urlscan.io logo urlscan.io
SecurityTrails logo

wegotthiscovered.com Open in urlscan Pro
2606:4700:10::6816:354c  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://wegotthiscovered.com/
Effective URL: https://wegotthiscovered.com/
Submission: On December 14 via manual from CA — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 136 IPs in 9 countries across 135 domains to perform 501 HTTP transactions. The main IP is 2606:4700:10::6816:354c, located in United States and belongs to CLOUDFLARENET, US. The main domain is wegotthiscovered.com. The Cisco Umbrella rank of the primary domain is 88288.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 8th 2022. Valid for: a year.
This is the only time wegotthiscovered.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 89 2606:4700:10:... 13335 (CLOUDFLAR...)
6 2607:f8b0:400... 15169 (GOOGLE)
5 8 2606:4700::68... 13335 (CLOUDFLAR...)
2 2600:9000:24f... 16509 (AMAZON-02)
3 2607:f8b0:400... 15169 (GOOGLE)
10 2607:f8b0:400... 15169 (GOOGLE)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
3 2a02:6ea0:c45... 60068 (CDN77 ^_^)
12 2607:f8b0:400... 15169 (GOOGLE)
4 2a03:2880:f03... 32934 (FACEBOOK)
2 192.0.76.3 2635 (AUTOMATTIC)
6 2607:f8b0:400... 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 151.139.128.10 20446 (STACKPATH...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
5 2606:4700::68... 13335 (CLOUDFLAR...)
1 3 108.139.47.92 16509 (AMAZON-02)
1 108.139.29.104 16509 (AMAZON-02)
3 2600:1901:0:2... 15169 (GOOGLE)
1 2600:1901:0:8... 15169 (GOOGLE)
1 35.190.59.101 15169 (GOOGLE)
2 35.201.67.47 15169 (GOOGLE)
2 35.190.91.160 15169 (GOOGLE)
1 2a04:4e42:400... 54113 (FASTLY)
3 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
2 2620:1ec:46::40 8068 (MICROSOFT...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 3.13.1.121 16509 (AMAZON-02)
1 18.213.167.233 14618 (AMAZON-AES)
1 2600:9000:21d... 16509 (AMAZON-02)
2 2001:4860:480... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
3 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
1 13.35.93.28 16509 (AMAZON-02)
11 151.101.129.44 54113 (FASTLY)
2 2a03:2880:f11... 32934 (FACEBOOK)
2 4 2620:116:800b... 14618 (AMAZON-AES)
3 143.204.144.76 16509 (AMAZON-02)
2 7 72.251.238.254 32475 (SINGLEHOP...)
2 52.33.102.212 16509 (AMAZON-02)
2 2 145.40.89.200 54825 (PACKET)
5 6 172.64.154.237 13335 (CLOUDFLAR...)
1 37.157.4.29 198622 (ADFORM)
14 14 35.211.178.172 15169 (GOOGLE)
9 11 162.19.138.119 16276 (OVH)
1 34.120.155.137 396982 (GOOGLE-CL...)
2 52.37.90.245 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
6 2607:f8b0:400... 15169 (GOOGLE)
2 34.120.157.206 396982 (GOOGLE-CL...)
10 52.4.33.45 14618 (AMAZON-AES)
2 104.36.115.111 62713 (AS-PUBMATIC)
6 10 68.67.161.208 29990 (ASN-APPNEX)
1 2606:ae80:147... 25751 (VALUECLICK)
3 13 35.244.159.8 15169 (GOOGLE)
1 2602:803:c002... 26667 (RUBICONPR...)
2 199.127.204.162 26120 (RHYTHMONE)
8 18.214.159.165 14618 (AMAZON-AES)
2 3.233.114.209 14618 (AMAZON-AES)
1 23.205.73.36 16625 (AKAMAI-AS)
4 23.20.61.58 14618 (AMAZON-AES)
2 192.35.249.142 11742 (SPOTX-IAD)
5 34.149.20.76 15169 (GOOGLE)
1 34.107.148.139 396982 (GOOGLE-CL...)
6 23.105.12.145 30633 (LEASEWEB-...)
1 69.166.1.14 27630 (AS-XFERNET)
1 3.223.224.44 14618 (AMAZON-AES)
3 63.251.114.182 32475 (SINGLEHOP...)
1 2a02:2638:1::1a 44788 (ASN-CRITE...)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2600:9000:21d... 16509 (AMAZON-02)
2 108.139.50.211 16509 (AMAZON-02)
1 52.85.61.52 16509 (AMAZON-02)
1 104.64.59.24 16625 (AKAMAI-AS)
1 108.138.128.28 16509 (AMAZON-02)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
2 20.75.32.255 8075 (MICROSOFT...)
2 22 209.54.182.161 16509 (AMAZON-02)
3 11 141.226.224.48 200478 (TABOOLA-AS)
2 52.204.129.69 14618 (AMAZON-AES)
1 162.19.138.116 16276 (OVH)
1 2001:41d0:701... 16276 (OVH)
1 1 35.214.223.115 15169 (GOOGLE)
1 1 184.87.164.21 16625 (AKAMAI-AS)
1 1 2600:9000:220... 16509 (AMAZON-02)
4 4 70.42.32.95 13789 (INTERNAP-...)
2 2 23.3.115.129 16625 (AKAMAI-AS)
1 2 35.175.61.209 14618 (AMAZON-AES)
4 10 35.173.157.165 14618 (AMAZON-AES)
4 184.87.164.200 16625 (AKAMAI-AS)
2 34.234.237.11 14618 (AMAZON-AES)
2 10 104.105.42.146 16625 (AKAMAI-AS)
3 7 198.148.27.139 19189 (PULSEPOINT)
3 4 3.218.90.66 14618 (AMAZON-AES)
5 13 35.71.139.29 16509 (AMAZON-02)
1 1 199.38.167.131 54312 (ROCKETFUEL)
8 8 199.127.204.171 26120 (RHYTHMONE)
15 15 15.197.193.217 16509 (AMAZON-02)
3 3 8.43.72.97 26667 (RUBICONPR...)
2 2 68.67.179.113 29990 (ASN-APPNEX)
1 23 3.213.224.199 14618 (AMAZON-AES)
2 2 34.200.16.206 14618 (AMAZON-AES)
4 4 23.23.131.203 14618 (AMAZON-AES)
3 4 64.202.112.127 23352 (SERVERCEN...)
3 4 44.209.207.157 14618 (AMAZON-AES)
3 5 2600:1f18:4e9... 14618 (AMAZON-AES)
2 2 34.199.177.9 14618 (AMAZON-AES)
2 2 150.136.26.45 31898 (ORACLE-BM...)
1 2 169.197.150.7 398989 (DEEPINTENT)
2 2 3.225.42.26 14618 (AMAZON-AES)
1 2 199.187.193.179 47043 (SMARTADSE...)
12 20 142.251.41.2 15169 (GOOGLE)
3 3 2606:ae80:147... 25751 (VALUECLICK)
3 3 35.207.24.140 15169 (GOOGLE)
3 52.207.45.74 14618 (AMAZON-AES)
3 4 185.167.164.49 198622 (ADFORM)
1 1 20.127.253.7 8075 (MICROSOFT...)
7 7 216.200.232.253 30419 (MEDIAMATH...)
5 5 151.101.66.49 54113 (FASTLY)
2 2 202.241.208.56 4694 (IDCF IDC ...)
2 2 185.184.8.90 204995 (RTB-HOUSE...)
3 8.28.7.81 62713 (AS-PUBMATIC)
4 4 8.43.72.98 26667 (RUBICONPR...)
3 6 69.173.151.100 26667 (RUBICONPR...)
2 3 2620:1ec:21::14 8068 (MICROSOFT...)
1 54.239.33.159 16509 (AMAZON-02)
1 28 162.248.18.37 62713 (AS-PUBMATIC)
1 54.198.16.210 14618 (AMAZON-AES)
2 3 54.243.212.30 14618 (AMAZON-AES)
4 5 107.178.246.49 15169 (GOOGLE)
2 2 34.170.123.2 396982 (GOOGLE-CL...)
3 3 2620:112:f002... 6336 (TURN-US-ASN)
2 2620:100:a001::4 19750 (AS-CRITEO)
3 2606:4700::68... 13335 (CLOUDFLAR...)
3 2607:f8b0:400... 15169 (GOOGLE)
1 2 2607:f8b0:400... 15169 (GOOGLE)
3 172.66.41.9 13335 (CLOUDFLAR...)
1 1 54.88.76.203 14618 (AMAZON-AES)
2 2 35.157.85.119 16509 (AMAZON-02)
3 8 199.187.193.204 47043 (SMARTADSE...)
2 2 74.119.119.150 19750 (AS-CRITEO)
1 1 72.34.250.75 ()
2 3 50.57.31.206 19994 (RACKSPACE)
2 2 3.135.132.32 16509 (AMAZON-02)
1 195.244.31.10 63140 (IGUANA-WO...)
1 2 96.46.186.57 7979 (SERVERS-COM)
1 82.145.213.8 39832 (NO-OPERA)
1 2a04:4e42::300 54113 (FASTLY)
1 141.226.224.32 200478 (TABOOLA-AS)
4 8.28.7.84 62713 (AS-PUBMATIC)
7 7 54.235.152.67 14618 (AMAZON-AES)
1 2 54.147.12.232 14618 (AMAZON-AES)
1 2 13.225.214.50 16509 (AMAZON-02)
1 2 204.2.255.233 2914 (NTT-LTD-2914)
1 3.215.244.255 14618 (AMAZON-AES)
2 151.101.129.108 54113 (FASTLY)
1 23.221.200.33 16625 (AKAMAI-AS)
1 2 67.202.105.31 ()
2 3 35.190.60.146 ()
2 2 107.178.254.65 ()
1 1 34.98.67.3 ()
1 2 104.18.99.194 ()
3 3 35.190.90.30 ()
1 2620:1ec:c11:... ()
6 6 67.202.105.21 ()
6 34.117.239.71 ()
2 2 173.231.178.82 ()
1 2 2606:4700::68... ()
1 1 69.90.254.78 ()
2 2 54.160.14.168 ()
1 1 34.102.163.6 ()
2 2 23.10.88.241 ()
1 35.186.193.173 ()
1 1 104.45.178.220 ()
2 2 207.198.113.87 ()
1 1 34.102.253.54 ()
501 136
89    2606:4700:10::6816:354c (United States)

ASN13335 (CLOUDFLARENET, US)
wegotthiscovered.com
6    2607:f8b0:4006:823::2003 (Nutley, United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
8    2606:4700::6810:7caf (United States)

ASN13335 (CLOUDFLARENET, US)
unpkg.com
2    2600:9000:24f1:f400:18:1fcd:351:7bc1 (United States)

ASN16509 (AMAZON-02, US)
static.chartbeat.com
3    2607:f8b0:4006:824::2008 (Nutley, United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
10    2607:f8b0:4006:820::2002 (Nutley, United States)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
googleads.g.doubleclick.net
adservice.google.ca
1    2606:4700:20::681a:68b (United States)

ASN13335 (CLOUDFLARENET, US)
btloader.com
3    2a02:6ea0:c454::1 (New York, United States)

ASN60068 (CDN77 ^_^, GB)
hb.vntsm.com
12    2607:f8b0:4006:80c::2002 (Nutley, United States)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
4    2a03:2880:f034:11a:face:b00c:0:3 (Dallas, United States)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
stats.wp.com
pixel.wp.com
6    2607:f8b0:4006:821::2001 (Nutley, United States)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
2    2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    151.139.128.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map3.hwcdn.net
s.skimresources.com
1    2606:4700::6810:3865 (United States)

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
5    2606:4700::6811:4e22 (United States)

ASN13335 (CLOUDFLARENET, US)
global.proper.io
abcheck.proper.io
eb.proper.io
3    108.139.47.92 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-139-47-92.jfk50.r.cloudfront.net
sb.scorecardresearch.com
1    108.139.29.104 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-139-29-104.jfk50.r.cloudfront.net
certify-js.alexametrics.com
3    2600:1901:0:2b56::1 (Kansas City, United States)

ASN15169 (GOOGLE, US)
superficialeyes.com
1    2600:1901:0:809c::1 (Kansas City, United States)

ASN15169 (GOOGLE, US)
terrifictooth.com
1    35.190.59.101 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 101.59.190.35.bc.googleusercontent.com
r.skimresources.com
2    35.201.67.47 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 47.67.201.35.bc.googleusercontent.com
t.skimresources.com
2    35.190.91.160 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 160.91.190.35.bc.googleusercontent.com
p.skimresources.com
1    2a04:4e42:400::714 (United States)

ASN54113 (FASTLY, US)
mab.chartbeat.com
3    2607:f8b0:4006:807::200e (Nutley, United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2607:f8b0:4006:816::200e (Nutley, United States)

ASN15169 (GOOGLE, US)
www.googleoptimize.com
2    2620:1ec:46::40 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.clarity.ms
1    2606:4700:3032::6815:4cfe (United States)

ASN13335 (CLOUDFLARENET, US)
geoip.gamurs.workers.dev
1    3.13.1.121 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-13-1-121.us-east-2.compute.amazonaws.com
redirect.prod.experiment.routing.cloudfront.aws.a2z.com
1    18.213.167.233 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-213-167-233.compute-1.amazonaws.com
ping.chartbeat.net
1    2600:9000:21dd:5200:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.adsafeprotected.com
2    2001:4860:4802:34::181 (United States)

ASN15169 (GOOGLE, US)
analytics.google.com
2    2607:f8b0:4004:c1b::9c (Washington, United States)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2607:f8b0:4006:820::2003 (Nutley, United States)

ASN15169 (GOOGLE, US)
www.google.ca
1    2606:4700:10::6816:2f8e (United States)

ASN13335 (CLOUDFLARENET, US)
hb.vntsm.io
3    2607:f8b0:4006:821::2002 (Nutley, United States)

ASN15169 (GOOGLE, US)
partner.googleadservices.com
adservice.google.com
1    2607:f8b0:4006:822::2002 (Nutley, United States)

ASN15169 (GOOGLE, US)
adservice.google.ca
1    13.35.93.28 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-93-28.jfk50.r.cloudfront.net
ats.rlcdn.com
11    151.101.129.44 (United States)

ASN54113 (FASTLY, US)
cdn.taboola.com
trc.taboola.com
match.taboola.com
2    2a03:2880:f112:83:face:b00c:0:25de (Secaucus, United States)

ASN32934 (FACEBOOK, US)
www.facebook.com
4    2620:116:800b:21:c1e8:5385:5098:6bf0 (United States)

ASN14618 (AMAZON-AES, US)
secure.quantserve.com
pixel.quantserve.com
cms.quantserve.com
3    143.204.144.76 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-144-76.ewr52.r.cloudfront.net
c.amazon-adsystem.com
7    72.251.238.254 (United States)

ASN32475 (SINGLEHOP-LLC, US)
ce.lijit.com
2    52.33.102.212 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-33-102-212.us-west-2.compute.amazonaws.com
usync.proper.io
2    145.40.89.200 (Ashburn, United States)

ASN54825 (PACKET, US)
prebid.a-mo.net
6    172.64.154.237 (United States)

ASN13335 (CLOUDFLARENET, US)
ssum.casalemedia.com
htlb.casalemedia.com
ssum-sec.casalemedia.com
1    37.157.4.29 (Denmark)

ASN198622 (ADFORM, DK)
cm.adform.net
14    35.211.178.172 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 172.178.211.35.bc.googleusercontent.com
x.bidswitch.net
11    162.19.138.119 (France)

ASN16276 (OVH, FR)
PTR: ns31533570.ip-162-19-138.eu
id5-sync.com
1    34.120.155.137 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 137.155.120.34.bc.googleusercontent.com
api.rlcdn.com
2    52.37.90.245 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-37-90-245.us-west-2.compute.amazonaws.com
bids.proper.io
1    2606:4700::6812:9fea (United States)

ASN13335 (CLOUDFLARENET, US)
player.propervideo.io
6    2607:f8b0:4006:80b::2001 (Nutley, United States)

ASN15169 (GOOGLE, US)
ea3ccfae25b80120287108a10cf363b0.safeframe.googlesyndication.com
tpc.googlesyndication.com
2    34.120.157.206 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 206.157.120.34.bc.googleusercontent.com
spc.wegotthiscovered.com
10    52.4.33.45 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-4-33-45.compute-1.amazonaws.com
c2shb.pubgw.yahoo.com
2    104.36.115.111 (United States)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
10    68.67.161.208 (New York, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 806.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
ib.adnxs.com
1    2606:ae80:1471:17::1140 (United States)

ASN25751 (VALUECLICK, US)
web.hb.ad.cpe.dotomi.com
13    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
propermedia-d.openx.net
us-u.openx.net
u.openx.net
1    2602:803:c002:200::32 (United States)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
2    199.127.204.162 (United States)

ASN26120 (RHYTHMONE, US)
tag.1rx.io
8    18.214.159.165 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-214-159-165.compute-1.amazonaws.com
g2.gumgum.com
2    3.233.114.209 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-233-114-209.compute-1.amazonaws.com
reachms.bfmio.com
1    23.205.73.36 (Edison, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-205-73-36.deploy.static.akamaitechnologies.com
a.teads.tv
4    23.20.61.58 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-23-20-61-58.compute-1.amazonaws.com
btlr.sharethrough.com
2    192.35.249.142 (Ashburn, United States)

ASN11742 (SPOTX-IAD, US)
search.spotxchange.com
5    34.149.20.76 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 76.20.149.34.bc.googleusercontent.com
ssc.33across.com
1    34.107.148.139 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 139.148.107.34.bc.googleusercontent.com
prebid.media.net
6    23.105.12.145 (Manassas, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
prg.smartadserver.com
1    69.166.1.14 (United States)

