www.undertheradarmag.com Open in urlscan Pro
207.38.94.32 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.undertheradarmag.com/news/premiere_enn_debut_new_video_for_catalyst
Effective URL:
https://www.undertheradarmag.com/news/premiere_enn_debut_new_video_for_catalyst
Submission: On September 06 via api (September 6th 2021, 12:01:01 am UTC) from IE

Summary HTTP 294 Redirects Links 28 Behaviour Indicators

Summary

This website contacted 65 IPs in 6 countries across 41 domains to perform 294 HTTP transactions. The main IP is 207.38.94.32, located in St Louis, United States and belongs to AS-30083-GO-DADDY-COM-LLC, US. The main domain is www.undertheradarmag.com.
TLS certificate: Issued by R3 on August 28th 2021. Valid for: 3 months.

This is the only time www.undertheradarmag.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
13	207.38.94.32 207.38.94.32	30083 (AS-30083-...) (AS-30083-GO-DADDY-COM-LLC)
7	35.227.203.93 35.227.203.93	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:811::200a	15169 (GOOGLE) (GOOGLE)
4	143.204.98.110 143.204.98.110	16509 (AMAZON-02) (AMAZON-02)
1	104.75.88.126 104.75.88.126	16625 (AKAMAI-AS) (AKAMAI-AS)
2	34.96.74.203 34.96.74.203	15169 (GOOGLE) (GOOGLE)
55	151.101.13.44 151.101.13.44	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:813::2008	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:828::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c08::9a	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:803::200e	15169 (GOOGLE) (GOOGLE)
1	18.200.89.34 18.200.89.34	16509 (AMAZON-02) (AMAZON-02)
7	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
1 3	13.32.121.17 13.32.121.17	16509 (AMAZON-02) (AMAZON-02)
5	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
1 4	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:801::2001	15169 (GOOGLE) (GOOGLE)
23	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2006	15169 (GOOGLE) (GOOGLE)
14	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
4	2a00:1450:400... 2a00:1450:4001:831::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2016	15169 (GOOGLE) (GOOGLE)
2	54.76.22.70 54.76.22.70	16509 (AMAZON-02) (AMAZON-02)
26	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
1	2a04:4e42:3::300 2a04:4e42:3::300	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
7 11	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
1	141.226.224.32 141.226.224.32	200478 (TABOOLA-AS) (TABOOLA-AS)
4	172.217.23.98 172.217.23.98	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:82f::2006	15169 (GOOGLE) (GOOGLE)
3 9	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
2 3	185.33.220.100 185.33.220.100	29990 (ASN-APPNEX) (ASN-APPNEX)
4	13.248.242.197 13.248.242.197	16509 (AMAZON-02) (AMAZON-02)
3	2600:1f18:612... 2600:1f18:612b:4232:edc2:aa62:52b8:50a9	14618 (AMAZON-AES) (AMAZON-AES)
6 7	185.94.180.125 185.94.180.125	35220 (SPOTX-AMS) (SPOTX-AMS)
3	18.195.239.175 18.195.239.175	16509 (AMAZON-02) (AMAZON-02)
2 3	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
2	184.31.88.106 184.31.88.106	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1288:80:... 2a00:1288:80:800::7000	203220 (YAHOO-DEB) (YAHOO-DEB)
2	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:809::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
3 3	23.37.42.132 23.37.42.132	16625 (AKAMAI-AS) (AKAMAI-AS)
6	104.109.78.125 104.109.78.125	16625 (AKAMAI-AS) (AKAMAI-AS)
3	116.202.48.214 116.202.48.214	24940 (HETZNER-AS) (HETZNER-AS)
1 4	138.201.63.165 138.201.63.165	24940 (HETZNER-AS) (HETZNER-AS)
2	104.111.230.142 104.111.230.142	16625 (AKAMAI-AS) (AKAMAI-AS)
1	18.159.16.69 18.159.16.69	16509 (AMAZON-02) (AMAZON-02)
4	185.94.180.123 185.94.180.123	35220 (SPOTX-AMS) (SPOTX-AMS)
1 2	185.86.137.17 185.86.137.17	201081 (SMARTADSE...) (SMARTADSERVER)
3	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
1 2	104.111.239.217 104.111.239.217	16625 (AKAMAI-AS) (AKAMAI-AS)
2 4	34.247.122.211 34.247.122.211	16509 (AMAZON-02) (AMAZON-02)
1 2	52.46.133.124 52.46.133.124	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1288:110... 2a00:1288:110:c305::8000	34010 (YAHOO-IRD) (YAHOO-IRD)
2 2	51.178.20.140 51.178.20.140	16276 (OVH) (OVH)
1	2606:4700:20:... 2606:4700:20::681a:ad1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2620:116:800d... 2620:116:800d:21:5a23:9c4e:e774:96c1	16509 (AMAZON-02) (AMAZON-02)
1	185.33.220.240 185.33.220.240	29990 (ASN-APPNEX) (ASN-APPNEX)
1	18.184.25.64 18.184.25.64	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:215... 2600:9000:2156:4c00:1a:7c92:efc0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	172.217.16.130 172.217.16.130	15169 (GOOGLE) (GOOGLE)
294	65

13 207.38.94.32 (St Louis, United States)

ASN30083 (AS-30083-GO-DADDY-COM-LLC, US)
PTR: web611.webfaction.com

www.undertheradarmag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 35.227.203.93 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 93.203.227.35.bc.googleusercontent.com

pymx5.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 143.204.98.110 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-110.fra50.r.cloudfront.net

static.solutionshindsight.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.75.88.126 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-88-126.deploy.static.akamaitechnologies.com

s7.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.96.74.203 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 203.74.96.34.bc.googleusercontent.com

api.pymx5.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

55 151.101.13.44 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
15.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vidstat.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
imprammp.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
wf.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2008 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c08::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:803::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.200.89.34 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-200-89-34.eu-west-1.compute.amazonaws.com

srv.clickfuse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.32.121.17 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-17.fra60.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:801::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

dd97950f1a8a919d39db5fcf83f03a78.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

am-trc-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
am-match.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
am-vid-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync-t1.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
am-wf.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:831::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.76.22.70 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-22-70.eu-west-1.compute.amazonaws.com

srv.tonemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:3::300 (United States)

ASN54113 (FASTLY, US)

pips.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 142.250.185.194 (United States) 7 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.224.32 (United States)

ASN200478 (TABOOLA-AS, IL)

cds.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.23.98 (United States)

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:82f::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2.18.234.21 (Frankfurt am Main, Germany) 3 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.33.220.100 (Amsterdam, Netherlands) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 399.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 13.248.242.197 (United States)

ASN16509 (AMAZON-02, US)
PTR: a97adde81b00f2ca4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:1f18:612b:4232:edc2:aa62:52b8:50a9 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

taboola-supply-partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 185.94.180.125 (Amsterdam, Netherlands) 6 redirects

ASN35220 (SPOTX-AMS, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.195.239.175 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-239-175.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.244.159.8 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 184.31.88.106 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-31-88-106.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:80:800::7000 (Frankfurt am Main, Germany)

ASN203220 (YAHOO-DEB, GB)

ads.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn2.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn1.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn0.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.37.42.132 (Frankfurt am Main, Germany) 3 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-42-132.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.109.78.125 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-109-78-125.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 116.202.48.214 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.214.48.202.116.clients.your-server.de

hal9000.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 138.201.63.165 (Hockenheim, Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.165.63.201.138.clients.your-server.de

hal90005.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.230.142 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-230-142.deploy.static.akamaitechnologies.com

video-ads.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.159.16.69 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-159-16-69.eu-central-1.compute.amazonaws.com

ads.adaptv.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.94.180.123 (Amsterdam, Netherlands)

ASN35220 (SPOTX-AMS, US)

search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.86.137.17 (France) 1 redirects

ASN201081 (SMARTADSERVER, FR)

www8.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.239.217 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-239-217.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.zenaps.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.247.122.211 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-247-122-211.eu-west-1.compute.amazonaws.com

ti.tradetracker.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.46.133.124 (Ashburn, United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:110:c305::8000 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.178.20.140 (France) 2 redirects

ASN16276 (OVH, FR)
PTR: ns31193670.ip-51-178-20.eu

gu.dyntrk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:ad1 (United States)

ASN13335 (CLOUDFLARENET, US)

ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:5a23:9c4e:e774:96c1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.33.220.240 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 717.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.184.25.64 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-184-25-64.eu-central-1.compute.amazonaws.com

optimized-by.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2156:4c00:1a:7c92:efc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.tradetracker.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.16.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f2.1e100.net

ade.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
71	taboola.com cdn.taboola.com trc.taboola.com 15.taboola.com am-trc-events.taboola.com vidstat.taboola.com images.taboola.com pips.taboola.com cds.taboola.com imprammp.taboola.com am-match.taboola.com wf.taboola.com am-vid-events.taboola.com sync-t1.taboola.com sync.taboola.com am-wf.taboola.com	1 MB
51	googlesyndication.com dd97950f1a8a919d39db5fcf83f03a78.safeframe.googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com ade.googlesyndication.com	346 KB
31	doubleclick.net 8 redirects stats.g.doubleclick.net securepubads.g.doubleclick.net googleads.g.doubleclick.net static.doubleclick.net googleads4.g.doubleclick.net cm.g.doubleclick.net	253 KB
15	rubiconproject.com 3 redirects secure-assets.rubiconproject.com eus.rubiconproject.com video-ads.rubiconproject.com token.rubiconproject.com optimized-by.rubiconproject.com	57 KB
13	undertheradarmag.com www.undertheradarmag.com	3 MB
12	gstatic.com fonts.gstatic.com www.gstatic.com encrypted-tbn2.gstatic.com encrypted-tbn1.gstatic.com encrypted-tbn0.gstatic.com	185 KB
11	spotxchange.com 6 redirects sync.search.spotxchange.com search.spotxchange.com	9 KB
10	youtube.com www.youtube.com	675 KB
9	casalemedia.com 3 redirects dsum-sec.casalemedia.com ssum.casalemedia.com ssum-sec.casalemedia.com	9 KB
9	2mdn.net s0.2mdn.net	715 KB
9	pymx5.com pymx5.com api.pymx5.com	200 KB
7	redintelligence.net 1 redirects hal9000.redintelligence.net hal90005.redintelligence.net	37 KB
7	googletagservices.com www.googletagservices.com	237 KB
6	tradetracker.net 2 redirects ti.tradetracker.net static.tradetracker.net	17 KB
5	ampproject.org cdn.ampproject.org	102 KB
5	google.com adservice.google.com www.google.com	14 KB
5	googleapis.com ajax.googleapis.com fonts.googleapis.com	58 KB
4	adsrvr.org match.adsrvr.org	1 KB
4	adnxs.com 2 redirects ib.adnxs.com secure.adnxs.com	3 KB
4	solutionshindsight.net static.solutionshindsight.net	6 KB
3	openx.net 2 redirects us-u.openx.net	735 B
3	bidswitch.net x.bidswitch.net	436 B
3	tremorhub.com taboola-supply-partners.tremorhub.com	547 B
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com	2 KB
2	dyntrk.com 2 redirects gu.dyntrk.com	850 B
2	amazon-adsystem.com 1 redirects s.amazon-adsystem.com	1 KB
2	smartadserver.com 1 redirects www8.smartadserver.com	1 KB
2	yahoo.com ads.yahoo.com pr-bh.ybp.yahoo.com	1 KB
2	teads.tv sync.teads.tv	344 B
2	tonemedia.com srv.tonemedia.com	2 KB
2	google-analytics.com 1 redirects ssl.google-analytics.com	17 KB
1	quantserve.com 1 redirects pixel.quantserve.com	510 B
1	ad4m.at ad4m.at
1	zenaps.com www.zenaps.com	704 B
1	awin1.com 1 redirects www.awin1.com	721 B
1	advertising.com ads.adaptv.advertising.com	554 B
1	ytimg.com i.ytimg.com	6 KB
1	ggpht.com yt3.ggpht.com	5 KB
1	google.de adservice.google.de	853 B
1	clickfuse.com srv.clickfuse.com	6 KB
1	addthis.com s7.addthis.com	813 B
294	41

	Domain	Requested by
26	tpc.googlesyndication.com	securepubads.g.doubleclick.net www.undertheradarmag.com dd97950f1a8a919d39db5fcf83f03a78.safeframe.googlesyndication.com cdn.ampproject.org googleads.g.doubleclick.net tpc.googlesyndication.com
24	images.taboola.com	www.undertheradarmag.com
19	pagead2.googlesyndication.com	dd97950f1a8a919d39db5fcf83f03a78.safeframe.googlesyndication.com www.googletagservices.com googleads.g.doubleclick.net tpc.googlesyndication.com www.undertheradarmag.com securepubads.g.doubleclick.net
15	cdn.taboola.com	www.undertheradarmag.com cdn.taboola.com
13	www.undertheradarmag.com	www.undertheradarmag.com
10	cm.g.doubleclick.net	7 redirects googleads.g.doubleclick.net
10	www.youtube.com	www.undertheradarmag.com www.youtube.com
9	s0.2mdn.net	dd97950f1a8a919d39db5fcf83f03a78.safeframe.googlesyndication.com www.undertheradarmag.com s0.2mdn.net
8	googleads.g.doubleclick.net	1 redirects www.youtube.com dd97950f1a8a919d39db5fcf83f03a78.safeframe.googlesyndication.com www.undertheradarmag.com
7	sync.search.spotxchange.com	6 redirects googleads.g.doubleclick.net
7	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net ssum.casalemedia.com
7	vidstat.taboola.com	cdn.taboola.com vidstat.taboola.com
7	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net www.undertheradarmag.com
7	www.googletagservices.com	www.undertheradarmag.com securepubads.g.doubleclick.net dd97950f1a8a919d39db5fcf83f03a78.safeframe.googlesyndication.com
7	pymx5.com	www.undertheradarmag.com pymx5.com
6	eus.rubiconproject.com	imprammp.taboola.com am-match.taboola.com eus.rubiconproject.com
5	cdn.ampproject.org	securepubads.g.doubleclick.net
5	am-trc-events.taboola.com	www.undertheradarmag.com cdn.taboola.com
5	trc.taboola.com	cdn.taboola.com www.undertheradarmag.com
5	dd97950f1a8a919d39db5fcf83f03a78.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
5	fonts.gstatic.com	www.youtube.com fonts.googleapis.com
4	ti.tradetracker.net	2 redirects www.undertheradarmag.com hal90005.redintelligence.net
4	search.spotxchange.com	vidstat.taboola.com
4	hal90005.redintelligence.net	1 redirects dd97950f1a8a919d39db5fcf83f03a78.safeframe.googlesyndication.com hal90005.redintelligence.net
4	match.adsrvr.org	imprammp.taboola.com am-match.taboola.com ssum.casalemedia.com
4	googleads4.g.doubleclick.net	googleads.g.doubleclick.net www.undertheradarmag.com
4	www.google.com	www.youtube.com securepubads.g.doubleclick.net dd97950f1a8a919d39db5fcf83f03a78.safeframe.googlesyndication.com tpc.googlesyndication.com
4	static.solutionshindsight.net	www.undertheradarmag.com srv.clickfuse.com static.solutionshindsight.net
4	fonts.googleapis.com	www.undertheradarmag.com securepubads.g.doubleclick.net dd97950f1a8a919d39db5fcf83f03a78.safeframe.googlesyndication.com hal90005.redintelligence.net
3	token.rubiconproject.com	eus.rubiconproject.com
3	hal9000.redintelligence.net	dd97950f1a8a919d39db5fcf83f03a78.safeframe.googlesyndication.com hal90005.redintelligence.net
3	secure-assets.rubiconproject.com	3 redirects
3	us-u.openx.net	2 redirects googleads.g.doubleclick.net
3	x.bidswitch.net	imprammp.taboola.com am-match.taboola.com
3	taboola-supply-partners.tremorhub.com	imprammp.taboola.com am-match.taboola.com
3	ib.adnxs.com	2 redirects googleads.g.doubleclick.net
3	sb.scorecardresearch.com	1 redirects cdn.taboola.com www.undertheradarmag.com
2	am-wf.taboola.com	vidstat.taboola.com
2	static.tradetracker.net	dd97950f1a8a919d39db5fcf83f03a78.safeframe.googlesyndication.com hal90005.redintelligence.net
2	gu.dyntrk.com	2 redirects
2	s.amazon-adsystem.com	1 redirects ssum.casalemedia.com
2	www8.smartadserver.com	1 redirects www.undertheradarmag.com
2	video-ads.rubiconproject.com	vidstat.taboola.com
2	encrypted-tbn1.gstatic.com	dd97950f1a8a919d39db5fcf83f03a78.safeframe.googlesyndication.com
2	encrypted-tbn2.gstatic.com	dd97950f1a8a919d39db5fcf83f03a78.safeframe.googlesyndication.com
2	sync.teads.tv	googleads.g.doubleclick.net
2	sync-t1.taboola.com	imprammp.taboola.com am-match.taboola.com
2	am-vid-events.taboola.com	www.undertheradarmag.com vidstat.taboola.com
2	wf.taboola.com	vidstat.taboola.com
2	am-match.taboola.com	vidstat.taboola.com
2	www.gstatic.com	www.youtube.com dd97950f1a8a919d39db5fcf83f03a78.safeframe.googlesyndication.com
2	srv.tonemedia.com	srv.clickfuse.com www.undertheradarmag.com
2	ssl.google-analytics.com	1 redirects www.undertheradarmag.com
2	api.pymx5.com	pymx5.com
1	ade.googlesyndication.com
1	optimized-by.rubiconproject.com	video-ads.rubiconproject.com
1	sync.taboola.com	ssum.casalemedia.com
1	secure.adnxs.com	ssum.casalemedia.com
1	pixel.quantserve.com	1 redirects
1	ad4m.at	ssum.casalemedia.com
1	pr-bh.ybp.yahoo.com	ssum.casalemedia.com
1	ssum-sec.casalemedia.com	ssum.casalemedia.com
1	www.zenaps.com	hal90005.redintelligence.net
1	www.awin1.com	1 redirects
1	ssum.casalemedia.com	am-match.taboola.com
1	ads.adaptv.advertising.com	vidstat.taboola.com
1	encrypted-tbn0.gstatic.com	dd97950f1a8a919d39db5fcf83f03a78.safeframe.googlesyndication.com
1	ads.yahoo.com	googleads.g.doubleclick.net
1	imprammp.taboola.com	vidstat.taboola.com
1	cds.taboola.com	cdn.taboola.com
1	pips.taboola.com	cdn.taboola.com
1	i.ytimg.com	www.youtube.com
1	yt3.ggpht.com	www.youtube.com
1	15.taboola.com	cdn.taboola.com
1	static.doubleclick.net	www.youtube.com
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	srv.clickfuse.com	www.undertheradarmag.com
1	stats.g.doubleclick.net	www.undertheradarmag.com
1	s7.addthis.com	www.undertheradarmag.com
1	ajax.googleapis.com	www.undertheradarmag.com
294	81

This site contains links to these domains. Also see Links.

Domain
facebook.com
twitter.com
under-radar-mag.tumblr.com
instagram.com
pinterest.com
www.addthis.com
theseniormag.com
popup.taboola.com
18c926.dzbnxjgqptt.com
tettybetty.com
triponmag.com
www.skipandgiggle.com
rfvtgb.crafthought.com
someoddpilot.com
methodtree.com
greedyfinance.com
factstherapy.com
rfvtgb.sizzlfy.com

Subject Issuer	Validity	Valid
undertheradarmag.com R3	`2021-08-28` - `2021-11-26`	3 months	crt.sh
*.pymx5.com Go Daddy Secure Certificate Authority - G2	`2020-09-10` - `2021-10-12`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-08-16` - `2021-11-08`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
solutionshindsight.net Amazon	`2021-02-19` - `2022-03-20`	a year	crt.sh
odc-addthis-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2021-04-25` - `2022-04-27`	a year	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-25` - `2021-12-26`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
srv.tonemedia.com Amazon	`2021-08-18` - `2022-09-16`	a year	crt.sh
*.scorecardresearch.com Amazon	`2021-02-28` - `2022-03-29`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
edgestatic.com GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-02-05` - `2022-02-09`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
*.tremorhub.com Amazon	`2021-06-27` - `2022-07-26`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2020-04-23` - `2022-05-04`	2 years	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh
teads.tv R3	`2021-08-23` - `2021-11-21`	3 months	crt.sh
*.search.spotxchange.com GeoTrust RSA CA 2018	`2021-04-08` - `2022-05-09`	a year	crt.sh
*.ads.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-08-16` - `2021-10-06`	2 months	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2021-04-01` - `2022-04-04`	a year	crt.sh
redintelligence.net R3	`2021-08-20` - `2021-11-18`	3 months	crt.sh
*.v.ssp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-05-24` - `2021-11-17`	6 months	crt.sh
*.spotxchange.com GeoTrust RSA CA 2018	`2021-03-10` - `2022-03-29`	a year	crt.sh
*.smartadserver.com DigiCert ECC Secure Server CA	`2020-01-30` - `2022-02-03`	2 years	crt.sh
www.awin1.com DigiCert SHA2 Secure Server CA	`2021-06-11` - `2022-06-16`	a year	crt.sh
*.tradetracker.net Amazon	`2020-12-20` - `2022-01-18`	a year	crt.sh
s.amazon-adsystem.com Amazon	`2021-07-14` - `2022-06-27`	a year	crt.sh
*.pbp.bf2.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-08-18` - `2021-11-17`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-08` - `2022-07-07`	a year	crt.sh

This page contains 29 frames:

Primary Page: https://www.undertheradarmag.com/news/premiere_enn_debut_new_video_for_catalyst
Frame ID: 0BA7C8FF4FBE74082EA96CA399F062BE
Requests: 122 HTTP requests in this frame

Frame: https://www.youtube.com/embed/6SEZ2Ei-_pY
Frame ID: 8DD67D2DA387D7A043D8E0F7F0DFF8CE
Requests: 19 HTTP requests in this frame

Frame: https://dd97950f1a8a919d39db5fcf83f03a78.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: FC4C742805880742C6ABF82F11509159
Requests: 1 HTTP requests in this frame

Frame: https://dd97950f1a8a919d39db5fcf83f03a78.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: FDD21CFFC026117E48AC67C8D9E56EB6
Requests: 17 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuVKDCgA9Bi7aLXGcA3cYcEwv7k7OS244cH_BAuL3lUZwUdYQrVrjs2CRltSL70Rue6oqMvWoNwxiJcaz5l_BfqFLC-nujaqihaTzAgabbBL0IK4j1hN1_PZtMX3QFfDNC55HBe_ovWLaQ9N2drHMSI00ftJuRSdcp84qHAWxSZ2yQgAVHqFll-7qOBB6ZNpmhn_oO-giG5JM7nmvKnjgu665FThZkAKGV0HcNGRbfAN81Runp_xjfHVX9obzLMTB8rpuEqeTWnSudwLjMSpv-eAwzZb4kkvLHv1qe7OXpecVZER6lyQRNSarPldSQ4ZwxrqLitoEEWwu8DIHeBrKIt&sai=AMfl-YSLdgX77E_7d6D_90gmeF1gVTP4UwDJwaUgKAwke9evvk24-nqrr1Opb2PEl1f3TRvzitTky0PNcDMNfmDp3vrsxQD1thCF25RRUuWBgBj0yGcZsCgYvOIOG-JfEjg&sig=Cg0ArKJSzLlg4GZWuHB8EAE&adurl=
Frame ID: 778623043980CB44E668AFD8982160DF
Requests: 9 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012108170213000/amp4ads-v0.mjs
Frame ID: 73C95C40A0FF79549F015A3927BB3CD1
Requests: 16 HTTP requests in this frame

Frame: https://dd97950f1a8a919d39db5fcf83f03a78.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 63CDBD2EF56B6DF9EB41A95E63F1FEAF
Requests: 14 HTTP requests in this frame

Frame: https://dd97950f1a8a919d39db5fcf83f03a78.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 1A276AD003D23FA51521F278B6724E6B
Requests: 13 HTTP requests in this frame

Frame: https://dd97950f1a8a919d39db5fcf83f03a78.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: C38CA7C2DD4E7C234049B8622480715D
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLb2ugIQprG8AhiLx82yATAB&v=APEucNXvf4miklWajBg53HjduLfiBHNMFV9jsioDBHBysWrJMtHeg5Gkv7MBRXyaPzNexpzack9x3HndG0Iv8Rt-JPTIV3yVNzJS2P3OfHNqD0p9XLr2KPnJyD6yvVljDqIBEEx8RMCbl7uoBonOrakR2B3l1Cb0jNwxE_X3gArfpyrotiGkqYA
Frame ID: 8184C6755696FA2524D4BC9F3B00ACB7
Requests: 5 HTTP requests in this frame

Frame: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=7997047&crid=5479985&dast=V7f9ACFgMIKlgGtjzDhwQIKlgGtjzDhwUAAAAGBvQHGsHYTZaD0W5D2S2Gg8FuMpttJovlcrYbAkcwdpPlYLTbUHaL4WCwm6wWk9VuORyNhqMpfBjLZTKoBRKW2e87KCinp8fsMoiKrrfF7nCaPW94QtPp8Lnu9brf7666m1yW09FleZgclrfDZ9f43X65y_f5Cy4vt9Nleflbdru_5LK4Tv-6y_evPU0uv7_mt_w7DtPD7Pyc7gAAAADwADDlGQPxAwgAEAEAAAAgAQAAAEARUPFvIXABAAAAgAFwoFehAUDJcYAOh-XscvsDAOBBAQQAQACDBECAM7AEYENz8QQAAAAAAAAAgOX___8_BkDP4E4GIIQvswfgwQfggaigsogRAAAAwCfMDcHRpE6oLKoAAAjSrQCuAAAC9nDP8G3DAAAABMYW6GHx-80Ou8bvdhkAAAAAAAAAgNn_2T-aUJReeBrQ5LWC2i8gAMDaLyAAAJu6AQC8CcAFHUErBoPVBcTsAAAAAO7-____9UBqtBy5bMaZZWXaDIcT22azWM4WlsXKOVvMXLOJ9wxpp1otxIrx-0KEZfb7DgrK6ekxuwyiouttsTucZs9BfNAwLCeDYH4TthitJpPNcjhbLiaD4Wg4Gu1PICcDnIjBcjmZLCa71Wg12gx3o9lggQIxmCBFiwaT1Wg0WUyGq9FkNVsudrsNUrRqNRttBsPVbDLb7VbDwXA5GuGELUaryWSzHM6Wi8lgOBqORkOEEc9s4zDsNm7dwuJci2bGyVo58RjWGt_GOVxOXDbjbuUWvT6m42RlsjkXXhQMSNqL4CKdqO4ml-V0dFkeJoflIpZoThbpRHbZt0bLkctmnFlWps1wOLFtNovlbGFZrJyzxcw1m_grntnGYdht3LqFxbkWzYyTtXLiMaw1vo1zuJy4bMbdyi16fUzHycpkcy78jdlmMBzORpPZvjHbDIbD2Wgy23foDN_V52wUB8Xljk6s3I173pj5oHAZLN7f0SKN3Xozo8o2tlhUt2HON7EK_X6_3-_3-_1-v3djNngMBsPQmRBNp9bXTxsWfzfeg0ERSwSni3QiehlPF7FE8rRIJ6rhajVbjZwzw2iz2ngWrsFqZjFONjOLzbRyLScWsURpukgnernL9_kLLi-302V5-Vt2u7_ksrhO_7rL9689TS6_v-a3_DsO08Ps_Jwu6j8uxGo5Fw3nqtVctEoAAAAAAAAAAEuYM28CAAAAcBrEbrHY7JYL8PAHrwsMAgAAAAAAsLvCppm_mtw_UNz4cUPdTS7L6eiyPEwOy5k3eyaItVotawAAAAFsAACAAG7dvAWcSHI!&cmcv=&pix=undefined&cb=1630886431133&uv=3014&tms=1630886431133&abt=aat1_vA!adh5c-1_vA!smbs!spa2_vA!t45!ufm_vD!vzr_vB&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=A1729047C27180072663219967&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Frame ID: 6EB59F78DEDD6BB0B0CF16D9C36AB3BA
Requests: 5 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V7f9ACFgMIKlgGtjzDhwQIKlgGtjzDhwUAAAAGBvQHGsHYTZaD0W5D2S2Gg8FuMpttJovlcrYbAkcwdpPlYLTbUHaL4WCwm6wWk9VuORyNhqMpfBjLZTKoBRKW2e87KCinp8fsMoiKrrfF7nCaPW94QtPp8Lnu9brf7666m1yW09FleZgclrfDZ9f43X65y_f5Cy4vt9Nleflbdru_5LK4Tv-6y_evPU0uv7_mt_w7DtPD7Pyc7gAAAADwADDlGQPxAwgAEAEAAAAgAQAAAEARUPFvIXABAAAAgAFwoFehAUDJcYAOh-XscvsDAOBBAQQAQACDBECAM7AEYENz8QQAAAAAAAAAgOX___8_BkDP4E4GIIQvswfgwQfggaigsogRAAAAwCfMDcHRpE6oLKoAAAjSrQCuAAAC9nDP8G3DAAAABMYW6GHx-80Ou8bvdhkAAAAAAAAAgNn_2T-aUJReeBrQ5LWC2i8gAMDaLyAAAJu6AQC8CcAFHUErBoPVBcTsAAAAAO7-____9UBqtBy5bMaZZWXaDIcT22azWM4WlsXKOVvMXLOJ9wxpp1otxIrx-0KEZfb7DgrK6ekxuwyiouttsTucZs9BfNAwLCeDYH4TthitJpPNcjhbLiaD4Wg4Gu1PICcDnIjBcjmZLCa71Wg12gx3o9lggQIxmCBFiwaT1Wg0WUyGq9FkNVsudrsNUrRqNRttBsPVbDLb7VbDwXA5GuGELUaryWSzHM6Wi8lgOBqORkOEEc9s4zDsNm7dwuJci2bGyVo58RjWGt_GOVxOXDbjbuUWvT6m42RlsjkXXhQMSNqL4CKdqO4ml-V0dFkeJoflIpZoThbpRHbZt0bLkctmnFlWps1wOLFtNovlbGFZrJyzxcw1m_grntnGYdht3LqFxbkWzYyTtXLiMaw1vo1zuJy4bMbdyi16fUzHycpkcy78jdlmMBzORpPZvjHbDIbD2Wgy23foDN_V52wUB8Xljk6s3I173pj5oHAZLN7f0SKN3Xozo8o2tlhUt2HON7EK_X6_3-_3-_1-v3djNngMBsPQmRBNp9bXTxsWfzfeg0ERSwSni3QiehlPF7FE8rRIJ6rhajVbjZwzw2iz2ngWrsFqZjFONjOLzbRyLScWsURpukgnernL9_kLLi-302V5-Vt2u7_ksrhO_7rL9689TS6_v-a3_DsO08Ps_Jwu6j8uxGo5Fw3nqtVctEoAAAAAAAAAAEuYM28CAAAAcBrEbrHY7JYL8PAHrwsMAgAAAAAAsLvCppm_mtw_UNz4cUPdTS7L6eiyPEwOy5k3eyaItVotawAAAAFsAACAAG7dvAWcSHI!&excid=22&docw=0&cijs=1&nlb=true
Frame ID: 65121B63D9A759E41BB9EAC1570ACE68
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsY1Z21PTAB&v=APEucNU2oGfYbiY5c6cyqR08XbD5C2PpC7JVneT7HnGx2O3SrJQT2kXyUuV39kMfAYmD8tQQZ-K2JWbKUNV4GA0Uspy0YeVdYJsXcQ8Uea8KIEViebzrqFs47BwSrtU2gAFYc8kLbEeT_tIvtCP2BySwMw-2c8UmVWzT1AqoGZDQKlhwcUw87pk
Frame ID: C8A005220BF80AF4ABC640A646A51DE3
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMX_6gIQ4aTvAhi7392sATAB&v=APEucNUfqWPyKDX0HqjEV7yFACK0tRLFxFJMwlU5Ol9MPllwDAs9aV5DIuDgku2fNFlini91CDDeeuE4EcwbH3t2jKFrxyE6iI0Ox0-maI7RKOSiFpmgV8JQCOgPa0gG46YXGcuh25PuxHZgc8VaIEay9XaSYwNwN7mUVhOBdrQZg3yvHXr4xvE
Frame ID: 42C3B7759FECC24216FA64247D4B7E8D
Requests: 4 HTTP requests in this frame

Frame: https://s0.2mdn.net/9957158/1622818134107/Template_160x600/index.html
Frame ID: A12688EFBAE7A212E124F925D06337B6
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 6F40CD010F13FD7704952E4B94729BBC
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: F93F132A96EEFC2CF8377FCFEC1E153A
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Frame ID: BF17958E27383113EE29211723D7497B
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Frame ID: 0D1D10A19FD6573EB444BAD63AB46515
Requests: 3 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V7f9ACFgMIKlgGtjzDhwQIKlgGtjzDhwUAAAAGBvQHGsHYTZaD0W5D2S2Gg8FuMpttJovlcrYbAkcwdpPlYLTbUHaL4WCwm6wWk9VuORyNhqMpfBjLZTKoBRKW2e87KCinp8fsMoiKrrfF7nCaPW94QtPp8Lnu9brf7666m1yW09FleZgclrfDZ9f43X65y_f5Cy4vt9Nleflbdru_5LK4Tv-6y_evPU0uv7_mt_w7DtPD7Pyc7gAAAADwADDlGQPxAwgAEAEAAAAgAQAAAEARUPFvIXABAAAAgAFwoFehAUDJcYAOh-XscvsDAOBBAQQAQACDBECAM7AEYENz8QQAAAAAAAAAgOX___8_BkDP4E4GIIQvswfgwQfggaigsogRAAAAwCfMDcHRpE6oLKoAAAjSrQCuAAAC9nDP8G3DAAAABMYW6GHx-80Ou8bvdhkAAAAAAAAAgNn_2T-aUJReeBrQ5LWC2i8gAMDaLyAAAJu6AQC8CcAFHUErBoPVBcTsAAAAAO7-____9UBqtBy5bMaZZWXaDIcT22azWM4WlsXKOVvMXLOJ9wxpp1otxIrx-0KEZfb7DgrK6ekxuwyiouttsTucZs9BfNAwLCeDYH4TthitJpPNcjhbLiaD4Wg4Gu1PICcDnIjBcjmZLCa71Wg12gx3o9lggQIxmCBFiwaT1Wg0WUyGq9FkNVsudrsNUrRqNRttBsPVbDLb7VbDwXA5GuGELUaryWSzHM6Wi8lgOBqORkOEEc9s4zDsNm7dwuJci2bGyVo58RjWGt_GOVxOXDbjbuUWvT6m42RlsjkXXhQMSNqL4CKdqO4ml-V0dFkeJoflIpZoThbpRHbZt0bLkctmnFlWps1wOLFtNovlbGFZrJyzxcw1m_grntnGYdht3LqFxbkWzYyTtXLiMaw1vo1zuJy4bMbdyi16fUzHycpkcy78jdlmMBzORpPZvjHbDIbD2Wgy23foDN_V52wUB8Xljk6s3I173pj5oHAZLN7f0SKN3Xozo8o2tlhUt2HON7EK_X6_3-_3-_1-v3djNngMBsPQmRBNp9bXTxsWfzfeg0ERSwSni3QiehlPF7FE8rRIJ6rhajVbjZwzw2iz2ngWrsFqZjFONjOLzbRyLScWsURpukgnernL9_kLLi-302V5-Vt2u7_ksrhO_7rL9689TS6_v-a3_DsO08Ps_Jwu6j8uxGo5Fw3nqtVctEoAAAAAAAAAAEuYM28CAAAAcBrEbrHY7JYL8PAHrwsMAgAAAAAAsLvCppm_mtw_UNz4cUPdTS7L6eiyPEwOy5k3eyaItVotawAAAAFsAACAAG7dvAWcSHI!&excid=22&docw=0&cijs=1&nlb=true
Frame ID: 76689142C3CCC5584024CBC34289794A
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 16F05D740921A5C36C7B71EC764D3B2F
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Frame ID: F32E8B7B8C6B1D867C92C86075B2B562
Requests: 3 HTTP requests in this frame

Frame: https://ssum.casalemedia.com/usermatch?gdpr=1&s=183756&us_privacy=1---&cb=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fcasale-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%5Bpartner_user_id%5D%26orig%3Dvideo%26us_privacy%3D1---
Frame ID: 9B8E3CE33FDF4A84B7D7737FCA6D4925
Requests: 10 HTTP requests in this frame

Frame: https://video-ads.rubiconproject.com/video/bridge-31034.js
Frame ID: 71C00CD6C749D8DD22BACB58FAAD43EB
Requests: 2 HTTP requests in this frame

Frame: https://www.zenaps.com/cshow.php?pvr=7738b300-0ea5-11ec-a5f3-692d0d349c1f&v=8508&r=235229&q=413151&s=2882174&viewref=88142800007345000719590011709005&pv=1
Frame ID: B8E3FC2915C206626E51353B8CF5997F
Requests: 1 HTTP requests in this frame

Frame: https://hal90005.redintelligence.net/request_content.php?s=88142800007345000719590011709005&a=9b2a2f8f
Frame ID: 083E1EF967E9C6D0667A97A64FA5DC4C
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 86673A282FA01147041BD9B4EF8CECAC
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: DBBD66AAD74D08B4A2B0825A49A739DB
Requests: 1 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V7f9ACFgMIKlgGtjzDhwQIKlgGtjzDhwUAAAAGBvQHGsHYTZaD0W5D2S2Gg8FuMpttJovlcrYbAkcwdpPlYLTbUHaL4WCwm6wWk9VuORyNhqMpfBjLZTKoBRKW2e87KCinp8fsMoiKrrfF7nCaPW94QtPp8Lnu9brf7666m1yW09FleZgclrfDZ9f43X65y_f5Cy4vt9Nleflbdru_5LK4Tv-6y_evPU0uv7_mt_w7DtPD7Pyc7gAAAADwADDlGQPxAwgAEAEAAAAgAQAAAEARUPFvIXABAAAAgAFwoFehAUDJcYAOh-XscvsDAOBBAQQAQACDBECAM7AEYENz8QQAAAAAAAAAgOX___8_BkDP4E4GIIQvswfgwQfggaigsogRAAAAwCfMDcHRpE6oLKoAAAjSrQCuAAAC9nDP8G3DAAAABMYW6GHx-80Ou8bvdhkAAAAAAAAAgNn_2T-aUJReeBrQ5LWC2i8gAMDaLyAAAJu6AQC8CcAFHUErBoPVBcTsAAAAAO7-____9UBqtBy5bMaZZWXaDIcT22azWM4WlsXKOVvMXLOJ9wxpp1otxIrx-0KEZfb7DgrK6ekxuwyiouttsTucZs9BfNAwLCeDYH4TthitJpPNcjhbLiaD4Wg4Gu1PICcDnIjBcjmZLCa71Wg12gx3o9lggQIxmCBFiwaT1Wg0WUyGq9FkNVsudrsNUrRqNRttBsPVbDLb7VbDwXA5GuGELUaryWSzHM6Wi8lgOBqORkOEEc9s4zDsNm7dwuJci2bGyVo58RjWGt_GOVxOXDbjbuUWvT6m42RlsjkXXhQMSNqL4CKdqO4ml-V0dFkeJoflIpZoThbpRHbZt0bLkctmnFlWps1wOLFtNovlbGFZrJyzxcw1m_grntnGYdht3LqFxbkWzYyTtXLiMaw1vo1zuJy4bMbdyi16fUzHycpkcy78jdlmMBzORpPZvjHbDIbD2Wgy23foDN_V52wUB8Xljk6s3I173pj5oHAZLN7f0SKN3Xozo8o2tlhUt2HON7EK_X6_3-_3-_1-v3djNngMBsPQmRBNp9bXTxsWfzfeg0ERSwSni3QiehlPF7FE8rRIJ6rhajVbjZwzw2iz2ngWrsFqZjFONjOLzbRyLScWsURpukgnernL9_kLLi-302V5-Vt2u7_ksrhO_7rL9689TS6_v-a3_DsO08Ps_Jwu6j8uxGo5Fw3nqtVctEoAAAAAAAAAAEuYM28CAAAAcBrEbrHY7JYL8PAHrwsMAgAAAAAAsLvCppm_mtw_UNz4cUPdTS7L6eiyPEwOy5k3eyaItVotawAAAAFsAACAAG7dvAWcSHI!&excid=22&docw=0&cijs=1&nlb=true
Frame ID: 6E5B1C25EA439479E5EF73246251D2A6
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Premiere: ĠENN Debut New Video For “Catalyst” | Under The Radar MagazineUnder the Radar | Music Blog for the Indie Music MagazineGroup 3Group 3Group 3Group 3

Page Statistics

294
Requests

98 %
HTTPS

46 %
IPv6

41
Domains

81
Subdomains

65
IPs

6
Countries

7553 kB
Transfer

13373 kB
Size

0
Cookies

28 Outgoing links

These are links going to different origins than the main page.

URL: https://facebook.com/UnderTheRadarMagazine

Search URL Search Domain Scan URL

URL: https://twitter.com/Under_Radar_Mag

Search URL Search Domain Scan URL

URL: https://under-radar-mag.tumblr.com/

Search URL Search Domain Scan URL

URL: https://instagram.com/undertheradarmag

Search URL Search Domain Scan URL

URL: https://pinterest.com/underradarmag/

Search URL Search Domain Scan URL

URL: http://www.addthis.com/bookmark.php?v=20

Search URL Search Domain Scan URL

URL: https://theseniormag.com/7-astounding-facts-about-arthritis-that-most-people-dont-know/?utm_source=taboola_8557719&utm_term=undertheradar_1015792&utm_content=2969780719&utm_medium=GiAP_mRDPDUOIjULQ9Zj2T1EKGVdjWni7HrK9IFK9Pl35SDqvlEom8jMz775l4ypAQ&utm_campaign=FactsArthritis-WW-DTM-TSM-TB#tblciGiAP_mRDPDUOIjULQ9Zj2T1EKGVdjWni7HrK9IFK9Pl35SDqvlEom8jMz775l4ypAQ
Title: TheSeniorMag.com

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/en/?template=colorbox&utm_source=undertheradar&utm_medium=referral&utm_content=thumbs-feed-01:Below%20Article%20Thumbnails%20|%20Card%201:
Title: Sponsored

Search URL Search Domain Scan URL

URL: https://18c926.dzbnxjgqptt.com/?subid3=38357_Taboola_Tonic_DentalImplants_Laia_NL&subid1=undertheradar&subid2=taboola&subid4=2945211190&network=taboola&site=undertheradar&adtitle=De+kosten+van+tand+Implantaten+in+Haarlem+zullen+u+verrassen#tblciGiAP_mRDPDUOIjULQ9Zj2T1EKGVdjWni7HrK9IFK9Pl35SDA5UQo-57ct4rW6cfFAQ
Title: Tandheelkundig Implantaat | Zoek Advertenties

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/en/?template=colorbox&utm_source=undertheradar&utm_medium=referral&utm_content=thumbs-feed-01-a:Below%20Article%20Thumbnails%20|%20Card%202:
Title: Sponsored

Search URL Search Domain Scan URL

URL: https://tettybetty.com/after-she-was-asked-to-cater-sh/?utm_source=taboola-dx&utm_campaign=dx-ww-a-ttb-cateren-all-250421-c346&utm_medium=tb9961420_1015792&utm_term=undertheradar&click_id=GiAP_mRDPDUOIjULQ9Zj2T1EKGVdjWni7HrK9IFK9Pl35SDEmVAonLnI9MPOrIGEAQ&cpc=0.002
Title: TettyBetty

Search URL Search Domain Scan URL

URL: https://triponmag.com/23-the-most-beautiful-beaches-in-the-world/?utm_source=taboola_2402742&utm_term=undertheradar_1015792&utm_content=244512494&utm_medium=GiAP_mRDPDUOIjULQ9Zj2T1EKGVdjWni7HrK9IFK9Pl35SCLhUYo6tvnr9mU_8LSAQ&utm_campaign=Beaches-WW-DTM-TOM-TB#tblciGiAP_mRDPDUOIjULQ9Zj2T1EKGVdjWni7HrK9IFK9Pl35SCLhUYo6tvnr9mU_8LSAQ
Title: TripOnMag.com

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/en/?template=colorbox&utm_source=undertheradar&utm_medium=referral&utm_content=thumbs-feed-01:Below%20Article%20Thumbnails%20|%20Card%203:
Title: Sponsored

Search URL Search Domain Scan URL

URL: http://www.skipandgiggle.com/jaw-dropping-luxury-cars-of-the-rich-and-famous/?utm_source=taboola&utm_medium=cpc&utm_term=undertheradar&utm_campaign=3252690&utm_campaign_widget=3252690-undertheradar#tblciGiAP_mRDPDUOIjULQ9Zj2T1EKGVdjWni7HrK9IFK9Pl35SDw1D4okuaW4armmfkO
Title: Skip and Giggle

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/en/?template=colorbox&utm_source=undertheradar&utm_medium=referral&utm_content=thumbs-feed-01-a:Below%20Article%20Thumbnails%20|%20Card%204:
Title: Sponsored

Search URL Search Domain Scan URL

URL: https://rfvtgb.crafthought.com/worldwide/mean-girls-parking-spot-ta?utm_campaign=t-ct-parking-spot-s-d-ww-310821x&utm_medium=taboola&utm_source=taboola&utm_term=undertheradar
Title: Crafthought

Search URL Search Domain Scan URL

URL: https://twitter.com/under_radar_mag

Search URL Search Domain Scan URL

URL: http://someoddpilot.com/
Title: Someoddpilot

Search URL Search Domain Scan URL

URL: http://methodtree.com/
Title: Methodtree, Inc.

Search URL Search Domain Scan URL

URL: https://greedyfinance.com/index.php/nl/2021/05/19/moeder-verkoopt-babybedje-dan-komt-de-koper-terug-en-zegt-dat-ze-in-de-wieg-moet-kijken/?utm_source=tab-10456593&utm_medium=1015792&utm_term=taboola
Title: Trendscatchers

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/en/?template=colorbox&utm_source=undertheradar&utm_medium=referral&utm_content=thumbs-feed-01-y-delta:Explore%20More%20|%20Card%203:
Title: Sponsored

Search URL Search Domain Scan URL

URL: http://www.skipandgiggle.com/this-man-trekked-through-harsh-jungles-to-find-a-missing-link-from-history/?utm_content=P1447-T2-plane-missing&utm_source=taboola&utm_medium=cpc&utm_term=undertheradar&utm_campaign=8361939&utm_campaign_widget=8361939-undertheradar#tblciGiAP_mRDPDUOIjULQ9Zj2T1EKGVdjWni7HrK9IFK9Pl35SDw1D4o45zc6faT0_-wAQ
Title: Skip and Giggle

Search URL Search Domain Scan URL

URL: https://factstherapy.com/nl/40-jaar-zussen/?utm_source=taboola&utm_campaign=DK_TB_NL_40Years_Desk_SC1&utm_medium=undertheradar&utm_content=3015658608&tblci=GiAP_mRDPDUOIjULQ9Zj2T1EKGVdjWni7HrK9IFK9Pl35SCGwk8o65WN3ff5rZo9#tblciGiAP_mRDPDUOIjULQ9Zj2T1EKGVdjWni7HrK9IFK9Pl35SCGwk8o65WN3ff5rZo9
Title: Facts Therapy

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/en/?template=colorbox&utm_source=undertheradar&utm_medium=referral&utm_content=thumbs-feed-01-y-em-delta:Explore%20More%20|%20Card%205:
Title: Sponsored

Search URL Search Domain Scan URL

URL: https://rfvtgb.sizzlfy.com/worldwide/loggers-hollow-tree-ta?utm_campaign=t-sf-loggers-cut-s-d-ww-271020&utm_medium=taboola&utm_source=taboola&utm_term=undertheradar
Title: Sizzlfy

Search URL Search Domain Scan URL

URL: https://theseniormag.com/7-astounding-facts-about-arthritis-that-most-people-dont-know/?utm_source=taboola_8557719&utm_term=undertheradar_1015792&utm_content=2969780719&utm_medium=GiAP_mRDPDUOIjULQ9Zj2T1EKGVdjWni7HrK9IFK9Pl35SDqvlEoq5nf4_q-nIPTAQ&utm_campaign=FactsArthritis-WW-DTM-TSM-TB#tblciGiAP_mRDPDUOIjULQ9Zj2T1EKGVdjWni7HrK9IFK9Pl35SDqvlEoq5nf4_q-nIPTAQ
Title: TheSeniorMag.com

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/en/?template=colorbox&utm_source=undertheradar&utm_medium=referral&utm_content=thumbs-reminder-a:Taboola%20Reminder:
Title: Sponsored

Search URL Search Domain Scan URL

URL: https://18c926.dzbnxjgqptt.com/?subid3=38357_Taboola_Tonic_DentalImplants_Laia_NL&subid1=undertheradar&subid2=taboola&subid4=2945211190&network=taboola&site=undertheradar&adtitle=De+kosten+van+tand+Implantaten+in+Haarlem+zullen+u+verrassen#tblciGiAP_mRDPDUOIjULQ9Zj2T1EKGVdjWni7HrK9IFK9Pl35SDA5UQo-5Gkve-8iO-xAQ
Title: Tandheelkundig Implantaat | Zoek Advertenties

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 24

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=826808942&utmhn=www.undertheradarmag.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Premiere%3A%20%C4%A0ENN%20Debut%20New%20Video%20For%20%E2%80%9CCatalyst%E2%80%9D%20%7C%20Under%20The%20Radar%20Magazine&utmhid=1301169597&utmr=-&utmp=%2Fnews%2Fpremiere_enn_debut_new_video_for_catalyst&utmht=1630886423783&utmac=UA-7749100-1&utmcc=__utma%3D218175837.1078887494.1630886424.1630886424.1630886424.1%3B%2B__utmz%3D218175837.1630886424.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1274187665&utmredir=1&utmu=DAAAAAAAAAAAAAAAAAAAAAAE~ HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-7749100-1&cid=1078887494.1630886424&jid=1274187665&_v=5.7.2&z=826808942

Request Chain 45

https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&ns__t=1630886425497&ns_c=UTF-8&cv=3.5&c8=Premiere%3A%20%C4%A0ENN%20Debut%20New%20Video%20For%20%E2%80%9CCatalyst%E2%80%9D%20%7C%20Under%20The%20Radar%20Magazine&c7=https%3A%2F%2Fwww.undertheradarmag.com%2Fnews%2Fpremiere_enn_debut_new_video_for_catalyst%23&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1630886425497&ns_c=UTF-8&cv=3.5&c8=Premiere%3A%20%C4%A0ENN%20Debut%20New%20Video%20For%20%E2%80%9CCatalyst%E2%80%9D%20%7C%20Under%20The%20Radar%20Magazine&c7=https%3A%2F%2Fwww.undertheradarmag.com%2Fnews%2Fpremiere_enn_debut_new_video_for_catalyst%23&c9=

Request Chain 52

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Request Chain 188

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKbWWqxVF4gx9gtDuVRDswg&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKbWWqxVF4gx9gtDuVRDswg&google_cver=1&C=1

Request Chain 189

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YTVaIwIiGbEkGsvVuA33tQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKbWWqxVF4gx9gtDuVRDswg&google_cver=1

Request Chain 190

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEIG1s3UmINOcdJb8LYchyIY&google_cver=1

Request Chain 191

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTA0MjE5ODA1ODU4NDAyMTc0NA%3D%3D

Request Chain 194

https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26 HTTP 302
https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=75338f33-0ea5-11ec-be27-15758c630306 HTTP 302
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=755b1a9b-0ea5-11ec-ac43-124172220106&orig=video&us_privacy=1---gdpr=1&

Request Chain 198

https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26 HTTP 302
https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=7533d33b-0ea5-11ec-85d9-1ac857eb0206 HTTP 302
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=755b1a9b-0ea5-11ec-ac43-124172220106&orig=video&us_privacy=1---gdpr=1&

Request Chain 200

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEGwng-70FXsBO9OIhw7Bi4o&google_cver=1

Request Chain 201

https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NDdlOTk3YjktZjgxYS0yOWM1LWYwNzktZjNmOWVjMzZkNTU3

Request Chain 202

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
https://sync.teads.tv/um?eid=3&uid=CAESEIH2x1TKLWAFFDEaxrvCZ64&google_cver=1

Request Chain 204

https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEOELsIFlIjZ6n58J6aYv11M&google_cver=1

Request Chain 205

https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID&__user_check__=1&sync_id=755b1ae1-0ea5-11ec-ac43-124172220106 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=NzU1YjFhOWItMGVhNS0xMWVjLWFjNDMtMTI0MTcyMjIwMTA2

Request Chain 219

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?gdpr=1&p=15414&us_privacy=1---&endpoint= HTTP 301
https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=

Request Chain 220

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?gdpr=1&p=15414&us_privacy=1---&endpoint= HTTP 301
https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=

Request Chain 231

https://hal90005.redintelligence.net/request.php?zone=5imww12akvzn&nw=20&renderingType=javascript&namespace=d9ceeee733&subid=&uid=a9cbf5e4a807924d&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCEKU0Glo1YZncCtqKrASx15KoBuKw3PBfnonW-4kL8C4QASDqu74PYJGEgID8F8gBCakCt872iB_usz6oAwGqBNsBT9BllFVg5mUbJjqJbQl3JtV5AauOh_FfeTrCZHpAb9m5Gl93YD-wULRcIoyuoq8ftA80IeQs6a8foLPBV_EgNlfFHRO5Txi4Ml-xOCQnb0CJnujQClsWJ5yqu48dSCBtp144gj6rtP3uFGF27Eo14t10T50839ymIF75dqtwzPrjNg7Go7EtAnit-B8SIchwKhvaII1ES4eGnxp13j0l-JBLZZZxScMx_Fv4_O8Y0lCQPjpZu_JMFh7dTu_sjxQNLawtnC_o_2ghq-_yIa5pWK3oWLEoiXPWo_yowATb87331AHgBAOQBgGgBk2AB-vn6F6oB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiI4YAQEAEYHYAKAZgLAcgLAYAMAbATtda5DNATANgTA4gUAdgUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASFeRokUELHibDCAp6Gjl3MOYpBCCs7Q%26sig%3DAOD64_3Ht95Army6_Oz-juF4ugDCyB0E6g%26client%3Dca-pub-7213021641226731%26dbm_c%3DAKAmf-Brfs9Ug7meHokj6WwP5nqzJS0vff0kCtg8V-uYp2_DJUX96c9ld7yLoKs1dGVxsFZsd_jeebZS751MlL1MKKdg0jGRc_vXXODSY8h186PgccCGdx1iy5G3UApFtmOGpQT6c04Ur_5MsSRBgzKFrMUUU--Vpg%26cry%3D1%26dbm_d%3DAKAmf-CbTdYYDYjYVpz7RaY8lK2k5cSJ9PhcXhXFgogVMIEiGhQytC9f-m_31qQNR_x8Bmh9uOb_8vn6h5gdn5xIBTD0WIb_C-QypGvut-SrSuRDpgmRxb5LjCFKd5VnTtn3BWeVz3vG_mZZPG2fLN-sPEqavvxiPBodmpu9NhSzjjBIOpFZNUFE-p-nEmL3xf1t4cX0E2vPnuROYnZpC_0j6y23phiS8C8AuJV_0ummdCxgbMX14vwebMM6Ffc8g_uWQGlX6R-tB3Yvy9bkKtMFV92XwCoKgs0tvwkaewST_EwTP1jcv6R0Dw0CPojcO3pEzWl2bw2MX2sDTjfPPpCtBMM8zVlZKnd-jjSE-1rcbNVFbR42xQ_3udC4cN1uFzhN_a9RFjv9yM8ptj61Smwb-On56iczrleEqN7UtfdrrwzDIMq5_3k74JBpYpMzRZtOwkHC5fLqMG-J7iIQNygbmyiBYEhLztdk8nn7VG91VxqBLQ0C_NCKy6QtZ10x7wT4hPg8G7-BuUGahKxuxdGVMfkT8mHT8A%26adurl%3D&documentReferer=https%3A%2F%2Fwww.undertheradarmag.com%2F&ancestorOrigins=https%3A%2F%2Fwww.undertheradarmag.com&random=3735855567631&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
https://hal90005.redintelligence.net/request.php?zone=5imww12akvzn&nw=20&renderingType=javascript&namespace=d9ceeee733&subid=&uid=a9cbf5e4a807924d&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCEKU0Glo1YZncCtqKrASx15KoBuKw3PBfnonW-4kL8C4QASDqu74PYJGEgID8F8gBCakCt872iB_usz6oAwGqBNsBT9BllFVg5mUbJjqJbQl3JtV5AauOh_FfeTrCZHpAb9m5Gl93YD-wULRcIoyuoq8ftA80IeQs6a8foLPBV_EgNlfFHRO5Txi4Ml-xOCQnb0CJnujQClsWJ5yqu48dSCBtp144gj6rtP3uFGF27Eo14t10T50839ymIF75dqtwzPrjNg7Go7EtAnit-B8SIchwKhvaII1ES4eGnxp13j0l-JBLZZZxScMx_Fv4_O8Y0lCQPjpZu_JMFh7dTu_sjxQNLawtnC_o_2ghq-_yIa5pWK3oWLEoiXPWo_yowATb87331AHgBAOQBgGgBk2AB-vn6F6oB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiI4YAQEAEYHYAKAZgLAcgLAYAMAbATtda5DNATANgTA4gUAdgUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASFeRokUELHibDCAp6Gjl3MOYpBCCs7Q%26sig%3DAOD64_3Ht95Army6_Oz-juF4ugDCyB0E6g%26client%3Dca-pub-7213021641226731%26dbm_c%3DAKAmf-Brfs9Ug7meHokj6WwP5nqzJS0vff0kCtg8V-uYp2_DJUX96c9ld7yLoKs1dGVxsFZsd_jeebZS751MlL1MKKdg0jGRc_vXXODSY8h186PgccCGdx1iy5G3UApFtmOGpQT6c04Ur_5MsSRBgzKFrMUUU--Vpg%26cry%3D1%26dbm_d%3DAKAmf-CbTdYYDYjYVpz7RaY8lK2k5cSJ9PhcXhXFgogVMIEiGhQytC9f-m_31qQNR_x8Bmh9uOb_8vn6h5gdn5xIBTD0WIb_C-QypGvut-SrSuRDpgmRxb5LjCFKd5VnTtn3BWeVz3vG_mZZPG2fLN-sPEqavvxiPBodmpu9NhSzjjBIOpFZNUFE-p-nEmL3xf1t4cX0E2vPnuROYnZpC_0j6y23phiS8C8AuJV_0ummdCxgbMX14vwebMM6Ffc8g_uWQGlX6R-tB3Yvy9bkKtMFV92XwCoKgs0tvwkaewST_EwTP1jcv6R0Dw0CPojcO3pEzWl2bw2MX2sDTjfPPpCtBMM8zVlZKnd-jjSE-1rcbNVFbR42xQ_3udC4cN1uFzhN_a9RFjv9yM8ptj61Smwb-On56iczrleEqN7UtfdrrwzDIMq5_3k74JBpYpMzRZtOwkHC5fLqMG-J7iIQNygbmyiBYEhLztdk8nn7VG91VxqBLQ0C_NCKy6QtZ10x7wT4hPg8G7-BuUGahKxuxdGVMfkT8mHT8A%26adurl%3D&documentReferer=https%3A%2F%2Fwww.undertheradarmag.com%2F&ancestorOrigins=https%3A%2F%2Fwww.undertheradarmag.com&random=3735855567631&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1

Request Chain 236

https://www8.smartadserver.com/ac?siteid=353075&pgid=1236238&fmtid=85711&ab=1&tgt=&oc=1&out=vast2&ps=1&pb=0&visit=S&vcn=s&tmstp=R0.1630886436195&pgDomain=www.undertheradarmag.com&vpw=700&vph=393&gdpr=1&gdpr_consent=&us_privacy=1--- HTTP 302
https://www8.smartadserver.com/ac?siteid=353075&pgid=1236238&fmtid=85711&ab=1&tgt=&oc=1&out=vast2&ps=1&pb=0&visit=S&vcn=s&tmstp=R0.1630886436195&pgDomain=www.undertheradarmag.com&vpw=700&vph=393&gdpr=1&gdpr_consent=&us_privacy=1---&cklb=1

Request Chain 247

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?gdpr=1&p=15414&us_privacy=1---&endpoint= HTTP 301
https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=

Request Chain 258

https://www.awin1.com/cshow.php?s=2882174&v=8508&q=413151&r=235229&pref1=88142800007345000719590011709005&pv=1 HTTP 302
https://www.zenaps.com/cshow.php?pvr=7738b300-0ea5-11ec-a5f3-692d0d349c1f&v=8508&r=235229&q=413151&s=2882174&viewref=88142800007345000719590011709005&pv=1

Request Chain 262

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YTVaIwIiGbEkGsvVuA33tQAABJEAAAIB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YTVaIwIiGbEkGsvVuA33tQAABJEAAAIB&dcc=t

Request Chain 263

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YTVaIwIiGbEkGsvVuA33tQAABJEAAAIB&gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEDBn1WrJwkY3097gipsHf_M&google_cver=1

Request Chain 266

https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1 HTTP 302
https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1&prevuid=&knw=0 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=

Request Chain 268

https://pixel.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0&gdpr=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=1&external_user_id=qvHLr6mhyq-x983_rKPVqKijnqux8p75pPm4Yh9q

Request Chain 275

https://ti.tradetracker.net/?c=34211&m=1888189&a=70002&r=88142800007345000719590011709005&t=html HTTP 302
https://static.tradetracker.net/nl/material_image/f1/e6244d1a4401c7fe26622998bffa5f86940922.png

Request Chain 281

https://ti.tradetracker.net/?c=558&m=24180&a=70002&r=88142800007345000719590011709005&t=html HTTP 302
https://static.tradetracker.net/nl/material_image/49/1f21095a5f4ae3c95070194bad8a5ad919a00b.jpg

294 HTTP transactions
8 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request Cookie set premiere_enn_debut_new_video_for_catalyst Show response
www.undertheradarmag.com/news/ 21 KB
22 KB 721ms
458ms Document
text/html 207.38.94.32
AS-30083-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.undertheradarmag.com/news/premiere_enn_debut_new_video_for_catalyst

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

207.38.94.32 St Louis, United States, ASN30083 (AS-30083-GO-DADDY-COM-LLC, US),

Reverse DNS

web611.webfaction.com

Software

nginx /

Resource Hash

db673bc3756025cfa843d2e6e1e11f6274006b75c6b74905cf93863728ec1d73

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Host: www.undertheradarmag.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Server: nginx
Date: Mon, 06 Sep 2021 00:00:22 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Frame-Options: SAMEORIGIN
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Pragma: no-cache
Set-Cookie: exp_last_visit=1315526422; expires=Tue, 06-Sep-2022 00:00:22 GMT; Max-Age=31536000; path=/; httponly exp_last_activity=1630886422; expires=Tue, 06-Sep-2022 00:00:22 GMT; Max-Age=31536000; path=/; httponly exp_tracker=%7B%220%22%3A%22news%2Fpremiere_enn_debut_new_video_for_catalyst%22%2C%22token%22%3A%2263791c74c26c6780796bd9f50f9a3c31%22%7D; path=/; httponly exp_csrf_token=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; httponly exp_csrf_token=ccd792a7e611fb9c622dd9d0e54d7008b27b12ac; expires=Mon, 06-Sep-2021 02:00:22 GMT; Max-Age=7200; path=/; httponly
Last-Modified: Mon, 06 Sep 2021 00:00:22 GMT

