
X-Cache
HIT
Connection
keep-alive
Content-Length
75402
x-amz-id-2
e8Ev2GOIHIHOXJpta9LKOls6Dq9Bdi6Kh8cwJTLnckzgQn8fPEzvXeXc4cFwQtQqF1+Fc8T0rKA=
X-Served-By
cache-hhn4042-HHN
Last-Modified
Mon, 29 Nov 2021 00:55:11 GMT
Server
AmazonS3
X-Timer
S1638151648.305354,VS0,VE0
ETag
"ea7a3f56df38f9041ca1dd70ac118eff"
x-amz-request-id
B5XCKPZM23F5DT1K
Via
1.1 varnish
Cache-Control
public, max-age=900, stale-while-revalidate=3600
Accept-Ranges
bytes
Content-Type
text/javascript
X-Cache-Hits
15
tag.min.js
get.s-onetag.com/e599ac32-ea3f-46fa-a00b-60b8e4861a70/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://get.s-onetag.com/e599ac32-ea3f-46fa-a00b-60b8e4861a70/tag.min.js
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/4/4/f132ae-8194-442b-b0b9-5817f19b3ccd.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.71.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-71-120.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0c08815f5e74c5477b25c5303f3b512b5c04ccf403e41e319c29cb5243fce5f8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id
HGYL.siFb.HLK8NXg9tyIeM1N2pdl_47
content-encoding
gzip
last-modified
Thu, 23 Sep 2021 19:32:23 GMT
server
AmazonS3
age
75184
etag
W/"4c3e8f251a140b2e06634712ba322640"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
via
1.1 b8fb5d47d5536b63dd25111404e6e2e4.cloudfront.net (CloudFront)
cache-control
max-age=86400
date
Sun, 28 Nov 2021 15:09:30 GMT
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
IVd-NHtYryjAZcaRg6z_SfbkrpPA_2HQJryk5BsMPjcZFLYAYinpyw==
geo.json
ipwatch.monu.delivery/ 		216 B
550 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ipwatch.monu.delivery/geo.json
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/4/4/f132ae-8194-442b-b0b9-5817f19b3ccd.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a01:7e01:1::ac69:92e7 Frankfurt am Main, Germany, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software
nginx /
Resource Hash
15398d9b9c6666d022c54cb40fa642de186febdeac77da72940e666dcb4974cd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 29 Nov 2021 02:07:28 GMT
server
nginx
content-type
application/json, application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=3600, public, no-transform
connection
close
content-length
216
expires
Mon, 29 Nov 2021 03:07:28 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-75688011-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
3981
date
Mon, 29 Nov 2021 01:01:07 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Mon, 29 Nov 2021 03:01:07 GMT
rlt-proxy.js
s0.wp.com/wp-content/js/ Frame 0D35 		5 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.wp.com/wp-content/js/rlt-proxy.js?m=20211122
Requested by
Host: widgets.wp.com
URL: https://widgets.wp.com/likes/master.html?ver=202148
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
a1dbbafdc3544cc1a9eafad30123a7da4f4dc92a9c282efea53821cb648a4aa3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://widgets.wp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Mon, 29 Nov 2021 02:07:28 GMT
content-encoding
br
server
nginx
etag
W/"619d635a-1c9d"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
x-ac
2.hhn _dfw
timing-allow-origin
*
expires
Wed, 23 Nov 2022 21:55:43 GMT
/
s0.wp.com/_static/ Frame 0D35 		78 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.wp.com/_static/??/wp-content/js/postmessage.js,/wp-content/js/tannin/compat.min.js,/wp-content/js/wpcom-proxy-request.js,/wp-content/js/likes-rest-nojquery.js?m=20210831
Requested by
Host: widgets.wp.com
URL: https://widgets.wp.com/likes/master.html?ver=202148
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
c9cf15822a4e3c5a29b3c50ea49c62ffb668293c8f4ceb7410ac3d5a36e108c8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://widgets.wp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Mon, 29 Nov 2021 02:07:28 GMT
content-encoding
br
last-modified
Thu, 11 Nov 2021 11:13:46 GMT
server
nginx
etag
W/"618cfaea-138e0"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
x-ac
2.hhn _dfw
timing-allow-origin
*
expires
Fri, 11 Nov 2022 11:16:16 GMT
/
onetag-geo.s-onetag.com/ 		555 B
967 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onetag-geo.s-onetag.com/
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/e599ac32-ea3f-46fa-a00b-60b8e4861a70/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.7.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-7-76.fra6.r.cloudfront.net
Software
/
Resource Hash
f51938710e179807bbf1be9a1e9d7e3441fa74e7dfe9f46841914fb12ca7de3c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sun, 28 Nov 2021 10:31:14 GMT
via
1.1 307a3e1075dd3d0976c64513a6ec3d74.cloudfront.net (CloudFront), 1.1 1b412557b82dda96e078541f9ee8dfb2.cloudfront.net (CloudFront)
age
56174
x-amzn-requestid
ed7de19f-bb78-47dc-9a88-bc57d506975e
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-cf-pop
FRA56-C2, FRA6-C1
x-amz-apigw-id
JgsR_HdyiYcFqrA=
content-length
555
x-amz-cf-id
RLl9hgjm1HoLhOwlf8ck6XsicZIcwQIe7KlhguMU1Her2GEnZiyjsw==
beacon.min.js
signal-beacon.s-onetag.com/ 		29 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://signal-beacon.s-onetag.com/beacon.min.js
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/e599ac32-ea3f-46fa-a00b-60b8e4861a70/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.207.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-207-16.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
958d46af4272fd75603fbcd0680896efbe73e2609987de68b0665500e607a6d5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id
FFoz53cfgEbfQogHib76iTyL1K5X37BJ
content-encoding
gzip
etag
W/"ea838863b2b3bf40d1353c99808a5464"
last-modified
Tue, 09 Nov 2021 13:26:48 GMT
server
AmazonS3
age
84205
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 e8b17f734954ee4d46d26cf302323482.cloudfront.net (CloudFront)
cache-control
max-age=86400
date
Sun, 28 Nov 2021 02:44:04 GMT
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
FubaY8WgVccQ7Ay4WmXnIy87fMq1wZP1eybHXtMZq0rLXDGOATd2Qw==
wrap.js
confiant-integrations.global.ssl.fastly.net/gptprebidnative/202111171629/ 		189 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202111171629/wrap.js
Requested by
Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/OOh3bTrtb2nHyOwGk2LTO5SWo54/gpt_and_prebid/config.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2c125e6a12e3dd1d1d1aec93292e90fb3c28f36646a954402702b1d9c25175b1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Mon, 29 Nov 2021 02:07:28 GMT
Content-Encoding
gzip
Age
625
X-Cache
HIT
Connection
keep-alive
Content-Length
61293
x-amz-id-2
+rWc6eufU5jOidbpbNf5nmNWOido4rIxQv3uw12a/d3yxJRo1iZ3OEwmGrZLUFynrCrg65zOrg4=
X-Served-By
cache-hhn4042-HHN
Last-Modified
Wed, 17 Nov 2021 21:29:49 GMT
Server
AmazonS3
X-Timer
S1638151648.355920,VS0,VE0
ETag
"cb7589d017ac65aecf6dc6f5ec17c4b7"
x-amz-request-id
06PEXESX9KBETWN5
Via
1.1 varnish
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Content-Type
application/javascript; charset=utf-8
X-Cache-Hits
183
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1777990144&t=pageview&_s=1&dl=https%3A%2F%2Fjohnpavlovitz.com%2F&ul=en-us&de=UTF-8&dt=john%20pavlovitz%20-%20Stuff%20That%20Needs%20To%20Be%20Said&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=1327504205&gjid=997304123&cid=1637388443.1638151648&tid=UA-75688011-1&_gid=134808236.1638151648&_r=1&gtm=2ouba1&z=900972207
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 29 Nov 2021 02:07:28 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://johnpavlovitz.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
xdomain_cookie.min.js
monu.delivery/assets/scripts/vendors/xdomain/1.0.8a/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://monu.delivery/assets/scripts/vendors/xdomain/1.0.8a/xdomain_cookie.min.js
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/4/4/f132ae-8194-442b-b0b9-5817f19b3ccd.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:333a:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
nginx /
Resource Hash
7b0fb27181aa8c2244ab51f28e8b544248585a334184445b1da9b04f89a794ac

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 29 Nov 2021 02:07:28 GMT
content-encoding
gzip
age
0
x-guploader-uploadid
ADPycdvEOjogAj7Sa-ghjsfZkgj-y7kePbbdeHWK3iaba4IwiNLdyYlpVEr6jqx2DWTX5RhUlhRq9ZnCjaIw3BvgIdDNQB66ww
x-cache
HIT
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
clear
last-modified
Tue, 25 Aug 2020 07:36:03 GMT
server
nginx
vary
Accept-Encoding
x-goog-hash
crc32c=PYpHKQ==, md5=thaqbm5dIRiPqROaEv/m/g==
x-goog-generation
1598340963244234
via
1.1 google
cache-control
max-age=31104000, public
x-goog-stored-content-length
4733
content-type
application/javascript
expires
Thu, 24 Nov 2022 02:07:28 GMT
services.js
js.gumgum.com/ 		100 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.gumgum.com/services.js
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/4/4/f132ae-8194-442b-b0b9-5817f19b3ccd.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.22.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-22-118.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d8ab7ae9e9ccf94258b9243409edf9356ec6a80a3a44cf664a24e8517861af91

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id
dTY2chcC8G6pltgaw6OzWwtYnmtZEIpe
content-encoding
gzip
etag
W/"d2d6a8fccebd3f1a5411b38cdbcb870e"
age
12266
x-cache
Hit from cloudfront
x-amz-meta-timing-allow-origin
*
x-amz-meta-access-control-allow-origin
*
last-modified
Thu, 25 Nov 2021 01:31:55 GMT
server
AmazonS3
date
Sun, 28 Nov 2021 22:49:00 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 27f780feafa4114cfc67d86fca85d124.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA56-C2
x-amz-cf-id
WyUu7SayCV2BELGdykngt3mbckRUkD29qY3O3-AlEXoZ6NJF5TUIDg==
apstag.js
c.amazon-adsystem.com/aax2/ 		134 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/4/4/f132ae-8194-442b-b0b9-5817f19b3ccd.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.21.201 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-21-201.fra56.r.cloudfront.net
Software
Server /
Resource Hash
de80309d98405d566c6fb1912811b24c8ad3a8380f6819d26a6c1eac5cd99185

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id
KuXuY5mbG6yln5YsEdf9JaPJtFF6aIqm
content-encoding
gzip
etag
1e39d25f07f5619925357b752ab10d04
age
841
x-cache
Hit from cloudfront
server
Server
x-amz-rid
1F4ZMV7G9TZ26H4DNN8H
date
Mon, 29 Nov 2021 01:54:20 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 aff6ac5c98fa897349204752e5877c81.cloudfront.net (CloudFront)
cache-control
public, max-age=900
x-amz-cf-pop
FRA56-C2
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
-7VYInWtssV8fBsxxsJklHAb_3Cuh0wdDl0F2YfXVSl2bjERdQupzQ==
182762-63174106385307.js
js-sec.indexww.com/ht/p/ 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/ht/p/182762-63174106385307.js
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/4/4/f132ae-8194-442b-b0b9-5817f19b3ccd.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.51.9.98 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-9-98.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
802a3b18272fce86b7ae5e349963873801db2a682c542ba2a78b673f295ff5e2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Mon, 29 Nov 2021 02:07:28 GMT
Content-Encoding
gzip
Last-Modified
Mon, 29 Nov 2021 01:20:14 GMT
Server
Apache
ETag
"904cd6-930a-5d1e33e30fa2c"
Vary
Accept-Encoding
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=938
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
text/javascript
Content-Length
12788
Expires
Mon, 29 Nov 2021 02:23:06 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		77 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/4/4/f132ae-8194-442b-b0b9-5817f19b3ccd.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
sffe /
Resource Hash
c3ab98a11303695462aaa63309ffa207915c6ec8c6f514c6193cfa57c6796d8d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 29 Nov 2021 02:07:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1058 / 375 of 1000 / last-modified: 1637708722"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26861
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 29 Nov 2021 02:07:28 GMT
/
public-api.wordpress.com/wp-admin/rest-proxy/ Frame 54E1 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://public-api.wordpress.com/wp-admin/rest-proxy/
Requested by
Host: s0.wp.com
URL: https://s0.wp.com/_static/??/wp-content/js/postmessage.js,/wp-content/js/tannin/compat.min.js,/wp-content/js/wpcom-proxy-request.js,/wp-content/js/likes-rest-nojquery.js?m=20210831
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.78.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
2728ac44fbacbde844ff94f3d9c2dbe631ace143e724eb148eab6c4479962105
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://widgets.wp.com/

Response headers

server
nginx
date
Mon, 29 Nov 2021 02:07:28 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-encoding
br
x-ac
1.hhn _dfw
strict-transport-security
max-age=15552000
config
c.amazon-adsystem.com/cdn/prod/ 		57 B
416 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fjohnpavlovitz.com&pubid=76b6d1d8-9f58-4ac7-a92e-f3232afccc8a
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.21.201 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-21-201.fra56.r.cloudfront.net
Software
Server /
Resource Hash
8ea9df9aa296a2eac3fe1a8b6972fecea49c7295f723cf9c93356ff9301a09ec

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sun, 28 Nov 2021 22:37:26 GMT
via
1.1 aff6ac5c98fa897349204752e5877c81.cloudfront.net (CloudFront)
server
Server
age
12602
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://johnpavlovitz.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-pop
FRA56-C2
content-length
57
x-amz-cf-id
BhMSbVHl0bzYciFrL4w-iIjHrXlxJrbPiExyuSap2dD9PaldjWTsVQ==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.21.201 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-21-201.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id
gYbY2ORQY5Qmsyt0ob0SiGH6tjIhuo4B
content-encoding
gzip
etag
W/"a4d296427fc806b21335359e398c025c"
age
71098
x-cache
Hit from cloudfront
access-control-max-age
3000
access-control-allow-origin
*
last-modified
Tue, 09 Nov 2021 22:55:20 GMT
server
AmazonS3
date
Sun, 28 Nov 2021 06:22:31 GMT
vary
Origin
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 34435958fa6d40b77fd22fa1c1f56176.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
FRA56-C2
x-amz-cf-id
J1PLKaCGnx-dN27ifaiXvrqUwPVu0L9JT7_MXIArEX4VfcvWhlVcFQ==
pubads_impl_2021111601.js
securepubads.g.doubleclick.net/gpt/ 		344 KB
116 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
sffe /
Resource Hash
3eee78aaf4f9dc8d0d36d3dddbaad9094ace5d91611f9aee6fe0b44b0ed46ccc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 29 Nov 2021 02:07:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
118471
x-xss-protection
0
last-modified
Tue, 16 Nov 2021 09:34:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 29 Nov 2021 02:07:28 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		125 B
127 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=johnpavlovitz.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
73f7ee91a53b8e58c645d9eab7a7bf10250192050d416d11cc6b52d6a3b7bfc3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 29 Nov 2021 02:07:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
102
x-xss-protection
0
expires
Mon, 29 Nov 2021 02:07:28 GMT
rid
match.adsrvr.org/track/ 		109 B
546 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=casale&fmt=json&p=182762
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/182762-63174106385307.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
6460950d57e4ea0327a3b77d7f823366575051ce5551819147276fe94653db68

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Mon, 29 Nov 2021 02:07:28 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://johnpavlovitz.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
109
expires
Wed, 29 Dec 2021 02:07:28 GMT
identity
api.rlcdn.com/api/ 		44 B
330 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.rlcdn.com/api/identity?pid=2&rt=envelope
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/182762-63174106385307.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.133.55 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
55.133.120.34.bc.googleusercontent.com
Software
/
Resource Hash
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Mon, 29 Nov 2021 02:07:28 GMT
via
1.1 google
x-content-type-options
nosniff
access-control-allow-headers
Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
access-control-allow-methods
GET, OPTIONS
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://johnpavlovitz.com
access-control-allow-credentials
true
alt-svc
clear
content-length
44
xdomain_cookie.html
monu.delivery/assets/scripts/vendors/xdomain/1.0.8a/ Frame 2EF6 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://monu.delivery/assets/scripts/vendors/xdomain/1.0.8a/xdomain_cookie.html
Requested by
Host: monu.delivery
URL: https://monu.delivery/assets/scripts/vendors/xdomain/1.0.8a/xdomain_cookie.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:333a:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
nginx /
Resource Hash
2164ccda35ef9f1994988c3854e7941905fffa2b6edf0a2f32826ada9b4c3ed0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Mon, 29 Nov 2021 02:07:28 GMT
content-type
text/html
vary
Accept-Encoding
x-guploader-uploadid
ADPycdv3nsXXXZ6QwzqfD7PS_Q8E6P3Jz0ggUeZBNkQ2zpJ4Juv9BdQLZKAui8CibNNsZAFejY8ZP7YIGWnr2eX7Ku7Yb3h74Q
expires
Thu, 24 Nov 2022 02:07:28 GMT
last-modified
Tue, 25 Aug 2020 07:36:09 GMT
x-goog-generation
1598340969597109
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
3440
x-goog-hash
crc32c=84qDrg== md5=UK93eCDb5GkYdLDTqpa2gw==
x-goog-storage-class
STANDARD
age
1416
cache-control
max-age=31104000 public
x-cache
HIT
content-encoding
gzip
via
1.1 google
alt-svc
clear
rlt-proxy.js
s0.wp.com/wp-content/js/ Frame 54E1 		5 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.wp.com/wp-content/js/rlt-proxy.js?m=20211122
Requested by
Host: public-api.wordpress.com
URL: https://public-api.wordpress.com/wp-admin/rest-proxy/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
a1dbbafdc3544cc1a9eafad30123a7da4f4dc92a9c282efea53821cb648a4aa3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://public-api.wordpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Mon, 29 Nov 2021 02:07:28 GMT
content-encoding
br
server
nginx
etag
W/"619d635a-1c9d"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
x-ac
2.hhn _dfw
timing-allow-origin
*
expires
Wed, 23 Nov 2022 21:55:43 GMT
mmt.gif
imps.monu.delivery/ 		37 B
492 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imps.monu.delivery/mmt.gif?s=7d71fbe8-b170-446e-b067-9590ccabaec3&a=p.l&u=44f132ae-8194-442b-b0b9-5817f19b3ccd
Requested by
Host: johnpavlovitz.com
URL: https://johnpavlovitz.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
140.236.186.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 29 Nov 2021 01:58:55 GMT
age
513
x-guploader-uploadid
ADPycds0IRCv6OAMDR9ntUvet23-PTh4F3TC8hShsJ3ZfLa-OGHqmiNS-vjZDUEXaMMRIVODOXH5fHlIMz-ht3MuKdk
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
clear
content-length
37
last-modified
Wed, 12 Jul 2017 09:13:19 GMT
server
UploadServer
etag
"455005e2f4b8ecc484500fab08619f70"
x-goog-hash
crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
x-goog-generation
1499850799559224
cache-control
public, max-age=3600
x-goog-stored-content-length
37
accept-ranges
bytes
content-type
image/gif
expires
Mon, 29 Nov 2021 02:58:55 GMT
/
geo.privacymanager.io/ 		30 B
594 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://geo.privacymanager.io/
Requested by
Host: ats.rlcdn.com
URL: https://ats.rlcdn.com/ats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.207.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-207-44.fra53.r.cloudfront.net
Software
/
Resource Hash
55033882e1bc61cac58471a0ce5372606abd57a9663921dbd6f9a4a926c601b0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sun, 28 Nov 2021 07:28:13 GMT
via
1.1 77ba839b79ec0a8b2031c8a828e7fdfa.cloudfront.net (CloudFront), 1.1 997f66fda0069dac50a85c7a4fa51b7e.cloudfront.net (CloudFront)
age
67155
x-amzn-requestid
c5231edf-2c53-44b2-ae9f-6424ce971fa3
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type
application/json
access-control-allow-origin
*
x-amzn-trace-id
Root=1-61a32f8d-59c6c52c609bd0bc09435664;Sampled=0
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA56-P3, FRA53-C1
x-amz-apigw-id
JgReFG82DoEFS8g=
content-length
30
x-amz-cf-id
VpT0sSt8bKK6oKaFyGVQSQ1lmIZYqztqJUVMdJ2FDO-CWsAfDhi0JQ==
access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
headerstats
as-sec.casalemedia.com/ 		0
431 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://as-sec.casalemedia.com/headerstats?s=504384&u=https%3A%2F%2Fjohnpavlovitz.com%2F&v=3
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/182762-63174106385307.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.51.9.98 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-9-98.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma
no-cache
Date
Mon, 29 Nov 2021 02:07:28 GMT
X-AK-INITIAL-GEO
CC:[DE], RC:[HE], CN:[EU], CIP:[194.36.108.18], XFF:[]
Server
Apache
Access-Control-Allow-Origin
https://johnpavlovitz.com
X-CS-CLIENT-GEO
12
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
X-AK-CLIENT-GEO
12
Expires
Mon, 29 Nov 2021 02:07:28 GMT
g.gif
pixel.wp.com/ 		50 B
93 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.wp.com/g.gif?v=ext&j=1%3A10.3&blog=108239745&post=0&tz=-5&srv=johnpavlovitz.com&host=johnpavlovitz.com&ref=&fcp=2260&rand=0.6781706050030829
Requested by
Host: johnpavlovitz.com
URL: https://johnpavlovitz.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 29 Nov 2021 02:07:28 GMT
cache-control
no-cache
server
nginx
content-length
50
content-type
image/gif
hb
ssc.33across.com/api/v1/ 		63 B
297 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=dcEu7yseur6PS9aKlId8sQ
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/4/4/f132ae-8194-442b-b0b9-5817f19b3ccd.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
93fe26d4f9b8e0467f39811046c1965d2cd23543026879f220460cb310cedc66

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 29 Nov 2021 02:07:29 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://johnpavlovitz.com
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
imp
g2.gumgum.com/hbid/ 		537 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?si=97540&pi=3&bf=300x250%2C300x600%2C160x600&schain=1.0%2C1!monumetric.com%2C44f132ae-8194-442b-b0b9-5817f19b3ccd%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fjohnpavlovitz.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%224.43.0%22%7D&ogu=https%3A%2F%2Fjohnpavlovitz.com%2F&ns=10240
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/4/4/f132ae-8194-442b-b0b9-5817f19b3ccd.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.208.210.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-210-171.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
3fd921949c0c39a7dd854ffd62605b65c2faace85a19e4962a660ecf5761d0dc

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 29 Nov 2021 02:07:29 GMT
content-encoding
gzip
server
nginx
timing-allow-origin
*
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://johnpavlovitz.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-type
application/json;charset=UTF-8
expires
0
imp
g2.gumgum.com/hbid/ 		537 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?si=97542&pi=3&bf=300x250%2C300x600%2C160x600&schain=1.0%2C1!monumetric.com%2C44f132ae-8194-442b-b0b9-5817f19b3ccd%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fjohnpavlovitz.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%224.43.0%22%7D&ogu=https%3A%2F%2Fjohnpavlovitz.com%2F&ns=10240
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/4/4/f132ae-8194-442b-b0b9-5817f19b3ccd.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.208.210.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-210-171.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
c08a14af9ed6e5d9f28e584c5448e7baf3bf54cba652654ca36f836794f60442

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 29 Nov 2021 02:07:29 GMT
content-encoding
gzip
server
nginx
timing-allow-origin
*
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://johnpavlovitz.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-type
application/json;charset=UTF-8
expires
0
imp
g2.gumgum.com/hbid/ 		537 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?si=97543&pi=3&bf=300x250%2C300x600%2C160x600&schain=1.0%2C1!monumetric.com%2C44f132ae-8194-442b-b0b9-5817f19b3ccd%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fjohnpavlovitz.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%224.43.0%22%7D&ogu=https%3A%2F%2Fjohnpavlovitz.com%2F&ns=10240
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/4/4/f132ae-8194-442b-b0b9-5817f19b3ccd.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.208.210.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-210-171.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
3f441ba8a911f2f49d06d96c6e59bfe963bd1db72073faf36d63000c7d45fc2d

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 29 Nov 2021 02:07:29 GMT
content-encoding
gzip
server
nginx
timing-allow-origin
*
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://johnpavlovitz.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-type
application/json;charset=UTF-8
expires
0
translator
hbopenbid.pubmatic.com/ 		0
118 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/4/4/f132ae-8194-442b-b0b9-5817f19b3ccd.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://johnpavlovitz.com
date
Mon, 29 Nov 2021 02:07:27 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid
lockerdome.com/ladbid/ 		11 B
337 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lockerdome.com/ladbid/prebid
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/4/4/f132ae-8194-442b-b0b9-5817f19b3ccd.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.154.142.214 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
214.142.154.104.bc.googleusercontent.com
Software
/
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://johnpavlovitz.com
Date
Mon, 29 Nov 2021 02:07:29 GMT
Cache-Control
no-cache, max-age=0, must-revalidate, no-store
Access-Control-Allow-Credentials
true
Content-Encoding
gzip
Content-Length
31
Content-Type
application/json; charset=utf-8
prebid
prebid.media.net/rtb/ 		1 KB
677 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUWWG7OK
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/4/4/f132ae-8194-442b-b0b9-5817f19b3ccd.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
e426925cdbcddb1efc63f0f35f5c14c17b9a5e1c9917557d21f4886f6a7b3c9d

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 29 Nov 2021 02:07:29 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://johnpavlovitz.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
prebid
ads.yieldmo.com/exchange/ 		0
227 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/exchange/prebid?pbav=4.43.0&p=%5B%7B%22placement_id%22%3A%22mmt-7765d109-f172-4772-8b86-be805a57cce8%22%2C%22callback_id%22%3A%2220b3aa40ab281e8%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%2C%5B300%2C600%5D%2C%5B160%2C600%5D%5D%2C%22ym_placement_id%22%3A%222540682013120077878%22%7D%5D&page_url=https%3A%2F%2Fjohnpavlovitz.com%2F&bust=1638151649003&pr=&scrd=1&dnt=false&description=Stuff%20That%20Needs%20To%20Be%20Said&title=john%20pavlovitz%20-%20Stuff%20That%20Needs%20To%20Be%20Said&w=1600&h=1200&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%7D&us_privacy=&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22monumetric.com%22%2C%22sid%22%3A%2244f132ae-8194-442b-b0b9-5817f19b3ccd%22%2C%22hp%22%3A1%7D%5D%7D
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/4/4/f132ae-8194-442b-b0b9-5817f19b3ccd.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.49.74.33 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-49-74-33.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://johnpavlovitz.com
pragma
no-cache
date
Mon, 29 Nov 2021 02:07:29 GMT
access-control-allow-credentials
true
x-robots-tag
none,NOINDEX,NOFOLLOW
access-control-allow-methods
POST, GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
v1
dmx.districtm.io/b/ 		0
35 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/b/v1
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/4/4/f132ae-8194-442b-b0b9-5817f19b3ccd.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 29 Nov 2021 02:07:29 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD, POST, OPTIONS
access-control-allow-origin
https://johnpavlovitz.com
access-control-allow-credentials
true
cf-ray
6b58485e9f1f3bc2-CDG
access-control-allow-headers
Content-Type, Origin
prebid
ib.adnxs.com/ut/v3/ 		19 B
699 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/4/4/f132ae-8194-442b-b0b9-5817f19b3ccd.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.52 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
725.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 29 Nov 2021 02:07:29 GMT
X-Proxy-Origin
194.36.108.18; 194.36.108.18; 725.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
529f6378-9279-4010-9102-d60c9616a9a2
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://johnpavlovitz.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bid
ap.lijit.com/rtb/ 		94 B
748 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_4.43.0
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/4/4/f132ae-8194-442b-b0b9-5817f19b3ccd.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
78f6d317351baa8b4ece01679b512ca49f6983bd04909bfc9489d71c6a542e87

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 29 Nov 2021 02:07:29 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://johnpavlovitz.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
99
c
prebid.a-mo.net/a/ 		12 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/4/4/f132ae-8194-442b-b0b9-5817f19b3ccd.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.61.140 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
d47e68332db547f49ca7ef953529c89fa50e96174518054a393830082b1b3345

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 29 Nov 2021 02:07:28 GMT
content-encoding
gzip
server
envoy
vary
origin, accept-encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://johnpavlovitz.com
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
231
content-length
6608
prebid_display
display.bfmio.com/ 		138 B
567 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://display.bfmio.com/prebid_display
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/4/4/f132ae-8194-442b-b0b9-5817f19b3ccd.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
174.129.26.26 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-174-129-26-26.compute-1.amazonaws.com
Software
/
Resource Hash
a83a0c0cfc5d8e3e07678fae11869a2094c43ecc8d43fd5d8400f96fc957975a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Vary
Accept-Encoding, User-Agent
Content-Type
text/plain;charset=iso-8859-1
Access-Control-Allow-Origin
https://johnpavlovitz.com
Access-Control-Expose-Headers
location
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
148
/
hb.emxdgt.com/ 		0
161 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.emxdgt.com/?t=1300&ts=1638151649010&src=pbjs
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/4/4/f132ae-8194-442b-b0b9-5817f19b3ccd.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.230.193 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-156-230-193.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://johnpavlovitz.com
date
Mon, 29 Nov 2021 02:07:29 GMT
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
security, Content-Type
trinity.json
apex.go.sonobi.com/ 		137 B
776 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%2236f20f741566786%22%3A%22177369c437c672237248%7C300x250%2C300x600%2C160x600%7Cgpid%3D%2F20842576%2C22537430947%2FCMN01M%2FCMN01M-DDS.A%22%2C%22377bd72776bd5ef%22%3A%22dcc4cd9596e80d497120%7C300x250%2C300x600%2C160x600%7Cgpid%3D%2F20842576%2C22537430947%2FCMN01M%2FCMN01M-DDS.A%22%2C%2238b45b847b0727d%22%3A%22d23fc2fbe929165f22f9%7C300x250%2C300x600%2C160x600%7Cgpid%3D%2F20842576%2C22537430947%2FCMN01M%2FCMN01M-DDS.A%22%7D&ref=https%3A%2F%2Fjohnpavlovitz.com%2F&s=f62f82d9-12e2-41fa-8391-32a6853649ec&pv=8529c827-e4ac-48c5-bac8-489493d298cf&vp=desktop&lib_name=prebid&lib_v=4.43.0&us=5&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22monumetric.com%22%2C%22sid%22%3A%2244f132ae-8194-442b-b0b9-5817f19b3ccd%22%2C%22hp%22%3A1%7D%5D%7D&coppa=0
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/4/4/f132ae-8194-442b-b0b9-5817f19b3ccd.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.150 Rotterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-apex.go.sonobi.com
Software
sonobi-go /
Resource Hash
f58e9df92cbcef756019cadb6fbe89de4e1b0af3c84792d975b00d1372d1dd51
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 29 Nov 2021 02:07:29 GMT
Content-Encoding
gzip
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
apex-ams-1-6-10
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
https://johnpavlovitz.com
Cache-Control
no-cache, no-store, private
Access-Control-Allow-Credentials
true
Tcn
Choice
Content-Type
application/json
Content-Length
162
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
arj
bloggernetwork-d.openx.net/w/1.0/ 		73 B
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bloggernetwork-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fjohnpavlovitz.com%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=5398d981-0ddf-4717-9611-0ade7baee368&nocache=1638151649013&schain=1.0%2C1!monumetric.com%2C44f132ae-8194-442b-b0b9-5817f19b3ccd%2C1%2C%2C%2C&aus=300x250%2C300x600%2C160x600&divids=mmt-7765d109-f172-4772-8b86-be805a57cce8&aucs=&auid=539370755
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/4/4/f132ae-8194-442b-b0b9-5817f19b3ccd.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.221.0 /
Resource Hash
a9a91c544e33d4ac8f55a7e8ce951445f383c7f1e7fcf19a3a3976b9128b0c5f

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 29 Nov 2021 02:07:29 GMT
content-encoding
gzip
server
OXGW/16.221.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://johnpavlovitz.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
cygnus
htlb.casalemedia.com/ 		4 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=201337&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2241498cf5e9480c2%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fjohnpavlovitz.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%224.43.0%22%2C%22userIds%22%3A%5B%5D%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22monumetric.com%22%2C%22sid%22%3A%2244f132ae-8194-442b-b0b9-5817f19b3ccd%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22adserver.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22450ba572-3972-453b-bf9f-3a7ceefaac83%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID%22%7D%7D%2C%7B%22id%22%3A%22FALSE%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID_LOOKUP%22%7D%7D%2C%7B%22id%22%3A%222021-11-29T02%3A07%3A28%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID_CREATED_AT%22%7D%7D%5D%7D%5D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22422ba8696de11c5%22%2C%22ext%22%3A%7B%22siteID%22%3A%22201337%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2243a7664f8a85c42%22%2C%22ext%22%3A%7B%22siteID%22%3A%22242368%22%2C%22sid%22%3A%22300x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22440e64ef05551f5%22%2C%22ext%22%3A%7B%22siteID%22%3A%22242369%22%2C%22sid%22%3A%22160x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A160%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/4/4/f132ae-8194-442b-b0b9-5817f19b3ccd.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.96.135.185 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-96-135-185.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
479266614d36e22a8e90a7f6475a384d10c54156add6e4e96eb70c138ff4009d