ASN27630 (AS-XFERNET, US)
apex.go.sonobi.com
1    3.223.224.44 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-223-224-44.compute-1.amazonaws.com
tlx.3lift.com
3    63.251.114.182 (United States)

ASN32475 (SINGLEHOP-LLC, US)
ap.lijit.com
1    2a02:2638:1::1a (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
bidder.criteo.com
1    2606:4700:20::ac43:4513 (United States)

ASN13335 (CLOUDFLARENET, US)
ad-delivery.net
1    2600:9000:21dd:c000:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
2    108.139.50.211 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-139-50-211.jfk50.r.cloudfront.net
aax-dtb-cf.amazon-adsystem.com
1    52.85.61.52 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-61-52.ewr53.r.cloudfront.net
geo.privacymanager.io
1    104.64.59.24 (Minneapolis, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-64-59-24.deploy.static.akamaitechnologies.com
secure.cdn.fastclick.net
1    108.138.128.28 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-128-28.jfk50.r.cloudfront.net
tags.crwdcntrl.net
1    2606:4700:10::ac43:266a (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.id5-sync.com
2    20.75.32.255 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
b.clarity.ms
22    209.54.182.161 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
11    141.226.224.48 (United States)

ASN200478 (TABOOLA-AS, IL)
us-trc-events.taboola.com
sync.taboola.com
sync-t1.taboola.com
2    52.204.129.69 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-204-129-69.compute-1.amazonaws.com
bcp.crwdcntrl.net
sync.crwdcntrl.net
1    162.19.138.116 (France)

ASN16276 (OVH, FR)
PTR: ns31533567.ip-162-19-138.eu
lb.eu-1-id5-sync.com
1    2001:41d0:701:1000::31ee (France)

ASN16276 (OVH, FR)
lbs.eu-1-id5-sync.com
1    35.214.223.115 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 115.223.214.35.bc.googleusercontent.com
csync.loopme.me
1    184.87.164.21 (Minneapolis, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a184-87-164-21.deploy.static.akamaitechnologies.com
cs.media.net
1    2600:9000:2209:fc00:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)
s.ad.smaato.net
4    70.42.32.95 (United States)

ASN13789 (INTERNAP-BLK3, US)
PTR: ny.outbrain.com
b1sync.zemanta.com
2    23.3.115.129 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-3-115-129.deploy.static.akamaitechnologies.com
stags.bluekai.com
2    35.175.61.209 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-175-61-209.compute-1.amazonaws.com
rtb.gumgum.com
10    35.173.157.165 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-173-157-165.compute-1.amazonaws.com
match.sharethrough.com
4    184.87.164.200 (Minneapolis, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a184-87-164-200.deploy.static.akamaitechnologies.com
ads.pubmatic.com
2    34.234.237.11 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-234-237-11.compute-1.amazonaws.com
sync-amz.ads.yieldmo.com
sync-adform.ads.yieldmo.com
10    104.105.42.146 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-105-42-146.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
secure-assets.rubiconproject.com
7    198.148.27.139 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
4    3.218.90.66 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-218-90-66.compute-1.amazonaws.com
ups.analytics.yahoo.com
13    35.71.139.29 (United States)

ASN16509 (AMAZON-02, US)
PTR: afb83dd09526a6517.awsglobalaccelerator.com
eb2.3lift.com
1    199.38.167.131 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
8    199.127.204.171 (United States)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
sync.targeting.unrulymedia.com
15    15.197.193.217 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
3    8.43.72.97 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel-us-east.rubiconproject.com
2    68.67.179.113 (Secaucus, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 564.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
secure.adnxs.com
23    3.213.224.199 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-213-224-199.compute-1.amazonaws.com
usersync.gumgum.com
2    34.200.16.206 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-200-16-206.compute-1.amazonaws.com
beacon.lynx.cognitivlabs.com
4    23.23.131.203 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-23-23-131-203.compute-1.amazonaws.com
sync.srv.stackadapt.com
4    64.202.112.127 (United States)

ASN23352 (SERVERCENTRAL, US)
PTR: ny.outbrain.com
sync.outbrain.com
4    44.209.207.157 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-209-207-157.compute-1.amazonaws.com
cs.emxdgt.com
e1.emxdgt.com
5    2600:1f18:4e9:5a02:67f9:8537:7e0c:43ee (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
pr-bh.ybp.yahoo.com
2    34.199.177.9 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-199-177-9.compute-1.amazonaws.com
sync.ipredictive.com
2    150.136.26.45 (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)
sync.technoratimedia.com
2    169.197.150.7 (United States)

ASN398989 (DEEPINTENT, US)
PTR: g.deepintent.com
match.deepintent.com
2    3.225.42.26 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-225-42-26.compute-1.amazonaws.com
ad.360yield.com
2    199.187.193.179 (Canada)

ASN47043 (SMARTADSERVER, CA)
ssbsync.smartadserver.com
20    142.251.41.2 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s40-in-f2.1e100.net
cm.g.doubleclick.net
3    2606:ae80:1471:13::730 (United States)

ASN25751 (VALUECLICK, US)
pulsepoint-match.dotomi.com
pubmatic-match.dotomi.com
33across-match.dotomi.com
3    35.207.24.140 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 140.24.207.35.bc.googleusercontent.com
rtb.mfadsrvr.com
3    52.207.45.74 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-207-45-74.compute-1.amazonaws.com
ads.yieldmo.com
4    185.167.164.49 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
1    20.127.253.7 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
sync.inmobi.com
7    216.200.232.253 (New Market, United States)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
5    151.101.66.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
2    202.241.208.56 (Japan)

ASN4694 (IDCF IDC Frontier Inc., JP)
tg.socdm.com
2    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
creativecdn.com
3    8.28.7.81 (United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
4    8.43.72.98 (United States)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
6    69.173.151.100 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
3    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
1    54.239.33.159 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
28    162.248.18.37 (United States)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
image2.pubmatic.com
1    54.198.16.210 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-198-16-210.compute-1.amazonaws.com
bpi.rtactivate.com
3    54.243.212.30 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-243-212-30.compute-1.amazonaws.com
i.liadm.com
5    107.178.246.49 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 49.246.178.107.bc.googleusercontent.com
pixel.tapad.com
2    34.170.123.2 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 2.123.170.34.bc.googleusercontent.com
um.simpli.fi
3    2620:112:f002:bbbb::21 (United States)

ASN6336 (TURN-US-ASN, US)
ad.turn.com
2    2620:100:a001::4 (United States)

ASN19750 (AS-CRITEO, US)
static.criteo.net
3    2606:4700::6812:19f6 (United States)

ASN13335 (CLOUDFLARENET, US)
scripts.cleverwebserver.com
ui.cleverwebserver.com
call.cleverwebserver.com
3    2607:f8b0:4006:809::2002 (Nutley, United States)

ASN15169 (GOOGLE, US)
www.googletagservices.com
2    2607:f8b0:4006:80b::2004 (Nutley, United States)

ASN15169 (GOOGLE, US)
www.google.com
3    172.66.41.9 (United States)

ASN13335 (CLOUDFLARENET, US)
resources.infolinks.com
router.infolinks.com
1    54.88.76.203 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-88-76-203.compute-1.amazonaws.com
jadserve.postrelease.com
2    35.157.85.119 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-85-119.eu-central-1.compute.amazonaws.com
ih.adscale.de
8    199.187.193.204 (Canada)

ASN47043 (SMARTADSERVER, CA)
rtb-csync.smartadserver.com
2    74.119.119.150 (United States)

ASN19750 (AS-CRITEO, US)
dis.criteo.com
1    72.34.250.75 (None, )

ASN- ()
sync.go.sonobi.com
3    50.57.31.206 (United States)

ASN19994 (RACKSPACE, US)
uipglob.semasio.net
2    3.135.132.32 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-135-132-32.us-east-2.compute.amazonaws.com
sync-dmp.mobtrakk.com
1    195.244.31.10 (Newark, United States)

ASN63140 (IGUANA-WORLDWIDE, US)
visitor.omnitagjs.com
2    96.46.186.57 (United States)

ASN7979 (SERVERS-COM, US)
ads.betweendigital.com
1    82.145.213.8 (Norway)

ASN39832 (NO-OPERA, NO)
PTR: n-sysadmin-jumpbox-03.feednews.opera.technology
t.adx.opera.com
1    2a04:4e42::300 (United States)

ASN54113 (FASTLY, US)
pips.taboola.com
1    141.226.224.32 (United States)

ASN200478 (TABOOLA-AS, IL)
cds.taboola.com
4    8.28.7.84 (United States)

ASN62713 (AS-PUBMATIC, US)
simage4.pubmatic.com
image4.pubmatic.com
7    54.235.152.67 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-235-152-67.compute-1.amazonaws.com
match.prod.bidr.io
2    54.147.12.232 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-147-12-232.compute-1.amazonaws.com
io.narrative.io
2    13.225.214.50 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-214-50.ewr50.r.cloudfront.net
aa.agkn.com
2    204.2.255.233 (United States)

ASN2914 (NTT-LTD-2914, US)
pmp.mxptint.net
1    3.215.244.255 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-215-244-255.compute-1.amazonaws.com
rtb.adentifi.com
2    151.101.129.108 (United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
1    23.221.200.33 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-221-200-33.deploy.static.akamaitechnologies.com
sync.teads.tv
2    67.202.105.31 (None, )

ASN- ()
de.tynt.com
3    35.190.60.146 (None, )

ASN- ()
id.rlcdn.com
idsync.rlcdn.com
2    107.178.254.65 (None, )

ASN- ()
pippio.com
1    34.98.67.3 (None, )

ASN- ()
tags.rd.linksynergy.com
2    104.18.99.194 (None, )

ASN- ()
p.adsymptotic.com
3    35.190.90.30 (None, )

ASN- ()
odr.mookie1.com
1    2620:1ec:c11::200 (None, )

ASN- ()
c.bing.com
6    67.202.105.21 (None, )

ASN- ()
ssc-cms.33across.com
6    34.117.239.71 (None, )

ASN- ()
events-ssc.33across.com
2    173.231.178.82 (None, )

ASN- ()
cm.adgrx.com
2    2606:4700::6812:19ad (None, )

ASN- ()
a.tribalfusion.com
s.tribalfusion.com
1    69.90.254.78 (None, )

ASN- ()
ums.acuityplatform.com
2    54.160.14.168 (None, )

ASN- ()
pm.w55c.net
1    34.102.163.6 (None, )

ASN- ()
ad.mrtnsvr.com
2    23.10.88.241 (None, )

ASN- ()
px.owneriq.net
1    35.186.193.173 (None, )

ASN- ()
ipac.ctnsnet.com
1    104.45.178.220 (None, )

ASN- ()
mweb.ck.inmobi.com
2    207.198.113.87 (None, )

ASN- ()
pixel-sync.sitescout.com
1    34.102.253.54 (None, )