GET
H2 200 ready.js Show response
pymx5.com/scripts/ 1 KB
2 KB 132ms
15ms Script
application/javascript 35.227.203.93
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pymx5.com/scripts/ready.js
Requested by: Host: www.undertheradarmag.com
URL: https://www.undertheradarmag.com/news/premiere_enn_debut_new_video_for_catalyst
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.203.93 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 93.203.227.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 1c907e1f2483fb2a70272d58bad74b1c5463388d9d191c7c58183503c9ae5944

Request headers

Referer: https://www.undertheradarmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 05 Sep 2021 23:33:30 GMT
age: 1613
x-guploader-uploadid: ADPycdsBA-Lgw0FhzpgCsEVHKzfCWncankS-ynibvgkkMhkf1KeSsUIyQxlxYYxBEQMbxh4xlAONYqVraIe1gVTr-UQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: clear
content-length: 1278
last-modified: Mon, 30 Nov 2020 10:13:10 GMT
server: UploadServer
etag: "06467ab40d7f92f9794f0b20431992be"
x-goog-hash: crc32c=fis9Og==, md5=BkZ6tA1/kvl5TwsgQxmSvg==
x-goog-generation: 1606731190144133
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 1278
accept-ranges: bytes
content-type: application/javascript
expires: Mon, 06 Sep 2021 00:33:30 GMT

GET
H2 200 ims.js Show response
pymx5.com/scripts/ 16 KB
16 KB 132ms
16ms Script
application/javascript 35.227.203.93
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pymx5.com/scripts/ims.js
Requested by: Host: www.undertheradarmag.com
URL: https://www.undertheradarmag.com/news/premiere_enn_debut_new_video_for_catalyst
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.203.93 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 93.203.227.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: bf739c567353fba3b1702cf940f29b3953c5b24b84a18b1208eee417a431dd5d

Request headers

Referer: https://www.undertheradarmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 05 Sep 2021 23:33:55 GMT
age: 1588
x-guploader-uploadid: ADPycdu7YKc74yQYTqBaoL8SR4TYNMAbOE_jdxH48zNvkUIrjFPirvI5iqB34LTRvXdXCbUyBr-qGOxwQ9cBuKJRdPSKdTR_ng
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: clear
content-length: 16603
last-modified: Mon, 30 Nov 2020 10:13:10 GMT
server: UploadServer
etag: "ad907d3febe0f354e5ddae6c691909db"
x-goog-hash: crc32c=p2OvPg==, md5=rZB9P+vg81Tl3a5saRkJ2w==
x-goog-generation: 1606731190006726
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 16603
accept-ranges: bytes
content-type: application/javascript
expires: Mon, 06 Sep 2021 00:33:55 GMT

GET
H2 200 load_tags.js Show response
pymx5.com/scripts/ 9 KB
9 KB 49ms
18ms Script
application/javascript 35.227.203.93
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pymx5.com/scripts/load_tags.js
Requested by: Host: www.undertheradarmag.com
URL: https://www.undertheradarmag.com/news/premiere_enn_debut_new_video_for_catalyst
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.203.93 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 93.203.227.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 492f490d3a8cae053f8ab9f525210cfcd792987a02d65783aa81ce4edf926fa2

Request headers

Referer: https://www.undertheradarmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 05 Sep 2021 23:10:56 GMT
age: 2967
x-guploader-uploadid: ADPycduGtgcelAqyyx8owZ65hRotKD1tzKpDFLZRtAfa2HTEfrHGuZGLqRNjMstjO78pR6-JCUUvRvPqe6dXFgp4B7iTzngIsA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: clear
content-length: 8946
last-modified: Mon, 30 Nov 2020 10:13:10 GMT
server: UploadServer
etag: "f6b06694767e707999eecbe9538b403a"
x-goog-hash: crc32c=xz4nKQ==, md5=9rBmlHZ+cHmZ7svpU4tAOg==
x-goog-generation: 1606731190093338
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 8946
accept-ranges: bytes
content-type: application/javascript
expires: Mon, 06 Sep 2021 00:10:56 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.3.2/ 56 KB
56 KB 48ms
0ms Script
text/javascript 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.3.2/jquery.min.js

Requested by

Host: www.undertheradarmag.com
URL: https://www.undertheradarmag.com/news/premiere_enn_debut_new_video_for_catalyst

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c8370a2d050359e9d505acc411e6f457a49b21360a21e6cbc9229bad3a767899

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.undertheradarmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 31 Aug 2021 11:53:02 GMT
x-content-type-options: nosniff
age: 475641
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57254
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 31 Aug 2022 11:53:02 GMT

GET
H/1.1 200
OK site.js Show response
www.undertheradarmag.com/assets/js/ 1 KB
1 KB 458ms
119ms Script
application/javascript 207.38.94.32
AS-30083-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.undertheradarmag.com/assets/js/site.js
Requested by: Host: www.undertheradarmag.com
URL: https://www.undertheradarmag.com/news/premiere_enn_debut_new_video_for_catalyst
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 207.38.94.32 St Louis, United States, ASN30083 (AS-30083-GO-DADDY-COM-LLC, US),
Reverse DNS: web611.webfaction.com
Software: nginx /
Resource Hash: 4353d44b7966f9cdae2e31c0704918fc6823bb2ee48d9181b8450be3928f0729

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.undertheradarmag.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.undertheradarmag.com/news/premiere_enn_debut_new_video_for_catalyst
Cookie: exp_last_visit=1315526422; exp_last_activity=1630886422; exp_tracker=%7B%220%22%3A%22news%2Fpremiere_enn_debut_new_video_for_catalyst%22%2C%22token%22%3A%2263791c74c26c6780796bd9f50f9a3c31%22%7D; exp_csrf_token=ccd792a7e611fb9c622dd9d0e54d7008b27b12ac
Connection: keep-alive
Referer: https://www.undertheradarmag.com/news/premiere_enn_debut_new_video_for_catalyst
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Mon, 06 Sep 2021 00:00:23 GMT
Last-Modified: Tue, 27 Oct 2020 20:49:20 GMT
Server: nginx
ETag: "493-5b2ad2e6166c8"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1171

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 70 KB
25 KB 96ms
19ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.undertheradarmag.com
URL: https://www.undertheradarmag.com/news/premiere_enn_debut_new_video_for_catalyst

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3948b89c1dbd03a0c6db7e6a4197ff149d266cd15a55ac81a3a811cfd7cb2489

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.undertheradarmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 06 Sep 2021 00:00:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "979 / 475 of 1000 / last-modified: 1630706924"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24938
x-xss-protection: 0
expires: Mon, 06 Sep 2021 00:00:23 GMT

GET
H2 200 icon
fonts.googleapis.com/ 568 B
461 B 59ms
11ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/icon?family=Material+Icons

Requested by

Host: www.undertheradarmag.com
URL: https://www.undertheradarmag.com/news/premiere_enn_debut_new_video_for_catalyst

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

80b252c5e024e15162180f33565a89511dd7f94e7f3716d55fda1a0a751bd082

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.undertheradarmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 06 Sep 2021 00:00:23 GMT
server: ESF
date: Mon, 06 Sep 2021 00:00:23 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 06 Sep 2021 00:00:23 GMT

GET
H/1.1 200
OK materialize.css
www.undertheradarmag.com/assets/css/ 196 KB
196 KB 156ms
120ms Stylesheet
text/css 207.38.94.32
AS-30083-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.undertheradarmag.com/assets/css/materialize.css?v1
Requested by: Host: www.undertheradarmag.com
URL: https://www.undertheradarmag.com/news/premiere_enn_debut_new_video_for_catalyst
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 207.38.94.32 St Louis, United States, ASN30083 (AS-30083-GO-DADDY-COM-LLC, US),
Reverse DNS: web611.webfaction.com
Software: nginx /
Resource Hash: 6adcf17c7aeff5ee77b2ee86f0df1898a8f5118e4064056c68d28fb52ca54a5d

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.undertheradarmag.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://www.undertheradarmag.com/news/premiere_enn_debut_new_video_for_catalyst
Cookie: exp_last_visit=1315526422; exp_last_activity=1630886422; exp_tracker=%7B%220%22%3A%22news%2Fpremiere_enn_debut_new_video_for_catalyst%22%2C%22token%22%3A%2263791c74c26c6780796bd9f50f9a3c31%22%7D; exp_csrf_token=ccd792a7e611fb9c622dd9d0e54d7008b27b12ac
Connection: keep-alive
Referer: https://www.undertheradarmag.com/news/premiere_enn_debut_new_video_for_catalyst
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Mon, 06 Sep 2021 00:00:23 GMT
Last-Modified: Thu, 18 Mar 2021 15:07:49 GMT
Server: nginx
ETag: "31106-5bdd0f679fedf"
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 200966

GET
H2 403 smartTagging.css
static.solutionshindsight.net/topics/ 0
0 570ms
397ms Stylesheet
application/xml 143.204.98.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.solutionshindsight.net/topics/smartTagging.css
Requested by: Host: www.undertheradarmag.com
URL: https://www.undertheradarmag.com/news/premiere_enn_debut_new_video_for_catalyst
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-110.fra50.r.cloudfront.net
Software: /
Resource Hash

Request headers

Referer: https://www.undertheradarmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

GET
H2 200 smartTagging.js Show response
static.solutionshindsight.net/topics/ 879 B
1 KB 62ms
31ms Script
application/javascript 143.204.98.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.solutionshindsight.net/topics/smartTagging.js
Requested by: Host: www.undertheradarmag.com
URL: https://www.undertheradarmag.com/news/premiere_enn_debut_new_video_for_catalyst
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-110.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 284d1ce1e7ad22f0998a921e845b83d46f8e1bfdd3967360b8fcf2717a21616c

Request headers

Referer: https://www.undertheradarmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 06 Sep 2021 00:00:23 GMT
via: 1.1 baaf38f0a0d54e4834bf934fa5189ceb.cloudfront.net (CloudFront)
last-modified: Thu, 24 Jun 2021 10:00:05 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
etag: "ad608c0caeff4bc672fd9481f1a8957e"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 879
x-amz-cf-id: li9lFbbj1_3gyLxj5FF-t8YMrGShd24qPa8-jRN1rYFVa1B5zuVGuA==

GET
H/1.1 200
OK logo.jpg
www.undertheradarmag.com/i/ 11 KB
11 KB 151ms
123ms Image
image/jpeg 207.38.94.32
AS-30083-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.undertheradarmag.com/i/logo.jpg
Requested by: Host: www.undertheradarmag.com
URL: https://www.undertheradarmag.com/news/premiere_enn_debut_new_video_for_catalyst
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 207.38.94.32 St Louis, United States, ASN30083 (AS-30083-GO-DADDY-COM-LLC, US),
Reverse DNS: web611.webfaction.com
Software: nginx /
Resource Hash: 8a11aa872d132c4c3d3bacb4c783b3645adc1bb8d8525f8aaf5396a7b8eb6b0a

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.undertheradarmag.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.undertheradarmag.com/news/premiere_enn_debut_new_video_for_catalyst
Cookie: exp_last_visit=1315526422; exp_last_activity=1630886422; exp_tracker=%7B%220%22%3A%22news%2Fpremiere_enn_debut_new_video_for_catalyst%22%2C%22token%22%3A%2263791c74c26c6780796bd9f50f9a3c31%22%7D; exp_csrf_token=ccd792a7e611fb9c622dd9d0e54d7008b27b12ac
Connection: keep-alive
Referer: https://www.undertheradarmag.com/news/premiere_enn_debut_new_video_for_catalyst
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Mon, 06 Sep 2021 00:00:23 GMT
Last-Modified: Fri, 13 Feb 2009 21:37:42 GMT
Server: nginx
ETag: "2be7-462d3a58dd580"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 11239

GET
H/1.1 200
OK GENN_%28C%29Holly_Whitaker-min.jpg
www.undertheradarmag.com/uploads/article_images/ 3 MB
3 MB 276ms
123ms Image
image/jpeg 207.38.94.32
AS-30083-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.undertheradarmag.com/uploads/article_images/GENN_%28C%29Holly_Whitaker-min.jpg
Requested by: Host: www.undertheradarmag.com
URL: https://www.undertheradarmag.com/news/premiere_enn_debut_new_video_for_catalyst
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 207.38.94.32 St Louis, United States, ASN30083 (AS-30083-GO-DADDY-COM-LLC, US),
Reverse DNS: web611.webfaction.com
Software: nginx /
Resource Hash: a1353ef65780afbce0012d566acbb453d189ba9868e5d35c70296c0237861971

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.undertheradarmag.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.undertheradarmag.com/news/premiere_enn_debut_new_video_for_catalyst
Cookie: exp_last_visit=1315526422; exp_last_activity=1630886422; exp_tracker=%7B%220%22%3A%22news%2Fpremiere_enn_debut_new_video_for_catalyst%22%2C%22token%22%3A%2263791c74c26c6780796bd9f50f9a3c31%22%7D; exp_csrf_token=ccd792a7e611fb9c622dd9d0e54d7008b27b12ac
Connection: keep-alive
Referer: https://www.undertheradarmag.com/news/premiere_enn_debut_new_video_for_catalyst
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Mon, 06 Sep 2021 00:00:23 GMT
Last-Modified: Wed, 01 Sep 2021 17:34:47 GMT
Server: nginx
ETag: "612fb9b7-2a9520"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2790688

GET
H2 200 lg-share-en.gif
s7.addthis.com/static/btn/ 596 B
813 B 126ms
24ms Image
image/gif 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s7.addthis.com/static/btn/lg-share-en.gif

Requested by

Host: www.undertheradarmag.com
URL: https://www.undertheradarmag.com/news/premiere_enn_debut_new_video_for_catalyst

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

8d261abb1cdf02888b9a1f12cf9694e7ec7e93d7da3e8f20e2907af422327489

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.undertheradarmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Thu, 04 Jun 2020 15:49:19 GMT
server: nginx/1.15.8
etag: "5ed917ff-254"
content-type: image/gif
cache-control: public, max-age=86313600
date: Mon, 06 Sep 2021 00:00:23 GMT
x-host: s7.addthis.com
accept-ranges: bytes
timing-allow-origin: *
content-length: 596

GET
H/1.1 200
OK 1630886422.8123.jpg
www.undertheradarmag.com/images/captchas/ 2 KB
2 KB 398ms
138ms Image
image/jpeg 207.38.94.32
AS-30083-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.undertheradarmag.com/images/captchas/1630886422.8123.jpg
Requested by: Host: www.undertheradarmag.com
URL: https://www.undertheradarmag.com/news/premiere_enn_debut_new_video_for_catalyst
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 207.38.94.32 St Louis, United States, ASN30083 (AS-30083-GO-DADDY-COM-LLC, US),
Reverse DNS: web611.webfaction.com
Software: nginx /
Resource Hash: 42ba573d7e7cb9f6ee10bba2ba774a6302a7697ce98dc8cf0e486b9c3ea56d0b

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.undertheradarmag.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.undertheradarmag.com/news/premiere_enn_debut_new_video_for_catalyst
Cookie: exp_last_visit=1315526422; exp_last_activity=1630886422; exp_tracker=%7B%220%22%3A%22news%2Fpremiere_enn_debut_new_video_for_catalyst%22%2C%22token%22%3A%2263791c74c26c6780796bd9f50f9a3c31%22%7D; exp_csrf_token=ccd792a7e611fb9c622dd9d0e54d7008b27b12ac
Connection: keep-alive
Referer: https://www.undertheradarmag.com/news/premiere_enn_debut_new_video_for_catalyst
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Mon, 06 Sep 2021 00:00:23 GMT
Last-Modified: Mon, 06 Sep 2021 00:00:22 GMT
Server: nginx
ETag: "61355a16-8e5"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2277

GET
H/1.1 200
OK Under_the_Radar_Issue_68_Cover_Japanese_Breakfast_HAIM_696_Protest_Issue_Issue_Page.jpg
www.undertheradarmag.com/uploads/cover_images/ 204 KB
205 KB 558ms
298ms Image
image/jpeg 207.38.94.32
AS-30083-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.undertheradarmag.com/uploads/cover_images/Under_the_Radar_Issue_68_Cover_Japanese_Breakfast_HAIM_696_Protest_Issue_Issue_Page.jpg
Requested by: Host: www.undertheradarmag.com
URL: https://www.undertheradarmag.com/news/premiere_enn_debut_new_video_for_catalyst
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 207.38.94.32 St Louis, United States, ASN30083 (AS-30083-GO-DADDY-COM-LLC, US),
Reverse DNS: web611.webfaction.com
Software: nginx /
Resource Hash: d74b27322960c24de6182ef5c1f28fd89eea1786e446c3c085a2790253c4511f

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.undertheradarmag.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.undertheradarmag.com/news/premiere_enn_debut_new_video_for_catalyst
Cookie: exp_last_visit=1315526422; exp_last_activity=1630886422; exp_tracker=%7B%220%22%3A%22news%2Fpremiere_enn_debut_new_video_for_catalyst%22%2C%22token%22%3A%2263791c74c26c6780796bd9f50f9a3c31%22%7D; exp_csrf_token=ccd792a7e611fb9c622dd9d0e54d7008b27b12ac
Connection: keep-alive
Referer: https://www.undertheradarmag.com/news/premiere_enn_debut_new_video_for_catalyst
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Mon, 06 Sep 2021 00:00:23 GMT
Last-Modified: Wed, 21 Apr 2021 17:44:08 GMT
Server: nginx
ETag: "60806468-33187"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 209287

GET
H/1.1 200
OK d4eb7c808a2baa538f2f5d6ee374fe33.jpg
www.undertheradarmag.com/uploads/ads/ 42 KB
42 KB 582ms
322ms Image
image/jpeg 207.38.94.32
AS-30083-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.undertheradarmag.com/uploads/ads/d4eb7c808a2baa538f2f5d6ee374fe33.jpg
Requested by: Host: www.undertheradarmag.com
URL: https://www.undertheradarmag.com/news/premiere_enn_debut_new_video_for_catalyst
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 207.38.94.32 St Louis, United States, ASN30083 (AS-30083-GO-DADDY-COM-LLC, US),
Reverse DNS: web611.webfaction.com
Software: nginx /
Resource Hash: 858359af903f2944d47f96eab745a42eef22229dc5d5f580f8eb8d3c2b27cd85

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.undertheradarmag.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.undertheradarmag.com/news/premiere_enn_debut_new_video_for_catalyst
Cookie: exp_last_visit=1315526422; exp_last_activity=1630886422; exp_tracker=%7B%220%22%3A%22news%2Fpremiere_enn_debut_new_video_for_catalyst%22%2C%22token%22%3A%2263791c74c26c6780796bd9f50f9a3c31%22%7D; exp_csrf_token=ccd792a7e611fb9c622dd9d0e54d7008b27b12ac
Connection: keep-alive
Referer: https://www.undertheradarmag.com/news/premiere_enn_debut_new_video_for_catalyst
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Mon, 06 Sep 2021 00:00:23 GMT
Last-Modified: Thu, 16 Apr 2009 18:01:17 GMT
Server: nginx
ETag: "49e7726d-a8eb"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43243

GET
H/1.1 200
OK materialize.min.js Show response
www.undertheradarmag.com/assets/js/ 177 KB
177 KB 271ms
240ms Script
application/javascript 207.38.94.32
AS-30083-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.undertheradarmag.com/assets/js/materialize.min.js
Requested by: Host: www.undertheradarmag.com
URL: https://www.undertheradarmag.com/news/premiere_enn_debut_new_video_for_catalyst
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 207.38.94.32 St Louis, United States, ASN30083 (AS-30083-GO-DADDY-COM-LLC, US),
Reverse DNS: web611.webfaction.com
Software: nginx /
Resource Hash: f5a59995b708bcd4a76f805669462514d1b294d7935942ffc9f7d6ff70db93fa

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.undertheradarmag.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.undertheradarmag.com/news/premiere_enn_debut_new_video_for_catalyst
Cookie: exp_last_visit=1315526422; exp_last_activity=1630886422; exp_tracker=%7B%220%22%3A%22news%2Fpremiere_enn_debut_new_video_for_catalyst%22%2C%22token%22%3A%2263791c74c26c6780796bd9f50f9a3c31%22%7D; exp_csrf_token=ccd792a7e611fb9c622dd9d0e54d7008b27b12ac
Connection: keep-alive
Referer: https://www.undertheradarmag.com/news/premiere_enn_debut_new_video_for_catalyst
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Mon, 06 Sep 2021 00:00:23 GMT
Last-Modified: Sun, 31 Mar 2019 17:10:17 GMT
Server: nginx
ETag: "2c37a-58566fa694e1d"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 181114

GET
H2 200 get-context Show response
api.pymx5.com/v1/publisher/ 60 B
280 B 364ms
68ms XHR
application/json 34.96.74.203
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api.pymx5.com/v1/publisher/get-context

Requested by

Host: pymx5.com
URL: https://pymx5.com/scripts/ims.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.96.74.203 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

203.74.96.34.bc.googleusercontent.com

Software

nginx/1.13.7 /

Resource Hash

17d059c0d9e8e1ebac6e58404aed4f403400d509d4460e58985fd8129a65704a

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.undertheradarmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 06 Sep 2021 00:00:23 GMT
content-encoding: gzip
allow: GET, HEAD, OPTIONS
server: nginx/1.13.7
x-frame-options: SAMEORIGIN
vary: Origin
content-type: application/json
access-control-allow-origin: https://www.undertheradarmag.com
access-control-allow-credentials: true
alt-svc: clear
via: 1.1 google

GET
H2 200 ifilter-eval.js Show response
pymx5.com/scripts/ 9 KB
9 KB 168ms
139ms Script
application/javascript 35.227.203.93
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pymx5.com/scripts/ifilter-eval.js
Requested by: Host: pymx5.com
URL: https://pymx5.com/scripts/ims.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.203.93 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 93.203.227.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 06f948a217c237ec9da04db4863ae47ac02b247ec4fb4213fd68b981d766c156

Request headers

Referer: https://www.undertheradarmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 06 Sep 2021 00:00:23 GMT
age: 0
x-guploader-uploadid: ADPycdsYKAfNfj-KpkO4OTai_r5GTlOzSv6i1RamoRKNSVkj_RCjcFb3xGpJ2MKbPNyw3Unt3ghLEP_md2IQ8g2MKVQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: clear
content-length: 8929
last-modified: Mon, 30 Nov 2020 10:13:10 GMT
server: UploadServer
etag: "b8c23f3782f2b89bad7344ea2720b5ba"
x-goog-hash: crc32c=1cvcAw==, md5=uMI/N4LyuJutc0TqJyC1ug==
x-goog-generation: 1606731190094809
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 8929
accept-ranges: bytes
content-type: application/javascript
expires: Mon, 06 Sep 2021 01:00:23 GMT

GET
H2 200 messageRequest.js Show response
pymx5.com/scripts/ 6 KB
6 KB 53ms
14ms Script
application/javascript 35.227.203.93
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pymx5.com/scripts/messageRequest.js
Requested by: Host: pymx5.com
URL: https://pymx5.com/scripts/ims.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.203.93 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 93.203.227.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 9bc3ac88ae6629e440770a37e747bb6241a085df9842ccbc5f3035471b360c10

Request headers

Referer: https://www.undertheradarmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 05 Sep 2021 23:21:36 GMT
age: 2327
x-guploader-uploadid: ADPycdss2KDJvk9T-ONpK_fRfNlRPhlpiwaQHYcyVr05Y4CrF-Bxfr9EwwHFK3_F3gP4LGFAxrg27NHFh6Fv0aCo3aEj38rlyg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: clear
content-length: 6018
last-modified: Mon, 30 Nov 2020 10:13:10 GMT
server: UploadServer
etag: "1c14d674aa94ed0a5b5b0830b8648345"
x-goog-hash: crc32c=5DBAqw==, md5=HBTWdKqU7QpbWwgwuGSDRQ==
x-goog-generation: 1606731190132296
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 6018
accept-ranges: bytes
content-type: application/javascript
expires: Mon, 06 Sep 2021 00:21:36 GMT

GET
H2 200 imstag.min.js Show response
pymx5.com/ad-rendring/src/ 100 KB
101 KB 54ms
15ms Script
application/javascript 35.227.203.93
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pymx5.com/ad-rendring/src/imstag.min.js
Requested by: Host: pymx5.com
URL: https://pymx5.com/scripts/ims.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.203.93 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 93.203.227.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 303017e5ef65d154f447ed36116c77fc056fe0a44add0b13b9e842ae72b23ce9

Request headers

Referer: https://www.undertheradarmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 05 Sep 2021 23:53:40 GMT
age: 403
x-guploader-uploadid: ADPycdvSaa07L2cn3uVi2aCDde4KOMmKIMiCuDikQYg02rFYw23nRnhawBRnFisWNGVGfVXVw6p7oxt66FduRTxzQNs0dc6XXg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: clear
content-length: 102578
last-modified: Tue, 05 Jan 2021 10:02:41 GMT
server: UploadServer
etag: "298e66c7b1579da377cb19aec5a997c7"
x-goog-hash: crc32c=o3Vcbw==, md5=KY5mx7FXnaN3yxmuxamXxw==
x-goog-generation: 1609840961551922
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 102578
accept-ranges: bytes
content-type: application/javascript
expires: Mon, 06 Sep 2021 00:53:40 GMT

GET
H/1.1 200
OK /
www.undertheradarmag.com/ 0
286 B 327ms
217ms Stylesheet
text/css 207.38.94.32
AS-30083-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.undertheradarmag.com/?css=common/print.v.1615215086
Requested by: Host: www.undertheradarmag.com
URL: https://www.undertheradarmag.com/news/premiere_enn_debut_new_video_for_catalyst
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 207.38.94.32 St Louis, United States, ASN30083 (AS-30083-GO-DADDY-COM-LLC, US),
Reverse DNS: web611.webfaction.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.undertheradarmag.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://www.undertheradarmag.com/news/premiere_enn_debut_new_video_for_catalyst
Cookie: exp_last_visit=1315526422; exp_last_activity=1630886422; exp_tracker=%7B%220%22%3A%22news%2Fpremiere_enn_debut_new_video_for_catalyst%22%2C%22token%22%3A%2263791c74c26c6780796bd9f50f9a3c31%22%7D; exp_csrf_token=ccd792a7e611fb9c622dd9d0e54d7008b27b12ac; __utma=218175837.1078887494.1630886424.1630886424.1630886424.1; __utmb=218175837.0.10.1630886424; __utmc=218175837; __utmz=218175837.1630886424.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
Connection: keep-alive
Referer: https://www.undertheradarmag.com/news/premiere_enn_debut_new_video_for_catalyst
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Mon, 06 Sep 2021 00:00:24 GMT
Last-Modified: Thu, 25 Feb 2021 05:06:15 GMT
Server: nginx
Content-Type: text/css;charset=UTF-8
Cache-Control: max-age=604800, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 13 Sep 2021 00:00:24 GMT

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/undertheradar/ 255 KB
28 KB 126ms
24ms Script
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/undertheradar/loader.js
Requested by: Host: www.undertheradarmag.com
URL: https://www.undertheradarmag.com/news/premiere_enn_debut_new_video_for_catalyst
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: obaker.93.1.2-11.73.5 /
Resource Hash: 62ab438f7f5fb0e7ba67108eff77d1226422c01d1b5e8cfc51bea951fa7cc750

Request headers

Referer: https://www.undertheradarmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: 6uOYQYrC3RGaI2s8S2bVW5YtHoxh9ZmX
content-encoding: gzip
etag: "f4a2159baa9d4ded549109b9e8ffddf43472a114"
age: 2128
via: 1.1 varnish
x-cache: HIT
x-from-cache: 1
content-length: 28016
x-amz-id-2: VtbHYHpLxcfJhywuckIfhOyuiIIQgZf+X8c2IyJyTCsyqeNMvFun2pNsIczgcuJk1pdOWbD6LTs=
x-served-by: cache-fra19173-FRA
last-modified: Sun, 05 Sep 2021 23:24:55 UTC
server: obaker.93.1.2-11.73.5
x-timer: S1630886424.741785,VS0,VE1
date: Mon, 06 Sep 2021 00:00:23 GMT
vary: Accept-Encoding, Accept-Encoding
x-amz-request-id: C8B8EH6ZB8RV2P4M
access-control-allow-origin: *
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 0
x-cache-hits: 1

GET
H2 200 ga.js Show response
ssl.google-analytics.com/ 45 KB
17 KB 22ms
8ms Script
text/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: www.undertheradarmag.com
URL: https://www.undertheradarmag.com/news/premiere_enn_debut_new_video_for_catalyst

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.undertheradarmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 11 Aug 2021 00:32:57 GMT
server: Golfe2
age: 4388
date: Sun, 05 Sep 2021 22:47:15 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17168
expires: Mon, 06 Sep 2021 00:47:15 GMT

GET
H2

200

collect
stats.g.doubleclick.net/r/
Redirect Chain

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=826808942&utmhn=www.undertheradarmag.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&ut...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-7749100-1&cid=1078887494.1630886424&jid=1274187665&_v=5.7.2&z=826808942

35 B
111 B

232ms
0ms

Image
image/gif

2a00:1450:400c:c08::9a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-7749100-1&cid=1078887494.1630886424&jid=1274187665&_v=5.7.2&z=826808942

Requested by

Host: www.undertheradarmag.com
URL: https://www.undertheradarmag.com/news/premiere_enn_debut_new_video_for_catalyst

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.undertheradarmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 06 Sep 2021 00:00:24 GMT
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 06 Sep 2021 00:00:23 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
location: https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-7749100-1&cid=1078887494.1630886424&jid=1274187665&_v=5.7.2&z=826808942
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 369
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK UTRM-icons.jpg
www.undertheradarmag.com/i/ 15 KB
15 KB 294ms
289ms Image
image/jpeg 207.38.94.32
AS-30083-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.undertheradarmag.com/i/UTRM-icons.jpg
Requested by: Host: www.undertheradarmag.com
URL: https://www.undertheradarmag.com/assets/css/materialize.css?v1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 207.38.94.32 St Louis, United States, ASN30083 (AS-30083-GO-DADDY-COM-LLC, US),
Reverse DNS: web611.webfaction.com
Software: nginx /
Resource Hash: 7bdfd040d6c16f1875d444ad383e003d08d70d8db8ed3d8d9a96a9a8127135ab

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.undertheradarmag.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.undertheradarmag.com/assets/css/materialize.css?v1
Cookie: exp_last_visit=1315526422; exp_last_activity=1630886422; exp_tracker=%7B%220%22%3A%22news%2Fpremiere_enn_debut_new_video_for_catalyst%22%2C%22token%22%3A%2263791c74c26c6780796bd9f50f9a3c31%22%7D; exp_csrf_token=ccd792a7e611fb9c622dd9d0e54d7008b27b12ac; __utma=218175837.1078887494.1630886424.1630886424.1630886424.1; __utmc=218175837; __utmz=218175837.1630886424.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=218175837.1.10.1630886424
Connection: keep-alive
Referer: https://www.undertheradarmag.com/assets/css/materialize.css?v1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Mon, 06 Sep 2021 00:00:24 GMT
Last-Modified: Tue, 02 Jul 2013 15:28:39 GMT
Server: nginx
ETag: "3ac2-4e088ffd277c0"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 15042

GET addthis_widget.js
s7.addthis.com/js/200/ 0
0

GET addthis_widget.js
s7.addthis.com/js/250/ 0
0

GET
H2 200 6SEZ2Ei-_pY Show response
www.youtube.com/embed/ Frame 8DD6 55 KB
23 KB 229ms
72ms Document
text/html 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/6SEZ2Ei-_pY

Requested by

Host: www.undertheradarmag.com
URL: https://www.undertheradarmag.com/news/premiere_enn_debut_new_video_for_catalyst

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8872493bf703f75b81be062fb89925ca30de1d1be4a9dd56d490d80479ef5020

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.youtube.com
:scheme: https
:path: /embed/6SEZ2Ei-_pY
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.undertheradarmag.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://www.undertheradarmag.com/

Response headers

content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 06 Sep 2021 00:00:24 GMT
strict-transport-security: max-age=31536000
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
permissions-policy: ch-ua-full-version=*, ch-ua-platform=*, ch-ua-platform-version=*, ch-ua-arch=*, ch-ua-model=*
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=EedLbwuxyr8; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none VISITOR_INFO1_LIVE=q2eyo2NSsl8; Domain=.youtube.com; Expires=Sat, 05-Mar-2022 00:00:24 GMT; Path=/; Secure; HttpOnly; SameSite=none CONSENT=PENDING+037; expires=Fri, 01-Jan-2038 00:00:00 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK showad.js Show response
srv.clickfuse.com/showads/ 17 KB
6 KB 722ms
61ms Script
text/javascript 18.200.89.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://srv.clickfuse.com/showads/showad.js
Requested by: Host: www.undertheradarmag.com
URL: https://www.undertheradarmag.com/news/premiere_enn_debut_new_video_for_catalyst
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.200.89.34 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-200-89-34.eu-west-1.compute.amazonaws.com
Software: Apache/2.4.46 (Amazon) /
Resource Hash: fdfd70a7401a19a1ae06e2cfb6eb2fedd7bae6338939adc6032195deb8c6676f

Request headers

Referer: https://www.undertheradarmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Mon, 06 Sep 2021 00:00:24 GMT
Content-Encoding: gzip
Last-Modified: Sat, 04 Sep 2021 17:50:05 GMT
Server: Apache/2.4.46 (Amazon)
ETag: "4397-5cb2f0bcd92e3-gzip"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=60, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5834
Expires: Mon, 06 Sep 2021 00:01:24 GMT

GET
H/1.1 200
OK input_text.jpg
www.undertheradarmag.com/i/ 2 KB
2 KB 297ms
125ms Image
image/jpeg 207.38.94.32
AS-30083-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.undertheradarmag.com/i/input_text.jpg
Requested by: Host: www.undertheradarmag.com
URL: https://www.undertheradarmag.com/assets/css/materialize.css?v1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 207.38.94.32 St Louis, United States, ASN30083 (AS-30083-GO-DADDY-COM-LLC, US),
Reverse DNS: web611.webfaction.com
Software: nginx /
Resource Hash: 30d6afc802d1ae7245c1c6eb445b8cec9817bd3d0ff29d693352a1f8224b1b3e

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.undertheradarmag.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.undertheradarmag.com/assets/css/materialize.css?v1
Connection: keep-alive
Referer: https://www.undertheradarmag.com/assets/css/materialize.css?v1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Mon, 06 Sep 2021 00:00:24 GMT
Last-Modified: Fri, 13 Feb 2009 21:37:42 GMT
Server: nginx
ETag: "7d8-462d3a58dd580"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2008

GET
H/1.1 200
OK lozenge.gif
www.undertheradarmag.com/i/ 2 KB
2 KB 378ms
206ms Image
image/gif 207.38.94.32
AS-30083-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.undertheradarmag.com/i/lozenge.gif
Requested by: Host: www.undertheradarmag.com
URL: https://www.undertheradarmag.com/assets/css/materialize.css?v1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 207.38.94.32 St Louis, United States, ASN30083 (AS-30083-GO-DADDY-COM-LLC, US),
Reverse DNS: web611.webfaction.com
Software: nginx /
Resource Hash: aff37fcf00d4e45b2058446097bf279efe4ab8f90a61fe390bdab3cbd5a821c5

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.undertheradarmag.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.undertheradarmag.com/assets/css/materialize.css?v1
Connection: keep-alive
Referer: https://www.undertheradarmag.com/assets/css/materialize.css?v1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Mon, 06 Sep 2021 00:00:24 GMT
Last-Modified: Wed, 22 Apr 2009 20:00:59 GMT
Server: nginx
ETag: "7ef-4682a38e094c0"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2031

GET
H2 200 load_optional_tags Show response
api.pymx5.com/v1/sites/ 0
641 B 563ms
155ms Script
text/html 34.96.74.203
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api.pymx5.com/v1/sites/load_optional_tags

Requested by

Host: pymx5.com
URL: https://pymx5.com/scripts/load_tags.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.96.74.203 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

203.74.96.34.bc.googleusercontent.com

Software

nginx/1.13.7 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.undertheradarmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 06 Sep 2021 00:00:24 GMT
via: 1.1 google
server: nginx/1.13.7
x-frame-options: SAMEORIGIN
allow: GET, HEAD, OPTIONS
content-type: text/html; charset=utf-8
alt-svc: clear
content-length: 0

GET
H2 200 pubads_impl_2021083101.js Show response
securepubads.g.doubleclick.net/gpt/ 333 KB
117 KB 358ms
69ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021083101.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

sffe /

Resource Hash

821bdc4f69b0d71c8ee65e9e97c232e0a127004991b92133da9019dbe8f90047

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.undertheradarmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 06 Sep 2021 00:00:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 31 Aug 2021 08:39:05 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119248
x-xss-protection: 0
expires: Mon, 06 Sep 2021 00:00:25 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 84 B
737 B 346ms
28ms XHR
application/json 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.undertheradarmag.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

63983a004158d17db8bad11e1df2695864d1c58d673b6e12b0110cc2ba6eae48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.undertheradarmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 06 Sep 2021 00:00:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 80
x-xss-protection: 0
expires: Mon, 06 Sep 2021 00:00:25 GMT

GET
H2 200 ifilter.js Show response
pymx5.com/ad-rendring/src/ 56 KB
56 KB 113ms
58ms Script
application/javascript 35.227.203.93
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pymx5.com/ad-rendring/src/ifilter.js
Requested by: Host: pymx5.com
URL: https://pymx5.com/ad-rendring/src/imstag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.203.93 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 93.203.227.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: a2d24f191540745c63506a5cac6674ee4bfc95b29ed8e5b7b9f810b8aa21b280

Request headers

Referer: https://www.undertheradarmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 05 Sep 2021 23:49:00 GMT
age: 685
x-guploader-uploadid: ADPycduhos5VMN1H8oJAVoX4kBI5uShso8xnjuDG2gui98vSNtC--Qi43ZCQ93-bz_q3J0Vi5MWwdt6A8jK8A0QSNtrhDjfA4A
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: clear
content-length: 57026
last-modified: Thu, 25 Jun 2020 05:25:47 GMT
server: UploadServer
etag: "f7990efed3936d14d55077c3722ffac4"
x-goog-hash: crc32c=JzgInw==, md5=95kO/tOTbRTVUHfDci/6xA==
x-goog-generation: 1593062747313466
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 57026
accept-ranges: bytes
content-type: application/javascript
expires: Mon, 06 Sep 2021 00:49:00 GMT

GET
H2 200 impl.20210823-13_b2-PR-36653-DEV-91882-align-code-from-custom-module-to-rbox-b251e67c540-SNAPSHOT.js Show response
cdn.taboola.com/libtrc/ 538 KB
119 KB 95ms
55ms Script
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20210823-13_b2-PR-36653-DEV-91882-align-code-from-custom-module-to-rbox-b251e67c540-SNAPSHOT.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/undertheradar/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: d1ca73815e1acd49059e859ea6ea6853d4915e7f29af792e8d5b3aa75dfef3e1

Request headers

Referer: https://www.undertheradarmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: F0HOaYDjq4MAGE5T..s0.JCN9uFYYt1C
content-encoding: br
etag: "ffeafd5a8ed18c1cb060a3e3edb641e4"
age: 21786
x-cache: HIT
content-length: 121921
x-amz-id-2: NiR4JZoKXj/td4lUt4PMsYA36A7ECJGTpS8B9O/KrD9NbR4bKrAQEZw9ehkO+a4tASEKiJuUNsaOwgXA0XHP7Q==
x-served-by: cache-fra19173-FRA
last-modified: Tue, 24 Aug 2021 09:11:28 GMT
server: AmazonS3-br
x-timer: S1630886425.178791,VS0,VE0
date: Mon, 06 Sep 2021 00:00:25 GMT
vary: Accept-Encoding
x-amz-request-id: YN4RED5FM6KP0M8X
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript
abp: 27
x-cache-hits: 1760

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 1 KB
1 KB 95ms
54ms Script
application/javascript 13.32.121.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/undertheradar/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-17.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer: https://www.undertheradarmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 05 Sep 2021 14:20:36 GMT
content-encoding: gzip
etag: W/"1827f116c73f319409b97f10b8a58ade"
last-modified: Fri, 26 Feb 2021 14:35:05 GMT
server: AmazonS3
age: 34837
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 6fd3ab2be93b19c970fb371964d46d94.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: tcY-WhPqJBxvKwwophxYutEydahfVao0xvnB6M5PhT37cfEEQbotqA==

GET
H2 200 tr5
cdn.taboola.com/libtrc/ 3 B
78 B 135ms
95ms Image
text/html 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/libtrc/tr5?abgroup=cta-lzy5_var1
Requested by: Host: www.undertheradarmag.com
URL: https://www.undertheradarmag.com/news/premiere_enn_debut_new_video_for_catalyst
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.undertheradarmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 06 Sep 2021 00:00:25 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1630886425.178934,VS0,VE0
x-served-by: cache-fra19173-FRA
x-cache: HIT
content-type: text/html
cache-control: private,max-age=14400
accept-ranges: bytes
content-length: 3
retry-after: 0
x-cache-hits: 0

GET
H2 200 entityTagging.min.js Show response
static.solutionshindsight.net/teju-webclient/ 11 KB
5 KB 36ms
5ms Script
application/javascript 143.204.98.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.solutionshindsight.net/teju-webclient/entityTagging.min.js
Requested by: Host: srv.clickfuse.com
URL: https://srv.clickfuse.com/showads/showad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-110.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 90c8b5cae1ed0d1836143185868adaf9b0defe11451347755ad8b3249750cb5b

Request headers

Referer: https://www.undertheradarmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 05 Sep 2021 23:51:44 GMT
content-encoding: gzip
last-modified: Fri, 03 Sep 2021 14:25:52 GMT
server: AmazonS3
age: 771
etag: "00bcb64870ff0243b5d9cd66c1172642"
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 baaf38f0a0d54e4834bf934fa5189ceb.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 4400
x-amz-cf-id: 34yPahpzvPYZXWWrzUlWYU4Mo4m_71MAKa-RjnGDSZtIMH4IKBqkfw==

GET
H3-29 200 www-player-webp.css
www.youtube.com/s/player/9da24d97/ Frame 8DD6 329 KB
45 KB 37ms
31ms Stylesheet
text/css 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/9da24d97/www-player-webp.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/6SEZ2Ei-_pY

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

46717c032f82e2316c694c6cb20d63d109954cc77e1aeee251dd5b1591915716

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/6SEZ2Ei-_pY
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 05 Sep 2021 15:23:47 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 02 Sep 2021 00:22:16 GMT
server: sffe
age: 30998
vary: Accept-Encoding, Origin
content-type: text/css
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46331
x-xss-protection: 0
expires: Mon, 05 Sep 2022 15:23:47 GMT

GET
H3-29 200 www-embed-player.js Show response
www.youtube.com/s/player/9da24d97/www-embed-player.vflset/ Frame 8DD6 200 KB
66 KB 43ms
34ms Script
text/javascript 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/9da24d97/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/6SEZ2Ei-_pY

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c7d3dec6d28f0f63a370a2d63562b6cdc44e88fe2a89d7f0e9b6dfd86d5e7486

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/6SEZ2Ei-_pY
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 02 Sep 2021 14:08:14 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 02 Sep 2021 00:22:16 GMT
server: sffe
age: 294731
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 67106
x-xss-protection: 0
expires: Fri, 02 Sep 2022 14:08:14 GMT

GET
H3-29 200 base.js Show response
www.youtube.com/s/player/9da24d97/player_ias.vflset/en_US/ Frame 8DD6 2 MB
502 KB 58ms
50ms Script
text/javascript 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/9da24d97/player_ias.vflset/en_US/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/6SEZ2Ei-_pY

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ed35e554e7e086d706d4f30377aa048c2115475928a82130b88b2d7c24ffabe2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/6SEZ2Ei-_pY
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 05 Sep 2021 14:14:17 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 02 Sep 2021 00:22:16 GMT
server: sffe
age: 35168
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 513916
x-xss-protection: 0
expires: Mon, 05 Sep 2022 14:14:17 GMT

GET
H3-29 200 fetch-polyfill.js Show response
www.youtube.com/s/player/9da24d97/fetch-polyfill.vflset/ Frame 8DD6 8 KB
3 KB 61ms
53ms Script
text/javascript 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/9da24d97/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/6SEZ2Ei-_pY

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/6SEZ2Ei-_pY
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 05 Sep 2021 14:27:57 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 02 Sep 2021 00:22:16 GMT
server: sffe
age: 34348
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2830
x-xss-protection: 0
expires: Mon, 05 Sep 2022 14:27:57 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 8DD6 15 KB
15 KB 26ms
0ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/6SEZ2Ei-_pY

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.youtube.com
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 11:21:30 GMT
x-content-type-options: nosniff
age: 218335
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 03 Sep 2022 11:21:30 GMT

GET
H2

200

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&ns__t=1630886425497&ns_c=UTF-8&cv=3.5&c8=Premiere%3A%20%C4%A0ENN%20Debut%20New%20Video%20For%20%E2%80%9CCatalyst%E2%80%9D%20%7C%20Under%20Th...
https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1630886425497&ns_c=UTF-8&cv=3.5&c8=Premiere%3A%20%C4%A0ENN%20Debut%20New%20Video%20For%20%E2%80%9CCatalyst%E2%80%9D%20%7C%20Under%20T...

64 B
330 B

185ms
43ms

Image
image/gif

13.32.121.17
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1630886425497&ns_c=UTF-8&cv=3.5&c8=Premiere%3A%20%C4%A0ENN%20Debut%20New%20Video%20For%20%E2%80%9CCatalyst%E2%80%9D%20%7C%20Under%20The%20Radar%20Magazine&c7=https%3A%2F%2Fwww.undertheradarmag.com%2Fnews%2Fpremiere_enn_debut_new_video_for_catalyst%23&c9=
Requested by: Host: www.undertheradarmag.com
URL: https://www.undertheradarmag.com/news/premiere_enn_debut_new_video_for_catalyst
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-17.fra60.r.cloudfront.net
Software: /
Resource Hash: 831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Referer: https://www.undertheradarmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 06 Sep 2021 00:00:26 GMT
via: 1.1 6fd3ab2be93b19c970fb371964d46d94.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
etag: W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache: Miss from cloudfront
content-type: image/gif; charset=utf-8
content-length: 64
x-amz-cf-id: mTIeNSDG7fRz0hdBAteGUJh6j18qniYiw4L7FuVuXul5J3bbkSD9jw==

Redirect headers

date: Mon, 06 Sep 2021 00:00:25 GMT
via: 1.1 6fd3ab2be93b19c970fb371964d46d94.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1630886425497&ns_c=UTF-8&cv=3.5&c8=Premiere%3A%20%C4%A0ENN%20Debut%20New%20Video%20For%20%E2%80%9CCatalyst%E2%80%9D%20%7C%20Under%20The%20Radar%20Magazine&c7=https%3A%2F%2Fwww.undertheradarmag.com%2Fnews%2Fpremiere_enn_debut_new_video_for_catalyst%23&c9=
content-length: 340
x-amz-cf-id: P3aZcvj4yZx8BIW2PQzpL_WHO0jUkvSPlUHCLatIns64EWExTrOe_Q==

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
853 B 65ms
19ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.undertheradarmag.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021083101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.undertheradarmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 06 Sep 2021 00:00:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
570 B 95ms
18ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.undertheradarmag.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021083101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.undertheradarmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 06 Sep 2021 00:00:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 292 KB
65 KB 1465ms
1182ms XHR
text/plain 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2797037208050237&correlator=2186239089994003&output=ldjh&impl=fifs&eid=31062297&vrg=2021083101&ptt=17&sc=1&sfv=1-0-38&ecs=20210906&iu_parts=5381216%2CUTR_FullSite_Above_Header%2CUTR_FullSite_Leaderboard_728x90%2CUTR_FullSite_Square_300x250%2CUTR_FullSite_Skyscraper_160x600%2CUTR_ROS_Skyscraper_Right_bottom%2CUTR_ROS_Leaderboard-Bottom%2CUTR_ROS_Skyscraper_left_side&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5%2C%2F0%2F6%2C%2F0%2F7&prev_iu_szs=970x250%2C728x90%2C300x250%2C160x600%2C160x600%2C728x90%2C160x600&cookie_enabled=1&bc=31&abxe=1&lmt=1630886422&dt=1630886425798&dlt=1630886423011&idt=2504&frm=20&biw=1600&bih=1200&oid=3&adxs=318%2C533%2C528%2C1089%2C1089%2C436%2C-9&adys=11%2C289%2C2059%2C1345%2C2081%2C3008%2C-9&adks=2838847317%2C3077129767%2C724571257%2C1048258122%2C1787180309%2C574404161%2C246550581&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&u_java=false&flash=0&url=https%3A%2F%2Fwww.undertheradarmag.com%2Fnews%2Fpremiere_enn_debut_new_video_for_catalyst%23&vis=1&dmc=8&scr_x=0&scr_y=0&psz=945x250%7C729x92%7C497x250%7C183x618%7C183x600%7C945x147%7C0x-1&msz=970x-1%7C728x-1%7C300x-1%7C160x-1%7C160x-1%7C728x-1%7C0x-1&ga_vid=1625416874.1630886426&ga_sid=1630886426&ga_hid=1301169597&ga_fc=false&fws=0%2C0%2C0%2C0%2C0%2C0%2C2&ohw=0%2C0%2C0%2C0%2C0%2C0%2C0&btvi=0%7C0%7C1%7C2%7C3%7C4%7C-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021083101.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

c5be406334acb3d0bafd256fe1acdc2460608932d466e8d8ab4464c5f62430c2

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13011086618205880320/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13011086618205880320/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CJrR57CF6fICFVoFiwodsasEZQ&gqi=&layout=/sadbundle/%24csp%253Der3%24/13011086618205880320/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.undertheradarmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13011086618205880320/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13011086618205880320/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CJrR57CF6fICFVoFiwodsasEZQ&gqi=&layout=/sadbundle/%24csp%253Der3%24/13011086618205880320/index.html
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
google-creative-id: -1,138360885538,-1,-1,-1,-1,-1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 66288
x-xss-protection: 0
google-lineitem-id: -1,5772473191,-1,-1,-1,-1,-1
pragma: no-cache
server: cafe
google-mediationtag-id: -2
date: Mon, 06 Sep 2021 00:00:27 GMT
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.undertheradarmag.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
dd97950f1a8a919d39db5fcf83f03a78.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame FC4C 6 KB
3 KB 354ms
0ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://dd97950f1a8a919d39db5fcf83f03a78.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021083101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: dd97950f1a8a919d39db5fcf83f03a78.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.undertheradarmag.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://www.undertheradarmag.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Mon, 06 Sep 2021 00:00:26 GMT
expires: Tue, 06 Sep 2022 00:00:26 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 json Show response
trc.taboola.com/undertheradar/trc/3/ 42 KB
13 KB 297ms
208ms XHR
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/undertheradar/trc/3/json?tim=02%3A00%3A26.071&lti=cta-lzy5_var1&data=%7B%22id%22%3A947%2C%22ii%22%3A%22%2Fnews%2Fpremiere_enn_debut_new_video_for_catalyst%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1630573674238%2C%22vi%22%3A1630886426069%2C%22cv%22%3A%2220210823-13_b2-PR-36653-DEV-91882-align-code-from-custom-module-to-rbox-b251e67c540-SNAPSHOT%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.undertheradarmag.com%2Fnews%2Fpremiere_enn_debut_new_video_for_catalyst%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%5D%2C%22pev%22%3A5817%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A3226%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A8%2C%22uim%22%3A%22alternating-thumbnails-a%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Article%20Thumbnails%22%2C%22orig_uip%22%3A%22Below%20Article%20Thumbnails%22%2C%22cd%22%3A2308.578125%2C%22mw%22%3A697.5%7D%5D%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22cta-lzy5_var1%22%7D
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210823-13_b2-PR-36653-DEV-91882-align-code-from-custom-module-to-rbox-b251e67c540-SNAPSHOT.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: a61bf12455892105db87514233f5fd06bf0bbbd280210fa6b5f3a6b1b16ba7b6

Request headers

Referer: https://www.undertheradarmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

x-vcl-time-ms: 222
date: Mon, 06 Sep 2021 00:00:26 GMT
content-encoding: gzip
server: nginx
x-timer: S1630886426.180563,VS0,VE222
x-served-by: cache-fra19173-FRA
vary: Accept-Encoding
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://www.undertheradarmag.com
access-control-allow-credentials: true
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
x-cache-hits: 0

GET
H2 403 d3d3LnVuZGVydGhlcmFkYXJtYWcuY29t Show response
static.solutionshindsight.net/assets/ 243 B
607 B 574ms
404ms Fetch
application/xml 143.204.98.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.solutionshindsight.net/assets/d3d3LnVuZGVydGhlcmFkYXJtYWcuY29t
Requested by: Host: static.solutionshindsight.net
URL: https://static.solutionshindsight.net/teju-webclient/entityTagging.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-110.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8a818f3faede9a5840adfa1352bcce82872660e6b1949623702381b9f86d75d8

Request headers

Referer: https://www.undertheradarmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 06 Sep 2021 00:00:26 GMT
via: 1.1 5ad96647558bd4911f05189f8afefd98.cloudfront.net (CloudFront)
server: AmazonS3
x-amz-cf-pop: FRA50-C1
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/xml
access-control-allow-origin: *
access-control-max-age: 3000
x-cache: Error from cloudfront
x-amz-cf-id: cGAGkTSi7vo_bma1wUiIJPcSuUo91ej26pEQ_WuyDvB3s_F9KzGJgQ==

GET
H3-29

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame 8DD6
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

113 B
161 B

20ms
17ms

XHR
application/json

2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/6SEZ2Ei-_pY

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d563bb37472071794d15caa3f9cffb9271a325d74c24a0677418b8179ae6f694

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 06 Sep 2021 00:00:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 06 Sep 2021 00:00:26 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 8DD6 29 B
91 B 20ms
6ms Script
text/javascript 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/9da24d97/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 05 Sep 2021 23:57:58 GMT
x-content-type-options: nosniff
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
age: 148
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
expires: Mon, 06 Sep 2021 00:12:58 GMT

GET
H2 200 cta-branding.js Show response
cdn.taboola.com/demand-formats/cta-branding/ 19 KB
6 KB 39ms
37ms Script
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/demand-formats/cta-branding/cta-branding.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210823-13_b2-PR-36653-DEV-91882-align-code-from-custom-module-to-rbox-b251e67c540-SNAPSHOT.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ea622fea1b04e191a921831f919f8891280d18a83301a3359f6b5133584722a4

Request headers

Referer: https://www.undertheradarmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: A4C5uzAVxH2Ztj3AaZnQWTHahT65Jp9O
content-encoding: gzip
etag: "7a6ef5412d45e94af6813e18c060355d"
age: 7035
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 5990
x-amz-id-2: 5MobSlc+iIpZcIvvqKj/kIaKd9zK/zHejUaSlk6O46g6IuLOoQUG1y7EPVZt4Nk4Bg5d+sG47tY=
x-served-by: cache-fra19173-FRA
last-modified: Tue, 06 Jul 2021 14:02:32 GMT
server: AmazonS3
x-timer: S1630886427.715134,VS0,VE0
date: Mon, 06 Sep 2021 00:00:26 GMT
vary: Accept-Encoding
x-amz-request-id: KQE2YD0951MP799B
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript
abp: 27
x-cache-hits: 7770

GET
H2 200 cta-branding.css
cdn.taboola.com/demand-formats/cta-branding/ 2 KB
971 B 35ms
31ms Stylesheet
text/css 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/demand-formats/cta-branding/cta-branding.css
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210823-13_b2-PR-36653-DEV-91882-align-code-from-custom-module-to-rbox-b251e67c540-SNAPSHOT.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6fe77418e833f1ddfcf701ba7b6ebbd24efd2e93bce56065e0f1e711b1d829f8

Request headers

Referer: https://www.undertheradarmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: 10qGt8O9hKdbB5IigEtXn8Bn._HPfO8j
content-encoding: gzip
etag: "10c372ee2c83a7fd12df18aebc5320c6"
age: 27892
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 719
x-amz-id-2: A8pOn0vHP2AZTFPKUH/E/XQ0BnACpoDi2Cn8umalQjLdBaCQMU0fH3eIPGkBpOFXLrfZ+JH/G5w=
x-served-by: cache-fra19173-FRA
last-modified: Tue, 06 Apr 2021 14:48:01 GMT
server: AmazonS3
x-timer: S1630886427.721635,VS0,VE0
date: Mon, 06 Sep 2021 00:00:26 GMT
vary: Accept-Encoding
x-amz-request-id: H26RXF80K5Y33KYT
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: text/css
abp: 27
x-cache-hits: 148734

GET
H2 200 tfa-eid.20210823-13_b2-PR-36653-DEV-91882-align-code-from-custom-module-to-rbox-b251e67c540-SNAPSHOT.es6.js Show response
cdn.taboola.com/libtrc/ 14 KB
5 KB 27ms
25ms Script
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/tfa-eid.20210823-13_b2-PR-36653-DEV-91882-align-code-from-custom-module-to-rbox-b251e67c540-SNAPSHOT.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/undertheradar/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 84352a2f8bad7dccb44b3d6a9b459da554f6e35086b2f56e2f69aa9be54d6e3b

Request headers

Referer: https://www.undertheradarmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: .86PcTVeWfMrP.XzmZwMWduP0Yk_TZyt
content-encoding: gzip
etag: "0de63d4449ff2c0258c34199a90bcf75"
age: 73
x-cache: HIT
x-amz-replication-status: FAILED
content-length: 5123
x-amz-id-2: 45nQx6rMI0CAnY2tYfgdXNQoZQVrpSdqOlA+rg3/jQ9JgDYSOIbXkJVdkxEGbwI1gjSrV8ohhps=
x-served-by: cache-fra19173-FRA
last-modified: Tue, 24 Aug 2021 09:18:07 GMT
server: AmazonS3
x-timer: S1630886427.802883,VS0,VE1
date: Mon, 06 Sep 2021 00:00:26 GMT
vary: Accept-Encoding
x-amz-request-id: 59ZAHC3MG3H3FS04
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 27
x-cache-hits: 1

GET
H2 200 sha256.20210823-13_b2-PR-36653-DEV-91882-align-code-from-custom-module-to-rbox-b251e67c540-SNAPSHOT.es6.js Show response
cdn.taboola.com/libtrc/ 6 KB
3 KB 29ms
28ms Script
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/sha256.20210823-13_b2-PR-36653-DEV-91882-align-code-from-custom-module-to-rbox-b251e67c540-SNAPSHOT.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/undertheradar/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 756a539a72be5be3c85467b28b01a2b6b99e536f1a519c62b1770c2c62701f8a

Request headers

Referer: https://www.undertheradarmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: NB4.hYrGhAgpKcjY9MvT34OqCpViwd6_
content-encoding: gzip
etag: "68dcd814ba83911a53532231c6e44ec5"
age: 25
x-cache: HIT
x-amz-replication-status: FAILED
content-length: 2653
x-amz-id-2: 9w7yyJlBMss0lLM+ZidXosV72vhx0PMAAFRNHVoIEVVvX34ZM1fLLUgeij2+FN2krcRGTwlYXEE=
x-served-by: cache-fra19173-FRA
last-modified: Tue, 24 Aug 2021 09:17:55 GMT
server: AmazonS3
x-timer: S1630886427.803062,VS0,VE1
date: Mon, 06 Sep 2021 00:00:26 GMT
vary: Accept-Encoding
x-amz-request-id: 8V1E903HYPNH1MDW
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 27
x-cache-hits: 1

GET
H2 200 floating-unit.20210823-13_b2-PR-36653-DEV-91882-align-code-from-custom-module-to-rbox-b251e67c540-SNAPSHOT.es6.js Show response
cdn.taboola.com/libtrc/ 7 KB
3 KB 29ms
28ms Script
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/floating-unit.20210823-13_b2-PR-36653-DEV-91882-align-code-from-custom-module-to-rbox-b251e67c540-SNAPSHOT.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/undertheradar/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6c40c92c2c381897cb5c18508490c7cbc9ad041dc3e342931bc4371cf4492e44

Request headers

Referer: https://www.undertheradarmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: wYqLC5jbAex6fa1yBvFLDv7x87LlAmBD
content-encoding: gzip
etag: "17fa1a49903cf7d29789699e8ea9a2cd"
age: 9
x-cache: HIT
x-amz-replication-status: FAILED
content-length: 2348
x-amz-id-2: /26HobCjIDU/6lkCb45Sf80mft4nSDDHXYJHWu3qcLLZYrwWqF6+Y6zLblh6iDpTNUMSLGqiJik=
x-served-by: cache-fra19173-FRA
last-modified: Tue, 24 Aug 2021 09:17:45 GMT
server: AmazonS3
x-timer: S1630886427.803197,VS0,VE1
date: Mon, 06 Sep 2021 00:00:26 GMT
vary: Accept-Encoding
x-amz-request-id: X2ZZDFR8M27VBT73
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 27
x-cache-hits: 1

GET
H2 200 tb Show response
15.taboola.com/ 37 KB
11 KB 47ms
43ms XHR
text/html 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://15.taboola.com/tb?oid=15&pubnm=undertheradar&unitType=244&tbloc=&pageType=text&pstn=Below%20Article%20Thumbnails&uuip=Feed%20-%20Below%20Article%20Thumbnails&cisrf=&cirf=https%3A%2F%2Fwww.undertheradarmag.com%2Fnews%2Fpremiere_enn_debut_new_video_for_catalyst&encoded=1&uid=b36ca07c-7ab9-4f82-9bc0-c7c989bef87e-tuct82edf9a&variant=-100|1&callback=TRC.videoTagCallbacks.videoCallback1&cb=1630886426775&tagid=&cntry=NL&platform=1&sesid=549def8f2e4388b633196a21e961f56b&itemid=/news/premiere_enn_debut_new_video_for_catalyst&viewid=1630886426069&geolat=&geoing=&deviceifa=&appid=&sd=v2_549def8f2e4388b633196a21e961f56b_b36ca07c-7ab9-4f82-9bc0-c7c989bef87e-tuct82edf9a_1630886426_1630886426_CNawjgYQ8P89GNXrn8O7LyABKAEwoQE4l-oLQJmXEEjm0NoDUP___________wFYAGAAaP3BhtTukO6XxwFwAA&ri=585565d9f0435c3a505fb823fbf4e59b&appname=&cdb=&gdprApplies=true&rid=&sii=3129046238235327747&oee=true&tpubid=1015792&uis=2&fagg=1&ccpaDns=false&ccpaPrivacy=&region=NH&hasGDPRConsent=true&tcfVersion=&cmpStatus=&tnetid=&prcnt=&layer=
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210823-13_b2-PR-36653-DEV-91882-align-code-from-custom-module-to-rbox-b251e67c540-SNAPSHOT.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: a80cb2e3524a8dd7927b51aef95f2c4f90fff3f6d3257f4c92bdbe1a25e65b41