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 29 Nov 2021 02:07:29 GMT
x-ak-initial-geo
CC:[DE], RC:[HE], CN:[EU], CIP:[194.36.108.18], XFF:[]
server
Apache
content-type
application/json
access-control-allow-origin
https://johnpavlovitz.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
4557
x-ak-client-geo
12
expires
Mon, 29 Nov 2021 02:07:29 GMT
bid
c.amazon-adsystem.com/e/dtb/ 		23 B
495 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fjohnpavlovitz.com%2F&pid=w0PIfPPjmMFk2&cb=0&ws=1600x1200&v=7.71.1&t=1300&slots=%5B%7B%22sd%22%3A%22mmt-7765d109-f172-4772-8b86-be805a57cce8%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%2C%22160x600%22%5D%2C%22sn%22%3A%22%2F20842576%2C22537430947%2FCMN01M%2FCMN01M-DDS.A%22%7D%5D&schain=1.0%2C1!monumetric.com%2C44f132ae-8194-442b-b0b9-5817f19b3ccd%2C1%2C%2C%2C&pubid=76b6d1d8-9f58-4ac7-a92e-f3232afccc8a&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.21.201 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-21-201.fra56.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 29 Nov 2021 02:07:29 GMT
via
1.1 aff6ac5c98fa897349204752e5877c81.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-C2
x-amz-rid
AGGMY0KCW0Y8YSV6DS1D
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://johnpavlovitz.com
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
23
x-amz-cf-id
_PDm_GAq_-ujaLTdEqVGOUTmMgKuBvYZkrUdyj7FJAjL--bXfYehWA==
bid
c.amazon-adsystem.com/e/dtb/ 		23 B
493 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fjohnpavlovitz.com%2F&pid=w0PIfPPjmMFk2&cb=1&ws=1600x1200&v=7.71.1&t=1300&slots=%5B%7B%22sd%22%3A%22mmt-1b1afb9c-b54e-4ab8-800f-2b614f883142%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%2C%22160x600%22%5D%2C%22sn%22%3A%22%2F20842576%2C22537430947%2FCMN01M%2FCMN01M-DDS.B%22%7D%5D&schain=1.0%2C1!monumetric.com%2C44f132ae-8194-442b-b0b9-5817f19b3ccd%2C1%2C%2C%2C&pubid=76b6d1d8-9f58-4ac7-a92e-f3232afccc8a&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.21.201 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-21-201.fra56.r.cloudfront.net
Software
Server /
Resource Hash
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 29 Nov 2021 02:07:29 GMT
via
1.1 aff6ac5c98fa897349204752e5877c81.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-C2
x-amz-rid
0G0908ZWGY7FCZYKTPQG
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://johnpavlovitz.com
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
23
x-amz-cf-id
wLGH2-8beYQ02m-h3uOkVrmjcf2CZPiWjmPY08p_0bA2WAopVbjZ4A==
bid
c.amazon-adsystem.com/e/dtb/ 		23 B
493 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fjohnpavlovitz.com%2F&pid=w0PIfPPjmMFk2&cb=2&ws=1600x1200&v=7.71.1&t=1300&slots=%5B%7B%22sd%22%3A%22mmt-d421cfc0-cb38-47db-bb63-20714a5c8bd5%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%2C%22160x600%22%5D%2C%22sn%22%3A%22%2F20842576%2C22537430947%2FCMN01M%2FCMN01M-DDT.C%22%7D%5D&schain=1.0%2C1!monumetric.com%2C44f132ae-8194-442b-b0b9-5817f19b3ccd%2C1%2C%2C%2C&pubid=76b6d1d8-9f58-4ac7-a92e-f3232afccc8a&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.21.201 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-21-201.fra56.r.cloudfront.net
Software
Server /
Resource Hash
5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 29 Nov 2021 02:07:29 GMT
via
1.1 aff6ac5c98fa897349204752e5877c81.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-C2
x-amz-rid
RJVBQQQX1GTVE33KW50H
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://johnpavlovitz.com
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
23
x-amz-cf-id
e1LcnCJjSYO7_J5lw4TwZ3OclFdpi9tg4OtKW1_H6O-u-tOyh14PmQ==
c
prebid.a-mo.net/a/ 		0
235 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/4/4/f132ae-8194-442b-b0b9-5817f19b3ccd.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.61.140 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://johnpavlovitz.com
date
Mon, 29 Nov 2021 02:07:29 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
server
envoy
x-envoy-upstream-service-time
320
vary
origin, Accept-Encoding
/
hb.emxdgt.com/ 		0
160 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.emxdgt.com/?t=1300&ts=1638151649037&src=pbjs
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/4/4/f132ae-8194-442b-b0b9-5817f19b3ccd.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.230.193 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-156-230-193.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://johnpavlovitz.com
date
Mon, 29 Nov 2021 02:07:29 GMT
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
security, Content-Type
hb
ssc.33across.com/api/v1/ 		67 B
150 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=dcEu7yseur6PS9aKlId8sQ
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/4/4/f132ae-8194-442b-b0b9-5817f19b3ccd.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
9c213922938731d9330d3c2ed68e233e48a9305456e1bf54807af528c379d347

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 29 Nov 2021 02:07:29 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://johnpavlovitz.com
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
imp
g2.gumgum.com/hbid/ 		537 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?t=8d405bb9&pi=2&schain=1.0%2C1!monumetric.com%2C44f132ae-8194-442b-b0b9-5817f19b3ccd%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fjohnpavlovitz.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%224.43.0%22%7D&ogu=https%3A%2F%2Fjohnpavlovitz.com%2F&ns=10240
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/4/4/f132ae-8194-442b-b0b9-5817f19b3ccd.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.208.210.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-210-171.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
836541fc2d112a7fd623b19caee40fb8a3cb12064edc4bd98f0840de324f0daa

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 29 Nov 2021 02:07:29 GMT
content-encoding
gzip
server
nginx
timing-allow-origin
*
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://johnpavlovitz.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-type
application/json;charset=UTF-8
expires
0
trinity.json
apex.go.sonobi.com/ 		95 B
734 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%22144eb77497ed6d6%22%3A%224038e93c4d4c13bc38d7%7C728x90%7Cgpid%3D%2F20842576%2C22537430947%2FCMN01M%2FCMN01M-DDA.A%22%7D&ref=https%3A%2F%2Fjohnpavlovitz.com%2F&s=1a67fa40-faec-4867-a76c-08f9c0db10d4&pv=8529c827-e4ac-48c5-bac8-489493d298cf&vp=desktop&lib_name=prebid&lib_v=4.43.0&us=5&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22monumetric.com%22%2C%22sid%22%3A%2244f132ae-8194-442b-b0b9-5817f19b3ccd%22%2C%22hp%22%3A1%7D%5D%7D&coppa=0
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/4/4/f132ae-8194-442b-b0b9-5817f19b3ccd.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.150 Rotterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-apex.go.sonobi.com
Software
sonobi-go /
Resource Hash
810e3926041db1b465708e563275e2b8175c474f8d752b4d4f4dccb3956a8200
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 29 Nov 2021 02:07:29 GMT
Content-Encoding
gzip
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
apex-ams-1-6-10
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
https://johnpavlovitz.com
Cache-Control
no-cache, no-store, private
Access-Control-Allow-Credentials
true
Tcn
Choice
Content-Type
application/json
Content-Length
120
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
v1
dmx.districtm.io/b/ 		0
286 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/b/v1
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/4/4/f132ae-8194-442b-b0b9-5817f19b3ccd.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 29 Nov 2021 02:07:29 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD, POST, OPTIONS
access-control-allow-origin
https://johnpavlovitz.com
access-control-allow-credentials
true
cf-ray
6b58485e9f213bc2-CDG
access-control-allow-headers
Content-Type, Origin
prebid
prebid.media.net/rtb/ 		1 KB
816 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUWWG7OK
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/4/4/f132ae-8194-442b-b0b9-5817f19b3ccd.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
10c98254e8ba285dc1fd40e5215a1102e199339dff0d293fe8bfd196f0f60f9c

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 29 Nov 2021 02:07:29 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://johnpavlovitz.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
prebid
lockerdome.com/ladbid/ 		11 B
337 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lockerdome.com/ladbid/prebid
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/4/4/f132ae-8194-442b-b0b9-5817f19b3ccd.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.154.142.214 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
214.142.154.104.bc.googleusercontent.com
Software
/
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://johnpavlovitz.com
Date
Mon, 29 Nov 2021 02:07:29 GMT
Cache-Control
no-cache, max-age=0, must-revalidate, no-store
Access-Control-Allow-Credentials
true
Content-Encoding
gzip
Content-Length
31
Content-Type
application/json; charset=utf-8
prebid_display
display.bfmio.com/ 		138 B
565 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://display.bfmio.com/prebid_display
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/4/4/f132ae-8194-442b-b0b9-5817f19b3ccd.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
174.129.26.26 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-174-129-26-26.compute-1.amazonaws.com
Software
/
Resource Hash
b65415525ac0baf44f27226284d63aa82c2dcf298239e215b6b7f63f320e50e8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Vary
Accept-Encoding, User-Agent
Content-Type
text/plain;charset=iso-8859-1
Access-Control-Allow-Origin
https://johnpavlovitz.com
Access-Control-Expose-Headers
location
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
146
prebid
ads.yieldmo.com/exchange/ 		0
226 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/exchange/prebid?pbav=4.43.0&p=%5B%7B%22placement_id%22%3A%22mmt-8c2ab158-8a02-440e-a07f-4aedfc478128%22%2C%22callback_id%22%3A%22154b6cdc0d153a17%22%2C%22sizes%22%3A%5B%5B728%2C90%5D%5D%2C%22ym_placement_id%22%3A%222540682013120077878%22%7D%5D&page_url=https%3A%2F%2Fjohnpavlovitz.com%2F&bust=1638151649040&pr=&scrd=1&dnt=false&description=Stuff%20That%20Needs%20To%20Be%20Said&title=john%20pavlovitz%20-%20Stuff%20That%20Needs%20To%20Be%20Said&w=1600&h=1200&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%7D&us_privacy=&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22monumetric.com%22%2C%22sid%22%3A%2244f132ae-8194-442b-b0b9-5817f19b3ccd%22%2C%22hp%22%3A1%7D%5D%7D
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/4/4/f132ae-8194-442b-b0b9-5817f19b3ccd.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.49.74.33 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-49-74-33.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://johnpavlovitz.com
pragma
no-cache
date
Mon, 29 Nov 2021 02:07:29 GMT
access-control-allow-credentials
true
x-robots-tag
none,NOINDEX,NOFOLLOW
access-control-allow-methods
POST, GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
bid
ap.lijit.com/rtb/ 		95 B
748 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_4.43.0
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/4/4/f132ae-8194-442b-b0b9-5817f19b3ccd.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
9f0a5cc82a330327b176280416c0c2b68d7b79db210296c14a82de573c5e79ad

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 29 Nov 2021 02:07:29 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://johnpavlovitz.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
99
prebid
ib.adnxs.com/ut/v3/ 		19 B
699 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/4/4/f132ae-8194-442b-b0b9-5817f19b3ccd.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.52 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
725.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 29 Nov 2021 02:07:29 GMT
X-Proxy-Origin
194.36.108.18; 194.36.108.18; 725.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
ec21bb58-3e01-4a5d-94eb-b561cacd052e
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://johnpavlovitz.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
translator
hbopenbid.pubmatic.com/ 		0
62 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/4/4/f132ae-8194-442b-b0b9-5817f19b3ccd.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://johnpavlovitz.com
date
Mon, 29 Nov 2021 02:07:28 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cygnus
htlb.casalemedia.com/ 		1012 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=201336&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22161899ecedbd6d4%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fjohnpavlovitz.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%224.43.0%22%2C%22userIds%22%3A%5B%5D%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22monumetric.com%22%2C%22sid%22%3A%2244f132ae-8194-442b-b0b9-5817f19b3ccd%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22adserver.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22450ba572-3972-453b-bf9f-3a7ceefaac83%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID%22%7D%7D%2C%7B%22id%22%3A%22FALSE%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID_LOOKUP%22%7D%7D%2C%7B%22id%22%3A%222021-11-29T02%3A07%3A28%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID_CREATED_AT%22%7D%7D%5D%7D%5D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22162e972afa31901d%22%2C%22ext%22%3A%7B%22siteID%22%3A%22201336%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/4/4/f132ae-8194-442b-b0b9-5817f19b3ccd.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.96.135.185 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-96-135-185.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8785d78ecbfcabf1a9cf6a785d6150b53a17f18079a7b9552aeac1d77494f475

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 29 Nov 2021 02:07:29 GMT
x-ak-initial-geo
CC:[DE], RC:[HE], CN:[EU], CIP:[194.36.108.18], XFF:[]
server
Apache
content-type
application/json
access-control-allow-origin
https://johnpavlovitz.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
1012
x-ak-client-geo
12
expires
Mon, 29 Nov 2021 02:07:29 GMT
arj
bloggernetwork-d.openx.net/w/1.0/ 		73 B
382 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bloggernetwork-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fjohnpavlovitz.com%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=b37f3cd2-cbf0-4698-b7b3-14bb8907a5db&nocache=1638151649044&schain=1.0%2C1!monumetric.com%2C44f132ae-8194-442b-b0b9-5817f19b3ccd%2C1%2C%2C%2C&aus=728x90&divids=mmt-8c2ab158-8a02-440e-a07f-4aedfc478128&aucs=&auid=539370755
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/4/4/f132ae-8194-442b-b0b9-5817f19b3ccd.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.221.0 /
Resource Hash
faa2747e25388fae1a46fa4eb094150bc58b926f2fd646a980da0384c0272c25

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 29 Nov 2021 02:07:29 GMT
content-encoding
gzip
server
OXGW/16.221.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://johnpavlovitz.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
bid
c.amazon-adsystem.com/e/dtb/ 		23 B
494 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fjohnpavlovitz.com%2F&pid=w0PIfPPjmMFk2&cb=3&ws=1600x1200&v=7.71.1&t=1300&slots=%5B%7B%22sd%22%3A%22mmt-8c2ab158-8a02-440e-a07f-4aedfc478128%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F20842576%2C22537430947%2FCMN01M%2FCMN01M-DDA.A%22%7D%5D&schain=1.0%2C1!monumetric.com%2C44f132ae-8194-442b-b0b9-5817f19b3ccd%2C1%2C%2C%2C&pubid=76b6d1d8-9f58-4ac7-a92e-f3232afccc8a&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.21.201 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-21-201.fra56.r.cloudfront.net
Software
Server /
Resource Hash
1c4777fe3a673a05492e27d08032cc91c23ac5389897c9235b09b8b0f5a74db3
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 29 Nov 2021 02:07:29 GMT
via
1.1 aff6ac5c98fa897349204752e5877c81.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-C2
x-amz-rid
80RM3C5DASY3NM429F2D
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://johnpavlovitz.com
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
23
x-amz-cf-id
lHwjooCdjADFiRkJT7fQzEwVRtCNuD7Z5ihGqaZmzB8P41MZHgl61g==
sdk.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: johnpavlovitz.com
URL: https://johnpavlovitz.com/wp-content/cache/min/1/6d15bbad000db3c9b2fbcdd80bdb49ef.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
dde8265b198f28810ec732ce06aaafabdc6affd36bf2c5f215e09f1a97ee1dcc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
94tzKIQPM2/RmdJ2aueFUQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
1686
x-fb-rlafr
0
x-fb-debug
zmK2qV3T+luLHUi+P202+Ly+VUD7dPEY9BQdNm15/SpEHTiYV8rxjXzzoQDdUdYRkhd5wsEbvh33qm6yaN8kVQ==
x-fb-trip-id
686109401
x-fb-content-md5
239c9fa2bbb9f973a01348a3905b46bc
x-frame-options
DENY
date
Mon, 29 Nov 2021 02:07:29 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"09914b031c00b1ae0034b65dbe490ca5"
timing-allow-origin
*
priority
u=3,i
expires
Mon, 29 Nov 2021 02:20:35 GMT
widgets.js
platform.twitter.com/ 		96 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: johnpavlovitz.com
URL: https://johnpavlovitz.com/wp-content/cache/min/1/6d15bbad000db3c9b2fbcdd80bdb49ef.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (mil/6CE4) /
Resource Hash
00a57617df99ac957720b7332f9d15449def3ebe11169d68f12c47a3cde5168d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Mon, 29 Nov 2021 02:07:29 GMT
Content-Encoding
gzip
Last-Modified
Mon, 18 Oct 2021 18:33:56 GMT
Server
ECS (mil/6CE4)
Age
1018
Etag
"a709ab1b2c0d5d5e7c19895f6e1dcbfd+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=1800
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
29104
count.json
api.pinterest.com/v1/urls/ 		145 B
459 B 		Script
General
Check archive.org
Download Go to
Full URL
https://api.pinterest.com/v1/urls/count.json?callback=WPCOMSharing.update_pinterest_count&url=https%3A%2F%2Fjohnpavlovitz.com%2F2021%2F11%2F17%2Fkyle-rittenhouse-is-an-indictment-of-white-america%2F
Requested by
Host: johnpavlovitz.com
URL: https://johnpavlovitz.com/wp-content/cache/min/1/6d15bbad000db3c9b2fbcdd80bdb49ef.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.51.9.28 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-9-28.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
16503a4de7b0dc887e655440ab1b73d98a7d89549020b766429de82c80a5d687
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 29 Nov 2021 02:07:29 GMT
x-content-type-options
nosniff
x-cdn
akamai
akamai-grn
0.55a13554.1638151649.374672dc
content-type
application/javascript
access-control-allow-origin
*
pinterest-generated-by
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
1
x-pinterest-rid
3851140498871870
content-length
145
expires
Mon, 29 Nov 2021 02:22:29 GMT
/
graph.facebook.com/ 		244 B
350 B 		Script
General
Check archive.org
Download Go to
Full URL
https://graph.facebook.com/?callback=WPCOMSharing.update_facebook_count&ids=https%3A%2F%2Fjohnpavlovitz.com%2F2021%2F11%2F17%2Fkyle-rittenhouse-is-an-indictment-of-white-america%2F
Requested by
Host: johnpavlovitz.com
URL: https://johnpavlovitz.com/wp-content/cache/min/1/6d15bbad000db3c9b2fbcdd80bdb49ef.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:800e:face:b00c:0:2 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
95387bfe634adae8965526bb60c36fa9914e2490069f2f5b3235e473b4a60c5f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; preload
content-encoding
br
www-authenticate
OAuth "Facebook Platform" "invalid_request" "(#2) Service temporarily unavailable"
x-fb-rev
1004773042
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length
181
x-fb-rlafr
0
pragma
no-cache
x-fb-debug
ffuVkrwJMmoAfTaknOgEPS5dJ+BmXdosVxLfEkKvEXrjkZd2gWvuEBAE0WuAfQsc6/DELcu8k4AITZbgwtLPxQ==
x-fb-trace-id
CNSiztTdWWC
date
Mon, 29 Nov 2021 02:07:29 GMT
vary
Origin, Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
x-fb-request-id
A0trmXR1spYpdQLLEMUXggX
cache-control
no-store
facebook-api-version
v5.0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
count.json
api.pinterest.com/v1/urls/ 		138 B
451 B 		Script
General
Check archive.org
Download Go to
Full URL
https://api.pinterest.com/v1/urls/count.json?callback=WPCOMSharing.update_pinterest_count&url=https%3A%2F%2Fjohnpavlovitz.com%2F2021%2F11%2F11%2Fmaga-republicans-would-have-cancelled-jesus%2F
Requested by
Host: johnpavlovitz.com
URL: https://johnpavlovitz.com/wp-content/cache/min/1/6d15bbad000db3c9b2fbcdd80bdb49ef.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.51.9.28 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-9-28.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
c1bceaba0b36b102fe24a4c5c78d65c522bc6aecb17ef2d4115ff188169fa9c3
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 29 Nov 2021 02:07:29 GMT
x-content-type-options
nosniff
x-cdn
akamai
akamai-grn
0.55a13554.1638151649.374672e0
content-type
application/javascript
access-control-allow-origin
*
pinterest-generated-by
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
1
x-pinterest-rid
1438202001365009
content-length
138
expires
Mon, 29 Nov 2021 02:22:29 GMT
/
graph.facebook.com/ 		244 B
342 B 		Script
General
Check archive.org
Download Go to
Full URL
https://graph.facebook.com/?callback=WPCOMSharing.update_facebook_count&ids=https%3A%2F%2Fjohnpavlovitz.com%2F2021%2F11%2F11%2Fmaga-republicans-would-have-cancelled-jesus%2F
Requested by
Host: johnpavlovitz.com
URL: https://johnpavlovitz.com/wp-content/cache/min/1/6d15bbad000db3c9b2fbcdd80bdb49ef.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:800e:face:b00c:0:2 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d5f41ef378f73dd517321c3ad61a8961021dc673acc9ad478c5227342a0e3be9
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; preload
content-encoding
br
www-authenticate
OAuth "Facebook Platform" "invalid_request" "(#2) Service temporarily unavailable"
x-fb-rev
1004773042
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length
186
x-fb-rlafr
0
pragma
no-cache
x-fb-debug
qZCsSYe9SnaSeGVi1m5wvjx9Q6oxGWTO2A0IifGs2wZoWK32Ifmjx9LLeb7Y1tiYGpb+NpRwteJ9cDVIhtWDkw==
x-fb-trace-id
FNGVF+6bJN6
date
Mon, 29 Nov 2021 02:07:29 GMT
vary
Origin, Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
x-fb-request-id
Aq3Dv5i9FgCZAAWtDIbjmoi
cache-control
no-store
facebook-api-version
v5.0
expires
Sat, 01 Jan 2000 00:00:00 GMT
count.json
api.pinterest.com/v1/urls/ 		140 B
452 B 		Script
General
Check archive.org
Download Go to
Full URL
https://api.pinterest.com/v1/urls/count.json?callback=WPCOMSharing.update_pinterest_count&url=https%3A%2F%2Fjohnpavlovitz.com%2F2021%2F11%2F10%2Ffor-white-people-tired-of-being-called-racist%2F
Requested by
Host: johnpavlovitz.com
URL: https://johnpavlovitz.com/wp-content/cache/min/1/6d15bbad000db3c9b2fbcdd80bdb49ef.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.51.9.28 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-9-28.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
4691762ba1acd6131c4eb31e0c4c84461f1415553ec102f713108973f434b6a3
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 29 Nov 2021 02:07:29 GMT
x-content-type-options
nosniff
x-cdn
akamai
akamai-grn
0.55a13554.1638151649.374672e2
content-type
application/javascript
access-control-allow-origin
*
pinterest-generated-by
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
2
x-pinterest-rid
1310481860309180
content-length
140
expires
Mon, 29 Nov 2021 02:22:29 GMT
/
graph.facebook.com/ 		244 B
645 B 		Script
General
Check archive.org
Download Go to
Full URL
https://graph.facebook.com/?callback=WPCOMSharing.update_facebook_count&ids=https%3A%2F%2Fjohnpavlovitz.com%2F2021%2F11%2F10%2Ffor-white-people-tired-of-being-called-racist%2F
Requested by
Host: johnpavlovitz.com
URL: https://johnpavlovitz.com/wp-content/cache/min/1/6d15bbad000db3c9b2fbcdd80bdb49ef.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:800e:face:b00c:0:2 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e02f5a05651d8c08e0b47e3dad4703f76ac9a65cd543b893004a4881efd15445
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; preload
content-encoding
br
www-authenticate
OAuth "Facebook Platform" "invalid_request" "(#2) Service temporarily unavailable"
x-fb-rev
1004773042
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length
182
x-fb-rlafr
0
pragma
no-cache
x-fb-debug
MufDIORDNH4HLVi2HAr8rGVxahgD2FKzQqA4wOVGNwRqpBmM+w17nUge8UrL1hXjPL9omyNEWmb8OzPhyeUC3g==
x-fb-trace-id
FgtDP+PIkO2
date
Mon, 29 Nov 2021 02:07:29 GMT
vary
Origin, Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
x-fb-request-id
At0C3kMtVHiNRT7WBfguwgX
cache-control
no-store
facebook-api-version
v5.0
expires
Sat, 01 Jan 2000 00:00:00 GMT
count.json
api.pinterest.com/v1/urls/ 		158 B
472 B 		Script
General
Check archive.org
Download Go to
Full URL
https://api.pinterest.com/v1/urls/count.json?callback=WPCOMSharing.update_pinterest_count&url=https%3A%2F%2Fjohnpavlovitz.com%2F2021%2F11%2F05%2Fim-not-saying-conservative-christianity-is-anti-jesus-jesus-is%2F
Requested by
Host: johnpavlovitz.com
URL: https://johnpavlovitz.com/wp-content/cache/min/1/6d15bbad000db3c9b2fbcdd80bdb49ef.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.51.9.28 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-9-28.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
748fa317a7530c1ad82480e2d6bab05aff87e6a7f692025dc6f4e05b3740bbd8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 29 Nov 2021 02:07:29 GMT
x-content-type-options
nosniff
x-cdn
akamai
akamai-grn
0.55a13554.1638151649.374672e3
content-type
application/javascript
access-control-allow-origin
*
pinterest-generated-by
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
1
x-pinterest-rid
1382645768971988
content-length
158
expires
Mon, 29 Nov 2021 02:22:29 GMT
/
graph.facebook.com/ 		244 B
335 B 		Script
General
Check archive.org
Download Go to
Full URL
https://graph.facebook.com/?callback=WPCOMSharing.update_facebook_count&ids=https%3A%2F%2Fjohnpavlovitz.com%2F2021%2F11%2F05%2Fim-not-saying-conservative-christianity-is-anti-jesus-jesus-is%2F
Requested by
Host: johnpavlovitz.com
URL: https://johnpavlovitz.com/wp-content/cache/min/1/6d15bbad000db3c9b2fbcdd80bdb49ef.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:800e:face:b00c:0:2 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
dd328db0689c2648b315c2d5a82bed3eaa841b48beba60ab2477b7ac2a93cc70
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; preload
content-encoding
br
www-authenticate
OAuth "Facebook Platform" "invalid_request" "(#2) Service temporarily unavailable"
x-fb-rev
1004773042
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length
180
x-fb-rlafr
0
pragma
no-cache
x-fb-debug
CDAPhQTifoCDKICfFGayH6j3FORD2iQ5LHPF/I74/MLRk4xa30yyfXkNfsUPO8jhYg1mPa6K1gtUZ1A5lARrAw==
x-fb-trace-id
ByjVpRe8stL
date
Mon, 29 Nov 2021 02:07:29 GMT
vary
Origin, Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
x-fb-request-id
Av9ph4pDoDuln8qeV8-EYg9
cache-control
no-store
facebook-api-version
v5.0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
mmt.gif
imps.monu.delivery/ 		37 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imps.monu.delivery/mmt.gif?s=7d71fbe8-b170-446e-b067-9590ccabaec3&a=s.d&u=7765d109-f172-4772-8b86-be805a57cce8
Requested by
Host: johnpavlovitz.com
URL: https://johnpavlovitz.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
140.236.186.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 29 Nov 2021 01:58:55 GMT
age
514
x-guploader-uploadid
ADPycds0IRCv6OAMDR9ntUvet23-PTh4F3TC8hShsJ3ZfLa-OGHqmiNS-vjZDUEXaMMRIVODOXH5fHlIMz-ht3MuKdk
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
clear
content-length
37
last-modified
Wed, 12 Jul 2017 09:13:19 GMT
server
UploadServer
etag
"455005e2f4b8ecc484500fab08619f70"
x-goog-hash
crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
x-goog-generation
1499850799559224
cache-control
public, max-age=3600
x-goog-stored-content-length
37
accept-ranges
bytes
content-type
image/gif
expires
Mon, 29 Nov 2021 02:58:55 GMT
mmt.gif
imps.monu.delivery/ 		37 B
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imps.monu.delivery/mmt.gif?s=7d71fbe8-b170-446e-b067-9590ccabaec3&a=s.d&u=1b1afb9c-b54e-4ab8-800f-2b614f883142
Requested by
Host: johnpavlovitz.com
URL: https://johnpavlovitz.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
140.236.186.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 29 Nov 2021 01:58:55 GMT
age
514
x-guploader-uploadid
ADPycds0IRCv6OAMDR9ntUvet23-PTh4F3TC8hShsJ3ZfLa-OGHqmiNS-vjZDUEXaMMRIVODOXH5fHlIMz-ht3MuKdk
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
clear
content-length
37
last-modified
Wed, 12 Jul 2017 09:13:19 GMT
server
UploadServer
etag
"455005e2f4b8ecc484500fab08619f70"
x-goog-hash
crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
x-goog-generation
1499850799559224
cache-control
public, max-age=3600
x-goog-stored-content-length
37
accept-ranges
bytes
content-type
image/gif
expires
Mon, 29 Nov 2021 02:58:55 GMT
mmt.gif
imps.monu.delivery/ 		37 B
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imps.monu.delivery/mmt.gif?s=7d71fbe8-b170-446e-b067-9590ccabaec3&a=s.d&u=d421cfc0-cb38-47db-bb63-20714a5c8bd5
Requested by
Host: johnpavlovitz.com
URL: https://johnpavlovitz.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
140.236.186.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 29 Nov 2021 01:58:55 GMT
age
514
x-guploader-uploadid
ADPycds0IRCv6OAMDR9ntUvet23-PTh4F3TC8hShsJ3ZfLa-OGHqmiNS-vjZDUEXaMMRIVODOXH5fHlIMz-ht3MuKdk
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
clear
content-length
37
last-modified
Wed, 12 Jul 2017 09:13:19 GMT
server
UploadServer
etag
"455005e2f4b8ecc484500fab08619f70"
x-goog-hash
crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
x-goog-generation
1499850799559224
cache-control
public, max-age=3600
x-goog-stored-content-length
37
accept-ranges
bytes
content-type
image/gif
expires
Mon, 29 Nov 2021 02:58:55 GMT
mmt.gif
imps.monu.delivery/ 		37 B
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imps.monu.delivery/mmt.gif?s=7d71fbe8-b170-446e-b067-9590ccabaec3&a=s.d&u=8c2ab158-8a02-440e-a07f-4aedfc478128
Requested by
Host: johnpavlovitz.com
URL: https://johnpavlovitz.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
140.236.186.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 29 Nov 2021 01:58:55 GMT
age
514
x-guploader-uploadid
ADPycds0IRCv6OAMDR9ntUvet23-PTh4F3TC8hShsJ3ZfLa-OGHqmiNS-vjZDUEXaMMRIVODOXH5fHlIMz-ht3MuKdk
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
clear
content-length
37
last-modified
Wed, 12 Jul 2017 09:13:19 GMT
server
UploadServer
etag
"455005e2f4b8ecc484500fab08619f70"
x-goog-hash
crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
x-goog-generation
1499850799559224
cache-control
public, max-age=3600
x-goog-stored-content-length
37
accept-ranges
bytes
content-type
image/gif
expires
Mon, 29 Nov 2021 02:58:55 GMT
g.gif
pixel.wp.com/ 		50 B
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.wp.com/g.gif?v=wpcom-no-pv&x_sharing-count-request=pinterest&r=0.9361246747495497
Requested by
Host: johnpavlovitz.com
URL: https://johnpavlovitz.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 29 Nov 2021 02:07:29 GMT
cache-control
no-cache
server
nginx
content-length
50
content-type
image/gif
g.gif
pixel.wp.com/ 		50 B
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.wp.com/g.gif?v=wpcom-no-pv&x_sharing-count-request=facebook&r=0.4596864534041949
Requested by
Host: johnpavlovitz.com
URL: https://johnpavlovitz.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 29 Nov 2021 02:07:29 GMT
cache-control
no-cache
server
nginx
content-length
50
content-type
image/gif
g.gif
pixel.wp.com/ 		50 B
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.wp.com/g.gif?v=wpcom-no-pv&x_sharing-count-request=pinterest&r=0.6420598320357436
Requested by
Host: johnpavlovitz.com
URL: https://johnpavlovitz.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 29 Nov 2021 02:07:29 GMT
cache-control
no-cache
server
nginx
content-length
50
content-type
image/gif
g.gif
pixel.wp.com/ 		50 B
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.wp.com/g.gif?v=wpcom-no-pv&x_sharing-count-request=facebook&r=0.8899027342573058
Requested by
Host: johnpavlovitz.com
URL: https://johnpavlovitz.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 29 Nov 2021 02:07:29 GMT
cache-control
no-cache
server
nginx
content-length
50
content-type
image/gif
g.gif
pixel.wp.com/ 		50 B
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.wp.com/g.gif?v=wpcom-no-pv&x_sharing-count-request=pinterest&r=0.7531051073565245
Requested by
Host: johnpavlovitz.com
URL: https://johnpavlovitz.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 29 Nov 2021 02:07:29 GMT
cache-control
no-cache
server
nginx
content-length
50
content-type
image/gif
g.gif
pixel.wp.com/ 		50 B
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.wp.com/g.gif?v=wpcom-no-pv&x_sharing-count-request=facebook&r=0.24532176453553878
Requested by
Host: johnpavlovitz.com
URL: https://johnpavlovitz.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 29 Nov 2021 02:07:29 GMT
cache-control
no-cache
server
nginx
content-length
50
content-type
image/gif
g.gif
pixel.wp.com/ 		50 B
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.wp.com/g.gif?v=wpcom-no-pv&x_sharing-count-request=pinterest&r=0.343278487168287
Requested by
Host: johnpavlovitz.com
URL: https://johnpavlovitz.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 29 Nov 2021 02:07:29 GMT
cache-control
no-cache
server
nginx
content-length
50
content-type
image/gif
g.gif
pixel.wp.com/ 		50 B
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.wp.com/g.gif?v=wpcom-no-pv&x_sharing-count-request=facebook&r=0.7402535475212364
Requested by
Host: johnpavlovitz.com
URL: https://johnpavlovitz.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 29 Nov 2021 02:07:29 GMT
cache-control
no-cache
server
nginx
content-length
50
content-type
image/gif
/
johnpavlovitz.com/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://johnpavlovitz.com/?p=%2F&h=https%3A%2F%2Fjohnpavlovitz.com&r=&sid=null&qs=%7B%7D&cid=15041992
Requested by
Host: johnpavlovitz.com
URL: https://johnpavlovitz.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:513d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / WP Engine
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content;
Strict-Transport-Security max-age=2592000;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=2592000;
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-cacheable
SHORT
x-powered-by
WP Engine
x-cache
MISS
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding,Cookie
x-xss-protection
1; mode=block
x-cache-group
normal
referrer-policy
no-referrer
server
cloudflare
x-frame-options
SAMEORIGIN
date
Mon, 29 Nov 2021 02:07:30 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gFUbBGKZbaUQ2eoCt7SaSbCBuyeJ8d%2FKOXKTKmH1BZmXH6JWF2KxYdjtW5V3QYUAwJzuz2HreooHv9tzOwKQxuc73H91Aj6yfSvjpkVYnjDSL67hbc5nrWZb9t6oiPuO4U%2BixP1eX3j2Y8YMz6X%2B%2BA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cache-control
max-age=600, must-revalidate
content-security-policy
block-all-mixed-content;
cf-ray
6b58485ebe31375b-MXP
link
<https://johnpavlovitz.com/wp-json/>; rel="https://api.w.org/", <https://wp.me/7ka6l>; rel=shortlink
Screen-Shot-2021-11-17-at-9.31.57-AM-1536x858.png
johnpavlovitz.com/wp-content/uploads/2021/11/ 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://johnpavlovitz.com/wp-content/uploads/2021/11/Screen-Shot-2021-11-17-at-9.31.57-AM-1536x858.png
Requested by
Host: johnpavlovitz.com
URL: https://johnpavlovitz.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:513d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef0874829b2bc7a4384c23cb0dcb69e385e3a8a4e4b0fccc2eea42a96b208e9f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 29 Nov 2021 02:07:30 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
1150300
last-modified
Wed, 17 Nov 2021 14:32:25 GMT
server
cloudflare
etag
"61951279-118d5c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pH3%2FaBniQQHXZT6jb5XkGIMRFKj3FclJCDeH39xPTM9S1W4tuxHxJesbc4sve0nS7SgtC3g7WsCjdkmpynHT%2FMqF6foLR30%2F2YLGLJBEMAqgpPKTsTVgTWKow54jJ7AcZik1riJ9UxEl%2BrddR%2BLVZA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
6b58485f0e81375b-MXP
John-Pavlovitz-Headshot-10-2018.jpg
johnpavlovitz.com/wp-content/uploads/2018/10/ 		87 KB
88 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://johnpavlovitz.com/wp-content/uploads/2018/10/John-Pavlovitz-Headshot-10-2018.jpg
Requested by
Host: johnpavlovitz.com
URL: https://johnpavlovitz.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:513d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2414d0ce2539b93bf0b6a60156dd407f7d54fdec49783226f2d602dbeb509cd0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 29 Nov 2021 02:07:29 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
89303
last-modified
Mon, 22 Oct 2018 19:51:46 GMT
server
cloudflare
etag
"5bce2a52-15cd7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oTxt5QhMxtT15x5T6lgc87%2FlREWyJh2zAvb25wf%2BBAas2I4MdxGNb5wDpPuJ%2BB1CKilfcn6vo0QBhiIg7WqZSN1AN6KmWHmIGnbt5f0vM%2FshsWUN1B4nkU6NykPHlDJWHM7Gd%2BHbY%2FWghXtP0OrNYw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
6b58485f0e82375b-MXP
If-God-Is-Love-Cover.png
johnpavlovitz.com/wp-content/uploads/2021/03/ 		137 KB
137 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://johnpavlovitz.com/wp-content/uploads/2021/03/If-God-Is-Love-Cover.png
Requested by
Host: johnpavlovitz.com
URL: https://johnpavlovitz.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:513d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
30361be414beac4a3c547a30ae564d93ad18465a453ea5b5d37af82cf872f853