ASN- ()
ads.playground.xyz
Apex Domain
Subdomains		 Transfer
91 wegotthiscovered.com
wegotthiscovered.com — Cisco Umbrella Rank: 88288
spc.wegotthiscovered.com — Cisco Umbrella Rank: 159947
2 MB
41 pubmatic.com
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 440
ads.pubmatic.com — Cisco Umbrella Rank: 470
image6.pubmatic.com — Cisco Umbrella Rank: 680
simage2.pubmatic.com — Cisco Umbrella Rank: 657
image2.pubmatic.com — Cisco Umbrella Rank: 882
simage4.pubmatic.com — Cisco Umbrella Rank: 1198
image4.pubmatic.com — Cisco Umbrella Rank: 805
aud.pubmatic.com Failed
59 KB
37 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 193
googleads.g.doubleclick.net — Cisco Umbrella Rank: 34
stats.g.doubleclick.net — Cisco Umbrella Rank: 81
cm.g.doubleclick.net — Cisco Umbrella Rank: 215
187 KB
33 gumgum.com
g2.gumgum.com — Cisco Umbrella Rank: 1310
rtb.gumgum.com — Cisco Umbrella Rank: 1523
usersync.gumgum.com — Cisco Umbrella Rank: 1986
20 KB
28 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 308
aax-dtb-cf.amazon-adsystem.com — Cisco Umbrella Rank: 492
s.amazon-adsystem.com — Cisco Umbrella Rank: 276
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1090
67 KB
24 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 451
eus.rubiconproject.com — Cisco Umbrella Rank: 547
pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 973
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 860
token.rubiconproject.com — Cisco Umbrella Rank: 551
pixel.rubiconproject.com — Cisco Umbrella Rank: 321
55 KB
24 taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 1066
trc.taboola.com — Cisco Umbrella Rank: 693
us-trc-events.taboola.com — Cisco Umbrella Rank: 6104
sync.taboola.com — Cisco Umbrella Rank: 972
match.taboola.com — Cisco Umbrella Rank: 3484
sync-t1.taboola.com — Cisco Umbrella Rank: 1270
pips.taboola.com — Cisco Umbrella Rank: 1593
cds.taboola.com — Cisco Umbrella Rank: 1674
181 KB
19 yahoo.com
c2shb.pubgw.yahoo.com — Cisco Umbrella Rank: 837
ups.analytics.yahoo.com — Cisco Umbrella Rank: 287
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 418
6 KB
17 33across.com
ssc.33across.com — Cisco Umbrella Rank: 1846
ssc-cms.33across.com
events-ssc.33across.com
5 KB
16 smartadserver.com
prg.smartadserver.com — Cisco Umbrella Rank: 1508
ssbsync.smartadserver.com — Cisco Umbrella Rank: 803
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 563
13 KB
15 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 323
8 KB
14 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 501
eb2.3lift.com — Cisco Umbrella Rank: 350
6 KB
14 sharethrough.com
btlr.sharethrough.com — Cisco Umbrella Rank: 889
match.sharethrough.com — Cisco Umbrella Rank: 506
4 KB
14 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 218
secure.adnxs.com — Cisco Umbrella Rank: 430
acdn.adnxs.com — Cisco Umbrella Rank: 579
45 KB
14 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 290
6 KB
13 openx.net
propermedia-d.openx.net — Cisco Umbrella Rank: 12578
us-u.openx.net — Cisco Umbrella Rank: 395
u.openx.net — Cisco Umbrella Rank: 667
2 KB
12 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 448
cdn.id5-sync.com — Cisco Umbrella Rank: 941
33 KB
12 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 103
ea3ccfae25b80120287108a10cf363b0.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 139
217 KB
10 lijit.com
ce.lijit.com — Cisco Umbrella Rank: 843
ap.lijit.com — Cisco Umbrella Rank: 604
12 KB
9 proper.io
global.proper.io — Cisco Umbrella Rank: 9025
abcheck.proper.io — Cisco Umbrella Rank: 9697
usync.proper.io — Cisco Umbrella Rank: 12891
bids.proper.io — Cisco Umbrella Rank: 9268
eb.proper.io — Cisco Umbrella Rank: 11623
151 KB
8 1rx.io
tag.1rx.io — Cisco Umbrella Rank: 1323
sync.1rx.io — Cisco Umbrella Rank: 503
5 KB
8 unpkg.com
unpkg.com — Cisco Umbrella Rank: 784
48 KB
7 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 476
3 KB
7 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 447
4 KB
7 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 526
5 KB
6 casalemedia.com
ssum.casalemedia.com — Cisco Umbrella Rank: 1328
htlb.casalemedia.com — Cisco Umbrella Rank: 478
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 413
5 KB
6 google.com
analytics.google.com — Cisco Umbrella Rank: 366
adservice.google.com — Cisco Umbrella Rank: 72
www.google.com — Cisco Umbrella Rank: 2
1 KB
6 skimresources.com
s.skimresources.com — Cisco Umbrella Rank: 3460
r.skimresources.com — Cisco Umbrella Rank: 3338
t.skimresources.com — Cisco Umbrella Rank: 3486
p.skimresources.com — Cisco Umbrella Rank: 4381
21 KB
6 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 388
124 KB
6 gstatic.com
fonts.gstatic.com
98 KB
5 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 400
840 B
5 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 572
1 KB
5 yieldmo.com
sync-amz.ads.yieldmo.com — Cisco Umbrella Rank: 5385
ads.yieldmo.com — Cisco Umbrella Rank: 646
sync-adform.ads.yieldmo.com — Cisco Umbrella Rank: 6470
2 KB
5 adform.net
cm.adform.net — Cisco Umbrella Rank: 1537
c1.adform.net — Cisco Umbrella Rank: 639
2 KB
5 rlcdn.com
ats.rlcdn.com — Cisco Umbrella Rank: 1579
api.rlcdn.com — Cisco Umbrella Rank: 785
id.rlcdn.com
idsync.rlcdn.com
37 KB
4 emxdgt.com
cs.emxdgt.com — Cisco Umbrella Rank: 1122
e1.emxdgt.com — Cisco Umbrella Rank: 770
1 KB
4 outbrain.com
sync.outbrain.com — Cisco Umbrella Rank: 737
1 KB
4 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 692
2 KB
4 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 560
2 KB
4 dotomi.com
web.hb.ad.cpe.dotomi.com — Cisco Umbrella Rank: 2011
pulsepoint-match.dotomi.com — Cisco Umbrella Rank: 5683
pubmatic-match.dotomi.com — Cisco Umbrella Rank: 2963
33across-match.dotomi.com
2 KB
4 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 915
pixel.quantserve.com — Cisco Umbrella Rank: 655
cms.quantserve.com — Cisco Umbrella Rank: 644
11 KB
4 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 1311
b.clarity.ms — Cisco Umbrella Rank: 9171
20 KB
4 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 152
200 KB
3 mookie1.com
odr.mookie1.com
807 B
3 semasio.net
uipglob.semasio.net — Cisco Umbrella Rank: 1157
2 KB
3 infolinks.com
resources.infolinks.com — Cisco Umbrella Rank: 6917
router.infolinks.com — Cisco Umbrella Rank: 2772
59 KB
3 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 192
141 KB
3 cleverwebserver.com
scripts.cleverwebserver.com — Cisco Umbrella Rank: 31606
ui.cleverwebserver.com — Cisco Umbrella Rank: 32165
call.cleverwebserver.com — Cisco Umbrella Rank: 33448
49 KB
3 turn.com
ad.turn.com — Cisco Umbrella Rank: 743
1 KB
3 liadm.com
i.liadm.com — Cisco Umbrella Rank: 552
1 KB
3 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 372
1 KB
3 mfadsrvr.com
rtb.mfadsrvr.com — Cisco Umbrella Rank: 937
1 KB
3 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 1211
bcp.crwdcntrl.net — Cisco Umbrella Rank: 880
sync.crwdcntrl.net — Cisco Umbrella Rank: 752
33 KB
3 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 734
dis.criteo.com — Cisco Umbrella Rank: 700
1 KB
3 google.ca
www.google.ca — Cisco Umbrella Rank: 8301
adservice.google.ca — Cisco Umbrella Rank: 13407
1 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 28
20 KB
3 superficialeyes.com
superficialeyes.com — Cisco Umbrella Rank: 82739
100 KB
3 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 156
3 KB
3 vntsm.com
hb.vntsm.com — Cisco Umbrella Rank: 24141
326 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 47
193 KB
3 chartbeat.com
static.chartbeat.com — Cisco Umbrella Rank: 1361
mab.chartbeat.com — Cisco Umbrella Rank: 2305
25 KB
2 sitescout.com
pixel-sync.sitescout.com
946 B
2 owneriq.net
px.owneriq.net
1 KB
2 w55c.net
pm.w55c.net
1 KB
2 tribalfusion.com
a.tribalfusion.com
s.tribalfusion.com
1 KB
2 adgrx.com
cm.adgrx.com
1011 B
2 adsymptotic.com
p.adsymptotic.com
477 B
2 pippio.com
pippio.com
717 B
2 tynt.com
de.tynt.com
3 KB
2 mxptint.net
pmp.mxptint.net — Cisco Umbrella Rank: 4536
965 B
2 agkn.com
aa.agkn.com — Cisco Umbrella Rank: 424
1 KB
2 narrative.io
io.narrative.io — Cisco Umbrella Rank: 2023
643 B
2 betweendigital.com
ads.betweendigital.com — Cisco Umbrella Rank: 1959
1 KB
2 mobtrakk.com
sync-dmp.mobtrakk.com — Cisco Umbrella Rank: 3337
699 B
2 adscale.de
ih.adscale.de — Cisco Umbrella Rank: 3397
630 B
2 criteo.net
static.criteo.net — Cisco Umbrella Rank: 662
58 KB
2 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 810
1 KB
2 creativecdn.com
creativecdn.com — Cisco Umbrella Rank: 565
701 B
2 socdm.com
tg.socdm.com — Cisco Umbrella Rank: 917
2 KB
2 inmobi.com
sync.inmobi.com — Cisco Umbrella Rank: 1553
mweb.ck.inmobi.com
967 B
2 360yield.com
ad.360yield.com — Cisco Umbrella Rank: 684
624 B
2 deepintent.com
match.deepintent.com — Cisco Umbrella Rank: 832
596 B
2 technoratimedia.com
sync.technoratimedia.com — Cisco Umbrella Rank: 1297
1 KB
2 ipredictive.com
sync.ipredictive.com — Cisco Umbrella Rank: 909
1019 B
2 cognitivlabs.com
beacon.lynx.cognitivlabs.com — Cisco Umbrella Rank: 1491
946 B
2 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 936
1 KB
2 bluekai.com
stags.bluekai.com — Cisco Umbrella Rank: 516
1 KB
2 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1119
lbs.eu-1-id5-sync.com — Cisco Umbrella Rank: 1332
642 B
2 sonobi.com
apex.go.sonobi.com — Cisco Umbrella Rank: 1390
sync.go.sonobi.com
2 KB
2 media.net
prebid.media.net — Cisco Umbrella Rank: 1130
cs.media.net — Cisco Umbrella Rank: 1345
2 KB
2 spotxchange.com
search.spotxchange.com — Cisco Umbrella Rank: 515
2 KB
2 teads.tv
a.teads.tv — Cisco Umbrella Rank: 1403
sync.teads.tv — Cisco Umbrella Rank: 1250
821 B
2 bfmio.com
reachms.bfmio.com — Cisco Umbrella Rank: 5970
440 B
2 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 858
1 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 113
203 B
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 211
6 KB
2 wp.com
stats.wp.com — Cisco Umbrella Rank: 2835
pixel.wp.com — Cisco Umbrella Rank: 2597
3 KB
1 playground.xyz
ads.playground.xyz
466 B
1 ctnsnet.com
ipac.ctnsnet.com
369 B
1 mrtnsvr.com
ad.mrtnsvr.com
292 B
1 acuityplatform.com
ums.acuityplatform.com
674 B
1 bing.com
c.bing.com
667 B
1 linksynergy.com
tags.rd.linksynergy.com
392 B
1 adentifi.com
rtb.adentifi.com — Cisco Umbrella Rank: 1113
35 B
1 opera.com
t.adx.opera.com — Cisco Umbrella Rank: 1713
466 B
1 omnitagjs.com
visitor.omnitagjs.com — Cisco Umbrella Rank: 827
342 B
1 postrelease.com
jadserve.postrelease.com — Cisco Umbrella Rank: 1024
548 B
1 rtactivate.com
bpi.rtactivate.com — Cisco Umbrella Rank: 1760
109 B
1 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 713
747 B
1 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 677
529 B
1 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 764
235 B
1 fastclick.net
secure.cdn.fastclick.net — Cisco Umbrella Rank: 1179
17 KB
1 privacymanager.io
geo.privacymanager.io — Cisco Umbrella Rank: 1606
595 B
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 851
2 KB
1 ad-delivery.net
ad-delivery.net — Cisco Umbrella Rank: 1056
949 B
1 propervideo.io
player.propervideo.io — Cisco Umbrella Rank: 21497
28 KB
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 840
702 B
1 vntsm.io
hb.vntsm.io — Cisco Umbrella Rank: 31788
669 B
1 adsafeprotected.com
static.adsafeprotected.com — Cisco Umbrella Rank: 544
467 B
1 chartbeat.net
ping.chartbeat.net — Cisco Umbrella Rank: 1247
201 B
1 a2z.com
redirect.prod.experiment.routing.cloudfront.aws.a2z.com
48 B
1 workers.dev
geoip.gamurs.workers.dev — Cisco Umbrella Rank: 70254
620 B
1 googleoptimize.com
www.googleoptimize.com — Cisco Umbrella Rank: 903
42 KB
1 terrifictooth.com
terrifictooth.com — Cisco Umbrella Rank: 81580
6 KB
1 alexametrics.com
certify-js.alexametrics.com — Cisco Umbrella Rank: 11961
certify.alexametrics.com Failed
2 KB
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 1038
6 KB
1 btloader.com
btloader.com — Cisco Umbrella Rank: 890
7 KB
0 bidtheatre.com Failed
match.adsby.bidtheatre.com Failed
0 usbrowserspeed.com Failed
a.usbrowserspeed.com Failed
0 onaudience.com Failed
pixel.onaudience.com Failed
0 iprom.net Failed
core.iprom.net Failed
0 truffle.bid Failed
matching.truffle.bid Failed
0 appier.net Failed
gocm.c.appier.net Failed
0 admanmedia.com Failed
cs.admanmedia.com Failed
0 primis.tech Failed
live.primis.tech Failed
501 135
Domain Requested by
89 wegotthiscovered.com 1 redirects wegotthiscovered.com
23 usersync.gumgum.com 1 redirects rtb.gumgum.com
eus.rubiconproject.com
ads.pubmatic.com
22 s.amazon-adsystem.com 2 redirects c.amazon-adsystem.com
s.amazon-adsystem.com
ap.lijit.com
rtb.gumgum.com
match.sharethrough.com
bh.contextweb.com
sync-amz.ads.yieldmo.com
eus.rubiconproject.com
ads.pubmatic.com
us-u.openx.net
eb2.3lift.com
20 simage2.pubmatic.com 1 redirects ads.pubmatic.com
s.amazon-adsystem.com
wegotthiscovered.com
20 cm.g.doubleclick.net 12 redirects sync-amz.ads.yieldmo.com
rtb.gumgum.com
eus.rubiconproject.com
wegotthiscovered.com
us-u.openx.net
eb2.3lift.com
15 match.adsrvr.org 15 redirects
14 x.bidswitch.net 14 redirects ads.pubmatic.com
13 eb2.3lift.com 5 redirects wegotthiscovered.com
global.proper.io
eb2.3lift.com
12 securepubads.g.doubleclick.net wegotthiscovered.com
securepubads.g.doubleclick.net
hb.vntsm.com
www.googletagservices.com
ea3ccfae25b80120287108a10cf363b0.safeframe.googlesyndication.com
11 id5-sync.com 9 redirects global.proper.io
hb.vntsm.com
10 match.sharethrough.com 4 redirects s.amazon-adsystem.com
match.sharethrough.com
wegotthiscovered.com
10 ib.adnxs.com 6 redirects global.proper.io
acdn.adnxs.com
10 c2shb.pubgw.yahoo.com global.proper.io
8 rtb-csync.smartadserver.com 3 redirects wegotthiscovered.com
8 image2.pubmatic.com s.amazon-adsystem.com
ads.pubmatic.com
wegotthiscovered.com
8 us-u.openx.net 2 redirects global.proper.io
us-u.openx.net
8 eus.rubiconproject.com s.amazon-adsystem.com
eus.rubiconproject.com
rtb.gumgum.com
global.proper.io
de.tynt.com
8 g2.gumgum.com global.proper.io
8 unpkg.com 5 redirects wegotthiscovered.com
7 match.prod.bidr.io 7 redirects
7 sync.taboola.com 3 redirects wegotthiscovered.com
7 sync.mathtag.com 7 redirects
7 bh.contextweb.com 3 redirects s.amazon-adsystem.com
bh.contextweb.com
wegotthiscovered.com
7 ce.lijit.com 2 redirects ap.lijit.com
wegotthiscovered.com
6 events-ssc.33across.com de.tynt.com
eus.rubiconproject.com
6 ssc-cms.33across.com 6 redirects
6 pixel.rubiconproject.com 3 redirects eus.rubiconproject.com
6 sync.1rx.io 6 redirects
6 prg.smartadserver.com global.proper.io
6 cdn.ampproject.org wegotthiscovered.com
securepubads.g.doubleclick.net
6 pagead2.googlesyndication.com wegotthiscovered.com
pagead2.googlesyndication.com
www.googletagservices.com
6 fonts.gstatic.com wegotthiscovered.com
5 pixel.tapad.com 4 redirects s.amazon-adsystem.com
5 sync-tm.everesttech.net 5 redirects
5 pr-bh.ybp.yahoo.com 3 redirects wegotthiscovered.com
us-u.openx.net
5 trc.taboola.com cdn.taboola.com
hb.vntsm.com
wegotthiscovered.com
5 ssc.33across.com global.proper.io
4 tpc.googlesyndication.com wegotthiscovered.com
ea3ccfae25b80120287108a10cf363b0.safeframe.googlesyndication.com
4 token.rubiconproject.com 4 redirects
4 c1.adform.net 3 redirects ads.pubmatic.com
4 sync.outbrain.com 3 redirects rtb.gumgum.com
4 sync.srv.stackadapt.com 4 redirects
4 ups.analytics.yahoo.com 3 redirects us-u.openx.net
4 ads.pubmatic.com s.amazon-adsystem.com
rtb.gumgum.com
global.proper.io
4 b1sync.zemanta.com 4 redirects
4 btlr.sharethrough.com global.proper.io
4 ssum.casalemedia.com 4 redirects
4 cdn.taboola.com s.skimresources.com
cdn.taboola.com
4 connect.facebook.net wegotthiscovered.com
connect.facebook.net
3 odr.mookie1.com 3 redirects
3 uipglob.semasio.net 2 redirects wegotthiscovered.com
3 sync-t1.taboola.com wegotthiscovered.com
3 www.googletagservices.com securepubads.g.doubleclick.net
ea3ccfae25b80120287108a10cf363b0.safeframe.googlesyndication.com
3 ad.turn.com 3 redirects
3 i.liadm.com 2 redirects s.amazon-adsystem.com
3 px.ads.linkedin.com 2 redirects eus.rubiconproject.com
3 image6.pubmatic.com ads.pubmatic.com
3 ads.yieldmo.com sync-amz.ads.yieldmo.com
3 rtb.mfadsrvr.com 3 redirects
3 cs.emxdgt.com 3 redirects
3 pixel-us-east.rubiconproject.com 3 redirects
3 ap.lijit.com global.proper.io
s.amazon-adsystem.com
ap.lijit.com
3 propermedia-d.openx.net global.proper.io
3 c.amazon-adsystem.com global.proper.io
c.amazon-adsystem.com
3 googleads.g.doubleclick.net pagead2.googlesyndication.com
wegotthiscovered.com
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
wegotthiscovered.com
3 superficialeyes.com wegotthiscovered.com
superficialeyes.com
3 sb.scorecardresearch.com 1 redirects wegotthiscovered.com
3 hb.vntsm.com wegotthiscovered.com
hb.vntsm.com
3 www.googletagmanager.com wegotthiscovered.com
www.googletagmanager.com
2 pixel-sync.sitescout.com 2 redirects
2 px.owneriq.net 2 redirects
2 pm.w55c.net 2 redirects
2 cm.adgrx.com 2 redirects
2 p.adsymptotic.com 1 redirects eb2.3lift.com
2 pippio.com 2 redirects
2 id.rlcdn.com 2 redirects
2 de.tynt.com 1 redirects global.proper.io
2 acdn.adnxs.com global.proper.io
2 pmp.mxptint.net 1 redirects wegotthiscovered.com
2 image4.pubmatic.com wegotthiscovered.com
2 aa.agkn.com 1 redirects wegotthiscovered.com
2 io.narrative.io 1 redirects wegotthiscovered.com
2 simage4.pubmatic.com ads.pubmatic.com
2 ads.betweendigital.com 1 redirects wegotthiscovered.com
2 u.openx.net 1 redirects wegotthiscovered.com
2 sync-dmp.mobtrakk.com 2 redirects
2 dis.criteo.com 2 redirects
2 ih.adscale.de 2 redirects
2 match.taboola.com wegotthiscovered.com
2 resources.infolinks.com ea3ccfae25b80120287108a10cf363b0.safeframe.googlesyndication.com
wegotthiscovered.com
2 www.google.com 1 redirects wegotthiscovered.com
2 static.criteo.net global.proper.io
hb.vntsm.com
2 um.simpli.fi 2 redirects
2 secure-assets.rubiconproject.com 2 redirects
2 creativecdn.com 2 redirects
2 tg.socdm.com 2 redirects
2 ssbsync.smartadserver.com 1 redirects wegotthiscovered.com
2 ad.360yield.com 2 redirects
2 match.deepintent.com 1 redirects rtb.gumgum.com
2 sync.technoratimedia.com 2 redirects
2 sync.ipredictive.com 2 redirects
2 beacon.lynx.cognitivlabs.com 2 redirects
2 secure.adnxs.com 2 redirects
2 sync.targeting.unrulymedia.com 2 redirects
2 cms.quantserve.com 2 redirects
2 rtb.gumgum.com 1 redirects s.amazon-adsystem.com
2 stags.bluekai.com 2 redirects
2 b.clarity.ms www.clarity.ms
hb.vntsm.com
2 aax-dtb-cf.amazon-adsystem.com c.amazon-adsystem.com
2 search.spotxchange.com global.proper.io
2 reachms.bfmio.com global.proper.io
2 tag.1rx.io global.proper.io
2 hbopenbid.pubmatic.com global.proper.io
2 spc.wegotthiscovered.com wegotthiscovered.com
2 ea3ccfae25b80120287108a10cf363b0.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 bids.proper.io global.proper.io
hb.vntsm.com
2 prebid.a-mo.net 2 redirects
2 usync.proper.io wegotthiscovered.com
2 www.facebook.com wegotthiscovered.com
2 adservice.google.com pagead2.googlesyndication.com
securepubads.g.doubleclick.net
2 adservice.google.ca pagead2.googlesyndication.com
securepubads.g.doubleclick.net
2 stats.g.doubleclick.net www.googletagmanager.com
www.google-analytics.com
2 analytics.google.com www.googletagmanager.com
2 abcheck.proper.io wegotthiscovered.com
2 www.clarity.ms www.googletagmanager.com
www.clarity.ms
2 p.skimresources.com wegotthiscovered.com
2 t.skimresources.com wegotthiscovered.com
s.skimresources.com
2 global.proper.io wegotthiscovered.com
global.proper.io
2 cdnjs.cloudflare.com wegotthiscovered.com
2 static.chartbeat.com wegotthiscovered.com
1 ads.playground.xyz 1 redirects
1 mweb.ck.inmobi.com 1 redirects
1 ipac.ctnsnet.com ads.pubmatic.com
1 ad.mrtnsvr.com 1 redirects
1 ums.acuityplatform.com 1 redirects
1 s.tribalfusion.com ads.pubmatic.com
1 a.tribalfusion.com 1 redirects
1 33across-match.dotomi.com 1 redirects
1 c.bing.com eb2.3lift.com
1 idsync.rlcdn.com us-u.openx.net
1 tags.rd.linksynergy.com 1 redirects
1 sync.teads.tv global.proper.io
1 rtb.adentifi.com wegotthiscovered.com
1 pubmatic-match.dotomi.com 1 redirects
1 sync.crwdcntrl.net wegotthiscovered.com
1 cds.taboola.com hb.vntsm.com
1 pips.taboola.com hb.vntsm.com
1 t.adx.opera.com wegotthiscovered.com
1 visitor.omnitagjs.com wegotthiscovered.com
1 sync.go.sonobi.com 1 redirects
1 e1.emxdgt.com wegotthiscovered.com
1 jadserve.postrelease.com 1 redirects
1 router.infolinks.com resources.infolinks.com
1 call.cleverwebserver.com wegotthiscovered.com
1 ui.cleverwebserver.com wegotthiscovered.com
1 scripts.cleverwebserver.com wegotthiscovered.com
1 bpi.rtactivate.com s.amazon-adsystem.com
1 aax-eu.amazon-adsystem.com eus.rubiconproject.com
1 eb.proper.io hb.vntsm.com
1 ssum-sec.casalemedia.com 1 redirects
1 sync.inmobi.com 1 redirects
1 sync-adform.ads.yieldmo.com sync-amz.ads.yieldmo.com
1 pulsepoint-match.dotomi.com 1 redirects
1 p.rfihub.com 1 redirects
1 sync-amz.ads.yieldmo.com s.amazon-adsystem.com
1 s.ad.smaato.net 1 redirects
1 cs.media.net 1 redirects
1 csync.loopme.me 1 redirects ads.pubmatic.com
1 lbs.eu-1-id5-sync.com hb.vntsm.com
1 lb.eu-1-id5-sync.com hb.vntsm.com
1 bcp.crwdcntrl.net hb.vntsm.com
1 us-trc-events.taboola.com wegotthiscovered.com
1 pixel.quantserve.com wegotthiscovered.com
1 cdn.id5-sync.com wegotthiscovered.com
1 tags.crwdcntrl.net wegotthiscovered.com
1 secure.cdn.fastclick.net wegotthiscovered.com
1 geo.privacymanager.io ats.rlcdn.com
1 rules.quantcount.com secure.quantserve.com
1 ad-delivery.net hb.vntsm.com
1 bidder.criteo.com global.proper.io
1 tlx.3lift.com global.proper.io
1 htlb.casalemedia.com global.proper.io
1 apex.go.sonobi.com global.proper.io
1 prebid.media.net global.proper.io
1 a.teads.tv global.proper.io
1 fastlane.rubiconproject.com global.proper.io
1 web.hb.ad.cpe.dotomi.com global.proper.io
1 player.propervideo.io global.proper.io
1 api.rlcdn.com global.proper.io
1 cm.adform.net wegotthiscovered.com
1 secure.quantserve.com global.proper.io
1 ats.rlcdn.com hb.vntsm.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 hb.vntsm.io hb.vntsm.com
1 www.google.ca wegotthiscovered.com
1 static.adsafeprotected.com superficialeyes.com
1 ping.chartbeat.net wegotthiscovered.com
1 redirect.prod.experiment.routing.cloudfront.aws.a2z.com wegotthiscovered.com
1 geoip.gamurs.workers.dev wegotthiscovered.com
1 www.googleoptimize.com www.googletagmanager.com
1 pixel.wp.com wegotthiscovered.com
1 mab.chartbeat.com static.chartbeat.com
1 r.skimresources.com s.skimresources.com
1 terrifictooth.com wegotthiscovered.com
1 certify-js.alexametrics.com wegotthiscovered.com
1 static.cloudflareinsights.com wegotthiscovered.com
1 s.skimresources.com wegotthiscovered.com
1 stats.wp.com wegotthiscovered.com
1 btloader.com wegotthiscovered.com
0 match.adsby.bidtheatre.com Failed wegotthiscovered.com
0 a.usbrowserspeed.com Failed wegotthiscovered.com
0 pixel.onaudience.com Failed wegotthiscovered.com
0 aud.pubmatic.com Failed wegotthiscovered.com
0 core.iprom.net Failed ads.pubmatic.com
0 matching.truffle.bid Failed ads.pubmatic.com
0 gocm.c.appier.net Failed ads.pubmatic.com
0 cs.admanmedia.com Failed wegotthiscovered.com
0 live.primis.tech Failed wegotthiscovered.com
0 certify.alexametrics.com Failed wegotthiscovered.com
501 220