Request headers

Referer: https://www.undertheradarmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 06 Sep 2021 00:00:26 GMT
content-encoding: gzip
access-control-allow-origin: https://www.undertheradarmag.com
machineid: 1429
x-cache: MISS
xvid-debug: mrmr - :
x-served-by: cache-fra19173-FRA
pragma: no-cache
server: nginx
x-timer: S1630886427.805553,VS0,VE22
vary: Accept-Encoding
content-type: text/html;charset=ISO-8859-1
via: 1.1 varnish
expires: Sat, 26 Jul 1997 05:00:00 GMT
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
accept-ranges: bytes
link: <https://am-wf.taboola.com>; rel=preconnect
x-cache-hits: 0

GET
H2 200 feed-card-placeholder.20210823-13_b2-PR-36653-DEV-91882-align-code-from-custom-module-to-rbox-b251e67c540-SNAPSHOT.es6.js Show response
cdn.taboola.com/libtrc/ 5 KB
2 KB 29ms
28ms Script
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/feed-card-placeholder.20210823-13_b2-PR-36653-DEV-91882-align-code-from-custom-module-to-rbox-b251e67c540-SNAPSHOT.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/undertheradar/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f64306b98a683b19e17232b5d403add61a35648619b26eeb54e4d759339e415b

Request headers

Referer: https://www.undertheradarmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: FY2hwp6.OddJfYRNezwJOxogUl2xaeyO
content-encoding: gzip
etag: "ae07add082781037fb52537617d23ecf"
age: 10
x-cache: HIT
x-amz-replication-status: FAILED
content-length: 1323
x-amz-id-2: jD9efaNS/4pkcB3uO2Dz5KSE0UmmjX+OnTkA8OZ8VyMsmEuxrvC6FmUzW2o9b5kxVJWKp3XymA0=
x-served-by: cache-fra19173-FRA
last-modified: Tue, 24 Aug 2021 09:17:27 GMT
server: AmazonS3
x-timer: S1630886427.803329,VS0,VE1
date: Mon, 06 Sep 2021 00:00:26 GMT
vary: Accept-Encoding
x-amz-request-id: WFNHYJPJK83TJ1PN
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 27
x-cache-hits: 1

GET
H2 200 userx.20210823-13_b2-PR-36653-DEV-91882-align-code-from-custom-module-to-rbox-b251e67c540-SNAPSHOT.es6.js Show response
cdn.taboola.com/libtrc/ 17 KB
6 KB 24ms
23ms Script
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/userx.20210823-13_b2-PR-36653-DEV-91882-align-code-from-custom-module-to-rbox-b251e67c540-SNAPSHOT.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/undertheradar/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5113763092b9902a7288443b42c062047814a18c0198a517166da418aea9736a

Request headers

Referer: https://www.undertheradarmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: Y5HD0I4dPoVFLD6flMVIfXjyuha3vE.o
content-encoding: gzip
etag: "f961204313de6908800a6a653354a4b9"
age: 22
x-cache: HIT
x-amz-replication-status: FAILED
content-length: 5402
x-amz-id-2: TOhNZe50Fkv0ChSWpWL6a9GHqmNpLevtgWfvTClQ1NwsAcvYvSs6vESlbWUsPrpm2zjCFycTxjM=
x-served-by: cache-fra19173-FRA
last-modified: Tue, 24 Aug 2021 09:18:11 GMT
server: AmazonS3
x-timer: S1630886427.891187,VS0,VE0
date: Mon, 06 Sep 2021 00:00:26 GMT
vary: Accept-Encoding
x-amz-request-id: A2CYYGWRSWAE0DEG
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 27
x-cache-hits: 1

GET
H2 200 explore-more.20210823-13_b2-PR-36653-DEV-91882-align-code-from-custom-module-to-rbox-b251e67c540-SNAPSHOT.es6.js Show response
cdn.taboola.com/libtrc/ 15 KB
5 KB 26ms
26ms Script
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/explore-more.20210823-13_b2-PR-36653-DEV-91882-align-code-from-custom-module-to-rbox-b251e67c540-SNAPSHOT.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/undertheradar/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4c0264ef2895352fd146f698d041b6c5ca958b7de503c8985a5270ae1f811861

Request headers

Referer: https://www.undertheradarmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: moCGNZYE7LAet0eb_aQufIogTl7zgIcN
content-encoding: gzip
etag: "93f19575817bb428f7cf5a236709684e"
age: 35
x-cache: HIT
x-amz-replication-status: FAILED
content-length: 4498
x-amz-id-2: YMd+OsQou8WEwaDbTmVtXY1Rltr7Nva/KpUfKgXEYyDExam5Ry2+3RUuva33goXGJ64k2JrjPdw=
x-served-by: cache-fra19173-FRA
last-modified: Tue, 24 Aug 2021 09:17:23 GMT
server: AmazonS3
x-timer: S1630886427.980111,VS0,VE1
date: Mon, 06 Sep 2021 00:00:26 GMT
vary: Accept-Encoding
x-amz-request-id: 1XY8SR65ZTMCGEA7
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 27
x-cache-hits: 1

GET
H2 204 supply-feature
trc.taboola.com/undertheradar/log/3/ 0
269 B 39ms
39ms Image
image/gif 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/undertheradar/log/3/supply-feature?route=AM:AM:V&lti=cta-lzy5_var1&ri=e2334a1ffea53489ab09411201d18273&sd=v2_549def8f2e4388b633196a21e961f56b_b36ca07c-7ab9-4f82-9bc0-c7c989bef87e-tuct82edf9a_1630886426_1630886426_CNawjgYQ8P89GNXrn8O7LyABKAEwoQE4l-oLQJmXEEjm0NoDUP___________wFYAGAAaP3BhtTukO6XxwFwAA&ui=b36ca07c-7ab9-4f82-9bc0-c7c989bef87e-tuct82edf9a&pi=/news/premiere_enn_debut_new_video_for_catalyst&wi=3129046238235327747&pt=text&vi=1630886426069&d=%7B%22event_type%22%3A%22taboola_reminder%22%2C%22event_state%22%3A%22RENDERED%22%2C%22event_value%22%3Anull%2C%22event_msg%22%3Anull%7D&tim=02%3A00%3A26.773&id=3211&llvl=1&cv=20210823-13_b2-PR-36653-DEV-91882-align-code-from-custom-module-to-rbox-b251e67c540-SNAPSHOT&
Requested by: Host: www.undertheradarmag.com
URL: https://www.undertheradarmag.com/news/premiere_enn_debut_new_video_for_catalyst
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.undertheradarmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-vcl-time-ms: 9
pragma: no-cache
date: Mon, 06 Sep 2021 00:00:27 GMT
via: 1.1 varnish
server: nginx
x-timer: S1630886427.196404,VS0,VE9
x-served-by: cache-fra19173-FRA
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 0

GET
H2 204 debug
am-trc-events.taboola.com/undertheradar/log/2/ 0
90 B 490ms
57ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/undertheradar/log/2/debug?tim=02%3A00%3A26.828&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20thumbs-feed-01&id=7726&cv=20210823-13_b2-PR-36653-DEV-91882-align-code-from-custom-module-to-rbox-b251e67c540-SNAPSHOT&lt=cta-lzy5_var1&pct=1
Requested by: Host: www.undertheradarmag.com
URL: https://www.undertheradarmag.com/news/premiere_enn_debut_new_video_for_catalyst
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.undertheradarmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 06 Sep 2021 00:00:27 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 14332

GET
H2 204 debug
am-trc-events.taboola.com/undertheradar/log/2/ 0
89 B 489ms
58ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/undertheradar/log/2/debug?tim=02%3A00%3A26.848&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-01&id=3511&cv=20210823-13_b2-PR-36653-DEV-91882-align-code-from-custom-module-to-rbox-b251e67c540-SNAPSHOT&lt=cta-lzy5_var1&pct=1
Requested by: Host: www.undertheradarmag.com
URL: https://www.undertheradarmag.com/news/premiere_enn_debut_new_video_for_catalyst
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.undertheradarmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 06 Sep 2021 00:00:27 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 14332

GET
H2 200 f89e1763-220d-4e09-ba69-9e040548fb7a.svg
cdn.taboola.com/static/f8/ 4 KB
2 KB 27ms
27ms Image
image/svg+xml 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/static/f8/f89e1763-220d-4e09-ba69-9e040548fb7a.svg
Requested by: Host: www.undertheradarmag.com
URL: https://www.undertheradarmag.com/news/premiere_enn_debut_new_video_for_catalyst
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618

Request headers

Referer: https://www.undertheradarmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: cMrDKn.emLmm9kiiOOF64ulDT4DRy6LK
content-encoding: gzip
etag: "b8b410e4b18d45aa2f3d9bc09cd335fb"
age: 73
via: 1.1 varnish
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 1758
x-amz-id-2: yeOJJ+tNNdajw4hK3I7/tYpBRq+/TJEGfi4sEZRXOp9UQ3u6dQQzKs083dQVHcAwy/qqwRKPz0M=
x-served-by: cache-fra19173-FRA
last-modified: Wed, 07 Feb 2018 11:15:52 GMT
server: AmazonS3
x-timer: S1630886427.206649,VS0,VE0
date: Mon, 06 Sep 2021 00:00:27 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
x-amz-request-id: 1PW18NSMPYAQGD13
access-control-allow-origin: *
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: image/svg+xml
access-control-allow-headers: *
abp: 27
x-cache-hits: 26

GET
H2 200 remote.js Show response
www.youtube.com/s/player/9da24d97/player_ias.vflset/en_US/ Frame 8DD6 95 KB
29 KB 84ms
14ms Script
text/javascript 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/9da24d97/player_ias.vflset/en_US/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/9da24d97/player_ias.vflset/en_US/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

69942786813a6298663b529dfb3dffbe7d7f9f7280e5261670b2425521299d54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/6SEZ2Ei-_pY
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 02 Sep 2021 14:12:04 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 02 Sep 2021 00:22:16 GMT
server: sffe
age: 294503
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29751
x-xss-protection: 0
expires: Fri, 02 Sep 2022 14:12:04 GMT

GET
H2 200 EDCj09Pb8pUjHXIFJS_PfBpELTlNnUOPUqilxM0kJLA.js Show response
www.google.com/js/th/ Frame 8DD6 35 KB
13 KB 54ms
5ms Script
text/javascript 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/EDCj09Pb8pUjHXIFJS_PfBpELTlNnUOPUqilxM0kJLA.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/9da24d97/player_ias.vflset/en_US/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1030a3d3d3dbf295231d7205252fcf7c1a442d394d9d438f52a8a5c4cd2424b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 05 Sep 2021 08:42:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 55065
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13425
x-xss-protection: 0
last-modified: Mon, 23 Aug 2021 09:00:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 05 Sep 2022 08:42:42 GMT

GET
H3-29 200 embed.js Show response
www.youtube.com/s/player/9da24d97/player_ias.vflset/en_US/ Frame 8DD6 24 KB
7 KB 69ms
68ms Script
text/javascript 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/9da24d97/player_ias.vflset/en_US/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/9da24d97/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2ee3b9d6ffdd549d70238351a446c76a973f73d065355da6e9096409ba6e015c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/6SEZ2Ei-_pY
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 02 Sep 2021 14:14:36 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 02 Sep 2021 00:22:16 GMT
server: sffe
age: 294351
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7335
x-xss-protection: 0
expires: Fri, 02 Sep 2022 14:14:36 GMT

GET
DATA 200
OK truncated
/ Frame 8DD6 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 dyWQISnRdKQIBC_yweK-VEYdKbgwTXR02g9C-kcjx4Wb3B5BVzxx8kvGSCNbh6uTzwXBaJEvRw=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ Frame 8DD6 5 KB
5 KB 40ms
20ms Image
image/jpeg 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/dyWQISnRdKQIBC_yweK-VEYdKbgwTXR02g9C-kcjx4Wb3B5BVzxx8kvGSCNbh6uTzwXBaJEvRw=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/6SEZ2Ei-_pY

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

03c400debe2bc476d620ba5903ef11ebf9aecb25fd45410e7e5ff27b7148ec70

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 06 Sep 2021 00:00:28 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="channels4_profile.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4608
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sun, 29 Aug 2021 08:00:07 GMT

GET
H2 200 hqdefault.webp
i.ytimg.com/vi_webp/6SEZ2Ei-_pY/ Frame 8DD6 6 KB
6 KB 23ms
21ms Image
image/webp 2a00:1450:4001:830::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi_webp/6SEZ2Ei-_pY/hqdefault.webp

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/6SEZ2Ei-_pY

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9bba96f723d65681d8227ef2161b5a018251b224a486d188dbd4a267a6a4bf35

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 06 Sep 2021 00:00:28 GMT
x-content-type-options: nosniff
server: sffe
age: 0
etag: "0"
vary: Origin
content-type: image/webp
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5678
x-xss-protection: 0
expires: Mon, 06 Sep 2021 02:00:28 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu7GxKOzY.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 8DD6 12 KB
12 KB 23ms
7ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu7GxKOzY.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/6SEZ2Ei-_pY

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dbb8f45730d91bffff8307cfdf7c82e67745d84cb6063a1f3880fadfad59c57d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.youtube.com
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 07:54:02 GMT
x-content-type-options: nosniff
age: 230786
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11936
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:01 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 03 Sep 2022 07:54:02 GMT

GET
H2 200 UnitFeedManagerDesktop.min.js Show response
vidstat.taboola.com/lite-unit/3.5.0/ 97 KB
28 KB 40ms
31ms Script
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/lite-unit/3.5.0/UnitFeedManagerDesktop.min.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210823-13_b2-PR-36653-DEV-91882-align-code-from-custom-module-to-rbox-b251e67c540-SNAPSHOT.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 58e5848979b152c0d8b31b3b50c497a310f6281a163160e96580f3164d0a1e62

Request headers

Referer: https://www.undertheradarmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 06 Sep 2021 00:00:28 GMT
via: 1.1 9568a708c8ab21597698ebe7dce6c42e.cloudfront.net (CloudFront), 1.1 varnish
age: 2559410
x-cache: Hit from cloudfront, HIT
content-encoding: gzip
content-length: 28579
x-served-by: cache-fra19173-FRA
last-modified: Sat, 07 Aug 2021 09:02:26 GMT
server: AmazonS3
x-timer: S1630886428.254149,VS0,VE0
etag: "98792de14c80d5bbc8c9cb5b6137efbd"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: vmdgSAOTYpnmKS_GDkVHTsOktaVMEC3ewm4nJoYoJvIuBJq-Z_kJyA==
x-cache-hits: 179405

GET
H2 204 abtests
trc.taboola.com/undertheradar/log/3/ 0
253 B 32ms
31ms Image
image/gif 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/undertheradar/log/3/abtests?route=AM:AM:V&lti=cta-lzy5_var1&ri=e2334a1ffea53489ab09411201d18273&sd=v2_549def8f2e4388b633196a21e961f56b_b36ca07c-7ab9-4f82-9bc0-c7c989bef87e-tuct82edf9a_1630886426_1630886426_CNawjgYQ8P89GNXrn8O7LyABKAEwoQE4l-oLQJmXEEjm0NoDUP___________wFYAGAAaP3BhtTukO6XxwFwAA&ui=b36ca07c-7ab9-4f82-9bc0-c7c989bef87e-tuct82edf9a&pi=/news/premiere_enn_debut_new_video_for_catalyst&wi=3129046238235327747&pt=text&vi=1630886426069&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22animated_story%22%2C%22type%22%3A%22available%22%2C%22eventTime%22%3A1630886428299%7D&tim=02%3A00%3A28.300&id=442&llvl=1&cv=20210823-13_b2-PR-36653-DEV-91882-align-code-from-custom-module-to-rbox-b251e67c540-SNAPSHOT&
Requested by: Host: www.undertheradarmag.com
URL: https://www.undertheradarmag.com/news/premiere_enn_debut_new_video_for_catalyst
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.undertheradarmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-vcl-time-ms: 8
pragma: no-cache
date: Mon, 06 Sep 2021 00:00:28 GMT
via: 1.1 varnish
server: nginx
x-timer: S1630886428.333882,VS0,VE8
x-served-by: cache-fra19173-FRA
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 0

GET
H2 200 4122140a28fd9b8eb70e891ec8090ced.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_410%2Cw_820%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 40 KB
41 KB 115ms
50ms Image
image/webp 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_410%2Cw_820%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/4122140a28fd9b8eb70e891ec8090ced.jpg
Requested by: Host: www.undertheradarmag.com
URL: https://www.undertheradarmag.com/news/premiere_enn_debut_new_video_for_catalyst
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: f2bc7c6fe6c1401c19b1447e70150877d7726083331df5c0ba1e1825490657b6

Request headers

Referer: https://www.undertheradarmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-vcl-time-ms: 2
date: Mon, 06 Sep 2021 00:00:28 GMT
via: 1.1 varnish, 1.1 varnish
age: 323181
edge-cache-tag: 368259652828250805421813998324128806207,580433602744378610131103618275832727747,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 643
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_410%2Cw_820%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/4122140a28fd9b8eb70e891ec8090ced.jpg
content-length: 40894
x-request-id: 91cc58898de1c683cb871522aa067829
x-backend-name: US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb102
last-modified: Fri, 13 Aug 2021 07:44:25 GMT
server: nginx
x-timer: S1630886428.484616,VS0,VE2
etag: "74bcf814a3cce96b816c136d8fffe494"
x-served-by: cache-wdc5540-WDC, cache-dca17775-DCA, cache-fra19173-FRA
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1

GET
H2 200 8a114bf7a283e57812960d61f56bd1d4.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 12 KB
12 KB 84ms
37ms Image
image/webp 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8a114bf7a283e57812960d61f56bd1d4.jpg
Requested by: Host: www.undertheradarmag.com
URL: https://www.undertheradarmag.com/news/premiere_enn_debut_new_video_for_catalyst
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 48cf5f6a087599cb55d0960fa2c641dcd7c865c8aded52393a98cc33448d40ef

Request headers

Referer: https://www.undertheradarmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Mon, 06 Sep 2021 00:00:28 GMT
via: 1.1 varnish, 1.1 varnish
age: 1204490
edge-cache-tag: 321878742475222481006479727623794305486,435865549287215527994699919445509550944,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 44
expiration: expiry-date="Mon, 23 Aug 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: HIT, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8a114bf7a283e57812960d61f56bd1d4.jpg
content-length: 11818
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
last-modified: Fri, 23 Jul 2021 03:06:47 GMT
server: nginx
x-timer: S1630886428.484478,VS0,VE1
etag: "d99b06f120d27fbc34179dc43ead951d"
x-served-by: cache-wdc5573-WDC, cache-dca17760-DCA, cache-fra19173-FRA
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 1

GET
H2 200 16009519025834fb9619d0539d6d940a14485103b350d.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//s3.amazonaws.com/shinez-pictures/ 27 KB
27 KB 67ms
28ms Image
image/webp 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//s3.amazonaws.com/shinez-pictures/16009519025834fb9619d0539d6d940a14485103b350d.jpg
Requested by: Host: www.undertheradarmag.com
URL: https://www.undertheradarmag.com/news/premiere_enn_debut_new_video_for_catalyst
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 06c09ad43dc49ac7f7a741d94aa76dcc2903e0a8bf20c3335da2b62504f1a627

Request headers

Referer: https://www.undertheradarmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Mon, 06 Sep 2021 00:00:28 GMT
via: 1.1 varnish, 1.1 varnish
age: 326429
edge-cache-tag: 544669399466104216257389426845071968091,435865549287215527994699919445509550944,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 99
x-envoy-upstream-service-time: 46
x-cache: HIT, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//s3.amazonaws.com/shinez-pictures/16009519025834fb9619d0539d6d940a14485103b350d.jpg
content-length: 27376
x-request-id: a38bbd24e170a21b8844f431d47d8efa
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
last-modified: Fri, 27 Aug 2021 01:26:10 GMT
server: nginx
x-timer: S1630886428.483860,VS0,VE1
etag: "b8b21b3018dd8aa0901d1c4a5bf07f42"
x-served-by: cache-wdc5570-WDC, cache-dca17759-DCA, cache-fra19173-FRA
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 1

GET
H2 200 96a82de8a8abd87b20ab099626d89514_1000x600_c20f619d3729ca5a1ed90951959ac2bc.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_410%2Cw_820%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/e3c5e00c-8d4e-4ffb-9b76-5a7c81cdd776/ 66 KB
67 KB 156ms
117ms Image
image/webp 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_410%2Cw_820%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/e3c5e00c-8d4e-4ffb-9b76-5a7c81cdd776/96a82de8a8abd87b20ab099626d89514_1000x600_c20f619d3729ca5a1ed90951959ac2bc.png
Requested by: Host: www.undertheradarmag.com
URL: https://www.undertheradarmag.com/news/premiere_enn_debut_new_video_for_catalyst
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: ffe3f32203360d3b292c1178793310540234f6eabcbce3d8da2ce74a08d6e80a

Request headers

Referer: https://www.undertheradarmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-vcl-time-ms: 91
date: Mon, 06 Sep 2021 00:00:28 GMT
via: 1.1 varnish, 1.1 varnish
age: 1259811
edge-cache-tag: 315122852327885744293661842004550570708,580433602744378610131103618275832727747,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 763
x-cache: MISS, HIT, MISS
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_410%2Cw_820%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/e3c5e00c-8d4e-4ffb-9b76-5a7c81cdd776/96a82de8a8abd87b20ab099626d89514_1000x600_c20f619d3729ca5a1ed90951959ac2bc.png
content-length: 67556
x-request-id: d151cd3bf3c90311012c383aed551db2
x-backend-name: US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb103
last-modified: Thu, 05 Aug 2021 20:02:57 GMT
server: nginx
x-timer: S1630886428.484029,VS0,VE91
etag: "8246dfd2b810f6a6497e2a50166ffd7e"
x-served-by: cache-wdc5574-WDC, cache-dca17779-DCA, cache-fra19173-FRA
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 0

GET
H2 200 d4470a04a9d36535d70c6613b8778853.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 7 KB
7 KB 69ms
31ms Image
image/webp 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d4470a04a9d36535d70c6613b8778853.jpg
Requested by: Host: www.undertheradarmag.com
URL: https://www.undertheradarmag.com/news/premiere_enn_debut_new_video_for_catalyst
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 71dc44e8f55143192525413b6325d29e3f2c621ad04dad549db4a83508d23378

Request headers

Referer: https://www.undertheradarmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Mon, 06 Sep 2021 00:00:28 GMT
via: 1.1 varnish, 1.1 varnish
age: 1251933
edge-cache-tag: 299159040444789304948716942386336347311,435865549287215527994699919445509550944,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 40
expiration: expiry-date="Sun, 19 Sep 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: HIT, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d4470a04a9d36535d70c6613b8778853.jpg
content-length: 7048
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
last-modified: Thu, 19 Aug 2021 13:09:09 GMT
server: nginx
x-timer: S1630886428.484182,VS0,VE1
etag: "5f22bc540dfd97600500c19b415ff883"
x-served-by: cache-wdc5525-WDC, cache-dca17748-DCA, cache-fra19173-FRA
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 1

GET
H2 200 25a101f85dc3e9225de507126ada5e2f.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 21 KB
22 KB 62ms
33ms Image
image/webp 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/25a101f85dc3e9225de507126ada5e2f.jpg
Requested by: Host: www.undertheradarmag.com
URL: https://www.undertheradarmag.com/news/premiere_enn_debut_new_video_for_catalyst
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e2a4a1be3554e01ad7bc8a54fa2812356276f4c682e8aac52b747b7cd8b47194

Request headers

Referer: https://www.undertheradarmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Mon, 06 Sep 2021 00:00:28 GMT
via: 1.1 varnish, 1.1 varnish
age: 2130315
edge-cache-tag: 396317103274447281113143505978584484251,435865549287215527994699919445509550944,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 46
expiration: expiry-date="Sun, 22 Aug 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: HIT, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/25a101f85dc3e9225de507126ada5e2f.jpg
content-length: 21606
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
last-modified: Thu, 22 Jul 2021 01:51:09 GMT
server: nginx
x-timer: S1630886428.484334,VS0,VE1
etag: "15100a8c6addcb8cc8f491f1d6a9b3a1"
x-served-by: cache-wdc5550-WDC, cache-dca17732-DCA, cache-fra19173-FRA
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 1

GET
H2 200 Calicoco_Underneath_album_cover_artwork_review.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.undertheradarmag.com/uploads/review_images/ 6 KB
7 KB 704ms
700ms Image
image/webp 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.undertheradarmag.com/uploads/review_images/Calicoco_Underneath_album_cover_artwork_review.jpg
Requested by: Host: www.undertheradarmag.com
URL: https://www.undertheradarmag.com/news/premiere_enn_debut_new_video_for_catalyst
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: bc6bc982a8f34540b44605f6aca9d5607afb2767693607248ff4c66697c5c526

Request headers

Referer: https://www.undertheradarmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-vcl-time-ms: 674
date: Mon, 06 Sep 2021 00:00:29 GMT
via: 1.1 varnish, 1.1 varnish
age: 0
edge-cache-tag: 454516693668949873576271911297770253404,308988584250984091245729376248888710740,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 565
x-cache: MISS, MISS, MISS
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.undertheradarmag.com/uploads/review_images/Calicoco_Underneath_album_cover_artwork_review.jpg
content-length: 6400
x-request-id: 59887e2b3b045d0a2fbc31d639bc9dd0
x-backend-name: US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb102
last-modified: Thu, 02 Sep 2021 15:14:22 GMT
server: nginx
x-timer: S1630886429.517449,VS0,VE674
etag: "53853d8642cc371f51920a2d2f605c3a"
x-served-by: cache-wdc5539-WDC, cache-dca17769-DCA, cache-fra19173-FRA
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0

GET
H2 200 Bachelor-tonjethilesen-2021-1crop_I_See_It_Now.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.undertheradarmag.com/uploads/article_images/ 30 KB
31 KB 269ms
268ms Image
image/webp 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.undertheradarmag.com/uploads/article_images/Bachelor-tonjethilesen-2021-1crop_I_See_It_Now.jpg
Requested by: Host: www.undertheradarmag.com
URL: https://www.undertheradarmag.com/news/premiere_enn_debut_new_video_for_catalyst
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: ed5f170e402d875c361db56e259770573bfd21ca4805e64954d4ddc68dc09ee5

Request headers

Referer: https://www.undertheradarmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-vcl-time-ms: 243
date: Mon, 06 Sep 2021 00:00:28 GMT
via: 1.1 varnish, 1.1 varnish
age: 240293
edge-cache-tag: 479238337313061613166632566741965712801,308988584250984091245729376248888710740,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 99
x-envoy-upstream-service-time: 142
x-cache: HIT, MISS, MISS
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.undertheradarmag.com/uploads/article_images/Bachelor-tonjethilesen-2021-1crop_I_See_It_Now.jpg
content-length: 30918
x-request-id: 70800a3a46222eb1a248a8381c82002e
x-backend-name: US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb102
last-modified: Wed, 01 Sep 2021 15:05:52 GMT
server: nginx
x-timer: S1630886429.517613,VS0,VE243
etag: "db39d4f73a8732914feb3ac93619cc70"
x-served-by: cache-wdc5564-WDC, cache-dca17775-DCA, cache-fra19173-FRA
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 0, 0

GET
H2 200 Songs_of_the_Week_9-3-21_Under_the_Radar.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.undertheradarmag.com/uploads/article_images/ 95 KB
95 KB 857ms
856ms Image
image/webp 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.undertheradarmag.com/uploads/article_images/Songs_of_the_Week_9-3-21_Under_the_Radar.jpg
Requested by: Host: www.undertheradarmag.com
URL: https://www.undertheradarmag.com/news/premiere_enn_debut_new_video_for_catalyst
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 6dde83bb083dbcc63dd4d892212fbc91b6a31a594b1c40f4374a3ba08378c1d2

Request headers

Referer: https://www.undertheradarmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-vcl-time-ms: 821
date: Mon, 06 Sep 2021 00:00:29 GMT
via: 1.1 varnish, 1.1 varnish
age: 0
edge-cache-tag: 424408896375879895021643670752773733411,308988584250984091245729376248888710740,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 720
x-cache: MISS, MISS, MISS
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.undertheradarmag.com/uploads/article_images/Songs_of_the_Week_9-3-21_Under_the_Radar.jpg
content-length: 96812
x-request-id: 40ac2bc885033c48304b8d4a8de035de
x-backend-name: US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb105
last-modified: Sat, 04 Sep 2021 05:30:40 GMT
server: nginx
x-timer: S1630886429.536399,VS0,VE821
etag: "909216620b11725fd4adadcb9ee9d419"
x-served-by: cache-wdc5538-WDC, cache-dca17748-DCA, cache-fra19173-FRA
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0

GET
H2 200 unnamed44.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.undertheradarmag.com/uploads/article_images/ 22 KB
23 KB 136ms
135ms Image
image/webp 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.undertheradarmag.com/uploads/article_images/unnamed44.jpg
Requested by: Host: www.undertheradarmag.com
URL: https://www.undertheradarmag.com/news/premiere_enn_debut_new_video_for_catalyst
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: a8d35656bff6abaff46eee9595d457a972a70b1bef1e3e86825950f55f24de79

Request headers

Referer: https://www.undertheradarmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-vcl-time-ms: 103
date: Mon, 06 Sep 2021 00:00:28 GMT
via: 1.1 varnish, 1.1 varnish
age: 240293
edge-cache-tag: 471035717929984562386148385523647146210,308988584250984091245729376248888710740,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining: 99
x-envoy-upstream-service-time: 209
expiration: expiry-date="Thu, 09 Sep 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: MISS, HIT, MISS
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.undertheradarmag.com/uploads/article_images/unnamed44.jpg
content-length: 22660
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
last-modified: Mon, 09 Aug 2021 21:57:52 GMT
server: nginx
x-timer: S1630886429.536556,VS0,VE103
etag: "86b00558cb311bd173a85d60fd81abe0"
x-served-by: cache-wdc5530-WDC, cache-dca17724-DCA, cache-fra19173-FRA
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 0

GET
H2 200 Dave_Okumu_Son_of_Emmerson_press_photo.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_330%2Cw_660%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.undertheradarmag.com/uploads/article_images/ 23 KB
23 KB 646ms
646ms Image
image/webp 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_330%2Cw_660%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.undertheradarmag.com/uploads/article_images/Dave_Okumu_Son_of_Emmerson_press_photo.jpg
Requested by: Host: www.undertheradarmag.com
URL: https://www.undertheradarmag.com/news/premiere_enn_debut_new_video_for_catalyst
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 0a62717337dc10dc07f20155be2965f57e20692ccd59275c8c70a775b1d56e9c

Request headers

Referer: https://www.undertheradarmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-vcl-time-ms: 622
date: Mon, 06 Sep 2021 00:00:29 GMT
via: 1.1 varnish, 1.1 varnish
age: 0
edge-cache-tag: 570617878472847119452208049186713435353,388671775900320025315642327208943500211,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 505
x-cache: MISS, MISS, MISS
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_330%2Cw_660%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.undertheradarmag.com/uploads/article_images/Dave_Okumu_Son_of_Emmerson_press_photo.jpg
content-length: 23380
x-request-id: 4c37d32718366fe913f287536a042612
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
last-modified: Fri, 03 Sep 2021 01:50:39 GMT
server: nginx
x-timer: S1630886429.536699,VS0,VE622
etag: "07a21a8b5879b4faeb54e0e36a32ec4a"
x-served-by: cache-wdc5554-WDC, cache-dca17755-DCA, cache-fra19173-FRA
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0

GET
H2 200 psb_696x.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.undertheradarmag.com/uploads/article_images/ 30 KB
30 KB 117ms
113ms Image
image/webp 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.undertheradarmag.com/uploads/article_images/psb_696x.jpg
Requested by: Host: www.undertheradarmag.com
URL: https://www.undertheradarmag.com/news/premiere_enn_debut_new_video_for_catalyst
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: d5f9f0f642322feacbbea896f27281de93f9d3060639b8a275ed67a8f99dff7f

Request headers

Referer: https://www.undertheradarmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-vcl-time-ms: 89
date: Mon, 06 Sep 2021 00:00:28 GMT
via: 1.1 varnish, 1.1 varnish
age: 181980
edge-cache-tag: 364411237488518799861407922590723479611,392933856032853361833841845111496461250,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 322
x-cache: MISS, HIT, MISS
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.undertheradarmag.com/uploads/article_images/psb_696x.jpg
content-length: 30444
x-request-id: 1bb3bb0ae972175322404b53184e05d2
x-backend-name: US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb104
last-modified: Thu, 02 Sep 2021 17:03:00 GMT
server: nginx
x-timer: S1630886429.612842,VS0,VE89
etag: "d7ca7c8d387db5fa9a642126d7cd819d"
x-served-by: cache-wdc5555-WDC, cache-dca17730-DCA, cache-fra19173-FRA
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 0

GET
H2 200 Silverbacks_Wear_My_Medals_press_photo.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.undertheradarmag.com/uploads/article_images/ 32 KB
32 KB 134ms
128ms Image
image/webp 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.undertheradarmag.com/uploads/article_images/Silverbacks_Wear_My_Medals_press_photo.jpg
Requested by: Host: www.undertheradarmag.com
URL: https://www.undertheradarmag.com/news/premiere_enn_debut_new_video_for_catalyst
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 232044faaa98f4de8987117b2c618d9245d40cae692a1ef79325444993d61b24

Request headers

Referer: https://www.undertheradarmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-vcl-time-ms: 104
date: Mon, 06 Sep 2021 00:00:28 GMT
via: 1.1 varnish, 1.1 varnish
age: 204586
edge-cache-tag: 379547823885910128135615535873412946159,392933856032853361833841845111496461250,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 431
x-cache: MISS, HIT, MISS
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.undertheradarmag.com/uploads/article_images/Silverbacks_Wear_My_Medals_press_photo.jpg
content-length: 32542
x-request-id: 490552c08a31647c23a30e3d52e71a3a
x-backend-name: US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb105
last-modified: Thu, 02 Sep 2021 13:31:57 GMT
server: nginx
x-timer: S1630886429.677550,VS0,VE104
etag: "1cc451c1c80ae15a9fd2b8c43a2b25e0"
x-served-by: cache-wdc5577-WDC, cache-dca12927-DCA, cache-fra19173-FRA
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 0

GET
H2 200 oasis_696x.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.undertheradarmag.com/uploads/article_images/ 26 KB
27 KB 260ms
256ms Image
image/webp 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.undertheradarmag.com/uploads/article_images/oasis_696x.jpg
Requested by: Host: www.undertheradarmag.com
URL: https://www.undertheradarmag.com/news/premiere_enn_debut_new_video_for_catalyst
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e09718cbc4637fdb081998148316b512d07438e8d19ceb32a7a26cd7ec79bb8a

Request headers

Referer: https://www.undertheradarmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-vcl-time-ms: 231
date: Mon, 06 Sep 2021 00:00:28 GMT
via: 1.1 varnish, 1.1 varnish
age: 54795
edge-cache-tag: 468710126607154022842155074920327641248,392933856032853361833841845111496461250,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 517
x-cache: MISS, HIT, MISS
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.undertheradarmag.com/uploads/article_images/oasis_696x.jpg
content-length: 26762
x-request-id: 204e60c7b249572ff4d09634a02a42c8
x-backend-name: US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb104
last-modified: Thu, 02 Sep 2021 15:14:10 GMT
server: nginx
x-timer: S1630886429.733444,VS0,VE231
etag: "6d3f2e09a71aefc4ea6c48d7e8fdfb69"
x-served-by: cache-wdc5543-WDC, cache-dca17739-DCA, cache-fra19173-FRA
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 0

GET
H2 200 maxresdefault.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.ytimg.com/vi/rJkL-yaERqQ/ 22 KB
22 KB 42ms
36ms Image
image/webp 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.ytimg.com/vi/rJkL-yaERqQ/maxresdefault.jpg
Requested by: Host: www.undertheradarmag.com
URL: https://www.undertheradarmag.com/news/premiere_enn_debut_new_video_for_catalyst
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 7bc09b24ec6d2348a26f6d0762015f9957e96ad12bb8500f16170642162e946d

Request headers

Referer: https://www.undertheradarmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Mon, 06 Sep 2021 00:00:28 GMT
via: 1.1 varnish, 1.1 varnish
age: 1261948
edge-cache-tag: 413113549805511609281905523648748462482,475000658346574341699039966618312097677,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 99
x-envoy-upstream-service-time: 131
x-cache: HIT, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.ytimg.com/vi/rJkL-yaERqQ/maxresdefault.jpg
content-length: 22318
x-request-id: d8894ba395e5a239f2a4e985b623c794
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
last-modified: Sat, 31 Jul 2021 15:48:49 GMT
server: nginx
x-timer: S1630886429.794223,VS0,VE1
etag: "303f8b932f27fb5c487eb3311c0fc9bc"
x-served-by: cache-wdc5543-WDC, cache-dca17741-DCA, cache-fra19173-FRA
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 1

GET
H2 200 12-searching-for-the-swamp-ghost-620x415.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.skipandgiggle.com/wp-content/uploads/2017/06/ 54 KB
54 KB 120ms
119ms Image
image/webp 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.skipandgiggle.com/wp-content/uploads/2017/06/12-searching-for-the-swamp-ghost-620x415.jpg
Requested by: Host: www.undertheradarmag.com
URL: https://www.undertheradarmag.com/news/premiere_enn_debut_new_video_for_catalyst
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 1deecee20b8aff00931811c38116270e6d16b9ad4e053fa51c0cd10ba4a3e0cc

Request headers

Referer: https://www.undertheradarmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-vcl-time-ms: 95
date: Mon, 06 Sep 2021 00:00:28 GMT
via: 1.1 varnish, 1.1 varnish
age: 919032
edge-cache-tag: 584645296724882307459735705814086839635,475000658346574341699039966618312097677,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 91
x-cache: HIT, HIT, MISS
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.skipandgiggle.com/wp-content/uploads/2017/06/12-searching-for-the-swamp-ghost-620x415.jpg
content-length: 54822
x-request-id: 3f78f92fec864e72d5dadaeac3f0f03b
x-backend-name: US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb104
last-modified: Wed, 28 Jul 2021 21:01:35 GMT
server: nginx
x-timer: S1630886429.814985,VS0,VE95
etag: "5bcb7013586ca2e3bbaabf8d48f5f20d"
x-served-by: cache-wdc5532-WDC, cache-dca17754-DCA, cache-fra19173-FRA
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 0

GET
H2 200 wiki_696x.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.undertheradarmag.com/uploads/article_images/ 22 KB
22 KB 231ms
228ms Image
image/webp 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.undertheradarmag.com/uploads/article_images/wiki_696x.jpg
Requested by: Host: www.undertheradarmag.com
URL: https://www.undertheradarmag.com/news/premiere_enn_debut_new_video_for_catalyst
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 9155ac7f0788f0dad29cafa28618f7ec353f45fdf25df39f414d8a07eecf0473

Request headers

Referer: https://www.undertheradarmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-vcl-time-ms: 204
date: Mon, 06 Sep 2021 00:00:29 GMT
via: 1.1 varnish, 1.1 varnish
age: 0
edge-cache-tag: 366064419346946772312850441339328093987,491862125603500554501118228743896000770,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 93
expiration: expiry-date="Fri, 01 Oct 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: MISS, MISS, MISS
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.undertheradarmag.com/uploads/article_images/wiki_696x.jpg
content-length: 22170
x-backend-name: US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb103
last-modified: Tue, 31 Aug 2021 22:00:45 GMT
server: nginx
x-timer: S1630886429.832340,VS0,VE204
etag: "3662f11be2f22e99e7f0f617c634835a"
x-served-by: cache-wdc5534-WDC, cache-dca17725-DCA, cache-fra19173-FRA
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0

GET
H2 200 Elrow_NYC_2021-41.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.undertheradarmag.com/uploads/review_images/ 7 KB
8 KB 471ms
470ms Image
image/webp 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.undertheradarmag.com/uploads/review_images/Elrow_NYC_2021-41.jpg
Requested by: Host: www.undertheradarmag.com
URL: https://www.undertheradarmag.com/news/premiere_enn_debut_new_video_for_catalyst
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 00ca85a33eaf2712c799728520eac75bead00bef10b0997fd3989c10fa7a552f

Request headers

Referer: https://www.undertheradarmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-vcl-time-ms: 416
date: Mon, 06 Sep 2021 00:00:29 GMT
via: 1.1 varnish, 1.1 varnish
age: 0
edge-cache-tag: 553244409184611484291279441345527436287,491862125603500554501118228743896000770,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 305
x-cache: MISS, MISS, MISS
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.undertheradarmag.com/uploads/review_images/Elrow_NYC_2021-41.jpg
content-length: 7632
x-request-id: 1cb28260f403cec2adec1c26c6a08cc6
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
last-modified: Thu, 02 Sep 2021 13:25:03 GMT
server: nginx
x-timer: S1630886429.948611,VS0,VE416
etag: "2c9c009bf7a1a239fe938c65c027a65f"
x-served-by: cache-wdc5582-WDC, cache-dca12925-DCA, cache-fra19173-FRA
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0

GET
H2 200 _d_30W-5551121101739.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.prezna.com/get/ 11 KB
11 KB 25ms
24ms Image
image/webp 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.prezna.com/get/_d_30W-5551121101739.jpg
Requested by: Host: www.undertheradarmag.com
URL: https://www.undertheradarmag.com/news/premiere_enn_debut_new_video_for_catalyst
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 38ebf5f5792facedce9b967ad1683b1c9086f9229887f5289aa2cf0099f6985a

Request headers

Referer: https://www.undertheradarmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Mon, 06 Sep 2021 00:00:28 GMT
via: 1.1 varnish, 1.1 varnish
age: 1183084
edge-cache-tag: 361377601838069935571497857476920662671,491862125603500554501118228743896000770,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 29
expiration: expiry-date="Thu, 09 Sep 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: HIT, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.prezna.com/get/_d_30W-5551121101739.jpg
content-length: 11040
x-backend-name: US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb105
last-modified: Mon, 09 Aug 2021 12:44:14 GMT
server: nginx
x-timer: S1630886429.992525,VS0,VE1
etag: "12753f9f992f0958c31f1a6d596130aa"
x-served-by: cache-wdc5549-WDC, cache-dca17741-DCA, cache-fra19173-FRA
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 1

GET
H2 200 38824ae6e509b8daa14400b8a9295ca0.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 21 KB
21 KB 34ms
19ms Image
image/webp 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/38824ae6e509b8daa14400b8a9295ca0.jpg
Requested by: Host: www.undertheradarmag.com
URL: https://www.undertheradarmag.com/news/premiere_enn_debut_new_video_for_catalyst
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 76d8d1fe0fb4fa9da574bd0b3d108fb87c4b4d0c920e0b4ef31debb772348451

Request headers

Referer: https://www.undertheradarmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Mon, 06 Sep 2021 00:00:29 GMT
via: 1.1 varnish, 1.1 varnish
age: 1267448
edge-cache-tag: 449704416513167544646760975174978805288,491862125603500554501118228743896000770,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 95
expiration: expiry-date="Tue, 24 Aug 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/38824ae6e509b8daa14400b8a9295ca0.jpg
content-length: 20996
x-backend-name: US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb102
last-modified: Sat, 24 Jul 2021 08:20:17 GMT
server: nginx
x-timer: S1630886429.031253,VS0,VE1
etag: "2ef455be0ed14a7045329a99a01ade7d"
x-served-by: cache-wdc5535-WDC, cache-dca17722-DCA, cache-fra19173-FRA
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1

GET
H2 200 POND_Human_Touch_video_screenshot.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.undertheradarmag.com/uploads/article_images/ 33 KB
34 KB 145ms
144ms Image
image/webp 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.undertheradarmag.com/uploads/article_images/POND_Human_Touch_video_screenshot.jpg
Requested by: Host: www.undertheradarmag.com
URL: https://www.undertheradarmag.com/news/premiere_enn_debut_new_video_for_catalyst
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 1fa8430b4ce20babb01fc0f8d781f9b130df4af7970727fad531fc334cc4a05e

Request headers

Referer: https://www.undertheradarmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-vcl-time-ms: 116
date: Mon, 06 Sep 2021 00:00:29 GMT
via: 1.1 varnish, 1.1 varnish
age: 298296
edge-cache-tag: 421987299604437716294256526553766344136,475000658346574341699039966618312097677,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 807
x-cache: MISS, HIT, MISS
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.undertheradarmag.com/uploads/article_images/POND_Human_Touch_video_screenshot.jpg
content-length: 34102
x-request-id: 05568fa2e61370ae1df579725a93d636
x-backend-name: US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb101
last-modified: Wed, 01 Sep 2021 18:14:16 GMT
server: nginx
x-timer: S1630886429.063211,VS0,VE116
etag: "5030c1fa77df103028349ae6289f2581"
x-served-by: cache-wdc5578-WDC, cache-dca17738-DCA, cache-fra19173-FRA
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 0

GET
H2 200 jonhopkins_696x.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.undertheradarmag.com/uploads/article_images/ 31 KB
32 KB 883ms
882ms Image
image/webp 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.undertheradarmag.com/uploads/article_images/jonhopkins_696x.jpg
Requested by: Host: www.undertheradarmag.com
URL: https://www.undertheradarmag.com/news/premiere_enn_debut_new_video_for_catalyst
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: f8ef75fbf2b0eb6b1ea7687d6a2a29515adc61b0564d6f920ec4370115b48d22

Request headers

Referer: https://www.undertheradarmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-vcl-time-ms: 857
date: Mon, 06 Sep 2021 00:00:29 GMT
via: 1.1 varnish, 1.1 varnish
age: 0
edge-cache-tag: 547532839420940148654145362138407212454,475000658346574341699039966618312097677,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 745
x-cache: MISS, MISS, MISS
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.undertheradarmag.com/uploads/article_images/jonhopkins_696x.jpg
content-length: 32084
x-request-id: 3d518a6968352d2d9ae88901f95913cd
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
last-modified: Thu, 02 Sep 2021 14:37:47 GMT
server: nginx
x-timer: S1630886429.071136,VS0,VE857
etag: "faad76ed9d894e3d5e68a30abfa7fe28"
x-served-by: cache-wdc5545-WDC, cache-dca12924-DCA, cache-fra19173-FRA
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0

GET
H/1.1 200
OK adunit.php Show response
srv.tonemedia.com/showads/ 266 B
1 KB 2065ms
53ms Script
text/javascript 54.76.22.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://srv.tonemedia.com/showads/adunit.php?id=100001447&di=cf_async_609182170&subtag=&search=&artist=&song=&tvt=&alb=&alb_is=false&dvid=&f=false&vpw=1600&abf=0&d=&pid=&cs=1&bl=false&ro=&uc=&uf=&position=0&ctr=&bp_abf=false&cf=&cc=&kv=&ps=1&af=&if=0&ii=0&pe=&ph=&pf=&fh=&mo=undefined&cm=&url=https%3A%2F%2Fwww.undertheradarmag.com%2Fnews%2Fpremiere_enn_debut_new_video_for_catalyst%23&t=1630886428689
Requested by: Host: srv.clickfuse.com
URL: https://srv.clickfuse.com/showads/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.76.22.70 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-22-70.eu-west-1.compute.amazonaws.com
Software: Apache/2.4.46 (Amazon) /
Resource Hash: 2a585e2ff9b3445060ca3594b3658704f26883ab780c1ed45229346a2abbafbb

Request headers

Referer: https://www.undertheradarmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Mon, 06 Sep 2021 00:00:30 GMT
Server: Apache/2.4.46 (Amazon)
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="/w3c/p3p.xml"
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Type: text/javascript;charset=UTF-8
Content-Length: 266
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 container.html Show response
dd97950f1a8a919d39db5fcf83f03a78.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame FDD2 6 KB
3 KB 6ms
6ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://dd97950f1a8a919d39db5fcf83f03a78.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021083101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: dd97950f1a8a919d39db5fcf83f03a78.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.undertheradarmag.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://www.undertheradarmag.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Mon, 06 Sep 2021 00:00:26 GMT
expires: Tue, 06 Sep 2022 00:00:26 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 7786 0
0 35ms
34ms Fetch
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuVKDCgA9Bi7aLXGcA3cYcEwv7k7OS244cH_BAuL3lUZwUdYQrVrjs2CRltSL70Rue6oqMvWoNwxiJcaz5l_BfqFLC-nujaqihaTzAgabbBL0IK4j1hN1_PZtMX3QFfDNC55HBe_ovWLaQ9N2drHMSI00ftJuRSdcp84qHAWxSZ2yQgAVHqFll-7qOBB6ZNpmhn_oO-giG5JM7nmvKnjgu665FThZkAKGV0HcNGRbfAN81Runp_xjfHVX9obzLMTB8rpuEqeTWnSudwLjMSpv-eAwzZb4kkvLHv1qe7OXpecVZER6lyQRNSarPldSQ4ZwxrqLitoEEWwu8DIHeBrKIt&sai=AMfl-YSLdgX77E_7d6D_90gmeF1gVTP4UwDJwaUgKAwke9evvk24-nqrr1Opb2PEl1f3TRvzitTky0PNcDMNfmDp3vrsxQD1thCF25RRUuWBgBj0yGcZsCgYvOIOG-JfEjg&sig=Cg0ArKJSzLlg4GZWuHB8EAE&adurl=

Requested by

Host: www.undertheradarmag.com
URL: https://www.undertheradarmag.com/news/premiere_enn_debut_new_video_for_catalyst

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.undertheradarmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 06 Sep 2021 00:00:28 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Mon, 06 Sep 2021 00:00:28 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210831/r20110914/ Frame 7786 18 KB
8 KB 1628ms
7ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210831/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021083101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

47b2e4e5ae504cbefc5c71d8bab25c4571c65321f1009411150b689dcc2901f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.undertheradarmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 05 Sep 2021 23:50:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 627
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7645
x-xss-protection: 0
server: cafe
etag: 13200147268341533873
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 19 Sep 2021 23:50:03 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210831/r20110914/client/ Frame 7786 2 KB
1 KB 1693ms
74ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210831/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021083101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.undertheradarmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 05 Sep 2021 23:38:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1324
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 19 Sep 2021 23:38:26 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7786 122 KB
37 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021083101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0299ce766df424b69a25530d8afe7c2352cb6240c7510fe7be67d8cd53bd3467

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.undertheradarmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 06 Sep 2021 00:00:28 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1630496346997469"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37796
x-xss-protection: 0
expires: Mon, 06 Sep 2021 00:00:28 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame 7786 0
0 32ms
30ms Image
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQO6DZ32B-UosW5cqnJ2CEk9OMZvEgaxWSXQNHHOEzo3qxSihXToEQY2ej6Niy6p_GL7I2lnmXGLLlwDiMmlp-_qQ_NPw
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021083101.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.undertheradarmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

GET
H2 200 13368332719734273957
tpc.googlesyndication.com/simgad/ Frame 7786 93 KB
93 KB 1694ms
76ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13368332719734273957

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021083101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ac02ebd471b2fa5c18303d3463b86a87cb09b73a2e7c9b5ff6093a82380eceef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.undertheradarmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 04 Sep 2021 13:25:38 GMT
x-content-type-options: nosniff
age: 124492
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 95010
x-xss-protection: 0
last-modified: Thu, 26 Aug 2021 00:56:02 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 04 Sep 2022 13:25:38 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012108170213000/ Frame 73C9 188 KB
55 KB 1645ms
39ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012108170213000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021083101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c76cc68adbbc958993e23bf9ad18979f7aeaab6274b1f2322afb581d22eb855f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.undertheradarmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 355525
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55333
x-xss-protection: 0
server: sffe
date: Wed, 01 Sep 2021 21:15:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "55ff93a1040e5c38"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 01 Sep 2022 21:15:05 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012108170213000/v0/ Frame 73C9 13 KB
5 KB 1665ms
59ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012108170213000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021083101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fae2773cd95cb857866b4b3a54777c88f6c03e0167bf323c2a1f431985887b61

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.undertheradarmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 356434
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4999
x-xss-protection: 0
server: sffe
date: Wed, 01 Sep 2021 20:59:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "6b551ff8c0a78d7e"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 01 Sep 2022 20:59:56 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012108170213000/v0/ Frame 73C9 89 KB
28 KB 1700ms
153ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012108170213000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021083101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

48bb89434a42b4fb519f27e9272e018e8151383b4b7f46f26260f5fd29e5f05e

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.undertheradarmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 356434
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28538
x-xss-protection: 0
server: sffe
date: Wed, 01 Sep 2021 20:59:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "523ca413d5eb4bb0"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 01 Sep 2022 20:59:56 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012108170213000/v0/ Frame 73C9 4 KB
2 KB 1370ms
58ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012108170213000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021083101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4a74fe2cef1d4e3ca293944e20763b350954439d0966a662691d304d9e1aac3

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.undertheradarmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 356434
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1653
x-xss-protection: 0
server: sffe
date: Wed, 01 Sep 2021 20:59:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "a4d9605fb26cf0ce"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 01 Sep 2022 20:59:56 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012108170213000/v0/ Frame 73C9 40 KB
13 KB 1357ms
68ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012108170213000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021083101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9158e53d7052a6df65c12e3a59a8c77a8be353425523e4eff057fa5578e654ad

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.undertheradarmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 356434
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12821
x-xss-protection: 0
server: sffe
date: Wed, 01 Sep 2021 20:59:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "bd81b3ba02634f28"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 01 Sep 2022 20:59:56 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 73C9 4 KB
713 B 15ms
15ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021083101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

abc1bbfb097cfaf4715fe823adb40881f8ed35a943692d5c037945c2fcc56340

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.undertheradarmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 05 Sep 2021 22:54:31 GMT
server: ESF
date: Mon, 06 Sep 2021 00:00:28 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 06 Sep 2021 00:00:28 GMT

GET
H2 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/11590028501149735587/ Frame 73C9 8 KB
8 KB 1577ms
76ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11590028501149735587/downsize_200k_v1?w=400&h=209

Requested by

Host: www.undertheradarmag.com
URL: https://www.undertheradarmag.com/news/premiere_enn_debut_new_video_for_catalyst

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

083f6345a177dcd68f1b3094361a8c6a758b98c5690e6d6cc28e64d230e4ad5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.undertheradarmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 19:38:32 GMT
x-content-type-options: nosniff
age: 361318
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7956
x-xss-protection: 0
last-modified: Thu, 08 Apr 2021 00:36:53 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 01 Sep 2022 19:38:32 GMT

GET
DATA 200
OK truncated
/ Frame 73C9 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

Referer: https://www.undertheradarmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 73C9 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 745aa4119e3ce3eda04a3794a37cfb2399479973b90e161e38a9d2f0bc3924c7

Request headers

Referer: https://www.undertheradarmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 73C9 2 KB
3 KB 1509ms
7ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: www.undertheradarmag.com
URL: https://www.undertheradarmag.com/news/premiere_enn_debut_new_video_for_catalyst

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.undertheradarmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 05 Sep 2021 14:19:22 GMT
x-content-type-options: nosniff
server: cafe
age: 34868
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Mon, 06 Sep 2021 14:19:22 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 73C9 295 B
399 B 1509ms
8ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: www.undertheradarmag.com
URL: https://www.undertheradarmag.com/news/premiere_enn_debut_new_video_for_catalyst

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.undertheradarmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 05 Sep 2021 14:31:09 GMT
x-content-type-options: nosniff
server: cafe
age: 34161
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Mon, 06 Sep 2021 14:31:09 GMT

GET
H3-29 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 73C9 0
0 53ms
40ms Image
text/html 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CDtlTGlo1YZbcCtqKrASx15KoBoyIrdpkuZ_mqp0O2oTV7PQjEAEg6ru-D2CRhICA_BegAbv22OUCyAEJ4AIAqAMByAMKqgStAk_Q7gelrhJ3EnIKbDOexTZbDH-zJE6uy5ILWnFF17bwfIlSwFd4Yl-fuFzgiF7h35RS62k8V3BwOQ-CIhCPkigmhCOG8pDUPIAo5klzjNloHh3tmVMHtEMyVsZpPwKoywjyFDZdIv1-gC51fnrBTNxztXoBUppqttTz1OOLNeCUSErXFd6Gwslnb8g4tj_JzaJSg4UQDvuSfdaFLn_IA4Np3Rj7Bxc-wUvNY8ItaR3ep1UlP1w1OP4AZ9PEIkvZpwSC0Qg3SsRjoePNZ8hgDv4lrqiWa4B06Rn3bC7WjsAn3MmCkY2_FRLexpkrbDqfJJbAPrFgzaOXTo0Owr7Z_ymesbyxjISaIB4w0sW-ePLCBEtLjf8EBjjHknq0t8vwP74Z1z6o7yEVy1h_Aa3ABP3Qn9a-A-AEAZIFBAgEGAGSBQQIBRgEoAYugAezrKOaAagH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhvYBwDyBwQQzoQx0ggJCIjhgBAQARgdgAoByAsBuBOIJ9gTAtAVAYAXAbIXHgocCAASFHB1Yi03MjEzMDIxNjQxMjI2NzMxGLifEg&sigh=zyS2kVBo-Tw&template_id=5000
Requested by: Host: www.undertheradarmag.com
URL: https://www.undertheradarmag.com/news/premiere_enn_debut_new_video_for_catalyst
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s07-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.undertheradarmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

GET
H3-29 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 72 KB
27 KB 1753ms
1738ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021083101.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bd3a2482b7b952b621e16a05c3bb1847829d057fb1384f4c32d1362b8153e967

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.undertheradarmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 06 Sep 2021 00:00:30 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1630496339498273"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27562
x-xss-protection: 0
expires: Mon, 06 Sep 2021 00:00:30 GMT

POST
H3-29 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 8DD6 28 B
56 B 19ms
18ms XHR
application/json 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/9da24d97/www-embed-player.vflset/www-embed-player.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: application/json
X-YouTube-Utc-Offset: 120
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/6SEZ2Ei-_pY
X-YouTube-Client-Version: 1.20210901.1.0
X-YouTube-Time-Zone: Europe/Berlin
X-Goog-Visitor-Id: CgtxMmV5bzJOU3NsOCiYtNWJBg%3D%3D
X-YouTube-Ad-Signals: dt=1630886426108&flash=0&frm=2&u_tz=120&u_his=2&u_java&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug&u_nmime&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C560%2C315&vis=1&wgl=true&ca_type=image&bid=ANyPxKqpHhV8ALjbt66a6pAvdnjkJbYU_nzL240hXOqR-R5n4QKKPABRmq2SDfMa_f0Uft0y6J5H8hFG-Hfl1EziB29kh1gE8Q

Response headers

date: Mon, 06 Sep 2021 00:00:29 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0
expires: Mon, 06 Sep 2021 00:00:29 GMT

GET
H2 200 cds-pips.js Show response
cdn.taboola.com/scripts/ 2 KB
1 KB 27ms
26ms Script
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/scripts/cds-pips.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210823-13_b2-PR-36653-DEV-91882-align-code-from-custom-module-to-rbox-b251e67c540-SNAPSHOT.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7faef21187e15aefd3d8a5a585ca32c66358f597a97f5abd276517eaea1057d3

Request headers

Referer: https://www.undertheradarmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: iYtYacMlAb7PnD4NbVgysKvLj2fov4iK
content-encoding: gzip
etag: "3aa74dbf5cd656dbb65deda2d238ddbd"
age: 1522
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 911
x-amz-id-2: qQheTKeQES6bMdCZ/EuMmRskbiEN65W4DOuEKpUxChRbjEcyJKpTEG2fJKFHmn2GKELuYHBGLWM=
x-served-by: cache-fra19173-FRA
last-modified: Wed, 14 Jul 2021 05:06:01 GMT
server: AmazonS3
x-timer: S1630886429.218620,VS0,VE0
date: Mon, 06 Sep 2021 00:00:29 GMT
vary: Accept-Encoding
x-amz-request-id: X0T5G34XC8D2QGE8
via: 1.1 varnish
cache-control: private, max-age=3600
accept-ranges: bytes
content-type: application/javascript
abp: 27
x-cache-hits: 1235

GET
H2 200 taboola-reminder.20210823-13_b2-PR-36653-DEV-91882-align-code-from-custom-module-to-rbox-b251e67c540-SNAPSHOT.es6.js Show response
cdn.taboola.com/libtrc/ 15 KB
4 KB 23ms
23ms Script
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/taboola-reminder.20210823-13_b2-PR-36653-DEV-91882-align-code-from-custom-module-to-rbox-b251e67c540-SNAPSHOT.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/undertheradar/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cc88c3b59bc0aefaeff206ab3873edb05e4d868a568793f6d465cf109c4a90ca

Request headers

Referer: https://www.undertheradarmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: 5uzp6WljO1GxTQWAG82adRHI5CVbZGDv
content-encoding: gzip
etag: "b68a2d38fc2bfbce5f252e333ae4fc7f"
age: 144
x-cache: HIT
x-amz-replication-status: FAILED
content-length: 3612
x-amz-id-2: uxnx/o1+blT5vhvPF6aQxT8r5CrwDup1QBkke8DMAnzTNYs7hTeKtfHn0nWy2SfmcBonrp/AY6s=
x-served-by: cache-fra19173-FRA
last-modified: Tue, 24 Aug 2021 09:18:04 GMT
server: AmazonS3
x-timer: S1630886429.246339,VS0,VE1
date: Mon, 06 Sep 2021 00:00:29 GMT
vary: Accept-Encoding
x-amz-request-id: Y3XH5NRCB38VMTHY
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 27
x-cache-hits: 1

GET
H3-29 200 container.html Show response
dd97950f1a8a919d39db5fcf83f03a78.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 63CD 6 KB
3 KB 26ms
8ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://dd97950f1a8a919d39db5fcf83f03a78.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021083101.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: dd97950f1a8a919d39db5fcf83f03a78.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.undertheradarmag.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://www.undertheradarmag.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Mon, 06 Sep 2021 00:00:26 GMT
expires: Tue, 06 Sep 2022 00:00:26 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 container.html Show response
dd97950f1a8a919d39db5fcf83f03a78.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 1A27 6 KB
3 KB 22ms
7ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://dd97950f1a8a919d39db5fcf83f03a78.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021083101.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: dd97950f1a8a919d39db5fcf83f03a78.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.undertheradarmag.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://www.undertheradarmag.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Mon, 06 Sep 2021 00:00:26 GMT
expires: Tue, 06 Sep 2022 00:00:26 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 container.html Show response
dd97950f1a8a919d39db5fcf83f03a78.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame C38C 6 KB
3 KB 16ms
8ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://dd97950f1a8a919d39db5fcf83f03a78.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021083101.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: dd97950f1a8a919d39db5fcf83f03a78.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.undertheradarmag.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://www.undertheradarmag.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Mon, 06 Sep 2021 00:00:26 GMT
expires: Tue, 06 Sep 2022 00:00:26 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ Frame 73C9 16 KB
16 KB 15ms
6ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.undertheradarmag.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 07:54:01 GMT
x-content-type-options: nosniff
age: 230788
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:39 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 03 Sep 2022 07:54:01 GMT

GET
H3-29 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ Frame 73C9 15 KB
15 KB 11ms
10ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.undertheradarmag.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 10:59:45 GMT
x-content-type-options: nosniff
age: 219644
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:35 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 03 Sep 2022 10:59:45 GMT