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 29 Nov 2021 02:07:30 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
139816
last-modified
Sun, 07 Mar 2021 22:51:13 GMT
server
cloudflare
etag
"604558e1-22228"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7HOiFxNzGqBqzZ1JK19Mk%2FxxwsA7cEG52xzqSoZDXPyTtv%2FK9Nz4wY92iWJrL5LguIVA7WO17gZktHGkRdVSwUzCa2hrKyW0NPgFO%2B7TK2lOt%2FW1CIQdDVrCjQmlPailQ05l7b73fIvhLmGx4Lh14A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
6b58485f0e83375b-MXP
Amazon-Logo.png
johnpavlovitz.com/wp-content/uploads/2017/05/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://johnpavlovitz.com/wp-content/uploads/2017/05/Amazon-Logo.png
Requested by
Host: johnpavlovitz.com
URL: https://johnpavlovitz.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:513d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2e97fb51c2116e6c139af7db3043cb591750e54cc7b2789d386ba88af1dd5cc3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 29 Nov 2021 02:07:29 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
2483
last-modified
Mon, 20 Aug 2018 05:21:58 GMT
server
cloudflare
etag
"5b7a4ff6-9b3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U8brpudYPH5aESws5Bnu%2F%2FXV0j7f5hv54Vh5o4Hpsljxk%2FYdRQsWxNHJDAdh3V4WjSFfNua2npMjnlFaVrX1f%2FJRLCMK76gtCsw8eSJfdwcQosn4pcoemSQvWArs0uZzaM323JA2lH7Y5dANcT1aIw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
6b58485f0e84375b-MXP
hb
ssc.33across.com/api/v1/ 		66 B
158 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=dcEu7yseur6PS9aKlId8sQ
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/4/4/f132ae-8194-442b-b0b9-5817f19b3ccd.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
5a4f5eee811fe92e03c2ceb3d4139961f88f2e526333636d9fa413df3041f098

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 29 Nov 2021 02:07:29 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://johnpavlovitz.com
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
prebid
lockerdome.com/ladbid/ 		11 B
337 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lockerdome.com/ladbid/prebid
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/4/4/f132ae-8194-442b-b0b9-5817f19b3ccd.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.154.142.214 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
214.142.154.104.bc.googleusercontent.com
Software
/
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://johnpavlovitz.com
Date
Mon, 29 Nov 2021 02:07:29 GMT
Cache-Control
no-cache, max-age=0, must-revalidate, no-store
Access-Control-Allow-Credentials
true
Content-Encoding
gzip
Content-Length
31
Content-Type
application/json; charset=utf-8
prebid_display
display.bfmio.com/ 		138 B
566 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://display.bfmio.com/prebid_display
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/4/4/f132ae-8194-442b-b0b9-5817f19b3ccd.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
174.129.26.26 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-174-129-26-26.compute-1.amazonaws.com
Software
/
Resource Hash
657508eaed38ad6b7d372d9c39d1f2ac9af7745021930e99d209672b5a775d1f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Vary
Accept-Encoding, User-Agent
Content-Type
text/plain;charset=iso-8859-1
Access-Control-Allow-Origin
https://johnpavlovitz.com
Access-Control-Expose-Headers
location
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
147
arj
bloggernetwork-d.openx.net/w/1.0/ 		73 B
101 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bloggernetwork-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fjohnpavlovitz.com%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=6b2c9385-a271-48de-8886-63083efb6c8d&nocache=1638151649120&schain=1.0%2C1!monumetric.com%2C44f132ae-8194-442b-b0b9-5817f19b3ccd%2C1%2C%2C%2C&aus=300x250%2C300x600%2C160x600&divids=mmt-1b1afb9c-b54e-4ab8-800f-2b614f883142&aucs=&auid=539370755
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/4/4/f132ae-8194-442b-b0b9-5817f19b3ccd.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.221.0 /
Resource Hash
f21c70d49dd1a12421981bfb41d4559f3311ef19df38b14ef40366658106a6d4

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 29 Nov 2021 02:07:29 GMT
content-encoding
gzip
server
OXGW/16.221.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://johnpavlovitz.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
v1
dmx.districtm.io/b/ 		0
36 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/b/v1
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/4/4/f132ae-8194-442b-b0b9-5817f19b3ccd.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 29 Nov 2021 02:07:29 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD, POST, OPTIONS
access-control-allow-origin
https://johnpavlovitz.com
access-control-allow-credentials
true
cf-ray
6b58485f0f8f3bc2-CDG
access-control-allow-headers
Content-Type, Origin
trinity.json
apex.go.sonobi.com/ 		137 B
689 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%22593f2045f863186%22%3A%22177369c437c672237248%7C300x250%2C300x600%2C160x600%7Cgpid%3D%2F20842576%2C22537430947%2FCMN01M%2FCMN01M-DDS.B%22%2C%22601e5677f4a05a6%22%3A%22dcc4cd9596e80d497120%7C300x250%2C300x600%2C160x600%7Cgpid%3D%2F20842576%2C22537430947%2FCMN01M%2FCMN01M-DDS.B%22%2C%22618c7ea15a1107d%22%3A%22d23fc2fbe929165f22f9%7C300x250%2C300x600%2C160x600%7Cgpid%3D%2F20842576%2C22537430947%2FCMN01M%2FCMN01M-DDS.B%22%7D&ref=https%3A%2F%2Fjohnpavlovitz.com%2F&s=05789eaf-000d-4902-9988-3976330885eb&pv=8529c827-e4ac-48c5-bac8-489493d298cf&vp=desktop&lib_name=prebid&lib_v=4.43.0&us=5&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22monumetric.com%22%2C%22sid%22%3A%2244f132ae-8194-442b-b0b9-5817f19b3ccd%22%2C%22hp%22%3A1%7D%5D%7D&coppa=0
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/4/4/f132ae-8194-442b-b0b9-5817f19b3ccd.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.150 Rotterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-apex.go.sonobi.com
Software
sonobi-go /
Resource Hash
46af53bbe4d9af49ea2c63a6f95c220bab4b6eeaa323397f950a05db48473822
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 29 Nov 2021 02:07:29 GMT
Content-Encoding
gzip
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
apex-ams-1-6-10
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
https://johnpavlovitz.com
Cache-Control
no-cache, no-store, private
Access-Control-Allow-Credentials
true
Tcn
Choice
Content-Type
application/json
Content-Length
162
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
/
hb.emxdgt.com/ 		0
160 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.emxdgt.com/?t=1300&ts=1638151649121&src=pbjs
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/4/4/f132ae-8194-442b-b0b9-5817f19b3ccd.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.230.193 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-156-230-193.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://johnpavlovitz.com
date
Mon, 29 Nov 2021 02:07:29 GMT
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
security, Content-Type
prebid
ads.yieldmo.com/exchange/ 		0
226 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/exchange/prebid?pbav=4.43.0&p=%5B%7B%22placement_id%22%3A%22mmt-1b1afb9c-b54e-4ab8-800f-2b614f883142%22%2C%22callback_id%22%3A%2265b71bf637bab09%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%2C%5B300%2C600%5D%2C%5B160%2C600%5D%5D%2C%22ym_placement_id%22%3A%222540682013120077878%22%7D%5D&page_url=https%3A%2F%2Fjohnpavlovitz.com%2F&bust=1638151649122&pr=&scrd=1&dnt=false&description=Stuff%20That%20Needs%20To%20Be%20Said&title=john%20pavlovitz%20-%20Stuff%20That%20Needs%20To%20Be%20Said&w=1600&h=1200&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%7D&us_privacy=&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22monumetric.com%22%2C%22sid%22%3A%2244f132ae-8194-442b-b0b9-5817f19b3ccd%22%2C%22hp%22%3A1%7D%5D%7D
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/4/4/f132ae-8194-442b-b0b9-5817f19b3ccd.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.49.74.33 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-49-74-33.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://johnpavlovitz.com
pragma
no-cache
date
Mon, 29 Nov 2021 02:07:29 GMT
access-control-allow-credentials
true
x-robots-tag
none,NOINDEX,NOFOLLOW
access-control-allow-methods
POST, GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
c
prebid.a-mo.net/a/ 		0
382 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/4/4/f132ae-8194-442b-b0b9-5817f19b3ccd.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.61.140 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://johnpavlovitz.com
date
Mon, 29 Nov 2021 02:07:29 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
server
envoy
x-envoy-upstream-service-time
174
vary
origin, Accept-Encoding
imp
g2.gumgum.com/hbid/ 		537 B
772 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?pv=4a979083-ed79-4bcf-b01b-e004f73219df&si=97540&pi=3&bf=300x250%2C300x600%2C160x600&schain=1.0%2C1!monumetric.com%2C44f132ae-8194-442b-b0b9-5817f19b3ccd%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fjohnpavlovitz.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%224.43.0%22%7D&ogu=https%3A%2F%2Fjohnpavlovitz.com%2F&ns=10240
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/4/4/f132ae-8194-442b-b0b9-5817f19b3ccd.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.208.210.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-210-171.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
253f42d9369f0077893a445147555e0088f2698843e2610b3a524bac63e72ed1

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 29 Nov 2021 02:07:29 GMT
content-encoding
gzip
server
nginx
timing-allow-origin
*
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://johnpavlovitz.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-type
application/json;charset=UTF-8
expires
0
imp
g2.gumgum.com/hbid/ 		537 B
772 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?pv=4a979083-ed79-4bcf-b01b-e004f73219df&si=97542&pi=3&bf=300x250%2C300x600%2C160x600&schain=1.0%2C1!monumetric.com%2C44f132ae-8194-442b-b0b9-5817f19b3ccd%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fjohnpavlovitz.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%224.43.0%22%7D&ogu=https%3A%2F%2Fjohnpavlovitz.com%2F&ns=10240
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/4/4/f132ae-8194-442b-b0b9-5817f19b3ccd.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.208.210.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-210-171.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
253f42d9369f0077893a445147555e0088f2698843e2610b3a524bac63e72ed1

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 29 Nov 2021 02:07:29 GMT
content-encoding
gzip
server
nginx
timing-allow-origin
*
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://johnpavlovitz.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-type
application/json;charset=UTF-8
expires
0
imp
g2.gumgum.com/hbid/ 		537 B
772 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?pv=4a979083-ed79-4bcf-b01b-e004f73219df&si=97543&pi=3&bf=300x250%2C300x600%2C160x600&schain=1.0%2C1!monumetric.com%2C44f132ae-8194-442b-b0b9-5817f19b3ccd%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fjohnpavlovitz.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%224.43.0%22%7D&ogu=https%3A%2F%2Fjohnpavlovitz.com%2F&ns=10240
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/4/4/f132ae-8194-442b-b0b9-5817f19b3ccd.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.208.210.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-210-171.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
253f42d9369f0077893a445147555e0088f2698843e2610b3a524bac63e72ed1

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 29 Nov 2021 02:07:29 GMT
content-encoding
gzip
server
nginx
timing-allow-origin
*
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://johnpavlovitz.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-type
application/json;charset=UTF-8
expires
0
prebid
ib.adnxs.com/ut/v3/ 		19 B
699 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/4/4/f132ae-8194-442b-b0b9-5817f19b3ccd.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.52 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
725.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 29 Nov 2021 02:07:29 GMT
X-Proxy-Origin
194.36.108.18; 194.36.108.18; 725.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
d72844c9-0da8-4d38-a81f-d45b835fb7bd
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://johnpavlovitz.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bid
ap.lijit.com/rtb/ 		5 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_4.43.0
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/4/4/f132ae-8194-442b-b0b9-5817f19b3ccd.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
b078ca349bbb98690031af8496ad43459f4bf332ec84ad06f608d5fa96e94632

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 29 Nov 2021 02:07:29 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://johnpavlovitz.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
2152
prebid
prebid.media.net/rtb/ 		1 KB
676 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUWWG7OK
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/4/4/f132ae-8194-442b-b0b9-5817f19b3ccd.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
2c0d5a61707261296b9358f6797f7a71f6c0b953da46dfa5e83fea532ff70666

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 29 Nov 2021 02:07:29 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://johnpavlovitz.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
translator
hbopenbid.pubmatic.com/ 		0
62 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/4/4/f132ae-8194-442b-b0b9-5817f19b3ccd.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://johnpavlovitz.com
date
Mon, 29 Nov 2021 02:07:27 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cygnus
htlb.casalemedia.com/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=201337&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2286e226a3c1558ec%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fjohnpavlovitz.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%224.43.0%22%2C%22userIds%22%3A%5B%5D%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22monumetric.com%22%2C%22sid%22%3A%2244f132ae-8194-442b-b0b9-5817f19b3ccd%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22adserver.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22450ba572-3972-453b-bf9f-3a7ceefaac83%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID%22%7D%7D%2C%7B%22id%22%3A%22FALSE%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID_LOOKUP%22%7D%7D%2C%7B%22id%22%3A%222021-11-29T02%3A07%3A28%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID_CREATED_AT%22%7D%7D%5D%7D%5D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2287c25c697cabc9%22%2C%22ext%22%3A%7B%22siteID%22%3A%22201337%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22881e00987cf4859%22%2C%22ext%22%3A%7B%22siteID%22%3A%22242368%22%2C%22sid%22%3A%22300x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2289d959600a0bfe4%22%2C%22ext%22%3A%7B%22siteID%22%3A%22242369%22%2C%22sid%22%3A%22160x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A160%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/4/4/f132ae-8194-442b-b0b9-5817f19b3ccd.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.96.135.185 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-96-135-185.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8f6cf9f3a3eebb41f002dcfcc945729c27313809c3fd3a6137e0631258c6b7b4

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 29 Nov 2021 02:07:29 GMT
x-ak-initial-geo
CC:[DE], RC:[HE], CN:[EU], CIP:[194.36.108.18], XFF:[]
server
Apache
content-type
application/json
access-control-allow-origin
https://johnpavlovitz.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
1977
x-ak-client-geo
12
expires
Mon, 29 Nov 2021 02:07:29 GMT
sdk.js
connect.facebook.net/en_US/ 		285 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=e784025b6ac125d0db32252fd4a36e61
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ed0cbc994c9664c8032f3b521949ec8da76692f13c846c176248b80234befbe8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
Origin
https://johnpavlovitz.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
cq7fqlzV2for9aRwuSEdHQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
82869
x-fb-rlafr
0
x-fb-debug
kMR5bs6a+kuubCJBzi+2l6yum24latrABUCdl3UCVCvgqg9//4vCElgYRgroy3I+KUQ7IUkrV5qAZhfDCWvMKQ==
x-fb-content-md5
39a8bcd27cb50f45b5f192881c846ae8
x-frame-options
DENY
date
Mon, 29 Nov 2021 02:07:29 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"f656537193524473798d0cf70fe94faf"
timing-allow-origin
*
priority
u=3,i
expires
Tue, 29 Nov 2022 01:22:26 GMT
mmt.gif
imps.monu.delivery/ 		37 B
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imps.monu.delivery/mmt.gif?s=7d71fbe8-b170-446e-b067-9590ccabaec3&a=b.r&u=8c2ab158-8a02-440e-a07f-4aedfc478128&d=%7B%22utm%22%3Anull%7D
Requested by
Host: johnpavlovitz.com
URL: https://johnpavlovitz.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
140.236.186.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 29 Nov 2021 01:58:55 GMT
age
514
x-guploader-uploadid
ADPycds0IRCv6OAMDR9ntUvet23-PTh4F3TC8hShsJ3ZfLa-OGHqmiNS-vjZDUEXaMMRIVODOXH5fHlIMz-ht3MuKdk
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
clear
content-length
37
last-modified
Wed, 12 Jul 2017 09:13:19 GMT
server
UploadServer
etag
"455005e2f4b8ecc484500fab08619f70"
x-goog-hash
crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
x-goog-generation
1499850799559224
cache-control
public, max-age=3600
x-goog-stored-content-length
37
accept-ranges
bytes
content-type
image/gif
expires
Mon, 29 Nov 2021 02:58:55 GMT
mmt.gif
imps.monu.delivery/ 		37 B
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imps.monu.delivery/mmt.gif?s=7d71fbe8-b170-446e-b067-9590ccabaec3&a=b.r&u=7765d109-f172-4772-8b86-be805a57cce8&d=%7B%22utm%22%3Anull%7D
Requested by
Host: johnpavlovitz.com
URL: https://johnpavlovitz.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
140.236.186.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 29 Nov 2021 01:58:55 GMT
age
514
x-guploader-uploadid
ADPycds0IRCv6OAMDR9ntUvet23-PTh4F3TC8hShsJ3ZfLa-OGHqmiNS-vjZDUEXaMMRIVODOXH5fHlIMz-ht3MuKdk
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
clear
content-length
37
last-modified
Wed, 12 Jul 2017 09:13:19 GMT
server
UploadServer
etag
"455005e2f4b8ecc484500fab08619f70"
x-goog-hash
crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
x-goog-generation
1499850799559224
cache-control
public, max-age=3600
x-goog-stored-content-length
37
accept-ranges
bytes
content-type
image/gif
expires
Mon, 29 Nov 2021 02:58:55 GMT
arj
bloggernetwork-d.openx.net/w/1.0/ 		73 B
101 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bloggernetwork-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fjohnpavlovitz.com%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=3ecd4035-d007-42a8-bc7b-a36b957bc942&nocache=1638151649312&schain=1.0%2C1!monumetric.com%2C44f132ae-8194-442b-b0b9-5817f19b3ccd%2C1%2C%2C%2C&aus=300x250%2C300x600%2C160x600&divids=mmt-d421cfc0-cb38-47db-bb63-20714a5c8bd5&aucs=&auid=539370755
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/4/4/f132ae-8194-442b-b0b9-5817f19b3ccd.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.221.0 /
Resource Hash
3283a9049ff445f01eb659a9033477b8caef594a9cfdadd35b4113ae0cb6920c

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 29 Nov 2021 02:07:29 GMT
content-encoding
gzip
server
OXGW/16.221.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://johnpavlovitz.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
translator
hbopenbid.pubmatic.com/ 		0
62 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/4/4/f132ae-8194-442b-b0b9-5817f19b3ccd.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://johnpavlovitz.com
date
Mon, 29 Nov 2021 02:07:28 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
/
hb.emxdgt.com/ 		8 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.emxdgt.com/?t=1300&ts=1638151649313&src=pbjs
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/4/4/f132ae-8194-442b-b0b9-5817f19b3ccd.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.230.193 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-156-230-193.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
f583801e243272736819428a75533d0916049c0b75a539fe2f3283fd47284398

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://johnpavlovitz.com
date
Mon, 29 Nov 2021 02:07:29 GMT
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
security, Content-Type
content-length
8126
content-type
application/json
imp
g2.gumgum.com/hbid/ 		537 B
772 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?pv=4a979083-ed79-4bcf-b01b-e004f73219df&si=97540&pi=3&bf=300x250%2C300x600%2C160x600&schain=1.0%2C1!monumetric.com%2C44f132ae-8194-442b-b0b9-5817f19b3ccd%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fjohnpavlovitz.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%224.43.0%22%7D&ogu=https%3A%2F%2Fjohnpavlovitz.com%2F&ns=10240
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/4/4/f132ae-8194-442b-b0b9-5817f19b3ccd.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.208.210.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-210-171.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
253f42d9369f0077893a445147555e0088f2698843e2610b3a524bac63e72ed1

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 29 Nov 2021 02:07:29 GMT
content-encoding
gzip
server
nginx
timing-allow-origin
*
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://johnpavlovitz.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-type
application/json;charset=UTF-8
expires
0
imp
g2.gumgum.com/hbid/ 		537 B
772 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?pv=4a979083-ed79-4bcf-b01b-e004f73219df&si=97542&pi=3&bf=300x250%2C300x600%2C160x600&schain=1.0%2C1!monumetric.com%2C44f132ae-8194-442b-b0b9-5817f19b3ccd%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fjohnpavlovitz.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%224.43.0%22%7D&ogu=https%3A%2F%2Fjohnpavlovitz.com%2F&ns=10240
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/4/4/f132ae-8194-442b-b0b9-5817f19b3ccd.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.208.210.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-210-171.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
253f42d9369f0077893a445147555e0088f2698843e2610b3a524bac63e72ed1

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 29 Nov 2021 02:07:29 GMT
content-encoding
gzip
server
nginx
timing-allow-origin
*
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://johnpavlovitz.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-type
application/json;charset=UTF-8
expires
0
imp
g2.gumgum.com/hbid/ 		537 B
772 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?pv=4a979083-ed79-4bcf-b01b-e004f73219df&si=97543&pi=3&bf=300x250%2C300x600%2C160x600&schain=1.0%2C1!monumetric.com%2C44f132ae-8194-442b-b0b9-5817f19b3ccd%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fjohnpavlovitz.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%224.43.0%22%7D&ogu=https%3A%2F%2Fjohnpavlovitz.com%2F&ns=10240
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/4/4/f132ae-8194-442b-b0b9-5817f19b3ccd.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.208.210.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-210-171.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
253f42d9369f0077893a445147555e0088f2698843e2610b3a524bac63e72ed1

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 29 Nov 2021 02:07:29 GMT
content-encoding
gzip
server
nginx
timing-allow-origin
*
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://johnpavlovitz.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-type
application/json;charset=UTF-8
expires
0
prebid
ads.yieldmo.com/exchange/ 		0
226 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/exchange/prebid?pbav=4.43.0&p=%5B%7B%22placement_id%22%3A%22mmt-d421cfc0-cb38-47db-bb63-20714a5c8bd5%22%2C%22callback_id%22%3A%22104a04424da4a0bd%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%2C%5B300%2C600%5D%2C%5B160%2C600%5D%5D%2C%22ym_placement_id%22%3A%222540682013120077878%22%7D%5D&page_url=https%3A%2F%2Fjohnpavlovitz.com%2F&bust=1638151649314&pr=&scrd=1&dnt=false&description=Stuff%20That%20Needs%20To%20Be%20Said&title=john%20pavlovitz%20-%20Stuff%20That%20Needs%20To%20Be%20Said&w=1600&h=1200&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%7D&us_privacy=&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22monumetric.com%22%2C%22sid%22%3A%2244f132ae-8194-442b-b0b9-5817f19b3ccd%22%2C%22hp%22%3A1%7D%5D%7D
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/4/4/f132ae-8194-442b-b0b9-5817f19b3ccd.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.49.74.33 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-49-74-33.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://johnpavlovitz.com
pragma
no-cache
date
Mon, 29 Nov 2021 02:07:29 GMT
access-control-allow-credentials
true
x-robots-tag
none,NOINDEX,NOFOLLOW
access-control-allow-methods
POST, GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
prebid
lockerdome.com/ladbid/ 		11 B
337 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lockerdome.com/ladbid/prebid
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/4/4/f132ae-8194-442b-b0b9-5817f19b3ccd.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.154.142.214 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
214.142.154.104.bc.googleusercontent.com
Software
/
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://johnpavlovitz.com
Date
Mon, 29 Nov 2021 02:07:29 GMT
Cache-Control
no-cache, max-age=0, must-revalidate, no-store
Access-Control-Allow-Credentials
true
Content-Encoding
gzip
Content-Length
31
Content-Type
application/json; charset=utf-8
prebid_display
display.bfmio.com/ 		138 B
566 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://display.bfmio.com/prebid_display
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/4/4/f132ae-8194-442b-b0b9-5817f19b3ccd.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
174.129.26.26 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-174-129-26-26.compute-1.amazonaws.com
Software
/
Resource Hash
5df2e6a4096651c41f01a3b7937a5332dd31b0a53a35e5f5b631c0c94e8fb957
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Vary
Accept-Encoding, User-Agent
Content-Type
text/plain;charset=iso-8859-1
Access-Control-Allow-Origin
https://johnpavlovitz.com
Access-Control-Expose-Headers
location
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
147
prebid
ib.adnxs.com/ut/v3/ 		19 B
699 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/4/4/f132ae-8194-442b-b0b9-5817f19b3ccd.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.52 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
725.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 29 Nov 2021 02:07:29 GMT
X-Proxy-Origin
194.36.108.18; 194.36.108.18; 725.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
310b687d-685b-4f4f-becc-d1695394ff89
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://johnpavlovitz.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
c
prebid.a-mo.net/a/ 		0
236 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/4/4/f132ae-8194-442b-b0b9-5817f19b3ccd.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.61.140 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://johnpavlovitz.com
date
Mon, 29 Nov 2021 02:07:29 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
server
envoy
x-envoy-upstream-service-time
180
vary
origin, Accept-Encoding
hb
ssc.33across.com/api/v1/ 		67 B
159 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=dcEu7yseur6PS9aKlId8sQ
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/4/4/f132ae-8194-442b-b0b9-5817f19b3ccd.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
997fd0656d2c1d0a2e5fda244c10c29b43c137a5c2f165e60f416990954703d1

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 29 Nov 2021 02:07:29 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://johnpavlovitz.com
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
trinity.json
apex.go.sonobi.com/ 		140 B
692 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%2211752c412b1a1664%22%3A%22177369c437c672237248%7C300x250%2C300x600%2C160x600%7Cgpid%3D%2F20842576%2C22537430947%2FCMN01M%2FCMN01M-DDT.C%22%2C%22118e3b197f1bfbea%22%3A%22dcc4cd9596e80d497120%7C300x250%2C300x600%2C160x600%7Cgpid%3D%2F20842576%2C22537430947%2FCMN01M%2FCMN01M-DDT.C%22%2C%22119577873cc1b5c1%22%3A%22d23fc2fbe929165f22f9%7C300x250%2C300x600%2C160x600%7Cgpid%3D%2F20842576%2C22537430947%2FCMN01M%2FCMN01M-DDT.C%22%7D&ref=https%3A%2F%2Fjohnpavlovitz.com%2F&s=75aa32e0-079e-4bb7-9304-607944dae1e1&pv=8529c827-e4ac-48c5-bac8-489493d298cf&vp=desktop&lib_name=prebid&lib_v=4.43.0&us=5&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22monumetric.com%22%2C%22sid%22%3A%2244f132ae-8194-442b-b0b9-5817f19b3ccd%22%2C%22hp%22%3A1%7D%5D%7D&coppa=0
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/4/4/f132ae-8194-442b-b0b9-5817f19b3ccd.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.150 Rotterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-apex.go.sonobi.com
Software
sonobi-go /
Resource Hash
58dd9cb011f54d6fe92811d53f3875d616c3db0601f6a3fa5089609693c64612
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 29 Nov 2021 02:07:29 GMT
Content-Encoding
gzip
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
apex-ams-1-6-10
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
https://johnpavlovitz.com
Cache-Control
no-cache, no-store, private
Access-Control-Allow-Credentials
true
Tcn
Choice
Content-Type
application/json
Content-Length
165
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
bid
ap.lijit.com/rtb/ 		95 B
748 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_4.43.0
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/4/4/f132ae-8194-442b-b0b9-5817f19b3ccd.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
90ee4a44f9d1afd8fa671fd5311991d7db3280f9be0a62fbb7646c31db9115ca

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 29 Nov 2021 02:07:29 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://johnpavlovitz.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
99
cygnus
htlb.casalemedia.com/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=201337&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22124a9422bfe3cd49%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fjohnpavlovitz.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%224.43.0%22%2C%22userIds%22%3A%5B%5D%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22monumetric.com%22%2C%22sid%22%3A%2244f132ae-8194-442b-b0b9-5817f19b3ccd%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22adserver.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22450ba572-3972-453b-bf9f-3a7ceefaac83%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID%22%7D%7D%2C%7B%22id%22%3A%22FALSE%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID_LOOKUP%22%7D%7D%2C%7B%22id%22%3A%222021-11-29T02%3A07%3A28%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID_CREATED_AT%22%7D%7D%5D%7D%5D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%221255fccae6c106a9%22%2C%22ext%22%3A%7B%22siteID%22%3A%22201337%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22126a77704a3f3f4c%22%2C%22ext%22%3A%7B%22siteID%22%3A%22242368%22%2C%22sid%22%3A%22300x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22127030b97f760829%22%2C%22ext%22%3A%7B%22siteID%22%3A%22242369%22%2C%22sid%22%3A%22160x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A160%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/4/4/f132ae-8194-442b-b0b9-5817f19b3ccd.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.96.135.185 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-96-135-185.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
de5df7da4e0f58f862de43d8aabdd5c6e9f37f45ca93a86c976ccde15791ae1a

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 29 Nov 2021 02:07:29 GMT
x-ak-initial-geo
CC:[DE], RC:[HE], CN:[EU], CIP:[194.36.108.18], XFF:[]
server
Apache
content-type
application/json
access-control-allow-origin
https://johnpavlovitz.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
1943
x-ak-client-geo
12
expires
Mon, 29 Nov 2021 02:07:29 GMT
prebid
prebid.media.net/rtb/ 		1 KB
677 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUWWG7OK
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/4/4/f132ae-8194-442b-b0b9-5817f19b3ccd.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
2bccf4adb2e24e99580a2543aa6d3b220d3f79f24fd7d0bdf69712af2dc52b70

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 29 Nov 2021 02:07:29 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://johnpavlovitz.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
v1
dmx.districtm.io/b/ 		0
36 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/b/v1
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/4/4/f132ae-8194-442b-b0b9-5817f19b3ccd.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 29 Nov 2021 02:07:29 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD, POST, OPTIONS
access-control-allow-origin
https://johnpavlovitz.com
access-control-allow-credentials
true
cf-ray
6b584860487f3bc2-CDG
access-control-allow-headers
Content-Type, Origin
mmt.gif
imps.monu.delivery/ 		37 B
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imps.monu.delivery/mmt.gif?s=7d71fbe8-b170-446e-b067-9590ccabaec3&a=b.r&u=1b1afb9c-b54e-4ab8-800f-2b614f883142&d=%7B%22utm%22%3Anull%7D
Requested by
Host: johnpavlovitz.com
URL: https://johnpavlovitz.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
140.236.186.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 29 Nov 2021 01:58:55 GMT
age
514
x-guploader-uploadid
ADPycds0IRCv6OAMDR9ntUvet23-PTh4F3TC8hShsJ3ZfLa-OGHqmiNS-vjZDUEXaMMRIVODOXH5fHlIMz-ht3MuKdk
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
clear
content-length
37
last-modified
Wed, 12 Jul 2017 09:13:19 GMT
server
UploadServer
etag
"455005e2f4b8ecc484500fab08619f70"
x-goog-hash
crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
x-goog-generation
1499850799559224
cache-control
public, max-age=3600
x-goog-stored-content-length
37
accept-ranges
bytes
content-type
image/gif
expires
Mon, 29 Nov 2021 02:58:55 GMT
mmt.gif
imps.monu.delivery/ 		37 B
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imps.monu.delivery/mmt.gif?s=7d71fbe8-b170-446e-b067-9590ccabaec3&a=b.r&u=d421cfc0-cb38-47db-bb63-20714a5c8bd5&d=%7B%22utm%22%3Anull%7D
Requested by
Host: johnpavlovitz.com
URL: https://johnpavlovitz.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
140.236.186.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 29 Nov 2021 01:58:55 GMT
age
514
x-guploader-uploadid
ADPycds0IRCv6OAMDR9ntUvet23-PTh4F3TC8hShsJ3ZfLa-OGHqmiNS-vjZDUEXaMMRIVODOXH5fHlIMz-ht3MuKdk
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
clear
content-length
37
last-modified
Wed, 12 Jul 2017 09:13:19 GMT
server
UploadServer
etag
"455005e2f4b8ecc484500fab08619f70"
x-goog-hash
crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
x-goog-generation
1499850799559224
cache-control
public, max-age=3600
x-goog-stored-content-length
37
accept-ranges
bytes
content-type
image/gif
expires
Mon, 29 Nov 2021 02:58:55 GMT
/
www.facebook.com/login/ Frame 2FB4
Redirect Chain
  • https://www.facebook.com/v2.3/plugins/page.php?app_id=249643311490&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1ad4b06d6e6c08%26domain%3Djohnpav...
  • https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fapp_id%3D249643311490%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbit...
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fapp_id%3D249643311490%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df1ad4b06d6e6c08%2526domain%253Djohnpavlovitz.com%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fjohnpavlovitz.com%25252Ff24509f3e5ece74%2526relation%253Dparent.parent%26container_width%3D312%26height%3D130%26hide_cover%3Dfalse%26hide_cta%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Fjohnpavlovitzofficial%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dfalse%26small_header%3Dfalse%26tabs%3Dfalse%26width%3D340
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=e784025b6ac125d0db32252fd4a36e61
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
about:blank