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.youtube.com
instagram.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-05-08 -
2023-05-08		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.chartbeat.com
Thawte RSA CA 2018		 2022-05-06 -
2023-06-03		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-11-07 -
2023-01-30		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.vntsm.com
Sectigo RSA Domain Validation Secure Server CA		 2022-03-14 -
2023-04-08		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-09-22 -
2022-12-21		 3 months crt.sh
*.wp.com
Sectigo ECC Domain Validation Secure Server CA		 2022-11-14 -
2023-12-15		 a year crt.sh
misc-sni.google.com
GTS CA 1C3		 2022-11-07 -
2023-01-30		 3 months crt.sh
*.skimresources.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-10-25 -
2023-11-08		 a year crt.sh
proper.io
Cloudflare Inc ECC CA-3		 2022-05-07 -
2023-05-07		 a year crt.sh
*.scorecardresearch.com
Amazon		 2022-01-29 -
2023-02-27		 a year crt.sh
certify-js.alexametrics.com
Amazon		 2022-05-30 -
2023-06-27		 a year crt.sh
superficialeyes.com
R3		 2022-11-13 -
2023-02-11		 3 months crt.sh
terrifictooth.com
R3		 2022-11-16 -
2023-02-14		 3 months crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1		 2022-12-01 -
2023-12-01		 a year crt.sh
*.prod.experiment.routing.cloudfront.aws.a2z.com
Amazon		 2022-09-12 -
2023-10-11		 a year crt.sh
*.chartbeat.net
Thawte RSA CA 2018		 2021-12-01 -
2022-12-30		 a year crt.sh
static.adsafeprotected.com
Amazon		 2022-08-06 -
2023-09-04		 a year crt.sh
*.google.com
GTS CA 1C3		 2022-11-07 -
2023-01-30		 3 months crt.sh
*.google.ca
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2022-11-07 -
2023-01-30		 3 months crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2022-02-03 -
2023-02-25		 a year crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-28 -
2022-12-29		 a year crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-09 -
2023-09-09		 a year crt.sh
c.amazon-adsystem.com
Amazon		 2022-05-09 -
2023-04-18		 a year crt.sh
*.id5-sync.com
R3		 2022-11-09 -
2023-02-07		 3 months crt.sh
*.proper.io
Sectigo RSA Domain Validation Secure Server CA		 2022-01-10 -
2023-02-09		 a year crt.sh
spc.gamepur.com
GTS CA 1D4		 2022-11-20 -
2023-02-18		 3 months crt.sh
web.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-08-02 -
2023-01-25		 6 months crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2022-06-13 -
2023-07-14		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
ad.cpe.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2022-05-31 -
2023-07-02		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-08 -
2023-04-04		 a year crt.sh
*.1rx.io
Sectigo RSA Domain Validation Secure Server CA		 2022-06-28 -
2023-07-29		 a year crt.sh
*.gumgum.com
Amazon		 2022-09-14 -
2023-10-11		 a year crt.sh
*.bfmio.com
Amazon		 2022-04-16 -
2023-05-15		 a year crt.sh
teads.tv
R3		 2022-10-27 -
2023-01-25		 3 months crt.sh
*.sharethrough.com
Amazon		 2022-07-14 -
2023-08-12		 a year crt.sh
*.spotxchange.com
GeoTrust RSA CA 2018		 2022-03-11 -
2023-03-29		 a year crt.sh
ssc.33across.com
GTS CA 1D4		 2022-11-11 -
2023-02-09		 3 months crt.sh
*.media.net
Sectigo RSA Domain Validation Secure Server CA		 2022-04-06 -
2023-05-04		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-25 -
2023-01-25		 a year crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2		 2021-12-08 -
2023-01-09		 a year crt.sh
*.3lift.com
Amazon		 2022-05-13 -
2023-06-11		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2022-06-27 -
2023-06-05		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-10-31 -
2023-01-26		 3 months crt.sh
quantserve.com
R3		 2022-11-11 -
2023-02-09		 3 months crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon		 2022-06-15 -
2023-06-15		 a year crt.sh
*.privacymanager.io
Amazon		 2022-08-26 -
2023-09-24		 a year crt.sh
secure.cdn.fastclick.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-12-02 -
2023-12-02		 a year crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2		 2022-05-01 -
2023-06-02		 a year crt.sh
a.clarity.ms
Microsoft Azure TLS Issuing CA 02		 2022-06-07 -
2023-06-02		 a year crt.sh
s.amazon-adsystem.com
Amazon		 2022-05-09 -
2023-04-21		 a year crt.sh
*.eu-1-id5-sync.com
R3		 2022-11-09 -
2023-02-07		 3 months crt.sh
*.ads.yieldmo.com
Amazon		 2022-04-25 -
2023-05-24		 a year crt.sh
*.contextweb.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-04-07 -
2023-05-08		 a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2022-05-02 -
2023-06-03		 a year crt.sh
*.ad-server.k8s.ggops.com
Amazon		 2022-02-09 -
2023-03-10		 a year crt.sh
aax-eu.amazon-adsystem.com
Amazon		 2022-07-20 -
2023-07-19		 a year crt.sh
rtactivate.com
Amazon		 2022-04-13 -
2023-05-12		 a year crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-11-08 -
2023-02-04		 3 months crt.sh
cleverwebserver.com
Cloudflare Inc ECC CA-3		 2022-09-06 -
2023-09-05		 a year crt.sh
www.google.com
GTS CA 1C3		 2022-11-07 -
2023-01-30		 3 months crt.sh
*.emxdgt.com
Go Daddy Secure Certificate Authority - G2		 2022-05-18 -
2023-06-19		 a year crt.sh
omnitagjs.com
Sectigo RSA Domain Validation Secure Server CA		 2022-06-21 -
2023-07-21		 a year crt.sh
*.adx.opera.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-05-18 -
2023-06-18		 a year crt.sh
*.agkn.com
RapidSSL Global TLS RSA4096 SHA256 2022 CA1		 2022-09-06 -
2023-09-21		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-11-08 -
2023-05-03		 6 months crt.sh
adentifi.com
Amazon		 2022-08-05 -
2023-09-03		 a year crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1		 2022-03-11 -
2023-04-11		 a year crt.sh
*.tynt.com
Sectigo RSA Domain Validation Secure Server CA		 2022-09-07 -
2023-09-30		 a year crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-09-27 -
2023-03-22		 6 months crt.sh
www.bing.com
Microsoft RSA TLS CA 02		 2022-11-25 -
2023-05-25		 6 months crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-20 -
2023-09-20		 a year crt.sh
*.ctnsnet.com
DigiCert SHA2 Secure Server CA		 2022-09-27 -
2023-03-08		 5 months crt.sh

This page contains 69 frames:

Primary Page: https://wegotthiscovered.com/
Frame ID: F54C62B57EBAEFFD284C16D837320271
Requests: 266 HTTP requests in this frame

Frame: https://t.skimresources.com/api/v2/robots.txt?__skimjs_preflight__please_ignore__=true&rnd=0.5844727282495852
Frame ID: 91105CA3FFA4BA0970A4BDF46C981983
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20190131/zrt_lookup.html
Frame ID: 8A68B240AB5CDD47987CED98F4A84688
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-9356934496955375&output=html&adk=2018173897&adf=1110508544&lmt=1671034191&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&plas=212x945_l%7C212x945_r&format=0x0&url=https%3A%2F%2Fwegotthiscovered.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671034191235&bpp=4&bdt=579&idt=445&shv=r20221207&mjsv=m202212060101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4155275238978&frm=20&pv=2&ga_vid=424637361.1671034192&ga_sid=1671034192&ga_hid=1569105561&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777877%2C31071250%2C44779793%2C44780792&oid=2&pvsid=891223950869516&tmod=689586137&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=481
Frame ID: 5FBD81FCC90673DB3F4361F42E6D43C9
Requests: 1 HTTP requests in this frame

Frame: https://ea3ccfae25b80120287108a10cf363b0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 33492C0C5CFB9FB70A277DBCF4FA1489
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=gg_n-mediagrid_n-LoopMe_n-MediaNet_n-smaato_n-sharethrough_pm-db5_ym_rbd_ppt_n-vmg_sovrn_3lift_n-Outbrain&dcc=t
Frame ID: 1897CE2F9A3ABAF547182CD88994573F
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-LoopMe_n-MediaNet_n-smaato_n-sharethrough_pm-db5_ym_rbd_ppt_n-vmg_sovrn_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Frame ID: 0AC652A6BC8ED841B9268B856CE51421
Requests: 6 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Frame ID: 65A2258A41247EB5DB21C0AAFCABFD26
Requests: 16 HTTP requests in this frame

Frame: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D%24UID&gdpr=0
Frame ID: 48F73E03F9AD7303E28458344B05D381
Requests: 6 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID&gdpr=0
Frame ID: ADC9D932812C8E49D6E9EB87719287B8
Requests: 12 HTTP requests in this frame

Frame: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID&gdpr=0
Frame ID: CCFA3ED602D94150E6AB895D5186E203
Requests: 7 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east&gdpr=0
Frame ID: B19B994FC536301CAE350E486E313C1C
Requests: 11 HTTP requests in this frame

Frame: https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint&reat=1
Frame ID: 9900B3076C4F2D241B2757719F56326D
Requests: 4 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS1lZlZSRWdkRTJ1Szh3NndLWnJETDhLajlBT0Z5ZEUyWX5B&gdpr=0&gdpr_consent=
Frame ID: 88FE6EF01E440FDFCF61A46AFC29AD0E
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon/amazon?url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%24UID&ex=sovrn.com&gdpr=0
Frame ID: A85BA6270FF8050127C37A17736288C7
Requests: 7 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=1250384648292139624446
Frame ID: D64DA6F5D98D05659E084AB5E088225F
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=inm&i=ID5-98c07V5StUEuuA9u2inNrd1e0jZ3TUrJTvgPKqDCYw
Frame ID: 1DA51585547CA0F2338A08052BB75464
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Frame ID: 531DEADEDD43DA262195110B994CD488
Requests: 13 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=ttd&i=997c6bb6-4d6a-4c32-99f1-9938e3153312
Frame ID: 7E91414F10A3E73D866055B329DD8AFC
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=mmh&i=06da6399-f551-4a00-926c-8d29a9ba9bf9&gdpr=0&gdpr_consent=
Frame ID: EB710D4B67728D14836242907DA3BAE9
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=atm&i=Y5n1UAAD-IvXyAAp&gdpr=0&gdpr_consent=&_test=Y5n1UAAD-IvXyAAp
Frame ID: 0E774B11EF12496D7C18D9A78DA19D2C
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=dV83Y2NhYjU1NC1hMzlhLTQxMjctYmY3NC1lYWRhOTg1MzhiN2M=&gdpr=0&gdpr_consent=
Frame ID: D666BEF554F7C26901DA6A442E7DF82F
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=emx&i=1981009107925892549brt53561671034192977898b4
Frame ID: F1C21BD260FDE6EA8693FD7B4F1C2AA3
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=sus&i=Y5n1UcCo5uYAAN4rASAAAAAA
Frame ID: E3945E6224E13352E1BA48E5F0487076
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=iex&i=Y5n1UI-ukMrIm6KlMC8NBQAA%26097
Frame ID: FB0C5F642493CCB417F4FC6910C1A103
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=rth&i=mg3D0MDulkFhBL7sQERK&pi=gumgum&tc=1
Frame ID: 7FE9B4FC3E4964DC98B71710680CBE6B
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: 67FEE643063ECD3EB2C194F799BB1890
Requests: 3 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y5n1UAAD-IvXyAAp&gdpr=0&gdpr_consent=
Frame ID: 089988540503F29C2134654E6B41FD20
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=PM_UIDA4AEF537-FE6F-4C13-8C83-341BA583EED8
Frame ID: C14C9F9B31785BB4894848DFEFCA5E6E
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssmTlttatbk8pa9MCgUxgMf906MU7TAFX9U_rvP2uZtwmW8VmJOL1Y8D4y7xn43iYmNSqgl43sRrJnlZnuv_ckdeZNC8dVsNnHFeOSp9rzzCECwXioUpDXiwLT_If4w-w0yGgl7Iqf4__kNMFEZ_5KocCz5vzjW-Yd-wx7A942upRwioMGE6MRiWlMAmnPNcjE_7QYVyEwFMKM0aNENlbgCr6kKEkXMZskKR2MquR1nZK_fz5khc9PXFhjqNJuZJn8VWpP1xJm0mBsDW0VDibSMc0nI4hUEDCUC_qmdy8aiWo84M6Z4OUwDCEuH8k2LYyQzNCB4BftWeHz35DAF4olMPSndGCms95Nl9n66x09dEGAxmlMAlryT&sai=AMfl-YR7oJJeFBrmh6XqxAlbqcFYb3VrMG-R8ipFaRE7OIS0j0rphT7YfFljNv8gFBUjSYuAqnT7AjIxEiQXH2uK88BnOwEGyFuvFpFLg1tR56V1V0SJwsYbKKvqNvWzXL2ScA&sig=Cg0ArKJSzLRFEQDb-D7hEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 9EEA6CBE89E7D8E4288E74F81FCE9442
Requests: 5 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/032211111611000/amp4ads-v0.mjs
Frame ID: 822E951454D33B52ED75AA3C5AFDF244
Requests: 13 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuw0M-ZoBm9U48URiCgiiAtmMDpqicIZgpjZkQM_zv1OSXbCsLSC1JlZHBKeOR2tj0I9QWLoI9qJHu8mMwbJeC1LxmCr_jVBDSUZAeVhWK1byNES6lJH7FdxLDb_Qj1hwtibSHOStYBoGXgJRaDiTqv1NjgeESRaEpMFhwD2ilUOWdv75yJ4VOJwtlCtHuUZRMaonc8GQxm1bTZRoHQ_k2XKn7G8xWr_o0aNM3zkZp_bvu7yu2-GKlBJRH4UfQJifSqD51s51xT_6ZQ6ZtlTy2KBFlQMzbKUbOWiDK0Nw0QSE7RpYHdlnLs1MOdK_TEh_mnTU0IsDtncFIJRwDNVQD62pWDBBXrxJMRvA&sai=AMfl-YRqey3p9Mwz6zFH1maVuA5wjvMBw-JRhlC_0UxxgjNwoskw3bLM9X15VmmG93-ioomdAA6nEHMuuHzcnYcgtbhkxaIQEmhCRWGActVuWD1z_rjkH2O0gHv8JIzsvX5n7A&sig=Cg0ArKJSzIo172T5RZlTEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: FAFDFCBB2EFE3400B30B78C92525FAA5
Requests: 4 HTTP requests in this frame