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame 8DD6 4 KB
2 KB 18ms
14ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/9da24d97/player_ias.vflset/en_US/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 06 Sep 2021 00:00:29 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
x-content-type-options: nosniff
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2007
x-xss-protection: 0
expires: Mon, 06 Sep 2021 00:00:29 GMT

POST
H2 204 bulk Show response
trc.taboola.com/undertheradar/log/3/ 0
271 B 63ms
62ms XHR
image/gif 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/undertheradar/log/3/bulk?route=AM%3AAM%3AV&lti=cta-lzy5_var1&bulkSize=11
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210823-13_b2-PR-36653-DEV-91882-align-code-from-custom-module-to-rbox-b251e67c540-SNAPSHOT.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.undertheradarmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-vcl-time-ms: 12
pragma: no-cache
date: Mon, 06 Sep 2021 00:00:29 GMT
via: 1.1 varnish
server: nginx
x-timer: S1630886429.337238,VS0,VE12
x-served-by: cache-fra19173-FRA
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://www.undertheradarmag.com
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 0

GET
H3-29 204 generate_204
www.youtube.com/ Frame 8DD6 0
10 B 11ms
6ms Image
text/plain 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?RrU4Dw
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/6SEZ2Ei-_pY
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.youtube.com/embed/6SEZ2Ei-_pY
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 06 Sep 2021 00:00:29 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H2 200 f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ 254 B
751 B 23ms
22ms Image
image/png 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by: Host: www.undertheradarmag.com
URL: https://www.undertheradarmag.com/news/premiere_enn_debut_new_video_for_catalyst
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

Referer: https://www.undertheradarmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
via: 1.1 varnish
etag: "dfa7b52c86e56bd67fa4002f6ed19854"
age: 1348
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 254
x-amz-id-2: AqVbMloMCfD0JPGPMtYh8HqWku+mU3LCOyBV3RWZDsbuxPPBhmPoCHF3dszT2/Ka3TN0CVxRa9I=
x-served-by: cache-fra19173-FRA
last-modified: Wed, 24 Jun 2015 07:14:11 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer: S1630886430.281277,VS0,VE0
date: Mon, 06 Sep 2021 00:00:30 GMT
x-amz-request-id: E8X2YXVA73E9K5Z9
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: image/png
abp: 27
x-cache-hits: 113

GET
H2 200 / Show response
pips.taboola.com/ 64 B
247 B 121ms
36ms XHR
text/plain 2a04:4e42:3::300
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://pips.taboola.com/
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:3::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: 163c5edc91f9c49c92cc2c0316236267126527c386bd63ecf6fae68988ca2b92

Request headers

Referer: https://www.undertheradarmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 06 Sep 2021 00:00:30 GMT
via: 1.1 varnish
server: Varnish
x-served-by: cache-fra19153-FRA
access-control-allow-methods: GET
access-control-allow-origin: https://www.undertheradarmag.com
cache-control: no-store
x-cache: HIT
accept-ranges: bytes
content-length: 64
retry-after: 0
x-cache-hits: 0

GET
H2 200 4122140a28fd9b8eb70e891ec8090ced.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_86%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 1 KB
2 KB 119ms
117ms Image
image/webp 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_86%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/4122140a28fd9b8eb70e891ec8090ced.jpg
Requested by: Host: www.undertheradarmag.com
URL: https://www.undertheradarmag.com/news/premiere_enn_debut_new_video_for_catalyst
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: c7768c82aa0fff76d7d30e385444b8e7a85470c41bdd81c35e3802f48b335cd2

Request headers

Referer: https://www.undertheradarmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-vcl-time-ms: 88
date: Mon, 06 Sep 2021 00:00:30 GMT
via: 1.1 varnish, 1.1 varnish
age: 3042756
edge-cache-tag: 368259652828250805421813998324128806207,609000275878300931466227160548147665902,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 23
x-cache: HIT, HIT, MISS
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_86%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/4122140a28fd9b8eb70e891ec8090ced.jpg
content-length: 1402
x-request-id: 8c41121cdf0270df382c4de618325453
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
last-modified: Wed, 14 Jul 2021 02:59:51 GMT
server: nginx
x-timer: S1630886430.447652,VS0,VE88
etag: "01378ffbc8e8bc13f5f197235133b62b"
x-served-by: cache-wdc5564-WDC, cache-dca12927-DCA, cache-fra19173-FRA
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 0

GET
H2 200 8a114bf7a283e57812960d61f56bd1d4.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_86%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 3 KB
3 KB 116ms
116ms Image
image/webp 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_86%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8a114bf7a283e57812960d61f56bd1d4.jpg
Requested by: Host: www.undertheradarmag.com
URL: https://www.undertheradarmag.com/news/premiere_enn_debut_new_video_for_catalyst
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 6b152f7c769c7b95bd9f25edd462f672c008fc1423832b807bc9713e5b512937

Request headers

Referer: https://www.undertheradarmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-vcl-time-ms: 88
date: Mon, 06 Sep 2021 00:00:30 GMT
via: 1.1 varnish, 1.1 varnish
age: 788931
edge-cache-tag: 321878742475222481006479727623794305486,609000275878300931466227160548147665902,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 23
x-cache: HIT, HIT, MISS
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_86%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8a114bf7a283e57812960d61f56bd1d4.jpg
content-length: 2804
x-request-id: 10133ba2e8ed3bd5b08633fa35080c86
x-backend-name: US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb101
last-modified: Mon, 02 Aug 2021 05:34:26 GMT
server: nginx
x-timer: S1630886430.465330,VS0,VE88
etag: "01ffbadf9f5f27e553632f2d6f9543e7"
x-served-by: cache-wdc5544-WDC, cache-dca17757-DCA, cache-fra19173-FRA
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 0

GET
H3-29 200 css
fonts.googleapis.com/ Frame FDD2 2 KB
531 B 441ms
80ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Requested by

Host: dd97950f1a8a919d39db5fcf83f03a78.safeframe.googlesyndication.com
URL: https://dd97950f1a8a919d39db5fcf83f03a78.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e89a316ebf1c63ea09e2b7b5889fb55e1ffb326c7b2b172027da0948f5709f6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://dd97950f1a8a919d39db5fcf83f03a78.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 05 Sep 2021 22:58:39 GMT
server: ESF
date: Mon, 06 Sep 2021 00:00:31 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 06 Sep 2021 00:00:31 GMT

GET
H3-29 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210831/r20110914/client/ Frame FDD2 1 KB
857 B 578ms
123ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210831/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: dd97950f1a8a919d39db5fcf83f03a78.safeframe.googlesyndication.com
URL: https://dd97950f1a8a919d39db5fcf83f03a78.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5d1f3a4ee5a02abdbc66a11aad769dd81cbe4d07f0b3799ff0940ad7b7d6cc1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dd97950f1a8a919d39db5fcf83f03a78.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 05 Sep 2021 22:44:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4571
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 830
x-xss-protection: 0
server: cafe
etag: 3558876194914413708
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 19 Sep 2021 22:44:20 GMT

GET
H3-29 200 adview
securepubads.g.doubleclick.net/pagead/ Frame FDD2 0
0 457ms
65ms Fetch
text/html 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C6FCeGlo1YZXcCtqKrASx15KoBtSLj_9ko83d550NloLNhYgWEAEg6ru-D2CRhICA_BegAeKo4scDyAEJqQK3zvaIH-6zPuACAKgDAcgDmwSqBKcCT9B7qznIKFDwxMa2d1WjeqD3R37t3sQv2KAZCWxOKWnAX_OqivLOe2HHMdNVX6wFPytaXuS0e60I0kMl1LNA-wqVcJvWCR571wFgjJW93H76JWCohUyfDQ9pM8rJBLE0fp-ZaPxNGn7Y7C6FvOwaD8Qv909GUpGnX7BJSO65IG7RtEGlYWCmHk-YTllzMRvhXj-yXzyGFFQF5JdnuSqK9c4jYsonOs4TiY4jWLWQrcOX-jwBXsqRIS7VBbHbzOisnFfHQjK4SI2YfGvV5QqQAn2y9OPM6lvC88pRCFB8tHTozD61mKEwT3hpuCWjeomgxsgoMkJszYyq1yDIRW1Tw1jZMEApNyRINi5dhggYvCYvlhbx6v4nfd1ai_ekXgb1hv9CH_hjBMAErOm0tLsD4AQBkgUECAQYAZIFBAgFGASgBi6AB_LB94YBqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhvYBwDyBwQQo_Y70ggJCIjhgBAQARgdgAoByAsB2BMO0BUBgBcBshceChwIABIUcHViLTcyMTMwMjE2NDEyMjY3MzEYuJ8S&sigh=ZzuJ0VjNc3w&template_id=494
Requested by: Host: www.undertheradarmag.com
URL: https://www.undertheradarmag.com/news/premiere_enn_debut_new_video_for_catalyst
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s07-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Referer: https://dd97950f1a8a919d39db5fcf83f03a78.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210831/r20110914/ Frame FDD2 18 KB
7 KB 576ms
122ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210831/r20110914/abg_lite_fy2019.js

Requested by

Host: dd97950f1a8a919d39db5fcf83f03a78.safeframe.googlesyndication.com
URL: https://dd97950f1a8a919d39db5fcf83f03a78.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

47b2e4e5ae504cbefc5c71d8bab25c4571c65321f1009411150b689dcc2901f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dd97950f1a8a919d39db5fcf83f03a78.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 05 Sep 2021 23:50:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 628
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7645
x-xss-protection: 0
server: cafe
etag: 13200147268341533873
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 19 Sep 2021 23:50:03 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210831/r20110914/client/ Frame FDD2 2 KB
1 KB 557ms
103ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210831/r20110914/client/window_focus_fy2019.js

Requested by

Host: dd97950f1a8a919d39db5fcf83f03a78.safeframe.googlesyndication.com
URL: https://dd97950f1a8a919d39db5fcf83f03a78.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dd97950f1a8a919d39db5fcf83f03a78.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 05 Sep 2021 23:38:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1325
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 19 Sep 2021 23:38:26 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame FDD2 122 KB
37 KB 625ms
234ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: dd97950f1a8a919d39db5fcf83f03a78.safeframe.googlesyndication.com
URL: https://dd97950f1a8a919d39db5fcf83f03a78.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0299ce766df424b69a25530d8afe7c2352cb6240c7510fe7be67d8cd53bd3467

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dd97950f1a8a919d39db5fcf83f03a78.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 06 Sep 2021 00:00:31 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1630496346997469"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37796
x-xss-protection: 0
expires: Mon, 06 Sep 2021 00:00:31 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210831/r20110914/client/ Frame FDD2 14 KB
6 KB 556ms
103ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210831/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: dd97950f1a8a919d39db5fcf83f03a78.safeframe.googlesyndication.com
URL: https://dd97950f1a8a919d39db5fcf83f03a78.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

114dabe187311ee2e303549831223ef80d06385cb854e2aa1647ec1e0ca148f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dd97950f1a8a919d39db5fcf83f03a78.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 05 Sep 2021 23:54:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 347
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6183
x-xss-protection: 0
server: cafe
etag: 901432759052127119
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 19 Sep 2021 23:54:44 GMT

GET
H3-29 200 550517e8bc13b6c9510094b6b7001d9c.js Show response
www.gstatic.com/mysidia/ Frame FDD2 26 KB
11 KB 477ms
38ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/550517e8bc13b6c9510094b6b7001d9c.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: dd97950f1a8a919d39db5fcf83f03a78.safeframe.googlesyndication.com
URL: https://dd97950f1a8a919d39db5fcf83f03a78.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5469740595a44003b8884f40783d63ac3c9b57e1a00ad6f29c4fff55153717de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dd97950f1a8a919d39db5fcf83f03a78.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 11:21:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 218362
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10776
x-xss-protection: 0
last-modified: Thu, 02 Sep 2021 17:32:58 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 02 Dec 2021 11:21:09 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 8184 624 B
350 B 296ms
0ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CLb2ugIQprG8AhiLx82yATAB&v=APEucNXvf4miklWajBg53HjduLfiBHNMFV9jsioDBHBysWrJMtHeg5Gkv7MBRXyaPzNexpzack9x3HndG0Iv8Rt-JPTIV3yVNzJS2P3OfHNqD0p9XLr2KPnJyD6yvVljDqIBEEx8RMCbl7uoBonOrakR2B3l1Cb0jNwxE_X3gArfpyrotiGkqYA

Requested by

Host: dd97950f1a8a919d39db5fcf83f03a78.safeframe.googlesyndication.com
URL: https://dd97950f1a8a919d39db5fcf83f03a78.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /xbbe/pixel?d=CLb2ugIQprG8AhiLx82yATAB&v=APEucNXvf4miklWajBg53HjduLfiBHNMFV9jsioDBHBysWrJMtHeg5Gkv7MBRXyaPzNexpzack9x3HndG0Iv8Rt-JPTIV3yVNzJS2P3OfHNqD0p9XLr2KPnJyD6yvVljDqIBEEx8RMCbl7uoBonOrakR2B3l1Cb0jNwxE_X3gArfpyrotiGkqYA
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://dd97950f1a8a919d39db5fcf83f03a78.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUmo--3WcxxmqpqJGAgtVcSch4QALjp2BLfSmfo9gc4r0gU4oXBq7UMvgPY2ERE
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://dd97950f1a8a919d39db5fcf83f03a78.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Mon, 06 Sep 2021 00:00:31 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 1A27 53 KB
25 KB 475ms
0ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-ACsa96H1QRSmFjCtWb3_ZcS_joYxfFMiWcuLkeKCwaqujjve-7FpTGFT1sPvGQn09vgCC7H2YZDNlilvsWkzvKysxln2FbO9-ukabkmb6yDAk7k2P6_NwP5PIR27jRVRUqGqFXsvgohjaflNj-726UpEJACg&dbm_d=AKAmf-Dg60FUv4Dv0rDBomOPekDopRdEkJ154WB9g89dCAixCTdQppV7uCOZH0nDqheYjIfrDIkfTNRXLr0M5jZJyIS_UdQODGeQDjiRmSMe2ySVBi_9csQB1ssXSgf7rK1z-E8armDnoPwsj1pQMtXyJGnYuOD3lnLJK2dcBqKS07csfk7IhrfDO3J00_CW1n8_RYu4oyd6xbslFhx0VbSusbHTgoPnj_WcZzZ5vhhxOim8NXCWnq0U2tbZGbgl_HoE2uB0Zo_rBn-JCIn_kjH1QPE-9hOUNtAv3H2DFv1KIh9MFl-ByfTBkSiCWY8rWtKd6eVfu8vXXn05kirJnd_Ka0VeDXTB-xm_XWjgCoWZHV452086-W9yswnDY-ChvU4_5NTODAJSJXZjpANr0eaerTyaxmUqrPYK1Qk2ZQuqn9oRNHZddssodZ1xREhf-zsDnAYTfEczVysvCDEZA0OeMsv9A2-Opd86H9SdrAW4sZ6KJYzbKBuoJB7ISGh-asrN5xDV_Nqticx_UCNhicycEdHi8gcWRA1l31paYODhKrIW74otWgAqZgbvK3ZNpcx3uz8IjVyMl2htd8iZJIXUjhi01xY4wRK3bnwIX9a0h2HxIOH2Jk2tflcQjlWgL9mPs_RvzknaMlHpJgKP9SadQ6zGmlx0hX8oPmfHO696QrQUhZiZcA4jN_drFK8KohtkI3l1zW5g7pGAr6zIKd6KgFzIo0ZdMrqWODLDH0jzfm-9R50dGqIqeglLqHMMf1m3aIAnFdy566nGyeLpR6suCHk-XTMhDew2c9a1VGaByvHyADTzIhqj1jkVhp69WWoYuqNWXJ-jJlKTygOpJyG_JKIQOo-p7WSmccMIsuP5BdmgSn5js6895KLtzzyHiuTHbiyxt187I1PjGZoHFGywUBsVJq7iuOAQsTgcU3t7js3VJDo0uMZL_7l6onaU8R1mjayVfKE17EYRLh1O527DbJ4pnyXFIkwhTdrJGw-ELQlWlxFuZB-rC3VcPEoUWRZBlfxlUtTFvRfMA4OGdaauxG_SiTN7nt_ZGYZhnUQRwwaSWlqnk-N5NO9q2cEyCGSnY3afndZOsYdbA8tIHHZZkcPA9cDGQPX4O0APrEumN8YpC-CshniUrG1JjDvqTqHxSi4K1UL1Y9HXtsQjnF2QOMFal6wgb_4bBtExtWSETutRWjTLQoGobU_nqj0dDIhcyL4Q_lJpCRYLziPUv43tqfagA-qX9Ek_KtlpUGZXbjHKFMVNqF7Abr3heYEfYR5YNx_PBWfpZnbp2dqr7F6eBnbLGZEj5VjYCZ8yH1yp892dMcdHo102rCGZjjz1cdhQ1PFJk2sa_2kikimlmoxyQ-oHFBOx9kmA8d0pMW2MD_5MqW1FgsralSHILQGPc4POwkOfljbJ76f3pIiD68LXBwCDHcdybqEhxS5ns78Rx1DTxo96iCMjtw_Q_Q2kjlXnWctNV_LJOmUHZX4eGEJdKIVZ28Yf2dIZ6NF8IcDHVV0wIHw-iyXTT9uxYVybNLvS57gJF0pB0Jel5_9STh1UcwU12tURXVsWNVK0iqQSW9r10Kztu46r6blYM_dmpKqEtdGCoy-L0l7QkBG8I-JuNPPIHkCzApZ65DCvKiE0laNd2y-qyfxRpaPrv2Jjc9RWpzCeAT98XtcrklzZ2TCj9hBxzbLsmJSxRzio4OlePvY_xzgfSEpBl07dAxjnkMew0BUlaMyNSYNf65quBH3B_ATKEWBJngYHXajQQ-J9lm9KZjj8dieQr1HKbyeHpmThfYzHPIqzaMkCDm6c1qkLBWOX66Cn_kgld9IZz9YbmbTDslSCTIAkL9yYXb026adkbSSzzZp5i8ZrUSPYu3VfSozYtal5mn1BBhucK7q8NaDlBcaGJXKC8roMdhVrDU5GfU77kSXJtxCHC0SIOBavid77fIn5z_LqdoInBl7wfNBPYEblBXYlf_TfK6qOVwhCHcWdSKBb44Eky3fDzcRQSeZVKRPZu1WzECfxCRaIRHMgn0O0pd8JJk3G5yrJm7P7d5eTITkoVHyMb6s4WIY0jImrUUyDa_Wi3r2W9YOpK49M51yRdlhVkhwFza7mm5e3ONiMFUliRTG6ei-rAJgP5VRqd91hiPNxLjQxbi58BRimstNn8eLbEDgo9fiebJMG7vTZpr_-0G1NLxzST5Px5gTDXLjmHUOQQzm0Cp2S-VQVFwJzIruXsqfYgCva_3qIiJL4fuViYz0Oo9EIbDhtm_kRaeV86VgOpofzbLQPPspLbQsighS8ACWJwHTJZ2Lx2WgC6hLthPAwzxebhJBVXk_xUTIhj95WbPNoEUUu1OweYy8NvtH4kJHWt5koSLnhc3UWY6fOoIPGNC-sZ-EACBOe_Qa1KDQOhjA-wRzCiteCG2kk_ffSh19oT26HrbmXkFguq9xTIEe8gih_E7K9YC-GAnuy0O6Ey4Hr4S3iu-x_ad7lnzVtn7kBFz2HiUSpJfGrBbOhGzZMGDymLMV0uo9pNzjXm3f4Mtn5l7VGtjygui0A2BVfVOx4Z6zVHnNq7532NFQsePx52Cu5LA8aQjA4j3ZQUFc9YL0-OextLM8YOYUlvSX452BTggsCoCLHm3jj0g7RtafnyaPmViL8zPv_oHKerApzjCzbtxViUGzew3QhaI3HVTwqRnir4I61ngpoDe-zWAEI683L5sBHu_75Z67okeNLC1ka9K3KPtGxqdE0F0ku_bdZK1QNfo612o-rMLX9EvJ1cNTtOTVGFWL4p502ION-FlzFwv9MMfy4qsIZiCjlcvVGLpJdln1ohBB1dqfVAuz-V2jxXD1ShL6re3PFaB0cItrwgZNtysZr-OgFXqQsNx0ctHJslBok5mntgExuveNCPHYa6f5TLV0lYS_nDMNXS6KXUg_lJZqu_tvpAPR4OM8gwv7xnZaXdpZYyINSma5iiB7vsJJyLc4U7AT_HKlqn8G4D9Wp6yV8RLRzUBO_S8lHuMdKkBT3VqRnbOUz_WtLG04fdq6DRfXRHKybqUwzUMnlx5Y414QPsz_1Zl4NJnBEzv7xvtk7QiC8x_MRpFZ9EzT1s58X-KlV-ih83zHKaQyrU9NZ2hOel63A5GvniB-H2SniyKwqUZRTW1-X9fYsGo7Dp77ahkNrnNBNJ_7ch1JkvUzGT9Lq8ijnCG3WZv5RNUanGQEvyIL-F9u0&cid=CAASFeRovXAv6dEMpwxAOgGVTidgFXoACg&rfl=1%2Chttps%253A%252F%252Fwww.undertheradarmag.com%252F%240

Requested by

Host: www.undertheradarmag.com
URL: https://www.undertheradarmag.com/news/premiere_enn_debut_new_video_for_catalyst

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

db6eccd1ca99c100d3a061e57be4e5882edd220bc93c5d6145656a5615eecc41

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dd97950f1a8a919d39db5fcf83f03a78.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Sep 2021 00:00:31 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25482
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1A27 42 B
228 B 742ms
146ms Image
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-C_o2CJYiPklDOCJB0ZFGcXRFyrXLa9s8U9LaVJV7JPHsw9bnnUhZS0SSAshvKePGX6BHN6D7CMrD9aarzcgtWMNZdwinADBfC3IQSJjCOxPkyuUKE

Requested by

Host: dd97950f1a8a919d39db5fcf83f03a78.safeframe.googlesyndication.com
URL: https://dd97950f1a8a919d39db5fcf83f03a78.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dd97950f1a8a919d39db5fcf83f03a78.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Sep 2021 00:00:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210831/r20110914/client/ Frame 1A27 2 KB
1 KB 485ms
375ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210831/r20110914/client/window_focus_fy2019.js

Requested by

Host: dd97950f1a8a919d39db5fcf83f03a78.safeframe.googlesyndication.com
URL: https://dd97950f1a8a919d39db5fcf83f03a78.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dd97950f1a8a919d39db5fcf83f03a78.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 05 Sep 2021 23:38:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1325
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 19 Sep 2021 23:38:26 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1A27 122 KB
37 KB 282ms
173ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: dd97950f1a8a919d39db5fcf83f03a78.safeframe.googlesyndication.com
URL: https://dd97950f1a8a919d39db5fcf83f03a78.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0299ce766df424b69a25530d8afe7c2352cb6240c7510fe7be67d8cd53bd3467

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dd97950f1a8a919d39db5fcf83f03a78.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 06 Sep 2021 00:00:31 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1630496346997469"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37796
x-xss-protection: 0
expires: Mon, 06 Sep 2021 00:00:31 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210831/r20110914/client/ Frame 1A27 14 KB
6 KB 213ms
104ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210831/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: dd97950f1a8a919d39db5fcf83f03a78.safeframe.googlesyndication.com
URL: https://dd97950f1a8a919d39db5fcf83f03a78.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

114dabe187311ee2e303549831223ef80d06385cb854e2aa1647ec1e0ca148f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dd97950f1a8a919d39db5fcf83f03a78.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 05 Sep 2021 23:54:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 347
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6183
x-xss-protection: 0
server: cafe
etag: 901432759052127119
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 19 Sep 2021 23:54:44 GMT

GET
H/1.1 204
No Content / Show response
cds.taboola.com/ 0
155 B 755ms
92ms XHR
text/plain 141.226.224.32
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.taboola.com/?uid=b36ca07c-7ab9-4f82-9bc0-c7c989bef87e-tuct82edf9a&uad=2fdc9dff64e35c1da87224be72196d266a5a59834b754e4e186adb6e48c6938f
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.undertheradarmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 06 Sep 2021 00:00:31 GMT
Cache-Control: no-store
Server: nginx
Connection: close

GET
H2 200 st Show response
imprammp.taboola.com/ Frame 6EB5 1 KB
629 B 616ms
12ms Document
text/html 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=7997047&crid=5479985&dast=V7f9ACFgMIKlgGtjzDhwQIKlgGtjzDhwUAAAAGBvQHGsHYTZaD0W5D2S2Gg8FuMpttJovlcrYbAkcwdpPlYLTbUHaL4WCwm6wWk9VuORyNhqMpfBjLZTKoBRKW2e87KCinp8fsMoiKrrfF7nCaPW94QtPp8Lnu9brf7666m1yW09FleZgclrfDZ9f43X65y_f5Cy4vt9Nleflbdru_5LK4Tv-6y_evPU0uv7_mt_w7DtPD7Pyc7gAAAADwADDlGQPxAwgAEAEAAAAgAQAAAEARUPFvIXABAAAAgAFwoFehAUDJcYAOh-XscvsDAOBBAQQAQACDBECAM7AEYENz8QQAAAAAAAAAgOX___8_BkDP4E4GIIQvswfgwQfggaigsogRAAAAwCfMDcHRpE6oLKoAAAjSrQCuAAAC9nDP8G3DAAAABMYW6GHx-80Ou8bvdhkAAAAAAAAAgNn_2T-aUJReeBrQ5LWC2i8gAMDaLyAAAJu6AQC8CcAFHUErBoPVBcTsAAAAAO7-____9UBqtBy5bMaZZWXaDIcT22azWM4WlsXKOVvMXLOJ9wxpp1otxIrx-0KEZfb7DgrK6ekxuwyiouttsTucZs9BfNAwLCeDYH4TthitJpPNcjhbLiaD4Wg4Gu1PICcDnIjBcjmZLCa71Wg12gx3o9lggQIxmCBFiwaT1Wg0WUyGq9FkNVsudrsNUrRqNRttBsPVbDLb7VbDwXA5GuGELUaryWSzHM6Wi8lgOBqORkOEEc9s4zDsNm7dwuJci2bGyVo58RjWGt_GOVxOXDbjbuUWvT6m42RlsjkXXhQMSNqL4CKdqO4ml-V0dFkeJoflIpZoThbpRHbZt0bLkctmnFlWps1wOLFtNovlbGFZrJyzxcw1m_grntnGYdht3LqFxbkWzYyTtXLiMaw1vo1zuJy4bMbdyi16fUzHycpkcy78jdlmMBzORpPZvjHbDIbD2Wgy23foDN_V52wUB8Xljk6s3I173pj5oHAZLN7f0SKN3Xozo8o2tlhUt2HON7EK_X6_3-_3-_1-v3djNngMBsPQmRBNp9bXTxsWfzfeg0ERSwSni3QiehlPF7FE8rRIJ6rhajVbjZwzw2iz2ngWrsFqZjFONjOLzbRyLScWsURpukgnernL9_kLLi-302V5-Vt2u7_ksrhO_7rL9689TS6_v-a3_DsO08Ps_Jwu6j8uxGo5Fw3nqtVctEoAAAAAAAAAAEuYM28CAAAAcBrEbrHY7JYL8PAHrwsMAgAAAAAAsLvCppm_mtw_UNz4cUPdTS7L6eiyPEwOy5k3eyaItVotawAAAAFsAACAAG7dvAWcSHI!&cmcv=&pix=undefined&cb=1630886431133&uv=3014&tms=1630886431133&abt=aat1_vA!adh5c-1_vA!smbs!spa2_vA!t45!ufm_vD!vzr_vB&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=A1729047C27180072663219967&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.5.0/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: ec3163cce183e601cd03d439a7120880c421cef0cadc8313256de78486441a10

Request headers

:method: GET
:authority: imprammp.taboola.com
:scheme: https
:path: /st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=7997047&crid=5479985&dast=V7f9ACFgMIKlgGtjzDhwQIKlgGtjzDhwUAAAAGBvQHGsHYTZaD0W5D2S2Gg8FuMpttJovlcrYbAkcwdpPlYLTbUHaL4WCwm6wWk9VuORyNhqMpfBjLZTKoBRKW2e87KCinp8fsMoiKrrfF7nCaPW94QtPp8Lnu9brf7666m1yW09FleZgclrfDZ9f43X65y_f5Cy4vt9Nleflbdru_5LK4Tv-6y_evPU0uv7_mt_w7DtPD7Pyc7gAAAADwADDlGQPxAwgAEAEAAAAgAQAAAEARUPFvIXABAAAAgAFwoFehAUDJcYAOh-XscvsDAOBBAQQAQACDBECAM7AEYENz8QQAAAAAAAAAgOX___8_BkDP4E4GIIQvswfgwQfggaigsogRAAAAwCfMDcHRpE6oLKoAAAjSrQCuAAAC9nDP8G3DAAAABMYW6GHx-80Ou8bvdhkAAAAAAAAAgNn_2T-aUJReeBrQ5LWC2i8gAMDaLyAAAJu6AQC8CcAFHUErBoPVBcTsAAAAAO7-____9UBqtBy5bMaZZWXaDIcT22azWM4WlsXKOVvMXLOJ9wxpp1otxIrx-0KEZfb7DgrK6ekxuwyiouttsTucZs9BfNAwLCeDYH4TthitJpPNcjhbLiaD4Wg4Gu1PICcDnIjBcjmZLCa71Wg12gx3o9lggQIxmCBFiwaT1Wg0WUyGq9FkNVsudrsNUrRqNRttBsPVbDLb7VbDwXA5GuGELUaryWSzHM6Wi8lgOBqORkOEEc9s4zDsNm7dwuJci2bGyVo58RjWGt_GOVxOXDbjbuUWvT6m42RlsjkXXhQMSNqL4CKdqO4ml-V0dFkeJoflIpZoThbpRHbZt0bLkctmnFlWps1wOLFtNovlbGFZrJyzxcw1m_grntnGYdht3LqFxbkWzYyTtXLiMaw1vo1zuJy4bMbdyi16fUzHycpkcy78jdlmMBzORpPZvjHbDIbD2Wgy23foDN_V52wUB8Xljk6s3I173pj5oHAZLN7f0SKN3Xozo8o2tlhUt2HON7EK_X6_3-_3-_1-v3djNngMBsPQmRBNp9bXTxsWfzfeg0ERSwSni3QiehlPF7FE8rRIJ6rhajVbjZwzw2iz2ngWrsFqZjFONjOLzbRyLScWsURpukgnernL9_kLLi-302V5-Vt2u7_ksrhO_7rL9689TS6_v-a3_DsO08Ps_Jwu6j8uxGo5Fw3nqtVctEoAAAAAAAAAAEuYM28CAAAAcBrEbrHY7JYL8PAHrwsMAgAAAAAAsLvCppm_mtw_UNz4cUPdTS7L6eiyPEwOy5k3eyaItVotawAAAAFsAACAAG7dvAWcSHI!&cmcv=&pix=undefined&cb=1630886431133&uv=3014&tms=1630886431133&abt=aat1_vA!adh5c-1_vA!smbs!spa2_vA!t45!ufm_vD!vzr_vB&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=A1729047C27180072663219967&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.undertheradarmag.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://www.undertheradarmag.com/

Response headers

server: nginx
content-type: text/html;charset=ISO-8859-1
content-encoding: gzip
accept-ranges: bytes
date: Mon, 06 Sep 2021 00:00:31 GMT
via: 1.1 varnish
x-served-by: cache-fra19173-FRA
x-cache: MISS
x-cache-hits: 0
x-timer: S1630886432.773786,VS0,VE10
vary: Accept-Encoding

GET
H2 200 sync Show response
am-match.taboola.com/ Frame 6512 1 KB
1 KB 657ms
0ms Document
text/html 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-match.taboola.com/sync?dast=V7f9ACFgMIKlgGtjzDhwQIKlgGtjzDhwUAAAAGBvQHGsHYTZaD0W5D2S2Gg8FuMpttJovlcrYbAkcwdpPlYLTbUHaL4WCwm6wWk9VuORyNhqMpfBjLZTKoBRKW2e87KCinp8fsMoiKrrfF7nCaPW94QtPp8Lnu9brf7666m1yW09FleZgclrfDZ9f43X65y_f5Cy4vt9Nleflbdru_5LK4Tv-6y_evPU0uv7_mt_w7DtPD7Pyc7gAAAADwADDlGQPxAwgAEAEAAAAgAQAAAEARUPFvIXABAAAAgAFwoFehAUDJcYAOh-XscvsDAOBBAQQAQACDBECAM7AEYENz8QQAAAAAAAAAgOX___8_BkDP4E4GIIQvswfgwQfggaigsogRAAAAwCfMDcHRpE6oLKoAAAjSrQCuAAAC9nDP8G3DAAAABMYW6GHx-80Ou8bvdhkAAAAAAAAAgNn_2T-aUJReeBrQ5LWC2i8gAMDaLyAAAJu6AQC8CcAFHUErBoPVBcTsAAAAAO7-____9UBqtBy5bMaZZWXaDIcT22azWM4WlsXKOVvMXLOJ9wxpp1otxIrx-0KEZfb7DgrK6ekxuwyiouttsTucZs9BfNAwLCeDYH4TthitJpPNcjhbLiaD4Wg4Gu1PICcDnIjBcjmZLCa71Wg12gx3o9lggQIxmCBFiwaT1Wg0WUyGq9FkNVsudrsNUrRqNRttBsPVbDLb7VbDwXA5GuGELUaryWSzHM6Wi8lgOBqORkOEEc9s4zDsNm7dwuJci2bGyVo58RjWGt_GOVxOXDbjbuUWvT6m42RlsjkXXhQMSNqL4CKdqO4ml-V0dFkeJoflIpZoThbpRHbZt0bLkctmnFlWps1wOLFtNovlbGFZrJyzxcw1m_grntnGYdht3LqFxbkWzYyTtXLiMaw1vo1zuJy4bMbdyi16fUzHycpkcy78jdlmMBzORpPZvjHbDIbD2Wgy23foDN_V52wUB8Xljk6s3I173pj5oHAZLN7f0SKN3Xozo8o2tlhUt2HON7EK_X6_3-_3-_1-v3djNngMBsPQmRBNp9bXTxsWfzfeg0ERSwSni3QiehlPF7FE8rRIJ6rhajVbjZwzw2iz2ngWrsFqZjFONjOLzbRyLScWsURpukgnernL9_kLLi-302V5-Vt2u7_ksrhO_7rL9689TS6_v-a3_DsO08Ps_Jwu6j8uxGo5Fw3nqtVctEoAAAAAAAAAAEuYM28CAAAAcBrEbrHY7JYL8PAHrwsMAgAAAAAAsLvCppm_mtw_UNz4cUPdTS7L6eiyPEwOy5k3eyaItVotawAAAAFsAACAAG7dvAWcSHI!&excid=22&docw=0&cijs=1&nlb=true
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.5.0/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: 86d0b0c5c5ac215d1bccc0057a9e5aeaf96554438e7eacc1c8d53f9f3f827b26

Request headers

:method: GET
:authority: am-match.taboola.com
:scheme: https
:path: /sync?dast=V7f9ACFgMIKlgGtjzDhwQIKlgGtjzDhwUAAAAGBvQHGsHYTZaD0W5D2S2Gg8FuMpttJovlcrYbAkcwdpPlYLTbUHaL4WCwm6wWk9VuORyNhqMpfBjLZTKoBRKW2e87KCinp8fsMoiKrrfF7nCaPW94QtPp8Lnu9brf7666m1yW09FleZgclrfDZ9f43X65y_f5Cy4vt9Nleflbdru_5LK4Tv-6y_evPU0uv7_mt_w7DtPD7Pyc7gAAAADwADDlGQPxAwgAEAEAAAAgAQAAAEARUPFvIXABAAAAgAFwoFehAUDJcYAOh-XscvsDAOBBAQQAQACDBECAM7AEYENz8QQAAAAAAAAAgOX___8_BkDP4E4GIIQvswfgwQfggaigsogRAAAAwCfMDcHRpE6oLKoAAAjSrQCuAAAC9nDP8G3DAAAABMYW6GHx-80Ou8bvdhkAAAAAAAAAgNn_2T-aUJReeBrQ5LWC2i8gAMDaLyAAAJu6AQC8CcAFHUErBoPVBcTsAAAAAO7-____9UBqtBy5bMaZZWXaDIcT22azWM4WlsXKOVvMXLOJ9wxpp1otxIrx-0KEZfb7DgrK6ekxuwyiouttsTucZs9BfNAwLCeDYH4TthitJpPNcjhbLiaD4Wg4Gu1PICcDnIjBcjmZLCa71Wg12gx3o9lggQIxmCBFiwaT1Wg0WUyGq9FkNVsudrsNUrRqNRttBsPVbDLb7VbDwXA5GuGELUaryWSzHM6Wi8lgOBqORkOEEc9s4zDsNm7dwuJci2bGyVo58RjWGt_GOVxOXDbjbuUWvT6m42RlsjkXXhQMSNqL4CKdqO4ml-V0dFkeJoflIpZoThbpRHbZt0bLkctmnFlWps1wOLFtNovlbGFZrJyzxcw1m_grntnGYdht3LqFxbkWzYyTtXLiMaw1vo1zuJy4bMbdyi16fUzHycpkcy78jdlmMBzORpPZvjHbDIbD2Wgy23foDN_V52wUB8Xljk6s3I173pj5oHAZLN7f0SKN3Xozo8o2tlhUt2HON7EK_X6_3-_3-_1-v3djNngMBsPQmRBNp9bXTxsWfzfeg0ERSwSni3QiehlPF7FE8rRIJ6rhajVbjZwzw2iz2ngWrsFqZjFONjOLzbRyLScWsURpukgnernL9_kLLi-302V5-Vt2u7_ksrhO_7rL9689TS6_v-a3_DsO08Ps_Jwu6j8uxGo5Fw3nqtVctEoAAAAAAAAAAEuYM28CAAAAcBrEbrHY7JYL8PAHrwsMAgAAAAAAsLvCppm_mtw_UNz4cUPdTS7L6eiyPEwOy5k3eyaItVotawAAAAFsAACAAG7dvAWcSHI!&excid=22&docw=0&cijs=1&nlb=true
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.undertheradarmag.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://www.undertheradarmag.com/

Response headers

server: nginx
date: Mon, 06 Sep 2021 00:00:31 GMT
content-type: text/html;charset=ISO-8859-1
machineid: 9405

POST
H2 200 VideoBidRequestHandlerServlet Show response
wf.taboola.com/ 17 KB
11 KB 554ms
2ms XHR
application/json 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=5479985&noaop=5&sortOrderType=0&cb=1630886431150&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=1&pv=1264&pt=-1700866571&tz=120&viewable=true&ddast=V7f9ACFgMIKlgGtjzDhwQIKlgGtjzDhwUAAAAGBvQHGsHYTZaD0W5D2S2Gg8FuMpttJovlcrYbAkcwdpPlYLTbUHaL4WCwm6wWk9VuORyNhqMpfBjLZTKoBRKW2e87KCinp8fsMoiKrrfF7nCaPW94QtPp8Lnu9brf7666m1yW09FleZgclrfDZ9f43X65y_f5Cy4vt9Nleflbdru_5LK4Tv-6y_evPU0uv7_mt_w7DtPD7Pyc7gAAAADwADDlGQPxAwgAEAEAAAAgAQAAAEARUPFvIXABAAAAgAFwoFehAUDJcYAOh-XscvsDAOBBAQQAQACDBECAM7AEYENz8QQAAAAAAAAAgOX___8_BkDP4E4GIIQvswfgwQfggaigsogRAAAAwCfMDcHRpE6oLKoAAAjSrQCuAAAC9nDP8G3DAAAABMYW6GHx-80Ou8bvdhkAAAAAAAAAgNn_2T-aUJReeBrQ5LWC2i8gAMDaLyAAAJu6AQC8CcAFHUErBoPVBcTsAAAAAO7-____9UBqtBy5bMaZZWXaDIcT22azWM4WlsXKOVvMXLOJ9wxpp1otxIrx-0KEZfb7DgrK6ekxuwyiouttsTucZs9BfNAwLCeDYH4TthitJpPNcjhbLiaD4Wg4Gu1PICcDnIjBcjmZLCa71Wg12gx3o9lggQIxmCBFiwaT1Wg0WUyGq9FkNVsudrsNUrRqNRttBsPVbDLb7VbDwXA5GuGELUaryWSzHM6Wi8lgOBqORkOEEc9s4zDsNm7dwuJci2bGyVo58RjWGt_GOVxOXDbjbuUWvT6m42RlsjkXXhQMSNqL4CKdqO4ml-V0dFkeJoflIpZoThbpRHbZt0bLkctmnFlWps1wOLFtNovlbGFZrJyzxcw1m_grntnGYdht3LqFxbkWzYyTtXLiMaw1vo1zuJy4bMbdyi16fUzHycpkcy78jdlmMBzORpPZvjHbDIbD2Wgy23foDN_V52wUB8Xljk6s3I173pj5oHAZLN7f0SKN3Xozo8o2tlhUt2HON7EK_X6_3-_3-_1-v3djNngMBsPQmRBNp9bXTxsWfzfeg0ERSwSni3QiehlPF7FE8rRIJ6rhajVbjZwzw2iz2ngWrsFqZjFONjOLzbRyLScWsURpukgnernL9_kLLi-302V5-Vt2u7_ksrhO_7rL9689TS6_v-a3_DsO08Ps_Jwu6j8uxGo5Fw3nqtVctEoAAAAAAAAAAEuYM28CAAAAcBrEbrHY7JYL8PAHrwsMAgAAAAAAsLvCppm_mtw_UNz4cUPdTS7L6eiyPEwOy5k3eyaItVotawAAAAFsAACAAG7dvAWcSHI!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=7&ft=0&pb=0&pagg=1&sd=undefined&dtagid=1809035&dpubid=171137&abtst=aat1_vA!adh5c-1_vA!smbs!spa2_vA!t45!ufm_vD!vzr_vB&mPre=0.033&cirf=https%3A%2F%2Fwww.undertheradarmag.com&en=1&subu=3
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.5.0/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 39d4fe53c7beac792722c655a42159f09a9995be095652ca7404ae94ec1916f4

Request headers

Referer: https://www.undertheradarmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-type: text/plain

Response headers

date: Mon, 06 Sep 2021 00:00:31 GMT
content-encoding: gzip
access-control-allow-origin: https://www.undertheradarmag.com
machineid: 1452
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-fra19173-FRA
pragma: no-cache
server: nginx
x-timer: S1630886432.679327,VS0,VE48
vary: Accept-Encoding
content-type: application/json;charset=utf-8
via: 1.1 varnish
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
accept-ranges: bytes
link: <https://video-ads.rubiconproject.com>; rel=preconnect,<https://ads.adaptv.advertising.com>; rel=preconnect,<https://search.spotxchange.com>; rel=preconnect,<https://www8.smartadserver.com>; rel=preconnect,<https://search.spotxchange.com>; rel=preconnect
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 st
am-vid-events.taboola.com/ 0
43 B 931ms
0ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=7997047&crid=5479985&dast=V7f9ACFgMIKlgGtjzDhwQIKlgGtjzDhwUAAAAGBvQHGsHYTZaD0W5D2S2Gg8FuMpttJovlcrYbAkcwdpPlYLTbUHaL4WCwm6wWk9VuORyNhqMpfBjLZTKoBRKW2e87KCinp8fsMoiKrrfF7nCaPW94QtPp8Lnu9brf7666m1yW09FleZgclrfDZ9f43X65y_f5Cy4vt9Nleflbdru_5LK4Tv-6y_evPU0uv7_mt_w7DtPD7Pyc7gAAAADwADDlGQPxAwgAEAEAAAAgAQAAAEARUPFvIXABAAAAgAFwoFehAUDJcYAOh-XscvsDAOBBAQQAQACDBECAM7AEYENz8QQAAAAAAAAAgOX___8_BkDP4E4GIIQvswfgwQfggaigsogRAAAAwCfMDcHRpE6oLKoAAAjSrQCuAAAC9nDP8G3DAAAABMYW6GHx-80Ou8bvdhkAAAAAAAAAgNn_2T-aUJReeBrQ5LWC2i8gAMDaLyAAAJu6AQC8CcAFHUErBoPVBcTsAAAAAO7-____9UBqtBy5bMaZZWXaDIcT22azWM4WlsXKOVvMXLOJ9wxpp1otxIrx-0KEZfb7DgrK6ekxuwyiouttsTucZs9BfNAwLCeDYH4TthitJpPNcjhbLiaD4Wg4Gu1PICcDnIjBcjmZLCa71Wg12gx3o9lggQIxmCBFiwaT1Wg0WUyGq9FkNVsudrsNUrRqNRttBsPVbDLb7VbDwXA5GuGELUaryWSzHM6Wi8lgOBqORkOEEc9s4zDsNm7dwuJci2bGyVo58RjWGt_GOVxOXDbjbuUWvT6m42RlsjkXXhQMSNqL4CKdqO4ml-V0dFkeJoflIpZoThbpRHbZt0bLkctmnFlWps1wOLFtNovlbGFZrJyzxcw1m_grntnGYdht3LqFxbkWzYyTtXLiMaw1vo1zuJy4bMbdyi16fUzHycpkcy78jdlmMBzORpPZvjHbDIbD2Wgy23foDN_V52wUB8Xljk6s3I173pj5oHAZLN7f0SKN3Xozo8o2tlhUt2HON7EK_X6_3-_3-_1-v3djNngMBsPQmRBNp9bXTxsWfzfeg0ERSwSni3QiehlPF7FE8rRIJ6rhajVbjZwzw2iz2ngWrsFqZjFONjOLzbRyLScWsURpukgnernL9_kLLi-302V5-Vt2u7_ksrhO_7rL9689TS6_v-a3_DsO08Ps_Jwu6j8uxGo5Fw3nqtVctEoAAAAAAAAAAEuYM28CAAAAcBrEbrHY7JYL8PAHrwsMAgAAAAAAsLvCppm_mtw_UNz4cUPdTS7L6eiyPEwOy5k3eyaItVotawAAAAFsAACAAG7dvAWcSHI!&cmcv=&pix=31589837&cb=1630886431133&uv=3014&tms=1630886431133&abt=aat1_vA!adh5c-1_vA!smbs!spa2_vA!t45!ufm_vD!vzr_vB&ft=0&su=3&unm=FEED_MANAGER&debug=pn:!sqg:!torgn:1630886422271.4!ts:1630886431133&mntl=1
Requested by: Host: www.undertheradarmag.com
URL: https://www.undertheradarmag.com/news/premiere_enn_debut_new_video_for_catalyst
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.undertheradarmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 06 Sep 2021 00:00:32 GMT
content-length: 0
server: nginx

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 7786 0
0 492ms
133ms Fetch
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuBRld16rKd17M8lE67OY-Lz6wtgiyY7aCYNgB74n2jdm8KFE6IKiJeZYrO2Au9KmT82OeSdybsIA-rUT0W39rBVcVtqkpMJLptfk1tNh8dcp-kwmnDOZINLSyTLySYJERr334mb1QZ_G0NYUVkpaPlun7npMiH7mD7o9BzRT0cwXVCKGgNz1oVT2kACdSmbNlMXob4ZatZYM9hEBciRGkjHR43Qq3Se4USNQ0dai4SU1XDsl1ewHRWYtf1A93Cy1KlRga9RFxI98_pNtsxtWQJvFDevtlJIGo_4fyWZk1r1PI26o55Z5GrvjFrESgPDgGRtJ-2zNtGhTiyF3BFdsvSSO0&sai=AMfl-YRlPjEpfL7sVz3v_g50QCBZ9Y7BYUofxGmL46XtT8eOIMhy-GoJFiQTLFuPMcXXIcH6DTDcb057ZpXTzEt--blSAmQ_PtvtpF_nb5dW_BEViN-3sTqICJv7x1gN8gs&sig=Cg0ArKJSzNxnXCRM2iABEAE&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.undertheradarmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 06 Sep 2021 00:00:31 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Mon, 06 Sep 2021 00:00:31 GMT

GET
DATA 200
OK truncated
/ Frame 7786 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b82dbd8df8b2c380436ee6267876ce3295e16ce544e76440adb83694d7389c57

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame C8A0 640 B
316 B 447ms
121ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsY1Z21PTAB&v=APEucNU2oGfYbiY5c6cyqR08XbD5C2PpC7JVneT7HnGx2O3SrJQT2kXyUuV39kMfAYmD8tQQZ-K2JWbKUNV4GA0Uspy0YeVdYJsXcQ8Uea8KIEViebzrqFs47BwSrtU2gAFYc8kLbEeT_tIvtCP2BySwMw-2c8UmVWzT1AqoGZDQKlhwcUw87pk

Requested by

Host: dd97950f1a8a919d39db5fcf83f03a78.safeframe.googlesyndication.com
URL: https://dd97950f1a8a919d39db5fcf83f03a78.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /xbbe/pixel?d=CN-KGhCn9EsY1Z21PTAB&v=APEucNU2oGfYbiY5c6cyqR08XbD5C2PpC7JVneT7HnGx2O3SrJQT2kXyUuV39kMfAYmD8tQQZ-K2JWbKUNV4GA0Uspy0YeVdYJsXcQ8Uea8KIEViebzrqFs47BwSrtU2gAFYc8kLbEeT_tIvtCP2BySwMw-2c8UmVWzT1AqoGZDQKlhwcUw87pk
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://dd97950f1a8a919d39db5fcf83f03a78.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUmo--3WcxxmqpqJGAgtVcSch4QALjp2BLfSmfo9gc4r0gU4oXBq7UMvgPY2ERE
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://dd97950f1a8a919d39db5fcf83f03a78.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Mon, 06 Sep 2021 00:00:31 GMT
server: cafe
cache-control: private
content-length: 295
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame C38C 25 KB
13 KB 381ms
105ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AojnN71BzfLUgPf4BkuLD_x2nQxUO-DBwJVdkVItMLpBo6Uhog-SxFzM8pkulVNjbeIIqO1xsTZTREop1-7D6xvUjvxenSMxOZuhbcYPrQh7_Ef-q8OZfxbifoWsgmx2xoOs0OimdavBmWfVINxLm_l-NEXg&cry=1&dbm_d=AKAmf-Aw2sLbS2LlW4RzZ_7pseFLR57T4G0iFWHuKodKSuKpsXFvF05m-UcnELU01o1ysx5XUMYH4ymdq1L-Ix4rQz_ApDhrVW-8fFX2kd7V4Ihtm6ZhGaifAo37YlbJIxyg1Pze1nCSvLHtl1VvKxgZcTX5NhLKhtv2iPAfTMN63cVHY9n4q0VQ-2s_WMcbJu63B6wAz7nQMonFpCRkvTp2ZnKHKd_KRVCkYDytu69qOEWMtuTvNGhteRsFPCFJSlA7UEubuDh3zGO2FVJPLGKDp4shdpZTTgekDv7gEYNE6H_ZbIZZet9SZ_iLQH6PEnsce4SdcQiS2uIZYaqMygaz0L6viKmE3UiiMRGygTXgQFty7M0iKB1_tavi2byy6Z65rHxcvD6TPsUhGssD-LIO6aRjS5ijioO2eTT9v4ltD_xsnJbZU7Q4P2yQOt1uuFezY9IIjpepoco3VE_KCp5a5BwuXuCHbaSBZTL_EVfdQ3G5PWbTvjIz4kjywf0V0xJtwjLjhY84zh7Oe7G-sbTUwwI1kufkhkma_5lxLc7FgPSEAb77fuOvk-bHWUQrC42QSHRUtQVMpDCRdE_c2So41D-YrN_3xu07K7etPWccPvsLWrThLBXaAuSElenea8PNYmxN3k5NYQ32mrceizYyMwYektMJOpTZSPONU32kmZiYJCY-C0fO9LXzON718dTUHmxLsLp6Uu5clFYA-YHkAPqdnJdc3y8txI2GvM64XFA8pK0lDAVmBT_ZWC_OzAMrEAxJLvx7h4fpfGT81S07CLYpGlIst272waKjb8uUM1Ssc7uEvxte18UnQhc5C6_0t-mx0OjdO7bTmrGavkyWD4Sr63WP9zBDjQ9J98l0F5spc-BohA0nPHGqSIXmhj2ZWnw0Om03tI3eV_bwpOj5eg4lvu4xYd9vbTeOU_ockuHQc2Qkywme1jYG_lifdt_npf0r_Y56CcsOrKikjD-xpvrTH2QjnHQjm9UBnllvTU9B83CpG5JHcxFNpV5xNCYE7sGveOrK8nDJEY_OK4gFzeppy3_QeoE4JIGedqlor__eXYQHkery62IeQ3LT6KHRVuqHJ-25fuZrou10qLk6KjkXuUjlaMtkqeGqqymmQE_BarPj_rDU-9e4aA2zFcaHNiII3mPWUPSDQ_6xfyV7zWCDgFP-QSSN4qcKj5-iUIZb8ZW3_0EDi1emg3DPc0dHMFb8LGlQEnMZmA7v6r1bM8YcyzliFdNGyNeshN7pwU55mL5xhmZTWQyjK12kG2IlMzR78QAuPklNYIqeBIuNr07AfxtLeGWpeELKAZG3Gk6h8HUNjAMyYJEGsvKQ72DTlIe-PjHPsjrinlF9yfg0u9WAZIuMzG0gdIzOwHKCC22BqEqGEvFtIeFhWZyG5XGgIZ8s4QVptQwyouVeCRWTvRjA336HCunv9cV5d6SPu9-LIZv1PEoz24P0yCgQK4k38-bLco6eAGWEMl79UQN8mh2pbcN_uOQ8leLpkHBzNWLAhETAjo1xpXMiAxCTA4nQQsCoruDHS3ekrzg3EuDRQLcPCcETU9Ay7YmkFEg3I0iwoJd26uV0c5zFvWNNAjW9PZv7Kft2cbjw4apoO6EQ5Fa-PNh5mSzPm6f7xwItT4LOCmjtf-kv6317d5FN8Z1piS5Bw3E7N4J86DhKW10BF22H3I6qgZ0dT-LILPf_7qnVBAGGOLoQxzqL5YWw3JySqHKn4i2JcIQeVeAAMVXLR2E_rZKQLd235LaHT6yn4EZol7lElNg8eLzAK7N8Fny6ME4JJzQ4oGp9xhdidHaYLTuiRkBd2YFHgwKSJWUEwB7wYUVCGulwyJxib3CndrwNYX1lTSJYihnoEmj7OAd3csfAJ6_EfIgblehFPDDMmHTBYPJVCHhtMahAt-yRHSYbBZ15lqgQ0wjRa9sFSeQO9BlZDQGyryOH4nNHlMIheGO1UdiZeYgxddtbLkUrlFk7UpBMvlYqk1KoMd4UPB1F15shM2CeAgahJh2Uyavvk7zd9_NJ86UhkVqfXiTNp6ivw8ZTNP17bZurj-mAPtiQuLDgfVKYmSICs_0wE6GHWB1e3S7t3AnFwYiL-c5WPCLT8Xu-zgs9XhxnwWt0I3rdXKja_xbgdSWm9f9_Y4L5wg2kXZg8UFXrsLci0_OfwnGxZTcuOENsQgPNGDoBAaxydp1yycuVJT7P0gWnzvS4KMyONcY0MIC7HGSylaFsHVHZVYNtNCfN-t1wS-Tgn60lH0ZES4RAX7q-EIEuvW0Kvgs8Omtx4INgd_0MwikwBrPJ_OQCEecyXUUNBZTrNyOws3DvtmtD849LV2DyZpItpCY_R9kqzZT72ekfS9nKFq4sJGtXAcmWNYtccNvW1G0fkz7AVvrx_y-qmHB91moHhPTugm59oY8WXI2rJXxWsc59V7SWq-jfOFklx-8ckURID9-K6B8vx30ifiWcAyNnVlDSNg8ElQ57y1mrVhx4xNdGN3lTLpZBmpo_b7Tomv9bMvio9JSwTaJn0Wlgn1Er-LpN-lIR0l62rXiiGICoaj-N-Uv8qTZHU3ybckxg_BXj-Jp673lNRMKyZeti9HMmTuKGUjvJIIAaMr6AjSlnDRa0UhmLyBzGUqLF91t_HYlPeG7Dk0zWOSaM09oz8z7HWOwUdxbCt7myWLJSTvyEBPeJxqapqxs0Skyd5VXX2aEbM-8ylD0mtK_kzlI9Avv9mfXA-A_PtXTevw8iFfe3WUGvrXPDljJaeE-tOYca5IMtb6It_l27aL-bISxcAg5dozThRknRkKt_i7dQZedyoGHndDvvavbsXeS4lNOVgMLrv8bsSut-oT8o5Ms_XhUMoX0NPt-hc_vsQUYb_-51IZoATS1P5um5xJfIOvvNo7gNrtzlymFDCzgGbuUKd0q08-6bNU3NIcG8NTTuohRxaS_CUhBElECd_ofaj7KLXqxnEz86ZHXg-oBuaiQMEgZ7uF9dVCONvxERg6XCG0RoqqjyNRQxlIlto4riD1sQauQ6sAv9saxVcoNd2KJGKSX1v1lKL0XJMK_b7iAa7vpXFcXbJsZdbzqE32vg-iDd0_I6oqxS-BSdUKOsvGEBmwLSCg_qV1l6nVgivD6OFyRhVaq16MPe2g9PViiyFojFGMxJzrF04euINsvcuUrnCdfn3qL2YGTN05g&cid=CAASFeRokUELHibDCAp6Gjl3MOYpBCCs7Q&rfl=1%2Chttps%253A%252F%252Fwww.undertheradarmag.com%252F%240

Requested by

Host: www.undertheradarmag.com
URL: https://www.undertheradarmag.com/news/premiere_enn_debut_new_video_for_catalyst

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4445759d0d16036496016dd672490f3f2cd9921e56cdec233e53fa18b6589d51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dd97950f1a8a919d39db5fcf83f03a78.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Sep 2021 00:00:31 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13050
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame C38C 42 B
63 B 505ms
68ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AFLnimlKpYUuDD9-QGIuvj4DxtamP6uXDmMbpLwXEb8neAIKXWQhAKlW9JXI7VbvWaCRgzsLJEWocSmR-G6u4jlr3-tK6hm8zhMAjA79Aetl7sKQA

Requested by

Host: dd97950f1a8a919d39db5fcf83f03a78.safeframe.googlesyndication.com
URL: https://dd97950f1a8a919d39db5fcf83f03a78.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dd97950f1a8a919d39db5fcf83f03a78.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Sep 2021 00:00:32 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210831/r20110914/client/ Frame C38C 2 KB
1 KB 435ms
301ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210831/r20110914/client/window_focus_fy2019.js

Requested by

Host: dd97950f1a8a919d39db5fcf83f03a78.safeframe.googlesyndication.com
URL: https://dd97950f1a8a919d39db5fcf83f03a78.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dd97950f1a8a919d39db5fcf83f03a78.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 05 Sep 2021 23:38:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1325
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 19 Sep 2021 23:38:26 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C38C 122 KB
37 KB 238ms
104ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: dd97950f1a8a919d39db5fcf83f03a78.safeframe.googlesyndication.com
URL: https://dd97950f1a8a919d39db5fcf83f03a78.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0299ce766df424b69a25530d8afe7c2352cb6240c7510fe7be67d8cd53bd3467

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dd97950f1a8a919d39db5fcf83f03a78.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 06 Sep 2021 00:00:31 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1630496346997469"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37796
x-xss-protection: 0
expires: Mon, 06 Sep 2021 00:00:31 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210831/r20110914/client/ Frame C38C 14 KB
6 KB 319ms
118ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210831/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: dd97950f1a8a919d39db5fcf83f03a78.safeframe.googlesyndication.com
URL: https://dd97950f1a8a919d39db5fcf83f03a78.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

114dabe187311ee2e303549831223ef80d06385cb854e2aa1647ec1e0ca148f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dd97950f1a8a919d39db5fcf83f03a78.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 05 Sep 2021 23:54:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 347
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6183
x-xss-protection: 0
server: cafe
etag: 901432759052127119
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 19 Sep 2021 23:54:44 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame C38C 0
0 546ms
59ms Image
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSRZWB6x3zvHpdShd-vy-bq4owAmm48C7j4IBSW81hsf0WbEM57kKmxGQLuPeONOBJ456pOHqI_0S4rFpsqiTzUsBZsog
Requested by: Host: dd97950f1a8a919d39db5fcf83f03a78.safeframe.googlesyndication.com
URL: https://dd97950f1a8a919d39db5fcf83f03a78.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://dd97950f1a8a919d39db5fcf83f03a78.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

GET
H3-29 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 42C3 499 B
334 B 315ms
116ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CMX_6gIQ4aTvAhi7392sATAB&v=APEucNUfqWPyKDX0HqjEV7yFACK0tRLFxFJMwlU5Ol9MPllwDAs9aV5DIuDgku2fNFlini91CDDeeuE4EcwbH3t2jKFrxyE6iI0Ox0-maI7RKOSiFpmgV8JQCOgPa0gG46YXGcuh25PuxHZgc8VaIEay9XaSYwNwN7mUVhOBdrQZg3yvHXr4xvE

Requested by

Host: dd97950f1a8a919d39db5fcf83f03a78.safeframe.googlesyndication.com
URL: https://dd97950f1a8a919d39db5fcf83f03a78.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