Response headers

vary
Accept-Encoding
content-encoding
br
x-fb-rlafr
0
document-policy
force-load-at-top
cross-origin-opener-policy
unsafe-none
pragma
no-cache
cache-control
private, no-cache, no-store, must-revalidate
expires
Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options
nosniff
x-xss-protection
0
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
content-type
text/html; charset="utf-8"
x-fb-debug
18Dr3LQOjli2F/8GzNeXbNToRtV0YGLzQw+fyGe1bcv5H9qWNbd0sWE3G9o8gV4qqn94QeDsSRKSG9mh69ZM7w==
date
Mon, 29 Nov 2021 02:07:29 GMT
priority
u=3,i
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600

Redirect headers

location
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fapp_id%3D249643311490%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df1ad4b06d6e6c08%2526domain%253Djohnpavlovitz.com%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fjohnpavlovitz.com%25252Ff24509f3e5ece74%2526relation%253Dparent.parent%26container_width%3D312%26height%3D130%26hide_cover%3Dfalse%26hide_cta%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Fjohnpavlovitzofficial%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dfalse%26small_header%3Dfalse%26tabs%3Dfalse%26width%3D340
x-fb-rlafr
0
document-policy
force-load-at-top
cross-origin-opener-policy
unsafe-none
pragma
no-cache
cache-control
private, no-cache, no-store, must-revalidate
expires
Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options
nosniff
x-xss-protection
0
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net cx.atdmt.com www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com ad.atdmt.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net cx.atdmt.com www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com ad.atdmt.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
facebook-api-version
v5.0
strict-transport-security
max-age=15552000; preload
content-type
text/html; charset="utf-8"
x-fb-debug
21vsWsFC9PCCzCXyMY5ak5cldPATnw3+ro5+QKri1XeTUwxY6122ReF0XFCY5/8giHAGwkeN2NEZn9G/W6rsHw==
content-length
0
date
Mon, 29 Nov 2021 02:07:29 GMT
priority
u=3,i
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
widget_iframe.a53eecb4584348a2ad32ec2ae21f6eae.html
platform.twitter.com/widgets/ Frame 9460 		319 KB
103 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/widget_iframe.a53eecb4584348a2ad32ec2ae21f6eae.html?origin=https%3A%2F%2Fjohnpavlovitz.com
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (mil/6CE7) /
Resource Hash
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Content-Encoding
gzip
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
959963
Cache-Control
public, max-age=315360000
Content-Type
text/html; charset=utf-8
Date
Mon, 29 Nov 2021 02:07:29 GMT
Etag
"8321d7cf58d70200c1423dfa0bca40f6+gzip"
Last-Modified
Mon, 18 Oct 2021 18:32:00 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (mil/6CE7)
Vary
Accept-Encoding
X-Cache
HIT
x-tw-cdn
VZ
Content-Length
105433
settings
syndication.twitter.com/ Frame 9460 		232 B
447 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://syndication.twitter.com/settings?session_id=fb3a260163fc28e7edf2a3150fa59bc6cce1ef7f
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.a53eecb4584348a2ad32ec2ae21f6eae.html?origin=https%3A%2F%2Fjohnpavlovitz.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.200 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
726906ee6ce6dfe1b6e35ddad151196c50277e31520de30e916e9cd9affc0ef3
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-response-time
105
date
Mon, 29 Nov 2021 02:07:29 GMT
content-encoding
gzip
last-modified
Mon, 29 Nov 2021 02:07:29 GMT
server
tsa_o
vary
Origin
strict-transport-security
max-age=631138519
content-type
application/json; charset=utf-8
access-control-allow-origin
https://platform.twitter.com
cache-control
must-revalidate, max-age=600
access-control-allow-credentials
true
x-connection-hash
a966bc8d10f0fdbbc5f7a2514c8906c27217f47c349d02eb9572630be4047960
content-length
166
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=johnpavlovitz.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 29 Nov 2021 02:07:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=johnpavlovitz.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 29 Nov 2021 02:07:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		459 B
274 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1218461998831416&correlator=3391043337918040&output=ldjh&impl=fif&eid=31062931&vrg=2021111601&ptt=17&sc=1&sfv=1-0-38&ecs=20211129&iu_parts=20842576%3A22537430947%2CCMN01M%2CCMN01M-DDS.B&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250%7C300x600%7C160x600&prev_scp=pos%3D2%26monu%3D300x250-300x600-160x600_B2%26yieldmo_eb%3Dapproved%26openx_eb%3Dapproved%26medianet_eb%3Dapproved%26ix_eb%3Dapproved%26rhythmone_eb%3Dnot_approved%26sovrn_eb%3Dapproved%26pubmatic_eb%3Dapproved%26sharethrough_eb%3Dnot_approved%26tynt_pillar%3Dfalse%26amznbid%3D2%26amznp%3D2%26auction_id%3D00b4e16b-c004-4e14-8b0a-05f26291ddf8%26monu_df%3D0.13%26safeframe%3Dtrue%26hb_size%3D160x600%26hb_adid%3D171010fee492a7b9%26hb_bidder%3Dsovrn%26target_adx_floor%3D0.15%26big4%3Dfalse&eri=1&cust_params=referrer%3Ddirect&cookie_enabled=1&bc=31&abxe=1&lmt=1638151649&dt=1638151649608&dlt=1638151647165&idt=1391&frm=20&biw=1600&bih=1200&oid=2&adxs=1014&adys=2532&adks=3785396735&ucis=1&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fjohnpavlovitz.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=312x27&msz=300x0&ga_vid=1637388443.1638151648&ga_sid=1638151650&ga_hid=1777990144&ga_fc=true&fws=4&ohw=1600&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
5e5fd9fa94e3a54014897a90a7bc2c2ae86cabed1a1962bb61deaa18eae50b4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 29 Nov 2021 02:07:29 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
244
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://johnpavlovitz.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
041bbc646772232ade25f58d9d587600.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 57E7 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://041bbc646772232ade25f58d9d587600.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Mon, 29 Nov 2021 02:07:29 GMT
expires
Tue, 29 Nov 2022 02:07:29 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
moment~timeline.c7de492113f2eac2bb49ff9013aa2889.js
platform.twitter.com/js/ 		25 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/js/moment~timeline.c7de492113f2eac2bb49ff9013aa2889.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (mil/6CEE) /
Resource Hash
de8383d06a56f08749ed99ad3d43911fe88072a79e9148e2d1dead390f64893f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Mon, 29 Nov 2021 02:07:29 GMT
Content-Encoding
gzip
Last-Modified
Mon, 18 Oct 2021 18:31:52 GMT
Server
ECS (mil/6CEE)
Age
959964
Etag
"643f975645cfdfec2ae02aad7fbc9eea+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
8013
timeline.55167c7072ca7f4363bf18820295ba93.js
platform.twitter.com/js/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/js/timeline.55167c7072ca7f4363bf18820295ba93.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (mil/6CE4) /
Resource Hash
888bc5618973079f4a157c8c94b0afe382e7e957306429c5880e032c83fb8e0c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Mon, 29 Nov 2021 02:07:29 GMT
Content-Encoding
gzip
Last-Modified
Mon, 18 Oct 2021 18:31:52 GMT
Server
ECS (mil/6CE4)
Age
959961
Etag
"9539ec9d4bc5c1e5b1953004a6456c51+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
6441
g_pbst
1x1.a-mo.net/hbx/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1x1.a-mo.net/hbx/g_pbst?A=amx&w=300&h=600&bid=177b460100b1ee55&c1=banner&np=0.19144187999999998&aud=3099fac5a3aa5e1&a=mmt-7765d109-f172-4772-8b86-be805a57cce8&c2=hb_bidder%3Damx%26hb_adid%3D177b460100b1ee55%26hb_size%3D300x600%26safeframe%3Dtrue%26monu_df%3D0.19%26auction_id%3Db8521b1f-9a2b-44e2-a20c-be40b543d2e7&ts=1638151649650&eid=1787b89d97d2353d
Requested by
Host: johnpavlovitz.com
URL: https://johnpavlovitz.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.165.214.53 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-165-214-53.compute-1.amazonaws.com
Software
MonetEngine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 29 Nov 2021 02:07:29 GMT
cache-control
max-age=0, private, must-revalidate
server
MonetEngine
ads
securepubads.g.doubleclick.net/gampad/ 		459 B
269 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1218461998831416&correlator=979401240522989&output=ldjh&impl=fif&eid=31062931&vrg=2021111601&ptt=17&sc=1&sfv=1-0-38&ecs=20211129&iu_parts=20842576%3A22537430947%2CCMN01M%2CCMN01M-DDS.A&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250%7C300x600%7C160x600&prev_scp=pos%3D1%26monu%3D300x250-300x600-160x600_A1%26yieldmo_eb%3Dapproved%26openx_eb%3Dapproved%26medianet_eb%3Dapproved%26ix_eb%3Dapproved%26rhythmone_eb%3Dnot_approved%26sovrn_eb%3Dapproved%26pubmatic_eb%3Dapproved%26sharethrough_eb%3Dnot_approved%26tynt_pillar%3Dfalse%26amznbid%3D2%26amznp%3D2%26auction_id%3Db8521b1f-9a2b-44e2-a20c-be40b543d2e7%26monu_df%3D0.19%26safeframe%3Dtrue%26hb_size%3D300x600%26hb_adid%3D177b460100b1ee55%26hb_bidder%3Damx%26target_adx_floor%3D0.15%26big4%3Dfalse&eri=1&cust_params=referrer%3Ddirect&cookie_enabled=1&bc=31&abxe=1&lmt=1638151649&dt=1638151649660&dlt=1638151647165&idt=1391&frm=20&biw=1600&bih=1200&oid=2&adxs=1014&adys=2204&adks=1473863096&ucis=2&ifi=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fjohnpavlovitz.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=312x27&msz=300x0&ga_vid=1637388443.1638151648&ga_sid=1638151650&ga_hid=1777990144&ga_fc=true&fws=4&ohw=1600&btvi=2&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
3d06440da7affef978c73ffc7c5e72ca50aa7230095c8b86cab40525c521f4d5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 29 Nov 2021 02:07:29 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
239
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://johnpavlovitz.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=johnpavlovitz.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 29 Nov 2021 02:07:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=johnpavlovitz.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 29 Nov 2021 02:07:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		459 B
272 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1218461998831416&correlator=2890397341743613&output=ldjh&impl=fif&eid=31062931&vrg=2021111601&ptt=17&sc=1&sfv=1-0-38&ecs=20211129&iu_parts=20842576%3A22537430947%2CCMN01M%2CCMN01M-DDT.C&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250%7C300x600%7C160x600&prev_scp=pos%3D3%26monu%3D300x250-300x600-160x600_B3%26directDeals%3Dsticky_sidebar%26yieldmo_eb%3Dapproved%26openx_eb%3Dapproved%26medianet_eb%3Dapproved%26ix_eb%3Dapproved%26rhythmone_eb%3Dnot_approved%26sovrn_eb%3Dapproved%26pubmatic_eb%3Dapproved%26sharethrough_eb%3Dnot_approved%26tynt_pillar%3Dfalse%26amznbid%3D2%26amznp%3D2%26auction_id%3D2d457279-01b4-4a4c-926c-7d8ecdd5ad84%26monu_df%3D0.06%26safeframe%3Dtrue%26hb_size%3D300x250%26hb_adid%3D17420cc3d92f254c%26hb_bidder%3Demx_digital%26target_adx_floor%3D0.15%26big4%3Dfalse&eri=1&cust_params=referrer%3Ddirect&cookie_enabled=1&bc=31&abxe=1&lmt=1638151649&dt=1638151649681&dlt=1638151647165&idt=1391&frm=20&biw=1600&bih=1200&oid=2&adxs=1014&adys=3046&adks=2942317540&ucis=3&ifi=3&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fjohnpavlovitz.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=312x27&msz=300x0&ga_vid=1637388443.1638151648&ga_sid=1638151650&ga_hid=1777990144&ga_fc=true&fws=4&ohw=1600&btvi=3&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
29bbdaaaebb0e82318fb2b12354332981bd499ae1ea3e2af42efbbdcff451439
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 29 Nov 2021 02:07:30 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
242
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://johnpavlovitz.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
profile
cdn.syndication.twimg.com/timeline/ 		23 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.syndication.twimg.com/timeline/profile?callback=__twttr.callbacks.tl_i0_profile_johnpavlovitz_old&dnt=false&domain=johnpavlovitz.com&lang=en&screen_name=johnpavlovitz&suppress_response_codes=true&t=1820168&tweet_limit=3&tz=GMT%2B0000&with_replies=false
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
tsa_f /
Resource Hash
36b80e60ef2da3b04d77d60b93cb53c16e79c38aa53ff6a9712a395dc9923349
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 29 Nov 2021 02:07:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-disposition
attachment; filename=jsonp.jsonp
access-control-allow-methods
GET
content-length
4156
x-xss-protection
0
access-contol-allow-origin
platform.twitter.com
x-response-time
131
last-modified
Mon, 29 Nov 2021 02:07:29 GMT
server
tsa_f
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=631138519
x-tw-cdn
VZ, VZ
content-type
application/javascript;charset=utf-8
cache-control
must-revalidate, max-age=300
x-connection-hash
813e1670721a06c29a4afe6a9e9cfdcea3097324e880af08083448cdbe4ec043
timing-allow-origin
*
x-transaction
58faa56c28e0500b
expires
Mon, 29 Nov 2021 02:12:29 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=johnpavlovitz.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 29 Nov 2021 02:07:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=johnpavlovitz.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 29 Nov 2021 02:07:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		100 KB
24 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1218461998831416&correlator=993090019663225&output=ldjh&impl=fif&eid=31062931&vrg=2021111601&ptt=17&sc=1&sfv=1-0-38&ecs=20211129&iu_parts=20842576%3A22537430947%2CCMN01M%2CCMN01M-DDA.A&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&prev_scp=pos%3D1%26monu%3D728x90_B1%26directDeals%3Dsticky_bottom%26yieldmo_eb%3Dapproved%26openx_eb%3Dapproved%26medianet_eb%3Dapproved%26ix_eb%3Dapproved%26rhythmone_eb%3Dnot_approved%26sovrn_eb%3Dapproved%26pubmatic_eb%3Dapproved%26sharethrough_eb%3Dnot_approved%26tynt_pillar%3Dfalse%26amznbid%3D2%26amznp%3D2%26auction_id%3Dea11991c-b3ee-43fa-b9bf-0f4499944dbe%26monu_df%3D0.00%26safeframe%3Dtrue%26hb_size%3D728x90%26hb_adid%3D1679f354aa09fabe%26hb_bidder%3Dix%26target_adx_floor%3D0.21%26big4%3Dfalse&eri=1&cust_params=referrer%3Ddirect&cookie_enabled=1&bc=31&abxe=1&lmt=1638151649&dt=1638151649745&dlt=1638151647165&idt=1391&frm=20&biw=1600&bih=1200&oid=2&adxs=436&adys=1193&adks=4017078573&ucis=4&ifi=4&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fjohnpavlovitz.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=728x-1&msz=728x-1&ga_vid=1637388443.1638151648&ga_sid=1638151650&ga_hid=1777990144&ga_fc=true&fws=516&ohw=1600&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
6a332601455c252a8e1416affb12225c04cb717cd1f54e2cede14c1660d22bf9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 29 Nov 2021 02:07:30 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24304
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://johnpavlovitz.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
mmt.gif
imps.monu.delivery/ 		37 B
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imps.monu.delivery/mmt.gif?s=7d71fbe8-b170-446e-b067-9590ccabaec3&a=a.e&u=mmt-1b1afb9c-b54e-4ab8-800f-2b614f883142&d=%7B%22auction%22%3A%7B%22floorType%22%3A%22target%22%2C%22dfFloor%22%3A%220.00%22%2C%22adXFloor%22%3A%220.15%22%2C%22refreshCount%22%3A0%2C%22hb_bidder%22%3A%22sovrn%22%2C%22monu_df%22%3A%220.13%22%2C%22ipin%22%3A%22CMN01M-DDS.B%22%2C%22auctionId%22%3A%2200b4e16b-c004-4e14-8b0a-05f26291ddf8%22%2C%22isBackfill%22%3Afalse%2C%22isEmpty%22%3Atrue%2C%22advertiserId%22%3Anull%2C%22sourceAgnosticLineItemId%22%3Anull%2C%22bidders%22%3A%5B%7B%22bidder%22%3A%22sovrn%22%2C%22cpm%22%3A0.1364574887%2C%22size%22%3A%22160x600%22%2C%22timeToRespond%22%3A198%7D%2C%7B%22bidder%22%3A%22ix%22%2C%22cpm%22%3A0.07%2C%22size%22%3A%22160x600%22%2C%22timeToRespond%22%3A202%7D%2C%7B%22bidder%22%3A%22ix%22%2C%22cpm%22%3A0.04%2C%22size%22%3A%22300x250%22%2C%22timeToRespond%22%3A202%7D%5D%7D%2C%22utm%22%3Anull%2C%22pagePath%22%3A%22%2F%22%2C%22referer%22%3A%22%22%7D
Requested by
Host: johnpavlovitz.com
URL: https://johnpavlovitz.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
140.236.186.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 29 Nov 2021 01:58:55 GMT
age
514
x-guploader-uploadid
ADPycds0IRCv6OAMDR9ntUvet23-PTh4F3TC8hShsJ3ZfLa-OGHqmiNS-vjZDUEXaMMRIVODOXH5fHlIMz-ht3MuKdk
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
clear
content-length
37
last-modified
Wed, 12 Jul 2017 09:13:19 GMT
server
UploadServer
etag
"455005e2f4b8ecc484500fab08619f70"
x-goog-hash
crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
x-goog-generation
1499850799559224
cache-control
public, max-age=3600
x-goog-stored-content-length
37
accept-ranges
bytes
content-type
image/gif
expires
Mon, 29 Nov 2021 02:58:55 GMT
mmt.gif
imps.monu.delivery/ 		37 B
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imps.monu.delivery/mmt.gif?s=7d71fbe8-b170-446e-b067-9590ccabaec3&a=a.e&u=mmt-7765d109-f172-4772-8b86-be805a57cce8&d=%7B%22auction%22%3A%7B%22floorType%22%3A%22target%22%2C%22dfFloor%22%3A%220.00%22%2C%22adXFloor%22%3A%220.15%22%2C%22refreshCount%22%3A0%2C%22hb_bidder%22%3A%22amx%22%2C%22monu_df%22%3A%220.19%22%2C%22ipin%22%3A%22CMN01M-DDS.A%22%2C%22auctionId%22%3A%22b8521b1f-9a2b-44e2-a20c-be40b543d2e7%22%2C%22isBackfill%22%3Afalse%2C%22isEmpty%22%3Atrue%2C%22advertiserId%22%3Anull%2C%22sourceAgnosticLineItemId%22%3Anull%2C%22bidders%22%3A%5B%7B%22bidder%22%3A%22ix%22%2C%22cpm%22%3A0.08%2C%22size%22%3A%22160x600%22%2C%22timeToRespond%22%3A146%7D%2C%7B%22bidder%22%3A%22ix%22%2C%22cpm%22%3A0.05%2C%22size%22%3A%22300x250%22%2C%22timeToRespond%22%3A146%7D%2C%7B%22bidder%22%3A%22amx%22%2C%22cpm%22%3A0.19144187999999998%2C%22size%22%3A%22300x600%22%2C%22timeToRespond%22%3A640%7D%5D%7D%2C%22utm%22%3Anull%2C%22pagePath%22%3A%22%2F%22%2C%22referer%22%3A%22%22%7D
Requested by
Host: johnpavlovitz.com
URL: https://johnpavlovitz.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
140.236.186.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 29 Nov 2021 01:58:55 GMT
age
514
x-guploader-uploadid
ADPycds0IRCv6OAMDR9ntUvet23-PTh4F3TC8hShsJ3ZfLa-OGHqmiNS-vjZDUEXaMMRIVODOXH5fHlIMz-ht3MuKdk
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
clear
content-length
37
last-modified
Wed, 12 Jul 2017 09:13:19 GMT
server
UploadServer
etag
"455005e2f4b8ecc484500fab08619f70"
x-goog-hash
crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
x-goog-generation
1499850799559224
cache-control
public, max-age=3600
x-goog-stored-content-length
37
accept-ranges
bytes
content-type
image/gif
expires
Mon, 29 Nov 2021 02:58:55 GMT
1f447.png
abs.twimg.com/emoji/v2/72x72/ Frame 5B71 		467 B
833 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://abs.twimg.com/emoji/v2/72x72/1f447.png
Requested by
Host: johnpavlovitz.com
URL: https://johnpavlovitz.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:8173:898f:63b3:95c3:79d2 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8EA1) /
Resource Hash
99a50b833fec96a9f274d707bb567cd242ec35db35d6bc26ac391c0619304b2e
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 29 Nov 2021 02:07:30 GMT
x-content-type-options
nosniff
age
12675864
x-ton-expected-size
467
x-cache
HIT
content-length
467
x-response-time
15
surrogate-key
twitter-assets
last-modified
Wed, 21 Feb 2018 22:28:34 GMT
server
ECAcc (frc/8EA1)
etag
"BjsCV7rNDg+DxmKk6QZ/eA=="
strict-transport-security
max-age=631138519
content-type
image/png
access-control-allow-origin
*
x-connection-hash
099688f6151c771d8a7e16854b7ddd7a
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
expires
Tue, 29 Nov 2022 02:07:30 GMT
QTB446I5
pbs.twimg.com/card_img/1462854535957913600/ Frame 5B71 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/card_img/1462854535957913600/QTB446I5?format=jpg&name=144x144_2
Requested by
Host: johnpavlovitz.com
URL: https://johnpavlovitz.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (mil/6CF1) /
Resource Hash
580cf50443ff7e3809efecfa8dfed146f36d4850dc97d52a1e044d9d25f6fb91
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 29 Nov 2021 02:07:30 GMT
x-content-type-options
nosniff
age
33717
x-cache
HIT
content-length
3945
x-response-time
147
surrogate-key
card_img card_img/bucket/1 card_img/1462854535957913600
last-modified
Mon, 22 Nov 2021 18:42:34 GMT
server
ECS (mil/6CF1)
strict-transport-security
max-age=631138519
x-tw-cdn
VZ, VZ
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
7f3e14e0059b14bcca97511da92426619c4e0e62b756aa1366eac601a55fe7e4
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
timeline.2fcb295ab98c2ce26f4cca0d2b2d0f48.light.ltr.css
platform.twitter.com/css/ Frame 5B71 		53 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/css/timeline.2fcb295ab98c2ce26f4cca0d2b2d0f48.light.ltr.css
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (mil/6CE4) /
Resource Hash
8a322ede0b619b9051fccbe2a1a31f402f416d45f92c245aafcbe75e42f6f2b2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Mon, 29 Nov 2021 02:07:30 GMT
Content-Encoding
gzip
Last-Modified
Mon, 18 Oct 2021 18:31:49 GMT
Server
ECS (mil/6CE4)
Age
959964
Etag
"fb5a989a2b36d6be5344baad6a1936fd+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
text/css; charset=utf-8
Content-Length
12144
timeline.2fcb295ab98c2ce26f4cca0d2b2d0f48.light.ltr.css
platform.twitter.com/css/ 		53 KB
53 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://platform.twitter.com/css/timeline.2fcb295ab98c2ce26f4cca0d2b2d0f48.light.ltr.css
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (mil/6CE4) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Mon, 29 Nov 2021 02:07:30 GMT
Content-Encoding
gzip
Last-Modified
Mon, 18 Oct 2021 18:31:49 GMT
Server
ECS (mil/6CE4)
Age
959964
Etag
"fb5a989a2b36d6be5344baad6a1936fd+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
text/css; charset=utf-8
Content-Length
12144
1f447.png
abs.twimg.com/emoji/v2/72x72/ Frame 5B71 		467 B
542 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://abs.twimg.com/emoji/v2/72x72/1f447.png
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/js/moment~timeline.c7de492113f2eac2bb49ff9013aa2889.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:8173:898f:63b3:95c3:79d2 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8EA1) /
Resource Hash
99a50b833fec96a9f274d707bb567cd242ec35db35d6bc26ac391c0619304b2e
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 29 Nov 2021 02:07:30 GMT
x-content-type-options
nosniff
age
12675864
x-ton-expected-size
467
x-cache
HIT
content-length
467
x-response-time
15
surrogate-key
twitter-assets
last-modified
Wed, 21 Feb 2018 22:28:34 GMT
server
ECAcc (frc/8EA1)
etag
"BjsCV7rNDg+DxmKk6QZ/eA=="
strict-transport-security
max-age=631138519
content-type
image/png
access-control-allow-origin
*
x-connection-hash
099688f6151c771d8a7e16854b7ddd7a
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
expires
Tue, 29 Nov 2022 02:07:30 GMT
Cso-6DzW_normal.jpg
pbs.twimg.com/profile_images/1392679120715268098/ Frame 5B71 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/profile_images/1392679120715268098/Cso-6DzW_normal.jpg
Requested by
Host: johnpavlovitz.com
URL: https://johnpavlovitz.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (mil/6CF2) /
Resource Hash
7c3ed0e2dfdcac9e4ff0a5569f14b4d0cb15e542a1a842b0339af978e3002769
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 29 Nov 2021 02:07:30 GMT
x-content-type-options
nosniff
age
341154
x-cache
HIT
content-length
2111
x-response-time
118
surrogate-key
profile_images profile_images/bucket/2 profile_images/1392679120715268098
last-modified
Thu, 13 May 2021 03:10:31 GMT
server
ECS (mil/6CF2)
strict-transport-security
max-age=631138519
x-tw-cdn
VZ, VZ
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
2f1e34755855c26b9041d4afa859a0a4bae4ce23821b651694e0850bc84faaa4
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
FFTJvnWWYAIx6ns
pbs.twimg.com/media/ Frame 5B71 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/media/FFTJvnWWYAIx6ns?format=jpg&name=360x360
Requested by
Host: johnpavlovitz.com
URL: https://johnpavlovitz.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (mil/6CE0) /
Resource Hash
ba5cf880d80448460758f597d2f50db9d125fdbd2ac769aa517e20b550622cbb
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 29 Nov 2021 02:07:30 GMT
x-content-type-options
nosniff
age
28984
x-cache
MISS
content-length
23521
x-response-time
262
surrogate-key
media media/bucket/5 media/1465017598656012290
last-modified
Sun, 28 Nov 2021 17:57:48 GMT
server
ECS (mil/6CE0)
strict-transport-security
max-age=631138519
x-tw-cdn
VZ, VZ
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
c4113d11e762965fc07a4f066185b41c706a3c17593de0d8a72b4ce022dc5f5a
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
syndication_bundle_v1_73385286cca9d2256f6bf3993470820d4827b058.css
ton.twimg.com/tfw/css/ Frame 5B71 		44 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ton.twimg.com/tfw/css/syndication_bundle_v1_73385286cca9d2256f6bf3993470820d4827b058.css
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:7ee2:97c:ab4c:6c70:be36 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8FC6) /
Resource Hash
a549034009f79ead18a2154a8b730d8acb61e2f36c0434c0f9cff0f73df5d8cf
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 29 Nov 2021 02:07:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
308782
x-ton-expected-size
45170
x-cache
HIT
vary
Accept-Encoding
content-length
6839
x-response-time
6
surrogate-key
tfw
last-modified
Tue, 14 May 2019 18:53:54 GMT
server
ECAcc (frc/8FC6)
etag
"4mhImCFS9rptiUICNnLD1g=="
strict-transport-security
max-age=631138519
content-type
text/css
access-control-allow-origin
*
x-connection-hash
ea98641f581e21d6f2842597bceaa62fa119a42afe67e1bc12085d61e0b0bd60
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
expires
Mon, 06 Dec 2021 02:07:30 GMT
syndication_bundle_v1_73385286cca9d2256f6bf3993470820d4827b058.css
ton.twimg.com/tfw/css/ 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ton.twimg.com/tfw/css/syndication_bundle_v1_73385286cca9d2256f6bf3993470820d4827b058.css
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:7ee2:97c:ab4c:6c70:be36 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8FC6) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 29 Nov 2021 02:07:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
308782
x-ton-expected-size
45170
x-cache
HIT
vary
Accept-Encoding
content-length
6839
x-response-time
6
surrogate-key
tfw
last-modified
Tue, 14 May 2019 18:53:54 GMT
server
ECAcc (frc/8FC6)
etag
"4mhImCFS9rptiUICNnLD1g=="
strict-transport-security
max-age=631138519
content-type
text/css
access-control-allow-origin
*
x-connection-hash
ea98641f581e21d6f2842597bceaa62fa119a42afe67e1bc12085d61e0b0bd60
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
expires
Mon, 06 Dec 2021 02:07:30 GMT
truncated
/ Frame 5B71 		512 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
eddfb285df91d818926b2f8ec64c71be82e0ea4f21ca9f63f5b0bc5dbcd75b0b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ Frame 5B71 		825 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
45055babdbc02ea34c7baa53f33fc68389c4c5f73afe0bfafd6c9bc5733399bc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ Frame 5B71 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ded16b9cb72df85ea242aaef8878c716abb57c746f0bfda6eabd2b9ddb2a23b5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ Frame 5B71 		572 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
42ecd6904f43af4e6cef62ddbeffa7b2b0b6c8ec5080a3e1deec4576f4294859