Frame: https://ea3ccfae25b80120287108a10cf363b0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 4D1C462BA96C1BF7D08B26C6DC63B311
Requests: 9 HTTP requests in this frame

Frame: https://router.infolinks.com/usync/manage?pid=null&wsid=0&pdom=ea3ccfae25b80120287108a10cf363b0.safeframe.googlesyndication.com&purl=https%3A%2F%2Fea3ccfae25b80120287108a10cf363b0.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html
Frame ID: D7229504A8D8AF50BF4151C8EB736306
Requests: 1 HTTP requests in this frame

Frame: https://sync.taboola.com/sg/nativortb-network/1/rtb-h/?taboola_hm=f9e5c081-fe81-4535-b631-31dddabfd978
Frame ID: 2A2699F63CF5F38F0FCD301077E1F9FF
Requests: 24 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=A4AEF537-FE6F-4C13-8C83-341BA583EED8&redir=true&gdpr=0&gdpr_consent=
Frame ID: AD56ADF9AB14442E7DAD274F266D53E1
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:06da6399-f551-4a00-926c-8d29a9ba9bf9&gdpr=0&gdpr_consent=
Frame ID: B57616475A76DBD23173AAF02291FEDF
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AACLck7HM-sAAB86hc-7JA&gdpr=0
Frame ID: EAE32F2BA3DFA8D3F4FE94F76FAE646A
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1981009107925892549&gdpr=0&gdpr_consent=
Frame ID: 7E90FD67EF6A2C2BD4BB8123C5E9C7EA
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=pbm&i=A4AEF537-FE6F-4C13-8C83-341BA583EED8
Frame ID: B2EAED74DCFD0CCFCD8FED94D8CA03DB
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 8334C9D1A9F25951C99890ADC4733F36
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?gdpr_consent=undefined
Frame ID: 9873C942B1C5841464C931245A10417E
Requests: 2 HTTP requests in this frame

Frame: https://sync.teads.tv/iframe?gdprIab=%7B%22status%22%3A0%7D
Frame ID: 10724ABCFDA5A9F55F1E61B717DC686E
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 4629B654E58FDFEA99A1C4DBF47D30C7
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: A8FED260DFEA240CCE31A3FB71CF5137
Requests: 10 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: 68244C5BD97CFCC33F7CF8A598254DD1
Requests: 11 HTTP requests in this frame

Frame: https://us-u.openx.net/w/1.0/pd?plm=10&ph=d7066e05-92d3-4e83-b4f2-cbee552a2f6b&gdpr=0?gdpr=0&gdpr_consent=
Frame ID: A157425DE77E29376B984A6378457741
Requests: 11 HTTP requests in this frame

Frame: https://de.tynt.com/deb/v2?m=xch&rt=html&id=ahOcs-0hSr66bCaKj0P0Le&gdpr_consent=undefined&us_privacy=undefined&b=1
Frame ID: EB4A7D15964564EEA826D5B7D5300389
Requests: 6 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Frame ID: 418FC086AEC38C96AA490781474529AB
Requests: 3 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=A4AEF537-FE6F-4C13-8C83-341BA583EED8&gdpr=0&gdpr_consent=
Frame ID: 8CB6C64427A8749F29D08C31A635B700
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Frame ID: C3DEFFBFA33DC008EF5BA16F6D6245A8
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw&piggybackCookie=di_0911f15f9cf946e793d50
Frame ID: 7ACE4D283919C2A60265654B50C0DC90
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=w4KHY5OEi2rYh4ZrxYKTapSG2zzYgo4-x4PSpyxs
Frame ID: 9D46C543219276727EB41A2B5D3A9143
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=c264b1de-7bc9-11ed-a828-3609417223ba
Frame ID: 798A316072A5338059B4D1B83C21DDD7
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=WHLlBE6uTaJQmgHiIBBCPZU4mbI
Frame ID: 604C23D1B82CFBF8A59181CE0F9BA976
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: E041EEF9C26FC87C3D84841E8F4D6E66
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=720184224890
Frame ID: C765C6BC3C97441D9197C92ABBBE3A41
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:l7LKkdlB1P5ukv5&gdpr=0&gdpr_consent=
Frame ID: A232DAC4D598CBD9FA6CDAD701BF7A39
Requests: 1 HTTP requests in this frame

Frame: https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-3c49f9d5-efde-48bf-9333-85d620ba79bc-005&rndcb=6503377067
Frame ID: 2BD1E3A8627F26C93EDF805706EAF080
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=hUBXFPxtp
Frame ID: BF59BAA2B20A142CB56C8AB19B9E8958
Requests: 1 HTTP requests in this frame

Frame: https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
Frame ID: 71A42E9A953813ED017D3130CA76E56D
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=6feb1287-f053-4db3-ad86-95b45ce03a78&r=https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=${PUBMATIC_UID}
Frame ID: 3D3A90103CCBDDCC56535AAC1BEFEA21
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7243205991984157157
Frame ID: CE065D580D45028337DEF3A16C67520A
Requests: 1 HTTP requests in this frame

Frame: https://gocm.c.appier.net/pubmatic
Frame ID: 8E6B4B9627E128CA64036861E6918FFE
Requests: 1 HTTP requests in this frame

Frame: https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Frame ID: A1BFF01A8F12A636BD041B399DE69ABF
Requests: 1 HTTP requests in this frame

Frame: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Frame ID: 7A082B6BECC2B250182DD3DB7B1C6EF3
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Frame ID: 2A5EDBD27ED21DAB998E2EDD60F99C95
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA==&piggybackCookie=63240202-9f70-46b2-8343-02c6696d9969
Frame ID: 9B01C93A5E1DDE69195C50BA0F8E0B82
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:17BD8B118D044169A1A34790A1D678EB&gdpr=0&gdpr_consent=
Frame ID: 0677DD0C16281A25512C9D8371F93083
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Movie News, Gaming News, Blu-Ray News, Music News, and TV News | We Got This Covered

Page URL History Show full URLs

  1. http://wegotthiscovered.com/ HTTP 301
    https://wegotthiscovered.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • chartbeat\.js
Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googleoptimize\.com/optimize\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • [^a-z]mtc.*\.js
Overall confidence: 100%
Detected patterns
  • ([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • \.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