583eda12fed77c078f7391866e53eedd80aec5b9b178a3537a3c4c3b09575485

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /xbbe/pixel?d=CMX_6gIQ4aTvAhi7392sATAB&v=APEucNUfqWPyKDX0HqjEV7yFACK0tRLFxFJMwlU5Ol9MPllwDAs9aV5DIuDgku2fNFlini91CDDeeuE4EcwbH3t2jKFrxyE6iI0Ox0-maI7RKOSiFpmgV8JQCOgPa0gG46YXGcuh25PuxHZgc8VaIEay9XaSYwNwN7mUVhOBdrQZg3yvHXr4xvE
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://dd97950f1a8a919d39db5fcf83f03a78.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUmo--3WcxxmqpqJGAgtVcSch4QALjp2BLfSmfo9gc4r0gU4oXBq7UMvgPY2ERE
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://dd97950f1a8a919d39db5fcf83f03a78.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Mon, 06 Sep 2021 00:00:31 GMT
server: cafe
cache-control: private
content-length: 313
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 63CD 70 KB
28 KB 379ms
110ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CfpkDArJfBM5RipCrCHRcToP3oRPn9IR4MeCN3MhrslQ77ImKDyuC17tkuhYTionRMVnAmeMZ7VM9fO88yLm4QjAanMyGIh-FrOtF8MoGTx6Y-IIVRdMcc4HQJUcMolQgCR9MH0jfklTxXq5_toZXNYr6eKA&dbm_d=AKAmf-C9hp3w1m-_I2zndj3cXAXaeyYNojt4YH9v5XcEUSK9V9DxyETUg0hqe9x8U5bd-3Plz_ZGLebZRYBQIzHksAYxly2Ioah1CJPghV2EAYV6AXHLvIbBaLbqHme87ZHhEJoI-NRYq0mx0SSong4VtazvJD9KvbwZ6P1JuQsjaFnh1ZbQzwx8bIuIaoJWspPbFGnEwcjpYdEeTSjXkTRP2PiItxb21Joz5Tt0IGbPUikNvfPo38qNNWQkl6R_ButDR5l1IitSwgRv1qWkSXZDGNtAawnx8Da3riEu7ZGb53xJSSkRUhtcAH8_nPp92KCD4URKgZP9GoMlFLe-ArUTG785_KqEReu3WLtW_KmjyQw4W42U1PLsVfFn2l08-2urwprW3b8D_Kr7k2NgJjZe2miqMav0O94aJZLE6Yv7aBYhF9kWMX5kQJWiBjywI6VWTf2DQYt-p9VLYjLKu1ri-D5MYPeutM8vz2mtJAcX4Vo1bqzmRA93nhtfWL7YUww4nL8WX1VVdcNR4yzCJsi0u3ISR_9f2_Rw96dGbPJyRmZ-2t9t2mlXaTe-X6DIjOUcWOPFoUAJXB6tBfRyGv3oUtqk8HnGVk0dYnpYKOK6f3Ug9R2NVx72Yb4QK18IpBG-hZvIC1zyogqFJLIEljqJSpqQB1sZkG7mI3jg2YfkeUpiVjZVtpHEkgIhRtmc53Am4Pj00QZnPXtbj7VqVp5iJevZH_2FDQcdQS-w8-fFAJgpjFGzvJ1grnw-u7nw_GVPur1eoOohgroG5aYU2SnNn9-cv0IgjhXC8G137oyMcOZrtS2zWU8KEv5UAX77LGer0JQiKpyMASuLRhYKDoOr_Tk2gxYBA2U9s5_lJHIYIzAPePN44l5mpKq8Z2GSIIZJjysoEREs3p3IRjCUsIKQpSf2U2widrX7TtXDXUYHpIPQJkW3HNvj-UuPCm-91MP7KYXhyssuBgD1Z6Ptmx_2cNBFDAUWfYMLG6aT6-0PxqBJnDmYQkwhFE_wQuiSCcoKRATnav2NJMEklPEtx8YvfeU2E2o_d_wn2HAPqu0d1Z7ALcKPLffhq27oEg_CQP2PZV4GZ6YPat55mj3R1VbZZZfjnZslqKDih9OUIwgLaJ2fg7vyUKkszgXVUm5dmVa7l42RaNckupOq9n7gy3c0N3i356YxDupt3M0qTOpLBvry0T2VdbxkEbmEAhuhH086rGOxspuZJeSkCYYcQRmyP51wxXRCncSF_yYR6_rsSm14ignUOgpyAG7bdt-qv83AoY_ffIQf2Tf6IfNlrHyqp2acLznO3KQhaqMOwDT__BJmVI-BNNPqJEFylcJWJwt5u2In4sTN626EyYLipBjcUQ6_xsEp7Se9dUr5DW37MjFLtt_bEnyk7jYhaPm_S_NUsv4A_HlDBN0qZe-ccYPiZ1irwJUP-414_cFE2uGmsOpqgcNugxA2ZIr4sdYWINe9cjCgeAACZzPu6YXVcBIGFSJfzV6Ydd-m8MGthBjzTGWZ3EmXxf3Y1FNfsRYLiVn4gfLHutIgMK4H5yFqK35QWKfQU6wra1tI1dD-aAj2c94g9kTZ-YjUqVdzZsDq2VeFFw3Tc1OSfpbM94I_hJ0x6zCFnhrx0qGOVaod9pLCB6KlYKTT_iehFYDmvTh1J7dWZ7OtbaOeoUFtCBbAb1ElxP7CnmT_M47TGoSEgogJCQrggezmK8mbw3DmdPVMjheI6iP0u3Qx2AVz8COunOoLgcMi4wvpM9CAZdKz71DDIOt1FPgJ9C8sI4gMu6dbDA46MZDidO2S_4xXSKeGZTKYXrO1jgMGDtTn-hnae0tCAQZHoHjVaqrmQPiPhj401r6Ve2QAJhbN22ebZvXiSlF5vg3nlLsRAKWfc1V71V5KLjtqxxeDvBD2F5D6kU_gv_E3G5_SMqb49ShpsHtR_RIIYV_VoN6MIW5o7WF9-Dcrn57e77iqwQyT2H1sgt2hC0nfdnXK-eBMAtHOrmboFIWcEF4Pjbw1cO_asaWUmKzlAqCi1t_JbLvqIWHFErNG06VE9_Oa4PxzhPq4uGUN7HlStEbnbREbA62VDhT4udLCy59zr1KzE_rYWz_7SAuOCyn6Lf2nqq6H1X71lbgPcSYNbsXjQSddJM-7ZZ4UzVlXKWInL4WlHEgg8_tTp2YBJAoKhaCJPzoFL6MFoOrHK_VXFyLN_TDbirlYfvV7neMLcHXYIHAcl16xsxhAwmrFWuwWlfkxtYex7coVyZkgjEkCftNSEI_YHH1ontuY3nVAuG4nAMH0Hm7X7lEWRIMYZ-rB8Nx3gD-p3bnpLq39_nj9WcbZzBa0bMZxklCxoLw0OYihcnPUu9Q49ghDy9jUkyHacHs2-xJ2Ea_5Tv1uvKNzIfJW5-VepjrsMOSwSeI28V_diin2odO9loe-Y4YDixGfpVytGC9Dz3bS9G1Pq-sUHsdD0Lt_T7QT5M4Q8zNqrysgBrUL-sG1SzXh02LR9bDz_NTjVMHKRQDLrsl3B37b_6xqFxJfT8l7KHaCBBDFzXm7jkOtforMVJZDIf5bLt6f64sKX0WJe0M6vpPkgWTA7mn5JvvtA_JERhB4Hl-Ux2wxAWY5nO-f_biMl9Jy-5SXQ0yyet7SxwCbO6BXmcDZI1jvJBqyjJ2E5Ap4AZNlCl-ZVcZ_1KGuCrIqlKBL_sD4lXqw_dyFvcMUne_atqzmywC7dTCDr84wJhmuTnLIrSNCYPmP44Zgf9iP7ACoa8yJeOz4CZOJtdCAbZu9_q3dV8FlAeqYB2cy1aDIMPm46Kywi92krZJI91KH6r1a8SSPlbMpEEFtqhwj8nLMHsvJDXp69Y-vUQ0HJ79pOif5fEQgAb1wBBesVCXB7ghn7dyaTFMkRNrnurE_UGsihzJ0p4zdbOlM-DAwj1gNttlReHdawOchtsDxA0WDF8laBYRN8acMl2NgEcZUAmAZuRvMkyivHlKyJu4Jn5bK7R5tpAlGh5Y3aVGyBRUQXDUG-me-E7_jdSQqHXP2wHcseHFXvdlyifuD8dLf5Wix4ISsLA79yrTdBwYvVpfRXbuy_d4iGoc7NrswjFfUSptotN7i3I-hJypCylH7g9XWOY-uXiSSeRL2xXIP9zu6-j4cH7bPGyrlDDACTW5QkOWcgpsyszp60KSSvkV0yO2iU5tToMmn9-TLtQl0vyy6VuiM7TwmKJcm8S4A&cid=CAASFeRowoQ0sNRn_82tAOiCFNQ4TX_r1A&rfl=1%2Chttps%253A%252F%252Fwww.undertheradarmag.com%252F%240

Requested by

Host: www.undertheradarmag.com
URL: https://www.undertheradarmag.com/news/premiere_enn_debut_new_video_for_catalyst

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

07176f248f14316abe8f3acce5045682045803946eb7794e6406a84d0ab6f1ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dd97950f1a8a919d39db5fcf83f03a78.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Sep 2021 00:00:31 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28340
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 63CD 42 B
63 B 579ms
96ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AjH45Gy0uIX50-6seux6SdcsZNjjwoXfslX9dywxyLdIbRqITr8DaPzHmFOk-PCxUY7-kPfDQrIHNcnT-HvxtBhW4lnQoX_0eiKlkPw8rOMLebJeY

Requested by

Host: dd97950f1a8a919d39db5fcf83f03a78.safeframe.googlesyndication.com
URL: https://dd97950f1a8a919d39db5fcf83f03a78.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dd97950f1a8a919d39db5fcf83f03a78.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Sep 2021 00:00:32 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210831/r20110914/client/ Frame 63CD 2 KB
1 KB 531ms
264ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210831/r20110914/client/window_focus_fy2019.js

Requested by

Host: dd97950f1a8a919d39db5fcf83f03a78.safeframe.googlesyndication.com
URL: https://dd97950f1a8a919d39db5fcf83f03a78.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dd97950f1a8a919d39db5fcf83f03a78.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 05 Sep 2021 23:38:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1325
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 19 Sep 2021 23:38:26 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 63CD 122 KB
37 KB 246ms
112ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: dd97950f1a8a919d39db5fcf83f03a78.safeframe.googlesyndication.com
URL: https://dd97950f1a8a919d39db5fcf83f03a78.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0299ce766df424b69a25530d8afe7c2352cb6240c7510fe7be67d8cd53bd3467

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dd97950f1a8a919d39db5fcf83f03a78.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 06 Sep 2021 00:00:31 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1630496346997469"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37796
x-xss-protection: 0
expires: Mon, 06 Sep 2021 00:00:31 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210831/r20110914/client/ Frame 63CD 14 KB
6 KB 314ms
119ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210831/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: dd97950f1a8a919d39db5fcf83f03a78.safeframe.googlesyndication.com
URL: https://dd97950f1a8a919d39db5fcf83f03a78.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

114dabe187311ee2e303549831223ef80d06385cb854e2aa1647ec1e0ca148f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dd97950f1a8a919d39db5fcf83f03a78.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 05 Sep 2021 23:54:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 347
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6183
x-xss-protection: 0
server: cafe
etag: 901432759052127119
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 19 Sep 2021 23:54:44 GMT

GET
H/1.1 200
OK imp.php
srv.tonemedia.com/showads/track/ 42 B
416 B 275ms
37ms Image
image/gif 54.76.22.70
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://srv.tonemedia.com/showads/track/imp.php?cid=77649201&aid=100001447&artist=&song=&search=&b=Chrome_92&cs=1&uri=https%3A%2F%2Fwww.undertheradarmag.com%2Fnews%2Fpremiere_enn_debut_new_video_for_catalyst%23&t=1630886430&subtag=&ldmo=&av=true&atv=old
Requested by: Host: www.undertheradarmag.com
URL: https://www.undertheradarmag.com/news/premiere_enn_debut_new_video_for_catalyst
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.76.22.70 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-22-70.eu-west-1.compute.amazonaws.com
Software: Apache/2.4.46 (Amazon) /
Resource Hash: b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d

Request headers

Referer: https://www.undertheradarmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Mon, 06 Sep 2021 00:00:32 GMT
Cache-Control: no-cache, must-revalidate
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Server: Apache/2.4.46 (Amazon)
Connection: keep-alive
Content-Length: 42
Content-Type: image/gif

POST
H2 204 bulk Show response
trc.taboola.com/undertheradar/log/3/ 0
213 B 82ms
20ms XHR
image/gif 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/undertheradar/log/3/bulk?route=AM%3AAM%3AV&lti=cta-lzy5_var1&bulkSize=1
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210823-13_b2-PR-36653-DEV-91882-align-code-from-custom-module-to-rbox-b251e67c540-SNAPSHOT.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.undertheradarmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-vcl-time-ms: 8
pragma: no-cache
date: Mon, 06 Sep 2021 00:00:32 GMT
via: 1.1 varnish
server: nginx
x-timer: S1630886432.108584,VS0,VE8
x-served-by: cache-fra19173-FRA
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://www.undertheradarmag.com
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 0

GET
H3-29 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 73C9 2 KB
2 KB 426ms
270ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012108170213000/amp4ads-v0.mjs

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.undertheradarmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 05 Sep 2021 14:19:22 GMT
x-content-type-options: nosniff
server: cafe
age: 34870
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Mon, 06 Sep 2021 14:19:22 GMT

GET
H3-29 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 73C9 295 B
319 B 422ms
194ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012108170213000/amp4ads-v0.mjs

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.undertheradarmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 05 Sep 2021 14:31:09 GMT
x-content-type-options: nosniff
server: cafe
age: 34163
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Mon, 06 Sep 2021 14:31:09 GMT

GET
H2 200 cmTagFEED_MANAGER.js Show response
vidstat.taboola.com/vpaid/units/30_1_4/infra/ 774 KB
128 KB 75ms
22ms Script
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/units/30_1_4/infra/cmTagFEED_MANAGER.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.5.0/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 12ded051202a771ff0f5a49ffeb6b51e88dbd6b9b4ccbd23885907c7b50adf82

Request headers

Origin: https://www.undertheradarmag.com
Referer: https://www.undertheradarmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 06 Sep 2021 00:00:32 GMT
via: 1.1 varnish
age: 321182
x-amz-meta-mtime: 1630565175
x-cache: HIT
x-amz-meta-ctime: 1630565175
x-amz-meta-mode: 33188
content-encoding: br
content-length: 130705
x-amz-id-2: XpmzsgzuHgxxrwZquwmvKm98IrBJzASUVW4Yx2RARRmLab7jHVFsz1avLSgjiGWXIxylAN8KEVg=
x-served-by: cache-fra19138-FRA
accept-ranges: bytes
last-modified: Thu, 02 Sep 2021 06:46:16 GMT
server: AmazonS3-br
x-timer: S1630886433.742694,VS0,VE0
etag: "ac54029cc0bfecb7af11a0dc55213e44"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-request-id: 8E1R3WXCYSKJ4RWA
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-meta-gid: 0
content-type: application/javascript
access-control-allow-headers: *
x-cache-hits: 171098

GET
H2 200 cmOsUnit.css
vidstat.taboola.com/vpaid/units/30_1_4/assets/css/ 60 KB
8 KB 23ms
22ms Stylesheet
text/css 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/units/30_1_4/assets/css/cmOsUnit.css
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.5.0/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 6e07734fe1015f88d67a257108878aed46f82946feba5973a0d306aa927ad71a

Request headers

Referer: https://www.undertheradarmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 06 Sep 2021 00:00:32 GMT
via: 1.1 varnish
age: 321182
x-amz-meta-mtime: 1630565193
x-cache: HIT
x-amz-meta-ctime: 1630565194
x-amz-meta-mode: 33188
content-encoding: br
content-length: 7972
x-amz-id-2: c7fgAZKlY2ALlEK0BaENzfYeABSRMYjvHGReiV7vZNZJZJcJ1aeIO9YXzNhbRK6ndHBWwAUvufc=
x-served-by: cache-fra19173-FRA
accept-ranges: bytes
last-modified: Thu, 02 Sep 2021 06:46:35 GMT
server: AmazonS3-br
x-timer: S1630886433.692905,VS0,VE0
etag: "ce1087477d9ed75a60ebb531908eb622"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-request-id: 8E1XRJATSQTSVAXZ
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-meta-gid: 0
content-type: text/css
access-control-allow-headers: *
x-cache-hits: 242223

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 7786 42 B
64 B 409ms
148ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst9_6_bcBNoCeLZO_wDTZ-wPRzetKcZjzShIoAPEs91XNK5JgHxy3xOCBsJqNKcmsTTM9VIufovNopWmBzpatcB2EdtMuIumNaPtx498XNJm7HLVLaX&sig=Cg0ArKJSzC0Yb9KdiZytEAE&id=lidar2&mcvt=1459&p=0,0,90,728&asp=289,533,379,1261&mtos=1459,1459,1459,1459,1459&tos=1459,0,0,0,0&v=20210901&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=3&adk=3077129767&rs=4&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1630886428845&rpt=2485&isd=0&lsd=0&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.undertheradarmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Sep 2021 00:00:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-29 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 8DD6 28 B
57 B 783ms
760ms XHR
application/json 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/9da24d97/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: application/json
X-YouTube-Utc-Offset: 120
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/6SEZ2Ei-_pY
X-YouTube-Client-Version: 1.20210901.1.0
X-YouTube-Time-Zone: Europe/Berlin
X-Goog-Visitor-Id: CgtxMmV5bzJOU3NsOCiYtNWJBg%3D%3D
X-YouTube-Ad-Signals: dt=1630886426426&flash=0&frm=2&u_tz=120&u_his=3&u_java&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug&u_nmime&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C560%2C315&vis=1&wgl=true&ca_type=image&bid=ANyPxKqpHhV8ALjbt66a6pAvdnjkJbYU_nzL240hXOqR-R5n4QKKPABRmq2SDfMa_f0Uft0y6J5H8hFG-Hfl1EziB29kh1gE8Q

Response headers

date: Mon, 06 Sep 2021 00:00:33 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0
expires: Mon, 06 Sep 2021 00:00:33 GMT

GET
H3-29 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20210831/r20110914/ Frame 1A27 23 KB
9 KB 532ms
84ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210831/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-ACsa96H1QRSmFjCtWb3_ZcS_joYxfFMiWcuLkeKCwaqujjve-7FpTGFT1sPvGQn09vgCC7H2YZDNlilvsWkzvKysxln2FbO9-ukabkmb6yDAk7k2P6_NwP5PIR27jRVRUqGqFXsvgohjaflNj-726UpEJACg&dbm_d=AKAmf-Dg60FUv4Dv0rDBomOPekDopRdEkJ154WB9g89dCAixCTdQppV7uCOZH0nDqheYjIfrDIkfTNRXLr0M5jZJyIS_UdQODGeQDjiRmSMe2ySVBi_9csQB1ssXSgf7rK1z-E8armDnoPwsj1pQMtXyJGnYuOD3lnLJK2dcBqKS07csfk7IhrfDO3J00_CW1n8_RYu4oyd6xbslFhx0VbSusbHTgoPnj_WcZzZ5vhhxOim8NXCWnq0U2tbZGbgl_HoE2uB0Zo_rBn-JCIn_kjH1QPE-9hOUNtAv3H2DFv1KIh9MFl-ByfTBkSiCWY8rWtKd6eVfu8vXXn05kirJnd_Ka0VeDXTB-xm_XWjgCoWZHV452086-W9yswnDY-ChvU4_5NTODAJSJXZjpANr0eaerTyaxmUqrPYK1Qk2ZQuqn9oRNHZddssodZ1xREhf-zsDnAYTfEczVysvCDEZA0OeMsv9A2-Opd86H9SdrAW4sZ6KJYzbKBuoJB7ISGh-asrN5xDV_Nqticx_UCNhicycEdHi8gcWRA1l31paYODhKrIW74otWgAqZgbvK3ZNpcx3uz8IjVyMl2htd8iZJIXUjhi01xY4wRK3bnwIX9a0h2HxIOH2Jk2tflcQjlWgL9mPs_RvzknaMlHpJgKP9SadQ6zGmlx0hX8oPmfHO696QrQUhZiZcA4jN_drFK8KohtkI3l1zW5g7pGAr6zIKd6KgFzIo0ZdMrqWODLDH0jzfm-9R50dGqIqeglLqHMMf1m3aIAnFdy566nGyeLpR6suCHk-XTMhDew2c9a1VGaByvHyADTzIhqj1jkVhp69WWoYuqNWXJ-jJlKTygOpJyG_JKIQOo-p7WSmccMIsuP5BdmgSn5js6895KLtzzyHiuTHbiyxt187I1PjGZoHFGywUBsVJq7iuOAQsTgcU3t7js3VJDo0uMZL_7l6onaU8R1mjayVfKE17EYRLh1O527DbJ4pnyXFIkwhTdrJGw-ELQlWlxFuZB-rC3VcPEoUWRZBlfxlUtTFvRfMA4OGdaauxG_SiTN7nt_ZGYZhnUQRwwaSWlqnk-N5NO9q2cEyCGSnY3afndZOsYdbA8tIHHZZkcPA9cDGQPX4O0APrEumN8YpC-CshniUrG1JjDvqTqHxSi4K1UL1Y9HXtsQjnF2QOMFal6wgb_4bBtExtWSETutRWjTLQoGobU_nqj0dDIhcyL4Q_lJpCRYLziPUv43tqfagA-qX9Ek_KtlpUGZXbjHKFMVNqF7Abr3heYEfYR5YNx_PBWfpZnbp2dqr7F6eBnbLGZEj5VjYCZ8yH1yp892dMcdHo102rCGZjjz1cdhQ1PFJk2sa_2kikimlmoxyQ-oHFBOx9kmA8d0pMW2MD_5MqW1FgsralSHILQGPc4POwkOfljbJ76f3pIiD68LXBwCDHcdybqEhxS5ns78Rx1DTxo96iCMjtw_Q_Q2kjlXnWctNV_LJOmUHZX4eGEJdKIVZ28Yf2dIZ6NF8IcDHVV0wIHw-iyXTT9uxYVybNLvS57gJF0pB0Jel5_9STh1UcwU12tURXVsWNVK0iqQSW9r10Kztu46r6blYM_dmpKqEtdGCoy-L0l7QkBG8I-JuNPPIHkCzApZ65DCvKiE0laNd2y-qyfxRpaPrv2Jjc9RWpzCeAT98XtcrklzZ2TCj9hBxzbLsmJSxRzio4OlePvY_xzgfSEpBl07dAxjnkMew0BUlaMyNSYNf65quBH3B_ATKEWBJngYHXajQQ-J9lm9KZjj8dieQr1HKbyeHpmThfYzHPIqzaMkCDm6c1qkLBWOX66Cn_kgld9IZz9YbmbTDslSCTIAkL9yYXb026adkbSSzzZp5i8ZrUSPYu3VfSozYtal5mn1BBhucK7q8NaDlBcaGJXKC8roMdhVrDU5GfU77kSXJtxCHC0SIOBavid77fIn5z_LqdoInBl7wfNBPYEblBXYlf_TfK6qOVwhCHcWdSKBb44Eky3fDzcRQSeZVKRPZu1WzECfxCRaIRHMgn0O0pd8JJk3G5yrJm7P7d5eTITkoVHyMb6s4WIY0jImrUUyDa_Wi3r2W9YOpK49M51yRdlhVkhwFza7mm5e3ONiMFUliRTG6ei-rAJgP5VRqd91hiPNxLjQxbi58BRimstNn8eLbEDgo9fiebJMG7vTZpr_-0G1NLxzST5Px5gTDXLjmHUOQQzm0Cp2S-VQVFwJzIruXsqfYgCva_3qIiJL4fuViYz0Oo9EIbDhtm_kRaeV86VgOpofzbLQPPspLbQsighS8ACWJwHTJZ2Lx2WgC6hLthPAwzxebhJBVXk_xUTIhj95WbPNoEUUu1OweYy8NvtH4kJHWt5koSLnhc3UWY6fOoIPGNC-sZ-EACBOe_Qa1KDQOhjA-wRzCiteCG2kk_ffSh19oT26HrbmXkFguq9xTIEe8gih_E7K9YC-GAnuy0O6Ey4Hr4S3iu-x_ad7lnzVtn7kBFz2HiUSpJfGrBbOhGzZMGDymLMV0uo9pNzjXm3f4Mtn5l7VGtjygui0A2BVfVOx4Z6zVHnNq7532NFQsePx52Cu5LA8aQjA4j3ZQUFc9YL0-OextLM8YOYUlvSX452BTggsCoCLHm3jj0g7RtafnyaPmViL8zPv_oHKerApzjCzbtxViUGzew3QhaI3HVTwqRnir4I61ngpoDe-zWAEI683L5sBHu_75Z67okeNLC1ka9K3KPtGxqdE0F0ku_bdZK1QNfo612o-rMLX9EvJ1cNTtOTVGFWL4p502ION-FlzFwv9MMfy4qsIZiCjlcvVGLpJdln1ohBB1dqfVAuz-V2jxXD1ShL6re3PFaB0cItrwgZNtysZr-OgFXqQsNx0ctHJslBok5mntgExuveNCPHYa6f5TLV0lYS_nDMNXS6KXUg_lJZqu_tvpAPR4OM8gwv7xnZaXdpZYyINSma5iiB7vsJJyLc4U7AT_HKlqn8G4D9Wp6yV8RLRzUBO_S8lHuMdKkBT3VqRnbOUz_WtLG04fdq6DRfXRHKybqUwzUMnlx5Y414QPsz_1Zl4NJnBEzv7xvtk7QiC8x_MRpFZ9EzT1s58X-KlV-ih83zHKaQyrU9NZ2hOel63A5GvniB-H2SniyKwqUZRTW1-X9fYsGo7Dp77ahkNrnNBNJ_7ch1JkvUzGT9Lq8ijnCG3WZv5RNUanGQEvyIL-F9u0&cid=CAASFeRovXAv6dEMpwxAOgGVTidgFXoACg&rfl=1%2Chttps%253A%252F%252Fwww.undertheradarmag.com%252F%240

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5738c733f2f7b04e67edebebb67f01a2022d611ce73cbbf9ac15aa8186c6613e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dd97950f1a8a919d39db5fcf83f03a78.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 05 Sep 2021 23:29:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1865
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9263
x-xss-protection: 0
server: cafe
etag: 16747441857000454541
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 19 Sep 2021 23:29:28 GMT

GET
H3-29 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20210831/r20110914/elements/html/ Frame 1A27 8 KB
3 KB 669ms
115ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210831/r20110914/elements/html/omrhp.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dd97950f1a8a919d39db5fcf83f03a78.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 05 Sep 2021 23:38:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1351
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3124
x-xss-protection: 0
server: cafe
etag: 4537136162986801320
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 19 Sep 2021 23:38:02 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 1A27 0
61 B 1690ms
83ms Ping
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvQg5sEP7nMk5T8GdZ2Sq4TCu18lNnpNHG9yRcFdEqm9-L4a-QYp-6cX9XnjKbp2rKRZEt1Ov-k0bWz3_8WRaq6fnFu6pRX_W22p_S4pFpwe1Tjhrz2dSM90uUo81jk0vfpBFkM9oY8nAtbZoqEvs2I7PVsSBlg7inlJBBFV3axDOxJUaZtDzyAGfiCr_2ecpxE7rNcYEiXNXXXOD2xVAogHV-ZUFm0PVtr8r4PKdYj3MoMgQ6xYbQ3CfqjbDGpILM944EvlwrWM9fS6-0BEPehzyWthKF_NJjkG3DWWGS0hLDtYKlK3C4zcZxvAhT23lgODlVTi6wOjZWpy_hoDj7mPRvVLsaipQS0NzwxMsarB5uIHKiiiur7_SrOl2Q5K9eXqeLtDEOImwMD1sX3oHBzYGuibbmf50qK5HqNEX05rQv975jWJlRYu0WtHaedkdbsgkOZLaC1p69XpVugZ4qncNNeixjPqjn-R1kEKssz6LtoggFf31-oW1K3isHES9ECpjW5m_p7dRpigijl0GEREGEkqthmmU22Ejq8WDZ2mMyGMRgH-gQHTxbKHehOFBTs3tOtX7dmMx1bC_OKf1cDM9LS78wQFTYvdA2yNfzNYAW6uC6grnQ3A8REhrlcBTMwdgmNfsys-94f9Jv9BCYfsa122KsKHADxSIxjBuiAegFJ8sRGrIAACgDVMpTjvPn9wwjJOkT0PmXUXeuBaUIvN9cCMEIWL5PE0ZBqlXwOmpHdgM-MbYVmVI_HHmi6r-65c1KHcSMcgEo1mXVG6sSU7udzMEPq5hYjXLaXlAGOLbkLmg6Q3c85d5jQlTRYcdJxRBhhqu7HznuigRERkHIrPsOyvcynYsRXY0UT2ElJMk5_Xb8lsMt-1yTsHVLGMFEdU8p-Ebh9mxvT7ICzm17mezOxuoIBGo-hot8z_CV-x5tOkAHOnj5wRbGk3033RzHkMdpTRnIFlgMfcI-nfG7_n-Ekoly3fAvzKxrXrH18IHPVTu4Vv--wUGjbYf5TAO8fIBfJRGfEL7T2ccie8EUpuC_SYZukatwG1ZAILuuaeQOBzOP7scO79FPtLz2NLlwrSLt7RGCJXrSe35TelCV0xcU_ev4eMAaclp3a1ASwjHK84-k2fFC85BAQaQd5waDjERw8tP1xT96CY2bQJQ&sai=AMfl-YS98Es2GV3VqZdL8xpw3CAT6itp9Lo1o_hWmUR8OLUFAtuKneJvzdAkFFwkRt4Pw9RxmK_7HvunBlSqnE9bOPgYajlZeBcLmPJgKoEGEVbFHzWXVBVe6kNqrk-1u_hMILoDIHkcmSHfkBMKq21HAnczlQXGKVtopugAqG8&sig=Cg0ArKJSzD8rx0s0kRk4EAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=9&cbvp=1&cstd=0&cisv=r20210831.90259&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dd97950f1a8a919d39db5fcf83f03a78.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Mon, 06 Sep 2021 00:00:35 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 1A27 41 KB
15 KB 674ms
120ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dd97950f1a8a919d39db5fcf83f03a78.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 05 Sep 2021 10:19:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 49240
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 05 Sep 2022 10:19:53 GMT

GET
H2 200 15794-MP_NL_Interim_Display_Campaign_Images_DISPLAY-EN-02_160x600.jpg
s0.2mdn.net/9658841/ Frame 1A27 46 KB
46 KB 640ms
0ms Image
image/jpeg 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9658841/15794-MP_NL_Interim_Display_Campaign_Images_DISPLAY-EN-02_160x600.jpg

Requested by

Host: dd97950f1a8a919d39db5fcf83f03a78.safeframe.googlesyndication.com
URL: https://dd97950f1a8a919d39db5fcf83f03a78.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d733f1f2979d33637d408672d8971694c25fab5c367628efb5a79871c3cc2a26

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dd97950f1a8a919d39db5fcf83f03a78.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 05 Sep 2021 20:44:54 GMT
x-content-type-options: nosniff
last-modified: Thu, 19 Aug 2021 08:24:41 GMT
server: sffe
age: 11739
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46787
x-xss-protection: 0
expires: Mon, 06 Sep 2021 20:44:54 GMT

GET
H3-29 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20210831/r20110914/ Frame C38C 23 KB
9 KB 537ms
92ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210831/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AojnN71BzfLUgPf4BkuLD_x2nQxUO-DBwJVdkVItMLpBo6Uhog-SxFzM8pkulVNjbeIIqO1xsTZTREop1-7D6xvUjvxenSMxOZuhbcYPrQh7_Ef-q8OZfxbifoWsgmx2xoOs0OimdavBmWfVINxLm_l-NEXg&cry=1&dbm_d=AKAmf-Aw2sLbS2LlW4RzZ_7pseFLR57T4G0iFWHuKodKSuKpsXFvF05m-UcnELU01o1ysx5XUMYH4ymdq1L-Ix4rQz_ApDhrVW-8fFX2kd7V4Ihtm6ZhGaifAo37YlbJIxyg1Pze1nCSvLHtl1VvKxgZcTX5NhLKhtv2iPAfTMN63cVHY9n4q0VQ-2s_WMcbJu63B6wAz7nQMonFpCRkvTp2ZnKHKd_KRVCkYDytu69qOEWMtuTvNGhteRsFPCFJSlA7UEubuDh3zGO2FVJPLGKDp4shdpZTTgekDv7gEYNE6H_ZbIZZet9SZ_iLQH6PEnsce4SdcQiS2uIZYaqMygaz0L6viKmE3UiiMRGygTXgQFty7M0iKB1_tavi2byy6Z65rHxcvD6TPsUhGssD-LIO6aRjS5ijioO2eTT9v4ltD_xsnJbZU7Q4P2yQOt1uuFezY9IIjpepoco3VE_KCp5a5BwuXuCHbaSBZTL_EVfdQ3G5PWbTvjIz4kjywf0V0xJtwjLjhY84zh7Oe7G-sbTUwwI1kufkhkma_5lxLc7FgPSEAb77fuOvk-bHWUQrC42QSHRUtQVMpDCRdE_c2So41D-YrN_3xu07K7etPWccPvsLWrThLBXaAuSElenea8PNYmxN3k5NYQ32mrceizYyMwYektMJOpTZSPONU32kmZiYJCY-C0fO9LXzON718dTUHmxLsLp6Uu5clFYA-YHkAPqdnJdc3y8txI2GvM64XFA8pK0lDAVmBT_ZWC_OzAMrEAxJLvx7h4fpfGT81S07CLYpGlIst272waKjb8uUM1Ssc7uEvxte18UnQhc5C6_0t-mx0OjdO7bTmrGavkyWD4Sr63WP9zBDjQ9J98l0F5spc-BohA0nPHGqSIXmhj2ZWnw0Om03tI3eV_bwpOj5eg4lvu4xYd9vbTeOU_ockuHQc2Qkywme1jYG_lifdt_npf0r_Y56CcsOrKikjD-xpvrTH2QjnHQjm9UBnllvTU9B83CpG5JHcxFNpV5xNCYE7sGveOrK8nDJEY_OK4gFzeppy3_QeoE4JIGedqlor__eXYQHkery62IeQ3LT6KHRVuqHJ-25fuZrou10qLk6KjkXuUjlaMtkqeGqqymmQE_BarPj_rDU-9e4aA2zFcaHNiII3mPWUPSDQ_6xfyV7zWCDgFP-QSSN4qcKj5-iUIZb8ZW3_0EDi1emg3DPc0dHMFb8LGlQEnMZmA7v6r1bM8YcyzliFdNGyNeshN7pwU55mL5xhmZTWQyjK12kG2IlMzR78QAuPklNYIqeBIuNr07AfxtLeGWpeELKAZG3Gk6h8HUNjAMyYJEGsvKQ72DTlIe-PjHPsjrinlF9yfg0u9WAZIuMzG0gdIzOwHKCC22BqEqGEvFtIeFhWZyG5XGgIZ8s4QVptQwyouVeCRWTvRjA336HCunv9cV5d6SPu9-LIZv1PEoz24P0yCgQK4k38-bLco6eAGWEMl79UQN8mh2pbcN_uOQ8leLpkHBzNWLAhETAjo1xpXMiAxCTA4nQQsCoruDHS3ekrzg3EuDRQLcPCcETU9Ay7YmkFEg3I0iwoJd26uV0c5zFvWNNAjW9PZv7Kft2cbjw4apoO6EQ5Fa-PNh5mSzPm6f7xwItT4LOCmjtf-kv6317d5FN8Z1piS5Bw3E7N4J86DhKW10BF22H3I6qgZ0dT-LILPf_7qnVBAGGOLoQxzqL5YWw3JySqHKn4i2JcIQeVeAAMVXLR2E_rZKQLd235LaHT6yn4EZol7lElNg8eLzAK7N8Fny6ME4JJzQ4oGp9xhdidHaYLTuiRkBd2YFHgwKSJWUEwB7wYUVCGulwyJxib3CndrwNYX1lTSJYihnoEmj7OAd3csfAJ6_EfIgblehFPDDMmHTBYPJVCHhtMahAt-yRHSYbBZ15lqgQ0wjRa9sFSeQO9BlZDQGyryOH4nNHlMIheGO1UdiZeYgxddtbLkUrlFk7UpBMvlYqk1KoMd4UPB1F15shM2CeAgahJh2Uyavvk7zd9_NJ86UhkVqfXiTNp6ivw8ZTNP17bZurj-mAPtiQuLDgfVKYmSICs_0wE6GHWB1e3S7t3AnFwYiL-c5WPCLT8Xu-zgs9XhxnwWt0I3rdXKja_xbgdSWm9f9_Y4L5wg2kXZg8UFXrsLci0_OfwnGxZTcuOENsQgPNGDoBAaxydp1yycuVJT7P0gWnzvS4KMyONcY0MIC7HGSylaFsHVHZVYNtNCfN-t1wS-Tgn60lH0ZES4RAX7q-EIEuvW0Kvgs8Omtx4INgd_0MwikwBrPJ_OQCEecyXUUNBZTrNyOws3DvtmtD849LV2DyZpItpCY_R9kqzZT72ekfS9nKFq4sJGtXAcmWNYtccNvW1G0fkz7AVvrx_y-qmHB91moHhPTugm59oY8WXI2rJXxWsc59V7SWq-jfOFklx-8ckURID9-K6B8vx30ifiWcAyNnVlDSNg8ElQ57y1mrVhx4xNdGN3lTLpZBmpo_b7Tomv9bMvio9JSwTaJn0Wlgn1Er-LpN-lIR0l62rXiiGICoaj-N-Uv8qTZHU3ybckxg_BXj-Jp673lNRMKyZeti9HMmTuKGUjvJIIAaMr6AjSlnDRa0UhmLyBzGUqLF91t_HYlPeG7Dk0zWOSaM09oz8z7HWOwUdxbCt7myWLJSTvyEBPeJxqapqxs0Skyd5VXX2aEbM-8ylD0mtK_kzlI9Avv9mfXA-A_PtXTevw8iFfe3WUGvrXPDljJaeE-tOYca5IMtb6It_l27aL-bISxcAg5dozThRknRkKt_i7dQZedyoGHndDvvavbsXeS4lNOVgMLrv8bsSut-oT8o5Ms_XhUMoX0NPt-hc_vsQUYb_-51IZoATS1P5um5xJfIOvvNo7gNrtzlymFDCzgGbuUKd0q08-6bNU3NIcG8NTTuohRxaS_CUhBElECd_ofaj7KLXqxnEz86ZHXg-oBuaiQMEgZ7uF9dVCONvxERg6XCG0RoqqjyNRQxlIlto4riD1sQauQ6sAv9saxVcoNd2KJGKSX1v1lKL0XJMK_b7iAa7vpXFcXbJsZdbzqE32vg-iDd0_I6oqxS-BSdUKOsvGEBmwLSCg_qV1l6nVgivD6OFyRhVaq16MPe2g9PViiyFojFGMxJzrF04euINsvcuUrnCdfn3qL2YGTN05g&cid=CAASFeRokUELHibDCAp6Gjl3MOYpBCCs7Q&rfl=1%2Chttps%253A%252F%252Fwww.undertheradarmag.com%252F%240

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5738c733f2f7b04e67edebebb67f01a2022d611ce73cbbf9ac15aa8186c6613e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dd97950f1a8a919d39db5fcf83f03a78.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 05 Sep 2021 23:29:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1865
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9263
x-xss-protection: 0
server: cafe
etag: 16747441857000454541
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 19 Sep 2021 23:29:28 GMT

GET
H3-29 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame C38C 41 KB
15 KB 619ms
165ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dd97950f1a8a919d39db5fcf83f03a78.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 05 Sep 2021 10:19:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 49240
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 05 Sep 2022 10:19:53 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_273.js Show response
s0.2mdn.net/879366/ Frame 63CD 114 KB
40 KB 690ms
0ms Script
text/javascript 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_273.js

Requested by

Host: www.undertheradarmag.com
URL: https://www.undertheradarmag.com/news/premiere_enn_debut_new_video_for_catalyst

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2bc98b5956d216197013af35c909aa49d3aa7c26b48de9e9930eb4bd6b846391

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://dd97950f1a8a919d39db5fcf83f03a78.safeframe.googlesyndication.com
Referer: https://dd97950f1a8a919d39db5fcf83f03a78.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 05 Sep 2021 19:06:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 17624
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40185
x-xss-protection: 0
last-modified: Wed, 30 Jun 2021 20:54:50 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 06 Sep 2021 19:06:49 GMT

GET
H3-29 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20210831/r20110914/elements/html/ Frame 63CD 8 KB
3 KB 572ms
120ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210831/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CfpkDArJfBM5RipCrCHRcToP3oRPn9IR4MeCN3MhrslQ77ImKDyuC17tkuhYTionRMVnAmeMZ7VM9fO88yLm4QjAanMyGIh-FrOtF8MoGTx6Y-IIVRdMcc4HQJUcMolQgCR9MH0jfklTxXq5_toZXNYr6eKA&dbm_d=AKAmf-C9hp3w1m-_I2zndj3cXAXaeyYNojt4YH9v5XcEUSK9V9DxyETUg0hqe9x8U5bd-3Plz_ZGLebZRYBQIzHksAYxly2Ioah1CJPghV2EAYV6AXHLvIbBaLbqHme87ZHhEJoI-NRYq0mx0SSong4VtazvJD9KvbwZ6P1JuQsjaFnh1ZbQzwx8bIuIaoJWspPbFGnEwcjpYdEeTSjXkTRP2PiItxb21Joz5Tt0IGbPUikNvfPo38qNNWQkl6R_ButDR5l1IitSwgRv1qWkSXZDGNtAawnx8Da3riEu7ZGb53xJSSkRUhtcAH8_nPp92KCD4URKgZP9GoMlFLe-ArUTG785_KqEReu3WLtW_KmjyQw4W42U1PLsVfFn2l08-2urwprW3b8D_Kr7k2NgJjZe2miqMav0O94aJZLE6Yv7aBYhF9kWMX5kQJWiBjywI6VWTf2DQYt-p9VLYjLKu1ri-D5MYPeutM8vz2mtJAcX4Vo1bqzmRA93nhtfWL7YUww4nL8WX1VVdcNR4yzCJsi0u3ISR_9f2_Rw96dGbPJyRmZ-2t9t2mlXaTe-X6DIjOUcWOPFoUAJXB6tBfRyGv3oUtqk8HnGVk0dYnpYKOK6f3Ug9R2NVx72Yb4QK18IpBG-hZvIC1zyogqFJLIEljqJSpqQB1sZkG7mI3jg2YfkeUpiVjZVtpHEkgIhRtmc53Am4Pj00QZnPXtbj7VqVp5iJevZH_2FDQcdQS-w8-fFAJgpjFGzvJ1grnw-u7nw_GVPur1eoOohgroG5aYU2SnNn9-cv0IgjhXC8G137oyMcOZrtS2zWU8KEv5UAX77LGer0JQiKpyMASuLRhYKDoOr_Tk2gxYBA2U9s5_lJHIYIzAPePN44l5mpKq8Z2GSIIZJjysoEREs3p3IRjCUsIKQpSf2U2widrX7TtXDXUYHpIPQJkW3HNvj-UuPCm-91MP7KYXhyssuBgD1Z6Ptmx_2cNBFDAUWfYMLG6aT6-0PxqBJnDmYQkwhFE_wQuiSCcoKRATnav2NJMEklPEtx8YvfeU2E2o_d_wn2HAPqu0d1Z7ALcKPLffhq27oEg_CQP2PZV4GZ6YPat55mj3R1VbZZZfjnZslqKDih9OUIwgLaJ2fg7vyUKkszgXVUm5dmVa7l42RaNckupOq9n7gy3c0N3i356YxDupt3M0qTOpLBvry0T2VdbxkEbmEAhuhH086rGOxspuZJeSkCYYcQRmyP51wxXRCncSF_yYR6_rsSm14ignUOgpyAG7bdt-qv83AoY_ffIQf2Tf6IfNlrHyqp2acLznO3KQhaqMOwDT__BJmVI-BNNPqJEFylcJWJwt5u2In4sTN626EyYLipBjcUQ6_xsEp7Se9dUr5DW37MjFLtt_bEnyk7jYhaPm_S_NUsv4A_HlDBN0qZe-ccYPiZ1irwJUP-414_cFE2uGmsOpqgcNugxA2ZIr4sdYWINe9cjCgeAACZzPu6YXVcBIGFSJfzV6Ydd-m8MGthBjzTGWZ3EmXxf3Y1FNfsRYLiVn4gfLHutIgMK4H5yFqK35QWKfQU6wra1tI1dD-aAj2c94g9kTZ-YjUqVdzZsDq2VeFFw3Tc1OSfpbM94I_hJ0x6zCFnhrx0qGOVaod9pLCB6KlYKTT_iehFYDmvTh1J7dWZ7OtbaOeoUFtCBbAb1ElxP7CnmT_M47TGoSEgogJCQrggezmK8mbw3DmdPVMjheI6iP0u3Qx2AVz8COunOoLgcMi4wvpM9CAZdKz71DDIOt1FPgJ9C8sI4gMu6dbDA46MZDidO2S_4xXSKeGZTKYXrO1jgMGDtTn-hnae0tCAQZHoHjVaqrmQPiPhj401r6Ve2QAJhbN22ebZvXiSlF5vg3nlLsRAKWfc1V71V5KLjtqxxeDvBD2F5D6kU_gv_E3G5_SMqb49ShpsHtR_RIIYV_VoN6MIW5o7WF9-Dcrn57e77iqwQyT2H1sgt2hC0nfdnXK-eBMAtHOrmboFIWcEF4Pjbw1cO_asaWUmKzlAqCi1t_JbLvqIWHFErNG06VE9_Oa4PxzhPq4uGUN7HlStEbnbREbA62VDhT4udLCy59zr1KzE_rYWz_7SAuOCyn6Lf2nqq6H1X71lbgPcSYNbsXjQSddJM-7ZZ4UzVlXKWInL4WlHEgg8_tTp2YBJAoKhaCJPzoFL6MFoOrHK_VXFyLN_TDbirlYfvV7neMLcHXYIHAcl16xsxhAwmrFWuwWlfkxtYex7coVyZkgjEkCftNSEI_YHH1ontuY3nVAuG4nAMH0Hm7X7lEWRIMYZ-rB8Nx3gD-p3bnpLq39_nj9WcbZzBa0bMZxklCxoLw0OYihcnPUu9Q49ghDy9jUkyHacHs2-xJ2Ea_5Tv1uvKNzIfJW5-VepjrsMOSwSeI28V_diin2odO9loe-Y4YDixGfpVytGC9Dz3bS9G1Pq-sUHsdD0Lt_T7QT5M4Q8zNqrysgBrUL-sG1SzXh02LR9bDz_NTjVMHKRQDLrsl3B37b_6xqFxJfT8l7KHaCBBDFzXm7jkOtforMVJZDIf5bLt6f64sKX0WJe0M6vpPkgWTA7mn5JvvtA_JERhB4Hl-Ux2wxAWY5nO-f_biMl9Jy-5SXQ0yyet7SxwCbO6BXmcDZI1jvJBqyjJ2E5Ap4AZNlCl-ZVcZ_1KGuCrIqlKBL_sD4lXqw_dyFvcMUne_atqzmywC7dTCDr84wJhmuTnLIrSNCYPmP44Zgf9iP7ACoa8yJeOz4CZOJtdCAbZu9_q3dV8FlAeqYB2cy1aDIMPm46Kywi92krZJI91KH6r1a8SSPlbMpEEFtqhwj8nLMHsvJDXp69Y-vUQ0HJ79pOif5fEQgAb1wBBesVCXB7ghn7dyaTFMkRNrnurE_UGsihzJ0p4zdbOlM-DAwj1gNttlReHdawOchtsDxA0WDF8laBYRN8acMl2NgEcZUAmAZuRvMkyivHlKyJu4Jn5bK7R5tpAlGh5Y3aVGyBRUQXDUG-me-E7_jdSQqHXP2wHcseHFXvdlyifuD8dLf5Wix4ISsLA79yrTdBwYvVpfRXbuy_d4iGoc7NrswjFfUSptotN7i3I-hJypCylH7g9XWOY-uXiSSeRL2xXIP9zu6-j4cH7bPGyrlDDACTW5QkOWcgpsyszp60KSSvkV0yO2iU5tToMmn9-TLtQl0vyy6VuiM7TwmKJcm8S4A&cid=CAASFeRowoQ0sNRn_82tAOiCFNQ4TX_r1A&rfl=1%2Chttps%253A%252F%252Fwww.undertheradarmag.com%252F%240

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dd97950f1a8a919d39db5fcf83f03a78.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 05 Sep 2021 23:38:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1351
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3124
x-xss-protection: 0
server: cafe
etag: 4537136162986801320
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 19 Sep 2021 23:38:02 GMT

GET
H3-29 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20210831/r20110914/ Frame 63CD 23 KB
9 KB 371ms
102ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210831/r20110914/abg_lite.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5738c733f2f7b04e67edebebb67f01a2022d611ce73cbbf9ac15aa8186c6613e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dd97950f1a8a919d39db5fcf83f03a78.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 05 Sep 2021 23:29:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1865
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9263
x-xss-protection: 0
server: cafe
etag: 16747441857000454541
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 19 Sep 2021 23:29:28 GMT

GET
DATA 200
OK truncated
/ Frame FDD2 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 93c64ef4715871c32bfbfae90241fc80a2381b1b9525295f01645dbe7803ae5e

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v15/ Frame FDD2 20 KB
20 KB 376ms
69ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v15/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

475700259e64d480d1a70023e14741bb298a025e338bb608552e2472d4505a65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://dd97950f1a8a919d39db5fcf83f03a78.safeframe.googlesyndication.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 05 Sep 2021 14:27:55 GMT
x-content-type-options: nosniff
age: 34358
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20900
x-xss-protection: 0
last-modified: Mon, 19 Apr 2021 22:53:16 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 05 Sep 2022 14:27:55 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 8184
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKbWWqxVF4gx9gtDuVRDswg&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKbWWqxVF4gx9gtDuVRDswg&google_cver=1&C=1

43 B
1014 B

33ms
31ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKbWWqxVF4gx9gtDuVRDswg&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLb2ugIQprG8AhiLx82yATAB&v=APEucNXvf4miklWajBg53HjduLfiBHNMFV9jsioDBHBysWrJMtHeg5Gkv7MBRXyaPzNexpzack9x3HndG0Iv8Rt-JPTIV3yVNzJS2P3OfHNqD0p9XLr2KPnJyD6yvVljDqIBEEx8RMCbl7uoBonOrakR2B3l1Cb0jNwxE_X3gArfpyrotiGkqYA
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 06 Sep 2021 00:00:35 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 06 Sep 2021 00:00:35 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 06 Sep 2021 00:00:35 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKbWWqxVF4gx9gtDuVRDswg&google_cver=1&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 308
Expires: Mon, 06 Sep 2021 00:00:35 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 8184
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YTVaIwIiGbEkGsvVuA33tQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKbWWqxVF4gx9gtDuVRDswg&google_cver=1

43 B
894 B

36ms
35ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKbWWqxVF4gx9gtDuVRDswg&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLb2ugIQprG8AhiLx82yATAB&v=APEucNXvf4miklWajBg53HjduLfiBHNMFV9jsioDBHBysWrJMtHeg5Gkv7MBRXyaPzNexpzack9x3HndG0Iv8Rt-JPTIV3yVNzJS2P3OfHNqD0p9XLr2KPnJyD6yvVljDqIBEEx8RMCbl7uoBonOrakR2B3l1Cb0jNwxE_X3gArfpyrotiGkqYA
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 06 Sep 2021 00:00:35 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 06 Sep 2021 00:00:35 GMT

Redirect headers

pragma: no-cache
date: Mon, 06 Sep 2021 00:00:35 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKbWWqxVF4gx9gtDuVRDswg&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 8184
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEIG1s3UmINOcdJb8LYchyIY&google_cver=1

43 B
1000 B

50ms
22ms

Image
image/gif

185.33.220.100
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEIG1s3UmINOcdJb8LYchyIY&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLb2ugIQprG8AhiLx82yATAB&v=APEucNXvf4miklWajBg53HjduLfiBHNMFV9jsioDBHBysWrJMtHeg5Gkv7MBRXyaPzNexpzack9x3HndG0Iv8Rt-JPTIV3yVNzJS2P3OfHNqD0p9XLr2KPnJyD6yvVljDqIBEEx8RMCbl7uoBonOrakR2B3l1Cb0jNwxE_X3gArfpyrotiGkqYA

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.100 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

399.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 06 Sep 2021 00:00:34 GMT
X-Proxy-Origin: 159.48.55.4; 159.48.55.4; 399.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 9363cdf7-da5e-4ead-8f73-73f00bea8e2d
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 06 Sep 2021 00:00:34 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEIG1s3UmINOcdJb8LYchyIY&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 8184
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTA0MjE5ODA1ODU4NDAyMTc0NA%3D%3D

170 B
188 B

36ms
34ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTA0MjE5ODA1ODU4NDAyMTc0NA%3D%3D

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Sep 2021 00:00:34 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 06 Sep 2021 00:00:34 GMT
X-Proxy-Origin: 159.48.55.4; 159.48.55.4; 399.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: df5626ff-e1c9-4195-ab9d-782b26750bc4
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTA0MjE5ODA1ODU4NDAyMTc0NA%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 6EB5 70 B
265 B 1727ms
34ms Image
image/gif 13.248.242.197
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by: Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=7997047&crid=5479985&dast=V7f9ACFgMIKlgGtjzDhwQIKlgGtjzDhwUAAAAGBvQHGsHYTZaD0W5D2S2Gg8FuMpttJovlcrYbAkcwdpPlYLTbUHaL4WCwm6wWk9VuORyNhqMpfBjLZTKoBRKW2e87KCinp8fsMoiKrrfF7nCaPW94QtPp8Lnu9brf7666m1yW09FleZgclrfDZ9f43X65y_f5Cy4vt9Nleflbdru_5LK4Tv-6y_evPU0uv7_mt_w7DtPD7Pyc7gAAAADwADDlGQPxAwgAEAEAAAAgAQAAAEARUPFvIXABAAAAgAFwoFehAUDJcYAOh-XscvsDAOBBAQQAQACDBECAM7AEYENz8QQAAAAAAAAAgOX___8_BkDP4E4GIIQvswfgwQfggaigsogRAAAAwCfMDcHRpE6oLKoAAAjSrQCuAAAC9nDP8G3DAAAABMYW6GHx-80Ou8bvdhkAAAAAAAAAgNn_2T-aUJReeBrQ5LWC2i8gAMDaLyAAAJu6AQC8CcAFHUErBoPVBcTsAAAAAO7-____9UBqtBy5bMaZZWXaDIcT22azWM4WlsXKOVvMXLOJ9wxpp1otxIrx-0KEZfb7DgrK6ekxuwyiouttsTucZs9BfNAwLCeDYH4TthitJpPNcjhbLiaD4Wg4Gu1PICcDnIjBcjmZLCa71Wg12gx3o9lggQIxmCBFiwaT1Wg0WUyGq9FkNVsudrsNUrRqNRttBsPVbDLb7VbDwXA5GuGELUaryWSzHM6Wi8lgOBqORkOEEc9s4zDsNm7dwuJci2bGyVo58RjWGt_GOVxOXDbjbuUWvT6m42RlsjkXXhQMSNqL4CKdqO4ml-V0dFkeJoflIpZoThbpRHbZt0bLkctmnFlWps1wOLFtNovlbGFZrJyzxcw1m_grntnGYdht3LqFxbkWzYyTtXLiMaw1vo1zuJy4bMbdyi16fUzHycpkcy78jdlmMBzORpPZvjHbDIbD2Wgy23foDN_V52wUB8Xljk6s3I173pj5oHAZLN7f0SKN3Xozo8o2tlhUt2HON7EK_X6_3-_3-_1-v3djNngMBsPQmRBNp9bXTxsWfzfeg0ERSwSni3QiehlPF7FE8rRIJ6rhajVbjZwzw2iz2ngWrsFqZjFONjOLzbRyLScWsURpukgnernL9_kLLi-302V5-Vt2u7_ksrhO_7rL9689TS6_v-a3_DsO08Ps_Jwu6j8uxGo5Fw3nqtVctEoAAAAAAAAAAEuYM28CAAAAcBrEbrHY7JYL8PAHrwsMAgAAAAAAsLvCppm_mtw_UNz4cUPdTS7L6eiyPEwOy5k3eyaItVotawAAAAFsAACAAG7dvAWcSHI!&cmcv=&pix=undefined&cb=1630886431133&uv=3014&tms=1630886431133&abt=aat1_vA!adh5c-1_vA!smbs!spa2_vA!t45!ufm_vD!vzr_vB&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=A1729047C27180072663219967&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a97adde81b00f2ca4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Sep 2021 00:00:35 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 sync
taboola-supply-partners.tremorhub.com/ Frame 6EB5 43 B
183 B 1742ms
100ms Image
image/gif 2600:1f18:612b:4232:edc2:aa62:52b8:50a9
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://taboola-supply-partners.tremorhub.com/sync?UISTB=%3CtaboolaUserId%3E&gdpr=1&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26taboola_hm%3D%5BTVUSER_ID%5D%26orig%3Dvideo
Requested by: Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=7997047&crid=5479985&dast=V7f9ACFgMIKlgGtjzDhwQIKlgGtjzDhwUAAAAGBvQHGsHYTZaD0W5D2S2Gg8FuMpttJovlcrYbAkcwdpPlYLTbUHaL4WCwm6wWk9VuORyNhqMpfBjLZTKoBRKW2e87KCinp8fsMoiKrrfF7nCaPW94QtPp8Lnu9brf7666m1yW09FleZgclrfDZ9f43X65y_f5Cy4vt9Nleflbdru_5LK4Tv-6y_evPU0uv7_mt_w7DtPD7Pyc7gAAAADwADDlGQPxAwgAEAEAAAAgAQAAAEARUPFvIXABAAAAgAFwoFehAUDJcYAOh-XscvsDAOBBAQQAQACDBECAM7AEYENz8QQAAAAAAAAAgOX___8_BkDP4E4GIIQvswfgwQfggaigsogRAAAAwCfMDcHRpE6oLKoAAAjSrQCuAAAC9nDP8G3DAAAABMYW6GHx-80Ou8bvdhkAAAAAAAAAgNn_2T-aUJReeBrQ5LWC2i8gAMDaLyAAAJu6AQC8CcAFHUErBoPVBcTsAAAAAO7-____9UBqtBy5bMaZZWXaDIcT22azWM4WlsXKOVvMXLOJ9wxpp1otxIrx-0KEZfb7DgrK6ekxuwyiouttsTucZs9BfNAwLCeDYH4TthitJpPNcjhbLiaD4Wg4Gu1PICcDnIjBcjmZLCa71Wg12gx3o9lggQIxmCBFiwaT1Wg0WUyGq9FkNVsudrsNUrRqNRttBsPVbDLb7VbDwXA5GuGELUaryWSzHM6Wi8lgOBqORkOEEc9s4zDsNm7dwuJci2bGyVo58RjWGt_GOVxOXDbjbuUWvT6m42RlsjkXXhQMSNqL4CKdqO4ml-V0dFkeJoflIpZoThbpRHbZt0bLkctmnFlWps1wOLFtNovlbGFZrJyzxcw1m_grntnGYdht3LqFxbkWzYyTtXLiMaw1vo1zuJy4bMbdyi16fUzHycpkcy78jdlmMBzORpPZvjHbDIbD2Wgy23foDN_V52wUB8Xljk6s3I173pj5oHAZLN7f0SKN3Xozo8o2tlhUt2HON7EK_X6_3-_3-_1-v3djNngMBsPQmRBNp9bXTxsWfzfeg0ERSwSni3QiehlPF7FE8rRIJ6rhajVbjZwzw2iz2ngWrsFqZjFONjOLzbRyLScWsURpukgnernL9_kLLi-302V5-Vt2u7_ksrhO_7rL9689TS6_v-a3_DsO08Ps_Jwu6j8uxGo5Fw3nqtVctEoAAAAAAAAAAEuYM28CAAAAcBrEbrHY7JYL8PAHrwsMAgAAAAAAsLvCppm_mtw_UNz4cUPdTS7L6eiyPEwOy5k3eyaItVotawAAAAFsAACAAG7dvAWcSHI!&cmcv=&pix=undefined&cb=1630886431133&uv=3014&tms=1630886431133&abt=aat1_vA!adh5c-1_vA!smbs!spa2_vA!t45!ufm_vD!vzr_vB&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=A1729047C27180072663219967&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4232:edc2:aa62:52b8:50a9 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 06 Sep 2021 00:00:35 GMT
server: Apache-Coyote/1.1
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type: image/gif

GET
H2

200

rtb-h Show response
sync-t1.taboola.com/sg/spotx-rtb-network/1/ Frame 6EB5
Redirect Chain

https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=755b1a9b-0ea5-11ec-ac43-124172220106&orig=video&us_privacy=1---gdpr=1&

0
230 B

69ms
20ms

Script
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=755b1a9b-0ea5-11ec-ac43-124172220106&orig=video&us_privacy=1---gdpr=1&
Requested by: Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=7997047&crid=5479985&dast=V7f9ACFgMIKlgGtjzDhwQIKlgGtjzDhwUAAAAGBvQHGsHYTZaD0W5D2S2Gg8FuMpttJovlcrYbAkcwdpPlYLTbUHaL4WCwm6wWk9VuORyNhqMpfBjLZTKoBRKW2e87KCinp8fsMoiKrrfF7nCaPW94QtPp8Lnu9brf7666m1yW09FleZgclrfDZ9f43X65y_f5Cy4vt9Nleflbdru_5LK4Tv-6y_evPU0uv7_mt_w7DtPD7Pyc7gAAAADwADDlGQPxAwgAEAEAAAAgAQAAAEARUPFvIXABAAAAgAFwoFehAUDJcYAOh-XscvsDAOBBAQQAQACDBECAM7AEYENz8QQAAAAAAAAAgOX___8_BkDP4E4GIIQvswfgwQfggaigsogRAAAAwCfMDcHRpE6oLKoAAAjSrQCuAAAC9nDP8G3DAAAABMYW6GHx-80Ou8bvdhkAAAAAAAAAgNn_2T-aUJReeBrQ5LWC2i8gAMDaLyAAAJu6AQC8CcAFHUErBoPVBcTsAAAAAO7-____9UBqtBy5bMaZZWXaDIcT22azWM4WlsXKOVvMXLOJ9wxpp1otxIrx-0KEZfb7DgrK6ekxuwyiouttsTucZs9BfNAwLCeDYH4TthitJpPNcjhbLiaD4Wg4Gu1PICcDnIjBcjmZLCa71Wg12gx3o9lggQIxmCBFiwaT1Wg0WUyGq9FkNVsudrsNUrRqNRttBsPVbDLb7VbDwXA5GuGELUaryWSzHM6Wi8lgOBqORkOEEc9s4zDsNm7dwuJci2bGyVo58RjWGt_GOVxOXDbjbuUWvT6m42RlsjkXXhQMSNqL4CKdqO4ml-V0dFkeJoflIpZoThbpRHbZt0bLkctmnFlWps1wOLFtNovlbGFZrJyzxcw1m_grntnGYdht3LqFxbkWzYyTtXLiMaw1vo1zuJy4bMbdyi16fUzHycpkcy78jdlmMBzORpPZvjHbDIbD2Wgy23foDN_V52wUB8Xljk6s3I173pj5oHAZLN7f0SKN3Xozo8o2tlhUt2HON7EK_X6_3-_3-_1-v3djNngMBsPQmRBNp9bXTxsWfzfeg0ERSwSni3QiehlPF7FE8rRIJ6rhajVbjZwzw2iz2ngWrsFqZjFONjOLzbRyLScWsURpukgnernL9_kLLi-302V5-Vt2u7_ksrhO_7rL9689TS6_v-a3_DsO08Ps_Jwu6j8uxGo5Fw3nqtVctEoAAAAAAAAAAEuYM28CAAAAcBrEbrHY7JYL8PAHrwsMAgAAAAAAsLvCppm_mtw_UNz4cUPdTS7L6eiyPEwOy5k3eyaItVotawAAAAFsAACAAG7dvAWcSHI!&cmcv=&pix=undefined&cb=1630886431133&uv=3014&tms=1630886431133&abt=aat1_vA!adh5c-1_vA!smbs!spa2_vA!t45!ufm_vD!vzr_vB&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=A1729047C27180072663219967&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 06 Sep 2021 00:00:34 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 14307

Redirect headers

Date: Mon, 06 Sep 2021 00:00:34 GMT
Server: nginx
Location: https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=755b1a9b-0ea5-11ec-ac43-124172220106&orig=video&us_privacy=1---gdpr=1&
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 11
Connection: keep-alive
Content-Length: 0