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ Frame 5B71 		644 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
195e8e91bc727766f427243d4cfb79cdc873639991600bf99e9d2cab5cad77c8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
container.html
041bbc646772232ade25f58d9d587600.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame E97C 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://041bbc646772232ade25f58d9d587600.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202111171629/wrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Mon, 29 Nov 2021 02:07:29 GMT
expires
Tue, 29 Nov 2022 02:07:29 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
mmt.gif
imps.monu.delivery/ 		37 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imps.monu.delivery/mmt.gif?s=7d71fbe8-b170-446e-b067-9590ccabaec3&a=a.e&u=mmt-8c2ab158-8a02-440e-a07f-4aedfc478128&d=%7B%22auction%22%3A%7B%22floorType%22%3A%22target%22%2C%22dfFloor%22%3A%220.21%22%2C%22adXFloor%22%3A%220.21%22%2C%22refreshCount%22%3A0%2C%22hb_bidder%22%3A%22ix%22%2C%22monu_df%22%3A%220.00%22%2C%22ipin%22%3A%22CMN01M-DDA.A%22%2C%22auctionId%22%3A%22ea11991c-b3ee-43fa-b9bf-0f4499944dbe%22%2C%22isBackfill%22%3Atrue%2C%22isEmpty%22%3Afalse%2C%22advertiserId%22%3A28192296%2C%22sourceAgnosticLineItemId%22%3A4761663483%2C%22bidders%22%3A%5B%7B%22bidder%22%3A%22ix%22%2C%22cpm%22%3A0.04%2C%22size%22%3A%22728x90%22%2C%22timeToRespond%22%3A114%7D%5D%7D%2C%22utm%22%3Anull%2C%22pagePath%22%3A%22%2F%22%2C%22referer%22%3A%22%22%7D
Requested by
Host: johnpavlovitz.com
URL: https://johnpavlovitz.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
140.236.186.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 29 Nov 2021 01:58:55 GMT
age
515
x-guploader-uploadid
ADPycds0IRCv6OAMDR9ntUvet23-PTh4F3TC8hShsJ3ZfLa-OGHqmiNS-vjZDUEXaMMRIVODOXH5fHlIMz-ht3MuKdk
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
clear
content-length
37
last-modified
Wed, 12 Jul 2017 09:13:19 GMT
server
UploadServer
etag
"455005e2f4b8ecc484500fab08619f70"
x-goog-hash
crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
x-goog-generation
1499850799559224
cache-control
public, max-age=3600
x-goog-stored-content-length
37
accept-ranges
bytes
content-type
image/gif
expires
Mon, 29 Nov 2021 02:58:55 GMT
mmt.gif
imps.monu.delivery/ 		37 B
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imps.monu.delivery/mmt.gif?s=7d71fbe8-b170-446e-b067-9590ccabaec3&a=a.e&u=mmt-d421cfc0-cb38-47db-bb63-20714a5c8bd5&d=%7B%22auction%22%3A%7B%22floorType%22%3A%22target%22%2C%22dfFloor%22%3A%220.00%22%2C%22adXFloor%22%3A%220.15%22%2C%22refreshCount%22%3A0%2C%22hb_bidder%22%3A%22emx_digital%22%2C%22monu_df%22%3A%220.06%22%2C%22ipin%22%3A%22CMN01M-DDT.C%22%2C%22auctionId%22%3A%222d457279-01b4-4a4c-926c-7d8ecdd5ad84%22%2C%22isBackfill%22%3Afalse%2C%22isEmpty%22%3Atrue%2C%22advertiserId%22%3Anull%2C%22sourceAgnosticLineItemId%22%3Anull%2C%22bidders%22%3A%5B%7B%22bidder%22%3A%22emx_digital%22%2C%22cpm%22%3A0.06820000000000001%2C%22size%22%3A%22300x250%22%2C%22timeToRespond%22%3A40%7D%2C%7B%22bidder%22%3A%22ix%22%2C%22cpm%22%3A0.05%2C%22size%22%3A%22300x250%22%2C%22timeToRespond%22%3A90%7D%2C%7B%22bidder%22%3A%22ix%22%2C%22cpm%22%3A0.01%2C%22size%22%3A%22160x600%22%2C%22timeToRespond%22%3A91%7D%5D%7D%2C%22utm%22%3Anull%2C%22pagePath%22%3A%22%2F%22%2C%22referer%22%3A%22%22%7D
Requested by
Host: johnpavlovitz.com
URL: https://johnpavlovitz.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
140.236.186.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 29 Nov 2021 01:58:55 GMT
age
515
x-guploader-uploadid
ADPycds0IRCv6OAMDR9ntUvet23-PTh4F3TC8hShsJ3ZfLa-OGHqmiNS-vjZDUEXaMMRIVODOXH5fHlIMz-ht3MuKdk
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
clear
content-length
37
last-modified
Wed, 12 Jul 2017 09:13:19 GMT
server
UploadServer
etag
"455005e2f4b8ecc484500fab08619f70"
x-goog-hash
crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
x-goog-generation
1499850799559224
cache-control
public, max-age=3600
x-goog-stored-content-length
37
accept-ranges
bytes
content-type
image/gif
expires
Mon, 29 Nov 2021 02:58:55 GMT
css
fonts.googleapis.com/ Frame E97C 		2 KB
532 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400
Requested by
Host: 041bbc646772232ade25f58d9d587600.safeframe.googlesyndication.com
URL: https://041bbc646772232ade25f58d9d587600.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e89a316ebf1c63ea09e2b7b5889fb55e1ffb326c7b2b172027da0948f5709f6a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://041bbc646772232ade25f58d9d587600.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 29 Nov 2021 01:53:27 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 29 Nov 2021 02:07:30 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 29 Nov 2021 02:07:30 GMT
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame E97C 		1 KB
960 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: 041bbc646772232ade25f58d9d587600.safeframe.googlesyndication.com
URL: https://041bbc646772232ade25f58d9d587600.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b4a25f11fbb1e2b547eaf848472f9c048824e307a945f3a0417aac7b09d0456e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://041bbc646772232ade25f58d9d587600.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 29 Nov 2021 02:02:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
326
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
853
x-xss-protection
0
server
cafe
etag
7170004918125193417
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 13 Dec 2021 02:02:04 GMT
ai.aspx
tagm.tchibo.de/ Frame E97C 		43 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tagm.tchibo.de/ai.aspx?extProvId=5&extPu=tchibo-pm-display&extLi=752742929&cb=2355504832
Requested by
Host: johnpavlovitz.com
URL: https://johnpavlovitz.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.202.235.10 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://041bbc646772232ade25f58d9d587600.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
P3P
policyref="https://tagm.tchibo.de/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
Connection
close
X-ET-Monitoring
1
Content-Length
43
Pragma
no-cache
X-ET-Code
0
Last-Modified
Mo, 29 Nov 2021 02:07:30 GMT
Server
Microsoft-IIS/8.5
Date
Mon, 29 Nov 2021 02:07:29 GMT
Access-Control-Max-Age
1000
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
https://041bbc646772232ade25f58d9d587600.safeframe.googlesyndication.com
Cache-Control
private
Access-Control-Allow-Credentials
true
X-ET-Camp
821
Access-Control-Allow-Headers
*
Expires
Mon, 26 Jul 1997 05:00:00 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame E97C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CXiqX4TWkYbH8L_iC7_UPrOizmAuC84TXZenAz4q0DuPeh_7THBABINjV2CtglfrwgYwHoAGCkOWHA8gBCakCPVGexJX9sj7gAgCoAwHIA5sEqgSUAk_QWTKCwK7Y8ajSnORoKO56L7K9vVV1wojQawrNGuAaa02BisgdnWDIlW7Uz8HWc4EnV1izzmsiVGiW3r17Za2A2V2eL9BL9LtaaqvW5SecS0woKYPmhRlpKAeNSrYpeXzTKMWcd5lUP096gkHCzFZfI7n0VmcrVL8dBFptAuOn4av3UvSdByILKZD30J8-HtM6TYlZHqB_F1mL3ztfatP4GYI7RClnHVO1VkGY340eFpjHPfd2Uo-JY_KZMrUk3LWUO-cr-GPvQLSCnLQYLA2_DTwW5S0qDM2adwSXZpYCfqHiW3UInkPad3GC890oCR8f43QfFtJdj9KcjNhEfp8_4j5GYoaa3xpELhBnu3VMYzbYhMAEqNf0q9UD4AQBkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB8yBrSioB47OG6gHk9gbqAfulrECqAf-nrECqAemvhvYBwDyBwQQhb0b0ggJCIjhgBAQARgd8ggbYWR4LXN1YnN5bi0xNjIzNzM3Nzg2OTcxNDg5gAoDyAsB2BML0BUBgBcBshceChwIABIUcHViLTM5NDQ5NTQ4NjIzMTYyODMYmNsQ&sigh=5BK-812c5L0&uach_m=[UACH]&template_id=494
Requested by
Host: johnpavlovitz.com
URL: https://johnpavlovitz.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://041bbc646772232ade25f58d9d587600.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/ Frame E97C 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/abg_lite_fy2019.js
Requested by
Host: 041bbc646772232ade25f58d9d587600.safeframe.googlesyndication.com
URL: https://041bbc646772232ade25f58d9d587600.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
65623c8434f7dadaba113a4521a101729ee3e6635e4412f2ccc99fbe6412d15e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://041bbc646772232ade25f58d9d587600.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 29 Nov 2021 01:32:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2076
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7840
x-xss-protection
0
server
cafe
etag
9525834815172239946
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 13 Dec 2021 01:32:54 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame E97C 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/window_focus_fy2019.js
Requested by
Host: 041bbc646772232ade25f58d9d587600.safeframe.googlesyndication.com
URL: https://041bbc646772232ade25f58d9d587600.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://041bbc646772232ade25f58d9d587600.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 29 Nov 2021 01:53:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
864
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1332
x-xss-protection
0
server
cafe
etag
3351516697335751560
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 13 Dec 2021 01:53:06 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame E97C 		119 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 041bbc646772232ade25f58d9d587600.safeframe.googlesyndication.com
URL: https://041bbc646772232ade25f58d9d587600.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://041bbc646772232ade25f58d9d587600.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 29 Nov 2021 02:07:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37119
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1636547677202025"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 29 Nov 2021 02:07:30 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame E97C 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 041bbc646772232ade25f58d9d587600.safeframe.googlesyndication.com
URL: https://041bbc646772232ade25f58d9d587600.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e7907336273196ef7b66c3c9377e5958d4c7e9691de3e67dca3a803138344a00
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://041bbc646772232ade25f58d9d587600.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 29 Nov 2021 01:54:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
757
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6415
x-xss-protection
0
server
cafe
etag
16810888504096353422
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 13 Dec 2021 01:54:53 GMT
163b3e9c260ab6fd774ac5b5c6fd1d76.js
www.gstatic.com/mysidia/ Frame E97C 		27 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/163b3e9c260ab6fd774ac5b5c6fd1d76.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: 041bbc646772232ade25f58d9d587600.safeframe.googlesyndication.com
URL: https://041bbc646772232ade25f58d9d587600.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
de418fdfa1d02a219d049bb1cd8562182c4201c67f6b9d0e2f67f21a476e1096
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://041bbc646772232ade25f58d9d587600.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 12:44:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
220990
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11360
x-xss-protection
0
last-modified
Tue, 16 Nov 2021 04:29:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Thu, 24 Feb 2022 12:44:20 GMT
pixel
protected-by.clarium.io/ Frame E97C 		68 B
345 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://protected-by.clarium.io/pixel?tag=wt_T09oM2JUcnRiMm5IeU93R2syTFRPNVNXbzU0LzIzNjcyNTUwMTA6NzI4eDkw&v=5&s=v31flkn4v0a&id=eyJkZnAiOnsiYWQiOjI4MTkyMjk2LCJjIjpudWxsLCJsIjowLCJvIjoyMzY3MjU1MDEwLCJBIjoiLzIwODQyNTc2LDIyNTM3NDMwOTQ3L0NNTjAxTS9DTU4wMU0tRERBLkEiLCJ5IjoxMjE3NTksImNvIjowLCJzIjoibW10LThjMmFiMTU4LThhMDItNDQwZS1hMDdmLTRhZWRmYzQ3ODEyOCJ9fQ%3D%3D&sb=undefined&cb=7956152&h=johnpavlovitz.com&d=eyJ3aCI6IlQwOW9NMkpVY25SaU1tNUllVTkzUjJzeVRGUlBOVk5YYnpVMEx6SXpOamN5TlRVd01UQTZOekk0ZURrdyIsIndkIjp7Im8iOjIzNjcyNTUwMTAsInciOiI3MjgiLCJoIjoiOTAifSwid3IiOjJ9
Requested by
Host: 041bbc646772232ade25f58d9d587600.safeframe.googlesyndication.com
URL: https://041bbc646772232ade25f58d9d587600.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.127.133.197 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-127-133-197.eu-central-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://041bbc646772232ade25f58d9d587600.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 29 Nov 2021 02:07:30 GMT
Server
nginx/1.14.0 (Ubuntu)
Content-Type
image/png
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
68
Expires
Sat, 26 Jul 1997 05:00:00 GMT
shopping
encrypted-tbn1.gstatic.com/ Frame E97C 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcRRPZtzwX8YmbExPsqbMJS47TISHTbgYiauSkJ_r7zEro7Hoq4&usqp=CAI
Requested by
Host: 041bbc646772232ade25f58d9d587600.safeframe.googlesyndication.com
URL: https://041bbc646772232ade25f58d9d587600.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8604fdfbf3c02e209ee0f57c7b086dc6eca6e18b976e141f84fe2ca791885c7a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://041bbc646772232ade25f58d9d587600.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 25 Nov 2021 05:41:58 GMT
x-content-type-options
nosniff
age
332732
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12403
x-xss-protection
0
last-modified
Fri, 12 Nov 2021 01:59:57 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Fri, 25 Nov 2022 05:41:58 GMT
shopping
encrypted-tbn0.gstatic.com/ Frame E97C 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcT18aDE3BUxwyclbs2SbvNHTAeXMiA9gbQ66ltkGvrAHQSqiU0&usqp=CAI
Requested by
Host: 041bbc646772232ade25f58d9d587600.safeframe.googlesyndication.com
URL: https://041bbc646772232ade25f58d9d587600.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2537a404d4c911ad4cd631b7eafbb86f4234c7a8a914dd9d65571edb8170ec35
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://041bbc646772232ade25f58d9d587600.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 24 Nov 2021 15:57:11 GMT
x-content-type-options
nosniff
age
382219
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23700
x-xss-protection
0
last-modified
Thu, 18 Mar 2021 02:29:56 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Thu, 24 Nov 2022 15:57:11 GMT
shopping
encrypted-tbn3.gstatic.com/ Frame E97C 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcTwG07cg88vVJ33xJtvdw8DWKa9WOmRISr6LoLRlfFCYx1J7dI&usqp=CAI
Requested by
Host: 041bbc646772232ade25f58d9d587600.safeframe.googlesyndication.com
URL: https://041bbc646772232ade25f58d9d587600.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
aa68df0ed4b03c3be9618b0e4c98df0779e90175493e93548909fe4c42a9c1e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://041bbc646772232ade25f58d9d587600.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 23 Nov 2021 14:14:33 GMT
x-content-type-options
nosniff
age
474777
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18638
x-xss-protection
0
last-modified
Wed, 10 Nov 2021 01:53:25 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Wed, 23 Nov 2022 14:14:33 GMT
shopping
encrypted-tbn3.gstatic.com/ Frame E97C 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcTr2kFVqrwm_3rj3-0pIwiDC9YltWVTl14Hlflg1wVIIqKWAvXp&usqp=CAI
Requested by
Host: 041bbc646772232ade25f58d9d587600.safeframe.googlesyndication.com
URL: https://041bbc646772232ade25f58d9d587600.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d16bb0a88fce1091efe4288577b2105ea69e0b3c4fa790e26f0e9c9ded7847d0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://041bbc646772232ade25f58d9d587600.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sun, 28 Nov 2021 06:50:38 GMT
x-content-type-options
nosniff
age
69412
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19598
x-xss-protection
0
last-modified
Sun, 28 Nov 2021 04:09:17 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Mon, 28 Nov 2022 06:50:38 GMT
shopping
encrypted-tbn2.gstatic.com/ Frame E97C 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcReWE59tuqoQkeThD38SJQcqO_QLsFB9paoPiFdhBzz3E7V9a8&usqp=CAI
Requested by
Host: 041bbc646772232ade25f58d9d587600.safeframe.googlesyndication.com
URL: https://041bbc646772232ade25f58d9d587600.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
69c553eaaa55f0f82c5fad35b53bc88a2d9cd4ab26a86419f309a3f297c2ab06
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://041bbc646772232ade25f58d9d587600.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 06:17:39 GMT
x-content-type-options
nosniff
age
244191
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11108
x-xss-protection
0
last-modified
Thu, 29 Oct 2020 13:25:23 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Sat, 26 Nov 2022 06:17:39 GMT
shopping
encrypted-tbn0.gstatic.com/ Frame E97C 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcTJqw9jRd5lwaECaQk7f0t_rZq3O3u8Wwv4xEx4ccxEwwexGkrL&usqp=CAI
Requested by
Host: 041bbc646772232ade25f58d9d587600.safeframe.googlesyndication.com
URL: https://041bbc646772232ade25f58d9d587600.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
478fbe65b34beb5adaa1bb5dd9c8f9b9aa438655677d1e6c766f9d0b0c082502
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://041bbc646772232ade25f58d9d587600.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 23 Nov 2021 21:30:53 GMT
x-content-type-options
nosniff
age
448597
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15604
x-xss-protection
0
last-modified
Tue, 18 May 2021 01:37:12 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Wed, 23 Nov 2022 21:30:53 GMT
shopping
encrypted-tbn3.gstatic.com/ Frame E97C 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcSVBTyIrw3ju-G_kw94tnLhyBv2s2kXMeHXJ3HwUr8yKBUMC7A&usqp=CAI
Requested by
Host: 041bbc646772232ade25f58d9d587600.safeframe.googlesyndication.com
URL: https://041bbc646772232ade25f58d9d587600.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9e873746ac34df75cd755a8605bde124fde017eab69e50240b6c94abc4fca1e3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://041bbc646772232ade25f58d9d587600.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 24 Nov 2021 09:41:48 GMT
x-content-type-options
nosniff
age
404742
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12788
x-xss-protection
0
last-modified
Mon, 14 Jun 2021 02:45:06 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Thu, 24 Nov 2022 09:41:48 GMT
6940406974179512899
tpc.googlesyndication.com/simgad/ Frame E97C
Redirect Chain
  • https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDP-7vrpAEQ6AcY6AcyCEPlfr8JziOv
  • https://tpc.googlesyndication.com/simgad/6940406974179512899
120 KB
120 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/6940406974179512899
Requested by
Host: 041bbc646772232ade25f58d9d587600.safeframe.googlesyndication.com
URL: https://041bbc646772232ade25f58d9d587600.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b8d0b476d33f17f88af0ca5d38a0fa7bade2e40dcd5734a32b926c808c60bec1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://041bbc646772232ade25f58d9d587600.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 23 Nov 2021 23:30:10 GMT
x-content-type-options
nosniff
age
441440
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
122692
x-xss-protection
0
last-modified
Mon, 14 Dec 2020 11:41:12 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 23 Nov 2022 23:30:10 GMT

Redirect headers

timing-allow-origin
*
date
Sun, 28 Nov 2021 17:48:28 GMT
x-content-type-options
nosniff
server
cafe
age
29942
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://tpc.googlesyndication.com/simgad/6940406974179512899
cache-control
public, max-age=2592000
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Tue, 28 Dec 2021 17:48:28 GMT
QTB446I5
pbs.twimg.com/card_img/1462854535957913600/ Frame 5B71 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/card_img/1462854535957913600/QTB446I5?format=jpg&name=144x144_2
Requested by
Host: johnpavlovitz.com
URL: https://johnpavlovitz.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (mil/6CF1) /
Resource Hash
580cf50443ff7e3809efecfa8dfed146f36d4850dc97d52a1e044d9d25f6fb91
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 29 Nov 2021 02:07:30 GMT
x-content-type-options
nosniff
age
33717
x-cache
HIT
content-length
3945
x-response-time
147
surrogate-key
card_img card_img/bucket/1 card_img/1462854535957913600
last-modified
Mon, 22 Nov 2021 18:42:34 GMT
server
ECS (mil/6CF1)
strict-transport-security
max-age=631138519
x-tw-cdn
VZ, VZ
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
7f3e14e0059b14bcca97511da92426619c4e0e62b756aa1366eac601a55fe7e4
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
truncated
/ Frame E97C 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e45e1c293e61fc21a34c6c5c1a0d55306bd0018349e47e9cd80db61f5ed51c94

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type
image/png
ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v15/ Frame E97C 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesansdisplay/v15/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
475700259e64d480d1a70023e14741bb298a025e338bb608552e2472d4505a65
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://041bbc646772232ade25f58d9d587600.safeframe.googlesyndication.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 24 Nov 2021 09:49:59 GMT
x-content-type-options
nosniff
age
404251
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20900
x-xss-protection
0
last-modified
Mon, 19 Apr 2021 22:53:16 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 24 Nov 2022 09:49:59 GMT
jot.html
platform.twitter.com/ Frame 747A
Redirect Chain
  • https://syndication.twitter.com/i/jot
  • https://platform.twitter.com/jot.html
80 B
571 B 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/jot.html
Requested by
Host: johnpavlovitz.com
URL: https://johnpavlovitz.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (mil/6CE4) /
Resource Hash
90214d135602962e47ea9587a7eeb62fac1c64a541e373ea76e2b4e8b33e3f88

Request headers

Upgrade-Insecure-Requests
1
Origin
null
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
959962
Cache-Control
public, max-age=315360000
Content-Type
text/html; charset=utf-8
Date
Mon, 29 Nov 2021 02:07:30 GMT
Etag
"d9592a6c704736fa4da218d4357976dd"
Last-Modified
Mon, 18 Oct 2021 18:33:55 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (mil/6CE4)
X-Cache
HIT
x-tw-cdn
VZ
Content-Length
80

Redirect headers

date
Mon, 29 Nov 2021 02:07:30 GMT
pragma
no-cache
server
tsa_o
status
302 Found
expires
Tue, 31 Mar 1981 05:00:00 GMT
location
https://platform.twitter.com/jot.html
content-type
text/html;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
last-modified
Mon, 29 Nov 2021 02:07:30 GMT
x-transaction
6347a97079da943b
content-length
0
x-frame-options
SAMEORIGIN
x-xss-protection
0
x-content-type-options
nosniff
x-twitter-response-tags
BouncerCompliant
strict-transport-security
max-age=631138519
x-response-time
117
x-connection-hash
a966bc8d10f0fdbbc5f7a2514c8906c27217f47c349d02eb9572630be4047960
/
www.facebook.com/login/ Frame 32EE
Redirect Chain
  • https://www.facebook.com/v2.3/plugins/page.php?app_id=249643311490&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1ca09fe74b2528%26domain%3Djohnpav...
  • https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fapp_id%3D249643311490%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbit...
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fapp_id%3D249643311490%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df1ca09fe74b2528%2526domain%253Djohnpavlovitz.com%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fjohnpavlovitz.com%25252Ff24509f3e5ece74%2526relation%253Dparent.parent%26container_width%3D0%26height%3D130%26hide_cover%3Dfalse%26hide_cta%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Fjohnpavlovitzofficial%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dfalse%26small_header%3Dfalse%26tabs%3Dfalse%26width%3D340
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=e784025b6ac125d0db32252fd4a36e61
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
about:blank

Response headers

vary
Accept-Encoding
content-encoding
br
x-fb-rlafr
0
document-policy
force-load-at-top
cross-origin-opener-policy
unsafe-none
pragma
no-cache
cache-control
private, no-cache, no-store, must-revalidate
expires
Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options
nosniff
x-xss-protection
0
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
content-type
text/html; charset="utf-8"
x-fb-debug
gB1/Y3lpjEL7VppXM2PNNfAJQIAGJKPxgNJTQpuwkPeiSnkzaC5sX9DE1XAtbbDYfSJvYWAvLBs/ekwYEyMVAA==
date
Mon, 29 Nov 2021 02:07:31 GMT
priority
u=3,i
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600

Redirect headers

location
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fapp_id%3D249643311490%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df1ca09fe74b2528%2526domain%253Djohnpavlovitz.com%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fjohnpavlovitz.com%25252Ff24509f3e5ece74%2526relation%253Dparent.parent%26container_width%3D0%26height%3D130%26hide_cover%3Dfalse%26hide_cta%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Fjohnpavlovitzofficial%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dfalse%26small_header%3Dfalse%26tabs%3Dfalse%26width%3D340
x-fb-rlafr
0
document-policy
force-load-at-top
cross-origin-opener-policy
unsafe-none
pragma
no-cache
cache-control
private, no-cache, no-store, must-revalidate
expires
Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options
nosniff
x-xss-protection
0
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net cx.atdmt.com www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com ad.atdmt.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net cx.atdmt.com www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com ad.atdmt.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
facebook-api-version
v5.0
strict-transport-security
max-age=15552000; preload
content-type
text/html; charset="utf-8"
x-fb-debug
ThWu0FMwCtD+KplCBv6zh+lv188fRm+WkZ9RuMm0JAMJaGyc5Tel97AsS699WBBJN8OCiQ6e+zSvvwf4rva1tA==
content-length
0
date
Mon, 29 Nov 2021 02:07:30 GMT
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority
u=3,i
sodar
pagead2.googlesyndication.com/getconfig/ 		12 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021111601&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
229c9c1241d5d53c8ce678c5c26c5ecc06b3d39e899d9fc6035c9838d6b16143
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 29 Nov 2021 02:07:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9248
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 29 Nov 2021 02:07:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Mon, 29 Nov 2021 02:07:30 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame CF2B 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5029
date
Mon, 29 Nov 2021 00:04:32 GMT
expires
Tue, 29 Nov 2022 00:04:32 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
7378
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 518D 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
4a87f21ed92041c5107ebfc70504ce0670a1b858bdd8670bf1cb0b71018119d3
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-IA7moVXTa4laPx/ugjgR6Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Mon, 29 Nov 2021 02:07:30 GMT
date
Mon, 29 Nov 2021 02:07:30 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-IA7moVXTa4laPx/ugjgR6Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
513
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Ydwwnsiz0RrvfpNl89rQqoBRiFg6eVxNIdbgsmjvwYM.js
pagead2.googlesyndication.com/bg/ Frame CF2B 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Ydwwnsiz0RrvfpNl89rQqoBRiFg6eVxNIdbgsmjvwYM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61dc309ec8b3d11aef7e9365f3dad0aa805188583a795c4d21d6e0b268efc183
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sun, 28 Nov 2021 14:45:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
40943
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13476
x-xss-protection
0
last-modified
Mon, 08 Nov 2021 11:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 28 Nov 2022 14:45:07 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 518D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gpt_2021111601&jk=1218461998831416&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021111601&jk=1218461998831416&bg=!-_il-LzNAAZQLpa_UC47ACkAdvg8WgnYfIlBD6DBNZPi6Wy0fos6ddRDlyslk8bH35Xp7rRsug1gJQIAAABUUgAAAAdoAQeZAnW8OKm-DBoMhLEBLJNdqimncxRIq8vQQXwvguXi5bnxoXvJ-j-gAQ4kNm_pcpORlQebmUk-X7JjoBAEv1Ncv_0mOl76i3FDsOrkmVg3l4q1w2WFxP-FgIQh39IzchMqdYVN05Ibodch69owxiRIijdDqLGyI5UnkBVh1xjmV9IachRIeMhJF3oSKNWAmQk6OU7OO_rU0XaC5fLAMUSQuQQzbWA2kfhPSGXTrXP6lPrSyhoa_EIf-nt5TlU1pKKAeT0GWtdhcndBH9V9vUzsKjipzoiI7dNtSvwEGvKiFyVuOuyPh7aMVMG3uqWljsiVl5yyXxgea60U-uS33ZLdu6400_hSELAdYalajxhJsuLbX_12PKxeevI2E6L_qbFLjsnv7iiVJnOApJ8eXTpIYtwiV3XYGvoDu46Pr4kGalBLDooie4ipYZe7wDwGxJAVvndlw_YnzLatVr4262JCKCUwBm4-TL0tQ1kmdB7DX_WJARFGxt2dRngbGZXIPYrLy6lD_rUs3dvrz4j634zWQiBoXSK5pQH6cv4ohA8aS6Xe6lI2TDHeYztXOaX8BqKtErSoeKCL2lN3uHmjoP_be175MpI22NeaeYWEd_6xfL7q6C_jEhbUu8RoDNbsejnej20cWViIXLAXiyj2JBeOACX8cXm812C78JeMbJncHSzhxsNSlPas0ztKyldvYMAUjXqF1wCUcri-TVpSX0VBGjpEPoVco5m0EaJQLw1DU3fjcQgjKDdl1NzysoqXIyEqC8f6I4GWJZwqni7vCjdbV6d6qsD03-7tW0K9F5ahTbdBlORpdk-adUzkVP4poXuKc1mwlPb21w
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Nov 2021 02:07:31 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
services
g2.gumgum.com/zones/8d405bb9/ 		513 B
723 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/zones/8d405bb9/services?dp=https%3A%2F%2Fjohnpavlovitz.com%2F&pu=https%3A%2F%2Fjohnpavlovitz.com%2F&ogu=https%3A%2F%2Fjohnpavlovitz.com%2F&rf=&r=3.85.12&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A2%2C%22ren%22%3A2%2C%22fc%22%3A0%2C%22ctx%22%3A%5B2%5D%2C%22jsv%22%3A%223.85.12%22%2C%22pbv%22%3A%220.0.0%22%7D&ns=10240&bf=614d3dd9c296405d0746fdcaf6e253af4c86a77a&ce=true&fs=false&dpr=1&sch=1200&scw=1600&lt=1638151651243&to=0&vpii=false&vph=1200&vpw=1600&productIds=1%2C5
Requested by
Host: js.gumgum.com
URL: https://js.gumgum.com/services.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.208.210.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-210-171.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
2c0f00055671e3b8481f19e2a783454ff3d3112d676e0bb4261b97b10fcb7585

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 29 Nov 2021 02:07:31 GMT
content-encoding
gzip
server
nginx
etag
W/"0ba348eb9f37f9717039c7cc4c28ac5ef"
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://johnpavlovitz.com
access-control-allow-credentials
true
content-type
application/json;charset=UTF-8
activeview
pagead2.googlesyndication.com/pcs/ Frame E97C 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssZocAR19num6EiQZnke-ZChiUKIJH2YH7HEK0jXFMALD6d2lXH-d2jxXu1_2UfCV3NpLr79X7hD820ObR4HqkiwcyNughANVdUXqVhexLcIrDZof3sgg&sai=AMfl-YRM7i6_9YvqyPo5TUJKjdCLk46vSLSsL9-0gYI6SpvGKsYRM8b2uqkw2b1FIYhOtPh2D9TJBxdNbdiWCh2H0dtIAx3iBnUIp-Ery06Y6JI9gxalSZ6Wqt82vyHjSlA&sig=Cg0ArKJSzPwcT_8eaibxEAE&id=lidar2&mcvt=1000&p=1110,436,1200,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20211110&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=4017078573&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1638151650166&rpt=309&isd=0&lsd=0&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://041bbc646772232ade25f58d9d587600.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Nov 2021 02:07:31 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rid
match.adsrvr.org/track/ 		108 B
544 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=2jqw284&fmt=json
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/4/4/f132ae-8194-442b-b0b9-5817f19b3ccd.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
1b13a151b900e88c02c1aa32c1d1b186072657804bac786eb73004d7831ef8ae

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 29 Nov 2021 02:07:32 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://johnpavlovitz.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
108
expires
Wed, 29 Dec 2021 02:07:32 GMT
envelope
api.rlcdn.com/api/identity/ 		44 B
110 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.rlcdn.com/api/identity/envelope?pid=1458
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/4/4/f132ae-8194-442b-b0b9-5817f19b3ccd.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.133.55 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
55.133.120.34.bc.googleusercontent.com
Software
/
Resource Hash
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 29 Nov 2021 02:07:32 GMT
via
1.1 google
x-content-type-options
nosniff
access-control-allow-headers
Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
access-control-allow-methods
GET, OPTIONS
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://johnpavlovitz.com
access-control-allow-credentials
true
alt-svc
clear
content-length
44
sync_iframe
sync.bfmio.com/ Frame 219B 		217 B
548 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.bfmio.com/sync_iframe?ifpl=5&ifg=1&id=Monumetric+-+Display+-+Header+Bidding&gdpr=0&gc=&gce=1&cb=1638151649620
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/4/4/f132ae-8194-442b-b0b9-5817f19b3ccd.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.192.117.147 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-192-117-147.compute-1.amazonaws.com
Software
/
Resource Hash
f09593a5c4b13894ea7f0a65c055c35d2acd4a3168573d6566627cfc48bf1c0a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Content-Type
text/html
Date
Mon, 29 Nov 2021 02:07:32 GMT
Content-Length
217
Connection
keep-alive
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 8338 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156972
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/4/4/f132ae-8194-442b-b0b9-5817f19b3ccd.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.51.9.34 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-9-34.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=67145
expires
Mon, 29 Nov 2021 20:46:37 GMT
date
Mon, 29 Nov 2021 02:07:32 GMT
vary
Accept-Encoding
index.html
cdn.districtm.io/ids/ Frame BC42 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.districtm.io/ids/index.html
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/4/4/f132ae-8194-442b-b0b9-5817f19b3ccd.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Mon, 29 Nov 2021 02:07:32 GMT
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Origin
access-control-allow-methods
GET, HEAD, POST, OPTIONS
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
server
cloudflare
cf-ray
6b584874e9433bc2-CDG
sync_iframe
sync.bfmio.com/ Frame C49A 		217 B
548 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.bfmio.com/sync_iframe?ifpl=5&ifg=1&id=Monumetric+-+Display+-+Header+Bidding&gdpr=0&gc=&gce=1&cb=1638151649494
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/4/4/f132ae-8194-442b-b0b9-5817f19b3ccd.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.192.117.147 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-192-117-147.compute-1.amazonaws.com
Software
/
Resource Hash
f09593a5c4b13894ea7f0a65c055c35d2acd4a3168573d6566627cfc48bf1c0a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Content-Type
text/html
Date
Mon, 29 Nov 2021 02:07:32 GMT
Content-Length
217
Connection
keep-alive
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 3A1C 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156972
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/4/4/f132ae-8194-442b-b0b9-5817f19b3ccd.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.51.9.34 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-9-34.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=67145
expires
Mon, 29 Nov 2021 20:46:37 GMT
date
Mon, 29 Nov 2021 02:07:32 GMT
vary
Accept-Encoding
pd
u.openx.net/w/1.0/ Frame 26B8 		0
91 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/4/4/f132ae-8194-442b-b0b9-5817f19b3ccd.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.221.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

vary
Accept, Accept-Encoding
server
OXGW/16.221.0
date
Mon, 29 Nov 2021 02:07:32 GMT
content-type
text/html
content-length
20
content-encoding
gzip
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
sync_iframe
sync.bfmio.com/ Frame 87E6 		217 B
548 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.bfmio.com/sync_iframe?ifpl=5&ifg=1&id=Monumetric+-+Display+-+Header+Bidding&gdpr=0&gc=&gce=1&cb=1638151649493
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/4/4/f132ae-8194-442b-b0b9-5817f19b3ccd.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.192.117.147 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-192-117-147.compute-1.amazonaws.com
Software
/
Resource Hash
f09593a5c4b13894ea7f0a65c055c35d2acd4a3168573d6566627cfc48bf1c0a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Content-Type
text/html
Date
Mon, 29 Nov 2021 02:07:32 GMT
Content-Length
217
Connection
keep-alive
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame AE27 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156972
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/4/4/f132ae-8194-442b-b0b9-5817f19b3ccd.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.51.9.34 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-9-34.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=67145
expires
Mon, 29 Nov 2021 20:46:37 GMT
date
Mon, 29 Nov 2021 02:07:32 GMT
vary
Accept-Encoding
pd
u.openx.net/w/1.0/ Frame 19E1 		0
80 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/4/4/f132ae-8194-442b-b0b9-5817f19b3ccd.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.221.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

vary
Accept, Accept-Encoding
server
OXGW/16.221.0
date
Mon, 29 Nov 2021 02:07:32 GMT
content-type
text/html
content-length
20
content-encoding
gzip
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
check.html
biddr.brealtime.com/ Frame 0464 		926 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://biddr.brealtime.com/check.html
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/4/4/f132ae-8194-442b-b0b9-5817f19b3ccd.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.17.119.107 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
868a78df4f3d0a21f89c48ccc709df44d3875f5fb33e22bf51ca8b5c28be4202

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Date
Mon, 29 Nov 2021 02:07:32 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
x-amz-id-2
GxiHK5l/EuT6bODQVaJB/YwRSmhFLUSLRx+ap6EXsHOGoQSZel++0whkOZoRoGKBGOYM6OIIcwA=
x-amz-request-id
29MRDBPWGB3DWFXN
Last-Modified
Tue, 08 Sep 2020 13:51:51 GMT
CF-Cache-Status
HIT
Age
3144
Expires
Mon, 29 Nov 2021 02:08:32 GMT
Cache-Control
public, max-age=60
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
Server
cloudflare
CF-RAY
6b5848755f3f35bf-MAN
Content-Encoding
gzip
index.html
cdn.districtm.io/ids/ Frame C518 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.districtm.io/ids/index.html
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/4/4/f132ae-8194-442b-b0b9-5817f19b3ccd.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Mon, 29 Nov 2021 02:07:32 GMT
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Origin
access-control-allow-methods
GET, HEAD, POST, OPTIONS
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
server
cloudflare
cf-ray
6b584874e9453bc2-CDG
check.html
biddr.brealtime.com/ Frame D965 		926 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://biddr.brealtime.com/check.html
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/4/4/f132ae-8194-442b-b0b9-5817f19b3ccd.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.17.119.107 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
868a78df4f3d0a21f89c48ccc709df44d3875f5fb33e22bf51ca8b5c28be4202