501
Requests

76 %
HTTPS

28 %
IPv6

135
Domains

220
Subdomains

136
IPs

9
Countries

4297 kB
Transfer

10687 kB
Size

202
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://wegotthiscovered.com/ HTTP 301
    https://wegotthiscovered.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 9
  • https://unpkg.com/swiper@8/swiper-bundle.min.css?ver=6.1.1 HTTP 302
  • https://unpkg.com/swiper@8/swiper-bundle.min.css HTTP 302
  • https://unpkg.com/swiper@8.4.5/swiper-bundle.min.css
Request Chain 14
  • https://unpkg.com/swiper@8/swiper-bundle.min.js?ver=6.1.1 HTTP 302
  • https://unpkg.com/swiper@8/swiper-bundle.min.js HTTP 302
  • https://unpkg.com/swiper@8.4.5/swiper-bundle.min.js
Request Chain 95
  • https://unpkg.com/web-vitals/dist/web-vitals.iife.js HTTP 302
  • https://unpkg.com/web-vitals@3.1.0/dist/web-vitals.iife.js
Request Chain 141
  • https://sb.scorecardresearch.com/b?c1=2&c2=6035334&cs_it=b3&cv=3.8.0.210223&ns__t=1671034191323&ns_c=UTF-8&gdpr=0&gdpr_p1t=&gdpr_li=&gdpr_purps=&gdpr_pcc=&cs_cmp_nc=1&cs_cmp_id=9&cs_cmp_sv=4&cs_cmp_rt=155&c7=https%3A%2F%2Fwegotthiscovered.com%2F&c8=Movie%20News%2C%20Gaming%20News%2C%20Blu-Ray%20News%2C%20Music%20News%2C%20and%20TV%20News%20%7C%20We%20Got%20This%20Covered&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=2&c2=6035334&cs_it=b3&cv=3.8.0.210223&ns__t=1671034191323&ns_c=UTF-8&gdpr=0&gdpr_p1t=&gdpr_li=&gdpr_purps=&gdpr_pcc=&cs_cmp_nc=1&cs_cmp_id=9&cs_cmp_sv=4&cs_cmp_rt=155&c7=https%3A%2F%2Fwegotthiscovered.com%2F&c8=Movie%20News%2C%20Gaming%20News%2C%20Blu-Ray%20News%2C%20Music%20News%2C%20and%20TV%20News%20%7C%20We%20Got%20This%20Covered&c9=
Request Chain 163
  • https://ce.lijit.com/merge?pid=263069&3pid=b11784ec-3e01-4aa3-93d1-ad5261985a8a&location=https%3A%2F%2Fusync.proper.io%2Fv1%2Fusersync%3Fbidder%3Dsovrn%26proper_uid%3Db11784ec-3e01-4aa3-93d1-ad5261985a8a%26uid%3D%5BSOVRNID%5D&&callback=window.proper_cbe5e8fd_3de5b774_1 HTTP 302
  • https://ce.lijit.com/merge?pid=263069&3pid=b11784ec-3e01-4aa3-93d1-ad5261985a8a&location=https%3A%2F%2Fusync.proper.io%2Fv1%2Fusersync%3Fbidder%3Dsovrn%26proper_uid%3Db11784ec-3e01-4aa3-93d1-ad5261985a8a%26uid%3D%5BSOVRNID%5D&callback=window.proper_cbe5e8fd_3de5b774_1&dnr=1 HTTP 302
  • https://usync.proper.io/v1/usersync?bidder=sovrn&proper_uid=b11784ec-3e01-4aa3-93d1-ad5261985a8a&uid=F0MJZRZHbpf7bCPATJW_DVk3
Request Chain 164
  • https://prebid.a-mo.net/cchain/0?cb=https%3A%2F%2Fusync.proper.io%2Fv1%2Fusersync%3Fbidder%3Dadaptmx%26proper_uid%3Db11784ec-3e01-4aa3-93d1-ad5261985a8a%26uid%3D&&callback=window.proper_70a75f16_2e7d06f8_2 HTTP 302
  • https://ssum.casalemedia.com/usermatchredir?s=191503&gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F12842%3Fgdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26A%3D2c379494-1969-40d4-bfd5-8fbd6da4c741%26bidder%3Dindex_rtb%26cbx%3DaHR0cHM6Ly91c3luYy5wcm9wZXIuaW8vdjEvdXNlcnN5bmM_YmlkZGVyPWFkYXB0bXgmcHJvcGVyX3VpZD1iMTE3ODRlYy0zZTAxLTRhYTMtOTNkMS1hZDUyNjE5ODVhOGEmdWlkPQ%253D%253D%26uid%3D HTTP 302
  • https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F12842%3Fgdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26A%3D2c379494-1969-40d4-bfd5-8fbd6da4c741%26bidder%3Dindex_rtb%26cbx%3DaHR0cHM6Ly91c3luYy5wcm9wZXIuaW8vdjEvdXNlcnN5bmM_YmlkZGVyPWFkYXB0bXgmcHJvcGVyX3VpZD1iMTE3ODRlYy0zZTAxLTRhYTMtOTNkMS1hZDUyNjE5ODVhOGEmdWlkPQ%253D%253D%26uid%3D&gdpr=0&gdpr_consent=&s=191503&us_privacy=&C=1 HTTP 302
  • https://prebid.a-mo.net/cchain/0/12842?gdpr=&gdpr_consent=&us_privacy=&A=2c379494-1969-40d4-bfd5-8fbd6da4c741&bidder=index_rtb&cbx=aHR0cHM6Ly91c3luYy5wcm9wZXIuaW8vdjEvdXNlcnN5bmM_YmlkZGVyPWFkYXB0bXgmcHJvcGVyX3VpZD1iMTE3ODRlYy0zZTAxLTRhYTMtOTNkMS1hZDUyNjE5ODVhOGEmdWlkPQ%3D%3D&uid=Y5n1UI-ukMrIm6KlMC8NBQAA%26097 HTTP 302
  • https://cm.adform.net/cookie?gdpr=0&gdpr_consent=&redirect_url=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F2%2F12842%3Fgdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26A%3D2c379494-1969-40d4-bfd5-8fbd6da4c741%26bidder%3Dadform%26cbx%3DaHR0cHM6Ly91c3luYy5wcm9wZXIuaW8vdjEvdXNlcnN5bmM_YmlkZGVyPWFkYXB0bXgmcHJvcGVyX3VpZD1iMTE3ODRlYy0zZTAxLTRhYTMtOTNkMS1hZDUyNjE5ODVhOGEmdWlkPQ%253D%253D%26uid%3D%24UID
Request Chain 165
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fusync.proper.io%2Fv1%2Fusersync%3Fbidder%3Dmediagrid%26proper_uid%3Db11784ec-3e01-4aa3-93d1-ad5261985a8a%26uid%3D%24%7BBSW_UUID%7D?&callback=window.proper_f8f25056_9af1d7ff_3 HTTP 302
  • https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fusync.proper.io%2Fv1%2Fusersync%3Fbidder%3Dmediagrid%26proper_uid%3Db11784ec-3e01-4aa3-93d1-ad5261985a8a%26uid%3D%24%7BBSW_UUID%7D?&callback=window.proper_f8f25056_9af1d7ff_3 HTTP 302
  • https://usync.proper.io/v1/usersync?bidder=mediagrid&proper_uid=b11784ec-3e01-4aa3-93d1-ad5261985a8a&uid=7b5323bb-b935-48d8-9c26-c80be97a43e2
Request Chain 247
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=gg_n-mediagrid_n-LoopMe_n-MediaNet_n-smaato_n-sharethrough_pm-db5_ym_rbd_ppt_n-vmg_sovrn_3lift_n-Outbrain HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=gg_n-mediagrid_n-LoopMe_n-MediaNet_n-smaato_n-sharethrough_pm-db5_ym_rbd_ppt_n-vmg_sovrn_3lift_n-Outbrain&dcc=t
Request Chain 253
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dmediagrid.com%26id%3D%24%7BBSW_UUID%7D?gdpr=0 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=mediagrid.com&id=7b5323bb-b935-48d8-9c26-c80be97a43e2
Request Chain 254
  • https://csync.loopme.me/?pubid=11405&redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dloopme.com%26id%3D%7Bviewer_token%7D&gdpr=0 HTTP 307
  • https://s.amazon-adsystem.com/ecm3?ex=loopme.com&id=ed49b2e6-f8c1-4c12-a691-e3917b81df89&gdpr=0
Request Chain 255
  • https://cs.media.net/cksync?cs=31&type=tam&redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dmedia.net%26id%3D%3Cvsid%3E&gdpr=0 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=media.net&id=3140357921454604000V10
Request Chain 256
  • https://s.ad.smaato.net/c/?adExInit=aps&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsmaato.com%26id%3D%24UID HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=smaato.com&id=42595f74
Request Chain 257
  • https://b1sync.zemanta.com/usersync/amazon_tam/?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Doutbrain.com%26id%3D__ZUID__&gdpr=0 HTTP 302
  • https://stags.bluekai.com/site/23178?id=mTbM_PDZkUnOk2sN-Eq5&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS64ZOMFWWC6TPNYWWCZDTPFZXIZLNFZRW63JPMVRW2MZ7MV4D233VORRHEYLJNYXGG33NEZSXQY3IMFXGOZJ5MFWWC6TPNZPXIYLNEZTWI4DSHUYCM2LEHVWVIYSNL5IEIWTLKVXE62ZSONHC2RLRGU&gdpr=0 HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS64ZOMFWWC6TPNYWWCZDTPFZXIZLNFZRW63JPMVRW2MZ7MV4D233VORRHEYLJNYXGG33NEZSXQY3IMFXGOZJ5MFWWC6TPNZPXIYLNEZTWI4DSHUYCM2LEHVWVIYSNL5IEIWTLKVXE62ZSONHC2RLRGU HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=outbrain.com&gdpr=0&id=mTbM_PDZkUnOk2sN-Eq5
Request Chain 263
  • https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint HTTP 302
  • https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint&reat=1
Request Chain 264
  • https://ups.analytics.yahoo.com/ups/58251/sync?redir=true&gdpr=0 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS1lZlZSRWdkRTJ1Szh3NndLWnJETDhLajlBT0Z5ZEUyWX5B&gdpr=0&gdpr_consent=
Request Chain 266
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID&gdpr=0 HTTP 302
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=1250384648292139624446
Request Chain 268
  • https://x.bidswitch.net/sync?ssp=fmx&gdpr=0&gdpr_consent= HTTP 302
  • https://p.rfihub.com/cm?in=1&pub=20513&ssp=fmx HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=119&user_id=970314636365225337&expires=30&ssp=fmx HTTP 302
  • https://ce.lijit.com/merge?pid=26&3pid=7b5323bb-b935-48d8-9c26-c80be97a43e2&gdpr=&gdpr_consent=
Request Chain 269
  • https://cms.quantserve.com/pixel/p-CXt61zNBpKUt1.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=43&gdpr=0&gdpr_consent=&us_privacy=&3pid=IIxyAHCKfgk7iXMIJoxmCXeILl87jHtdJI2FrXbg
Request Chain 271
  • https://sync.1rx.io/usersync2/sovrn?gdpr=0&gdpr_consent= HTTP 302
  • https://sync.1rx.io/usersync2/sovrn?zcc=1&cb=1671034192841 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=7230906578 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/997c6bb6-4d6a-4c32-99f1-9938e3153312 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-77fec9f2-4673-4ae3-bc03-e59e362dc17d-005?redir=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D56%263pid%3DRX-77fec9f2-4673-4ae3-bc03-e59e362dc17d-005 HTTP 302
  • https://ce.lijit.com/merge?pid=56&3pid=RX-77fec9f2-4673-4ae3-bc03-e59e362dc17d-005
Request Chain 272
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=sovrn&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=80&3pid=LBNUM2RU-1L-EX1I&gdpr=0
Request Chain 277
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP 302
  • https://usersync.gumgum.com/usersync?b=apn&i=1981009107925892549
Request Chain 278
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=u_7ccab554-a39a-4127-bf74-eada98538b7c&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://beacon.lynx.cognitivlabs.com/bidSwitch.gif?bidswitch_ssp_id=gumgum2&bsw_custom_parameter=7b5323bb-b935-48d8-9c26-c80be97a43e2 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=425&user_group=1&expires=365&user_id=6feb1287-f053-4db3-ad86-95b45ce03a78&ssp=gumgum2&bsw_param=7b5323bb-b935-48d8-9c26-c80be97a43e2 HTTP 302
  • https://usersync.gumgum.com/usersync?b=bsw&i=7b5323bb-b935-48d8-9c26-c80be97a43e2
Request Chain 279
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sta&i=0-f23d63d8-e932-44b7-4405-2b19d3d242f3$ip$149.56.153.178
Request Chain 280
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=u_7ccab554-a39a-4127-bf74-eada98538b7c&gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__ HTTP 302
  • https://stags.bluekai.com/site/23178?id=mTbM_PDZkUnOk2sN-Eq5&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT23KUMJGV6UCELJVVK3SPNMZHGTRNIVYTK&gdpr=0 HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT23KUMJGV6UCELJVVK3SPNMZHGTRNIVYTK HTTP 302
  • https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=mTbM_PDZkUnOk2sN-Eq5
Request Chain 281
  • https://sync.1rx.io/usersync2/floor6?gdpr=0&gdpr_consent=&dspret=1&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3D%5BRX_UUID%5D HTTP 302
  • https://sync.1rx.io/usersync2/floor6?zcc=1&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3D%5BRX_UUID%5D&cb=1671034192886 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6052485174 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/93c076c2-e894-440e-8e6d-f5adaa53e805 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-3c49f9d5-efde-48bf-9333-85d620ba79bc-005?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-3c49f9d5-efde-48bf-9333-85d620ba79bc-005 HTTP 302
  • https://usersync.gumgum.com/usersync?b=rhy&i=RX-3c49f9d5-efde-48bf-9333-85d620ba79bc-005
Request Chain 282
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
  • https://usersync.gumgum.com/usersync?b=pln&i=27cPaxkCOrgI&ev=1&pid=558355
Request Chain 283
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%28dcJ9KM2cma4T8SA9mgNPDetSv4ujerJuo7Hp5adzZk5y_Up-XVuAGDr5tYPt-8gh%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28dcJ9KM2cma4T8SA9mgNPDetSv4ujerJuo7Hp5adzZk5y_Up-XVuAGDr5tYPt-8gh%29 HTTP 302
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=u_7ccab554-a39a-4127-bf74-eada98538b7c&obuid=ENC(dcJ9KM2cma4T8SA9mgNPDetSv4ujerJuo7Hp5adzZk5y_Up-XVuAGDr5tYPt-8gh) HTTP 302
  • https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51 HTTP 302
  • https://cs.emxdgt.com/um?gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING&us_privacy=$CCPA&redirect=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Demx%26uid%3D%24UID%26obUid%3DdcJ9KM2cma4T8SA9mgNPDetSv4ujerJuo7Hp5adzZk5y_Up-XVuAGDr5tYPt-8gh%26gdpr%3D%24GDPR_APPLIES%26gdpr_consent%3D%24CONSNT_STRING%26us_privacy%3D%24CCPA HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=emx&uid=1981009107925892549brt53561671034192977898b4&obUid=dcJ9KM2cma4T8SA9mgNPDetSv4ujerJuo7Hp5adzZk5y_Up-XVuAGDr5tYPt-8gh&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING&us_privacy=$CCPA
Request Chain 284
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=opx&i=95861fc5-bf93-4d02-ae7c-7557cdef6831
Request Chain 285
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=oth&i=y-mZqqlcxE2pdCxmDYaIER.AxO8Qv__eOT.x5g~A
Request Chain 286
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=vnt&i=afa8db5b-44ca-4d73-8160-48f9204a24d4
Request Chain 287
  • https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D HTTP 307
  • https://usersync.gumgum.com/usersync?b=snc&i=4D3DF0D7BAC9425DB7F50065A2D4D6E6
Request Chain 289
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=idi&i=01bbe14e-4143-40c8-aba8-d1ec7ffbb6ed
Request Chain 290
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sad&i=9124950748540668363
Request Chain 293
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=1 HTTP 302
  • https://ssum.casalemedia.com/usermatchredir?s=186046&cb=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3DGM7HYz3VFjuymbiqnJLyjuPy%26source_user_id%3D__UID__ HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=GM7HYz3VFjuymbiqnJLyjuPy&source_user_id=Y5n1UI-ukMrIm6KlMC8NBQAA%26097
Request Chain 294
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=2 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=93c076c2-e894-440e-8e6d-f5adaa53e805&gdpr=0&gdpr_consent=
Request Chain 295
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=3 HTTP 302
  • https://ssum.casalemedia.com/usermatchredir?s=186046&cb=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3DGM7HYz3VFjuymbiqnJLyjuPy%26source_user_id%3D__UID__ HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=GM7HYz3VFjuymbiqnJLyjuPy&source_user_id=Y5n1UI-ukMrIm6KlMC8NBQAA%26097
Request Chain 296
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=4 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=93c076c2-e894-440e-8e6d-f5adaa53e805&gdpr=0&gdpr_consent=
Request Chain 297
  • https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=eE01Nm13cWx6V0hLc0YxTWhFNk1pQQ&gdpr=0&gdpr_consent= HTTP 302
  • https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=0&gdpr_consent=&ev=CAESEPE6d2IFMRvu0yzzkJRl2-0&google_cver=1
Request Chain 298
  • https://pulsepoint-match.dotomi.com/match/bounce/current?networkId=14200&version=1&nuid= HTTP 302
  • https://bh.contextweb.com/bh/rtset?do=add&pid=530912&ev=AQELLgBqvmfkuAIPy-PDAQEBAQE&expiration=1671120592&nuid=
Request Chain 302
  • https://rtb.mfadsrvr.com/sync?ssp=yieldmo HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=yieldmo HTTP 302
  • https://ads.yieldmo.com/v000/sync?pn_id=mf&userid=444423ab-625a-4b88-8a2d-0db6b44631cc&gdpr=&gdpr_pd=&gdpr_consent=
Request Chain 303
  • https://sync.srv.stackadapt.com/sync?nid=21 HTTP 302
  • https://ads.yieldmo.com/sync?pn_id=stk&userid=WHLlBE6uTaJQmgHiIBBCPZU4mbI&gdpr=&gdpr_consent=
Request Chain 304
  • https://c1.adform.net/serving/cookie/match?party=1283 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=1283 HTTP 302
  • https://sync-adform.ads.yieldmo.com/sync?pn_id=adfm&id=2517055552523061229
Request Chain 305
  • https://ib.adnxs.com/getuid?https://ads.yieldmo.com/v000/sync?userid=$UID&pn_id=an HTTP 302
  • https://ads.yieldmo.com/v000/sync?userid=1981009107925892549&pn_id=an
Request Chain 306
  • https://sync.inmobi.com/oRTB?gdpr_consent=&gdpr=0&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dinm%26i%3D%7BID5UID%7D HTTP 302
  • https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=0&callback=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dinm%26i%3D%7BID5UID%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=inm&i=ID5-98c07V5StUEuuA9u2inNrd1e0jZ3TUrJTvgPKqDCYw
Request Chain 308
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=ttd&i=997c6bb6-4d6a-4c32-99f1-9938e3153312
Request Chain 309
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2fusersync.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d HTTP 302
  • https://usersync.gumgum.com/usersync?b=mmh&i=06da6399-f551-4a00-926c-8d29a9ba9bf9&gdpr=0&gdpr_consent=
Request Chain 310
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=Y5n1UAAD-IvXyAAp HTTP 302
  • https://usersync.gumgum.com/usersync?b=atm&i=Y5n1UAAD-IvXyAAp&gdpr=0&gdpr_consent=&_test=Y5n1UAAD-IvXyAAp
Request Chain 312
  • https://cs.emxdgt.com/um?redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID&gdpr=0&gdpr_consent= HTTP 302
  • https://ib.adnxs.com/getuid?https://cs.emxdgt.com/umcheck?apnxid=$UID&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24EMXUID&b64_redirect=aHR0cHM6Ly91c2Vyc3luYy5ndW1ndW0uY29tL3VzZXJzeW5jP2I9ZW14Jmk9JEVNWFVJRA== HTTP 302
  • https://cs.emxdgt.com/umcheck?apnxid=1981009107925892549&redirect=https://usersync.gumgum.com/usersync?b=emx&i=$EMXUID&b64_redirect=aHR0cHM6Ly91c2Vyc3luYy5ndW1ndW0uY29tL3VzZXJzeW5jP2I9ZW14Jmk9JEVNWFVJRA== HTTP 302
  • https://usersync.gumgum.com/usersync?b=emx&i=1981009107925892549brt53561671034192977898b4
Request Chain 313
  • https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
  • https://usersync.gumgum.com/usersync?b=sus&i=Y5n1UcCo5uYAAN4rASAAAAAA
Request Chain 314
  • https://ssum-sec.casalemedia.com/usermatchredir?s=189872&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=iex&i=Y5n1UI-ukMrIm6KlMC8NBQAA%26097
Request Chain 315
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1 HTTP 302
  • https://usersync.gumgum.com/usersync?b=rth&i=mg3D0MDulkFhBL7sQERK&pi=gumgum&tc=1
Request Chain 316
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=gumgum
Request Chain 318
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=a9us&gdpr=0&gdpr=0&us_privacy=1---&khaos=LBNUM2RU-1L-EX1I HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=LBNUM2RU-1L-EX1I&ex=d-rubiconproject.com&status=ok&gdpr=0&us_privacy=1---
Request Chain 321
  • https://token.rubiconproject.com/token?pid=25470&gdpr=0&us_privacy=1--- HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEJOVU0yUlUtMUwtRVgxSQ==&gdpr=0&us_privacy=1---
Request Chain 322
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=0&us_privacy=1--- HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/HBUGNBIHK7PjEqizB_mSnMn5EUdSAgOZEtemQ7w0kco?csrc=&gdpr=0&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-kenKwIJE2oLIFWgV2gyNkuutsIeMcTEL8qCDiQ--~A
Request Chain 323
  • https://match.adsrvr.org/track/cmf/rubicon?gdpr=0&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=93c076c2-e894-440e-8e6d-f5adaa53e805&gdpr=0&gdpr_consent=&expires=30
Request Chain 324
  • https://token.rubiconproject.com/token?pid=36584&gdpr=0&us_privacy=1--- HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LBNUM2RU-1L-EX1I&gdpr=0&us_privacy=1---
Request Chain 325
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=3tO7YZczTpCKKUK8FhHQIg&rk=usync-na&gdpr=0 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=3tO7YZczTpCKKUK8FhHQIg&gdpr=0
Request Chain 326
  • https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=0&us_privacy=1--- HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MDIyYTg1ZWRlZmUzNTE0YmFkMmFlNTZiNzdjYzIyZDYyOWE5OGE4OA&gdpr=0&us_privacy=1---
Request Chain 327
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr=0&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESENYF5Y6XeK7-ejVvYxSdbYU&google_cver=1
Request Chain 329
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y5n1UAAD-IvXyAAp&gdpr=0&gdpr_consent=
Request Chain 331
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=pK71N_5vTBOMgzQbpYPu2A%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 333
  • https://i.liadm.com/s/75145?bidder_id=195755&bidder_uuid=A4AEF537-FE6F-4C13-8C83-341BA583EED8 HTTP 303
  • https://i.liadm.com/s/75145?bidder_id=195755&bidder_uuid=A4AEF537-FE6F-4C13-8C83-341BA583EED8&_li_chk=true&previous_uuid=69456f9ee88840a9a0818ec6cdc784c8 HTTP 303
  • https://sync.mathtag.com/sync/img?mt_exid=36&redir=https%3A%2F%2Fi.liadm.com%2Fs%2Fe%2F75145%2F0%2F4d2d7caa475b4e09b5e2c7ee08f3f644%3Fmpid%3D7156%26muid%3D%5BMM_UUID%5D&69456f9e-e888-40a9-a081-8ec6cdc784c8 HTTP 302
  • https://i.liadm.com/s/e/75145/0/4d2d7caa475b4e09b5e2c7ee08f3f644?mpid=7156&muid=06da6399-f551-4a00-926c-8d29a9ba9bf9
Request Chain 334
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=A4AEF537-FE6F-4C13-8C83-341BA583EED8 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3371&partner_device_id=A4AEF537-FE6F-4C13-8C83-341BA583EED8 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=6c551e27-dcdd-4dc1-8730-3eee73720388%252C&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=93c076c2-e894-440e-8e6d-f5adaa53e805&ttd_puid=6c551e27-dcdd-4dc1-8730-3eee73720388%2C
Request Chain 335
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QTRBRUY1MzctRkU2Ri00QzEzLThDODMtMzQxQkE1ODNFRUQ4&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 336
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEP_x4-th1p1N3k6F8dn8YP8&google_cver=1
Request Chain 337
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:17BD8B118D044169A1A34790A1D678EB
Request Chain 338
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8139544075377708909&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 339
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=93c076c2-e894-440e-8e6d-f5adaa53e805&gdpr=0&gdpr_consent=
Request Chain 341
  • https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&gdpr_consent=undefined&gdpr=0&us_privacy=1---&khaos=LBNUM2RU-1L-EX1I HTTP 302
  • https://usersync.gumgum.com/usersync?b=mag&i=LBNUM2RU-1L-EX1I&gdpr=0&gdpr_consent=undefined&us_privacy=1---
Request Chain 367
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 379
  • https://jadserve.postrelease.com/suid/101956?ntv_r=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fnativortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3DNTV_USER_ID HTTP 302
  • https://sync.taboola.com/sg/nativortb-network/1/rtb-h/?taboola_hm=f9e5c081-fe81-4535-b631-31dddabfd978
Request Chain 380
  • https://tg.socdm.com/aux/idsync?proto=taboola HTTP 302
  • https://sync.taboola.com/sg/supershiprtb-display-network/1/rtb-h?taboola_hm=Y5n1UcCo5uYAAN4rASAAAAAA HTTP 302