GET
H2 200 sync
x.bidswitch.net/ Frame 6EB5 43 B
145 B 775ms
0ms Image
image/gif 18.195.239.175
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
Requested by: Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=7997047&crid=5479985&dast=V7f9ACFgMIKlgGtjzDhwQIKlgGtjzDhwUAAAAGBvQHGsHYTZaD0W5D2S2Gg8FuMpttJovlcrYbAkcwdpPlYLTbUHaL4WCwm6wWk9VuORyNhqMpfBjLZTKoBRKW2e87KCinp8fsMoiKrrfF7nCaPW94QtPp8Lnu9brf7666m1yW09FleZgclrfDZ9f43X65y_f5Cy4vt9Nleflbdru_5LK4Tv-6y_evPU0uv7_mt_w7DtPD7Pyc7gAAAADwADDlGQPxAwgAEAEAAAAgAQAAAEARUPFvIXABAAAAgAFwoFehAUDJcYAOh-XscvsDAOBBAQQAQACDBECAM7AEYENz8QQAAAAAAAAAgOX___8_BkDP4E4GIIQvswfgwQfggaigsogRAAAAwCfMDcHRpE6oLKoAAAjSrQCuAAAC9nDP8G3DAAAABMYW6GHx-80Ou8bvdhkAAAAAAAAAgNn_2T-aUJReeBrQ5LWC2i8gAMDaLyAAAJu6AQC8CcAFHUErBoPVBcTsAAAAAO7-____9UBqtBy5bMaZZWXaDIcT22azWM4WlsXKOVvMXLOJ9wxpp1otxIrx-0KEZfb7DgrK6ekxuwyiouttsTucZs9BfNAwLCeDYH4TthitJpPNcjhbLiaD4Wg4Gu1PICcDnIjBcjmZLCa71Wg12gx3o9lggQIxmCBFiwaT1Wg0WUyGq9FkNVsudrsNUrRqNRttBsPVbDLb7VbDwXA5GuGELUaryWSzHM6Wi8lgOBqORkOEEc9s4zDsNm7dwuJci2bGyVo58RjWGt_GOVxOXDbjbuUWvT6m42RlsjkXXhQMSNqL4CKdqO4ml-V0dFkeJoflIpZoThbpRHbZt0bLkctmnFlWps1wOLFtNovlbGFZrJyzxcw1m_grntnGYdht3LqFxbkWzYyTtXLiMaw1vo1zuJy4bMbdyi16fUzHycpkcy78jdlmMBzORpPZvjHbDIbD2Wgy23foDN_V52wUB8Xljk6s3I173pj5oHAZLN7f0SKN3Xozo8o2tlhUt2HON7EK_X6_3-_3-_1-v3djNngMBsPQmRBNp9bXTxsWfzfeg0ERSwSni3QiehlPF7FE8rRIJ6rhajVbjZwzw2iz2ngWrsFqZjFONjOLzbRyLScWsURpukgnernL9_kLLi-302V5-Vt2u7_ksrhO_7rL9689TS6_v-a3_DsO08Ps_Jwu6j8uxGo5Fw3nqtVctEoAAAAAAAAAAEuYM28CAAAAcBrEbrHY7JYL8PAHrwsMAgAAAAAAsLvCppm_mtw_UNz4cUPdTS7L6eiyPEwOy5k3eyaItVotawAAAAFsAACAAG7dvAWcSHI!&cmcv=&pix=undefined&cb=1630886431133&uv=3014&tms=1630886431133&abt=aat1_vA!adh5c-1_vA!smbs!spa2_vA!t45!ufm_vD!vzr_vB&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=A1729047C27180072663219967&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.239.175 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-239-175.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 06 Sep 2021 00:00:34 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 6512 70 B
264 B 1727ms
34ms Image
image/gif 13.248.242.197
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7f9ACFgMIKlgGtjzDhwQIKlgGtjzDhwUAAAAGBvQHGsHYTZaD0W5D2S2Gg8FuMpttJovlcrYbAkcwdpPlYLTbUHaL4WCwm6wWk9VuORyNhqMpfBjLZTKoBRKW2e87KCinp8fsMoiKrrfF7nCaPW94QtPp8Lnu9brf7666m1yW09FleZgclrfDZ9f43X65y_f5Cy4vt9Nleflbdru_5LK4Tv-6y_evPU0uv7_mt_w7DtPD7Pyc7gAAAADwADDlGQPxAwgAEAEAAAAgAQAAAEARUPFvIXABAAAAgAFwoFehAUDJcYAOh-XscvsDAOBBAQQAQACDBECAM7AEYENz8QQAAAAAAAAAgOX___8_BkDP4E4GIIQvswfgwQfggaigsogRAAAAwCfMDcHRpE6oLKoAAAjSrQCuAAAC9nDP8G3DAAAABMYW6GHx-80Ou8bvdhkAAAAAAAAAgNn_2T-aUJReeBrQ5LWC2i8gAMDaLyAAAJu6AQC8CcAFHUErBoPVBcTsAAAAAO7-____9UBqtBy5bMaZZWXaDIcT22azWM4WlsXKOVvMXLOJ9wxpp1otxIrx-0KEZfb7DgrK6ekxuwyiouttsTucZs9BfNAwLCeDYH4TthitJpPNcjhbLiaD4Wg4Gu1PICcDnIjBcjmZLCa71Wg12gx3o9lggQIxmCBFiwaT1Wg0WUyGq9FkNVsudrsNUrRqNRttBsPVbDLb7VbDwXA5GuGELUaryWSzHM6Wi8lgOBqORkOEEc9s4zDsNm7dwuJci2bGyVo58RjWGt_GOVxOXDbjbuUWvT6m42RlsjkXXhQMSNqL4CKdqO4ml-V0dFkeJoflIpZoThbpRHbZt0bLkctmnFlWps1wOLFtNovlbGFZrJyzxcw1m_grntnGYdht3LqFxbkWzYyTtXLiMaw1vo1zuJy4bMbdyi16fUzHycpkcy78jdlmMBzORpPZvjHbDIbD2Wgy23foDN_V52wUB8Xljk6s3I173pj5oHAZLN7f0SKN3Xozo8o2tlhUt2HON7EK_X6_3-_3-_1-v3djNngMBsPQmRBNp9bXTxsWfzfeg0ERSwSni3QiehlPF7FE8rRIJ6rhajVbjZwzw2iz2ngWrsFqZjFONjOLzbRyLScWsURpukgnernL9_kLLi-302V5-Vt2u7_ksrhO_7rL9689TS6_v-a3_DsO08Ps_Jwu6j8uxGo5Fw3nqtVctEoAAAAAAAAAAEuYM28CAAAAcBrEbrHY7JYL8PAHrwsMAgAAAAAAsLvCppm_mtw_UNz4cUPdTS7L6eiyPEwOy5k3eyaItVotawAAAAFsAACAAG7dvAWcSHI!&excid=22&docw=0&cijs=1&nlb=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a97adde81b00f2ca4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Sep 2021 00:00:35 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 sync
taboola-supply-partners.tremorhub.com/ Frame 6512 43 B
182 B 1743ms
101ms Image
image/gif 2600:1f18:612b:4232:edc2:aa62:52b8:50a9
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://taboola-supply-partners.tremorhub.com/sync?UISTB=%3CtaboolaUserId%3E&gdpr=1&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26taboola_hm%3D%5BTVUSER_ID%5D%26orig%3Dvideo
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7f9ACFgMIKlgGtjzDhwQIKlgGtjzDhwUAAAAGBvQHGsHYTZaD0W5D2S2Gg8FuMpttJovlcrYbAkcwdpPlYLTbUHaL4WCwm6wWk9VuORyNhqMpfBjLZTKoBRKW2e87KCinp8fsMoiKrrfF7nCaPW94QtPp8Lnu9brf7666m1yW09FleZgclrfDZ9f43X65y_f5Cy4vt9Nleflbdru_5LK4Tv-6y_evPU0uv7_mt_w7DtPD7Pyc7gAAAADwADDlGQPxAwgAEAEAAAAgAQAAAEARUPFvIXABAAAAgAFwoFehAUDJcYAOh-XscvsDAOBBAQQAQACDBECAM7AEYENz8QQAAAAAAAAAgOX___8_BkDP4E4GIIQvswfgwQfggaigsogRAAAAwCfMDcHRpE6oLKoAAAjSrQCuAAAC9nDP8G3DAAAABMYW6GHx-80Ou8bvdhkAAAAAAAAAgNn_2T-aUJReeBrQ5LWC2i8gAMDaLyAAAJu6AQC8CcAFHUErBoPVBcTsAAAAAO7-____9UBqtBy5bMaZZWXaDIcT22azWM4WlsXKOVvMXLOJ9wxpp1otxIrx-0KEZfb7DgrK6ekxuwyiouttsTucZs9BfNAwLCeDYH4TthitJpPNcjhbLiaD4Wg4Gu1PICcDnIjBcjmZLCa71Wg12gx3o9lggQIxmCBFiwaT1Wg0WUyGq9FkNVsudrsNUrRqNRttBsPVbDLb7VbDwXA5GuGELUaryWSzHM6Wi8lgOBqORkOEEc9s4zDsNm7dwuJci2bGyVo58RjWGt_GOVxOXDbjbuUWvT6m42RlsjkXXhQMSNqL4CKdqO4ml-V0dFkeJoflIpZoThbpRHbZt0bLkctmnFlWps1wOLFtNovlbGFZrJyzxcw1m_grntnGYdht3LqFxbkWzYyTtXLiMaw1vo1zuJy4bMbdyi16fUzHycpkcy78jdlmMBzORpPZvjHbDIbD2Wgy23foDN_V52wUB8Xljk6s3I173pj5oHAZLN7f0SKN3Xozo8o2tlhUt2HON7EK_X6_3-_3-_1-v3djNngMBsPQmRBNp9bXTxsWfzfeg0ERSwSni3QiehlPF7FE8rRIJ6rhajVbjZwzw2iz2ngWrsFqZjFONjOLzbRyLScWsURpukgnernL9_kLLi-302V5-Vt2u7_ksrhO_7rL9689TS6_v-a3_DsO08Ps_Jwu6j8uxGo5Fw3nqtVctEoAAAAAAAAAAEuYM28CAAAAcBrEbrHY7JYL8PAHrwsMAgAAAAAAsLvCppm_mtw_UNz4cUPdTS7L6eiyPEwOy5k3eyaItVotawAAAAFsAACAAG7dvAWcSHI!&excid=22&docw=0&cijs=1&nlb=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4232:edc2:aa62:52b8:50a9 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 06 Sep 2021 00:00:35 GMT
server: Apache-Coyote/1.1
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type: image/gif

GET
H2

200

rtb-h Show response
sync-t1.taboola.com/sg/spotx-rtb-network/1/ Frame 6512
Redirect Chain

https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=755b1a9b-0ea5-11ec-ac43-124172220106&orig=video&us_privacy=1---gdpr=1&

0
229 B

70ms
20ms

Script
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=755b1a9b-0ea5-11ec-ac43-124172220106&orig=video&us_privacy=1---gdpr=1&
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7f9ACFgMIKlgGtjzDhwQIKlgGtjzDhwUAAAAGBvQHGsHYTZaD0W5D2S2Gg8FuMpttJovlcrYbAkcwdpPlYLTbUHaL4WCwm6wWk9VuORyNhqMpfBjLZTKoBRKW2e87KCinp8fsMoiKrrfF7nCaPW94QtPp8Lnu9brf7666m1yW09FleZgclrfDZ9f43X65y_f5Cy4vt9Nleflbdru_5LK4Tv-6y_evPU0uv7_mt_w7DtPD7Pyc7gAAAADwADDlGQPxAwgAEAEAAAAgAQAAAEARUPFvIXABAAAAgAFwoFehAUDJcYAOh-XscvsDAOBBAQQAQACDBECAM7AEYENz8QQAAAAAAAAAgOX___8_BkDP4E4GIIQvswfgwQfggaigsogRAAAAwCfMDcHRpE6oLKoAAAjSrQCuAAAC9nDP8G3DAAAABMYW6GHx-80Ou8bvdhkAAAAAAAAAgNn_2T-aUJReeBrQ5LWC2i8gAMDaLyAAAJu6AQC8CcAFHUErBoPVBcTsAAAAAO7-____9UBqtBy5bMaZZWXaDIcT22azWM4WlsXKOVvMXLOJ9wxpp1otxIrx-0KEZfb7DgrK6ekxuwyiouttsTucZs9BfNAwLCeDYH4TthitJpPNcjhbLiaD4Wg4Gu1PICcDnIjBcjmZLCa71Wg12gx3o9lggQIxmCBFiwaT1Wg0WUyGq9FkNVsudrsNUrRqNRttBsPVbDLb7VbDwXA5GuGELUaryWSzHM6Wi8lgOBqORkOEEc9s4zDsNm7dwuJci2bGyVo58RjWGt_GOVxOXDbjbuUWvT6m42RlsjkXXhQMSNqL4CKdqO4ml-V0dFkeJoflIpZoThbpRHbZt0bLkctmnFlWps1wOLFtNovlbGFZrJyzxcw1m_grntnGYdht3LqFxbkWzYyTtXLiMaw1vo1zuJy4bMbdyi16fUzHycpkcy78jdlmMBzORpPZvjHbDIbD2Wgy23foDN_V52wUB8Xljk6s3I173pj5oHAZLN7f0SKN3Xozo8o2tlhUt2HON7EK_X6_3-_3-_1-v3djNngMBsPQmRBNp9bXTxsWfzfeg0ERSwSni3QiehlPF7FE8rRIJ6rhajVbjZwzw2iz2ngWrsFqZjFONjOLzbRyLScWsURpukgnernL9_kLLi-302V5-Vt2u7_ksrhO_7rL9689TS6_v-a3_DsO08Ps_Jwu6j8uxGo5Fw3nqtVctEoAAAAAAAAAAEuYM28CAAAAcBrEbrHY7JYL8PAHrwsMAgAAAAAAsLvCppm_mtw_UNz4cUPdTS7L6eiyPEwOy5k3eyaItVotawAAAAFsAACAAG7dvAWcSHI!&excid=22&docw=0&cijs=1&nlb=true
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 06 Sep 2021 00:00:34 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 14307

Redirect headers

Date: Mon, 06 Sep 2021 00:00:34 GMT
Server: nginx
Location: https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=755b1a9b-0ea5-11ec-ac43-124172220106&orig=video&us_privacy=1---gdpr=1&
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 107
Connection: keep-alive
Content-Length: 0

GET
H2 200 sync
x.bidswitch.net/ Frame 6512 43 B
146 B 775ms
0ms Image
image/gif 18.195.239.175
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7f9ACFgMIKlgGtjzDhwQIKlgGtjzDhwUAAAAGBvQHGsHYTZaD0W5D2S2Gg8FuMpttJovlcrYbAkcwdpPlYLTbUHaL4WCwm6wWk9VuORyNhqMpfBjLZTKoBRKW2e87KCinp8fsMoiKrrfF7nCaPW94QtPp8Lnu9brf7666m1yW09FleZgclrfDZ9f43X65y_f5Cy4vt9Nleflbdru_5LK4Tv-6y_evPU0uv7_mt_w7DtPD7Pyc7gAAAADwADDlGQPxAwgAEAEAAAAgAQAAAEARUPFvIXABAAAAgAFwoFehAUDJcYAOh-XscvsDAOBBAQQAQACDBECAM7AEYENz8QQAAAAAAAAAgOX___8_BkDP4E4GIIQvswfgwQfggaigsogRAAAAwCfMDcHRpE6oLKoAAAjSrQCuAAAC9nDP8G3DAAAABMYW6GHx-80Ou8bvdhkAAAAAAAAAgNn_2T-aUJReeBrQ5LWC2i8gAMDaLyAAAJu6AQC8CcAFHUErBoPVBcTsAAAAAO7-____9UBqtBy5bMaZZWXaDIcT22azWM4WlsXKOVvMXLOJ9wxpp1otxIrx-0KEZfb7DgrK6ekxuwyiouttsTucZs9BfNAwLCeDYH4TthitJpPNcjhbLiaD4Wg4Gu1PICcDnIjBcjmZLCa71Wg12gx3o9lggQIxmCBFiwaT1Wg0WUyGq9FkNVsudrsNUrRqNRttBsPVbDLb7VbDwXA5GuGELUaryWSzHM6Wi8lgOBqORkOEEc9s4zDsNm7dwuJci2bGyVo58RjWGt_GOVxOXDbjbuUWvT6m42RlsjkXXhQMSNqL4CKdqO4ml-V0dFkeJoflIpZoThbpRHbZt0bLkctmnFlWps1wOLFtNovlbGFZrJyzxcw1m_grntnGYdht3LqFxbkWzYyTtXLiMaw1vo1zuJy4bMbdyi16fUzHycpkcy78jdlmMBzORpPZvjHbDIbD2Wgy23foDN_V52wUB8Xljk6s3I173pj5oHAZLN7f0SKN3Xozo8o2tlhUt2HON7EK_X6_3-_3-_1-v3djNngMBsPQmRBNp9bXTxsWfzfeg0ERSwSni3QiehlPF7FE8rRIJ6rhajVbjZwzw2iz2ngWrsFqZjFONjOLzbRyLScWsURpukgnernL9_kLLi-302V5-Vt2u7_ksrhO_7rL9689TS6_v-a3_DsO08Ps_Jwu6j8uxGo5Fw3nqtVctEoAAAAAAAAAAEuYM28CAAAAcBrEbrHY7JYL8PAHrwsMAgAAAAAAsLvCppm_mtw_UNz4cUPdTS7L6eiyPEwOy5k3eyaItVotawAAAAFsAACAAG7dvAWcSHI!&excid=22&docw=0&cijs=1&nlb=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.239.175 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-239-175.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 06 Sep 2021 00:00:34 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame C8A0
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEGwng-70FXsBO9OIhw7Bi4o&google_cver=1

43 B
172 B

135ms
32ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEGwng-70FXsBO9OIhw7Bi4o&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsY1Z21PTAB&v=APEucNU2oGfYbiY5c6cyqR08XbD5C2PpC7JVneT7HnGx2O3SrJQT2kXyUuV39kMfAYmD8tQQZ-K2JWbKUNV4GA0Uspy0YeVdYJsXcQ8Uea8KIEViebzrqFs47BwSrtU2gAFYc8kLbEeT_tIvtCP2BySwMw-2c8UmVWzT1AqoGZDQKlhwcUw87pk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.214.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Sep 2021 00:00:34 GMT
via: 1.1 google
server: OXGW/16.214.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 06 Sep 2021 00:00:34 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEGwng-70FXsBO9OIhw7Bi4o&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame C8A0
Redirect Chain

https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NDdlOTk3YjktZjgxYS0yOWM1LWYwNzktZjNmOWVjMzZkNTU3

170 B
188 B

43ms
42ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NDdlOTk3YjktZjgxYS0yOWM1LWYwNzktZjNmOWVjMzZkNTU3

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsY1Z21PTAB&v=APEucNU2oGfYbiY5c6cyqR08XbD5C2PpC7JVneT7HnGx2O3SrJQT2kXyUuV39kMfAYmD8tQQZ-K2JWbKUNV4GA0Uspy0YeVdYJsXcQ8Uea8KIEViebzrqFs47BwSrtU2gAFYc8kLbEeT_tIvtCP2BySwMw-2c8UmVWzT1AqoGZDQKlhwcUw87pk

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Sep 2021 00:00:34 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 06 Sep 2021 00:00:34 GMT
content-encoding: gzip
server: OXGW/16.214.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NDdlOTk3YjktZjgxYS0yOWM1LWYwNzktZjNmOWVjMzZkNTU3
content-type: image/gif
alt-svc: clear
content-length: 0
via: 1.1 google

GET
H2

200

um
sync.teads.tv/ Frame C8A0
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
https://sync.teads.tv/um?eid=3&uid=CAESEIH2x1TKLWAFFDEaxrvCZ64&google_cver=1

23 B
172 B

687ms
86ms

Image
image/gif

184.31.88.106
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=CAESEIH2x1TKLWAFFDEaxrvCZ64&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsY1Z21PTAB&v=APEucNU2oGfYbiY5c6cyqR08XbD5C2PpC7JVneT7HnGx2O3SrJQT2kXyUuV39kMfAYmD8tQQZ-K2JWbKUNV4GA0Uspy0YeVdYJsXcQ8Uea8KIEViebzrqFs47BwSrtU2gAFYc8kLbEeT_tIvtCP2BySwMw-2c8UmVWzT1AqoGZDQKlhwcUw87pk
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.31.88.106 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-31-88-106.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.3 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Sep 2021 00:00:35 GMT
cache-control: max-age=0, no-cache, no-store
expires: Mon, 06 Sep 2021 00:00:35 GMT
server: akka-http/10.2.3
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Mon, 06 Sep 2021 00:00:34 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://sync.teads.tv/um?eid=3&uid=CAESEIH2x1TKLWAFFDEaxrvCZ64&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 281
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 um
sync.teads.tv/ Frame C8A0 23 B
172 B 1702ms
62ms Image
image/gif 184.31.88.106
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsY1Z21PTAB&v=APEucNU2oGfYbiY5c6cyqR08XbD5C2PpC7JVneT7HnGx2O3SrJQT2kXyUuV39kMfAYmD8tQQZ-K2JWbKUNV4GA0Uspy0YeVdYJsXcQ8Uea8KIEViebzrqFs47BwSrtU2gAFYc8kLbEeT_tIvtCP2BySwMw-2c8UmVWzT1AqoGZDQKlhwcUw87pk
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.31.88.106 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-31-88-106.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.3 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Sep 2021 00:00:35 GMT
cache-control: max-age=0, no-cache, no-store
expires: Mon, 06 Sep 2021 00:00:35 GMT
server: akka-http/10.2.3
content-length: 23
content-type: image/gif

GET
H/1.1

200

partner
sync.search.spotxchange.com/ Frame 42C3
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEOELsIFlIjZ6n58J6aYv11M&google_cver=1

43 B
549 B

134ms
33ms

Image
image/gif

185.94.180.125
SPOTX-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEOELsIFlIjZ6n58J6aYv11M&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMX_6gIQ4aTvAhi7392sATAB&v=APEucNUfqWPyKDX0HqjEV7yFACK0tRLFxFJMwlU5Ol9MPllwDAs9aV5DIuDgku2fNFlini91CDDeeuE4EcwbH3t2jKFrxyE6iI0Ox0-maI7RKOSiFpmgV8JQCOgPa0gG46YXGcuh25PuxHZgc8VaIEay9XaSYwNwN7mUVhOBdrQZg3yvHXr4xvE
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.94.180.125 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Mon, 06 Sep 2021 00:00:34 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 103
Connection: keep-alive
Content-Length: 43

Redirect headers

pragma: no-cache
date: Mon, 06 Sep 2021 00:00:34 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEOELsIFlIjZ6n58J6aYv11M&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 306
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 42C3
Redirect Chain

https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID
https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID&__user_check__=1&sync_i...
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=NzU1YjFhOWItMGVhNS0xMWVjLWFjNDMtMTI0MTcyMjIwMTA2

170 B
188 B

79ms
43ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=NzU1YjFhOWItMGVhNS0xMWVjLWFjNDMtMTI0MTcyMjIwMTA2

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMX_6gIQ4aTvAhi7392sATAB&v=APEucNUfqWPyKDX0HqjEV7yFACK0tRLFxFJMwlU5Ol9MPllwDAs9aV5DIuDgku2fNFlini91CDDeeuE4EcwbH3t2jKFrxyE6iI0Ox0-maI7RKOSiFpmgV8JQCOgPa0gG46YXGcuh25PuxHZgc8VaIEay9XaSYwNwN7mUVhOBdrQZg3yvHXr4xvE

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Sep 2021 00:00:34 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Mon, 06 Sep 2021 00:00:34 GMT
Server: nginx
Location: https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=NzU1YjFhOWItMGVhNS0xMWVjLWFjNDMtMTI0MTcyMjIwMTA2
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 141
Connection: keep-alive
Content-Length: 0

GET
H2 204 v1
ads.yahoo.com/cms/ Frame 42C3 0
445 B 1651ms
11ms Image
text/plain 2a00:1288:80:800::7000
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.yahoo.com/cms/v1?esig=1~b04e41039133c73fafd60e0ed8cb49a70ecfb061&nwid=10000483131&sigv=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:800::7000 Frankfurt am Main, Germany, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 06 Sep 2021 00:00:35 GMT
cache-control: no-store
x-content-type-options: nosniff
server: ATS
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block

GET
H2 200 PMS.js Show response
vidstat.taboola.com/PMS/3.2.2/ 59 KB
17 KB 197ms
20ms Script
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/PMS/3.2.2/PMS.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/30_1_4/infra/cmTagFEED_MANAGER.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 82fba5f2a3814f5a06b59a3a4a84d9edc1145d1ca57d54ccf321ce03af57bb9a

Request headers

Referer: https://www.undertheradarmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 06 Sep 2021 00:00:34 GMT
via: 1.1 96ab38d99b79d57e5c7e9b8a07c0fad3.cloudfront.net (CloudFront), 1.1 varnish
age: 2756897
x-cache: Hit from cloudfront, HIT
content-encoding: gzip
content-length: 17509
x-served-by: cache-fra19173-FRA
last-modified: Thu, 21 Jan 2021 11:30:56 GMT
server: AmazonS3
x-timer: S1630886434.453966,VS0,VE0
etag: "f237b8d35060f133ac8c595fd1234e1c"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: JVAUVHZomFBOTYSmiRyONx061K0r8J89HAeMC4sUhok9f7gqiMDPAg==
x-cache-hits: 1397553

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame FDD2 17 KB
17 KB 1060ms
9ms Image
image/jpeg 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcR-t8Nl8X5p2RPlzPE6-pHXsRNfACFwTJQOi4gkCmpVRZykcmbVIzfxHasVwzU&usqp=CAI

Requested by

Host: dd97950f1a8a919d39db5fcf83f03a78.safeframe.googlesyndication.com
URL: https://dd97950f1a8a919d39db5fcf83f03a78.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

01c2477f24d23a013fc589458007b8e6c59e2d8917e1c356f5501f62663d1d22

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dd97950f1a8a919d39db5fcf83f03a78.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 05 Sep 2021 23:03:47 GMT
x-content-type-options: nosniff
last-modified: Thu, 11 Feb 2021 06:03:28 GMT
server: sffe
age: 3408
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
content-type: image/jpeg
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16903
x-xss-protection: 0
expires: Mon, 05 Sep 2022 23:03:47 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame FDD2 6 KB
6 KB 972ms
8ms Image
image/jpeg 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcR3zQdHuXRSjtyZjRjRmF_Vgh-rJ-7RkcZ9-K3lhkpn8E_bHbfU&usqp=CAI

Requested by

Host: dd97950f1a8a919d39db5fcf83f03a78.safeframe.googlesyndication.com
URL: https://dd97950f1a8a919d39db5fcf83f03a78.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5ca015ae5011562c88af4bc5efa1350a4fb46326fdfacab5c4ce3c25968e7710

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dd97950f1a8a919d39db5fcf83f03a78.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 05 Sep 2021 23:19:31 GMT
x-content-type-options: nosniff
last-modified: Mon, 30 Aug 2021 02:32:26 GMT
server: sffe
age: 2464
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
content-type: image/jpeg
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5710
x-xss-protection: 0
expires: Mon, 05 Sep 2022 23:19:31 GMT

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame FDD2 19 KB
19 KB 978ms
3ms Image
image/jpeg 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcRxKCOoPNJoxCxBH1QyOaUCeI8obYatkETKUOAPUazkH7LCvhcu&usqp=CAI

Requested by

Host: dd97950f1a8a919d39db5fcf83f03a78.safeframe.googlesyndication.com
URL: https://dd97950f1a8a919d39db5fcf83f03a78.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca96d79ac4f12f4ef0c77a263f8384a5b43987a168c9f3d21620e32f83fa47e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dd97950f1a8a919d39db5fcf83f03a78.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 05 Sep 2021 12:50:42 GMT
x-content-type-options: nosniff
last-modified: Mon, 16 Aug 2021 00:46:12 GMT
server: sffe
age: 40193
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
content-type: image/jpeg
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19451
x-xss-protection: 0
expires: Mon, 05 Sep 2022 12:50:42 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame FDD2 17 KB
17 KB 973ms
7ms Image
image/jpeg 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcQiVphU2T15nfoGlhWi-7xmuwiSuS0xh7cydN0yW96Jt2J1AGzo--2EuTW3og&usqp=CAI

Requested by

Host: dd97950f1a8a919d39db5fcf83f03a78.safeframe.googlesyndication.com
URL: https://dd97950f1a8a919d39db5fcf83f03a78.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8d0680720dfa2876fae6a34486e0d00b2df2b8d2069710e8c271a074fe9898fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dd97950f1a8a919d39db5fcf83f03a78.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 00:47:33 GMT
x-content-type-options: nosniff
last-modified: Thu, 11 Feb 2021 06:05:16 GMT
server: sffe
age: 429182
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
content-type: image/jpeg
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17072
x-xss-protection: 0
expires: Thu, 01 Sep 2022 00:47:33 GMT

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame FDD2 35 KB
35 KB 948ms
9ms Image
image/png 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcTFCkjaG56rQ3MstsEcmC-sJmYpDCFgLrszGnqLSGcwrEz8kYc&usqp=CAI

Requested by

Host: dd97950f1a8a919d39db5fcf83f03a78.safeframe.googlesyndication.com
URL: https://dd97950f1a8a919d39db5fcf83f03a78.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e3830a3aab8b78820fcfd7e4cc06ed2ee47e3ea8ad068e78e218332437030480

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dd97950f1a8a919d39db5fcf83f03a78.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 31 Aug 2021 15:36:44 GMT
x-content-type-options: nosniff
last-modified: Mon, 07 May 2018 06:51:28 GMT
server: sffe
age: 462231
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
content-type: image/png
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35515
x-xss-protection: 0
expires: Wed, 31 Aug 2022 15:36:44 GMT

GET
DATA 200
OK truncated
/ Frame 1A27 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 534c5b3a97e73230c545613a3075ae7315eda55e45a259beb184151cfda62aed

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 1A27 0
545 B 377ms
80ms Ping
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dd97950f1a8a919d39db5fcf83f03a78.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Mon, 06 Sep 2021 00:00:35 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 index.html Show response
s0.2mdn.net/9957158/1622818134107/Template_160x600/ Frame A126 86 KB
22 KB 21ms
6ms Document
text/html 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/9957158/1622818134107/Template_160x600/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_273.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

10e8cc21c2a2cb67e7dc9c0f9dee955639fc32a1154a9ee7675741f00c81e944

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: s0.2mdn.net
:scheme: https
:path: /9957158/1622818134107/Template_160x600/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://dd97950f1a8a919d39db5fcf83f03a78.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://dd97950f1a8a919d39db5fcf83f03a78.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 22571
date: Sun, 05 Sep 2021 22:00:18 GMT
expires: Mon, 06 Sep 2021 22:00:18 GMT
last-modified: Fri, 04 Jun 2021 14:48:54 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=86400
age: 7217
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 63CD 0
107 B 284ms
83ms Ping
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvSVm4dn0JQp17fQzPz1Z5LIj4WSxiEN7KTdvSeVwaHkiVEMlRwETEr0UjoAU5D4bGRhWvJFHaAxKkCZH57ODzohhHXtzGipMx1GCihPbQiU-zgbdxc_WUzfYNTPlqd9YYdF4vtCii-JNT-xNP5SuNUz-m11e2AataM-DcAzXyKj8Sg-c84cnzpvd2qMTirYUrbg3s6PFK1FnTz2IIld81R7yERSUdict9lbn1d4hjPIX8qzWkBUSM9bC4zUUnGNk98aELdkWOyrKROgA3Oq_OhJKiYrban7Wc1BGB13RW0ExVqEQ1hoQ5dKiR0NyJZ2Auf9SLhhdS-vlIIDS9QBnFy_X0cGJndCaiG8R5aHZhxDRs3-mr3v97hF5yWUobxf0wv0K6msl7VDyYZWVqrY6VDzB3IZ7VfbbaYmPVDwyoBsFvX3shwyFNCyXrY8AKHCG9_1ep4astTHD40NeNcDqAbJo-LNDksmFukwbQtGivWHsnCWzb1olZuDahNziES-qe3h1GQHfkIlRuouZ2Ugi8Qk0f1FamaC2nx4sguhbYM52hC9mdjNWhXgnC6YSh_VvXPfcnsUGoX7TmK5nBwKnCoZC019NTmzGdLo1t-OPoPXlpELdO1O3sduQTGMXiryLEMtRVsZx40nWHms40dgCUfp5njEkyBSpeexW5ihRKNGazkQRwCyq2xMntrTDfMpswqwlQW95-ZJni3tPBSB2ew5STy0s7sAhW-4fMhQQrqN75lymtpGdmlibFNHpnq-60RoJ8mALpmZtdk4Pk0VLs8zZamyEHRiqpjcDrFh_i98LTIzPjcy9-fcOldqHa-3npkLF6-jrzPgNIHWteSzjfH9LNemuhsNqqOzryxn7FiNSfkmXiakegndcL1x98B-1LFXhQJBV14z0VAbSIEGyyR-gINH0An27FCIdEpEuoiRp9gFVwzJuciQ8UWaCf_GQv0p2_07_QaxVwaSI8xKAgml_1CkSruXTZqKTX6dK_tAbxg7Isfl8hbkkkcGhRhY6lv4GD-qnZWAIm1zeGhqqOk0DJ_jO00524Am5tbPFHqWb6rQW_seBaUgIdIOFO61WrhSf38JenCY4jo8QTHo8_8gDttgxwdHqD4xUtUAjweduuH7MvPjC-qRPMlrvp1lxltV1bdAFzJIPesIiQbOapbeVqTkg3s3GHo_GBtpuRvF5FU&sai=AMfl-YQQ86aFHQxk686Ok4U77jw62ZBSksfxOZNC5mCCuFpACDRiQd8l_rpAh_N29mnzNdIufycsEnjE-xTJWMt3Gd50UIxNtEBxFK8vGycp1L3Q5-EfgVmbOvI14gLDPbTW5u-oP3YwQkovrUi7qVPV1qk7pq0KD8YO_kYvE4g&sig=Cg0ArKJSzAWxiCQfoG_SEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1547&cbvp=1&cstd=1509&cisv=r20210831.91681&adurl=

Requested by

Host: www.undertheradarmag.com
URL: https://www.undertheradarmag.com/news/premiere_enn_debut_new_video_for_catalyst

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dd97950f1a8a919d39db5fcf83f03a78.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Mon, 06 Sep 2021 00:00:35 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 6F40 22 KB
8 KB 57ms
53ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://dd97950f1a8a919d39db5fcf83f03a78.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://dd97950f1a8a919d39db5fcf83f03a78.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8395
date: Sun, 05 Sep 2021 10:19:55 GMT
expires: Mon, 05 Sep 2022 10:19:55 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 49240
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame F93F 22 KB
8 KB 56ms
54ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://dd97950f1a8a919d39db5fcf83f03a78.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://dd97950f1a8a919d39db5fcf83f03a78.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8395
date: Sun, 05 Sep 2021 10:19:55 GMT
expires: Mon, 05 Sep 2022 10:19:55 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 49240
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame BF17
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=

281 B
554 B

70ms
22ms

Document
text/html

104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Requested by: Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=7997047&crid=5479985&dast=V7f9ACFgMIKlgGtjzDhwQIKlgGtjzDhwUAAAAGBvQHGsHYTZaD0W5D2S2Gg8FuMpttJovlcrYbAkcwdpPlYLTbUHaL4WCwm6wWk9VuORyNhqMpfBjLZTKoBRKW2e87KCinp8fsMoiKrrfF7nCaPW94QtPp8Lnu9brf7666m1yW09FleZgclrfDZ9f43X65y_f5Cy4vt9Nleflbdru_5LK4Tv-6y_evPU0uv7_mt_w7DtPD7Pyc7gAAAADwADDlGQPxAwgAEAEAAAAgAQAAAEARUPFvIXABAAAAgAFwoFehAUDJcYAOh-XscvsDAOBBAQQAQACDBECAM7AEYENz8QQAAAAAAAAAgOX___8_BkDP4E4GIIQvswfgwQfggaigsogRAAAAwCfMDcHRpE6oLKoAAAjSrQCuAAAC9nDP8G3DAAAABMYW6GHx-80Ou8bvdhkAAAAAAAAAgNn_2T-aUJReeBrQ5LWC2i8gAMDaLyAAAJu6AQC8CcAFHUErBoPVBcTsAAAAAO7-____9UBqtBy5bMaZZWXaDIcT22azWM4WlsXKOVvMXLOJ9wxpp1otxIrx-0KEZfb7DgrK6ekxuwyiouttsTucZs9BfNAwLCeDYH4TthitJpPNcjhbLiaD4Wg4Gu1PICcDnIjBcjmZLCa71Wg12gx3o9lggQIxmCBFiwaT1Wg0WUyGq9FkNVsudrsNUrRqNRttBsPVbDLb7VbDwXA5GuGELUaryWSzHM6Wi8lgOBqORkOEEc9s4zDsNm7dwuJci2bGyVo58RjWGt_GOVxOXDbjbuUWvT6m42RlsjkXXhQMSNqL4CKdqO4ml-V0dFkeJoflIpZoThbpRHbZt0bLkctmnFlWps1wOLFtNovlbGFZrJyzxcw1m_grntnGYdht3LqFxbkWzYyTtXLiMaw1vo1zuJy4bMbdyi16fUzHycpkcy78jdlmMBzORpPZvjHbDIbD2Wgy23foDN_V52wUB8Xljk6s3I173pj5oHAZLN7f0SKN3Xozo8o2tlhUt2HON7EK_X6_3-_3-_1-v3djNngMBsPQmRBNp9bXTxsWfzfeg0ERSwSni3QiehlPF7FE8rRIJ6rhajVbjZwzw2iz2ngWrsFqZjFONjOLzbRyLScWsURpukgnernL9_kLLi-302V5-Vt2u7_ksrhO_7rL9689TS6_v-a3_DsO08Ps_Jwu6j8uxGo5Fw3nqtVctEoAAAAAAAAAAEuYM28CAAAAcBrEbrHY7JYL8PAHrwsMAgAAAAAAsLvCppm_mtw_UNz4cUPdTS7L6eiyPEwOy5k3eyaItVotawAAAAFsAACAAG7dvAWcSHI!&cmcv=&pix=undefined&cb=1630886431133&uv=3014&tms=1630886431133&abt=aat1_vA!adh5c-1_vA!smbs!spa2_vA!t45!ufm_vD!vzr_vB&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=A1729047C27180072663219967&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://imprammp.taboola.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://imprammp.taboola.com/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 23 Feb 2021 20:47:52 GMT
ETag: "402b0-119-5bc0708346e00"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Mon, 06 Sep 2021 00:00:35 GMT
Connection: keep-alive
Vary: Accept-Encoding

Redirect headers

Server: AkamaiGHost
Content-Length: 0
Location: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Date: Mon, 06 Sep 2021 00:00:35 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 0D1D
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=

281 B
554 B

94ms
46ms

Document
text/html

104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7f9ACFgMIKlgGtjzDhwQIKlgGtjzDhwUAAAAGBvQHGsHYTZaD0W5D2S2Gg8FuMpttJovlcrYbAkcwdpPlYLTbUHaL4WCwm6wWk9VuORyNhqMpfBjLZTKoBRKW2e87KCinp8fsMoiKrrfF7nCaPW94QtPp8Lnu9brf7666m1yW09FleZgclrfDZ9f43X65y_f5Cy4vt9Nleflbdru_5LK4Tv-6y_evPU0uv7_mt_w7DtPD7Pyc7gAAAADwADDlGQPxAwgAEAEAAAAgAQAAAEARUPFvIXABAAAAgAFwoFehAUDJcYAOh-XscvsDAOBBAQQAQACDBECAM7AEYENz8QQAAAAAAAAAgOX___8_BkDP4E4GIIQvswfgwQfggaigsogRAAAAwCfMDcHRpE6oLKoAAAjSrQCuAAAC9nDP8G3DAAAABMYW6GHx-80Ou8bvdhkAAAAAAAAAgNn_2T-aUJReeBrQ5LWC2i8gAMDaLyAAAJu6AQC8CcAFHUErBoPVBcTsAAAAAO7-____9UBqtBy5bMaZZWXaDIcT22azWM4WlsXKOVvMXLOJ9wxpp1otxIrx-0KEZfb7DgrK6ekxuwyiouttsTucZs9BfNAwLCeDYH4TthitJpPNcjhbLiaD4Wg4Gu1PICcDnIjBcjmZLCa71Wg12gx3o9lggQIxmCBFiwaT1Wg0WUyGq9FkNVsudrsNUrRqNRttBsPVbDLb7VbDwXA5GuGELUaryWSzHM6Wi8lgOBqORkOEEc9s4zDsNm7dwuJci2bGyVo58RjWGt_GOVxOXDbjbuUWvT6m42RlsjkXXhQMSNqL4CKdqO4ml-V0dFkeJoflIpZoThbpRHbZt0bLkctmnFlWps1wOLFtNovlbGFZrJyzxcw1m_grntnGYdht3LqFxbkWzYyTtXLiMaw1vo1zuJy4bMbdyi16fUzHycpkcy78jdlmMBzORpPZvjHbDIbD2Wgy23foDN_V52wUB8Xljk6s3I173pj5oHAZLN7f0SKN3Xozo8o2tlhUt2HON7EK_X6_3-_3-_1-v3djNngMBsPQmRBNp9bXTxsWfzfeg0ERSwSni3QiehlPF7FE8rRIJ6rhajVbjZwzw2iz2ngWrsFqZjFONjOLzbRyLScWsURpukgnernL9_kLLi-302V5-Vt2u7_ksrhO_7rL9689TS6_v-a3_DsO08Ps_Jwu6j8uxGo5Fw3nqtVctEoAAAAAAAAAAEuYM28CAAAAcBrEbrHY7JYL8PAHrwsMAgAAAAAAsLvCppm_mtw_UNz4cUPdTS7L6eiyPEwOy5k3eyaItVotawAAAAFsAACAAG7dvAWcSHI!&excid=22&docw=0&cijs=1&nlb=true
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://am-match.taboola.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://am-match.taboola.com/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 23 Feb 2021 20:47:52 GMT
ETag: "402b0-119-5bc0708346e00"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Mon, 06 Sep 2021 00:00:35 GMT
Connection: keep-alive
Vary: Accept-Encoding

Redirect headers

Server: AkamaiGHost
Content-Length: 0
Location: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Date: Mon, 06 Sep 2021 00:00:35 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *

GET
H3-29 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 63CD 41 KB
15 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: dd97950f1a8a919d39db5fcf83f03a78.safeframe.googlesyndication.com
URL: https://dd97950f1a8a919d39db5fcf83f03a78.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dd97950f1a8a919d39db5fcf83f03a78.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 05 Sep 2021 10:19:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 49241
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 05 Sep 2022 10:19:53 GMT

GET
DATA 200
OK truncated
/ Frame 63CD 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f54bc809270c30cb3ec1c34a195d158551fa535a3e57715250aae344d5dd5b7f

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK 5imww12akvzn Show response
hal9000.redintelligence.net/zone/ Frame C38C 11 KB
4 KB 674ms
34ms Script
text/html 116.202.48.214
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/5imww12akvzn?subid=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCEKU0Glo1YZncCtqKrASx15KoBuKw3PBfnonW-4kL8C4QASDqu74PYJGEgID8F8gBCakCt872iB_usz6oAwGqBNsBT9BllFVg5mUbJjqJbQl3JtV5AauOh_FfeTrCZHpAb9m5Gl93YD-wULRcIoyuoq8ftA80IeQs6a8foLPBV_EgNlfFHRO5Txi4Ml-xOCQnb0CJnujQClsWJ5yqu48dSCBtp144gj6rtP3uFGF27Eo14t10T50839ymIF75dqtwzPrjNg7Go7EtAnit-B8SIchwKhvaII1ES4eGnxp13j0l-JBLZZZxScMx_Fv4_O8Y0lCQPjpZu_JMFh7dTu_sjxQNLawtnC_o_2ghq-_yIa5pWK3oWLEoiXPWo_yowATb87331AHgBAOQBgGgBk2AB-vn6F6oB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiI4YAQEAEYHYAKAZgLAcgLAYAMAbATtda5DNATANgTA4gUAdgUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASFeRokUELHibDCAp6Gjl3MOYpBCCs7Q%26sig%3DAOD64_3Ht95Army6_Oz-juF4ugDCyB0E6g%26client%3Dca-pub-7213021641226731%26dbm_c%3DAKAmf-Brfs9Ug7meHokj6WwP5nqzJS0vff0kCtg8V-uYp2_DJUX96c9ld7yLoKs1dGVxsFZsd_jeebZS751MlL1MKKdg0jGRc_vXXODSY8h186PgccCGdx1iy5G3UApFtmOGpQT6c04Ur_5MsSRBgzKFrMUUU--Vpg%26cry%3D1%26dbm_d%3DAKAmf-CbTdYYDYjYVpz7RaY8lK2k5cSJ9PhcXhXFgogVMIEiGhQytC9f-m_31qQNR_x8Bmh9uOb_8vn6h5gdn5xIBTD0WIb_C-QypGvut-SrSuRDpgmRxb5LjCFKd5VnTtn3BWeVz3vG_mZZPG2fLN-sPEqavvxiPBodmpu9NhSzjjBIOpFZNUFE-p-nEmL3xf1t4cX0E2vPnuROYnZpC_0j6y23phiS8C8AuJV_0ummdCxgbMX14vwebMM6Ffc8g_uWQGlX6R-tB3Yvy9bkKtMFV92XwCoKgs0tvwkaewST_EwTP1jcv6R0Dw0CPojcO3pEzWl2bw2MX2sDTjfPPpCtBMM8zVlZKnd-jjSE-1rcbNVFbR42xQ_3udC4cN1uFzhN_a9RFjv9yM8ptj61Smwb-On56iczrleEqN7UtfdrrwzDIMq5_3k74JBpYpMzRZtOwkHC5fLqMG-J7iIQNygbmyiBYEhLztdk8nn7VG91VxqBLQ0C_NCKy6QtZ10x7wT4hPg8G7-BuUGahKxuxdGVMfkT8mHT8A%26adurl%3D
Requested by: Host: dd97950f1a8a919d39db5fcf83f03a78.safeframe.googlesyndication.com
URL: https://dd97950f1a8a919d39db5fcf83f03a78.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 116.202.48.214 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.214.48.202.116.clients.your-server.de
Software: Apache /
Resource Hash: 668acf352e43ebeafc33713faf73ce37db2967aca52ad5437c2b3e26a60be82e

Request headers

Referer: https://dd97950f1a8a919d39db5fcf83f03a78.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Mon, 06 Sep 2021 00:00:35 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 3952
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

POST
H2 204 perf Show response
am-trc-events.taboola.com/undertheradar/log/3/ 0
253 B 39ms
38ms XHR
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-trc-events.taboola.com/undertheradar/log/3/perf?route=AM%3AAM%3AV&lti=cta-lzy5_var1
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210823-13_b2-PR-36653-DEV-91882-align-code-from-custom-module-to-rbox-b251e67c540-SNAPSHOT.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.undertheradarmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://www.undertheradarmag.com
pragma: no-cache
date: Mon, 06 Sep 2021 00:00:35 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame FDD2 42 B
64 B 90ms
59ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss2BHpKJF1pIRrMvem-P-gTqDGrYWHUSf9McgNypgTBN7fk0v0nLhc1suGzn2DNe_HgoS22HjUt_WBl7AELxY4ZzGfRQpYDWy6UXqf4e96Z2xgcQiKJYDjjHZ3wJA&sai=AMfl-YQUdGTiG76lO5Kuy0lYwGKbcvhhkNtKiQZR6fkpqODj-iTsp_P4QnO1KTQU4st4cYUbV34HfHawx_MUhuClcE4ovG9nq2BzY-SwnsM1deKDvCd8hyzIjC7DTxqDeBQ&sig=Cg0ArKJSzA6AJoQtcOcDEAE&id=lidar2&mcvt=1003&p=11,318,261,1288&asp=11,318,261,1288&mtos=1003,1003,1003,1003,1003&tos=1003,0,0,0,0&v=20210901&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=2838847317&rs=4&met=mue&la=1&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1630886428804&rpt=5351&isd=0&lsd=0&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dd97950f1a8a919d39db5fcf83f03a78.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Sep 2021 00:00:35 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 content14_10_18m.js Show response
vidstat.taboola.com/ 37 KB
8 KB 23ms
22ms Script
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/content14_10_18m.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/30_1_4/infra/cmTagFEED_MANAGER.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ab8bbbaf028510d8b119cce741f0c2cc94816dcc113d83cac81a6aade6a76fa9

Request headers

Referer: https://www.undertheradarmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 06 Sep 2021 00:00:35 GMT
via: 1.1 78059242182c195ff7f26013772da09a.cloudfront.net (CloudFront), 1.1 varnish
age: 2678835
x-cache: Hit from cloudfront, HIT
content-encoding: gzip
content-length: 7638
x-served-by: cache-fra19173-FRA
last-modified: Sun, 14 Oct 2018 13:31:31 GMT
server: AmazonS3
x-timer: S1630886435.447450,VS0,VE0
etag: "d8d81221ec6e604811ce469d899c9c8b"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: 66yyU3j4fvwR2pWghuTSRe4J90AY-n2Za3iK1pdjZQmlD5ieLGYAOA==
x-cache-hits: 1270267

GET
H2 200 video-autoplay-detector.js Show response
vidstat.taboola.com/video-autoplay-detector/1.0.0/ 8 KB
2 KB 22ms
22ms Script
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/video-autoplay-detector/1.0.0/video-autoplay-detector.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/30_1_4/infra/cmTagFEED_MANAGER.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5b497b3dea8511b361da644850f9a576c982e26ce7b18754c5c82f50f4049024

Request headers

Referer: https://www.undertheradarmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 06 Sep 2021 00:00:35 GMT
via: 1.1 9e62923882d737ac8cd27f0d1b1c24cf.cloudfront.net (CloudFront), 1.1 varnish
age: 3677301
x-cache: Hit from cloudfront, HIT
content-encoding: gzip
content-length: 2210
x-served-by: cache-fra19173-FRA
last-modified: Mon, 10 Jun 2019 11:55:53 GMT
server: AmazonS3
x-timer: S1630886435.448586,VS0,VE0
etag: "2fac39530c1c168282a35d1ab56450ed"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: Yo6KR3_XnOUi3NWD_VhTvYGGRyYggaAaoexq4W1dbbw3whiXkm5P2g==
x-cache-hits: 2961445

GET
H2 200 OvaMediaPlayer.js Show response
vidstat.taboola.com/vpaid/vPlayer/player/v12.6.4/ 568 KB
117 KB 25ms
24ms Script
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v12.6.4/OvaMediaPlayer.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/30_1_4/infra/cmTagFEED_MANAGER.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 218e212955a099e8b0e363d4750a26b27024c8443a4b5e0313aa62ef2054153e

Request headers

Referer: https://www.undertheradarmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 06 Sep 2021 00:00:35 GMT
via: 1.1 varnish
age: 299988
x-amz-meta-mtime: 1630586387
x-cache: HIT
x-amz-meta-ctime: 1630586402
x-amz-meta-mode: 33188
content-encoding: br
content-length: 118911
x-amz-id-2: EdodbS+V2dbyoUF0K9a70DYjMdHUKIfYoTz3cPwv2PeI20A8q1OVM5WYpDMSgen4uGQA5fj6LcE=
x-served-by: cache-fra19173-FRA
accept-ranges: bytes
last-modified: Thu, 02 Sep 2021 12:40:03 GMT
server: AmazonS3-br
x-timer: S1630886435.493053,VS0,VE0
etag: "062bf4ef6ed3901a242357a7a0f461b2"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-request-id: 8EGRAFEXPPRM10Y6
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-meta-gid: 0
content-type: application/javascript
access-control-allow-headers: *
x-cache-hits: 276266

GET
H2 200 sync Show response
am-match.taboola.com/ Frame 7668 1 KB
1 KB 21ms
17ms Document
text/html 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-match.taboola.com/sync?dast=V7f9ACFgMIKlgGtjzDhwQIKlgGtjzDhwUAAAAGBvQHGsHYTZaD0W5D2S2Gg8FuMpttJovlcrYbAkcwdpPlYLTbUHaL4WCwm6wWk9VuORyNhqMpfBjLZTKoBRKW2e87KCinp8fsMoiKrrfF7nCaPW94QtPp8Lnu9brf7666m1yW09FleZgclrfDZ9f43X65y_f5Cy4vt9Nleflbdru_5LK4Tv-6y_evPU0uv7_mt_w7DtPD7Pyc7gAAAADwADDlGQPxAwgAEAEAAAAgAQAAAEARUPFvIXABAAAAgAFwoFehAUDJcYAOh-XscvsDAOBBAQQAQACDBECAM7AEYENz8QQAAAAAAAAAgOX___8_BkDP4E4GIIQvswfgwQfggaigsogRAAAAwCfMDcHRpE6oLKoAAAjSrQCuAAAC9nDP8G3DAAAABMYW6GHx-80Ou8bvdhkAAAAAAAAAgNn_2T-aUJReeBrQ5LWC2i8gAMDaLyAAAJu6AQC8CcAFHUErBoPVBcTsAAAAAO7-____9UBqtBy5bMaZZWXaDIcT22azWM4WlsXKOVvMXLOJ9wxpp1otxIrx-0KEZfb7DgrK6ekxuwyiouttsTucZs9BfNAwLCeDYH4TthitJpPNcjhbLiaD4Wg4Gu1PICcDnIjBcjmZLCa71Wg12gx3o9lggQIxmCBFiwaT1Wg0WUyGq9FkNVsudrsNUrRqNRttBsPVbDLb7VbDwXA5GuGELUaryWSzHM6Wi8lgOBqORkOEEc9s4zDsNm7dwuJci2bGyVo58RjWGt_GOVxOXDbjbuUWvT6m42RlsjkXXhQMSNqL4CKdqO4ml-V0dFkeJoflIpZoThbpRHbZt0bLkctmnFlWps1wOLFtNovlbGFZrJyzxcw1m_grntnGYdht3LqFxbkWzYyTtXLiMaw1vo1zuJy4bMbdyi16fUzHycpkcy78jdlmMBzORpPZvjHbDIbD2Wgy23foDN_V52wUB8Xljk6s3I173pj5oHAZLN7f0SKN3Xozo8o2tlhUt2HON7EK_X6_3-_3-_1-v3djNngMBsPQmRBNp9bXTxsWfzfeg0ERSwSni3QiehlPF7FE8rRIJ6rhajVbjZwzw2iz2ngWrsFqZjFONjOLzbRyLScWsURpukgnernL9_kLLi-302V5-Vt2u7_ksrhO_7rL9689TS6_v-a3_DsO08Ps_Jwu6j8uxGo5Fw3nqtVctEoAAAAAAAAAAEuYM28CAAAAcBrEbrHY7JYL8PAHrwsMAgAAAAAAsLvCppm_mtw_UNz4cUPdTS7L6eiyPEwOy5k3eyaItVotawAAAAFsAACAAG7dvAWcSHI!&excid=22&docw=0&cijs=1&nlb=true
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/30_1_4/infra/cmTagFEED_MANAGER.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: bdcc13c2a0fb02a595f26d25d6ac5057719ce7050ecf985585102390e6fc06d3

Request headers

:method: GET
:authority: am-match.taboola.com
:scheme: https
:path: /sync?dast=V7f9ACFgMIKlgGtjzDhwQIKlgGtjzDhwUAAAAGBvQHGsHYTZaD0W5D2S2Gg8FuMpttJovlcrYbAkcwdpPlYLTbUHaL4WCwm6wWk9VuORyNhqMpfBjLZTKoBRKW2e87KCinp8fsMoiKrrfF7nCaPW94QtPp8Lnu9brf7666m1yW09FleZgclrfDZ9f43X65y_f5Cy4vt9Nleflbdru_5LK4Tv-6y_evPU0uv7_mt_w7DtPD7Pyc7gAAAADwADDlGQPxAwgAEAEAAAAgAQAAAEARUPFvIXABAAAAgAFwoFehAUDJcYAOh-XscvsDAOBBAQQAQACDBECAM7AEYENz8QQAAAAAAAAAgOX___8_BkDP4E4GIIQvswfgwQfggaigsogRAAAAwCfMDcHRpE6oLKoAAAjSrQCuAAAC9nDP8G3DAAAABMYW6GHx-80Ou8bvdhkAAAAAAAAAgNn_2T-aUJReeBrQ5LWC2i8gAMDaLyAAAJu6AQC8CcAFHUErBoPVBcTsAAAAAO7-____9UBqtBy5bMaZZWXaDIcT22azWM4WlsXKOVvMXLOJ9wxpp1otxIrx-0KEZfb7DgrK6ekxuwyiouttsTucZs9BfNAwLCeDYH4TthitJpPNcjhbLiaD4Wg4Gu1PICcDnIjBcjmZLCa71Wg12gx3o9lggQIxmCBFiwaT1Wg0WUyGq9FkNVsudrsNUrRqNRttBsPVbDLb7VbDwXA5GuGELUaryWSzHM6Wi8lgOBqORkOEEc9s4zDsNm7dwuJci2bGyVo58RjWGt_GOVxOXDbjbuUWvT6m42RlsjkXXhQMSNqL4CKdqO4ml-V0dFkeJoflIpZoThbpRHbZt0bLkctmnFlWps1wOLFtNovlbGFZrJyzxcw1m_grntnGYdht3LqFxbkWzYyTtXLiMaw1vo1zuJy4bMbdyi16fUzHycpkcy78jdlmMBzORpPZvjHbDIbD2Wgy23foDN_V52wUB8Xljk6s3I173pj5oHAZLN7f0SKN3Xozo8o2tlhUt2HON7EK_X6_3-_3-_1-v3djNngMBsPQmRBNp9bXTxsWfzfeg0ERSwSni3QiehlPF7FE8rRIJ6rhajVbjZwzw2iz2ngWrsFqZjFONjOLzbRyLScWsURpukgnernL9_kLLi-302V5-Vt2u7_ksrhO_7rL9689TS6_v-a3_DsO08Ps_Jwu6j8uxGo5Fw3nqtVctEoAAAAAAAAAAEuYM28CAAAAcBrEbrHY7JYL8PAHrwsMAgAAAAAAsLvCppm_mtw_UNz4cUPdTS7L6eiyPEwOy5k3eyaItVotawAAAAFsAACAAG7dvAWcSHI!&excid=22&docw=0&cijs=1&nlb=true
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.undertheradarmag.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: t_gid=e573e6c2-59e4-4de2-ae25-7300b5d31ba0-tuct82edfa2
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://www.undertheradarmag.com/

Response headers

server: nginx
date: Mon, 06 Sep 2021 00:00:35 GMT
content-type: text/html;charset=ISO-8859-1
machineid: 3402

GET
H3-29 200 DcmEnabler_01_245.js Show response
s0.2mdn.net/879366/ Frame A126 28 KB
10 KB 35ms
9ms Script
text/javascript 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/DcmEnabler_01_245.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9957158/1622818134107/Template_160x600/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18c864956bf2492c5c86e79b0fec65f0ecbb4b02bfdcfe854b2c5501857fecdb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/9957158/1622818134107/Template_160x600/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 05 Sep 2021 19:16:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 17056
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10285
x-xss-protection: 0
last-modified: Wed, 14 Oct 2020 19:32:53 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 06 Sep 2021 19:16:19 GMT

GET
H/1.1

200
OK

request.php Show response
hal90005.redintelligence.net/ Frame C38C
Redirect Chain

https://hal90005.redintelligence.net/request.php?zone=5imww12akvzn&nw=20&renderingType=javascript&namespace=d9ceeee733&subid=&uid=a9cbf5e4a807924d&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...
https://hal90005.redintelligence.net/request.php?zone=5imww12akvzn&nw=20&renderingType=javascript&namespace=d9ceeee733&subid=&uid=a9cbf5e4a807924d&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...