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Date
Mon, 29 Nov 2021 02:07:32 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
x-amz-id-2
GxiHK5l/EuT6bODQVaJB/YwRSmhFLUSLRx+ap6EXsHOGoQSZel++0whkOZoRoGKBGOYM6OIIcwA=
x-amz-request-id
29MRDBPWGB3DWFXN
Last-Modified
Tue, 08 Sep 2020 13:51:51 GMT
CF-Cache-Status
HIT
Age
3144
Expires
Mon, 29 Nov 2021 02:08:32 GMT
Cache-Control
public, max-age=60
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
Server
cloudflare
CF-RAY
6b5848755e5054b1-MAN
Content-Encoding
gzip
ixmatch.html
js-sec.indexww.com/um/ Frame 4892 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/4/4/f132ae-8194-442b-b0b9-5817f19b3ccd.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.51.9.98 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-9-98.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Server
Apache
Last-Modified
Thu, 11 Feb 2021 16:12:45 GMT
ETag
"e20015-90b-5bb11ca420f07"
Accept-Ranges
bytes
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
1151
Date
Mon, 29 Nov 2021 02:07:32 GMT
Connection
keep-alive
beacon
ap.lijit.com/ Frame B186 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/beacon?informer=13208641
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/4/4/f132ae-8194-442b-b0b9-5817f19b3ccd.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Server
nginx
Date
Mon, 29 Nov 2021 02:07:32 GMT
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma
no-cache
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
X-Powered-By
raptor
X-Sovrn-Pod
ad_ap1ams1
checksync.php
contextual.media.net/ Frame 2629 		204 B
334 B 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUWWG7OK&prvid=2033%2C2030%2C251%2C175%2C3018%2C157%2C3017%2C2027%2C3016%2C214%2C2026%2C159%2C117%2C97%2C99%2C77%2C56%2C59%2C3012%2C141%2C222%2C3007%2C201%2C4%2C246%2C203%2C126%2C226%2C80%2C10000%2C9%2C229%2C108%2C82%2C109&purpose1=1&gdprconsent=0&gdpr=1&usp_status=0&usp_consent=1&itype=PREBID
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/4/4/f132ae-8194-442b-b0b9-5817f19b3ccd.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.202.52.26 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-202-52-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
4d2671d4c5d04438c3447c787adf222d33ab22c91222abb1b5524ed586b42c01
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
Apache
content-length
204
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
strict-transport-security
max-age=604800
cache-control
max-age=994501
date
Mon, 29 Nov 2021 02:07:32 GMT
checksync.php
contextual.media.net/ Frame B6FC 		204 B
334 B 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUWWG7OK&prvid=2033%2C2030%2C251%2C175%2C3018%2C157%2C3017%2C2027%2C3016%2C214%2C2026%2C159%2C117%2C97%2C99%2C77%2C56%2C59%2C3012%2C141%2C222%2C3007%2C201%2C4%2C246%2C203%2C126%2C226%2C80%2C10000%2C9%2C229%2C108%2C82%2C109&purpose1=1&gdprconsent=0&gdpr=1&usp_status=0&usp_consent=1&itype=PREBID
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/4/4/f132ae-8194-442b-b0b9-5817f19b3ccd.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.202.52.26 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-202-52-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
4d2671d4c5d04438c3447c787adf222d33ab22c91222abb1b5524ed586b42c01
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
Apache
content-length
204
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
strict-transport-security
max-age=604800
cache-control
max-age=994501
date
Mon, 29 Nov 2021 02:07:32 GMT
/
ssc-cms.33across.com/ps/ Frame 5814 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=dcEu7yseur6PS9aKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/4/4/f132ae-8194-442b-b0b9-5817f19b3ccd.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.21 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip21.67-202-105.static.steadfastdns.net
Software
33XP001 /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

x-33x-status
2000208
server
33XP001
date
Mon, 29 Nov 2021 02:07:32 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame FFAD 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156972
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/4/4/f132ae-8194-442b-b0b9-5817f19b3ccd.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.51.9.34 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-9-34.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=67145
expires
Mon, 29 Nov 2021 20:46:37 GMT
date
Mon, 29 Nov 2021 02:07:32 GMT
vary
Accept-Encoding
check.html
biddr.brealtime.com/ Frame 1316 		926 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://biddr.brealtime.com/check.html
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/4/4/f132ae-8194-442b-b0b9-5817f19b3ccd.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.17.119.107 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
868a78df4f3d0a21f89c48ccc709df44d3875f5fb33e22bf51ca8b5c28be4202

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Date
Mon, 29 Nov 2021 02:07:32 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
x-amz-id-2
GxiHK5l/EuT6bODQVaJB/YwRSmhFLUSLRx+ap6EXsHOGoQSZel++0whkOZoRoGKBGOYM6OIIcwA=
x-amz-request-id
29MRDBPWGB3DWFXN
Last-Modified
Tue, 08 Sep 2020 13:51:51 GMT
CF-Cache-Status
HIT
Age
3144
Expires
Mon, 29 Nov 2021 02:08:32 GMT
Cache-Control
public, max-age=60
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
Server
cloudflare
CF-RAY
6b58487559033622-MAN
Content-Encoding
gzip
sync_iframe
sync.bfmio.com/ Frame 756B 		217 B
548 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.bfmio.com/sync_iframe?ifpl=5&ifg=1&id=Monumetric+-+Display+-+Header+Bidding&gdpr=0&gc=&gce=1&cb=1638151649492
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/4/4/f132ae-8194-442b-b0b9-5817f19b3ccd.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.192.117.147 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-192-117-147.compute-1.amazonaws.com
Software
/
Resource Hash
f09593a5c4b13894ea7f0a65c055c35d2acd4a3168573d6566627cfc48bf1c0a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Content-Type
text/html
Date
Mon, 29 Nov 2021 02:07:32 GMT
Content-Length
217
Connection
keep-alive
pd
u.openx.net/w/1.0/ Frame 0632 		0
80 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/4/4/f132ae-8194-442b-b0b9-5817f19b3ccd.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.221.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

vary
Accept, Accept-Encoding
server
OXGW/16.221.0
date
Mon, 29 Nov 2021 02:07:32 GMT
content-type
text/html
content-length
20
content-encoding
gzip
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
check.html
biddr.brealtime.com/ Frame 215F 		926 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://biddr.brealtime.com/check.html
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/4/4/f132ae-8194-442b-b0b9-5817f19b3ccd.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.17.119.107 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
868a78df4f3d0a21f89c48ccc709df44d3875f5fb33e22bf51ca8b5c28be4202

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Date
Mon, 29 Nov 2021 02:07:32 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
x-amz-id-2
UnQtnzFfm8+OaONA3VQI1OBBpR4kJGlEA/jE6+QrO8UpdFSdbo9AaBScCMkCgDcVww+/kCwHwo0=
x-amz-request-id
5KT2J7P6RJW7Y85Z
Last-Modified
Tue, 08 Sep 2020 13:51:51 GMT
CF-Cache-Status
HIT
Age
3082
Expires
Mon, 29 Nov 2021 02:08:32 GMT
Cache-Control
public, max-age=60
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
Server
cloudflare
CF-RAY
6b5848755887bfca-MAN
Content-Encoding
gzip
ixmatch.html
js-sec.indexww.com/um/ Frame 267B 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/4/4/f132ae-8194-442b-b0b9-5817f19b3ccd.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.51.9.98 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-9-98.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Server
Apache
Last-Modified
Thu, 11 Feb 2021 16:12:45 GMT
ETag
"e20015-90b-5bb11ca420f07"
Accept-Ranges
bytes
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
1151
Date
Mon, 29 Nov 2021 02:07:32 GMT
Connection
keep-alive
ixmatch.html
js-sec.indexww.com/um/ Frame DF13 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/4/4/f132ae-8194-442b-b0b9-5817f19b3ccd.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.51.9.98 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-9-98.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Server
Apache
Last-Modified
Thu, 11 Feb 2021 16:12:45 GMT
ETag
"e20015-90b-5bb11ca420f07"
Accept-Ranges
bytes
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
1151
Date
Mon, 29 Nov 2021 02:07:32 GMT
Connection
keep-alive
/
ssc-cms.33across.com/ps/ Frame 12AF 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=dcEu7yseur6PS9aKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/4/4/f132ae-8194-442b-b0b9-5817f19b3ccd.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.21 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip21.67-202-105.static.steadfastdns.net
Software
33XP003 /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

x-33x-status
2000208
server
33XP003
date
Mon, 29 Nov 2021 02:07:32 GMT
index.html
cdn.districtm.io/ids/ Frame 7EB4 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.districtm.io/ids/index.html
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/4/4/f132ae-8194-442b-b0b9-5817f19b3ccd.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Mon, 29 Nov 2021 02:07:32 GMT
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Origin
access-control-allow-methods
GET, HEAD, POST, OPTIONS
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
server
cloudflare
cf-ray
6b584874f94c3bc2-CDG
beacon
ap.lijit.com/ Frame 708E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/beacon?informer=13208641
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/4/4/f132ae-8194-442b-b0b9-5817f19b3ccd.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Server
nginx
Date
Mon, 29 Nov 2021 02:07:32 GMT
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma
no-cache
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
X-Powered-By
raptor
X-Sovrn-Pod
ad_ap1ams1
ixmatch.html
js-sec.indexww.com/um/ Frame 0159 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/4/4/f132ae-8194-442b-b0b9-5817f19b3ccd.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.51.9.98 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-9-98.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Server
Apache
Last-Modified
Thu, 11 Feb 2021 16:12:45 GMT
ETag
"e20015-90b-5bb11ca420f07"
Accept-Ranges
bytes
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
1151
Date
Mon, 29 Nov 2021 02:07:32 GMT
Connection
keep-alive
checksync.php
contextual.media.net/ Frame DBA5 		204 B
334 B 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUWWG7OK&prvid=2033%2C2030%2C251%2C175%2C3018%2C157%2C3017%2C2027%2C3016%2C214%2C2026%2C159%2C117%2C97%2C99%2C77%2C56%2C59%2C3012%2C141%2C222%2C3007%2C201%2C4%2C246%2C203%2C126%2C226%2C80%2C10000%2C9%2C229%2C108%2C82%2C109&purpose1=1&gdprconsent=0&gdpr=1&usp_status=0&usp_consent=1&itype=PREBID
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/4/4/f132ae-8194-442b-b0b9-5817f19b3ccd.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.202.52.26 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-202-52-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
4d2671d4c5d04438c3447c787adf222d33ab22c91222abb1b5524ed586b42c01
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
Apache
content-length
204
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
strict-transport-security
max-age=604800
cache-control
max-age=994501
date
Mon, 29 Nov 2021 02:07:32 GMT
beacon
ap.lijit.com/ Frame BC70 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/beacon?informer=13208641
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/4/4/f132ae-8194-442b-b0b9-5817f19b3ccd.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Server
nginx
Date
Mon, 29 Nov 2021 02:07:32 GMT
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma
no-cache
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
X-Powered-By
raptor
X-Sovrn-Pod
ad_ap1ams1
pd
u.openx.net/w/1.0/ Frame DC0C 		0
80 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/4/4/f132ae-8194-442b-b0b9-5817f19b3ccd.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.221.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

vary
Accept, Accept-Encoding
server
OXGW/16.221.0
date
Mon, 29 Nov 2021 02:07:32 GMT
content-type
text/html
content-length
20
content-encoding
gzip
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
beacon
ap.lijit.com/ Frame 99CA 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/beacon?informer=13208641
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/4/4/f132ae-8194-442b-b0b9-5817f19b3ccd.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Server
nginx
Date
Mon, 29 Nov 2021 02:07:32 GMT
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma
no-cache
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
X-Powered-By
raptor
X-Sovrn-Pod
ad_ap1ams1
checksync.php
contextual.media.net/ Frame E863 		204 B
334 B 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUWWG7OK&prvid=2033%2C2030%2C251%2C175%2C3018%2C157%2C3017%2C2027%2C3016%2C214%2C2026%2C159%2C117%2C97%2C99%2C77%2C56%2C59%2C3012%2C141%2C222%2C3007%2C201%2C4%2C246%2C203%2C126%2C226%2C80%2C10000%2C9%2C229%2C108%2C82%2C109&purpose1=1&gdprconsent=0&gdpr=1&usp_status=0&usp_consent=1&itype=PREBID
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/4/4/f132ae-8194-442b-b0b9-5817f19b3ccd.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.202.52.26 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-202-52-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
4d2671d4c5d04438c3447c787adf222d33ab22c91222abb1b5524ed586b42c01
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
Apache
content-length
204
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
strict-transport-security
max-age=604800
cache-control
max-age=994501
date
Mon, 29 Nov 2021 02:07:32 GMT
index.html
cdn.districtm.io/ids/ Frame C8EC 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.districtm.io/ids/index.html
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/4/4/f132ae-8194-442b-b0b9-5817f19b3ccd.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Mon, 29 Nov 2021 02:07:32 GMT
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Origin
access-control-allow-methods
GET, HEAD, POST, OPTIONS
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
server
cloudflare
cf-ray
6b584875095a3bc2-CDG
6.gif
id5-sync.com/c/441/19/4/
Redirect Chain
  • https://id5-sync.com/s/441/9.gif?puid=e_c5d34f70-3303-4660-a272-d232cd6e23bd&gdpr=1&gdpr_consent=
  • https://id5-sync.com/c/441/441/9/1.gif?puid=e_c5d34f70-3303-4660-a272-d232cd6e23bd&gdpr=1&gdpr_consent=
  • https://ice.360yield.com/match?publisher_dsp_id=313&dsp_callback=1&external_user_id=ID5-ZHMOgDW08hSEheVcllVyPWe_ReBAA-ui-EkkkPZlgw&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F441%2F916%2F8%2F2.gif%3Fpuid%3...
  • https://ice.360yield.com/ul_cb/match?publisher_dsp_id=313&dsp_callback=1&external_user_id=ID5-ZHMOgDW08hSEheVcllVyPWe_ReBAA-ui-EkkkPZlgw&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F441%2F916%2F8%2F2.gif%3F...
  • https://id5-sync.com/cq/441/916/8/2.gif?puid=4ddfa8db-4408-4c6b-ae75-d61ed6765844&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent=
  • https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOgDW08hSEheVcllVyPWe_ReBAA-ui-EkkkPZlgw&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F441%2F124%2F7%2F3.gif%3Fpuid%3D...
  • https://id5-sync.com/cq/441/124/7/3.gif?puid=4ddfa8db-4408-4c6b-ae75-d61ed6765844&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent=
  • https://ads.avocet.io/getuid?url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F146%2F6%2F4.gif%3Fpuid%3D%7B%7BUUID%7D%7D%26gdpr%3D1%26gdpr_consent%3D
  • https://ads.avct.cloud/getuid?r=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F146%2F6%2F4.gif%3Fpuid%3D%7B%7BUUID%7D%7D%26gdpr%3D1%26gdpr_consent%3D
  • https://ads.avct.cloud/getuid?bounce=true&r=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F146%2F6%2F4.gif%3Fpuid%3D%7B%7BUUID%7D%7D%26gdpr%3D1%26gdpr_consent%3D
  • https://id5-sync.com/c/441/146/6/4.gif?puid=5d66e664-c9da-4c55-b379-ab59dc8b492f&gdpr=1&gdpr_consent=
  • https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=id517&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY
  • https://cookie-matching.mediarithmics.com/v1/get_or_create?sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&domid=1033
  • https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domi...
  • https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domid=103...
  • https://ib.adnxs.com/getuid?https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=$UID&opid=apx&ops=&utidl=tech:goo:CAESEH94So5ahEs1JtICUsE1Fww&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0Rv...
  • https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=3760716256186545712&opid=apx&ops=&utidl=tech:goo:CAESEH94So5ahEs1JtICUsE1Fww&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0a...
  • https://id5-sync.com/qp/18.gif?puid=vec%3A22857839086&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY
  • https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/441/19/4/6.gif?puid=${profile_id}&gdpr=1&gdpr_consent=
  • https://sync.crwdcntrl.net/map/ct=y/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/441/19/4/6.gif?puid=${profile_id}&gdpr=1&gdpr_consent=
  • https://id5-sync.com/c/441/19/4/6.gif?puid=c96acd7f2209eb2ee4ae6e970b53564a&gdpr=1&gdpr_consent=
0
0
6.gif
id5-sync.com/c/441/19/4/
Redirect Chain
  • https://id5-sync.com/s/441/9.gif?puid=e_cb0e67b4-894b-4dff-a3a4-d0327bc690c2&gdpr=1&gdpr_consent=
  • https://id5-sync.com/c/441/441/9/1.gif?puid=e_cb0e67b4-894b-4dff-a3a4-d0327bc690c2&gdpr=1&gdpr_consent=
  • https://ice.360yield.com/match?publisher_dsp_id=313&dsp_callback=1&external_user_id=ID5-ZHMOgDW08hSEheVcllVyPWe_ReBAA-ui-EkkkPZlgw&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F441%2F916%2F8%2F2.gif%3Fpuid%3...
  • https://ice.360yield.com/ul_cb/match?publisher_dsp_id=313&dsp_callback=1&external_user_id=ID5-ZHMOgDW08hSEheVcllVyPWe_ReBAA-ui-EkkkPZlgw&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F441%2F916%2F8%2F2.gif%3F...
  • https://id5-sync.com/cq/441/916/8/2.gif?puid=4ddfa8db-4408-4c6b-ae75-d61ed6765844&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent=
  • https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOgDW08hSEheVcllVyPWe_ReBAA-ui-EkkkPZlgw&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F441%2F124%2F7%2F3.gif%3Fpuid%3D...
  • https://id5-sync.com/cq/441/124/7/3.gif?puid=4ddfa8db-4408-4c6b-ae75-d61ed6765844&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent=
  • https://ads.avocet.io/getuid?url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F146%2F6%2F4.gif%3Fpuid%3D%7B%7BUUID%7D%7D%26gdpr%3D1%26gdpr_consent%3D
  • https://ads.avct.cloud/getuid?r=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F146%2F6%2F4.gif%3Fpuid%3D%7B%7BUUID%7D%7D%26gdpr%3D1%26gdpr_consent%3D
  • https://ads.avct.cloud/getuid?bounce=true&r=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F146%2F6%2F4.gif%3Fpuid%3D%7B%7BUUID%7D%7D%26gdpr%3D1%26gdpr_consent%3D
  • https://id5-sync.com/c/441/146/6/4.gif?puid=5d66e664-c9da-4c55-b379-ab59dc8b492f&gdpr=1&gdpr_consent=
  • https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=id517&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY
  • https://cookie-matching.mediarithmics.com/v1/get_or_create?sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&domid=1033
  • https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domi...
  • https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domid=103...
  • https://ib.adnxs.com/getuid?https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=$UID&opid=apx&ops=&utidl=tech:goo:CAESEH94So5ahEs1JtICUsE1Fww&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0Rv...
  • https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=3760716256186545712&opid=apx&ops=&utidl=tech:goo:CAESEH94So5ahEs1JtICUsE1Fww&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0a...
  • https://id5-sync.com/qp/18.gif?puid=vec%3A22857839086&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY
  • https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/441/19/4/6.gif?puid=${profile_id}&gdpr=1&gdpr_consent=
  • https://sync.crwdcntrl.net/map/ct=y/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/441/19/4/6.gif?puid=${profile_id}&gdpr=1&gdpr_consent=
  • https://id5-sync.com/c/441/19/4/6.gif?puid=c96acd7f2209eb2ee4ae6e970b53564a&gdpr=1&gdpr_consent=
0
0
6.gif
id5-sync.com/c/441/19/4/
Redirect Chain
  • https://id5-sync.com/s/441/9.gif?puid=e_155de862-e828-48b6-b346-176bf8ea2626&gdpr=1&gdpr_consent=
  • https://id5-sync.com/c/441/441/9/1.gif?puid=e_155de862-e828-48b6-b346-176bf8ea2626&gdpr=1&gdpr_consent=
  • https://ice.360yield.com/match?publisher_dsp_id=313&dsp_callback=1&external_user_id=ID5-ZHMOgDW08hSEheVcllVyPWe_ReBAA-ui-EkkkPZlgw&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F441%2F916%2F8%2F2.gif%3Fpuid%3...
  • https://ice.360yield.com/ul_cb/match?publisher_dsp_id=313&dsp_callback=1&external_user_id=ID5-ZHMOgDW08hSEheVcllVyPWe_ReBAA-ui-EkkkPZlgw&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F441%2F916%2F8%2F2.gif%3F...
  • https://id5-sync.com/cq/441/916/8/2.gif?puid=4ddfa8db-4408-4c6b-ae75-d61ed6765844&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent=
  • https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOgDW08hSEheVcllVyPWe_ReBAA-ui-EkkkPZlgw&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F441%2F124%2F7%2F3.gif%3Fpuid%3D...
  • https://id5-sync.com/cq/441/124/7/3.gif?puid=4ddfa8db-4408-4c6b-ae75-d61ed6765844&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent=
  • https://ads.avocet.io/getuid?url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F146%2F6%2F4.gif%3Fpuid%3D%7B%7BUUID%7D%7D%26gdpr%3D1%26gdpr_consent%3D
  • https://ads.avct.cloud/getuid?r=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F146%2F6%2F4.gif%3Fpuid%3D%7B%7BUUID%7D%7D%26gdpr%3D1%26gdpr_consent%3D
  • https://ads.avct.cloud/getuid?bounce=true&r=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F146%2F6%2F4.gif%3Fpuid%3D%7B%7BUUID%7D%7D%26gdpr%3D1%26gdpr_consent%3D
  • https://id5-sync.com/c/441/146/6/4.gif?puid=5d66e664-c9da-4c55-b379-ab59dc8b492f&gdpr=1&gdpr_consent=
  • https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=id517&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY
  • https://cookie-matching.mediarithmics.com/v1/get_or_create?sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&domid=1033
  • https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domi...
  • https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domid=103...
  • https://ib.adnxs.com/getuid?https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=$UID&opid=apx&ops=&utidl=tech:goo:CAESEH94So5ahEs1JtICUsE1Fww&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0Rv...
  • https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=3760716256186545712&opid=apx&ops=&utidl=tech:goo:CAESEH94So5ahEs1JtICUsE1Fww&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0a...
  • https://id5-sync.com/qp/18.gif?puid=vec%3A22857839086&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY
  • https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/441/19/4/6.gif?puid=${profile_id}&gdpr=1&gdpr_consent=
  • https://sync.crwdcntrl.net/map/ct=y/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/441/19/4/6.gif?puid=${profile_id}&gdpr=1&gdpr_consent=
  • https://id5-sync.com/c/441/19/4/6.gif?puid=c96acd7f2209eb2ee4ae6e970b53564a&gdpr=1&gdpr_consent=
0
0
6.gif
id5-sync.com/c/441/19/4/
Redirect Chain
  • https://id5-sync.com/s/441/9.gif?puid=e_15f03c63-9786-4117-9772-48e7539e9ab1&gdpr=1&gdpr_consent=
  • https://id5-sync.com/c/441/441/9/1.gif?puid=e_15f03c63-9786-4117-9772-48e7539e9ab1&gdpr=1&gdpr_consent=
  • https://ice.360yield.com/match?publisher_dsp_id=313&dsp_callback=1&external_user_id=ID5-ZHMOgDW08hSEheVcllVyPWe_ReBAA-ui-EkkkPZlgw&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F441%2F916%2F8%2F2.gif%3Fpuid%3...
  • https://ice.360yield.com/ul_cb/match?publisher_dsp_id=313&dsp_callback=1&external_user_id=ID5-ZHMOgDW08hSEheVcllVyPWe_ReBAA-ui-EkkkPZlgw&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F441%2F916%2F8%2F2.gif%3F...
  • https://id5-sync.com/cq/441/916/8/2.gif?puid=4ddfa8db-4408-4c6b-ae75-d61ed6765844&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent=
  • https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOgDW08hSEheVcllVyPWe_ReBAA-ui-EkkkPZlgw&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F441%2F124%2F7%2F3.gif%3Fpuid%3D...
  • https://id5-sync.com/cq/441/124/7/3.gif?puid=4ddfa8db-4408-4c6b-ae75-d61ed6765844&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent=
  • https://ads.avocet.io/getuid?url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F146%2F6%2F4.gif%3Fpuid%3D%7B%7BUUID%7D%7D%26gdpr%3D1%26gdpr_consent%3D
  • https://ads.avct.cloud/getuid?r=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F146%2F6%2F4.gif%3Fpuid%3D%7B%7BUUID%7D%7D%26gdpr%3D1%26gdpr_consent%3D
  • https://ads.avct.cloud/getuid?bounce=true&r=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F146%2F6%2F4.gif%3Fpuid%3D%7B%7BUUID%7D%7D%26gdpr%3D1%26gdpr_consent%3D
  • https://id5-sync.com/c/441/146/6/4.gif?puid=5d66e664-c9da-4c55-b379-ab59dc8b492f&gdpr=1&gdpr_consent=
  • https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=id517&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY
  • https://cookie-matching.mediarithmics.com/v1/get_or_create?sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&domid=1033
  • https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domi...
  • https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domid=103...
  • https://ib.adnxs.com/getuid?https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=$UID&opid=apx&ops=&utidl=tech:goo:CAESEH94So5ahEs1JtICUsE1Fww&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0Rv...
  • https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=3760716256186545712&opid=apx&ops=&utidl=tech:goo:CAESEH94So5ahEs1JtICUsE1Fww&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0a...
  • https://id5-sync.com/qp/18.gif?puid=vec%3A22857839086&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY
  • https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/441/19/4/6.gif?puid=${profile_id}&gdpr=1&gdpr_consent=
  • https://sync.crwdcntrl.net/map/ct=y/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/441/19/4/6.gif?puid=${profile_id}&gdpr=1&gdpr_consent=
  • https://id5-sync.com/c/441/19/4/6.gif?puid=c96acd7f2209eb2ee4ae6e970b53564a&gdpr=1&gdpr_consent=
0
0
usermatch
ssum-sec.casalemedia.com/ Frame 4969
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
  • https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
1 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.51.9.98 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-9-98.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
0cfa677aab7c47484283acbe27863d79eb39c0d3e83bfe6bb28a87ed9f2e4938

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://js-sec.indexww.com/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
241|230|45|39|152|196|105|40
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1530
Expires
Mon, 29 Nov 2021 02:07:32 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Mon, 29 Nov 2021 02:07:32 GMT
Connection
keep-alive

Redirect headers

Server
Apache
Content-Length
314
Content-Type
text/html; charset=iso-8859-1
Location
https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires
Mon, 29 Nov 2021 02:07:32 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Mon, 29 Nov 2021 02:07:32 GMT
Connection
keep-alive
usermatch
ssum-sec.casalemedia.com/ Frame F356
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
  • https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.51.9.98 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-9-98.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d3c83ac6773ff4ef485725a80491ac6c0c45d30dde1903ff56f3cc990fb6f4a9

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://js-sec.indexww.com/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
39|45|230|241|105|41|65|111
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1548
Expires
Mon, 29 Nov 2021 02:07:32 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Mon, 29 Nov 2021 02:07:32 GMT
Connection
keep-alive

Redirect headers

Server
Apache
Content-Length
314
Content-Type
text/html; charset=iso-8859-1
Location
https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires
Mon, 29 Nov 2021 02:07:32 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Mon, 29 Nov 2021 02:07:32 GMT
Connection
keep-alive
PugMaster
image6.pubmatic.com/AdServer/ Frame 8338 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=14912175&p=156972&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156972
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
f4a8ba4531925ade4c1972b3ba73d5ba61e6abd23b37b822fe09b0fd6c0d372a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 29 Nov 2021 02:07:31 GMT
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
usermatch
ssum-sec.casalemedia.com/ Frame 6467
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
  • https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.51.9.98 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-9-98.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
a39a902bdadeabd3a1d6c0ff7584f70b9d8021fc48e5e6673a6f311cadd7f027

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://js-sec.indexww.com/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
230|241|45|39|109|190|65|105
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1576
Expires
Mon, 29 Nov 2021 02:07:32 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Mon, 29 Nov 2021 02:07:32 GMT
Connection
keep-alive

Redirect headers

Server
Apache
Content-Length
314
Content-Type
text/html; charset=iso-8859-1
Location
https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires
Mon, 29 Nov 2021 02:07:32 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Mon, 29 Nov 2021 02:07:32 GMT
Connection
keep-alive
usermatch
ssum-sec.casalemedia.com/ Frame 9E35 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.51.9.98 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-9-98.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
136eff6eb269b42c4473cbb49c4c8880ff93a603d6f1e9ec68e21257b51d3b01

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://js-sec.indexww.com/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
45|39|241|230|47|64|46|206
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1750
Expires
Mon, 29 Nov 2021 02:07:32 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Mon, 29 Nov 2021 02:07:32 GMT
Connection
keep-alive
match
c1.adform.net/serving/cookie/ Frame E2A4
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&cid=F729DA14-8AE5-4433-B7C0-6F63D9E8303B
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=F729DA14-8AE5-4433-B7C0-6F63D9E8303B
35 B
477 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=F729DA14-8AE5-4433-B7C0-6F63D9E8303B
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156972
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.28 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Mon, 29 Nov 2021 02:07:32 GMT
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, no-transform
pragma
no-cache
expires
-1
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
strict-transport-security
max-age=31536000; includeSubDomains

Redirect headers

server
nginx
date
Mon, 29 Nov 2021 02:07:32 GMT
content-length
0
location
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=F729DA14-8AE5-4433-B7C0-6F63D9E8303B
cache-control
no-cache, no-store, must-revalidate, no-transform
pragma
no-cache
expires
-1
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
strict-transport-security
max-age=31536000; includeSubDomains
Pug
image2.pubmatic.com/AdServer/ Frame CBB3
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5962049199002859928
42 B
209 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5962049199002859928
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156972
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Mon, 29 Nov 2021 02:07:32 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
lhrpug012:0:412
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5962049199002859928
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
usersync.aspx
dis.criteo.com/dis/ Frame 4BF0 		43 B
334 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156972
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

date
Mon, 29 Nov 2021 02:07:32 GMT
content-type
image/gif
server
Kestrel
cache-control
no-cache
pragma
no-cache
expires
Mon, 29 Nov 2021 00:00:00 GMT
x-errorlevel
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
572656
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 8338
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=9ynaFIrlRDO3wG9j2egwOw%3D%3D
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156972
Protocol
H2
Server
184.51.9.34 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-9-34.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 29 Nov 2021 02:07:32 GMT
content-encoding
gzip
last-modified
Tue, 15 Jun 2021 06:08:03 GMT
server
Apache/2.2.15 (CentOS)
etag
"1300708-3945-5c4c7cc02bd56"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=67145
accept-ranges
bytes
content-type
text/html; charset=UTF-8
content-length
5054
expires
Mon, 29 Nov 2021 20:46:37 GMT

Redirect headers

pragma
no-cache
date
Mon, 29 Nov 2021 02:07:32 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
272
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame 8338
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=b8b361a4-35e4-4800-af5b-2eb0b62244e6
0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=b8b361a4-35e4-4800-af5b-2eb0b62244e6
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156972
Protocol
H2
Server
185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 29 Nov 2021 02:07:31 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Mon, 29 Nov 2021 02:07:32 GMT
Server
MT3 4133 baa842e master zrh-pixel-x11 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=b8b361a4-35e4-4800-af5b-2eb0b62244e6
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 29 Nov 2021 02:07:31 GMT
mw
mwzeom.zeotap.com/ Frame 8338
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=F729DA14-8AE5-4433-B7C0-6F63D9E8303B
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1
  • https://pixel.onaudience.com/?partner=147&mapped=450ba572-3972-453b-bf9f-3a7ceefaac83&icm
  • https://spl.zeotap.com/?zdid=1332&zcluid=117101dff7937900
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=c890ba4b-30e9-48c5-77af-51a9258d57ec&reqId=8a419f33-1a96-4e47-7977-c4954ecf5b8f&zclui...
  • https://mwzeom.zeotap.com/mw?google_gid=CAESEPEgy1SCMU4CySqQRPXw2VA&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=c890ba4b-30e9-48c5-77af-51a9258d57ec&reqId=8a419f33-1a96-4e47-7977-c49...
95 B
165 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?google_gid=CAESEPEgy1SCMU4CySqQRPXw2VA&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=c890ba4b-30e9-48c5-77af-51a9258d57ec&reqId=8a419f33-1a96-4e47-7977-c4954ecf5b8f&zcluid=117101dff7937900&zdid=1332
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156972
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 29 Nov 2021 02:07:33 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
6b584879fec80f56-MXP
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Mon, 29 Nov 2021 02:07:33 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://mwzeom.zeotap.com/mw?google_gid=CAESEPEgy1SCMU4CySqQRPXw2VA&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=c890ba4b-30e9-48c5-77af-51a9258d57ec&reqId=8a419f33-1a96-4e47-7977-c4954ecf5b8f&zcluid=117101dff7937900&zdid=1332
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
469
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 8338
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RjcyOURBMTQtOEFFNS00NDMzLUI3QzAtNkY2M0Q5RTgzMDNC&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156972
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 29 Nov 2021 02:07:32 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug001:0:412
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 29 Nov 2021 02:07:32 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 8338
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEJnUX2YpEzp2TqswLTd26wk&google_cver=1
42 B
282 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEJnUX2YpEzp2TqswLTd26wk&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156972
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 29 Nov 2021 02:07:32 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug016:0:691
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 29 Nov 2021 02:07:32 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEJnUX2YpEzp2TqswLTd26wk&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame 8338 		43 B
618 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156972
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
169.50.137.184 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
b8.89.32a9.ip4.static.sl-reverse.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 29 Nov 2021 02:07:32 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
nginx
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Sun, 28 Nov 2021 02:07:32 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 8338
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:7a6161a4-35e4-4300-9710-c23e7a69a521&gdpr=0&gdpr_consent=
42 B
494 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:7a6161a4-35e4-4300-9710-c23e7a69a521&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156972
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 29 Nov 2021 02:07:31 GMT
cache-control
no-store, no-cache, private
x-lat
amspug008:0:342
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Mon, 29 Nov 2021 02:07:32 GMT
Server
MT3 4133 baa842e master zrh-pixel-x7 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:7a6161a4-35e4-4300-9710-c23e7a69a521&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 29 Nov 2021 02:07:31 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 8338
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=6449653121832713678
42 B
233 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=6449653121832713678
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156972
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 29 Nov 2021 02:07:32 GMT
cache-control
no-store, no-cache, private
x-lat
amspug011:0:418
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 29 Nov 2021 02:07:32 GMT
server
nginx
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=6449653121832713678
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
Pug
simage2.pubmatic.com/AdServer/ Frame 8338
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=450ba572-3972-453b-bf9f-3a7ceefaac83
42 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=450ba572-3972-453b-bf9f-3a7ceefaac83
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156972
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 29 Nov 2021 02:07:32 GMT
cache-control
no-store, no-cache, private
x-lat
amspug010:0:380
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 29 Nov 2021 02:07:32 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=450ba572-3972-453b-bf9f-3a7ceefaac83
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
313
Pug
image2.pubmatic.com/AdServer/ Frame 8338
Redirect Chain
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA%3D%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3760716256186545712&gdpr=0&gdpr_consent=
42 B
521 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3760716256186545712&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156972
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 29 Nov 2021 02:07:32 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug004:0:435
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Mon, 29 Nov 2021 02:07:32 GMT
X-Proxy-Origin
194.36.108.18; 194.36.108.18; 725.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
51c744bd-93ae-472a-a502-b5311ab98946
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3760716256186545712&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 8338
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=ZbAXpWC0E6V-5ULwY-Jbp2LgRfR-4BDwYrDpPzrA
42 B
314 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=ZbAXpWC0E6V-5ULwY-Jbp2LgRfR-4BDwYrDpPzrA
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156972
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 29 Nov 2021 02:07:32 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug010:0:428
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 29 Nov 2021 02:07:32 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=ZbAXpWC0E6V-5ULwY-Jbp2LgRfR-4BDwYrDpPzrA
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
F729DA14-8AE5-4433-B7C0-6F63D9E8303B
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 8338 		43 B
873 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/F729DA14-8AE5-4433-B7C0-6F63D9E8303B?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156972
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3602:1794:1826:a9e8:a8ca Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 29 Nov 2021 02:07:32 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
SPug
image4.pubmatic.com/AdServer/ Frame 8338
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=F729DA14-8AE5-4433-B7C0-6F63D9E8303B&redir=true&gdpr=0&gdpr_consent=
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=F729DA14-8AE5-4433-B7C0-6F63D9E8303B&redir=true&gdpr=0&gdpr_consent=&verify=true
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-cd8BOapE2uUpzgOujSKcNq0.oDFcwWk-~A&gdpr=0&gdpr_consent=
0
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-cd8BOapE2uUpzgOujSKcNq0.oDFcwWk-~A&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156972
Protocol
H2
Server
185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 29 Nov 2021 02:07:31 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-cd8BOapE2uUpzgOujSKcNq0.oDFcwWk-~A&gdpr=0&gdpr_consent=
date
Mon, 29 Nov 2021 02:07:32 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
dcm
s.amazon-adsystem.com/ Frame 4969
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YaQ15LafI8WC4afQ7O2ASQAABE8AAAAB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YaQ15LafI8WC4afQ7O2ASQAABE8AAAAB&dcc=t
43 B
645 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YaQ15LafI8WC4afQ7O2ASQAABE8AAAAB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
209.54.180.144 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 29 Nov 2021 02:07:33 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
C0YMTXCQ7VCW85H44SK9
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 29 Nov 2021 02:07:33 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
ADZ9F0ABCCY8YRHBA3G1
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YaQ15LafI8WC4afQ7O2ASQAABE8AAAAB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame 4969
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YaQ15LafI8WC4afQ7O2ASQAABE8AAAAB&gdpr_consent=&us_privacy=&gdpr=1
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESENrS0GT4NyWpqfqKoa5_HmY&google_cver=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESENrS0GT4NyWpqfqKoa5_HmY&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
184.51.9.98 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-9-98.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 29 Nov 2021 02:07:32 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Mon, 29 Nov 2021 02:07:32 GMT