  • https://match.taboola.com/sg/supershiprtb-display-network/1/rtb-h?taboola_hm=Y5n1UcCo5uYAAN4rASAAAAAA&tbid=a3e0988e-1f42-483f-bead-3fa183d011e7-tucta937ad0&query=taboola_hm%3DY5n1UcCo5uYAAN4rASAAAAAA&isDirect=0
Request Chain 381
  • https://ih.adscale.de/su?gdpr=0&gdpr_consent=&tpid=22688&cburl=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fstroerrtbeur-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D__STROEER_USER_ID__ HTTP 302
  • https://ih.adscale.de/su?gdpr=0&gdpr_consent=&tpid=22688&cburl=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fstroerrtbeur-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D__STROEER_USER_ID__&nut&uu=1091dbfd0cc849fab7ca09fc29ababf1 HTTP 302
  • https://sync.taboola.com/sg/stroerrtbeur-network/1/rtb-h/?taboola_hm=1091dbfd0cc849fab7ca09fc29ababf1
Request Chain 383
  • https://pixel.rubiconproject.com/exchange/sync.php?p=16698 HTTP 302
  • https://trc.taboola.com/sg/rubicon-network-display/1/rtb-h/?taboola_hm=LBNUM2RU-1L-EX1I
Request Chain 384
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc HTTP 302
  • https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEPxVR15Zn2HqKoDCD2zoroc&google_cver=1
Request Chain 386
  • https://sync.taboola.com/sg/google-network/1/rtb?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dtaboola_dbm%26google_sc%26gdpr%3D0%26gdpr_consent%3D&orig=trc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=a3e0988e-1f42-483f-bead-3fa183d011e7-tucta937ad0
Request Chain 387
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1 HTTP 302
  • https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=93c076c2-e894-440e-8e6d-f5adaa53e805
Request Chain 392
  • https://dis.criteo.com/dis/usersync.aspx?r=29&p=282&cp=taboolaortb&cu=1&url=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fcriteortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%40%40CRITEO_USERID%40%40 HTTP 302
  • https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=80becde9-4329-4c56-beef-32b3459c8116
Request Chain 393
  • https://id5-sync.com/s/464/9.gif?puid=a3e0988e-1f42-483f-bead-3fa183d011e7-tucta937ad0&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fid5-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%7BID5UID%7D HTTP 302
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F434%2F6%2F2.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&consent= HTTP 302
  • https://id5-sync.com/c/464/434/6/2.gif?puid=dab1d30c-63ac-4954-8a7d-b1d1c4b75e7b&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/id5/1/get?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F112%2F5%2F3.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://id5-sync.com/c/464/112/5/3.gif?puid=3D8AC039F37BDE77&gdpr=0&gdpr_consent= HTTP 302
  • https://ib.adnxs.com/getuid?https://id5-sync.com/c/464/2/4/4.gif?puid=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/464/2/4/4.gif?puid=1981009107925892549&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.mathtag.com/sync/img?mt_exid=10089&mt_exuid=ID5-98c07V5StUEuuA9u2inNrd1e0jZ3TUrJTvgPKqDCYw&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F3%2F3%2F5.gif%3Fpuid%3D%5BUUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/464/3/3/5.gif?puid=06da6399-f551-4a00-926c-8d29a9ba9bf9&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F108%2F2%2F6.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/464/108/2/6.gif?puid=6c551e27-dcdd-4dc1-8730-3eee73720388&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/k/264.gif?puid=93c076c2-e894-440e-8e6d-f5adaa53e805&ttl=%%TTL%% HTTP 302
  • https://rtb.gumgum.com/getuid/id5?r=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F441%2F0%2F8.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/464/441/0/8.gif?puid=u_7ccab554-a39a-4127-bf74-eada98538b7c&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.taboola.com/sg/id5-network/1/rtb-h/?taboola_hm=ID5-98c07V5StUEuuA9u2inNrd1e0jZ3TUrJTvgPKqDCYw
Request Chain 394
  • https://x.bidswitch.net/sync?ssp=taboola&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://sync-dmp.mobtrakk.com/match/bidswitch?id=${user_id}&gdpr=0&consent=&usp=1---&ssp=taboola&bsw=7b5323bb-b935-48d8-9c26-c80be97a43e2 HTTP 302
  • https://sync-dmp.mobtrakk.com/match/bidswitch?id=%24%7Buser_id%7D&gdpr=0&consent=&usp=1---&ssp=taboola&bsw=7b5323bb-b935-48d8-9c26-c80be97a43e2&chk=1 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=457&user_id=MTdjODYxYTI3OWYxYWMw&gdpr=0&gdpr_consent=&us_privacy=1---&ssp=taboola&bsw_param=7b5323bb-b935-48d8-9c26-c80be97a43e2 HTTP 302
  • https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=7b5323bb-b935-48d8-9c26-c80be97a43e2
Request Chain 395
  • https://rtb.mfadsrvr.com/sync?ssp=taboola HTTP 302
  • https://sync.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=444423ab-625a-4b88-8a2d-0db6b44631cc HTTP 302
  • https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=444423ab-625a-4b88-8a2d-0db6b44631cc&tbid=a3e0988e-1f42-483f-bead-3fa183d011e7-tucta937ad0&query=taboola_hm%3D444423ab-625a-4b88-8a2d-0db6b44631cc&isDirect=0
Request Chain 399
  • https://sync.srv.stackadapt.com/sync?nid=140 HTTP 302
  • https://sync.taboola.com/sg/stackadaptrtb-network/1/rtb-h?taboola_hm=WHLlBE6uTaJQmgHiIBBCPZU4mbI
Request Chain 400
  • https://x.bidswitch.net/sync?dsp_id=453&user_id=a3e0988e-1f42-483f-bead-3fa183d011e7-tucta937ad0&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=22&external_user_id=7b5323bb-b935-48d8-9c26-c80be97a43e2 HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=22&external_user_id=7b5323bb-b935-48d8-9c26-c80be97a43e2&crf=1
Request Chain 402
  • https://u.openx.net/w/1.0/cm?gdpr=0&gdpr_consent=&ph=295bf259-a378-4089-aae8-a2a995ba8627&id=37f45540-fa88-4005-bf73-8a7ac39467e3&r=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fopenxrtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D0%26us_privacy%3D1---%26orig%3Dvideo%26taboola_hm%3D HTTP 302
  • https://sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/?gdpr=0&us_privacy=1---&orig=video&taboola_hm=e5815896-7d87-4403-bba9-643ca4c2cdc3
Request Chain 413
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:06da6399-f551-4a00-926c-8d29a9ba9bf9&gdpr=0&gdpr_consent=
Request Chain 414
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFDTGNrN0hNLXNBQUI4NmhjLTdKQQ&gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Csyn%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Csyn%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AACLck7HM-sAAB86hc-7JA&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsyn%252Cpp%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2%26userid%3DSMART_USER_ID&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=syn%2Cpp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=9124950748540668363&gdpr=0&gdpr_consent= HTTP 303
  • https://sync.technoratimedia.com/services?srv=cs&pid=73&uid=AACLck7HM-sAAB86hc-7JA&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D9124950748540668363%26gdpr%3D0%26gdpr_consent%3D%26bee_sync_partners%3Dpp%252Cpm%26bee_sync_current_partner%3Dsyn%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3&gdpr=0 HTTP 307
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=9124950748540668363&gdpr=0&gdpr_consent=&bee_sync_partners=pp,pm&bee_sync_current_partner=syn&bee_sync_initiator=adx&bee_sync_hop_count=3 HTTP 303
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AACLck7HM-sAAB86hc-7JA&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D9124950748540668363%26gdpr%3D0%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D4&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=9124950748540668363&gdpr=0&bee_sync_partners=pm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=4&ev=AACLck7HM-sAAB86hc-7JA&pid=558502&do=add&gdpr=0 HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AACLck7HM-sAAB86hc-7JA&gdpr=0
Request Chain 415
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1981009107925892549&gdpr=0&gdpr_consent=
Request Chain 418
  • https://io.narrative.io/?companyId=673&id=pubmatic_id:A4AEF537-FE6F-4C13-8C83-341BA583EED8 HTTP 302
  • https://io.narrative.io/?io.narrative.guid.v2=c0264590-7bc9-11ed-a2b2-0ecbf2332f6f&companyId=673&id=pubmatic_id:A4AEF537-FE6F-4C13-8C83-341BA583EED8
Request Chain 420
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=A4AEF537-FE6F-4C13-8C83-341BA583EED8&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=A4AEF537-FE6F-4C13-8C83-341BA583EED8&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 422
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=A4AEF537-FE6F-4C13-8C83-341BA583EED8&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-wgrztsJE2uVig39VOC6gOGRrb5eqJfQ-~A&gdpr=0&gdpr_consent=
Request Chain 423
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=A4AEF537-FE6F-4C13-8C83-341BA583EED8&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AQELLgBqvmfkuAIPy-PDAQEBAQE&expiration=1671120596&nuid=A4AEF537-FE6F-4C13-8C83-341BA583EED8&gdpr_consent=&gdpr=0
Request Chain 424
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=afa8db5b-44ca-4d73-8160-48f9204a24d4&gdpr=0&gdpr_consent=
Request Chain 425
  • https://pmp.mxptint.net/sn.ashx?&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjc0NCZ0bD0xNTc2ODAw&piggybackCookie=R1B341_FAE3DAA2_57C7B014&r=https://pmp.mxptint.net/sn.ashx?ak=1 HTTP 302
  • https://pmp.mxptint.net/sn.ashx?ak=1
Request Chain 439
  • https://de.tynt.com/deb/v2?m=xch&rt=html&id=ahOcs-0hSr66bCaKj0P0Le&gdpr_consent=undefined&us_privacy=undefined HTTP 307
  • https://de.tynt.com/deb/v2?m=xch&rt=html&id=ahOcs-0hSr66bCaKj0P0Le&gdpr_consent=undefined&us_privacy=undefined&b=1
Request Chain 440
  • https://ad.turn.com/r/cs?pid=33&redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D32%26partneruserid%3D%23USER_ID%23%26gdpr%3D%23GDPR_APPLICABLE%23%26gdpr_consent%3D%23GDPR_CONSENT%23&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=32&partneruserid=8139544075377708909&gdpr=0&gdpr_consent=
Request Chain 441
  • https://match.prod.bidr.io/cookie-sync/sas?gdpr=0&gdpr_consent= HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AACLck7HM-sAAB86hc-7JA&gdpr=0
Request Chain 443
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fid.rlcdn.com%2F464246.gif%3Fpartner_uid%3D HTTP 302
  • https://id.rlcdn.com/464246.gif?partner_uid=377dc4d3-5ac1-4334-967e-e5493c2408af HTTP 307
  • https://id.rlcdn.com/1000.gif?memo=CPaqHBIvCisIARCUaxokMzc3ZGM0ZDMtNWFjMS00MzM0LTk2N2UtZTU0OTNjMjQwOGFmEAAaDQjW6uecBhIFCOgHEABCAEoA HTTP 307
  • https://pippio.com/api/sync?pid=5324&it=1&iv=ff75b5cc7711b9600666fb44a089677b04d1ade96e403bebe24830ead1640f8a791426b5417dce21&_=2 HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlBmZjc1YjVjYzc3MTFiOTYwMDY2NmZiNDRhMDg5Njc3YjA0ZDFhZGU5NmU0MDNiZWJlMjQ4MzBlYWQxNjQwZjhhNzkxNDI2YjU0MTdkY2UyMRAAGgwI1urnnAYSBAgCEABCAEoA HTTP 302
  • https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlBmZjc1YjVjYzc3MTFiOTYwMDY2NmZiNDRhMDg5Njc3YjA0ZDFhZGU5NmU0MDNiZWJlMjQ4MzBlYWQxNjQwZjhhNzkxNDI2YjU0MTdkY2UyMRAAGgwI1urnnAYSBAgCEABCAEoA&google_gid=CAESELMzh4d9DrEG9T9yBuQXpIo&google_cver=1 HTTP 307
  • https://tags.rd.linksynergy.com/rcs?ns=lr&uid3= HTTP 303
  • https://idsync.rlcdn.com/458249.gif?partner_uid=76d39e1e-a106-41f9-b99a-24c46ff273f2
Request Chain 444
  • https://ib.adnxs.com/getuid?https://us-u.openx.net/w/1.0/sd?id=537072399&val=$UID HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072399&val=1981009107925892549
Request Chain 446
  • https://ad.turn.com/r/cs?pid=9&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=8139544075377708909&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 447
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=Y5n1UAAD-IvXyAAp
Request Chain 449
  • https://match.adsrvr.org/track/cmf/openx?oxid=62bbbbb5-9786-7554-c907-65ba05bf6977&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=93c076c2-e894-440e-8e6d-f5adaa53e805&ttd_puid=62bbbbb5-9786-7554-c907-65ba05bf6977&gdpr=0&gdpr_consent=
Request Chain 451
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEM3j-XB-yQ-7k6zXA9k3hUs&google_cver=1
Request Chain 452
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3658&xuid=93c076c2-e894-440e-8e6d-f5adaa53e805&dongle=0cfd
Request Chain 453
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTI1MDM4NDY0ODI5MjEzOTYyNDQ0Ng%3D%3D HTTP 302
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Request Chain 454
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEOc5EWzSOtKqL72Tfch6N3s&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Request Chain 455
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTI1MDM4NDY0ODI5MjEzOTYyNDQ0Ng%3D%3D
Request Chain 456
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=1250384648292139624446&dbredirect=true&gdpr=0&consent= HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=1250384648292139624446&dbredirect=true&gdpr=0&consent=&cookiesTest=true HTTP 302
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=bdf3d054-9e72-43cf-bcec-95ea68c8feed&_noobservation=1 HTTP 302
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=bdf3d054-9e72-43cf-bcec-95ea68c8feed&_noobservation=1&_expected_cookie=36ee0540ec463dfeabb96006db715474
Request Chain 457
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=1250384648292139624446&gdpr=0&gdpr_consent= HTTP 302
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=7b5323bb-b935-48d8-9c26-c80be97a43e2&ssp=triplelift&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2910&partner_device_id=10594366285420205050&gdpr=0&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.visitorid%3D%24%7BTA_DEVICE_ID%7D%26ssp%3Dtriplelift%26gdpr_consent%3D%26gdpr%3D0 HTTP 302
  • https://odr.mookie1.com/t/v2?tagid=V2_948118&src.visitorid=6c551e27-dcdd-4dc1-8730-3eee73720388&ssp=triplelift&gdpr_consent=&gdpr=0 HTTP 302
  • https://aa.agkn.com/adscores/g.pixel?sid=9212302828&puid=10594366285420205050&ssp=triplelift&gdpr=0&gdpr_consent= HTTP 302
  • https://odr.mookie1.com/t/v2?tagid=V2_785409&src.visitorId=212630604365010256035&ssp=triplelift&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=419&user_id=10594366285420205050&ssp=triplelift&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2409&xuid=7b5323bb-b935-48d8-9c26-c80be97a43e2&dongle=d3d3&gdpr=0&gdpr_consent=&gdpr_pd=
Request Chain 458
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/1250384648292139624446?gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-lkOQp0tE2oRTo2fbHMfRg4pid12e1ETgBu5oVCOz4Q--~A&dongle=0883
Request Chain 461
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3335&xuid=1981009107925892549&dongle=4d58&gdpr=0&gdpr_consent=
Request Chain 462
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=33across&endpoint=us-east&us_privacy= HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Request Chain 463
  • https://x.bidswitch.net/sync?ssp=the33across&us_privacy= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=the33across&bsw_param=7b5323bb-b935-48d8-9c26-c80be97a43e2&google_hm=N2I1MzIzYmItYjkzNS00OGQ4LTljMjYtYzgwYmU5N2E0M2Uy HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEARzBDXd_Cu5P5Tjv8vrnEM&google_cver=1&ssp=the33across&bsw_param=7b5323bb-b935-48d8-9c26-c80be97a43e2 HTTP 302
  • https://ssc-cms.33across.com/ps/?xi=10&us_privacy=&xu=7b5323bb-b935-48d8-9c26-c80be97a43e2 HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=10&external_user_id=7b5323bb-b935-48d8-9c26-c80be97a43e2&ts=1671034198&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 464
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1671034198221.3&ri=1&ru=https%3A%2F%2Fsync.mathtag.com%2Fsync%2Fimg%3Fus_privacy%3D%24%7BUS_PRIVACY%7D%26mt_exid%3D73%26redir%3Dhttps%253A%252F%252Fevents-ssc.33across.com%252Fmatch%253Fliv%253Dg%2526us_privacy%253D%24%7BUS_PRIVACY%7D%2526bidder_id%253D1%2526external_user_id%253D%255BMM_UUID%255D HTTP 302
  • https://sync.mathtag.com/sync/img?us_privacy=&mt_exid=73&redir=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D1%26external_user_id%3D%5BMM_UUID%5D HTTP 302
  • https://events-ssc.33across.com/match?liv=g&us_privacy=&bidder_id=1&external_user_id=06da6399-f551-4a00-926c-8d29a9ba9bf9
Request Chain 465
  • https://ups.analytics.yahoo.com/ups/58350/sync?redir=true HTTP 302
  • https://ssc-cms.33across.com/ps/?xi=99&us_privacy=&xu=y-mYNYk7pE2uFQ2xmI.1NglLg3Tq0eoqwL~A HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=99&external_user_id=y-mYNYk7pE2uFQ2xmI.1NglLg3Tq0eoqwL%7EA&ts=1671034198&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 466
  • https://33across-match.dotomi.com/match/bounce/current?networkId=78390&version=1&us_privacy= HTTP 302
  • https://ssc-cms.33across.com/ps?xi=64&xu=AQELLgBqvmfkuAIPy-PDAQEBAQE&expiration=1671120598&us_privacy= HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=64&external_user_id=AQELLgBqvmfkuAIPy-PDAQEBAQE&ts=1671034198&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 467
  • https://eb2.3lift.com/getuid?gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fus_privacy%3D%26xi%3D33%26xu%3D%24UID HTTP 302
  • https://ssc-cms.33across.com/ps/?us_privacy=&xi=33&xu=1250384648292139624446 HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=33&external_user_id=1250384648292139624446&ts=1671034198&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 469
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=33across&us_privacy=&gdpr_consent=undefined&gdpr=0&us_privacy=1---&khaos=LBNUM2RU-1L-EX1I HTTP 302
  • https://ssc-cms.33across.com/ps/?xi=1&xu=LBNUM2RU-1L-EX1I&gdpr=0&gdpr_consent=undefined HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=30&external_user_id=LBNUM2RU-1L-EX1I&ts=1671034198&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 470
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=134&partneruserid=OB_OK&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmart_adserver_eb%26google_hm%3DSMART_USER_ID_B64&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_hm=OTEyNDk1MDc0ODU0MDY2ODM2Mw==&gdpr=0&gdpr_consent=
Request Chain 471
  • https://sync.mathtag.com/sync/img?mt_exid=39&redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D25%26partneruserid%3D%5BMM_UUID%5D&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=25&partneruserid=06da6399-f551-4a00-926c-8d29a9ba9bf9&gdpr=0&gdpr_consent=
Request Chain 472
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=139&partneruserid=0&redirurl=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3D98KUz37ype9D3X2sf9ovgeTt%26source_user_id%3DSMART_USER_ID&gdpr=0&gdpr_consent= HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=98KUz37ype9D3X2sf9ovgeTt&source_user_id=9124950748540668363&gdpr=0&gdpr_consent=
Request Chain 473
  • https://sync-tm.everesttech.net/upi/pid/gjIEMT18?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D94%26partneruserid%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=94&partneruserid=Y5n1UAAD-IvXyAAp&gdpr=0&gdpr_consent=
Request Chain 477
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Request Chain 478
  • https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent= HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw&piggybackCookie=di_0911f15f9cf946e793d50
Request Chain 479
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=w4KHY5OEi2rYh4ZrxYKTapSG2zzYgo4-x4PSpyxs
Request Chain 480
  • https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.adgrx.com/bridge.gif?AG_PID=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=c264b1de-7bc9-11ed-a828-3609417223ba
Request Chain 481
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=WHLlBE6uTaJQmgHiIBBCPZU4mbI
Request Chain 482
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Request Chain 483
  • https://ums.acuityplatform.com/tum?umid=6 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=720184224890
Request Chain 484
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:l7LKkdlB1P5ukv5&gdpr=0&gdpr_consent=
Request Chain 485
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-3c49f9d5-efde-48bf-9333-85d620ba79bc-005&rndcb=6503377067
Request Chain 486
  • https://ad.mrtnsvr.com/sync/pubmatic HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=hUBXFPxtp
Request Chain 488
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=6feb1287-f053-4db3-ad86-95b45ce03a78&r=https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=${PUBMATIC_UID}
Request Chain 489
  • https://px.owneriq.net/epm?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=$UID HTTP 302
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fsimage2.pubmatic.com%2fAdServer%2fPug%3fvcode%3dbz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw%26piggybackCookie%3dQ7243205991984157157&uid=Q7243205991984157157&ref=%2Fepm HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7243205991984157157
Request Chain 494
  • https://mweb.ck.inmobi.com/sync/15?redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA%3D%3D%26piggybackCookie%3D%24DSP_CKID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA==&piggybackCookie=63240202-9f70-46b2-8343-02c6696d9969
Request Chain 495
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:17BD8B118D044169A1A34790A1D678EB&gdpr=0&gdpr_consent=
Request Chain 496
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=A4AEF537-FE6F-4C13-8C83-341BA583EED8&gdpr= HTTP 302
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=A4AEF537-FE6F-4C13-8C83-341BA583EED8&gdpr=&fbounce=1 HTTP 302
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=A4AEF537-FE6F-4C13-8C83-341BA583EED8&addseg=10,33,39
Request Chain 498
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=06da6399-f551-4a00-926c-8d29a9ba9bf9
Request Chain 499
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://a.clickcertain.com/px/img/bidswitch/?bidswitch_ssp_id=pubmatic&bs_uid=7b5323bb-b935-48d8-9c26-c80be97a43e2 HTTP 302
  • https://a.usbrowserspeed.com/cs?puid=4b0d9783-8471-5573-8768-cd7fb94aa89c&pid=lc&r=https%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2fimg%2fbidswitch%2f%3fdone%3dtrue%26bidswitch_ssp_id%3dpubmatic
Request Chain 500
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=91d45063-b98e-4447-b436-7865e3b30670-6399f557-4341&gdpr=0&gdpr_consent=
Request Chain 501
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=2517055552523061229
Request Chain 502
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=1981009107925892549