3 KB
2 KB

237ms
88ms

Script
application/x-javascript

138.201.63.165
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90005.redintelligence.net/request.php?zone=5imww12akvzn&nw=20&renderingType=javascript&namespace=d9ceeee733&subid=&uid=a9cbf5e4a807924d&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCEKU0Glo1YZncCtqKrASx15KoBuKw3PBfnonW-4kL8C4QASDqu74PYJGEgID8F8gBCakCt872iB_usz6oAwGqBNsBT9BllFVg5mUbJjqJbQl3JtV5AauOh_FfeTrCZHpAb9m5Gl93YD-wULRcIoyuoq8ftA80IeQs6a8foLPBV_EgNlfFHRO5Txi4Ml-xOCQnb0CJnujQClsWJ5yqu48dSCBtp144gj6rtP3uFGF27Eo14t10T50839ymIF75dqtwzPrjNg7Go7EtAnit-B8SIchwKhvaII1ES4eGnxp13j0l-JBLZZZxScMx_Fv4_O8Y0lCQPjpZu_JMFh7dTu_sjxQNLawtnC_o_2ghq-_yIa5pWK3oWLEoiXPWo_yowATb87331AHgBAOQBgGgBk2AB-vn6F6oB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiI4YAQEAEYHYAKAZgLAcgLAYAMAbATtda5DNATANgTA4gUAdgUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASFeRokUELHibDCAp6Gjl3MOYpBCCs7Q%26sig%3DAOD64_3Ht95Army6_Oz-juF4ugDCyB0E6g%26client%3Dca-pub-7213021641226731%26dbm_c%3DAKAmf-Brfs9Ug7meHokj6WwP5nqzJS0vff0kCtg8V-uYp2_DJUX96c9ld7yLoKs1dGVxsFZsd_jeebZS751MlL1MKKdg0jGRc_vXXODSY8h186PgccCGdx1iy5G3UApFtmOGpQT6c04Ur_5MsSRBgzKFrMUUU--Vpg%26cry%3D1%26dbm_d%3DAKAmf-CbTdYYDYjYVpz7RaY8lK2k5cSJ9PhcXhXFgogVMIEiGhQytC9f-m_31qQNR_x8Bmh9uOb_8vn6h5gdn5xIBTD0WIb_C-QypGvut-SrSuRDpgmRxb5LjCFKd5VnTtn3BWeVz3vG_mZZPG2fLN-sPEqavvxiPBodmpu9NhSzjjBIOpFZNUFE-p-nEmL3xf1t4cX0E2vPnuROYnZpC_0j6y23phiS8C8AuJV_0ummdCxgbMX14vwebMM6Ffc8g_uWQGlX6R-tB3Yvy9bkKtMFV92XwCoKgs0tvwkaewST_EwTP1jcv6R0Dw0CPojcO3pEzWl2bw2MX2sDTjfPPpCtBMM8zVlZKnd-jjSE-1rcbNVFbR42xQ_3udC4cN1uFzhN_a9RFjv9yM8ptj61Smwb-On56iczrleEqN7UtfdrrwzDIMq5_3k74JBpYpMzRZtOwkHC5fLqMG-J7iIQNygbmyiBYEhLztdk8nn7VG91VxqBLQ0C_NCKy6QtZ10x7wT4hPg8G7-BuUGahKxuxdGVMfkT8mHT8A%26adurl%3D&documentReferer=https%3A%2F%2Fwww.undertheradarmag.com%2F&ancestorOrigins=https%3A%2F%2Fwww.undertheradarmag.com&random=3735855567631&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by: Host: dd97950f1a8a919d39db5fcf83f03a78.safeframe.googlesyndication.com
URL: https://dd97950f1a8a919d39db5fcf83f03a78.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.165 Hockenheim, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.165.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 0c38309fd43b17d4d4c50f6428e20d5b871c3f121afc8565ff93c6943144e88d

Request headers

Referer: https://dd97950f1a8a919d39db5fcf83f03a78.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 06 Sep 2021 00:00:36 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 88142800007345000719590011709005
Connection: close
Content-Type: application/x-javascript; charset=utf-8
Content-Length: 1037
Expires: Mon, 06 Sep 2021 01:00:36 +0200

Redirect headers

Pragma: no-cache
Date: Mon, 06 Sep 2021 00:00:36 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=5imww12akvzn&nw=20&renderingType=javascript&namespace=d9ceeee733&subid=&uid=a9cbf5e4a807924d&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCEKU0Glo1YZncCtqKrASx15KoBuKw3PBfnonW-4kL8C4QASDqu74PYJGEgID8F8gBCakCt872iB_usz6oAwGqBNsBT9BllFVg5mUbJjqJbQl3JtV5AauOh_FfeTrCZHpAb9m5Gl93YD-wULRcIoyuoq8ftA80IeQs6a8foLPBV_EgNlfFHRO5Txi4Ml-xOCQnb0CJnujQClsWJ5yqu48dSCBtp144gj6rtP3uFGF27Eo14t10T50839ymIF75dqtwzPrjNg7Go7EtAnit-B8SIchwKhvaII1ES4eGnxp13j0l-JBLZZZxScMx_Fv4_O8Y0lCQPjpZu_JMFh7dTu_sjxQNLawtnC_o_2ghq-_yIa5pWK3oWLEoiXPWo_yowATb87331AHgBAOQBgGgBk2AB-vn6F6oB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiI4YAQEAEYHYAKAZgLAcgLAYAMAbATtda5DNATANgTA4gUAdgUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASFeRokUELHibDCAp6Gjl3MOYpBCCs7Q%26sig%3DAOD64_3Ht95Army6_Oz-juF4ugDCyB0E6g%26client%3Dca-pub-7213021641226731%26dbm_c%3DAKAmf-Brfs9Ug7meHokj6WwP5nqzJS0vff0kCtg8V-uYp2_DJUX96c9ld7yLoKs1dGVxsFZsd_jeebZS751MlL1MKKdg0jGRc_vXXODSY8h186PgccCGdx1iy5G3UApFtmOGpQT6c04Ur_5MsSRBgzKFrMUUU--Vpg%26cry%3D1%26dbm_d%3DAKAmf-CbTdYYDYjYVpz7RaY8lK2k5cSJ9PhcXhXFgogVMIEiGhQytC9f-m_31qQNR_x8Bmh9uOb_8vn6h5gdn5xIBTD0WIb_C-QypGvut-SrSuRDpgmRxb5LjCFKd5VnTtn3BWeVz3vG_mZZPG2fLN-sPEqavvxiPBodmpu9NhSzjjBIOpFZNUFE-p-nEmL3xf1t4cX0E2vPnuROYnZpC_0j6y23phiS8C8AuJV_0ummdCxgbMX14vwebMM6Ffc8g_uWQGlX6R-tB3Yvy9bkKtMFV92XwCoKgs0tvwkaewST_EwTP1jcv6R0Dw0CPojcO3pEzWl2bw2MX2sDTjfPPpCtBMM8zVlZKnd-jjSE-1rcbNVFbR42xQ_3udC4cN1uFzhN_a9RFjv9yM8ptj61Smwb-On56iczrleEqN7UtfdrrwzDIMq5_3k74JBpYpMzRZtOwkHC5fLqMG-J7iIQNygbmyiBYEhLztdk8nn7VG91VxqBLQ0C_NCKy6QtZ10x7wT4hPg8G7-BuUGahKxuxdGVMfkT8mHT8A%26adurl%3D&documentReferer=https%3A%2F%2Fwww.undertheradarmag.com%2F&ancestorOrigins=https%3A%2F%2Fwww.undertheradarmag.com&random=3735855567631&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Expires: Mon, 06 Sep 2021 01:00:36 +0200

POST
H2 200 VideoBidRequestHandlerServlet Show response
wf.taboola.com/ 5 KB
3 KB 144ms
65ms XHR
application/json 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=5479985&noaop=5&sortOrderType=0&cb=1630886436159&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=2&pv=1264&pt=336712214&tz=120&viewable=true&ddast=V7f9ACFgMIKlgGtjzDhwQIKlgGtjzDhwUAAAAGBvQHGsHYTZaD0W5D2S2Gg8FuMpttJovlcrYbAkcwdpPlYLTbUHaL4WCwm6wWk9VuORyNhqMpfBjLZTKoBRKW2e87KCinp8fsMoiKrrfF7nCaPW94QtPp8Lnu9brf7666m1yW09FleZgclrfDZ9f43X65y_f5Cy4vt9Nleflbdru_5LK4Tv-6y_evPU0uv7_mt_w7DtPD7Pyc7gAAAADwADDlGQPxAwgAEAEAAAAgAQAAAEARUPFvIXABAAAAgAFwoFehAUDJcYAOh-XscvsDAOBBAQQAQACDBECAM7AEYENz8QQAAAAAAAAAgOX___8_BkDP4E4GIIQvswfgwQfggaigsogRAAAAwCfMDcHRpE6oLKoAAAjSrQCuAAAC9nDP8G3DAAAABMYW6GHx-80Ou8bvdhkAAAAAAAAAgNn_2T-aUJReeBrQ5LWC2i8gAMDaLyAAAJu6AQC8CcAFHUErBoPVBcTsAAAAAO7-____9UBqtBy5bMaZZWXaDIcT22azWM4WlsXKOVvMXLOJ9wxpp1otxIrx-0KEZfb7DgrK6ekxuwyiouttsTucZs9BfNAwLCeDYH4TthitJpPNcjhbLiaD4Wg4Gu1PICcDnIjBcjmZLCa71Wg12gx3o9lggQIxmCBFiwaT1Wg0WUyGq9FkNVsudrsNUrRqNRttBsPVbDLb7VbDwXA5GuGELUaryWSzHM6Wi8lgOBqORkOEEc9s4zDsNm7dwuJci2bGyVo58RjWGt_GOVxOXDbjbuUWvT6m42RlsjkXXhQMSNqL4CKdqO4ml-V0dFkeJoflIpZoThbpRHbZt0bLkctmnFlWps1wOLFtNovlbGFZrJyzxcw1m_grntnGYdht3LqFxbkWzYyTtXLiMaw1vo1zuJy4bMbdyi16fUzHycpkcy78jdlmMBzORpPZvjHbDIbD2Wgy23foDN_V52wUB8Xljk6s3I173pj5oHAZLN7f0SKN3Xozo8o2tlhUt2HON7EK_X6_3-_3-_1-v3djNngMBsPQmRBNp9bXTxsWfzfeg0ERSwSni3QiehlPF7FE8rRIJ6rhajVbjZwzw2iz2ngWrsFqZjFONjOLzbRyLScWsURpukgnernL9_kLLi-302V5-Vt2u7_ksrhO_7rL9689TS6_v-a3_DsO08Ps_Jwu6j8uxGo5Fw3nqtVctEoAAAAAAAAAAEuYM28CAAAAcBrEbrHY7JYL8PAHrwsMAgAAAAAAsLvCppm_mtw_UNz4cUPdTS7L6eiyPEwOy5k3eyaItVotawAAAAFsAACAAG7dvAWcSHI!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=7&ft=0&pb=0&pagg=1&sd=undefined&dtagid=1809035&dpubid=171137&abtst=aat1_vA!adh5c-1_vA!smbs!spa2_vA!t45!ufm_vG!vzr_vB&mPre=0.033&cirf=https%3A%2F%2Fwww.undertheradarmag.com&en=1&subu=3
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v12.6.4/OvaMediaPlayer.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 9e04af63c8f15dbbc299af077f30647c2e77878c5473c1e1c30649761416c200

Request headers

Referer: https://www.undertheradarmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-type: text/plain

Response headers

date: Mon, 06 Sep 2021 00:00:36 GMT
content-encoding: gzip
access-control-allow-origin: https://www.undertheradarmag.com
machineid: 1407
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-fra19173-FRA
pragma: no-cache
server: nginx
x-timer: S1630886436.289809,VS0,VE56
vary: Accept-Encoding
content-type: application/json;charset=utf-8
via: 1.1 varnish
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
accept-ranges: bytes
link: <https://search.spotxchange.com>; rel=preconnect
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK vast.xml Show response
video-ads.rubiconproject.com/video/16698/144084/1761844/203/ 4 KB
2 KB 256ms
47ms XHR
text/xml 104.111.230.142
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://video-ads.rubiconproject.com/video/16698/144084/1761844/203/vast.xml?rf=https%3A%2F%2Fwww.undertheradarmag.com&gdpr=1&p_aso.video.maxduration=60&us_privacy=1---
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v12.6.4/OvaMediaPlayer.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-230-142.deploy.static.akamaitechnologies.com
Software: Apache/2.4.6 (CentOS) PHP/5.4.16 / PHP/5.4.16
Resource Hash: 47e9e00a21274e240f94e37af0789e4365f4514456be81085f406a6e1006870b

Request headers

Referer: https://www.undertheradarmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 06 Sep 2021 00:00:36 GMT
Content-Encoding: gzip
Server: Apache/2.4.6 (CentOS) PHP/5.4.16
X-Powered-By: PHP/5.4.16
Vary: Accept-Encoding
Access-Control-Allow-Methods: POST, GET, PUT, OPTIONS, PATCH, DELETE
Content-Type: text/xml
Access-Control-Allow-Origin: https://www.undertheradarmag.com
Cache-Control: public, must-revalidate, max-age=0, s-maxage=600
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: X-Accept-Charset,X-Accept,Content-Type
Content-Length: 1518
Expires: Mon, 06 Sep 2021 00:00:36 GMT

GET
H/1.1 200
OK s3HE3sPl14rh4AB_pxEbyq+HVGYgiZbnLQB34ZLFN7llpSvFioSnWA== Show response
ads.adaptv.advertising.com/a/h/ 249 B
554 B 313ms
105ms XHR
text/xml 18.159.16.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.adaptv.advertising.com/a/h/s3HE3sPl14rh4AB_pxEbyq+HVGYgiZbnLQB34ZLFN7llpSvFioSnWA==?pet=preroll&pageUrl=https%3A%2F%2Fwww.undertheradarmag.com&eov=eov&context=activity%3DGeneralDesktop4Secure&categories=inline&cb=R0.1630886436193&a.ip=159.48.55.4&a.ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F92.0.4515.159%20Safari%2F537.36&pi.width=700&pi.height=393&pi.viewable=-1&gdpr=1&duration=60&us_privacy=1---

Requested by

Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v12.6.4/OvaMediaPlayer.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.159.16.69 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-159-16-69.eu-central-1.compute.amazonaws.com

Software

adaptv/1.0 /

Resource Hash

6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.undertheradarmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
server: adaptv/1.0
content-type: text/xml
access-control-allow-origin: https://www.undertheradarmag.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 192
expires: 0

GET
H/1.1 200
OK 314339 Show response
search.spotxchange.com/vast/2.00/ 67 B
1 KB 266ms
77ms XHR
text/xml 185.94.180.123
SPOTX-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://search.spotxchange.com/vast/2.00/314339?VPAID=js&content_page_url=https%3A%2F%2Fwww.undertheradarmag.com%2Fnews%2Fpremiere_enn_debut_new_video_for_catalyst&player_width=700&player_height=393&vid_duration=NaN&content_id=inline&ad_mute=1&custom_skin=1&custom[content][]=IAB1&custom[pub_lang]=en&schain=1.0,1!taboola.com,1015792,1,-1508480695&gdpr=1&gdpr_consent=&playtime=60&us_privacy=1---
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v12.6.4/OvaMediaPlayer.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 185.94.180.123 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: 78e958d620d6e40a19e424eee3a9b23932cd9bfa4d7f736442048777d203052d

Request headers

Referer: https://www.undertheradarmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-type: text/plain

Response headers

Date: Mon, 06 Sep 2021 00:00:36 GMT
Content-Encoding: gzip
X-SpotX-Timing-Transform: 0.000296
X-SpotX-Timing-SpotMarket: 0.006855
X-SpotX-Timing-Page-Mux: 0.000231
X-SpotX-Timing-Page-Require: 0.000278
X-fe: 092
Connection: keep-alive
X-SpotX-Timing-Page-Cookie: 0.000036
Content-Length: 77
X-SpotX-Timing-Page: 0.012164
Pragma: no-cache
X-SpotX-Timing-Page-Context: 0.000284
Last-Modified: Mon, 06 Sep 2021 00:00:36 GMT
Server: nginx
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Methods: POST, GET, PATCH, DELETE, OPTIONS
Vary: Accept-Encoding
X-SpotX-Timing-SpotMarket-Primary: 0.006855
Content-Type: text/xml;charset=UTF-8
Access-Control-Allow-Origin: https://www.undertheradarmag.com
X-SpotX-Timing-Page-Misc: 0.004173
X-SpotX-Timing-Page-Exception: 0.000001
X-SpotX-Timing-SpotMarket-Secondary: 0.000000
X-SpotX-Timing-Page-URI: 0.000010
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

ac Show response
www8.smartadserver.com/
Redirect Chain

https://www8.smartadserver.com/ac?siteid=353075&pgid=1236238&fmtid=85711&ab=1&tgt=&oc=1&out=vast2&ps=1&pb=0&visit=S&vcn=s&tmstp=R0.1630886436195&pgDomain=www.undertheradarmag.com&vpw=700&vph=393&gd...
https://www8.smartadserver.com/ac?siteid=353075&pgid=1236238&fmtid=85711&ab=1&tgt=&oc=1&out=vast2&ps=1&pb=0&visit=S&vcn=s&tmstp=R0.1630886436195&pgDomain=www.undertheradarmag.com&vpw=700&vph=393&gd...

129 B
522 B

96ms
43ms

XHR
text/xml

185.86.137.17
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://www8.smartadserver.com/ac?siteid=353075&pgid=1236238&fmtid=85711&ab=1&tgt=&oc=1&out=vast2&ps=1&pb=0&visit=S&vcn=s&tmstp=R0.1630886436195&pgDomain=www.undertheradarmag.com&vpw=700&vph=393&gdpr=1&gdpr_consent=&us_privacy=1---&cklb=1
Requested by: Host: www.undertheradarmag.com
URL: https://www.undertheradarmag.com/news/premiere_enn_debut_new_video_for_catalyst
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.17 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 0c6bcd65a3aeeb3b29f12abaf14e4a224a7c04b33baaa6407490f910c14cd201

Request headers

Referer: https://www.undertheradarmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Sep 2021 00:00:35 GMT
content-encoding: br
vary: Accept-Encoding
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://www.undertheradarmag.com
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: text/xml; charset=UTF-8
transfer-encoding: chunked

Redirect headers

pragma: no-cache
date: Mon, 06 Sep 2021 00:00:35 GMT
location: https://www8.smartadserver.com/ac?siteid=353075&pgid=1236238&fmtid=85711&ab=1&tgt=&oc=1&out=vast2&ps=1&pb=0&visit=S&vcn=s&tmstp=R0.1630886436195&pgDomain=www.undertheradarmag.com&vpw=700&vph=393&gdpr=1&gdpr_consent=&us_privacy=1---&cklb=1
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://www.undertheradarmag.com
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-length: 0

GET
H/1.1 200
OK 286772 Show response
search.spotxchange.com/vast/2.00/ 67 B
1 KB 252ms
77ms XHR
text/xml 185.94.180.123
SPOTX-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://search.spotxchange.com/vast/2.00/286772?VPAID=js&content_page_url=https%3A%2F%2Fwww.undertheradarmag.com%2Fnews%2Fpremiere_enn_debut_new_video_for_catalyst&player_width=700&player_height=393&vid_duration=NaN&content_id=inline&ad_mute=1&custom_skin=1&custom[content][]=IAB1&custom[pub_lang]=en&schain=1.0,1!taboola.com,1015792,1,-1508480695&gdpr=1&gdpr_consent=&playtime=60&us_privacy=1---
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v12.6.4/OvaMediaPlayer.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 185.94.180.123 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: 78e958d620d6e40a19e424eee3a9b23932cd9bfa4d7f736442048777d203052d

Request headers

Referer: https://www.undertheradarmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-type: text/plain

Response headers

Date: Mon, 06 Sep 2021 00:00:36 GMT
Content-Encoding: gzip
X-SpotX-Timing-Transform: 0.000334
X-SpotX-Timing-SpotMarket: 0.008568
X-SpotX-Timing-Page-Mux: 0.000223
X-SpotX-Timing-Page-Require: 0.000382
X-fe: 023
Connection: keep-alive
X-SpotX-Timing-Page-Cookie: 0.000004
Content-Length: 77
X-SpotX-Timing-Page: 0.011827
Pragma: no-cache
X-SpotX-Timing-Page-Context: 0.000344
Last-Modified: Mon, 06 Sep 2021 00:00:36 GMT
Server: nginx
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Methods: POST, GET, PATCH, DELETE, OPTIONS
Vary: Accept-Encoding
X-SpotX-Timing-SpotMarket-Primary: 0.008568
Content-Type: text/xml;charset=UTF-8
Access-Control-Allow-Origin: https://www.undertheradarmag.com
X-SpotX-Timing-Page-Misc: 0.001960
X-SpotX-Timing-Page-Exception: 0.000001
X-SpotX-Timing-SpotMarket-Secondary: 0.000000
X-SpotX-Timing-Page-URI: 0.000011
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
BLOB 206
Partial Content 1ff20d9a-c4b9-4b64-b4db-1c39a862b14b
https://www.undertheradarmag.com/ 1 KB
0 Media
video/mp4

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.undertheradarmag.com/1ff20d9a-c4b9-4b64-b4db-1c39a862b14b
Requested by: Host: www.undertheradarmag.com
URL: https://www.undertheradarmag.com/news/premiere_enn_debut_new_video_for_catalyst
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Range: bytes=0-

Response headers

Content-Range: bytes 0-1492/1493
Content-Length: 1493
Content-Type: video/mp4

GET
BLOB 206
Partial Content 2dd0fe35-352c-4645-8acb-51a177e7b66e
https://www.undertheradarmag.com/ 1 KB
0 Media
video/mp4

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.undertheradarmag.com/2dd0fe35-352c-4645-8acb-51a177e7b66e
Requested by: Host: www.undertheradarmag.com
URL: https://www.undertheradarmag.com/news/premiere_enn_debut_new_video_for_catalyst
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Range: bytes=0-

Response headers

Content-Range: bytes 0-1492/1493
Content-Length: 1493
Content-Type: video/mp4

GET
H3-29 200 WyPn2IgoBqLw06x46K_q_eg8d-IpxicgJR-1ncxoZqI.js Show response
pagead2.googlesyndication.com/bg/ Frame 6F40 35 KB
13 KB 107ms
57ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/WyPn2IgoBqLw06x46K_q_eg8d-IpxicgJR-1ncxoZqI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5b23e7d8882806a2f0d3ac78e8afeafde83c77e229c62720251fb59dcc6866a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 05 Sep 2021 20:19:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13290
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13351
x-xss-protection: 0
last-modified: Mon, 30 Aug 2021 12:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 05 Sep 2022 20:19:06 GMT

GET
H3-29 200 WyPn2IgoBqLw06x46K_q_eg8d-IpxicgJR-1ncxoZqI.js Show response
pagead2.googlesyndication.com/bg/ Frame F93F 35 KB
13 KB 144ms
82ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/WyPn2IgoBqLw06x46K_q_eg8d-IpxicgJR-1ncxoZqI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5b23e7d8882806a2f0d3ac78e8afeafde83c77e229c62720251fb59dcc6866a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 05 Sep 2021 20:19:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13290
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13351
x-xss-protection: 0
last-modified: Mon, 30 Aug 2021 12:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 05 Sep 2022 20:19:06 GMT

GET
H3-29 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 16F0 22 KB
8 KB 63ms
38ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://dd97950f1a8a919d39db5fcf83f03a78.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://dd97950f1a8a919d39db5fcf83f03a78.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8395
date: Sun, 05 Sep 2021 10:19:55 GMT
expires: Mon, 05 Sep 2022 10:19:55 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 49241
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 404 null
s0.2mdn.net/9957158/1622818134107/Template_160x600/ Frame A126 43 B
60 B 1255ms
1180ms Image
image/gif 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9957158/1622818134107/Template_160x600/null

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9957158/1622818134107/Template_160x600/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/9957158/1622818134107/Template_160x600/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 06 Sep 2021 00:00:37 GMT
x-content-type-options: nosniff
server: sffe
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=900
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
expires: Mon, 06 Sep 2021 00:15:37 GMT

GET
H2 200 sync
taboola-supply-partners.tremorhub.com/ Frame 7668 43 B
182 B 202ms
102ms Image
image/gif 2600:1f18:612b:4232:edc2:aa62:52b8:50a9
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://taboola-supply-partners.tremorhub.com/sync?UISTB=%3CtaboolaUserId%3E&gdpr=1&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26taboola_hm%3D%5BTVUSER_ID%5D%26orig%3Dvideo
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7f9ACFgMIKlgGtjzDhwQIKlgGtjzDhwUAAAAGBvQHGsHYTZaD0W5D2S2Gg8FuMpttJovlcrYbAkcwdpPlYLTbUHaL4WCwm6wWk9VuORyNhqMpfBjLZTKoBRKW2e87KCinp8fsMoiKrrfF7nCaPW94QtPp8Lnu9brf7666m1yW09FleZgclrfDZ9f43X65y_f5Cy4vt9Nleflbdru_5LK4Tv-6y_evPU0uv7_mt_w7DtPD7Pyc7gAAAADwADDlGQPxAwgAEAEAAAAgAQAAAEARUPFvIXABAAAAgAFwoFehAUDJcYAOh-XscvsDAOBBAQQAQACDBECAM7AEYENz8QQAAAAAAAAAgOX___8_BkDP4E4GIIQvswfgwQfggaigsogRAAAAwCfMDcHRpE6oLKoAAAjSrQCuAAAC9nDP8G3DAAAABMYW6GHx-80Ou8bvdhkAAAAAAAAAgNn_2T-aUJReeBrQ5LWC2i8gAMDaLyAAAJu6AQC8CcAFHUErBoPVBcTsAAAAAO7-____9UBqtBy5bMaZZWXaDIcT22azWM4WlsXKOVvMXLOJ9wxpp1otxIrx-0KEZfb7DgrK6ekxuwyiouttsTucZs9BfNAwLCeDYH4TthitJpPNcjhbLiaD4Wg4Gu1PICcDnIjBcjmZLCa71Wg12gx3o9lggQIxmCBFiwaT1Wg0WUyGq9FkNVsudrsNUrRqNRttBsPVbDLb7VbDwXA5GuGELUaryWSzHM6Wi8lgOBqORkOEEc9s4zDsNm7dwuJci2bGyVo58RjWGt_GOVxOXDbjbuUWvT6m42RlsjkXXhQMSNqL4CKdqO4ml-V0dFkeJoflIpZoThbpRHbZt0bLkctmnFlWps1wOLFtNovlbGFZrJyzxcw1m_grntnGYdht3LqFxbkWzYyTtXLiMaw1vo1zuJy4bMbdyi16fUzHycpkcy78jdlmMBzORpPZvjHbDIbD2Wgy23foDN_V52wUB8Xljk6s3I173pj5oHAZLN7f0SKN3Xozo8o2tlhUt2HON7EK_X6_3-_3-_1-v3djNngMBsPQmRBNp9bXTxsWfzfeg0ERSwSni3QiehlPF7FE8rRIJ6rhajVbjZwzw2iz2ngWrsFqZjFONjOLzbRyLScWsURpukgnernL9_kLLi-302V5-Vt2u7_ksrhO_7rL9689TS6_v-a3_DsO08Ps_Jwu6j8uxGo5Fw3nqtVctEoAAAAAAAAAAEuYM28CAAAAcBrEbrHY7JYL8PAHrwsMAgAAAAAAsLvCppm_mtw_UNz4cUPdTS7L6eiyPEwOy5k3eyaItVotawAAAAFsAACAAG7dvAWcSHI!&excid=22&docw=0&cijs=1&nlb=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4232:edc2:aa62:52b8:50a9 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 06 Sep 2021 00:00:36 GMT
server: Apache-Coyote/1.1
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type: image/gif

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 7668 70 B
264 B 185ms
99ms Image
image/gif 13.248.242.197
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7f9ACFgMIKlgGtjzDhwQIKlgGtjzDhwUAAAAGBvQHGsHYTZaD0W5D2S2Gg8FuMpttJovlcrYbAkcwdpPlYLTbUHaL4WCwm6wWk9VuORyNhqMpfBjLZTKoBRKW2e87KCinp8fsMoiKrrfF7nCaPW94QtPp8Lnu9brf7666m1yW09FleZgclrfDZ9f43X65y_f5Cy4vt9Nleflbdru_5LK4Tv-6y_evPU0uv7_mt_w7DtPD7Pyc7gAAAADwADDlGQPxAwgAEAEAAAAgAQAAAEARUPFvIXABAAAAgAFwoFehAUDJcYAOh-XscvsDAOBBAQQAQACDBECAM7AEYENz8QQAAAAAAAAAgOX___8_BkDP4E4GIIQvswfgwQfggaigsogRAAAAwCfMDcHRpE6oLKoAAAjSrQCuAAAC9nDP8G3DAAAABMYW6GHx-80Ou8bvdhkAAAAAAAAAgNn_2T-aUJReeBrQ5LWC2i8gAMDaLyAAAJu6AQC8CcAFHUErBoPVBcTsAAAAAO7-____9UBqtBy5bMaZZWXaDIcT22azWM4WlsXKOVvMXLOJ9wxpp1otxIrx-0KEZfb7DgrK6ekxuwyiouttsTucZs9BfNAwLCeDYH4TthitJpPNcjhbLiaD4Wg4Gu1PICcDnIjBcjmZLCa71Wg12gx3o9lggQIxmCBFiwaT1Wg0WUyGq9FkNVsudrsNUrRqNRttBsPVbDLb7VbDwXA5GuGELUaryWSzHM6Wi8lgOBqORkOEEc9s4zDsNm7dwuJci2bGyVo58RjWGt_GOVxOXDbjbuUWvT6m42RlsjkXXhQMSNqL4CKdqO4ml-V0dFkeJoflIpZoThbpRHbZt0bLkctmnFlWps1wOLFtNovlbGFZrJyzxcw1m_grntnGYdht3LqFxbkWzYyTtXLiMaw1vo1zuJy4bMbdyi16fUzHycpkcy78jdlmMBzORpPZvjHbDIbD2Wgy23foDN_V52wUB8Xljk6s3I173pj5oHAZLN7f0SKN3Xozo8o2tlhUt2HON7EK_X6_3-_3-_1-v3djNngMBsPQmRBNp9bXTxsWfzfeg0ERSwSni3QiehlPF7FE8rRIJ6rhajVbjZwzw2iz2ngWrsFqZjFONjOLzbRyLScWsURpukgnernL9_kLLi-302V5-Vt2u7_ksrhO_7rL9689TS6_v-a3_DsO08Ps_Jwu6j8uxGo5Fw3nqtVctEoAAAAAAAAAAEuYM28CAAAAcBrEbrHY7JYL8PAHrwsMAgAAAAAAsLvCppm_mtw_UNz4cUPdTS7L6eiyPEwOy5k3eyaItVotawAAAAFsAACAAG7dvAWcSHI!&excid=22&docw=0&cijs=1&nlb=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a97adde81b00f2ca4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Sep 2021 00:00:36 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 sync
x.bidswitch.net/ Frame 7668 43 B
145 B 153ms
67ms Image
image/gif 18.195.239.175
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7f9ACFgMIKlgGtjzDhwQIKlgGtjzDhwUAAAAGBvQHGsHYTZaD0W5D2S2Gg8FuMpttJovlcrYbAkcwdpPlYLTbUHaL4WCwm6wWk9VuORyNhqMpfBjLZTKoBRKW2e87KCinp8fsMoiKrrfF7nCaPW94QtPp8Lnu9brf7666m1yW09FleZgclrfDZ9f43X65y_f5Cy4vt9Nleflbdru_5LK4Tv-6y_evPU0uv7_mt_w7DtPD7Pyc7gAAAADwADDlGQPxAwgAEAEAAAAgAQAAAEARUPFvIXABAAAAgAFwoFehAUDJcYAOh-XscvsDAOBBAQQAQACDBECAM7AEYENz8QQAAAAAAAAAgOX___8_BkDP4E4GIIQvswfgwQfggaigsogRAAAAwCfMDcHRpE6oLKoAAAjSrQCuAAAC9nDP8G3DAAAABMYW6GHx-80Ou8bvdhkAAAAAAAAAgNn_2T-aUJReeBrQ5LWC2i8gAMDaLyAAAJu6AQC8CcAFHUErBoPVBcTsAAAAAO7-____9UBqtBy5bMaZZWXaDIcT22azWM4WlsXKOVvMXLOJ9wxpp1otxIrx-0KEZfb7DgrK6ekxuwyiouttsTucZs9BfNAwLCeDYH4TthitJpPNcjhbLiaD4Wg4Gu1PICcDnIjBcjmZLCa71Wg12gx3o9lggQIxmCBFiwaT1Wg0WUyGq9FkNVsudrsNUrRqNRttBsPVbDLb7VbDwXA5GuGELUaryWSzHM6Wi8lgOBqORkOEEc9s4zDsNm7dwuJci2bGyVo58RjWGt_GOVxOXDbjbuUWvT6m42RlsjkXXhQMSNqL4CKdqO4ml-V0dFkeJoflIpZoThbpRHbZt0bLkctmnFlWps1wOLFtNovlbGFZrJyzxcw1m_grntnGYdht3LqFxbkWzYyTtXLiMaw1vo1zuJy4bMbdyi16fUzHycpkcy78jdlmMBzORpPZvjHbDIbD2Wgy23foDN_V52wUB8Xljk6s3I173pj5oHAZLN7f0SKN3Xozo8o2tlhUt2HON7EK_X6_3-_3-_1-v3djNngMBsPQmRBNp9bXTxsWfzfeg0ERSwSni3QiehlPF7FE8rRIJ6rhajVbjZwzw2iz2ngWrsFqZjFONjOLzbRyLScWsURpukgnernL9_kLLi-302V5-Vt2u7_ksrhO_7rL9689TS6_v-a3_DsO08Ps_Jwu6j8uxGo5Fw3nqtVctEoAAAAAAAAAAEuYM28CAAAAcBrEbrHY7JYL8PAHrwsMAgAAAAAAsLvCppm_mtw_UNz4cUPdTS7L6eiyPEwOy5k3eyaItVotawAAAAFsAACAAG7dvAWcSHI!&excid=22&docw=0&cijs=1&nlb=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.239.175 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-239-175.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 06 Sep 2021 00:00:36 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame F32E
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=

281 B
554 B

82ms
26ms

Document
text/html

104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7f9ACFgMIKlgGtjzDhwQIKlgGtjzDhwUAAAAGBvQHGsHYTZaD0W5D2S2Gg8FuMpttJovlcrYbAkcwdpPlYLTbUHaL4WCwm6wWk9VuORyNhqMpfBjLZTKoBRKW2e87KCinp8fsMoiKrrfF7nCaPW94QtPp8Lnu9brf7666m1yW09FleZgclrfDZ9f43X65y_f5Cy4vt9Nleflbdru_5LK4Tv-6y_evPU0uv7_mt_w7DtPD7Pyc7gAAAADwADDlGQPxAwgAEAEAAAAgAQAAAEARUPFvIXABAAAAgAFwoFehAUDJcYAOh-XscvsDAOBBAQQAQACDBECAM7AEYENz8QQAAAAAAAAAgOX___8_BkDP4E4GIIQvswfgwQfggaigsogRAAAAwCfMDcHRpE6oLKoAAAjSrQCuAAAC9nDP8G3DAAAABMYW6GHx-80Ou8bvdhkAAAAAAAAAgNn_2T-aUJReeBrQ5LWC2i8gAMDaLyAAAJu6AQC8CcAFHUErBoPVBcTsAAAAAO7-____9UBqtBy5bMaZZWXaDIcT22azWM4WlsXKOVvMXLOJ9wxpp1otxIrx-0KEZfb7DgrK6ekxuwyiouttsTucZs9BfNAwLCeDYH4TthitJpPNcjhbLiaD4Wg4Gu1PICcDnIjBcjmZLCa71Wg12gx3o9lggQIxmCBFiwaT1Wg0WUyGq9FkNVsudrsNUrRqNRttBsPVbDLb7VbDwXA5GuGELUaryWSzHM6Wi8lgOBqORkOEEc9s4zDsNm7dwuJci2bGyVo58RjWGt_GOVxOXDbjbuUWvT6m42RlsjkXXhQMSNqL4CKdqO4ml-V0dFkeJoflIpZoThbpRHbZt0bLkctmnFlWps1wOLFtNovlbGFZrJyzxcw1m_grntnGYdht3LqFxbkWzYyTtXLiMaw1vo1zuJy4bMbdyi16fUzHycpkcy78jdlmMBzORpPZvjHbDIbD2Wgy23foDN_V52wUB8Xljk6s3I173pj5oHAZLN7f0SKN3Xozo8o2tlhUt2HON7EK_X6_3-_3-_1-v3djNngMBsPQmRBNp9bXTxsWfzfeg0ERSwSni3QiehlPF7FE8rRIJ6rhajVbjZwzw2iz2ngWrsFqZjFONjOLzbRyLScWsURpukgnernL9_kLLi-302V5-Vt2u7_ksrhO_7rL9689TS6_v-a3_DsO08Ps_Jwu6j8uxGo5Fw3nqtVctEoAAAAAAAAAAEuYM28CAAAAcBrEbrHY7JYL8PAHrwsMAgAAAAAAsLvCppm_mtw_UNz4cUPdTS7L6eiyPEwOy5k3eyaItVotawAAAAFsAACAAG7dvAWcSHI!&excid=22&docw=0&cijs=1&nlb=true
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://am-match.taboola.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://am-match.taboola.com/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 23 Feb 2021 20:47:52 GMT
ETag: "402b0-119-5bc0708346e00"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Mon, 06 Sep 2021 00:00:36 GMT
Connection: keep-alive
Vary: Accept-Encoding

Redirect headers

Server: AkamaiGHost
Content-Length: 0
Location: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Date: Mon, 06 Sep 2021 00:00:36 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *

GET
H/1.1 200
OK Cookie set usermatch Show response
ssum.casalemedia.com/ Frame 9B8E 2 KB
3 KB 328ms
42ms Document
text/html 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum.casalemedia.com/usermatch?gdpr=1&s=183756&us_privacy=1---&cb=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fcasale-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%5Bpartner_user_id%5D%26orig%3Dvideo%26us_privacy%3D1---
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7f9ACFgMIKlgGtjzDhwQIKlgGtjzDhwUAAAAGBvQHGsHYTZaD0W5D2S2Gg8FuMpttJovlcrYbAkcwdpPlYLTbUHaL4WCwm6wWk9VuORyNhqMpfBjLZTKoBRKW2e87KCinp8fsMoiKrrfF7nCaPW94QtPp8Lnu9brf7666m1yW09FleZgclrfDZ9f43X65y_f5Cy4vt9Nleflbdru_5LK4Tv-6y_evPU0uv7_mt_w7DtPD7Pyc7gAAAADwADDlGQPxAwgAEAEAAAAgAQAAAEARUPFvIXABAAAAgAFwoFehAUDJcYAOh-XscvsDAOBBAQQAQACDBECAM7AEYENz8QQAAAAAAAAAgOX___8_BkDP4E4GIIQvswfgwQfggaigsogRAAAAwCfMDcHRpE6oLKoAAAjSrQCuAAAC9nDP8G3DAAAABMYW6GHx-80Ou8bvdhkAAAAAAAAAgNn_2T-aUJReeBrQ5LWC2i8gAMDaLyAAAJu6AQC8CcAFHUErBoPVBcTsAAAAAO7-____9UBqtBy5bMaZZWXaDIcT22azWM4WlsXKOVvMXLOJ9wxpp1otxIrx-0KEZfb7DgrK6ekxuwyiouttsTucZs9BfNAwLCeDYH4TthitJpPNcjhbLiaD4Wg4Gu1PICcDnIjBcjmZLCa71Wg12gx3o9lggQIxmCBFiwaT1Wg0WUyGq9FkNVsudrsNUrRqNRttBsPVbDLb7VbDwXA5GuGELUaryWSzHM6Wi8lgOBqORkOEEc9s4zDsNm7dwuJci2bGyVo58RjWGt_GOVxOXDbjbuUWvT6m42RlsjkXXhQMSNqL4CKdqO4ml-V0dFkeJoflIpZoThbpRHbZt0bLkctmnFlWps1wOLFtNovlbGFZrJyzxcw1m_grntnGYdht3LqFxbkWzYyTtXLiMaw1vo1zuJy4bMbdyi16fUzHycpkcy78jdlmMBzORpPZvjHbDIbD2Wgy23foDN_V52wUB8Xljk6s3I173pj5oHAZLN7f0SKN3Xozo8o2tlhUt2HON7EK_X6_3-_3-_1-v3djNngMBsPQmRBNp9bXTxsWfzfeg0ERSwSni3QiehlPF7FE8rRIJ6rhajVbjZwzw2iz2ngWrsFqZjFONjOLzbRyLScWsURpukgnernL9_kLLi-302V5-Vt2u7_ksrhO_7rL9689TS6_v-a3_DsO08Ps_Jwu6j8uxGo5Fw3nqtVctEoAAAAAAAAAAEuYM28CAAAAcBrEbrHY7JYL8PAHrwsMAgAAAAAAsLvCppm_mtw_UNz4cUPdTS7L6eiyPEwOy5k3eyaItVotawAAAAFsAACAAG7dvAWcSHI!&excid=22&docw=0&cijs=1&nlb=true
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 24b88aaf1e4bfc0a2ade6b092d652bf87d87d52454b06ed0ff361613684be67e

Request headers

Host: ssum.casalemedia.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://am-match.taboola.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: CMPS=5188; CMID=YTVaIwIiGbEkGsvVuA33tQAA; CMPRO=1169; CMST=YTVaI2E1WiMA; CMRUM3=2d61355a232760CAESEKbWWqxVF4gx9gtDuVRDswg
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://am-match.taboola.com/

Response headers

Server: Apache
Content-Type: text/html
Dropped-Udsids: 241|230|39|73|196|5|81|46
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary: Is-Traffic-Usersync
Content-Length: 1554
Expires: Mon, 06 Sep 2021 00:00:36 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 06 Sep 2021 00:00:36 GMT
Connection: keep-alive
Set-Cookie: CMID=YTVaIwIiGbEkGsvVuA33tQAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 06 Sep 2022 00:00:36 GMT CMPS=5188;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 05 Dec 2021 00:00:36 GMT CMPRO=1169;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 05 Dec 2021 00:00:36 GMT CMST=YTVaI2E1WiQA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 07 Sep 2021 00:00:36 GMT CMRUM3=5161355a2405a0&c461355a2405a0&4961355a2405a0&2e61355a2405a0&0561355a2405a0&f161355a2405a0&2761355a240b40&e661355a242760&2d61355a232760CAESEKbWWqxVF4gx9gtDuVRDswg;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 06 Sep 2022 00:00:36 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame BF17 31 KB
10 KB 82ms
72ms Script
text/html 104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 8b71aa3545a124d04ed7505da7acb362009793b48957a9b88ec5005512702e5f

Request headers

Referer: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Mon, 06 Sep 2021 00:00:36 GMT
Content-Encoding: gzip
Last-Modified: Tue, 24 Aug 2021 22:28:41 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=14064
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9359
Expires: Mon, 06 Sep 2021 03:55:00 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 0D1D 31 KB
10 KB 132ms
30ms Script
text/html 104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 8b71aa3545a124d04ed7505da7acb362009793b48957a9b88ec5005512702e5f

Request headers

Referer: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Mon, 06 Sep 2021 00:00:36 GMT
Content-Encoding: gzip
Last-Modified: Tue, 24 Aug 2021 22:28:41 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=14064
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9359
Expires: Mon, 06 Sep 2021 03:55:00 GMT

GET
H/1.1 200
OK 287583 Show response
search.spotxchange.com/vast/2.00/ 67 B
1 KB 174ms
30ms XHR
text/xml 185.94.180.123
SPOTX-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://search.spotxchange.com/vast/2.00/287583?VPAID=js&content_page_url=https%3A%2F%2Fwww.undertheradarmag.com%2Fnews%2Fpremiere_enn_debut_new_video_for_catalyst&player_width=700&player_height=393&vid_duration=NaN&content_id=inline&allow_flash_creative=1&ad_mute=1&custom_skin=1&custom[content][]=IAB1&custom[pub_lang]=en&schain=1.0,1!taboola.com,1015792,1,-1508480664&gdpr=1&gdpr_consent=&playtime=60&us_privacy=1---
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v12.6.4/OvaMediaPlayer.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 185.94.180.123 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: 78e958d620d6e40a19e424eee3a9b23932cd9bfa4d7f736442048777d203052d

Request headers

Referer: https://www.undertheradarmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-type: text/plain

Response headers

Date: Mon, 06 Sep 2021 00:00:36 GMT
Content-Encoding: gzip
X-SpotX-Timing-Transform: 0.000372
X-SpotX-Timing-SpotMarket: 0.009377
X-SpotX-Timing-Page-Mux: 0.000218
X-SpotX-Timing-Page-Require: 0.000311
X-fe: 034
Connection: keep-alive
X-SpotX-Timing-Page-Cookie: 0.000004
Content-Length: 77
X-SpotX-Timing-Page: 0.012595
Pragma: no-cache
X-SpotX-Timing-Page-Context: 0.000304
Last-Modified: Mon, 06 Sep 2021 00:00:36 GMT
Server: nginx
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Methods: POST, GET, PATCH, DELETE, OPTIONS
Vary: Accept-Encoding
X-SpotX-Timing-SpotMarket-Primary: 0.009377
Content-Type: text/xml;charset=UTF-8
Access-Control-Allow-Origin: https://www.undertheradarmag.com
X-SpotX-Timing-Page-Misc: 0.001998
X-SpotX-Timing-Page-Exception: 0.000001
X-SpotX-Timing-SpotMarket-Secondary: 0.000000
X-SpotX-Timing-Page-URI: 0.000010
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3-29 200 overlay.png
s0.2mdn.net/9957158/1622818134107/Template_160x600/ Frame A126 24 KB
24 KB 84ms
7ms Image
image/png 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9957158/1622818134107/Template_160x600/overlay.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9957158/1622818134107/Template_160x600/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d543e0938a92f50488bf5895451508ca03e18dfa31306268a1fa606788b9c060

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/9957158/1622818134107/Template_160x600/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 05 Sep 2021 06:19:48 GMT
x-content-type-options: nosniff
last-modified: Fri, 04 Jun 2021 14:48:54 GMT
server: sffe
age: 63648
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24835
x-xss-protection: 0
expires: Mon, 06 Sep 2021 06:19:48 GMT

GET
H3-29 200 texture1.jpg
s0.2mdn.net/9957158/1622818134107/Template_160x600/ Frame A126 395 KB
395 KB 82ms
7ms Image
image/jpeg 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9957158/1622818134107/Template_160x600/texture1.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9957158/1622818134107/Template_160x600/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9a98a608e9ac0e6a7ac95ed570a1f6f854827d472bd69a78c70f2585250aac26

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/9957158/1622818134107/Template_160x600/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 05 Sep 2021 14:46:15 GMT
x-content-type-options: nosniff
last-modified: Fri, 04 Jun 2021 14:48:54 GMT
server: sffe
age: 33261
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 404787
x-xss-protection: 0
expires: Mon, 06 Sep 2021 14:46:15 GMT

GET
H/1.1 200
OK bridge-31034.js Show response
video-ads.rubiconproject.com/video/ Frame 71C0 64 KB
20 KB 40ms
39ms Script
application/javascript 104.111.230.142
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://video-ads.rubiconproject.com/video/bridge-31034.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v12.6.4/OvaMediaPlayer.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-230-142.deploy.static.akamaitechnologies.com
Software: Apache/2.4.6 (CentOS) PHP/5.4.16 /
Resource Hash: 2b173f65e9f2fb2bbc537a388272f7b1bcf71e7f69fb1982f1298baf1ea124a7

Request headers

Referer: https://www.undertheradarmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Mon, 06 Sep 2021 00:00:37 GMT
Content-Encoding: gzip
Last-Modified: Wed, 11 Aug 2021 13:10:24 GMT
Server: Apache/2.4.6 (CentOS) PHP/5.4.16
ETag: "1013f-5c948575b9000-gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: POST, GET, PUT, OPTIONS, PATCH, DELETE
Content-Type: application/javascript
Access-Control-Allow-Origin
Access-Control-Allow-Credentials: true
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: X-Accept-Charset,X-Accept,Content-Type
Content-Length: 20021

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame BF17 284 B
536 B 36ms
32ms Image
image/jpg 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?gdpr=1&us_privacy=1---
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 284
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
Content-Type: image/jpg

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame 0D1D 284 B
536 B 28ms
25ms Image
image/jpg 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?gdpr=1&us_privacy=1---
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 284
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
Content-Type: image/jpg

GET
H3-29 200 WyPn2IgoBqLw06x46K_q_eg8d-IpxicgJR-1ncxoZqI.js Show response
pagead2.googlesyndication.com/bg/ Frame 16F0 35 KB
13 KB 21ms
17ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/WyPn2IgoBqLw06x46K_q_eg8d-IpxicgJR-1ncxoZqI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5b23e7d8882806a2f0d3ac78e8afeafde83c77e229c62720251fb59dcc6866a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 05 Sep 2021 20:19:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13291
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13351
x-xss-protection: 0
last-modified: Mon, 30 Aug 2021 12:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 05 Sep 2022 20:19:06 GMT

GET
H/1.1

200
OK

Cookie set cshow.php Show response
www.zenaps.com/ Frame B8E3
Redirect Chain

https://www.awin1.com/cshow.php?s=2882174&v=8508&q=413151&r=235229&pref1=88142800007345000719590011709005&pv=1
https://www.zenaps.com/cshow.php?pvr=7738b300-0ea5-11ec-a5f3-692d0d349c1f&v=8508&r=235229&q=413151&s=2882174&viewref=88142800007345000719590011709005&pv=1

43 B
704 B

162ms
31ms

Document
image/gif

104.111.239.217
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zenaps.com/cshow.php?pvr=7738b300-0ea5-11ec-a5f3-692d0d349c1f&v=8508&r=235229&q=413151&s=2882174&viewref=88142800007345000719590011709005&pv=1

Requested by

Host: hal90005.redintelligence.net
URL: https://hal90005.redintelligence.net/request.php?zone=5imww12akvzn&nw=20&renderingType=javascript&namespace=d9ceeee733&subid=&uid=a9cbf5e4a807924d&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCEKU0Glo1YZncCtqKrASx15KoBuKw3PBfnonW-4kL8C4QASDqu74PYJGEgID8F8gBCakCt872iB_usz6oAwGqBNsBT9BllFVg5mUbJjqJbQl3JtV5AauOh_FfeTrCZHpAb9m5Gl93YD-wULRcIoyuoq8ftA80IeQs6a8foLPBV_EgNlfFHRO5Txi4Ml-xOCQnb0CJnujQClsWJ5yqu48dSCBtp144gj6rtP3uFGF27Eo14t10T50839ymIF75dqtwzPrjNg7Go7EtAnit-B8SIchwKhvaII1ES4eGnxp13j0l-JBLZZZxScMx_Fv4_O8Y0lCQPjpZu_JMFh7dTu_sjxQNLawtnC_o_2ghq-_yIa5pWK3oWLEoiXPWo_yowATb87331AHgBAOQBgGgBk2AB-vn6F6oB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiI4YAQEAEYHYAKAZgLAcgLAYAMAbATtda5DNATANgTA4gUAdgUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASFeRokUELHibDCAp6Gjl3MOYpBCCs7Q%26sig%3DAOD64_3Ht95Army6_Oz-juF4ugDCyB0E6g%26client%3Dca-pub-7213021641226731%26dbm_c%3DAKAmf-Brfs9Ug7meHokj6WwP5nqzJS0vff0kCtg8V-uYp2_DJUX96c9ld7yLoKs1dGVxsFZsd_jeebZS751MlL1MKKdg0jGRc_vXXODSY8h186PgccCGdx1iy5G3UApFtmOGpQT6c04Ur_5MsSRBgzKFrMUUU--Vpg%26cry%3D1%26dbm_d%3DAKAmf-CbTdYYDYjYVpz7RaY8lK2k5cSJ9PhcXhXFgogVMIEiGhQytC9f-m_31qQNR_x8Bmh9uOb_8vn6h5gdn5xIBTD0WIb_C-QypGvut-SrSuRDpgmRxb5LjCFKd5VnTtn3BWeVz3vG_mZZPG2fLN-sPEqavvxiPBodmpu9NhSzjjBIOpFZNUFE-p-nEmL3xf1t4cX0E2vPnuROYnZpC_0j6y23phiS8C8AuJV_0ummdCxgbMX14vwebMM6Ffc8g_uWQGlX6R-tB3Yvy9bkKtMFV92XwCoKgs0tvwkaewST_EwTP1jcv6R0Dw0CPojcO3pEzWl2bw2MX2sDTjfPPpCtBMM8zVlZKnd-jjSE-1rcbNVFbR42xQ_3udC4cN1uFzhN_a9RFjv9yM8ptj61Smwb-On56iczrleEqN7UtfdrrwzDIMq5_3k74JBpYpMzRZtOwkHC5fLqMG-J7iIQNygbmyiBYEhLztdk8nn7VG91VxqBLQ0C_NCKy6QtZ10x7wT4hPg8G7-BuUGahKxuxdGVMfkT8mHT8A%26adurl%3D&documentReferer=https%3A%2F%2Fwww.undertheradarmag.com%2F&ancestorOrigins=https%3A%2F%2Fwww.undertheradarmag.com&random=3735855567631&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-239-217.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Host: www.zenaps.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://dd97950f1a8a919d39db5fcf83f03a78.safeframe.googlesyndication.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://dd97950f1a8a919d39db5fcf83f03a78.safeframe.googlesyndication.com/

Response headers

Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Content-Type: image/gif
Expires: 0
Node: Helix
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Pragma: no-cache
Content-Length: 43
Date: Mon, 06 Sep 2021 00:00:37 GMT
Connection: keep-alive
Set-Cookie: awpv8508=235229|1630886437|7738b300-0ea5-11ec-a5f3-692d0d349c1f;domain=.zenaps.com;path=/;expires=Tuesday, 07-Sep-2021 00:00:37 UTC;Secure;SameSite=None AWSESS=413151:2882174;domain=.zenaps.com;path=/;Secure;SameSite=None
Strict-Transport-Security: max-age=86400
Awin-Akamai-Rule-Set: default

Redirect headers

Location: https://www.zenaps.com/cshow.php?pvr=7738b300-0ea5-11ec-a5f3-692d0d349c1f&v=8508&r=235229&q=413151&s=2882174&viewref=88142800007345000719590011709005&pv=1
Node: Helix
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Content-Length: 0
Date: Mon, 06 Sep 2021 00:00:37 GMT
Connection: keep-alive
Set-Cookie: awpv8508=235229|1630886437|7738b300-0ea5-11ec-a5f3-692d0d349c1f;domain=.awin1.com;path=/;expires=Tuesday, 07-Sep-2021 00:00:37 UTC;Secure;SameSite=None AWSESS=413151:2882174;domain=.awin1.com;path=/;Secure;SameSite=None
Strict-Transport-Security: max-age=86400
Awin-Akamai-Rule-Set: default

GET
H2 200 / Show response
ti.tradetracker.net/ Frame C38C 442 B
921 B 200ms
101ms Script
text/javascript 34.247.122.211
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ti.tradetracker.net/?c=34211&m=1888189&a=70002&r=88142800007345000719590011709005&t=js&wid=tt-6919de
Requested by: Host: www.undertheradarmag.com
URL: https://www.undertheradarmag.com/news/premiere_enn_debut_new_video_for_catalyst
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.247.122.211 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-122-211.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 561869d846accf8f3d35e33a6cefeda352e4a8f5d0e417051e57f0ceeff73612

Request headers

Referer: https://dd97950f1a8a919d39db5fcf83f03a78.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 06 Sep 2021 00:00:37 GMT
cache-control: no-cache, must-revalidate
expires: Mon, 26 Jul 1997 05:00:00 GMT
server: nginx
content-type: text/javascript; charset=UTF-8

GET
H/1.1 200
OK request_content.php Show response
hal90005.redintelligence.net/ Frame 083E 8 KB
3 KB 90ms
31ms Document
text/html 138.201.63.165
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90005.redintelligence.net/request_content.php?s=88142800007345000719590011709005&a=9b2a2f8f
Requested by: Host: hal90005.redintelligence.net
URL: https://hal90005.redintelligence.net/request.php?zone=5imww12akvzn&nw=20&renderingType=javascript&namespace=d9ceeee733&subid=&uid=a9cbf5e4a807924d&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCEKU0Glo1YZncCtqKrASx15KoBuKw3PBfnonW-4kL8C4QASDqu74PYJGEgID8F8gBCakCt872iB_usz6oAwGqBNsBT9BllFVg5mUbJjqJbQl3JtV5AauOh_FfeTrCZHpAb9m5Gl93YD-wULRcIoyuoq8ftA80IeQs6a8foLPBV_EgNlfFHRO5Txi4Ml-xOCQnb0CJnujQClsWJ5yqu48dSCBtp144gj6rtP3uFGF27Eo14t10T50839ymIF75dqtwzPrjNg7Go7EtAnit-B8SIchwKhvaII1ES4eGnxp13j0l-JBLZZZxScMx_Fv4_O8Y0lCQPjpZu_JMFh7dTu_sjxQNLawtnC_o_2ghq-_yIa5pWK3oWLEoiXPWo_yowATb87331AHgBAOQBgGgBk2AB-vn6F6oB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiI4YAQEAEYHYAKAZgLAcgLAYAMAbATtda5DNATANgTA4gUAdgUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASFeRokUELHibDCAp6Gjl3MOYpBCCs7Q%26sig%3DAOD64_3Ht95Army6_Oz-juF4ugDCyB0E6g%26client%3Dca-pub-7213021641226731%26dbm_c%3DAKAmf-Brfs9Ug7meHokj6WwP5nqzJS0vff0kCtg8V-uYp2_DJUX96c9ld7yLoKs1dGVxsFZsd_jeebZS751MlL1MKKdg0jGRc_vXXODSY8h186PgccCGdx1iy5G3UApFtmOGpQT6c04Ur_5MsSRBgzKFrMUUU--Vpg%26cry%3D1%26dbm_d%3DAKAmf-CbTdYYDYjYVpz7RaY8lK2k5cSJ9PhcXhXFgogVMIEiGhQytC9f-m_31qQNR_x8Bmh9uOb_8vn6h5gdn5xIBTD0WIb_C-QypGvut-SrSuRDpgmRxb5LjCFKd5VnTtn3BWeVz3vG_mZZPG2fLN-sPEqavvxiPBodmpu9NhSzjjBIOpFZNUFE-p-nEmL3xf1t4cX0E2vPnuROYnZpC_0j6y23phiS8C8AuJV_0ummdCxgbMX14vwebMM6Ffc8g_uWQGlX6R-tB3Yvy9bkKtMFV92XwCoKgs0tvwkaewST_EwTP1jcv6R0Dw0CPojcO3pEzWl2bw2MX2sDTjfPPpCtBMM8zVlZKnd-jjSE-1rcbNVFbR42xQ_3udC4cN1uFzhN_a9RFjv9yM8ptj61Smwb-On56iczrleEqN7UtfdrrwzDIMq5_3k74JBpYpMzRZtOwkHC5fLqMG-J7iIQNygbmyiBYEhLztdk8nn7VG91VxqBLQ0C_NCKy6QtZ10x7wT4hPg8G7-BuUGahKxuxdGVMfkT8mHT8A%26adurl%3D&documentReferer=https%3A%2F%2Fwww.undertheradarmag.com%2F&ancestorOrigins=https%3A%2F%2Fwww.undertheradarmag.com&random=3735855567631&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.165 Hockenheim, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.165.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 8b03ba6889c54f2787ca07c54b57ff32b5cc4aa8c55b4b9375354c3aea32687c

Request headers

Host: hal90005.redintelligence.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://dd97950f1a8a919d39db5fcf83f03a78.safeframe.googlesyndication.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: 8lcfmzhxc8d6_uid=593109dd9ad17b1e
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://dd97950f1a8a919d39db5fcf83f03a78.safeframe.googlesyndication.com/

Response headers

Date: Mon, 06 Sep 2021 00:00:37 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Expires: Mon, 06 Sep 2021 01:00:37 +0200
Pragma: no-cache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2364
Connection: close
Content-Type: text/html; charset=utf-8

GET
DATA 200
OK truncated
/ Frame C38C 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a4d5496ac0b22ee03c8fb689a72527b2020864318ce998999d3e1342b0ceb302

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame 9B8E
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YTVaIwIiGbEkGsvVuA33tQAABJEAAAIB
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YTVaIwIiGbEkGsvVuA33tQAABJEAAAIB&dcc=t

43 B
645 B

105ms
103ms

Image
image/gif

52.46.133.124
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YTVaIwIiGbEkGsvVuA33tQAABJEAAAIB&dcc=t

Requested by

Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?gdpr=1&s=183756&us_privacy=1---&cb=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fcasale-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%5Bpartner_user_id%5D%26orig%3Dvideo%26us_privacy%3D1---

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.133.124 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 06 Sep 2021 00:00:37 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: EW6Q1YHYSFEZVZ4F7X7J
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 06 Sep 2021 00:00:37 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: BZ28HK2HT48XKKZG7VMH
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YTVaIwIiGbEkGsvVuA33tQAABJEAAAIB&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

usermatchredir
ssum-sec.casalemedia.com/ Frame 9B8E
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YTVaIwIiGbEkGsvVuA33tQAABJEAAAIB&gdpr_consent=&us_privacy=&gdpr=1
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEDBn1WrJwkY3097gipsHf_M&google_cver=1

43 B
315 B

70ms
68ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEDBn1WrJwkY3097gipsHf_M&google_cver=1
Requested by: Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?gdpr=1&s=183756&us_privacy=1---&cb=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fcasale-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%5Bpartner_user_id%5D%26orig%3Dvideo%26us_privacy%3D1---
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 06 Sep 2021 00:00:37 GMT
Server: Apache
Vary: Is-Traffic-Usersync
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 43
Expires: Mon, 06 Sep 2021 00:00:37 GMT

Redirect headers

pragma: no-cache
date: Mon, 06 Sep 2021 00:00:37 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEDBn1WrJwkY3097gipsHf_M&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 343
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame 9B8E 70 B
264 B 48ms
40ms Image
image/gif 13.248.242.197
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by: Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?gdpr=1&s=183756&us_privacy=1---&cb=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fcasale-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%5Bpartner_user_id%5D%26orig%3Dvideo%26us_privacy%3D1---
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a97adde81b00f2ca4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Sep 2021 00:00:37 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 YTVaIwIiGbEkGsvVuA33tQAABJEAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 9B8E 43 B
922 B 152ms
35ms Image
image/gif 2a00:1288:110:c305::8000
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/casale/YTVaIwIiGbEkGsvVuA33tQAABJEAAAIB?gdpr_consent=&us_privacy=&gdpr=1

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1288:110:c305::8000 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 06 Sep 2021 00:00:37 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
content-type: image/gif
x-xss-protection: 1; mode=block
content-length: 43
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 9B8E
Redirect Chain

https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1
https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1&prevuid=&knw=0
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=

43 B
315 B

36ms
36ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
Requested by: Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?gdpr=1&s=183756&us_privacy=1---&cb=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fcasale-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%5Bpartner_user_id%5D%26orig%3Dvideo%26us_privacy%3D1---
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 06 Sep 2021 00:00:37 GMT
Server: Apache
Vary: Is-Traffic-Usersync
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 43
Expires: Mon, 06 Sep 2021 00:00:37 GMT

Redirect headers

date: Mon, 06 Sep 2021 00:00:37 GMT
server: nginx
access-control-allow-origin: *
transfer-encoding: chunked
access-control-allow-methods: POST, GET, OPTIONS
p3p: CP="NOI DEV OUR BUS UNI"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
cache-control: no-cache
content-type: text/html; charset=UTF-8
access-control-allow-headers: Origin
keep-alive: timeout=10

GET
H2 200 ix
ad4m.at/ad/sim/ Frame 9B8E 0
0 130ms
14ms Image
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad4m.at/ad/sim/ix?gdpr=1
Requested by: Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?gdpr=1&s=183756&us_privacy=1---&cb=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fcasale-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%5Bpartner_user_id%5D%26orig%3Dvideo%26us_privacy%3D1---
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 9B8E
Redirect Chain

https://pixel.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0&gdpr=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=1&external_user_id=qvHLr6mhyq-x983_rKPVqKijnqux8p75pPm4Yh9q

43 B
1 KB

33ms
31ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=1&external_user_id=qvHLr6mhyq-x983_rKPVqKijnqux8p75pPm4Yh9q
Requested by: Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?gdpr=1&s=183756&us_privacy=1---&cb=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fcasale-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%5Bpartner_user_id%5D%26orig%3Dvideo%26us_privacy%3D1---
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 06 Sep 2021 00:00:37 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 06 Sep 2021 00:00:37 GMT

Redirect headers

pragma: no-cache
date: Mon, 06 Sep 2021 00:00:37 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=1&external_user_id=qvHLr6mhyq-x983_rKPVqKijnqux8p75pPm4Yh9q
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H/1.1 400
Request failed due to privacy signals getuid
secure.adnxs.com/ Frame 9B8E 0
0 132ms
17ms Image
text/html 185.33.220.240
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Requested by: Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?gdpr=1&s=183756&us_privacy=1---&cb=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fcasale-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%5Bpartner_user_id%5D%26orig%3Dvideo%26us_privacy%3D1---
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.33.220.240 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS: 717.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

GET
H2 200 /
sync.taboola.com/sg/casale-network/1/rtb-h/ Frame 9B8E 0
98 B 22ms
15ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/casale-network/1/rtb-h/?gdpr=1&taboola_hm=YTVaIwIiGbEkGsvVuA33tQAABJEAAAIB&orig=video&us_privacy=1---
Requested by: Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?gdpr=1&s=183756&us_privacy=1---&cb=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fcasale-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%5Bpartner_user_id%5D%26orig%3Dvideo%26us_privacy%3D1---
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 06 Sep 2021 00:00:37 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 19006

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame F32E 31 KB
10 KB 101ms
24ms Script
text/html 104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 8b71aa3545a124d04ed7505da7acb362009793b48957a9b88ec5005512702e5f