Redirect headers

pragma
no-cache
date
Mon, 29 Nov 2021 02:07:32 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESENrS0GT4NyWpqfqKoa5_HmY&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
343
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 4969
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YaQ15LafI8WC4afQ7O2ASQAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEMPRT8QaxYOKiVPOKmcPa4o&google_cver=1&gdpr=1
43 B
999 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEMPRT8QaxYOKiVPOKmcPa4o&google_cver=1&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
184.51.9.98 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-9-98.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 29 Nov 2021 02:07:32 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 29 Nov 2021 02:07:32 GMT

Redirect headers

pragma
no-cache
date
Mon, 29 Nov 2021 02:07:32 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEMPRT8QaxYOKiVPOKmcPa4o&google_cver=1&gdpr=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
325
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame 4969 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Nov 2021 02:07:32 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
crum
dsum-sec.casalemedia.com/ Frame 4969
Redirect Chain
  • https://sync.extend.tv/r.gif?exchange=index
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=1e115553-82e0-46f8-b857-5af9ad172164
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=1e115553-82e0-46f8-b857-5af9ad172164
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
184.51.9.98 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-9-98.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 29 Nov 2021 02:07:33 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 29 Nov 2021 02:07:33 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 29 Nov 2021 02:07:33 GMT
Access-Control-Allow-Origin
*
Content-Type
text/html; charset=utf-8
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=1e115553-82e0-46f8-b857-5af9ad172164
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
132
Expires
Tue, 29 May 1984 15:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 4969
Redirect Chain
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1&prevuid=&knw=0
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
184.51.9.98 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-9-98.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 29 Nov 2021 02:07:32 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Mon, 29 Nov 2021 02:07:32 GMT

Redirect headers

date
Mon, 29 Nov 2021 02:07:32 GMT
server
nginx
access-control-allow-origin
*
transfer-encoding
chunked
access-control-allow-methods
POST, GET, OPTIONS
p3p
CP="NOI DEV OUR BUS UNI"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
cache-control
no-cache
content-type
text/html; charset=UTF-8
access-control-allow-headers
Origin
keep-alive
timeout=10
crum
dsum-sec.casalemedia.com/ Frame 4969
Redirect Chain
  • https://d.adroll.com/cm/index/ssp?gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
184.51.9.98 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-9-98.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 29 Nov 2021 02:07:33 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 29 Nov 2021 02:07:33 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
date
Mon, 29 Nov 2021 02:07:32 GMT
server
nginx/1.20.0
content-length
76
htw-pixel.gif
js-sec.indexww.com/ht/ Frame 4969 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?YaQ15LafI8WC4afQ7O2ASQAA%261103
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.51.9.98 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-9-98.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Mon, 29 Nov 2021 02:07:32 GMT
Last-Modified
Tue, 24 Jan 2017 19:36:04 GMT
Server
Apache
ETag
"761e21-2b-546dc3a097100"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=2086
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
Expires
Mon, 29 Nov 2021 02:42:18 GMT
casale
match.adsrvr.org/track/cmf/ Frame F356 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Nov 2021 02:07:32 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
crum
dsum-sec.casalemedia.com/ Frame F356
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YaQ15LafI8WC4afQ7O2ASQAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEMPRT8QaxYOKiVPOKmcPa4o&google_cver=1&gdpr=1
43 B
999 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEMPRT8QaxYOKiVPOKmcPa4o&google_cver=1&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
184.51.9.98 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-9-98.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 29 Nov 2021 02:07:32 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 29 Nov 2021 02:07:32 GMT

Redirect headers

pragma
no-cache
date
Mon, 29 Nov 2021 02:07:32 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEMPRT8QaxYOKiVPOKmcPa4o&google_cver=1&gdpr=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
325
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame F356
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YaQ15LafI8WC4afQ7O2ASQAABE8AAAAB&gdpr_consent=&us_privacy=&gdpr=1
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESENrS0GT4NyWpqfqKoa5_HmY&google_cver=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESENrS0GT4NyWpqfqKoa5_HmY&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
184.51.9.98 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-9-98.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 29 Nov 2021 02:07:32 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Mon, 29 Nov 2021 02:07:32 GMT

Redirect headers

pragma
no-cache
date
Mon, 29 Nov 2021 02:07:32 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESENrS0GT4NyWpqfqKoa5_HmY&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
343
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame F356
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YaQ15LafI8WC4afQ7O2ASQAABE8AAAAB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YaQ15LafI8WC4afQ7O2ASQAABE8AAAAB&dcc=t
43 B
645 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YaQ15LafI8WC4afQ7O2ASQAABE8AAAAB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
209.54.180.144 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 29 Nov 2021 02:07:33 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
7X1K678EFF7FXFKPF76V
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 29 Nov 2021 02:07:33 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
AJ9RBX96W5DGTMCQ05XM
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YaQ15LafI8WC4afQ7O2ASQAABE8AAAAB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame F356
Redirect Chain
  • https://d.adroll.com/cm/index/ssp?gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
184.51.9.98 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-9-98.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 29 Nov 2021 02:07:33 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 29 Nov 2021 02:07:33 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
date
Mon, 29 Nov 2021 02:07:32 GMT
server
nginx/1.20.0
content-length
76
bridge
cm.adgrx.com/ Frame F356 		43 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.251.241.204 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 29 Nov 2021 02:07:32 GMT
server
Cowboy
P3P
CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate, proxy-revalidate
Connection
keep-alive
Content-Type
image/gif
X-RealServer-NX
ams-delivery-6
Content-Length
43
Expires
Thu, 23 Sep 2004 17:42:04 GMT
rum
dsum.casalemedia.com/ Frame F356
Redirect Chain
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1&gdpr=1
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1638238052&gdpr=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1638238052&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
184.51.9.98 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-9-98.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 29 Nov 2021 02:07:33 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Mon, 29 Nov 2021 02:07:33 GMT

Redirect headers

location
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1638238052&gdpr=1
pragma
no-cache
date
Mon, 29 Nov 2021 02:07:32 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
content-length
0
expires
0
match
c1.adform.net/serving/cookie/ Frame F356 		0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c1.adform.net/serving/cookie/match?party=29&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.28 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Nov 2021 02:07:32 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
htw-pixel.gif
js-sec.indexww.com/ht/ Frame F356 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?YaQ15LafI8WC4afQ7O2ASQAA%261103
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.51.9.98 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-9-98.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Mon, 29 Nov 2021 02:07:32 GMT
Last-Modified
Tue, 24 Jan 2017 19:36:04 GMT
Server
Apache
ETag
"761e21-2b-546dc3a097100"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=2086
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
Expires
Mon, 29 Nov 2021 02:42:18 GMT
cs&eq_cc=1
um2.eqads.com/um/ Frame 01BC
Redirect Chain
  • https://um2.eqads.com/um/cs
  • https://um2.eqads.com/um/cs&eq_cc=1
186 B
370 B 		Document
General
Check archive.org
Download Go to
Full URL
https://um2.eqads.com/um/cs&eq_cc=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.213.10.151 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-213-10-151.compute-1.amazonaws.com
Software
/
Resource Hash
ffd2db86c38746f0ce92ed921eb5071041ccda66615f9d9094a5523bd9409892

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/

Response headers

date
Mon, 29 Nov 2021 02:07:33 GMT
content-type
text/html; charset=utf-8
content-length
186
cache-control
no-cache, must-revalidate
expires
Sat, 6 May 1995 12:00:00 GMT
last-modified
Mon, 29 Nov 2021 02:07:33 GMT
pragma
no-cache

Redirect headers

date
Mon, 29 Nov 2021 02:07:33 GMT
content-type
text/html; charset=utf-8
content-length
41
location
/um/cs&eq_cc=1
crum
dsum-sec.casalemedia.com/ Frame 9E35
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YaQ15LafI8WC4afQ7O2ASgAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEMPRT8QaxYOKiVPOKmcPa4o&google_cver=1&gdpr=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEMPRT8QaxYOKiVPOKmcPa4o&google_cver=1&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
184.51.9.98 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-9-98.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 29 Nov 2021 02:07:33 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 29 Nov 2021 02:07:33 GMT

Redirect headers

pragma
no-cache
date
Mon, 29 Nov 2021 02:07:32 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEMPRT8QaxYOKiVPOKmcPa4o&google_cver=1&gdpr=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
325
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame 9E35 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Nov 2021 02:07:32 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
dcm
s.amazon-adsystem.com/ Frame 9E35
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YaQ15LafI8WC4afQ7O2ASQAABE8AAAAB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YaQ15LafI8WC4afQ7O2ASQAABE8AAAAB&dcc=t
43 B
645 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YaQ15LafI8WC4afQ7O2ASQAABE8AAAAB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
209.54.180.144 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 29 Nov 2021 02:07:33 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
MWGBX72GR7GRG3HNWJHK
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 29 Nov 2021 02:07:33 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
17KNQBADJPDJ7BA827SE
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YaQ15LafI8WC4afQ7O2ASQAABE8AAAAB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame 9E35
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YaQ15LafI8WC4afQ7O2ASQAABE8AAAAB&gdpr_consent=&us_privacy=&gdpr=1
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESENrS0GT4NyWpqfqKoa5_HmY&google_cver=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESENrS0GT4NyWpqfqKoa5_HmY&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
184.51.9.98 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-9-98.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 29 Nov 2021 02:07:32 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Mon, 29 Nov 2021 02:07:32 GMT

Redirect headers

pragma
no-cache
date
Mon, 29 Nov 2021 02:07:32 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESENrS0GT4NyWpqfqKoa5_HmY&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
343
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 9E35
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=0PCZiIHO1MRw4Q5&gdpr=1
43 B
1002 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=0PCZiIHO1MRw4Q5&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
184.51.9.98 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-9-98.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 29 Nov 2021 02:07:32 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 29 Nov 2021 02:07:32 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 29 Nov 2021 02:07:32 GMT
Server
PingMatch/v2.0.30-691-gbabbd08#rel-ec2-master i-0b2a0a0a5201c51fd@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
P3P
policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=0PCZiIHO1MRw4Q5&gdpr=1
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 9E35
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48&gdpr=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1640743653
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1640743653
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
184.51.9.98 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-9-98.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 29 Nov 2021 02:07:33 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 29 Nov 2021 02:07:33 GMT

Redirect headers

pragma
no-cache
date
Mon, 29 Nov 2021 02:07:32 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1640743653
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
getuid
secure.adnxs.com/ Frame 9E35 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.15 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers
sync
ups.analytics.yahoo.com/ups/55940/ Frame 9E35 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YaQ15LafI8WC4afQ7O2ASQAABE8AAAAB&gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 29 Nov 2021 02:07:32 GMT
server
ATS/9.1.0.33
age
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
htw-pixel.gif
js-sec.indexww.com/ht/ Frame 9E35 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?YaQ15LafI8WC4afQ7O2ASQAA%261103
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.51.9.98 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-9-98.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Mon, 29 Nov 2021 02:07:32 GMT
Last-Modified
Tue, 24 Jan 2017 19:36:04 GMT
Server
Apache
ETag
"761e21-2b-546dc3a097100"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=2086
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
Expires
Mon, 29 Nov 2021 02:42:18 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame 6467
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YaQ15LafI8WC4afQ7O2ASgAABIIAAAIB&gdpr_consent=&us_privacy=&gdpr=1
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESENrS0GT4NyWpqfqKoa5_HmY&google_cver=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESENrS0GT4NyWpqfqKoa5_HmY&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
184.51.9.98 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-9-98.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 29 Nov 2021 02:07:32 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Mon, 29 Nov 2021 02:07:32 GMT

Redirect headers

pragma
no-cache
date
Mon, 29 Nov 2021 02:07:32 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESENrS0GT4NyWpqfqKoa5_HmY&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
343
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 6467
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YaQ15LafI8WC4afQ7O2ASgAABIIAAAIB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YaQ15LafI8WC4afQ7O2ASgAABIIAAAIB&dcc=t
43 B
645 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YaQ15LafI8WC4afQ7O2ASgAABIIAAAIB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
209.54.180.144 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 29 Nov 2021 02:07:33 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
Y5H8EA8PR46GKF8T86X4
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 29 Nov 2021 02:07:33 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
S3C51FRPN484V2K0PRDA
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YaQ15LafI8WC4afQ7O2ASgAABIIAAAIB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 6467
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YaQ15LafI8WC4afQ7O2ASgAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEMPRT8QaxYOKiVPOKmcPa4o&google_cver=1&gdpr=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEMPRT8QaxYOKiVPOKmcPa4o&google_cver=1&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
184.51.9.98 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-9-98.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 29 Nov 2021 02:07:33 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 29 Nov 2021 02:07:33 GMT

Redirect headers

pragma
no-cache
date
Mon, 29 Nov 2021 02:07:32 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEMPRT8QaxYOKiVPOKmcPa4o&google_cver=1&gdpr=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
325
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame 6467 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Nov 2021 02:07:32 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
crum
dsum-sec.casalemedia.com/ Frame 6467
Redirect Chain
  • https://cm.ctnsnet.com/int/cm?exc=19&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=6bf1e482c67c4a48967f9cb108e728e0&expiration=1640743652
43 B
1019 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=6bf1e482c67c4a48967f9cb108e728e0&expiration=1640743652
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
184.51.9.98 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-9-98.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 29 Nov 2021 02:07:32 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 29 Nov 2021 02:07:32 GMT

Redirect headers

pragma
no-cache
date
Mon, 29 Nov 2021 02:07:32 GMT
via
1.1 google
server
Apache-Coyote/1.1
status
302
p3p
CP="NOI DSP COR NID CUR OUR NOR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=6bf1e482c67c4a48967f9cb108e728e0&expiration=1640743652
cache-control
no-cache, must-revalidate
content-type
text/html;charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
getuid
ib.adnxs.com/ Frame 6467 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.52 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
725.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers
rum
dsum.casalemedia.com/ Frame 6467
Redirect Chain
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1&gdpr=1
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1638238052&gdpr=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1638238052&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
184.51.9.98 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-9-98.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 29 Nov 2021 02:07:33 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Mon, 29 Nov 2021 02:07:33 GMT

Redirect headers

location
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1638238052&gdpr=1
pragma
no-cache
date
Mon, 29 Nov 2021 02:07:32 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
content-length
0
expires
0
crum
dsum-sec.casalemedia.com/ Frame 6467
Redirect Chain
  • https://d.adroll.com/cm/index/ssp?gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
184.51.9.98 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-9-98.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 29 Nov 2021 02:07:33 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 29 Nov 2021 02:07:33 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
date
Mon, 29 Nov 2021 02:07:32 GMT
server
nginx/1.20.0
content-length
76
htw-pixel.gif
js-sec.indexww.com/ht/ Frame 6467 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?YaQ15LafI8WC4afQ7O2ASgAA%261154
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.51.9.98 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-9-98.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Mon, 29 Nov 2021 02:07:32 GMT
Last-Modified
Tue, 24 Jan 2017 19:36:04 GMT
Server
Apache
ETag
"761e21-2b-546dc3a097100"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=2086
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
Expires
Mon, 29 Nov 2021 02:42:18 GMT
sync
sync.bfmio.com/ Frame 219B
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=rwuq9ny&ttd_tpi=1
  • https://sync.bfmio.com/sync?pid=106&uid=450ba572-3972-453b-bf9f-3a7ceefaac83
0
589 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.bfmio.com/sync?pid=106&uid=450ba572-3972-453b-bf9f-3a7ceefaac83
Requested by
Host: sync.bfmio.com
URL: https://sync.bfmio.com/sync_iframe?ifpl=5&ifg=1&id=Monumetric+-+Display+-+Header+Bidding&gdpr=0&gc=&gce=1&cb=1638151649620
Protocol
HTTP/1.1
Server
34.192.117.147 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-192-117-147.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.bfmio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Connection
keep-alive
Date
Mon, 29 Nov 2021 02:07:32 GMT

Redirect headers

pragma
no-cache
date
Mon, 29 Nov 2021 02:07:33 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://sync.bfmio.com/sync?pid=106&uid=450ba572-3972-453b-bf9f-3a7ceefaac83
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
183
sync
sync.bfmio.com/ Frame C49A
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=rwuq9ny&ttd_tpi=1
  • https://sync.bfmio.com/sync?pid=106&uid=450ba572-3972-453b-bf9f-3a7ceefaac83
0
589 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.bfmio.com/sync?pid=106&uid=450ba572-3972-453b-bf9f-3a7ceefaac83
Requested by
Host: sync.bfmio.com
URL: https://sync.bfmio.com/sync_iframe?ifpl=5&ifg=1&id=Monumetric+-+Display+-+Header+Bidding&gdpr=0&gc=&gce=1&cb=1638151649494
Protocol
HTTP/1.1
Server
34.192.117.147 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-192-117-147.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.bfmio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Connection
keep-alive
Date
Mon, 29 Nov 2021 02:07:32 GMT

Redirect headers

pragma
no-cache
date
Mon, 29 Nov 2021 02:07:33 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://sync.bfmio.com/sync?pid=106&uid=450ba572-3972-453b-bf9f-3a7ceefaac83
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
183
sync
sync.bfmio.com/ Frame 87E6
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=rwuq9ny&ttd_tpi=1
  • https://sync.bfmio.com/sync?pid=106&uid=450ba572-3972-453b-bf9f-3a7ceefaac83
0
589 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.bfmio.com/sync?pid=106&uid=450ba572-3972-453b-bf9f-3a7ceefaac83
Requested by
Host: sync.bfmio.com
URL: https://sync.bfmio.com/sync_iframe?ifpl=5&ifg=1&id=Monumetric+-+Display+-+Header+Bidding&gdpr=0&gc=&gce=1&cb=1638151649493
Protocol
HTTP/1.1
Server
34.192.117.147 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-192-117-147.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.bfmio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Connection
keep-alive
Date
Mon, 29 Nov 2021 02:07:32 GMT

Redirect headers

pragma
no-cache
date
Mon, 29 Nov 2021 02:07:33 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://sync.bfmio.com/sync?pid=106&uid=450ba572-3972-453b-bf9f-3a7ceefaac83
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
183
sync
sync.bfmio.com/ Frame 756B
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=rwuq9ny&ttd_tpi=1
  • https://sync.bfmio.com/sync?pid=106&uid=450ba572-3972-453b-bf9f-3a7ceefaac83
0
589 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.bfmio.com/sync?pid=106&uid=450ba572-3972-453b-bf9f-3a7ceefaac83
Requested by
Host: sync.bfmio.com
URL: https://sync.bfmio.com/sync_iframe?ifpl=5&ifg=1&id=Monumetric+-+Display+-+Header+Bidding&gdpr=0&gc=&gce=1&cb=1638151649492
Protocol
HTTP/1.1
Server
34.192.117.147 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-192-117-147.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.bfmio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Connection
keep-alive
Date
Mon, 29 Nov 2021 02:07:33 GMT

Redirect headers

pragma
no-cache
date
Mon, 29 Nov 2021 02:07:33 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://sync.bfmio.com/sync?pid=106&uid=450ba572-3972-453b-bf9f-3a7ceefaac83
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
183
crum
dsum-sec.casalemedia.com/ Frame 01BC 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=40&external_user_id=61c2afd4-837c-4f9a-b5f6-d9537a3383ca&expiration=1646100453
Requested by
Host: um2.eqads.com
URL: https://um2.eqads.com/um/cs&eq_cc=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.51.9.98 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-9-98.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://um2.eqads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 29 Nov 2021 02:07:33 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 29 Nov 2021 02:07:33 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame 8338 		0
260 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156972&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156972
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.20 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 29 Nov 2021 02:07:33 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
new
g2.gumgum.com/assets/ 		235 B
542 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/assets/new?assets=%7B%22v%22%3A%221.1%22%2C%22pv%22%3A%2227a82f89-a96f-4b1f-82c8-2d9e11bfe363%22%2C%22r%22%3A%223.85.12%22%2C%22t%22%3A%228d405bb9%22%2C%22rf%22%3A%22%22%2C%22fs%22%3Afalse%2C%22ce%22%3Atrue%2C%22p%22%3A%22https%3A%2F%2Fjohnpavlovitz.com%2F%22%2C%22a%22%3A%5B%7B%22i%22%3A1%2C%22u%22%3A%22https%3A%2F%2Fjohnpavlovitz.com%2Fwp-content%2Fuploads%2F2021%2F11%2FScreen-Shot-2021-11-17-at-9.31.57-AM-1536x858.png%22%2C%22w%22%3A572%2C%22h%22%3A319%2C%22x%22%3A280%2C%22y%22%3A884%2C%22lt%22%3A%22none%22%2C%22af%22%3Afalse%2C%22prefetch%22%3Atrue%7D%5D%2C%22ac%22%3A%7B%7D%2C%22vp%22%3A%7B%22ii%22%3Afalse%2C%22w%22%3A1600%2C%22h%22%3A1200%7D%2C%22sc%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22d%22%3A1%7D%2C%22tr%22%3A0.4%2C%22ogu%22%3A%22https%3A%2F%2Fjohnpavlovitz.com%2F%22%7D&bf=614d3dd9c296405d0746fdcaf6e253af4c86a77a&lt=1638151654907&to=0&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A2%2C%22ren%22%3A2%2C%22fc%22%3A0%2C%22ctx%22%3A%5B2%5D%2C%22jsv%22%3A%223.85.12%22%2C%22pbv%22%3A%220.0.0%22%7D&ns=10240
Requested by
Host: js.gumgum.com
URL: https://js.gumgum.com/services.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.208.210.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-210-171.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
0096840b5990ec3ada7cc53270d6985bc0cdef27dde549b06c7219a8846529a3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 29 Nov 2021 02:07:34 GMT
content-encoding
gzip
server
nginx
etag
W/"0f058d1f3e1cacec39ce63988108b6de9"
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://johnpavlovitz.com
access-control-allow-credentials
true
content-type
application/json;charset=UTF-8
p2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/p?c1=8&c2=15039634&c3=16&c4=8d405bb9&c7=https%3A%2F%2Fjohnpavlovitz.com%2F&c8=john%20pavlovitz%20-%20Stuff%20That%20Needs%20To%20Be%20Said&c9=&cv=2.0&cj=1&ns__t=163...
  • https://sb.scorecardresearch.com/p2?c1=8&c2=15039634&c3=16&c4=8d405bb9&c7=https%3A%2F%2Fjohnpavlovitz.com%2F&c8=john%20pavlovitz%20-%20Stuff%20That%20Needs%20To%20Be%20Said&c9=&cv=2.0&cj=1&ns__t=16...
64 B
327 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/p2?c1=8&c2=15039634&c3=16&c4=8d405bb9&c7=https%3A%2F%2Fjohnpavlovitz.com%2F&c8=john%20pavlovitz%20-%20Stuff%20That%20Needs%20To%20Be%20Said&c9=&cv=2.0&cj=1&ns__t=1638151654903
Protocol
H2
Server
99.86.7.38 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 29 Nov 2021 02:07:34 GMT
via
1.1 08bbe291f260c2b80a00874a80ade07c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
etag
W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache
Miss from cloudfront
content-type
image/gif; charset=utf-8
content-length
64
x-amz-cf-id
SbcS58NNvhPv79CTAmcrlBiRg85CEGfkx-St96zY41dlfS5oOo0DWw==

Redirect headers

date
Mon, 29 Nov 2021 02:07:34 GMT
via
1.1 08bbe291f260c2b80a00874a80ade07c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
vary
Accept
x-cache
Miss from cloudfront
content-type
text/plain; charset=utf-8
location
https://sb.scorecardresearch.com/p2?c1=8&c2=15039634&c3=16&c4=8d405bb9&c7=https%3A%2F%2Fjohnpavlovitz.com%2F&c8=john%20pavlovitz%20-%20Stuff%20That%20Needs%20To%20Be%20Said&c9=&cv=2.0&cj=1&ns__t=1638151654903
content-length
230
x-amz-cf-id
vi3dxBMpUR0s1gd1B3ftlguZoUtR88SZPFYI98WJbMJsax4lLGTaJw==
quant.js
secure.quantserve.com/ Frame 9C35 		24 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: johnpavlovitz.com
URL: https://johnpavlovitz.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:51e4:db4b:4436:b305 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
487fce51fd801415c362f3f9f2df43c445a4b9ba38f9b6d49dfc898dc85ede94

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 29 Nov 2021 02:07:34 GMT
content-encoding
gzip
etag
"FMCWFRCBdbNj8Eh2c0G78Q=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
expires
Mon, 06 Dec 2021 02:07:34 GMT
logging
ie-lb.gumgum.com/assets/imp/ 		35 B
320 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ie-lb.gumgum.com/assets/imp/logging?reqId=e307b747-952f-4a6b-a7c3-e580260da14a&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A2%2C%22ren%22%3A2%2C%22fc%22%3A0%2C%22ctx%22%3A%5B2%5D%2C%22jsv%22%3A%223.85.12%22%2C%22pbv%22%3A%220.0.0%22%7D&ns=10240
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.19.59 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Nov 2021 02:07:35 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0
id5_cm
ads.creative-serving.com/
Redirect Chain
  • https://id5-sync.com/s/441/9.gif?puid=e_cb0e67b4-894b-4dff-a3a4-d0327bc690c2&gdpr=1&gdpr_consent=
  • https://dpm.demdex.net/ibs:dpid=463291&dpuuid=ID5-ZHMOgDW08hSEheVcllVyPWe_ReBAA-ui-EkkkPZlgw&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F160%2F8%2F2.gif%3Fpuid%3D%24%7BDD_UUID%7D%26gdpr%3D1%26gdpr...
  • https://id5-sync.com/c/441/160/8/2.gif?puid=78880239340303206747814395341066464523&gdpr=1&gdpr_consent=
  • https://dpm.demdex.net/ibs:dpid=494279&dpuuid=ID5-ZHMOgDW08hSEheVcllVyPWe_ReBAA-ui-EkkkPZlgw&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F340%2F7%2F3.gif%3Fpuid%3D%24%7BDD_UUID%7D%26gdpr%3D1%26gdpr...
  • https://id5-sync.com/c/441/340/7/3.gif?puid=78880239340303206747814395341066464523&gdpr=1&gdpr_consent=
  • https://a.audrte.com/match?uid=ID5-ZHMOgDW08hSEheVcllVyPWe_ReBAA-ui-EkkkPZlgw&p=M1950936503&r=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F473%2F6%2F4.gif%3Fpuid%3D%24UID%26gdpr%3D1%26gdpr_consent%3D&gdp...
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9pZDUtc3luYy5jb20vYy80NDEvNDczLzYvNC5naWY_cHVpZFx1MDAzZDFmOUJHOFFpREpnUTgtd3pLUE9MOVpVNVFcdTAwMjZnZHByXHUwMDNk...
  • https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9pZDUtc3luYy5jb20vYy80NDEvNDczLzYvNC5naWY_cHVpZFx1MDAzZDFmOUJHOFFpREpnUTgtd3pLUE9MOVpVNVFcdTAwMjZnZHByXHUwMDNkMVx1MDAyNmdkcHJfY29uc2VudFx1MDAzZCIsImQiOl...
  • https://id5-sync.com/c/441/473/6/4.gif?puid=1f9BG8QiDJgQ8-wzKPOL9ZU5Q&gdpr=1&gdpr_consent=
  • https://dpm.demdex.net/ibs:dpid=483047&dpuuid=ID5-ZHMOgDW08hSEheVcllVyPWe_ReBAA-ui-EkkkPZlgw&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F349%2F5%2F5.gif%3Fpuid%3D%24%7BDD_UUID%7D%26gdpr%3D1%26gdpr...
  • https://id5-sync.com/c/441/349/5/5.gif?puid=78880239340303206747814395341066464523&gdpr=1&gdpr_consent=
  • https://dpm.demdex.net/ibs:dpid=121998&dpuuid=c96acd7f2209eb2ee4ae6e970b53564a&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F485%2F4%2F6.gif%3Fpuid%3D%24%7BDD_UUID%7D%26gdpr%3D1%26gdpr_consent%3D&gd...
  • https://id5-sync.com/c/441/485/4/6.gif?puid=69839936772581035112067384150265314919&gdpr=1&gdpr_consent=
  • https://ads.creative-serving.com/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F101%2F3%2F7.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D
0
0
rules-p-00TsOkvHvnsZU.js
rules.quantcount.com/ Frame 9C35 		3 B
430 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-00TsOkvHvnsZU.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:e400:6:44e3:f8c0:93a1 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sun, 28 Nov 2021 18:20:23 GMT
via
1.1 dca6db3c8f31f3cd48bb06d78a8be625.cloudfront.net (CloudFront)
age
28032
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
3
last-modified
Sat, 04 Mar 2017 19:30:30 GMT
server
AmazonS3
etag
"8a80554c91d9fca8acb82f023de02f11"
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-cf-pop
FRA56-C2
accept-ranges
bytes
x-amz-cf-id
Xy2wWNABOzRVjz4en5bOMXfUb6Wfwlo0p24MUHXrx8l8Wh_Xfm7yWw==
pixel;r=1096458450;labels=Lifestyles.8d405bb9.*_johnpavlovitz_com;rf=0;a=p-00TsOkvHvnsZU;url=https%3A%2F%2Fjohnpavlovitz.com%2F;uht=2;fpan=1;fpa=P0-1628850148-1638151655044;pbc=;ns=1;ce=1;qjs=1;qv=...
pixel.quantserve.com/ Frame 9C35 		35 B
210 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=1096458450;labels=Lifestyles.8d405bb9.*_johnpavlovitz_com;rf=0;a=p-00TsOkvHvnsZU;url=https%3A%2F%2Fjohnpavlovitz.com%2F;uht=2;fpan=1;fpa=P0-1628850148-1638151655044;pbc=;ns=1;ce=1;qjs=1;qv=92a3679b-20211110211611;cm=;gdpr=0;ref=;d=johnpavlovitz.com;je=0;sr=1600x1200x24;dst=0;et=1638151655043;tzo=0;ogl=
Requested by
Host: johnpavlovitz.com
URL: https://johnpavlovitz.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:51e4:db4b:4436:b305 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Nov 2021 02:07:35 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
strict-transport-security
max-age=86400
expires
Fri, 04 Aug 1978 12:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
id5-sync.com
URL
https://id5-sync.com/c/441/19/4/6.gif?puid=c96acd7f2209eb2ee4ae6e970b53564a&gdpr=1&gdpr_consent=
Domain
id5-sync.com
URL
https://id5-sync.com/c/441/19/4/6.gif?puid=c96acd7f2209eb2ee4ae6e970b53564a&gdpr=1&gdpr_consent=
Domain
id5-sync.com
URL
https://id5-sync.com/c/441/19/4/6.gif?puid=c96acd7f2209eb2ee4ae6e970b53564a&gdpr=1&gdpr_consent=
Domain
id5-sync.com
URL
https://id5-sync.com/c/441/19/4/6.gif?puid=c96acd7f2209eb2ee4ae6e970b53564a&gdpr=1&gdpr_consent=
Domain
ads.creative-serving.com
URL
https://ads.creative-serving.com/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F101%2F3%2F7.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D

Verdicts & Comments Add Verdict or Comment

147 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 object| 26 object| 27 object| 28 object| 29 object| 30 object| 31 object| 32 object| 33 object| 34 object| 35 object| 36 object| 37 object| 38 object| 39 object| 40 object| 41 object| 42 object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler undefined| $ function| jQuery function| gtag object| dataLayer object| google_tag_manager object| WPCOM_sharing_counts object| wpalabels object| wparest object| _stq object| lazyLoadOptions object| $MMT function| confiantWrap string| speed boolean| loaded function| mainrun function| pbjsChunk object| pbjs object| _pbjsGlobals object| mnet object| ifvisible function| inView object| apstag function| bret function| cash function| pagespeed object| blockedPages function| blockCurrentPage object| googletag string| path object| confiant object| google_tag_data string| GoogleAnalyticsObject function| ga object| __connect object| regeneratorRuntime object| core function| setImmediate function| clearImmediate object| ats object| gaplugins object| gaGlobal object| gaData string| ggv2id object| NO_JQUERY function| pm object| ggevents undefined| bean object| GUMGUM boolean| apstagLOADED object| ggeac object| google_js_reporting_queue boolean| creativeVendorLibraryLoaded object| headertag function| xDomainCookie undefined| google_measure_js_timing object| jetpackLikesWidgetBatch boolean| jetpackLikesMasterReady number| jetpackLikesLookAhead object| jetpackCommentLikesLoadedWidgets function| JetpackLikesPostMessage function| JetpackLikesBatchHandler function| JetpackLikesMessageListener function| JetpackLikesWidgetQueueHandler function| jetpackLoadLikeWidgetIframe function| jetpackGetUnloadedWidgetsInView function| jetpackIsScrolledIntoView function| jetpackUnloadScrolledOutWidgets function| jetpackWidgetsDelayedExec function| jetpackOnScrollStopped function| st_go function| linktracker_init object| wpcom object| jpfbembed object| wpa object| sharing_js_options undefined| windowOpen object| fathom function| fbAsyncInit object| wp object| Jetpack object| WPCOMSharing function| LazyLoad object| FB object| images boolean| is_image object| iframes boolean| is_iframe object| rocket_lazy object| __twttrll object| twttr object| __twttr object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| ampInaboxIframes object| ampInaboxPendingMessages object| GoogleGcLKhOms object| google_image_requests object| ggData

82 Cookies

Domain/Path Name / Value
.johnpavlovitz.com/ Name: _ga
Value: GA1.2.1637388443.1638151648
.johnpavlovitz.com/ Name: _gid
Value: GA1.2.134808236.1638151648
.johnpavlovitz.com/ Name: _gat_gtag_UA_75688011_1
Value: 1
johnpavlovitz.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
johnpavlovitz.com/ Name: session
Value: 7d71fbe8-b170-446e-b067-9590ccabaec3
.adsrvr.org/ Name: TDID
Value: 450ba572-3972-453b-bf9f-3a7ceefaac83
johnpavlovitz.com/ Name: _lr_geo_location
Value: DE
.go.sonobi.com/ Name: HAPLB5A
Value: s5610|YaQ15
.gumgum.com/ Name: cs
Value: true
.gumgum.com/ Name: loc
Value: SfolTs1ZIlOnWsGgPSzMzbSBXScxyMVEV9DEglCT4J8HaSS7SQ9hHJN-j66Tc0cdLpC30BnuQ0QhYHi90-VlZrHkfUHR2j_c
.gumgum.com/ Name: vst
Value: e_cb0e67b4-894b-4dff-a3a4-d0327bc690c2
prebid.a-mo.net/ Name: __amc
Value: 1_1638151649_1638151649
.a-mo.net/ Name: amuid2
Value: 61e8e9c8-91e5-40fe-ae7f-f856e21adf0b
.johnpavlovitz.com/ Name: __gads
Value: ID=70fdd045e68e4ffc-225de80013cc004f:T=1638151649:S=ALNI_MYJqzTaLY-m48J-6GqB_AUDYwX3Rw
.doubleclick.net/ Name: IDE
Value: AHWqTUl5SOyvtjnQ5A-sSV6g7MuKrzkxlpmW8prggvnwGhr5czzVV83OTvkbdhggPOU
johnpavlovitz.com/ Name: _lr_retry_request
Value: true
johnpavlovitz.com/ Name: _lr_env_src_ats
Value: false
johnpavlovitz.com/ Name: pbjs-unifiedid
Value: %7B%22TDID%22%3A%22450ba572-3972-453b-bf9f-3a7ceefaac83%22%2C%22TDID_LOOKUP%22%3A%22TRUE%22%2C%22TDID_CREATED_AT%22%3A%222021-10-29T02%3A07%3A32%22%7D
.id5-sync.com/ Name: cf
Value:
.id5-sync.com/ Name: cip
Value:
.id5-sync.com/ Name: cnac
Value:
.id5-sync.com/ Name: car
Value:
.id5-sync.com/ Name: gdpr
Value:
.id5-sync.com/ Name: callback
Value:
.id5-sync.com/ Name: id5
Value: 47d2d30e-1772-4db7-8270-2d6cc413dd87#1638151640509#1
.ads.pubmatic.com/ Name: KCCH
Value: YES
.casalemedia.com/ Name: CMPS
Value: 5224
.360yield.com/ Name: tuuid_lu
Value: 1638151652
.360yield.com/ Name: tuuid
Value: 4ddfa8db-4408-4c6b-ae75-d61ed6765844
.pubmatic.com/ Name: KADUSERCOOKIE
Value: F729DA14-8AE5-4433-B7C0-6F63D9E8303B
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 1
.pubmatic.com/ Name: pi
Value: 156972:2
.pubmatic.com/ Name: DPSync3
Value: 1639353600%3A197_219_201%7C1638230400%3A174
.pubmatic.com/ Name: SyncRTB3
Value: 1639440000%3A35%7C1638748800%3A223%7C1639353600%3A3_220_13_161_7_56_54_8_21_71
.adnxs.com/ Name: uuid2
Value: 3760716256186545712
.quantserve.com/ Name: d
Value: EI8BCwHrJPijAA
.quantserve.com/ Name: mc
Value: 61a435e4-d4a0c-61a3e-afa11
.mathtag.com/ Name: uuid
Value: 7a6161a4-35e4-4300-9710-c23e7a69a521
.simpli.fi/ Name: suid
Value: A4D07D74BBAD41628CFBD40D3C49B50B
.adform.net/ Name: C
Value: 1
.360yield.com/ Name: umeh
Value: !79,0,1700359652,-1!313,0,1700359652,-1
.360yield.com/ Name: um
Value: !79,FI1M6vx1a0.hM44k1.DVO9PYBOiyLMkAEPr8bTdpko48cGt2T7BPFDvRMM2o7c.pw6IMcc5kS4AP2yNt,1645927652!313,FI1M6rJyQCSVJVDdpd5SypsipaAPj1OC6Nxr2tR0ovSRN-qZHG8BhzH5C0ZvGeu5Q-.ig8gUwk329q3I,1645927652
.de17a.com/ Name: guid2
Value: 1.5962049199002859928
.pubmatic.com/ Name: KRTBCOOKIE_377
Value: 6810-450ba572-3972-453b-bf9f-3a7ceefaac83&KRTB&22918-450ba572-3972-453b-bf9f-3a7ceefaac83&KRTB&23031-450ba572-3972-453b-bf9f-3a7ceefaac83
.pubmatic.com/ Name: PUBMDCID
Value: 3
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:7a6161a4-35e4-4300-9710-c23e7a69a521&KRTB&16736-uid:7a6161a4-35e4-4300-9710-c23e7a69a521&KRTB&23019-uid:7a6161a4-35e4-4300-9710-c23e7a69a521&KRTB&23114-uid:7a6161a4-35e4-4300-9710-c23e7a69a521
.adform.net/ Name: uid
Value: 6449653121832713678
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-6449653121832713678&KRTB&23263-6449653121832713678
.pubmatic.com/ Name: PugT
Value: 1638151652
.ctnsnet.com/ Name: cid_6bf1e482c67c4a48967f9cb108e728e0
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-3760716256186545712
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-ZbAXpWC0E6V-5ULwY-Jbp2LgRfR-4BDwYrDpPzrA&KRTB&19420-ZbAXpWC0E6V-5ULwY-Jbp2LgRfR-4BDwYrDpPzrA&KRTB&22979-ZbAXpWC0E6V-5ULwY-Jbp2LgRfR-4BDwYrDpPzrA
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEJnUX2YpEzp2TqswLTd26wk&KRTB&16514-CAESEJnUX2YpEzp2TqswLTd26wk&KRTB&23025-CAESEJnUX2YpEzp2TqswLTd26wk
.analytics.yahoo.com/ Name: IDSYNC
Value: 18z8~21sq
.pubmatic.com/ Name: KRTBCOOKIE_336
Value: 5844-5962049199002859928
.pubmatic.com/ Name: SPugT
Value: 1638151651
.w55c.net/ Name: wfivefivec
Value: 0PCZiIHO1MRw4Q5
.w55c.net/ Name: matchcasale
Value: 5
.yahoo.com/ Name: A3
Value: d=AQABBOQ1pGECEK8q2aZzqnfMi674pOEd3AgFEgEBAQGHpWGuYQAAAAAA_SMAAA&S=AQAAAvdAd4N0XF5Zx-Pt-wUoYv0
.casalemedia.com/ Name: CMST
Value: YaQ15GGkNeUA
ads.avct.cloud/ Name: uuid
Value: 5d66e664-c9da-4c55-b379-ab59dc8b492f
.casalemedia.com/ Name: CMID
Value: YaQ15LafI8WC4afQ7O2ASQAA
.casalemedia.com/ Name: CMPRO
Value: 1103
.eqads.com/ Name: EQUser
Value: UID=61c2afd4-837c-4f9a-b5f6-d9537a3383ca
.bfmio.com/ Name: __106_cid
Value: 450ba572-3972-453b-bf9f-3a7ceefaac83
.bfmio.com/ Name: __bfio_sync
Value: E39ED40F095BC21008005EFEF1C34381
.bfmio.com/ Name: __io_cid
Value: 450ba572-3972-453b-bf9f-3a7ceefaac83
.onaudience.com/ Name: cookie
Value: 117101dff7937900
.onaudience.com/ Name: done_redirects147
Value: 1
.adsrvr.org/ Name: TDCPM
Value: CAESFwoIcHVibWF0aWMSCwiqvuWY4bmZOhAFGAEgASgCMgsIqq24yfe5mToQBTgBWgd4a3N3OWxhYAI.
.mediarithmics.com/ Name: mics_vid
Value: 22857839086
.mediarithmics.com/ Name: mics_uaid
Value: web:1:906fa3c4-ca1c-42e0-b256-30a093a0f276
.mediarithmics.com/ Name: mics_lts
Value: 1638151653289
.casalemedia.com/ Name: CMRUM3
Value: e661a435e42760&6961a435e405a0&6f61a435e405a0&f161a435e405a0&2f61a435e427600PCZiIHO1MRw4Q5&2d61a435e405a0&4061a435e52760no-consent&2961a435e405a0&2861a435e5276061c2afd4-837c-4f9a-b5f6-d9537a3383ca&4161a435e405a0&2761a435e40b40
.onaudience.com/ Name: done_redirects219
Value: 1
.zeotap.com/ Name: zc
Value: c890ba4b-30e9-48c5-77af-51a9258d57ec
.zeotap.com/ Name: zsc
Value: %60qd%F5%D1n%9B%03.%F7%26Z%3C%CB%1C%9F2%B0b%BAz%C2%F7%D3A%C8%B3h%60qh%8F%FE%9E6%99%E2%E9%92g%E0%9D%B3%E7%81%0C%3F%95U%BA%82%02n%FB%9Cp%8F%02%7B%C5%E1b%A0%CB%A7%FEa%05o%12k%60%C5%F8Vj%C1%8B%906-%ED%F2
.crwdcntrl.net/ Name: _cc_dc
Value: 1
.crwdcntrl.net/ Name: _cc_id
Value: c96acd7f2209eb2ee4ae6e970b53564a
.crwdcntrl.net/ Name: _cc_cc
Value: "ACZ4XmNQSLY0S0xOMU8zMjKwTE0ySk01SUw1S7U0N0gyNTY1M0lkAILEJaZPQTQUAABtCQtm"
.crwdcntrl.net/ Name: _cc_aud
Value: "ABR4XmNgYGBIXGL6FEhBAQAaBwIg"
.id5-sync.com/ Name: 3pi
Value: 146#1638151640939#-81598322|18#1638151641174#-32012796|19#1638151641381#1755467240#c96acd7f2209eb2ee4ae6e970b53564a|916#1638151640695#151678002|441#1638151640528#-1597923696|124#1638151640742#151678002

11 Console Messages

Source Level URL
Text
network error URL: https://api.rlcdn.com/api/identity?pid=2&rt=envelope
Message:
Failed to load resource: the server responded with a status of 451 ()
other error URL: chrome-error://chromewebdata/
Message:
Refused to display 'https://www.facebook.com/' in a frame because it set 'X-Frame-Options' to 'deny'.
other error URL: chrome-error://chromewebdata/
Message:
Refused to display 'https://www.facebook.com/' in a frame because it set 'X-Frame-Options' to 'deny'.
network error URL: https://api.rlcdn.com/api/identity/envelope?pid=1458
Message:
Failed to load resource: the server responded with a status of 451 ()
network error URL: https://c1.adform.net/serving/cookie/match?party=29&gdpr=1
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID&gdpr=1
Message:
Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)
network error URL: https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Message:
Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)
network error URL: https://id5-sync.com/c/441/19/4/6.gif?puid=c96acd7f2209eb2ee4ae6e970b53564a&gdpr=1&gdpr_consent=
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network error URL: https://id5-sync.com/c/441/19/4/6.gif?puid=c96acd7f2209eb2ee4ae6e970b53564a&gdpr=1&gdpr_consent=
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network error URL: https://id5-sync.com/c/441/19/4/6.gif?puid=c96acd7f2209eb2ee4ae6e970b53564a&gdpr=1&gdpr_consent=
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network error URL: https://id5-sync.com/c/441/19/4/6.gif?puid=c96acd7f2209eb2ee4ae6e970b53564a&gdpr=1&gdpr_consent=
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy block-all-mixed-content;
Strict-Transport-Security max-age=2592000;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

041bbc646772232ade25f58d9d587600.safeframe.googlesyndication.com
1x1.a-mo.net
abs.twimg.com
ads.creative-serving.com
ads.pubmatic.com
ads.yieldmo.com
adservice.google.com
adservice.google.de
ap.lijit.com
apex.go.sonobi.com
api.pinterest.com
api.rlcdn.com
as-sec.casalemedia.com
ats.rlcdn.com
biddr.brealtime.com
bloggernetwork-d.openx.net
c.amazon-adsystem.com
c1.adform.net
casale-match.dotomi.com
cdn.districtm.io
cdn.syndication.twimg.com
cm.adgrx.com
cm.ctnsnet.com
cm.g.doubleclick.net
confiant-integrations.global.ssl.fastly.net
connect.facebook.net
contextual.media.net
d.adroll.com
d5p.de17a.com
dis.criteo.com
display.bfmio.com
dmx.districtm.io
dsum-sec.casalemedia.com
dsum.casalemedia.com
encrypted-tbn0.gstatic.com
encrypted-tbn1.gstatic.com
encrypted-tbn2.gstatic.com
encrypted-tbn3.gstatic.com
fonts.googleapis.com
fonts.gstatic.com
g2.gumgum.com
geo.privacymanager.io
get.s-onetag.com
graph.facebook.com
gu.dyntrk.com
hb.emxdgt.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
ib.adnxs.com
id5-sync.com
ie-lb.gumgum.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
imps.monu.delivery
ipwatch.monu.delivery
johnpavlovitz.com
js-sec.indexww.com
js.gumgum.com
lockerdome.com
match.adsrvr.org
monu.delivery
mwzeom.zeotap.com
onetag-geo.s-onetag.com
pagead2.googlesyndication.com
pbs.twimg.com
pixel-sync.sitescout.com
pixel.onaudience.com
pixel.quantserve.com
pixel.wp.com
platform.twitter.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prebid.a-mo.net
prebid.media.net
protected-by.clarium.io
public-api.wordpress.com
rules.quantcount.com
s.amazon-adsystem.com
s0.wp.com
sb.scorecardresearch.com
secure.adnxs.com
secure.quantserve.com
securepubads.g.doubleclick.net
signal-beacon.s-onetag.com
simage2.pubmatic.com
simage4.pubmatic.com
spl.zeotap.com
ssc-cms.33across.com
ssc.33across.com
ssum-sec.casalemedia.com
stats.wp.com
sync.bfmio.com
sync.extend.tv
sync.mathtag.com
syndication.twitter.com
tagm.tchibo.de
ton.twimg.com
tpc.googlesyndication.com
u.openx.net
um.simpli.fi
um2.eqads.com
ups.analytics.yahoo.com
widgets.wp.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
ads.creative-serving.com
id5-sync.com
104.154.142.214
104.16.190.66
104.17.119.107
104.244.42.200
104.96.135.185
13.32.21.201
13.32.22.118
135.125.160.160
142.250.184.194
142.250.186.98
143.204.207.16
143.204.207.44
147.75.61.140
151.101.65.194
169.50.137.184
174.129.26.26
178.162.133.150
178.250.2.151
18.156.0.31
18.185.171.80
18.200.109.184
18.213.10.151
184.51.9.28
184.51.9.34
184.51.9.98
185.29.132.241
185.33.221.15
185.33.221.52
185.64.189.110
185.64.189.112
185.64.190.80
185.64.190.81
192.0.76.3
192.0.77.32
192.0.78.23
198.47.127.19
198.47.127.20
209.54.180.144
213.155.156.164
213.202.235.10
23.202.52.26
2600:1901:0:333a::
2600:9000:211e:e400:6:44e3:f8c0:93a1
2606:2800:134:fa2:1627:1fe:edb:1665
2606:2800:233:7ee2:97c:ab4c:6c70:be36
2606:2800:233:8173:898f:63b3:95c3:79d2
2606:2800:234:59:254c:406:2366:268c
2606:4700:10::ac43:db6
2606:4700:3030::6815:513d
2620:116:800d:21:51e4:db4b:4436:b305
2a00:1450:4001:808::2003
2a00:1450:4001:80e::2001
2a00:1450:4001:810::2002
2a00:1450:4001:810::200e
2a00:1450:4001:811::200a
2a00:1450:4001:813::2002
2a00:1450:4001:827::2002
2a00:1450:4001:827::200e
2a00:1450:4001:829::2004
2a00:1450:4001:829::2008
2a00:1450:4001:82a::2001
2a00:1450:4001:82a::200e
2a00:1450:4001:82b::2003
2a00:1450:4001:82b::200e
2a00:1450:4001:82f::2002
2a01:7e01:1::ac69:92e7
2a02:fa8:8806:20::2010
2a03:2880:f01c:800e:face:b00c:0:2
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a05:d018:d29:3602:1794:1826:a9e8:a8ca
3.127.133.197
3.33.220.150
34.107.148.139
34.120.133.55
34.149.20.76
34.192.117.147
34.98.64.218
35.156.230.193
35.186.193.173
35.186.236.140
37.157.4.28
51.222.80.231
52.208.210.171
52.49.74.33
54.165.214.53
54.236.185.42
54.77.19.59
65.9.71.120
66.155.71.150
67.202.105.21
72.251.241.204
72.251.249.14
99.86.7.38
99.86.7.73
99.86.7.76
0096840b5990ec3ada7cc53270d6985bc0cdef27dde549b06c7219a8846529a3
00a57617df99ac957720b7332f9d15449def3ebe11169d68f12c47a3cde5168d
065bc1eafc13b6c5d8134d591cbf1668da79cd57c393b5386f80a3498248635a
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0c08815f5e74c5477b25c5303f3b512b5c04ccf403e41e319c29cb5243fce5f8
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0cfa677aab7c47484283acbe27863d79eb39c0d3e83bfe6bb28a87ed9f2e4938
10c98254e8ba285dc1fd40e5215a1102e199339dff0d293fe8bfd196f0f60f9c
136eff6eb269b42c4473cbb49c4c8880ff93a603d6f1e9ec68e21257b51d3b01
15398d9b9c6666d022c54cb40fa642de186febdeac77da72940e666dcb4974cd
16503a4de7b0dc887e655440ab1b73d98a7d89549020b766429de82c80a5d687
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
195e8e91bc727766f427243d4cfb79cdc873639991600bf99e9d2cab5cad77c8
1b13a151b900e88c02c1aa32c1d1b186072657804bac786eb73004d7831ef8ae
1c4777fe3a673a05492e27d08032cc91c23ac5389897c9235b09b8b0f5a74db3
1ee2c7157682bfe3593130b726f0710e158d91aaf2528a3461c561855114a7c0
2101735d43a8d486dbc5139500a78420766cc673a3610363ce9525526c3f5149
2164ccda35ef9f1994988c3854e7941905fffa2b6edf0a2f32826ada9b4c3ed0
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba
229c9c1241d5d53c8ce678c5c26c5ecc06b3d39e899d9fc6035c9838d6b16143
2414d0ce2539b93bf0b6a60156dd407f7d54fdec49783226f2d602dbeb509cd0
2537a404d4c911ad4cd631b7eafbb86f4234c7a8a914dd9d65571edb8170ec35
253f42d9369f0077893a445147555e0088f2698843e2610b3a524bac63e72ed1
2728ac44fbacbde844ff94f3d9c2dbe631ace143e724eb148eab6c4479962105
29bbdaaaebb0e82318fb2b12354332981bd499ae1ea3e2af42efbbdcff451439
2a86ce391c624d39a1366f4668930c41af63b9d681233bfe0d08279c9bb10c4d
2bccf4adb2e24e99580a2543aa6d3b220d3f79f24fd7d0bdf69712af2dc52b70
2c0d5a61707261296b9358f6797f7a71f6c0b953da46dfa5e83fea532ff70666
2c0f00055671e3b8481f19e2a783454ff3d3112d676e0bb4261b97b10fcb7585
2c125e6a12e3dd1d1d1aec93292e90fb3c28f36646a954402702b1d9c25175b1
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e97fb51c2116e6c139af7db3043cb591750e54cc7b2789d386ba88af1dd5cc3
30361be414beac4a3c547a30ae564d93ad18465a453ea5b5d37af82cf872f853
3283a9049ff445f01eb659a9033477b8caef594a9cfdadd35b4113ae0cb6920c
36b80e60ef2da3b04d77d60b93cb53c16e79c38aa53ff6a9712a395dc9923349
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
37a14da858caee742741d5f558bc6489f9abcefee4aebb9f68db96106e38f2c1
390cd7655f12b128edd9e052babe974401adc1fe32130212338c76b0c3cd3e05
3d06440da7affef978c73ffc7c5e72ca50aa7230095c8b86cab40525c521f4d5
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3eee78aaf4f9dc8d0d36d3dddbaad9094ace5d91611f9aee6fe0b44b0ed46ccc
3f441ba8a911f2f49d06d96c6e59bfe963bd1db72073faf36d63000c7d45fc2d
3fd921949c0c39a7dd854ffd62605b65c2faace85a19e4962a660ecf5761d0dc
4269ead89e227900c7f573a611f34e97645b943af511189e7a7c571dc094a138
42ecd6904f43af4e6cef62ddbeffa7b2b0b6c8ec5080a3e1deec4576f4294859
45055babdbc02ea34c7baa53f33fc68389c4c5f73afe0bfafd6c9bc5733399bc
4691762ba1acd6131c4eb31e0c4c84461f1415553ec102f713108973f434b6a3
46af53bbe4d9af49ea2c63a6f95c220bab4b6eeaa323397f950a05db48473822
475700259e64d480d1a70023e14741bb298a025e338bb608552e2472d4505a65
478fbe65b34beb5adaa1bb5dd9c8f9b9aa438655677d1e6c766f9d0b0c082502
479266614d36e22a8e90a7f6475a384d10c54156add6e4e96eb70c138ff4009d
487fce51fd801415c362f3f9f2df43c445a4b9ba38f9b6d49dfc898dc85ede94
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4a0d9016fc1bf1b86eb04b291ceb57a99b1aeeb2501d2b87b4d7f2ce7d35a07d
4a87f21ed92041c5107ebfc70504ce0670a1b858bdd8670bf1cb0b71018119d3
4d2671d4c5d04438c3447c787adf222d33ab22c91222abb1b5524ed586b42c01
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
55033882e1bc61cac58471a0ce5372606abd57a9663921dbd6f9a4a926c601b0
580cf50443ff7e3809efecfa8dfed146f36d4850dc97d52a1e044d9d25f6fb91
58dd9cb011f54d6fe92811d53f3875d616c3db0601f6a3fa5089609693c64612
5a4f5eee811fe92e03c2ceb3d4139961f88f2e526333636d9fa413df3041f098
5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5
5df2e6a4096651c41f01a3b7937a5332dd31b0a53a35e5f5b631c0c94e8fb957
5e5fd9fa94e3a54014897a90a7bc2c2ae86cabed1a1962bb61deaa18eae50b4a
61dc309ec8b3d11aef7e9365f3dad0aa805188583a795c4d21d6e0b268efc183
6460950d57e4ea0327a3b77d7f823366575051ce5551819147276fe94653db68
65623c8434f7dadaba113a4521a101729ee3e6635e4412f2ccc99fbe6412d15e
657508eaed38ad6b7d372d9c39d1f2ac9af7745021930e99d209672b5a775d1f
672e29b030b9b17c9cc70beb24af4c41eaf8ce9a0491c655ab9a1c88ab287021
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7
69c553eaaa55f0f82c5fad35b53bc88a2d9cd4ab26a86419f309a3f297c2ab06
6a332601455c252a8e1416affb12225c04cb717cd1f54e2cede14c1660d22bf9
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
726906ee6ce6dfe1b6e35ddad151196c50277e31520de30e916e9cd9affc0ef3
73f7ee91a53b8e58c645d9eab7a7bf10250192050d416d11cc6b52d6a3b7bfc3
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
748fa317a7530c1ad82480e2d6bab05aff87e6a7f692025dc6f4e05b3740bbd8
78f6d317351baa8b4ece01679b512ca49f6983bd04909bfc9489d71c6a542e87
7a2968d4b8d4c1b7005751edf0e5a5c2968bdb0432afafde1fb3b7acdd815ea3
7b0fb27181aa8c2244ab51f28e8b544248585a334184445b1da9b04f89a794ac
7c3ed0e2dfdcac9e4ff0a5569f14b4d0cb15e542a1a842b0339af978e3002769
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c
802a3b18272fce86b7ae5e349963873801db2a682c542ba2a78b673f295ff5e2
810e3926041db1b465708e563275e2b8175c474f8d752b4d4f4dccb3956a8200
82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8354ab149470cfe096f84a0161180dd9dd0177ffeb2bac6ea77e3452ca829bac
836541fc2d112a7fd623b19caee40fb8a3cb12064edc4bd98f0840de324f0daa
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b
8604fdfbf3c02e209ee0f57c7b086dc6eca6e18b976e141f84fe2ca791885c7a
868a78df4f3d0a21f89c48ccc709df44d3875f5fb33e22bf51ca8b5c28be4202
8785d78ecbfcabf1a9cf6a785d6150b53a17f18079a7b9552aeac1d77494f475
888bc5618973079f4a157c8c94b0afe382e7e957306429c5880e032c83fb8e0c
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
8a322ede0b619b9051fccbe2a1a31f402f416d45f92c245aafcbe75e42f6f2b2
8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8
8ceb3992861ed1fda25855c2e500e76842ae0d788405e50e3a9f45df36499cf6
8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8dc9395e36e058fbf9bb3ebc4109cc053f4dcbd5d0b70a002a81a3adf27ecc2b
8ea9df9aa296a2eac3fe1a8b6972fecea49c7295f723cf9c93356ff9301a09ec
8f6cf9f3a3eebb41f002dcfcc945729c27313809c3fd3a6137e0631258c6b7b4
90214d135602962e47ea9587a7eeb62fac1c64a541e373ea76e2b4e8b33e3f88
90ee4a44f9d1afd8fa671fd5311991d7db3280f9be0a62fbb7646c31db9115ca
93fe26d4f9b8e0467f39811046c1965d2cd23543026879f220460cb310cedc66
95387bfe634adae8965526bb60c36fa9914e2490069f2f5b3235e473b4a60c5f
958d46af4272fd75603fbcd0680896efbe73e2609987de68b0665500e607a6d5
997fd0656d2c1d0a2e5fda244c10c29b43c137a5c2f165e60f416990954703d1
99a50b833fec96a9f274d707bb567cd242ec35db35d6bc26ac391c0619304b2e
9c213922938731d9330d3c2ed68e233e48a9305456e1bf54807af528c379d347
9e873746ac34df75cd755a8605bde124fde017eab69e50240b6c94abc4fca1e3
9f0a5cc82a330327b176280416c0c2b68d7b79db210296c14a82de573c5e79ad
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a1dbbafdc3544cc1a9eafad30123a7da4f4dc92a9c282efea53821cb648a4aa3
a39a902bdadeabd3a1d6c0ff7584f70b9d8021fc48e5e6673a6f311cadd7f027
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a549034009f79ead18a2154a8b730d8acb61e2f36c0434c0f9cff0f73df5d8cf
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a83a0c0cfc5d8e3e07678fae11869a2094c43ecc8d43fd5d8400f96fc957975a
a9a91c544e33d4ac8f55a7e8ce951445f383c7f1e7fcf19a3a3976b9128b0c5f
aa68df0ed4b03c3be9618b0e4c98df0779e90175493e93548909fe4c42a9c1e5
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b078ca349bbb98690031af8496ad43459f4bf332ec84ad06f608d5fa96e94632
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757
b4a25f11fbb1e2b547eaf848472f9c048824e307a945f3a0417aac7b09d0456e
b65415525ac0baf44f27226284d63aa82c2dcf298239e215b6b7f63f320e50e8
b6dcc1490a0cc33cdeed8970677b89bbec6fa095675af198b8e923b64563c70a
b8d0b476d33f17f88af0ca5d38a0fa7bade2e40dcd5734a32b926c808c60bec1
ba5cf880d80448460758f597d2f50db9d125fdbd2ac769aa517e20b550622cbb
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
c08a14af9ed6e5d9f28e584c5448e7baf3bf54cba652654ca36f836794f60442
c1068ef200c8a6c6277cbd93017ff1258930ce4af82c104bb12abb5043152de1
c1bceaba0b36b102fe24a4c5c78d65c522bc6aecb17ef2d4115ff188169fa9c3
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c3ab98a11303695462aaa63309ffa207915c6ec8c6f514c6193cfa57c6796d8d
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e
c9cf15822a4e3c5a29b3c50ea49c62ffb668293c8f4ceb7410ac3d5a36e108c8
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
ccb5febf8ac335a1b768a7a2087fa4362cb3a0a9392e2e451df9d9825e88e5db
cceefd476057bb3f36703d027ec405887d25d05311d491b9a203d4c60a2d75fb
cdf3f88beb166e98d2656e957b247c886d1702027559a290e74a02d58d950c8c
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d16bb0a88fce1091efe4288577b2105ea69e0b3c4fa790e26f0e9c9ded7847d0
d1dc7109f359c0320af1b2361599487ef8e5f9fccb95273618b77884f2fd902b
d2005ffb6baec4d0e7c807ef788202c58b7033d4d680544717b666f2abea0d49
d3c83ac6773ff4ef485725a80491ac6c0c45d30dde1903ff56f3cc990fb6f4a9
d47e68332db547f49ca7ef953529c89fa50e96174518054a393830082b1b3345
d5f41ef378f73dd517321c3ad61a8961021dc673acc9ad478c5227342a0e3be9
d8ab7ae9e9ccf94258b9243409edf9356ec6a80a3a44cf664a24e8517861af91
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
dd328db0689c2648b315c2d5a82bed3eaa841b48beba60ab2477b7ac2a93cc70
dde8265b198f28810ec732ce06aaafabdc6affd36bf2c5f215e09f1a97ee1dcc
de418fdfa1d02a219d049bb1cd8562182c4201c67f6b9d0e2f67f21a476e1096
de5df7da4e0f58f862de43d8aabdd5c6e9f37f45ca93a86c976ccde15791ae1a
de75d10803886e88f3ef10a21bcd9373a22e01646db19d6435fb7e9dd39e23ec
de80309d98405d566c6fb1912811b24c8ad3a8380f6819d26a6c1eac5cd99185
de8383d06a56f08749ed99ad3d43911fe88072a79e9148e2d1dead390f64893f
ded16b9cb72df85ea242aaef8878c716abb57c746f0bfda6eabd2b9ddb2a23b5
e02f5a05651d8c08e0b47e3dad4703f76ac9a65cd543b893004a4881efd15445
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e426925cdbcddb1efc63f0f35f5c14c17b9a5e1c9917557d21f4886f6a7b3c9d
e45e1c293e61fc21a34c6c5c1a0d55306bd0018349e47e9cd80db61f5ed51c94
e7907336273196ef7b66c3c9377e5958d4c7e9691de3e67dca3a803138344a00
e89a316ebf1c63ea09e2b7b5889fb55e1ffb326c7b2b172027da0948f5709f6a
ed0cbc994c9664c8032f3b521949ec8da76692f13c846c176248b80234befbe8
eddfb285df91d818926b2f8ec64c71be82e0ea4f21ca9f63f5b0bc5dbcd75b0b
ef0874829b2bc7a4384c23cb0dcb69e385e3a8a4e4b0fccc2eea42a96b208e9f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f09593a5c4b13894ea7f0a65c055c35d2acd4a3168573d6566627cfc48bf1c0a
f21c70d49dd1a12421981bfb41d4559f3311ef19df38b14ef40366658106a6d4
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f4a8ba4531925ade4c1972b3ba73d5ba61e6abd23b37b822fe09b0fd6c0d372a
f51938710e179807bbf1be9a1e9d7e3441fa74e7dfe9f46841914fb12ca7de3c
f583801e243272736819428a75533d0916049c0b75a539fe2f3283fd47284398
f58e9df92cbcef756019cadb6fbe89de4e1b0af3c84792d975b00d1372d1dd51
f940145d1097c70852b1c9f1d8439ac44967a36c5383b41e6874b0cd8e9a8373
faa2747e25388fae1a46fa4eb094150bc58b926f2fd646a980da0384c0272c25
fb107795f806d47e6b650d71731c36f73d8cbd24b212827afc36558eb22819a4
fb652eea7e8a6ed2f6a665324928abb32f2b366bd620c2b6e553145d6b3045a5
ffd2db86c38746f0ce92ed921eb5071041ccda66615f9d9094a5523bd9409892