Request headers

Referer: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Mon, 06 Sep 2021 00:00:37 GMT
Content-Encoding: gzip
Last-Modified: Tue, 24 Aug 2021 22:28:41 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=14063
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9359
Expires: Mon, 06 Sep 2021 03:55:00 GMT

POST
H3-29 200 view
googleads4.g.doubleclick.net/pcs/ Frame 63CD 0
23 B 88ms
58ms Ping
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.undertheradarmag.com
URL: https://www.undertheradarmag.com/news/premiere_enn_debut_new_video_for_catalyst

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dd97950f1a8a919d39db5fcf83f03a78.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Mon, 06 Sep 2021 00:00:37 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 vast.xml Show response
optimized-by.rubiconproject.com/a/api/ Frame 71C0 28 B
2 KB 134ms
36ms XHR
application/xml 18.184.25.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://optimized-by.rubiconproject.com/a/api/vast.xml?gdpr=1&gdpr_consent=CPMFQbjPMFQbjAGABCENBqCsAP_AAEPAAAYgHjoZ5CpETWNAUXZ9QMsASIAU1sAGAGACAAAAASAJAAEAIJwAkkACIAQAgAIAAAYAIBIAAAEACAAAAAAAAAAEAAAkAgAAAAAIIAJAAAAAAAAAAAgIAAAAAAAAgAATCAAAiAAQAqaAQAAAAAAAAgAAAAAAAAAAAIAAAAAIDAwBQALgAkgIOAhABQwDAgFjIAYATACOALzEQAwBDAIvASIIAAgAkCQIQAFgAVAAyABwAEAAMgAaAA8gCIAIoATAAngBvADmAH4AQgAhoBEAESAKUAaoA_QCBgEcAJSAegBF4CRAFDgLzAYMAyQBrIDowHjhoA4AVAAuACGgLQAtICLwEiAMYFQBgAmABcAI5AWgBaQEggLzHQKwAFgAVAAyABwAEEAMQAyABoADwAH0ARABFACYAE8ALgAXwAxABvADmAH4AQgAhoBEAESAJgAUoAsQB-gEDAIsARwAlMBaAFpALqAegBF4CQQEiAKHAWyAvMBgwDGAGSAOjAeOQgJgALAAyADEAJgAXAAvgBiADeALEAjgBKQChwFoAWkA9ACQQEiQLZAtoB0YDxyUBYABYAGQAOAAxAB4AEQAJgAVAAuABfADEAIQAQ0AiACJAFKANUAjkBaAFpALqAi8BIgC8ykCUABYAFQAMgAcABBADEAMgAaAA8gCIAIoATAAngBSACoAF8AMQAcwA_ACEAENAIgAiQBSgCxAGqAP0AiwBHACUgFDAPQAi8BIgChwF5gMYAZIA1kB45QAGABcAEgBdQAA.YAAAAAAAAAAA&us_privacy=1---&account_id=16698&site_id=144084&zone_id=1761844&size_id=203&rf=https://www.stuttgarter-nachrichten.de&p_aso.video.maxduration=60&p_window.depth=0&p_window.url=&p_window.w=1600&p_window.h=1200&p_aso.video.ext.ad.w=700&p_aso.video.ext.ad.h=393&width=700&height=393&p_aso.video.api=2&p_aso.video.mimes=application/javascript,video/mp4&tk_vpaid=1&cb=9990503460235620&rp_secure=1
Requested by: Host: video-ads.rubiconproject.com
URL: https://video-ads.rubiconproject.com/video/bridge-31034.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.184.25.64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-184-25-64.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: 71a904ba726ae38a8aa08425bae824e9850452b5c41a182bdc526a139ba3a9bc

Request headers

Referer: https://www.undertheradarmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Sep 2021 00:00:37 GMT
server: nginx/1.16.0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
access-control-allow-origin: https://www.undertheradarmag.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-type: application/xml
content-length: 28
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame F32E 284 B
536 B 38ms
37ms Image
image/jpg 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?gdpr=1&us_privacy=1---
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 284
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
Content-Type: image/jpg

GET
H2

200

e6244d1a4401c7fe26622998bffa5f86940922.png
static.tradetracker.net/nl/material_image/f1/ Frame C38C
Redirect Chain

https://ti.tradetracker.net/?c=34211&m=1888189&a=70002&r=88142800007345000719590011709005&t=html
https://static.tradetracker.net/nl/material_image/f1/e6244d1a4401c7fe26622998bffa5f86940922.png

2 KB
2 KB

113ms
50ms

Image
image/png

2600:9000:2156:4c00:1a:7c92:efc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.tradetracker.net/nl/material_image/f1/e6244d1a4401c7fe26622998bffa5f86940922.png
Requested by: Host: dd97950f1a8a919d39db5fcf83f03a78.safeframe.googlesyndication.com
URL: https://dd97950f1a8a919d39db5fcf83f03a78.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:4c00:1a:7c92:efc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: a82269bce61196e0aca1c36b304de3471e367a41179284996e6b06b2a3b3009a

Request headers

Referer: https://dd97950f1a8a919d39db5fcf83f03a78.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 06 Sep 2021 00:00:38 GMT
via: 1.1 24475cc722041223cf99f56b55432566.cloudfront.net (CloudFront)
last-modified: Fri, 23 Apr 2021 10:05:11 GMT
server: nginx
x-amz-cf-pop: FRA50-C1
etag: "60829bd7-6cf"
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 1743
x-amz-cf-id: AoQLoCvSMNqJmYS-GwKQ_ftBo0SH3inagLYrh2x20gluBNT_TPqfvA==

Redirect headers

location: https://static.tradetracker.net/nl/material_image/f1/e6244d1a4401c7fe26622998bffa5f86940922.png
date: Mon, 06 Sep 2021 00:00:37 GMT
cache-control: no-cache, must-revalidate
server: nginx
content-type: text/html; charset=UTF-8
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3-29 200 css
fonts.googleapis.com/ Frame 083E 1 KB
418 B 15ms
13ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Titillium+Web:400,700

Requested by

Host: hal90005.redintelligence.net
URL: https://hal90005.redintelligence.net/request_content.php?s=88142800007345000719590011709005&a=9b2a2f8f

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9c1521286e7dd2d6f8c2262b15bca8867bcae973a83879accdd00e1cb9831e5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://hal90005.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 05 Sep 2021 23:47:53 GMT
server: ESF
date: Mon, 06 Sep 2021 00:00:37 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 06 Sep 2021 00:00:37 GMT

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 083E 12 KB
12 KB 111ms
36ms Image
image/png 116.202.48.214
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/53619/creativesup/img220807_banners_megekko_affiliate_image_v2-1597759923086-min%20(2).jpg
Requested by: Host: hal90005.redintelligence.net
URL: https://hal90005.redintelligence.net/request_content.php?s=88142800007345000719590011709005&a=9b2a2f8f
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 116.202.48.214 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.214.48.202.116.clients.your-server.de
Software: Apache /
Resource Hash: 2066733a0de3bab5d031b26d449395753d16df5fc7564264d7decf1f771e6ce5

Request headers

Referer: https://hal90005.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Mon, 06 Sep 2021 00:00:37 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 11775
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 083E 14 KB
14 KB 111ms
35ms Image
image/png 116.202.48.214
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/58995/creativesup/1200x627.jpg
Requested by: Host: hal90005.redintelligence.net
URL: https://hal90005.redintelligence.net/request_content.php?s=88142800007345000719590011709005&a=9b2a2f8f
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 116.202.48.214 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.214.48.202.116.clients.your-server.de
Software: Apache /
Resource Hash: 1e5688a9e30ce2899980ba8d6780541dc2edb2c517526553a62bd6d741ca5c49

Request headers

Referer: https://hal90005.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Mon, 06 Sep 2021 00:00:37 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 14633
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK viewability Show response
hal90005.redintelligence.net/ Frame 083E 0
150 B 128ms
29ms Script
text/html 138.201.63.165
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90005.redintelligence.net/viewability?s=88142800007345000719590011709005&a=ee12b1f1&vb=m
Requested by: Host: hal90005.redintelligence.net
URL: https://hal90005.redintelligence.net/request_content.php?s=88142800007345000719590011709005&a=9b2a2f8f
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.165 Hockenheim, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.165.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://hal90005.redintelligence.net/request_content.php?s=88142800007345000719590011709005&a=9b2a2f8f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Mon, 06 Sep 2021 00:00:38 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H2 200 / Show response
ti.tradetracker.net/ Frame 083E 434 B
700 B 98ms
97ms Script
text/javascript 34.247.122.211
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ti.tradetracker.net/?c=558&m=24180&a=70002&r=88142800007345000719590011709005&t=js&wid=tt-79c9c0
Requested by: Host: hal90005.redintelligence.net
URL: https://hal90005.redintelligence.net/request_content.php?s=88142800007345000719590011709005&a=9b2a2f8f
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.247.122.211 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-122-211.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 487fcff9d49208859b27b538919a04e6507e46cd550c9cf1532440fa4006df87

Request headers

Referer: https://hal90005.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 06 Sep 2021 00:00:38 GMT
cache-control: no-cache, must-revalidate
expires: Mon, 26 Jul 1997 05:00:00 GMT
server: nginx
content-type: text/javascript; charset=UTF-8

GET
H2

200

1f21095a5f4ae3c95070194bad8a5ad919a00b.jpg
static.tradetracker.net/nl/material_image/49/ Frame 083E
Redirect Chain

https://ti.tradetracker.net/?c=558&m=24180&a=70002&r=88142800007345000719590011709005&t=html
https://static.tradetracker.net/nl/material_image/49/1f21095a5f4ae3c95070194bad8a5ad919a00b.jpg

13 KB
13 KB

37ms
37ms

Image
image/jpeg

2600:9000:2156:4c00:1a:7c92:efc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.tradetracker.net/nl/material_image/49/1f21095a5f4ae3c95070194bad8a5ad919a00b.jpg
Requested by: Host: hal90005.redintelligence.net
URL: https://hal90005.redintelligence.net/request_content.php?s=88142800007345000719590011709005&a=9b2a2f8f
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:4c00:1a:7c92:efc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 6d731e6d3e38558377e2fa974639cabf5209d9cafa5f00e186b0e3faf0aea02b

Request headers

Referer: https://hal90005.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 06 Sep 2021 00:00:38 GMT
via: 1.1 24475cc722041223cf99f56b55432566.cloudfront.net (CloudFront)
last-modified: Thu, 16 Mar 2017 08:27:46 GMT
server: nginx
x-amz-cf-pop: FRA50-C1
etag: "58ca4c82-335a"
x-cache: Hit from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 13146
x-amz-cf-id: eIWGRBRIlKccU4l5alNWoencoAzXj_BKE14d8hcPu8zNes2_k9jAMA==

Redirect headers

location: https://static.tradetracker.net/nl/material_image/49/1f21095a5f4ae3c95070194bad8a5ad919a00b.jpg
date: Mon, 06 Sep 2021 00:00:38 GMT
cache-control: no-cache, must-revalidate
server: nginx
content-type: text/html; charset=UTF-8
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6F40 0
20 B 44ms
43ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Be_l3H1o1YaKOHfDF7_UPpZy6kAQAAAAAOAHgBAI&bg=!JiWlJWHNAAYJpm41CaY7ACkAdvg8WovWPBLVnMTwCsp2F-7PsIwT7NwIvoH5PK7zstX5Eg_Uuakp7QIAAAW2UgAAACdoAQeZAsp8E4C7txkm4LjV63S65cjigqvSoMhw34ZKMSpaTz8FN_dZ8lV1TLCxuHWjHFw1r0AsVjSz9ftKsyLXtw0cQpgUwgj8_GOA-YPbI-vVS0vATJhyyTEUtNx-jhDabVWXZDCP82SPsvgO08fHOc56b_pnaZYJt28-tXlc4Ml1YCWUZJsdPKnieL29RnfKjuHnsLRp-PmLVBwKq9TXsyyeONDTSgZjiO887PPKsCK0wPoLeQsiNYQjr0QM7JK5Qcs4qzOgHU6elVhDJaa3KCyPmxp6MklZcnHWtQbYudqGBApjecxfUz0ZtnP67xT-5rn1gK6T-C-3B5-XDu58WOzhh-mOP6KAyiJ-NKv13h85sxKXT_28gXQs9NjQai0j5sTuf_qs6u6-13pDJNb1n7Ik8Y9MOtorTyCUM9f-UJZ-Dd9XtBYRVXDgV8jmRYSlu6UUpsUUmVbJyijKkjKKO2ng-Kvh9aRqfyyzYuemXp_N0uxwJj7Ky5v7y1Z9yqyQHM7DaqGVqvGciemwGSw_eZwYwMZ-Y3byJ2DijAUBoowuXET8IL7Cevf7NYD8B96L4_e_-Ei0aaeqdOLmwjO5BSY2mUN21N8s7H-Op2RyxeCzktRTHIMKs0O6L53pyeMQ4UVxTUJroDSxy7JzyticIrhZRhT4TO1chb-M5AET5lrog3ENRnEwNJeg9ErCHtPQZYW554t2zzCH26C9CDl74G0NeuCBJbjIOfSGNLdfwoT_cnuKYT3q2xmvnMJHWqh5bDAHhl-ecBj-m7Xjl1j9a_WT6R2RfUDjQhiWNFUVs9C8Itj9vuPufnT2d3Nz3nU996ITbHFdAuD8LNK82nL3EpZUGQCW22EjHGeOz0GHzKuNxPT9bTLg4TbO4SUaghPoAmT4FFEDCMKueT5tG72ErY3mdsjPK9eOKiKlORPNVK4lXs1RRn32eMTiKqeFSu4

Requested by

Host: www.undertheradarmag.com
URL: https://www.undertheradarmag.com/news/premiere_enn_debut_new_video_for_catalyst

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Sep 2021 00:00:38 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame F93F 0
20 B 43ms
42ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BGnECH1o1YanfN_eCx_AP7bK3iAgAAAAAOAHgBAI&bg=!trWltfHNAAYJpm41CaY7ACkAdvg8Wh7-aCDHCzyMmNHuq0KFOOhllrH5-JW9PQsSw9g88KrTFKD5OwIAAAVsUgAAAB5oAQeZAt9NzhqVGPcXLd1tgTywg1UsIYegTAXlvQaZvAjJ1bdVNTtOqivXb1_kz-9dFMbrrRUJx3VWyzGIlA_d5iIAxttOXMMHCp61srvWl75a3keyDWsUVaftqHTmVrdwcVdahEtI8Y-LeMmBFzBlr6k-VbrFC6vYZv-YuSZfRdCQlUJ_CZjFlWE-7uY8FrdYXO6pJP54Lodh-QtSal31spjyDoYBBtK39NmB7eZd1aQ51ZLHevlGT4NOw_DqaG7ZOYDTkbXIP_o4umMxsJoOfc21B_sa_CceIbBEGvKkPwsatwWkbi_4F1lKqgv8mx0e8FEAyGol7cw6gq_iLzLRIYv2B8T-bOiAsZIzdXdpixXN855S_g-6SDP9PKynGmu_A0HwPn4ozII-z_WLy_YyMTd9ZGb1ayeWfbIErkniTb4rxWEexNM3KZjLucqiyo9z0GcojbKFZJgAkUGbLN84thc1EYmx6uCoAF40joLsHhj9ycF2FgcQ3-xdioWF7-L_jqVb-TtLUCRfxADpYE_L8IhzOTWjFyQRicJPtRMki8lp_lycCLEvmXxrdUiBSeJp5Xn9LndIzAI4k2T9seCPpv7vCcCJEO_YY4g9Gr0ZLNYDf-p5CUJnOzg_MrgE_YR7zC1Ut5qQf2us2YI9BGSfxANFs7RW5SgZqoIEqSJQjjexLaU3-OiOCMUkNoX31wXSpPIfUeghIOin3Pq1v7nnZochx3gwdpjMLFqR1a8mvl_Qa8FlNny3P_XNMTgdJ6C_sORkgqb03WWj6q5Utt5T7xz-0-2UV2Oaq-Pm2xVM5LflGfl3rYOSf0bRLLitHcm7y1Hk_80gObwJTiieY3EGeTFaIj5pkwPi3wVs3Pjj_eaxROtTKHqe9CzQb9gqIlyezyy676_IcbqxmWtR3BQEuS2sSdvtpKxYtxc5VcQCOTvmvRLqr5LSJC1LoIdsz0qCHoJ37i_iRX6vWLLyXEZ_cPaA7c8

Requested by

Host: dd97950f1a8a919d39db5fcf83f03a78.safeframe.googlesyndication.com
URL: https://dd97950f1a8a919d39db5fcf83f03a78.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Sep 2021 00:00:38 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 16F0 0
20 B 43ms
41ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BboTSH1o1YYGYOMfC7_UPgdgmAAAAADgB4AQC&bg=!5eal5qLNAAYJpm41CaY7ACkAdvg8Wo0U53AxwLNha7tlTjcFVtGBS6k1zazgngH9C6GRiLpbKJ98NwIAAAGwUgAAADNoAQeZAtgMDVKzxK2MD3w9AO6n6thk3X3WPrsSzBPxh4DM6LwEsyfD9BG04rfxL0Db0br1SF7Oq9Rba5ypVQCN5ICYMwLQrgKsF_MXKrSjICkRAug4WHUbUgKv2bHg4ANTiWV04SqkbA5ujJ3j4UHyFdUbGtxrnRnDiWbco-oDAUtJ_yyFQ9d6Gl2Xp6-NN42utlHHk2Z-QV3pf-0S28z05jNtRGDHxmuY1Vgxp9OH_-E6nV2llCwJQb1d9ft130wzGa5JXfyhExNOVzzwPPhce9Kml7OysTW7koc9oKTHT0mv5cwON4C__xo1zmQPZWmOvj25xdPmDwkJOiJ_5KefniC0ofZcgyV8vwHNsltot9ie2mMUfJvQaTj0W8SNwVOoYK85GWZPhSgODWXZX6DAQ4QaI-JQYl578LzAmWIGRUKEsE7JTHDkikZnwcFlwuLv5JUFzvJuuSD6Wot24NNgmpQ9i1Bb3dila8wHRbW17HCXzL3Xx4YFXnLvag6-9EfkZ5jcgBIGZ1YtR7y8RxhT61quIPDl8K-ZRTsB0SIiC7VfNWGv4mqJvWE97YKnBonkA896QKTDpuK8VPSLDM9R_2CLIyFdBsiT-ASWDxb0a0EvlsJjyJQdKs8UEnp9qby2Md8GqqO6r6UVMBqEu7LjsERG2pTZQ7fmIfA-SASjsx6LuMN0qxraGQZ_vH1I7LHaYmByA9aP51a2QTP-dHiGvCq5ziioWbR7ek1tF0L56_5yZAIKnZST5VB3El7EyZ1atxjPyb6KP1z3pYoug0RZV8UrJ3k-Ylx8FiGT4kJXF3HNSx7HTdPhDOtk73zpW787PQpAi6Q80dwXTYLLGxbN5BPYxH33LzGS58iAabY21e8h7vzGhOs1MUl5dep_acv9Y--qcVXWLgol2qrU4nbyy2toaXW5AGgv58vJN2_Z5bKTNeoAt1jbAMH1L_QDG_IgGNkexkgULc5ThnioIg

Requested by

Host: www.undertheradarmag.com
URL: https://www.undertheradarmag.com/news/premiere_enn_debut_new_video_for_catalyst

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Sep 2021 00:00:38 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 VideoBidRequestHandlerServlet Show response
am-wf.taboola.com/ 5 KB
3 KB 53ms
46ms XHR
application/json 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=5479985&noaop=5&sortOrderType=0&cb=1630886438765&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=3&pv=1264&pt=336712214&tz=120&viewable=true&ddast=V7f9ACFgMIKlgGtjzDhwQIKlgGtjzDhwUAAAAGBvQHGsHYTZaD0W5D2S2Gg8FuMpttJovlcrYbAkcwdpPlYLTbUHaL4WCwm6wWk9VuORyNhqMpfBjLZTKoBRKW2e87KCinp8fsMoiKrrfF7nCaPW94QtPp8Lnu9brf7666m1yW09FleZgclrfDZ9f43X65y_f5Cy4vt9Nleflbdru_5LK4Tv-6y_evPU0uv7_mt_w7DtPD7Pyc7gAAAADwADDlGQPxAwgAEAEAAAAgAQAAAEARUPFvIXABAAAAgAFwoFehAUDJcYAOh-XscvsDAOBBAQQAQACDBECAM7AEYENz8QQAAAAAAAAAgOX___8_BkDP4E4GIIQvswfgwQfggaigsogRAAAAwCfMDcHRpE6oLKoAAAjSrQCuAAAC9nDP8G3DAAAABMYW6GHx-80Ou8bvdhkAAAAAAAAAgNn_2T-aUJReeBrQ5LWC2i8gAMDaLyAAAJu6AQC8CcAFHUErBoPVBcTsAAAAAO7-____9UBqtBy5bMaZZWXaDIcT22azWM4WlsXKOVvMXLOJ9wxpp1otxIrx-0KEZfb7DgrK6ekxuwyiouttsTucZs9BfNAwLCeDYH4TthitJpPNcjhbLiaD4Wg4Gu1PICcDnIjBcjmZLCa71Wg12gx3o9lggQIxmCBFiwaT1Wg0WUyGq9FkNVsudrsNUrRqNRttBsPVbDLb7VbDwXA5GuGELUaryWSzHM6Wi8lgOBqORkOEEc9s4zDsNm7dwuJci2bGyVo58RjWGt_GOVxOXDbjbuUWvT6m42RlsjkXXhQMSNqL4CKdqO4ml-V0dFkeJoflIpZoThbpRHbZt0bLkctmnFlWps1wOLFtNovlbGFZrJyzxcw1m_grntnGYdht3LqFxbkWzYyTtXLiMaw1vo1zuJy4bMbdyi16fUzHycpkcy78jdlmMBzORpPZvjHbDIbD2Wgy23foDN_V52wUB8Xljk6s3I173pj5oHAZLN7f0SKN3Xozo8o2tlhUt2HON7EK_X6_3-_3-_1-v3djNngMBsPQmRBNp9bXTxsWfzfeg0ERSwSni3QiehlPF7FE8rRIJ6rhajVbjZwzw2iz2ngWrsFqZjFONjOLzbRyLScWsURpukgnernL9_kLLi-302V5-Vt2u7_ksrhO_7rL9689TS6_v-a3_DsO08Ps_Jwu6j8uxGo5Fw3nqtVctEoAAAAAAAAAAEuYM28CAAAAcBrEbrHY7JYL8PAHrwsMAgAAAAAAsLvCppm_mtw_UNz4cUPdTS7L6eiyPEwOy5k3eyaItVotawAAAAFsAACAAG7dvAWcSHI!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=7&ft=0&pb=0&pagg=1&sd=undefined&dtagid=1809035&dpubid=171137&abtst=aat1_vA!adh5c-1_vA!smbs!spa2_vA!t45!ufm_vG!vzr_vB&mPre=0.033&cirf=https%3A%2F%2Fwww.undertheradarmag.com&en=1&subu=3
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v12.6.4/OvaMediaPlayer.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: b0a11fd3b67b7e2debfee4e9a7e3ca2dff7f30de1dd7614a5b69898a8d115d54

Request headers

Referer: https://www.undertheradarmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-type: text/plain

Response headers

pragma: no-cache
date: Mon, 06 Sep 2021 00:00:38 GMT
content-encoding: gzip
server: nginx
machineid: 1438
vary: Accept-Encoding
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.undertheradarmag.com
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
link: <https://search.spotxchange.com>; rel=preconnect
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK 287583 Show response
search.spotxchange.com/vast/2.00/ 67 B
1 KB 28ms
27ms XHR
text/xml 185.94.180.123
SPOTX-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://search.spotxchange.com/vast/2.00/287583?VPAID=js&content_page_url=https%3A%2F%2Fwww.undertheradarmag.com%2Fnews%2Fpremiere_enn_debut_new_video_for_catalyst&player_width=700&player_height=393&vid_duration=NaN&content_id=inline&allow_flash_creative=1&ad_mute=1&custom_skin=1&custom[content][]=IAB1&custom[pub_lang]=en&schain=1.0,1!taboola.com,1015792,1,-1508480633&gdpr=1&gdpr_consent=&playtime=60&us_privacy=1---
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v12.6.4/OvaMediaPlayer.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 185.94.180.123 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: 78e958d620d6e40a19e424eee3a9b23932cd9bfa4d7f736442048777d203052d

Request headers

Referer: https://www.undertheradarmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-type: text/plain

Response headers

Date: Mon, 06 Sep 2021 00:00:38 GMT
Content-Encoding: gzip
X-SpotX-Timing-Transform: 0.000368
X-SpotX-Timing-SpotMarket: 0.006802
X-SpotX-Timing-Page-Mux: 0.000208
X-SpotX-Timing-Page-Require: 0.000355
X-fe: 088
Connection: keep-alive
X-SpotX-Timing-Page-Cookie: 0.000003
Content-Length: 77
X-SpotX-Timing-Page: 0.009911
Pragma: no-cache
X-SpotX-Timing-Page-Context: 0.000293
Last-Modified: Mon, 06 Sep 2021 00:00:38 GMT
Server: nginx
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Methods: POST, GET, PATCH, DELETE, OPTIONS
Vary: Accept-Encoding
X-SpotX-Timing-SpotMarket-Primary: 0.006802
Content-Type: text/xml;charset=UTF-8
Access-Control-Allow-Origin: https://www.undertheradarmag.com
X-SpotX-Timing-Page-Misc: 0.001873
X-SpotX-Timing-Page-Exception: 0.000000
X-SpotX-Timing-SpotMarket-Secondary: 0.000000
X-SpotX-Timing-Page-URI: 0.000009
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 overlay.png
s0.2mdn.net/9957158/1622818134107/Template_160x600/ Frame A126 24 KB
24 KB 7ms
6ms Image
image/png 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9957158/1622818134107/Template_160x600/overlay.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9957158/1622818134107/Template_160x600/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d543e0938a92f50488bf5895451508ca03e18dfa31306268a1fa606788b9c060

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/9957158/1622818134107/Template_160x600/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 05 Sep 2021 06:19:48 GMT
x-content-type-options: nosniff
last-modified: Fri, 04 Jun 2021 14:48:54 GMT
server: sffe
age: 63651
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24835
x-xss-protection: 0
expires: Mon, 06 Sep 2021 06:19:48 GMT

GET
H2 200 texture2.jpg
s0.2mdn.net/9957158/1622818134107/Template_160x600/ Frame A126 153 KB
153 KB 8ms
8ms Image
image/jpeg 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9957158/1622818134107/Template_160x600/texture2.jpg

Requested by

Host: www.undertheradarmag.com
URL: https://www.undertheradarmag.com/news/premiere_enn_debut_new_video_for_catalyst

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

358cd5bbe4d42510a8ba89a31e1afc40be9ee38ffeaf505d81b23339b7617fca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/9957158/1622818134107/Template_160x600/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 05 Sep 2021 06:50:23 GMT
x-content-type-options: nosniff
last-modified: Fri, 04 Jun 2021 14:48:54 GMT
server: sffe
age: 61816
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 156702
x-xss-protection: 0
expires: Mon, 06 Sep 2021 06:50:23 GMT

POST
H2 200 OpportunityServlet
am-vid-events.taboola.com/ 1 B
127 B 94ms
56ms Ping
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-vid-events.taboola.com/OpportunityServlet
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/30_1_4/infra/cmTagFEED_MANAGER.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: 5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer: https://www.undertheradarmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.undertheradarmag.com
date: Mon, 06 Sep 2021 00:00:40 GMT
access-control-allow-credentials: true
server: nginx
content-length: 1

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
9 KB 39ms
18ms XHR
application/json 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021083101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021083101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

29af478e5d6b7990e51603d0c527f88c1b42c6794790e045ca11de486eb5264f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.undertheradarmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 06 Sep 2021 00:00:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8553
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 28ms
27ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021083101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.undertheradarmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 06 Sep 2021 00:00:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
expires: Mon, 06 Sep 2021 00:00:43 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 8667 12 KB
5 KB 13ms
12ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.undertheradarmag.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://www.undertheradarmag.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5029
date: Sun, 05 Sep 2021 23:46:47 GMT
expires: Mon, 05 Sep 2022 23:46:47 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 836
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame DBBD 783 B
782 B 20ms
19ms Document
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

f233a3c139c890b80bc0a92910a27b91f4509c342d35493aaf8f244fea45f13b

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-9ho3mHXjl3JR1JMEqTT4Vw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.undertheradarmag.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://www.undertheradarmag.com/

Response headers

expires: Mon, 06 Sep 2021 00:00:43 GMT
date: Mon, 06 Sep 2021 00:00:43 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-9ho3mHXjl3JR1JMEqTT4Vw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 514
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 WyPn2IgoBqLw06x46K_q_eg8d-IpxicgJR-1ncxoZqI.js Show response
pagead2.googlesyndication.com/bg/ Frame 8667 35 KB
13 KB 99ms
53ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/WyPn2IgoBqLw06x46K_q_eg8d-IpxicgJR-1ncxoZqI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5b23e7d8882806a2f0d3ac78e8afeafde83c77e229c62720251fb59dcc6866a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 05 Sep 2021 20:19:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13297
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13351
x-xss-protection: 0
last-modified: Mon, 30 Aug 2021 12:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 05 Sep 2022 20:19:06 GMT

GET
H3-29 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 28ms
22ms Image
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&t=2&li=gpt_2021083101&jk=2797037208050237&bg=!HxylHFjNAAYJpm41CaY7ACkAdvg8WjcMCcIbRH7UdT5Pvog3ICyXiFGWsLZD_BSHNbL5l9AVJQNTFwIAAADPUgAAABJoAQeZAn8v94qH2KwSqeQi30zN1L2Amw6gFgKqsY0-ZyoJOB4Yzi3hXpeD9StLgbBnLYjaeLngHVFuTMRM815ATONxxHrsofGEiZjsU7A8uucoTWL-KpZVjE5Ws8tHhl5TDvEJylScjTNcaRhYf49jfRx7bzJioIfUNquQqFALw851epMvMKXRtQNKIPqLGogtQaWQTbgHs3WOfHlf1e2pnEhLtSk38n8KN-NhElPre0nVTXaQarRJ1TMJw0ot7CPZxZcpd9KUTLt9hTqidEeVhmBxXNAN3VITrs3Nx0foHhRPj1qmVEo0JqvknoM9rM5zf6E6sbGwRDn5KaeGYqq_FqQQNzY2po852sXW-PAVglFpnrUIHKxnoDQgq4MILyjQclY-3nxoU5FvHEhoUkZgFU10uqpjOCxjfEYEefZvsvnewRHdKO8NOUCU08yhPEJ1PadQRmo4l-BaDnLQY5C8cooiW7PJHiqvB-3jEEdEaPOo9o173776RHUzV1xVz1YYf7Cm1yyBVSWErU4OcO9hB-woxGbhWsXkdDXf9C8CQVPrz7Soj6hnWWHB_RjiDIOi4EQTR4HORh1duOiQt6pTk9rDaYfJicChO_EE-Ph4kphpCEko0-yTjbBiUwmb7vdw1WYL_pds2OT00g_bYy3APiw83Ms6L_1Aci57NKSFGaV1r7obxSIiL6CpMSHjrWiH5wnkm9Ca_6kpRexavkToPT7xmZnwo34NsnsjDC-q7cs4jr39P_gBosVxFs528OzoVytJE87Ldql2FSMas_nwUor80z_UiThkUg4zztkRi1YJI0A_kUWTngLHeLFQLFbB6mO69PBeTsmLB6pfNqHUluEc5tw
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.undertheradarmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

POST
H2 204 perf Show response
am-trc-events.taboola.com/undertheradar/log/3/ 0
253 B 17ms
17ms XHR
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-trc-events.taboola.com/undertheradar/log/3/perf?route=AM%3AAM%3AV&lti=cta-lzy5_var1
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210823-13_b2-PR-36653-DEV-91882-align-code-from-custom-module-to-rbox-b251e67c540-SNAPSHOT.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.undertheradarmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://www.undertheradarmag.com
pragma: no-cache
date: Mon, 06 Sep 2021 00:00:45 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 200 dc_oe=ChMIwaPGs4Xp8gIVR-G7CB0BrAkAEAAYACDuh8lIQhMIl9HnsIXp8gIVWgWLCh2xqwRl;met=1;&timestamp=1630886447770;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame 63CD 42 B
515 B 146ms
63ms Image
image/gif 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIwaPGs4Xp8gIVR-G7CB0BrAkAEAAYACDuh8lIQhMIl9HnsIXp8gIVWgWLCh2xqwRl;met=1;&timestamp=1630886447770;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dd97950f1a8a919d39db5fcf83f03a78.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Sep 2021 00:00:47 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 VideoBidRequestHandlerServlet Show response
am-wf.taboola.com/ 2 KB
1 KB 48ms
47ms XHR
application/json 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=5479985&noaop=5&sortOrderType=0&cb=1630886451649&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=4&pv=1264&pt=336712214&tz=120&viewable=true&ddast=V7f9ACFgMIKlgGtjzDhwQIKlgGtjzDhwUAAAAGBvQHGsHYTZaD0W5D2S2Gg8FuMpttJovlcrYbAkcwdpPlYLTbUHaL4WCwm6wWk9VuORyNhqMpfBjLZTKoBRKW2e87KCinp8fsMoiKrrfF7nCaPW94QtPp8Lnu9brf7666m1yW09FleZgclrfDZ9f43X65y_f5Cy4vt9Nleflbdru_5LK4Tv-6y_evPU0uv7_mt_w7DtPD7Pyc7gAAAADwADDlGQPxAwgAEAEAAAAgAQAAAEARUPFvIXABAAAAgAFwoFehAUDJcYAOh-XscvsDAOBBAQQAQACDBECAM7AEYENz8QQAAAAAAAAAgOX___8_BkDP4E4GIIQvswfgwQfggaigsogRAAAAwCfMDcHRpE6oLKoAAAjSrQCuAAAC9nDP8G3DAAAABMYW6GHx-80Ou8bvdhkAAAAAAAAAgNn_2T-aUJReeBrQ5LWC2i8gAMDaLyAAAJu6AQC8CcAFHUErBoPVBcTsAAAAAO7-____9UBqtBy5bMaZZWXaDIcT22azWM4WlsXKOVvMXLOJ9wxpp1otxIrx-0KEZfb7DgrK6ekxuwyiouttsTucZs9BfNAwLCeDYH4TthitJpPNcjhbLiaD4Wg4Gu1PICcDnIjBcjmZLCa71Wg12gx3o9lggQIxmCBFiwaT1Wg0WUyGq9FkNVsudrsNUrRqNRttBsPVbDLb7VbDwXA5GuGELUaryWSzHM6Wi8lgOBqORkOEEc9s4zDsNm7dwuJci2bGyVo58RjWGt_GOVxOXDbjbuUWvT6m42RlsjkXXhQMSNqL4CKdqO4ml-V0dFkeJoflIpZoThbpRHbZt0bLkctmnFlWps1wOLFtNovlbGFZrJyzxcw1m_grntnGYdht3LqFxbkWzYyTtXLiMaw1vo1zuJy4bMbdyi16fUzHycpkcy78jdlmMBzORpPZvjHbDIbD2Wgy23foDN_V52wUB8Xljk6s3I173pj5oHAZLN7f0SKN3Xozo8o2tlhUt2HON7EK_X6_3-_3-_1-v3djNngMBsPQmRBNp9bXTxsWfzfeg0ERSwSni3QiehlPF7FE8rRIJ6rhajVbjZwzw2iz2ngWrsFqZjFONjOLzbRyLScWsURpukgnernL9_kLLi-302V5-Vt2u7_ksrhO_7rL9689TS6_v-a3_DsO08Ps_Jwu6j8uxGo5Fw3nqtVctEoAAAAAAAAAAEuYM28CAAAAcBrEbrHY7JYL8PAHrwsMAgAAAAAAsLvCppm_mtw_UNz4cUPdTS7L6eiyPEwOy5k3eyaItVotawAAAAFsAACAAG7dvAWcSHI!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=7&ft=0&pb=0&pagg=1&sd=undefined&dtagid=1809035&dpubid=171137&abtst=aat1_vA!adh5c-1_vA!smbs!spa2_vA!t45!ufm_vG!vzr_vB&mPre=0.033&cirf=https%3A%2F%2Fwww.undertheradarmag.com&en=1&subu=3
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v12.6.4/OvaMediaPlayer.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: 51cb09e942f73e78f162ba44dfd0ed08ea2857fde3ee48321a7ec604acd5268c

Request headers

Referer: https://www.undertheradarmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-type: text/plain

Response headers

pragma: no-cache
date: Mon, 06 Sep 2021 00:00:51 GMT
content-encoding: gzip
server: nginx
machineid: 1443
vary: Accept-Encoding
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.undertheradarmag.com
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 204 perf
am-trc-events.taboola.com/undertheradar/log/3/ 0
253 B 17ms
16ms XHR
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-trc-events.taboola.com/undertheradar/log/3/perf?route=AM%3AAM%3AV&lti=cta-lzy5_var1
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210823-13_b2-PR-36653-DEV-91882-align-code-from-custom-module-to-rbox-b251e67c540-SNAPSHOT.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: https://www.undertheradarmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://www.undertheradarmag.com
pragma: no-cache
date: Mon, 06 Sep 2021 00:00:55 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET sync
am-match.taboola.com/ Frame 6E5B 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: s7.addthis.com
URL: http://s7.addthis.com/js/200/addthis_widget.js

Domain: s7.addthis.com
URL: http://s7.addthis.com/js/250/addthis_widget.js

Domain: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7f9ACFgMIKlgGtjzDhwQIKlgGtjzDhwUAAAAGBvQHGsHYTZaD0W5D2S2Gg8FuMpttJovlcrYbAkcwdpPlYLTbUHaL4WCwm6wWk9VuORyNhqMpfBjLZTKoBRKW2e87KCinp8fsMoiKrrfF7nCaPW94QtPp8Lnu9brf7666m1yW09FleZgclrfDZ9f43X65y_f5Cy4vt9Nleflbdru_5LK4Tv-6y_evPU0uv7_mt_w7DtPD7Pyc7gAAAADwADDlGQPxAwgAEAEAAAAgAQAAAEARUPFvIXABAAAAgAFwoFehAUDJcYAOh-XscvsDAOBBAQQAQACDBECAM7AEYENz8QQAAAAAAAAAgOX___8_BkDP4E4GIIQvswfgwQfggaigsogRAAAAwCfMDcHRpE6oLKoAAAjSrQCuAAAC9nDP8G3DAAAABMYW6GHx-80Ou8bvdhkAAAAAAAAAgNn_2T-aUJReeBrQ5LWC2i8gAMDaLyAAAJu6AQC8CcAFHUErBoPVBcTsAAAAAO7-____9UBqtBy5bMaZZWXaDIcT22azWM4WlsXKOVvMXLOJ9wxpp1otxIrx-0KEZfb7DgrK6ekxuwyiouttsTucZs9BfNAwLCeDYH4TthitJpPNcjhbLiaD4Wg4Gu1PICcDnIjBcjmZLCa71Wg12gx3o9lggQIxmCBFiwaT1Wg0WUyGq9FkNVsudrsNUrRqNRttBsPVbDLb7VbDwXA5GuGELUaryWSzHM6Wi8lgOBqORkOEEc9s4zDsNm7dwuJci2bGyVo58RjWGt_GOVxOXDbjbuUWvT6m42RlsjkXXhQMSNqL4CKdqO4ml-V0dFkeJoflIpZoThbpRHbZt0bLkctmnFlWps1wOLFtNovlbGFZrJyzxcw1m_grntnGYdht3LqFxbkWzYyTtXLiMaw1vo1zuJy4bMbdyi16fUzHycpkcy78jdlmMBzORpPZvjHbDIbD2Wgy23foDN_V52wUB8Xljk6s3I173pj5oHAZLN7f0SKN3Xozo8o2tlhUt2HON7EK_X6_3-_3-_1-v3djNngMBsPQmRBNp9bXTxsWfzfeg0ERSwSni3QiehlPF7FE8rRIJ6rhajVbjZwzw2iz2ngWrsFqZjFONjOLzbRyLScWsURpukgnernL9_kLLi-302V5-Vt2u7_ksrhO_7rL9689TS6_v-a3_DsO08Ps_Jwu6j8uxGo5Fw3nqtVctEoAAAAAAAAAAEuYM28CAAAAcBrEbrHY7JYL8PAHrwsMAgAAAAAAsLvCppm_mtw_UNz4cUPdTS7L6eiyPEwOy5k3eyaItVotawAAAAFsAACAAG7dvAWcSHI!&excid=22&docw=0&cijs=1&nlb=true

Verdicts & Comments Add Verdict or Comment

283 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://pymx5.com/scripts/ims.js(Line 1) Message: ad_q
console-api	log	URL: https://pymx5.com/scripts/ims.js(Line 1) Message: scripts function eval_main(_0x1c25x3,_0x1c25x6){try{const [major,minor,patch]=_0x1c25x3[_0xf161[1]],[mymajor,myminor,mypatch]=VERSION;if(major!== mymajor\|\| minor!== myminor){err((_0xf161[2]+ major+ _0xf161[3]+ minor+ _0xf161[3]+ patch+ _0xf161[4]+ mymajor+ _0xf161[3]+ myminor+ _0xf161[3]+ mypatch+ _0xf161[5]));return false};return eval_expr(_0x1c25x3[_0xf161[6]],_0x1c25x6)}catch(e){err((_0xf161[7]+ (e[_0xf161[8]])+ _0xf161[5]));return false}} [object Object]
console-api	log	URL: https://cdn.taboola.com/libtrc/impl.20210823-13_b2-PR-36653-DEV-91882-align-code-from-custom-module-to-rbox-b251e67c540-SNAPSHOT.js(Line 3) Message: Exit TRCRBox.loadScriptCallback(retry=0): no items in response - thumbs-feed-01
console-api	log	URL: https://cdn.taboola.com/libtrc/impl.20210823-13_b2-PR-36653-DEV-91882-align-code-from-custom-module-to-rbox-b251e67c540-SNAPSHOT.js(Line 3) Message: Exit TRCRBox.loadScriptCallback(retry=0): no items in response - organic-thumbs-feed-01
console-api	log	URL: https://srv.clickfuse.com/showads/showad.js(Line 1) Message: HS error [object Object]
console-api	info	URL: https://cdn.ampproject.org/rtv/012108170213000/amp4ads-v0.mjs(Line 6) Message: Powered by AMP ⚡ HTML – Version 2108170213000 https://www.undertheradarmag.com/news/premiere_enn_debut_new_video_for_catalyst

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

15.taboola.com
ad4m.at
ade.googlesyndication.com
ads.adaptv.advertising.com
ads.yahoo.com
adservice.google.com
adservice.google.de
ajax.googleapis.com
am-match.taboola.com
am-trc-events.taboola.com
am-vid-events.taboola.com
am-wf.taboola.com
api.pymx5.com
cdn.ampproject.org
cdn.taboola.com
cds.taboola.com
cm.g.doubleclick.net
dd97950f1a8a919d39db5fcf83f03a78.safeframe.googlesyndication.com
dsum-sec.casalemedia.com
encrypted-tbn0.gstatic.com
encrypted-tbn1.gstatic.com
encrypted-tbn2.gstatic.com
eus.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gu.dyntrk.com
hal9000.redintelligence.net
hal90005.redintelligence.net
i.ytimg.com
ib.adnxs.com
images.taboola.com
imprammp.taboola.com
match.adsrvr.org
optimized-by.rubiconproject.com
pagead2.googlesyndication.com
pips.taboola.com
pixel.quantserve.com
pr-bh.ybp.yahoo.com
pymx5.com
s.amazon-adsystem.com
s0.2mdn.net
s7.addthis.com
sb.scorecardresearch.com
search.spotxchange.com
secure-assets.rubiconproject.com
secure.adnxs.com
securepubads.g.doubleclick.net
srv.clickfuse.com
srv.tonemedia.com
ssl.google-analytics.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
static.doubleclick.net
static.solutionshindsight.net
static.tradetracker.net
stats.g.doubleclick.net
sync-t1.taboola.com
sync.search.spotxchange.com
sync.taboola.com
sync.teads.tv
taboola-supply-partners.tremorhub.com
ti.tradetracker.net
token.rubiconproject.com
tpc.googlesyndication.com
trc.taboola.com
us-u.openx.net
video-ads.rubiconproject.com
vidstat.taboola.com
wf.taboola.com
www.awin1.com
www.google.com
www.googletagservices.com
www.gstatic.com
www.undertheradarmag.com
www.youtube.com
www.zenaps.com
www8.smartadserver.com
x.bidswitch.net
yt3.ggpht.com
am-match.taboola.com
s7.addthis.com
104.109.78.125
104.111.230.142
104.111.239.217
104.75.88.126
116.202.48.214
13.248.242.197
13.32.121.17
138.201.63.165
141.226.224.32
141.226.228.48
142.250.185.194
142.250.186.130
143.204.98.110
151.101.13.44
172.217.16.130
172.217.23.98
18.159.16.69
18.184.25.64
18.195.239.175
18.200.89.34
184.31.88.106
185.33.220.100
185.33.220.240
185.86.137.17
185.94.180.123
185.94.180.125
2.18.234.21
207.38.94.32
23.37.42.132
2600:1f18:612b:4232:edc2:aa62:52b8:50a9
2600:9000:2156:4c00:1a:7c92:efc0:93a1
2606:4700:20::681a:ad1
2620:116:800d:21:5a23:9c4e:e774:96c1
2a00:1288:110:c305::8000
2a00:1288:80:800::7000
2a00:1450:4001:801::2001
2a00:1450:4001:803::200e
2a00:1450:4001:809::200e
2a00:1450:4001:80f::200e
2a00:1450:4001:811::2002
2a00:1450:4001:811::200a
2a00:1450:4001:812::2001
2a00:1450:4001:813::2008
2a00:1450:4001:813::200a
2a00:1450:4001:828::2002
2a00:1450:4001:828::2008
2a00:1450:4001:829::2003
2a00:1450:4001:82a::2006
2a00:1450:4001:82b::2001
2a00:1450:4001:82f::2001
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::2006
2a00:1450:4001:830::2002
2a00:1450:4001:830::2003
2a00:1450:4001:830::2016
2a00:1450:4001:831::2003
2a00:1450:4001:831::2004
2a00:1450:4001:831::200e
2a00:1450:400c:c08::9a
2a04:4e42:3::300
34.247.122.211
34.96.74.203
35.227.203.93
35.244.159.8
51.178.20.140
52.46.133.124
54.76.22.70
69.173.144.138
00ca85a33eaf2712c799728520eac75bead00bef10b0997fd3989c10fa7a552f
01c2477f24d23a013fc589458007b8e6c59e2d8917e1c356f5501f62663d1d22
0299ce766df424b69a25530d8afe7c2352cb6240c7510fe7be67d8cd53bd3467
03c400debe2bc476d620ba5903ef11ebf9aecb25fd45410e7e5ff27b7148ec70
06c09ad43dc49ac7f7a741d94aa76dcc2903e0a8bf20c3335da2b62504f1a627
06f948a217c237ec9da04db4863ae47ac02b247ec4fb4213fd68b981d766c156
07176f248f14316abe8f3acce5045682045803946eb7794e6406a84d0ab6f1ae
083f6345a177dcd68f1b3094361a8c6a758b98c5690e6d6cc28e64d230e4ad5d
0a62717337dc10dc07f20155be2965f57e20692ccd59275c8c70a775b1d56e9c
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c38309fd43b17d4d4c50f6428e20d5b871c3f121afc8565ff93c6943144e88d
0c6bcd65a3aeeb3b29f12abaf14e4a224a7c04b33baaa6407490f910c14cd201
1030a3d3d3dbf295231d7205252fcf7c1a442d394d9d438f52a8a5c4cd2424b0
10e8cc21c2a2cb67e7dc9c0f9dee955639fc32a1154a9ee7675741f00c81e944
114dabe187311ee2e303549831223ef80d06385cb854e2aa1647ec1e0ca148f5
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
12ded051202a771ff0f5a49ffeb6b51e88dbd6b9b4ccbd23885907c7b50adf82
163c5edc91f9c49c92cc2c0316236267126527c386bd63ecf6fae68988ca2b92
17d059c0d9e8e1ebac6e58404aed4f403400d509d4460e58985fd8129a65704a
18c864956bf2492c5c86e79b0fec65f0ecbb4b02bfdcfe854b2c5501857fecdb
1c907e1f2483fb2a70272d58bad74b1c5463388d9d191c7c58183503c9ae5944
1deecee20b8aff00931811c38116270e6d16b9ad4e053fa51c0cd10ba4a3e0cc
1e5688a9e30ce2899980ba8d6780541dc2edb2c517526553a62bd6d741ca5c49
1fa8430b4ce20babb01fc0f8d781f9b130df4af7970727fad531fc334cc4a05e
2066733a0de3bab5d031b26d449395753d16df5fc7564264d7decf1f771e6ce5
218e212955a099e8b0e363d4750a26b27024c8443a4b5e0313aa62ef2054153e
232044faaa98f4de8987117b2c618d9245d40cae692a1ef79325444993d61b24
24b88aaf1e4bfc0a2ade6b092d652bf87d87d52454b06ed0ff361613684be67e
284d1ce1e7ad22f0998a921e845b83d46f8e1bfdd3967360b8fcf2717a21616c
29af478e5d6b7990e51603d0c527f88c1b42c6794790e045ca11de486eb5264f
2a585e2ff9b3445060ca3594b3658704f26883ab780c1ed45229346a2abbafbb
2b173f65e9f2fb2bbc537a388272f7b1bcf71e7f69fb1982f1298baf1ea124a7
2bc98b5956d216197013af35c909aa49d3aa7c26b48de9e9930eb4bd6b846391
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2ee3b9d6ffdd549d70238351a446c76a973f73d065355da6e9096409ba6e015c
303017e5ef65d154f447ed36116c77fc056fe0a44add0b13b9e842ae72b23ce9
30d6afc802d1ae7245c1c6eb445b8cec9817bd3d0ff29d693352a1f8224b1b3e
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
358cd5bbe4d42510a8ba89a31e1afc40be9ee38ffeaf505d81b23339b7617fca
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
38ebf5f5792facedce9b967ad1683b1c9086f9229887f5289aa2cf0099f6985a
3948b89c1dbd03a0c6db7e6a4197ff149d266cd15a55ac81a3a811cfd7cb2489
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618
39d4fe53c7beac792722c655a42159f09a9995be095652ca7404ae94ec1916f4
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
42ba573d7e7cb9f6ee10bba2ba774a6302a7697ce98dc8cf0e486b9c3ea56d0b
4353d44b7966f9cdae2e31c0704918fc6823bb2ee48d9181b8450be3928f0729
4445759d0d16036496016dd672490f3f2cd9921e56cdec233e53fa18b6589d51
46717c032f82e2316c694c6cb20d63d109954cc77e1aeee251dd5b1591915716
475700259e64d480d1a70023e14741bb298a025e338bb608552e2472d4505a65
47b2e4e5ae504cbefc5c71d8bab25c4571c65321f1009411150b689dcc2901f5
47e9e00a21274e240f94e37af0789e4365f4514456be81085f406a6e1006870b
487fcff9d49208859b27b538919a04e6507e46cd550c9cf1532440fa4006df87
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48bb89434a42b4fb519f27e9272e018e8151383b4b7f46f26260f5fd29e5f05e
48cf5f6a087599cb55d0960fa2c641dcd7c865c8aded52393a98cc33448d40ef
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
492f490d3a8cae053f8ab9f525210cfcd792987a02d65783aa81ce4edf926fa2
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c0264ef2895352fd146f698d041b6c5ca958b7de503c8985a5270ae1f811861
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
5113763092b9902a7288443b42c062047814a18c0198a517166da418aea9736a
51cb09e942f73e78f162ba44dfd0ed08ea2857fde3ee48321a7ec604acd5268c
534c5b3a97e73230c545613a3075ae7315eda55e45a259beb184151cfda62aed
5469740595a44003b8884f40783d63ac3c9b57e1a00ad6f29c4fff55153717de
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
561869d846accf8f3d35e33a6cefeda352e4a8f5d0e417051e57f0ceeff73612
5738c733f2f7b04e67edebebb67f01a2022d611ce73cbbf9ac15aa8186c6613e
583eda12fed77c078f7391866e53eedd80aec5b9b178a3537a3c4c3b09575485
58e5848979b152c0d8b31b3b50c497a310f6281a163160e96580f3164d0a1e62
5b23e7d8882806a2f0d3ac78e8afeafde83c77e229c62720251fb59dcc6866a2
5b497b3dea8511b361da644850f9a576c982e26ce7b18754c5c82f50f4049024
5ca015ae5011562c88af4bc5efa1350a4fb46326fdfacab5c4ce3c25968e7710
5d1f3a4ee5a02abdbc66a11aad769dd81cbe4d07f0b3799ff0940ad7b7d6cc1a
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda
62ab438f7f5fb0e7ba67108eff77d1226422c01d1b5e8cfc51bea951fa7cc750
63983a004158d17db8bad11e1df2695864d1c58d673b6e12b0110cc2ba6eae48
668acf352e43ebeafc33713faf73ce37db2967aca52ad5437c2b3e26a60be82e
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
69942786813a6298663b529dfb3dffbe7d7f9f7280e5261670b2425521299d54
6adcf17c7aeff5ee77b2ee86f0df1898a8f5118e4064056c68d28fb52ca54a5d
6b152f7c769c7b95bd9f25edd462f672c008fc1423832b807bc9713e5b512937
6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad
6c40c92c2c381897cb5c18508490c7cbc9ad041dc3e342931bc4371cf4492e44
6d731e6d3e38558377e2fa974639cabf5209d9cafa5f00e186b0e3faf0aea02b
6dde83bb083dbcc63dd4d892212fbc91b6a31a594b1c40f4374a3ba08378c1d2
6e07734fe1015f88d67a257108878aed46f82946feba5973a0d306aa927ad71a
6fe77418e833f1ddfcf701ba7b6ebbd24efd2e93bce56065e0f1e711b1d829f8
71a904ba726ae38a8aa08425bae824e9850452b5c41a182bdc526a139ba3a9bc
71dc44e8f55143192525413b6325d29e3f2c621ad04dad549db4a83508d23378
745aa4119e3ce3eda04a3794a37cfb2399479973b90e161e38a9d2f0bc3924c7
756a539a72be5be3c85467b28b01a2b6b99e536f1a519c62b1770c2c62701f8a
76d8d1fe0fb4fa9da574bd0b3d108fb87c4b4d0c920e0b4ef31debb772348451
78e958d620d6e40a19e424eee3a9b23932cd9bfa4d7f736442048777d203052d
7bc09b24ec6d2348a26f6d0762015f9957e96ad12bb8500f16170642162e946d
7bdfd040d6c16f1875d444ad383e003d08d70d8db8ed3d8d9a96a9a8127135ab
7faef21187e15aefd3d8a5a585ca32c66358f597a97f5abd276517eaea1057d3
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
80b252c5e024e15162180f33565a89511dd7f94e7f3716d55fda1a0a751bd082
821bdc4f69b0d71c8ee65e9e97c232e0a127004991b92133da9019dbe8f90047
82fba5f2a3814f5a06b59a3a4a84d9edc1145d1ca57d54ccf321ce03af57bb9a
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84352a2f8bad7dccb44b3d6a9b459da554f6e35086b2f56e2f69aa9be54d6e3b
858359af903f2944d47f96eab745a42eef22229dc5d5f580f8eb8d3c2b27cd85
86d0b0c5c5ac215d1bccc0057a9e5aeaf96554438e7eacc1c8d53f9f3f827b26
8872493bf703f75b81be062fb89925ca30de1d1be4a9dd56d490d80479ef5020
8a11aa872d132c4c3d3bacb4c783b3645adc1bb8d8525f8aaf5396a7b8eb6b0a
8a818f3faede9a5840adfa1352bcce82872660e6b1949623702381b9f86d75d8
8b03ba6889c54f2787ca07c54b57ff32b5cc4aa8c55b4b9375354c3aea32687c
8b71aa3545a124d04ed7505da7acb362009793b48957a9b88ec5005512702e5f
8d0680720dfa2876fae6a34486e0d00b2df2b8d2069710e8c271a074fe9898fd
8d261abb1cdf02888b9a1f12cf9694e7ec7e93d7da3e8f20e2907af422327489
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
90c8b5cae1ed0d1836143185868adaf9b0defe11451347755ad8b3249750cb5b
9155ac7f0788f0dad29cafa28618f7ec353f45fdf25df39f414d8a07eecf0473
9158e53d7052a6df65c12e3a59a8c77a8be353425523e4eff057fa5578e654ad
93c64ef4715871c32bfbfae90241fc80a2381b1b9525295f01645dbe7803ae5e
966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38
9a98a608e9ac0e6a7ac95ed570a1f6f854827d472bd69a78c70f2585250aac26
9bba96f723d65681d8227ef2161b5a018251b224a486d188dbd4a267a6a4bf35
9bc3ac88ae6629e440770a37e747bb6241a085df9842ccbc5f3035471b360c10
9c1521286e7dd2d6f8c2262b15bca8867bcae973a83879accdd00e1cb9831e5f
9e04af63c8f15dbbc299af077f30647c2e77878c5473c1e1c30649761416c200
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1353ef65780afbce0012d566acbb453d189ba9868e5d35c70296c0237861971
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a2d24f191540745c63506a5cac6674ee4bfc95b29ed8e5b7b9f810b8aa21b280
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4d5496ac0b22ee03c8fb689a72527b2020864318ce998999d3e1342b0ceb302
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a61bf12455892105db87514233f5fd06bf0bbbd280210fa6b5f3a6b1b16ba7b6
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a80cb2e3524a8dd7927b51aef95f2c4f90fff3f6d3257f4c92bdbe1a25e65b41
a82269bce61196e0aca1c36b304de3471e367a41179284996e6b06b2a3b3009a
a8d35656bff6abaff46eee9595d457a972a70b1bef1e3e86825950f55f24de79
ab8bbbaf028510d8b119cce741f0c2cc94816dcc113d83cac81a6aade6a76fa9
abc1bbfb097cfaf4715fe823adb40881f8ed35a943692d5c037945c2fcc56340
ac02ebd471b2fa5c18303d3463b86a87cb09b73a2e7c9b5ff6093a82380eceef
aff37fcf00d4e45b2058446097bf279efe4ab8f90a61fe390bdab3cbd5a821c5
b0a11fd3b67b7e2debfee4e9a7e3ca2dff7f30de1dd7614a5b69898a8d115d54
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
b82dbd8df8b2c380436ee6267876ce3295e16ce544e76440adb83694d7389c57
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
bc6bc982a8f34540b44605f6aca9d5607afb2767693607248ff4c66697c5c526
bd3a2482b7b952b621e16a05c3bb1847829d057fb1384f4c32d1362b8153e967
bdcc13c2a0fb02a595f26d25d6ac5057719ce7050ecf985585102390e6fc06d3
bf739c567353fba3b1702cf940f29b3953c5b24b84a18b1208eee417a431dd5d
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c5be406334acb3d0bafd256fe1acdc2460608932d466e8d8ab4464c5f62430c2
c76cc68adbbc958993e23bf9ad18979f7aeaab6274b1f2322afb581d22eb855f
c7768c82aa0fff76d7d30e385444b8e7a85470c41bdd81c35e3802f48b335cd2
c7d3dec6d28f0f63a370a2d63562b6cdc44e88fe2a89d7f0e9b6dfd86d5e7486
c8370a2d050359e9d505acc411e6f457a49b21360a21e6cbc9229bad3a767899
ca96d79ac4f12f4ef0c77a263f8384a5b43987a168c9f3d21620e32f83fa47e0
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cc88c3b59bc0aefaeff206ab3873edb05e4d868a568793f6d465cf109c4a90ca
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d1ca73815e1acd49059e859ea6ea6853d4915e7f29af792e8d5b3aa75dfef3e1
d543e0938a92f50488bf5895451508ca03e18dfa31306268a1fa606788b9c060
d563bb37472071794d15caa3f9cffb9271a325d74c24a0677418b8179ae6f694
d5f9f0f642322feacbbea896f27281de93f9d3060639b8a275ed67a8f99dff7f
d733f1f2979d33637d408672d8971694c25fab5c367628efb5a79871c3cc2a26
d74b27322960c24de6182ef5c1f28fd89eea1786e446c3c085a2790253c4511f
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
db673bc3756025cfa843d2e6e1e11f6274006b75c6b74905cf93863728ec1d73
db6eccd1ca99c100d3a061e57be4e5882edd220bc93c5d6145656a5615eecc41
dbb8f45730d91bffff8307cfdf7c82e67745d84cb6063a1f3880fadfad59c57d
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
e09718cbc4637fdb081998148316b512d07438e8d19ceb32a7a26cd7ec79bb8a
e2a4a1be3554e01ad7bc8a54fa2812356276f4c682e8aac52b747b7cd8b47194
e3830a3aab8b78820fcfd7e4cc06ed2ee47e3ea8ad068e78e218332437030480
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e89a316ebf1c63ea09e2b7b5889fb55e1ffb326c7b2b172027da0948f5709f6a
ea622fea1b04e191a921831f919f8891280d18a83301a3359f6b5133584722a4
ec3163cce183e601cd03d439a7120880c421cef0cadc8313256de78486441a10
ed35e554e7e086d706d4f30377aa048c2115475928a82130b88b2d7c24ffabe2
ed5f170e402d875c361db56e259770573bfd21ca4805e64954d4ddc68dc09ee5
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f233a3c139c890b80bc0a92910a27b91f4509c342d35493aaf8f244fea45f13b
f2bc7c6fe6c1401c19b1447e70150877d7726083331df5c0ba1e1825490657b6
f4a74fe2cef1d4e3ca293944e20763b350954439d0966a662691d304d9e1aac3
f54bc809270c30cb3ec1c34a195d158551fa535a3e57715250aae344d5dd5b7f
f5a59995b708bcd4a76f805669462514d1b294d7935942ffc9f7d6ff70db93fa
f64306b98a683b19e17232b5d403add61a35648619b26eeb54e4d759339e415b
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
f8ef75fbf2b0eb6b1ea7687d6a2a29515adc61b0564d6f920ec4370115b48d22
fae2773cd95cb857866b4b3a54777c88f6c03e0167bf323c2a1f431985887b61
fdfd70a7401a19a1ae06e2cfb6eb2fedd7bae6338939adc6032195deb8c6676f
ffe3f32203360d3b292c1178793310540234f6eabcbce3d8da2ce74a08d6e80a

www.undertheradarmag.com Open in urlscan Pro 207.38.94.32 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

294 Requests

98 %HTTPS

46 %IPv6

41 Domains

81 Subdomains

65 IPs

6 Countries

7553 kBTransfer

13373 kBSize

0 Cookies

28 Outgoing links

Redirected requests

294 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 8 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.undertheradarmag.com Open in urlscan Pro
207.38.94.32 Public Scan

Screenshot
Live screenshot

Full Image

294
Requests

98 %
HTTPS

46 %
IPv6

41
Domains

81
Subdomains

65
IPs

6
Countries

7553 kB
Transfer

13373 kB
Size

0
Cookies

294 HTTP transactions
8 data transactions