501 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
wegotthiscovered.com/
Redirect Chain
  • http://wegotthiscovered.com/
  • https://wegotthiscovered.com/
140 KB
26 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:354c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / WordPress VIP <https://wpvip.com>
Resource Hash
5edd0ddaff1ddef48bcde89d64bb675de67f7a64fab3e6d69a932a73c8119498

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
0
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=300, must-revalidate
cf-apo-via
origin,no-cache
cf-cache-status
BYPASS
cf-edge-cache
cache,platform=wordpress
cf-ray
779834c57c68c33d-EWR
content-encoding
br
content-type
text/html; charset=UTF-8
date
Wed, 14 Dec 2022 16:09:50 GMT
host-header
a9130478a60e5f9135f765b23f26593b
link
<https://wegotthiscovered.com/wp-json/>; rel="https://api.w.org/"
server
cloudflare
vary
Accept-Encoding
x-cache
miss
x-hacker
If you're reading this, you should visit wpvip.com/careers and apply to join the fun, mention this header.
x-powered-by
WordPress VIP <https://wpvip.com>
x-rq
ewr3 0 4 9980

Redirect headers

CF-RAY
779834c4e8f6e6ac-EWR
Cache-Control
max-age=3600
Connection
keep-alive
Date
Wed, 14 Dec 2022 16:09:49 GMT
Expires
Wed, 14 Dec 2022 17:09:49 GMT
Location
https://wegotthiscovered.com/
Server
cloudflare
Server-Timing
cf-q-config;dur=6.9999996412662e-06
Transfer-Encoding
chunked
Vary
Accept-Encoding
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
z7NFdQDnbTkabZAIOl9il_O6KJj73e7Ff0GmDuXMRw.woff2
fonts.gstatic.com/s/opensanscondensed/v15/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensanscondensed/v15/z7NFdQDnbTkabZAIOl9il_O6KJj73e7Ff0GmDuXMRw.woff2
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::2003 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
68116287d6b99feff98ad41fa01cdc251f12b52e253bab507ed2eaa7a363e2b5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wegotthiscovered.com/
Origin
https://wegotthiscovered.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 22:46:44 GMT
x-content-type-options
nosniff
age
148986
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16256
x-xss-protection
0
last-modified
Thu, 10 Sep 2020 17:04:37 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Tue, 12 Dec 2023 22:46:44 GMT
z7NFdQDnbTkabZAIOl9il_O6KJj73e7Ff1GhDuXMRw.woff2
fonts.gstatic.com/s/opensanscondensed/v15/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensanscondensed/v15/z7NFdQDnbTkabZAIOl9il_O6KJj73e7Ff1GhDuXMRw.woff2
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::2003 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d39403de1ec71ed2f8605a302c8255f0a13f426e05c7cfa4ecaf40aadb27c665
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wegotthiscovered.com/
Origin
https://wegotthiscovered.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 08 Dec 2022 13:23:01 GMT
x-content-type-options
nosniff
age
528409
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14872
x-xss-protection
0
last-modified
Thu, 10 Sep 2020 17:02:50 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 08 Dec 2023 13:23:01 GMT
mem5YaGs126MiZpBA-UN_r8OUuhp.woff2
fonts.gstatic.com/s/opensans/v18/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UN_r8OUuhp.woff2
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::2003 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f677ee2d82dfb11f08175f673cf3f065b0d5e491b4485e01259a492715c746e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wegotthiscovered.com/
Origin
https://wegotthiscovered.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 07:57:17 GMT
x-content-type-options
nosniff
age
29553
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14932
x-xss-protection
0
last-modified
Tue, 15 Sep 2020 18:09:21 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 14 Dec 2023 07:57:17 GMT
mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v18/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFVZ0b.woff2
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::2003 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wegotthiscovered.com/
Origin
https://wegotthiscovered.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Fri, 09 Dec 2022 22:13:00 GMT
x-content-type-options
nosniff
age
410210
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14380
x-xss-protection
0
last-modified
Tue, 15 Sep 2020 18:09:22 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 09 Dec 2023 22:13:00 GMT
mem5YaGs126MiZpBA-UNirkOUuhp.woff2
fonts.gstatic.com/s/opensans/v18/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UNirkOUuhp.woff2
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::2003 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1491de1b31182d38593bcf660c99bc6018af8e192d91663f67ec9d045a3b5ccc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wegotthiscovered.com/
Origin
https://wegotthiscovered.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Fri, 09 Dec 2022 01:24:05 GMT
x-content-type-options
nosniff
age
485145
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14880
x-xss-protection
0
last-modified
Tue, 15 Sep 2020 18:09:47 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sat, 09 Dec 2023 01:24:05 GMT
TK3IWkUHHAIjg75cFRf3bXL8LICs13Fv40pKlN4NNSeSASwcEWlWHYg.woff2
fonts.gstatic.com/s/oswald/v36/ 		23 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/oswald/v36/TK3IWkUHHAIjg75cFRf3bXL8LICs13Fv40pKlN4NNSeSASwcEWlWHYg.woff2
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::2003 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
81b683dd9d42cd417d7d9b29ab60b1d30c8f3b6d0cd6dde6587725805559a7d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wegotthiscovered.com/
Origin
https://wegotthiscovered.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 11:24:58 GMT
x-content-type-options
nosniff
age
103492
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24052
x-xss-protection
0
last-modified
Thu, 28 Jan 2021 20:31:25 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 13 Dec 2023 11:24:58 GMT
/
wegotthiscovered.com/_static/ 		98 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://wegotthiscovered.com/_static/??/wp-includes/css/dist/block-library/style.min.css,/wp-content/plugins/dotesports-gutenberg-blocks/build/style-index.css?m=1670375350
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:354c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
00b41ce5405f76a61dac043edc9fc8635a1f4f6498efa64f03ea2157f5215c1b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 16:09:50 GMT
x-rq
yyz1 0 4 9980
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 07 Dec 2022 01:09:10 GMT
cf-bgj
minify
server
cloudflare
age
626296
vary
Accept-Encoding
x-cache
miss
content-type
text/css;charset=utf-8
cache-control
max-age=31536000
cf-apo-via
tcache
cf-ray
779834cc5945c33d-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
/
wegotthiscovered.com/_static/ 		16 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://wegotthiscovered.com/_static/??-eJx9jsEOwjAMQ3+Ikm0HdkJ8S0mjrZB2VZ0J7e8pHBCTEEfHfrHpUVzMrGsQ0A2UJEQvKkmy7URRv0l1KpPn7ZhiPjJwoH948771DuIl27tidUXXKWYQxFeeSdTDIpcqAIUIo8ZQbWeT4MoCg7vqwncH21Twe8uL4fYJkZ3Nrf+Tu6Rzfxq7Yey7fngCk5ZfFA==
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:354c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a8245304d559698c5788e5a75fd94974adfaade8522376c86458f41356480279

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 16:09:50 GMT
content-encoding
br
cf-cache-status
HIT
age
761987
cf-polished
origSize=15959
x-cache
miss
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-rq
yyz1 0 4 9980
last-modified
Mon, 05 Dec 2022 20:10:12 GMT
cf-bgj
minify
server
cloudflare
vary
Accept-Encoding
content-type
text/css;charset=utf-8
cache-control
max-age=31536000
cf-apo-via
tcache
cf-ray
779834cc5947c33d-EWR
style.css
wegotthiscovered.com/wp-content/plugins/author-hreview/style/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://wegotthiscovered.com/wp-content/plugins/author-hreview/style/style.css?m=1670375350g
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:354c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fbcc6b13cee9c1b9b9b97f4070d9127a7dafc3a725b1b0cd80ebd3e1096e7668

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 16:09:50 GMT
content-encoding
br
cf-cache-status
HIT
age
635097
cf-polished
origSize=5919
x-cache
miss
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-rq
yyz1 0 4 9980
cf-bgj
minify
last-modified
Wed, 23 Nov 2022 02:07:31 GMT
server
cloudflare
etag
W/"637d8063-171f"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=31536000
cf-ray
779834cc5948c33d-EWR
expires
Thu, 07 Dec 2023 07:06:48 GMT
swiper-bundle.min.css
unpkg.com/swiper@8.4.5/
Redirect Chain
  • https://unpkg.com/swiper@8/swiper-bundle.min.css?ver=6.1.1
  • https://unpkg.com/swiper@8/swiper-bundle.min.css
  • https://unpkg.com/swiper@8.4.5/swiper-bundle.min.css
16 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/swiper@8.4.5/swiper-bundle.min.css
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Server
2606:4700::6810:7caf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82ef200ece01e84b0387a394dd784b93e1a677f8b2efed9d6b79f61d3084121a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 16:09:50 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
2000708
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01GJD2BP7D8FK1VN021EC5284E-yul
server
cloudflare
etag
W/"4056-knQFLPhd7qTFS8igAGqEi45G1Ug"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
779834cd28b37142-YUL

Redirect headers

date
Wed, 14 Dec 2022 16:09:50 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
fly-request-id
01GM8P611VVT6NK7M4DMCZD22Y-yul
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
211
vary
Accept, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
location
/swiper@8.4.5/swiper-bundle.min.css
cache-control
public, s-maxage=600, max-age=60
cf-ray
779834cce8517142-YUL
styles.css
wegotthiscovered.com/wp-content/plugins/wegotthiscovered-gallery-plugin/frontend/css/ 		2 KB
666 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://wegotthiscovered.com/wp-content/plugins/wegotthiscovered-gallery-plugin/frontend/css/styles.css?m=1670375350g
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:354c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
85c96fbb69c7238228745f7653c4c883a1055b6503b7dd5ef2811315afd35c8d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 16:09:50 GMT
content-encoding
br
cf-cache-status
HIT
age
635097
cf-polished
origSize=2044
x-cache
miss
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-rq
yyz1 0 4 9980
cf-bgj
minify
last-modified
Wed, 23 Nov 2022 02:07:31 GMT
server
cloudflare
etag
W/"637d8063-7fc"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=31536000
cf-ray
779834cc5949c33d-EWR
expires
Thu, 07 Dec 2023 07:06:48 GMT
08733ec9179a7a80.css
wegotthiscovered.com/wp-content/uploads/hurrytimer/css/ 		2 KB
927 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://wegotthiscovered.com/wp-content/uploads/hurrytimer/css/08733ec9179a7a80.css?ver=6.1.1
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:354c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
57ba6e1bdb4acee34e54dc147acabd1d0573218dbe12fc0fdf9148d45eacbbed

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 16:09:50 GMT
content-encoding
br
cf-cache-status
HIT
age
24677
cf-polished
origSize=2782
x-cache
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-rq
yyz1 80 130 443
cf-bgj
minify
last-modified
Wed, 14 Dec 2022 08:53:57 GMT
server
cloudflare
etag
W/"b93b816ba7ae18e9"
vary
Accept-Encoding
content-type
text/css;charset=utf-8
cache-control
max-age=2592000
cf-ray
779834cc594ac33d-EWR
expires
Thu, 14 Dec 2023 08:54:03 GMT
/
wegotthiscovered.com/_static/ 		140 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://wegotthiscovered.com/_static/??-eJyNj0ESwiAMRS8kxk6nduV4FqS0MpOSDAky3t60K5ds+IT/XxKgsQuUNWYFxrqlLNCoLFyiiGPiir6Yigp4kWgSxCLMV9ML/OH6jnsUIFxc2zS4swbRL8bOrM1kypI+vUDlxWtvOJltmx8P57UTO767oxMKyaN7VVVjjUEqa8XOJqu553Hkn/tjuM+3cZ7GafgBameP8g==
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:354c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
925b41942342b99e4fa069f40103f35a3dc23b3ba25a01621394935b27205aae

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 16:09:50 GMT
content-encoding
br
cf-cache-status
HIT
age
635097
cf-polished
status=cannot_optimize
x-cache
miss
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-rq
yyz1 0 4 9980
last-modified
Wed, 07 Dec 2022 01:09:11 GMT
cf-bgj
minify
server
cloudflare
vary
Accept-Encoding
content-type
text/css;charset=utf-8
cache-control
max-age=31536000
cf-apo-via
tcache
cf-ray
779834cc594bc33d-EWR
/
wegotthiscovered.com/_static/ 		166 KB
27 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://wegotthiscovered.com/_static/??/wp-content/plugins/aawp/assets/dist/css/main.css,/wp-content/mu-plugins/jetpack-11.6/css/jetpack.css?m=1670952793
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:354c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc2640d75f466c31ca17f93e8296c690c483356be18853494420f481df791c1b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 16:09:50 GMT
content-encoding
br
cf-cache-status
HIT
age
80217
cf-polished
origSize=170250
x-cache
miss
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-rq
yyz1 0 4 9980
last-modified
Thu, 08 Dec 2022 19:15:45 GMT
cf-bgj
minify
server
cloudflare
vary
Accept-Encoding
content-type
text/css;charset=utf-8
cache-control
max-age=31536000
cf-apo-via
tcache
cf-ray
779834cc7971c33d-EWR
swiper-bundle.min.js
unpkg.com/swiper@8.4.5/
Redirect Chain
  • https://unpkg.com/swiper@8/swiper-bundle.min.js?ver=6.1.1
  • https://unpkg.com/swiper@8/swiper-bundle.min.js
  • https://unpkg.com/swiper@8.4.5/swiper-bundle.min.js
140 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/swiper@8.4.5/swiper-bundle.min.js
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Server
2606:4700::6810:7caf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b08cc9bd79f873cbf3a9468010074bd1c2ede4524d993a1f42edb1778fa3657a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 16:09:50 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
2000353
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01GJD2PDYQP7841Q0E3FP9NSRJ-yul
server
cloudflare
etag
W/"2315b-t5sVkS+OMbzdHrTZGoTsEiXqNM4"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
779834cd087d7142-YUL

Redirect headers

date
Wed, 14 Dec 2022 16:09:50 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
fly-request-id
01GM8P4HZ14772X2J4SAW4MSKQ-yul
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
259
vary
Accept, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
location
/swiper@8.4.5/swiper-bundle.min.js
cache-control
public, s-maxage=600, max-age=60
cf-ray
779834ccd8397142-YUL
/
wegotthiscovered.com/_static/ 		99 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wegotthiscovered.com/_static/??-eJzTLy/QzcxLzilNSS3WzwKiwtLUokoopZebmaeXVayjj0+Rbm5melFiSSpUsX2uraGZuYGRuaGBoVEWAK9DIhM=
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:354c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7374a169b675ad5c3ac6167edda9c8fe05fe5315b6728815db2f091cc7712af6

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 16:09:50 GMT
content-encoding
br
cf-cache-status
HIT
age
761987
cf-polished
origSize=100912
x-cache
miss
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-rq
yyz1 0 4 9980
last-modified
Mon, 05 Dec 2022 20:10:12 GMT
cf-bgj
minify
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000
cf-apo-via
tcache
cf-ray
779834cc7974c33d-EWR
wpp.min.js
wegotthiscovered.com/wp-content/plugins/wordpress-popular-posts/assets/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wegotthiscovered.com/wp-content/plugins/wordpress-popular-posts/assets/js/wpp.min.js?ver=5.4.2
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:354c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ace4208545fb0ff5ea87fbe1470d3bf0af8e73d7d52fea869966c4b9d8c78a60

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 16:09:50 GMT
x-rq
yyz1 0 4 9980
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 08 Nov 2022 04:53:57 GMT
server
cloudflare
age
2359838
etag
W/"6369e0e5-bc3"
vary
Accept-Encoding
x-cache
hit
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
779834cc7976c33d-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Fri, 17 Nov 2023 08:39:12 GMT
chartbeat_mab.js
static.chartbeat.com/js/ 		23 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.chartbeat.com/js/chartbeat_mab.js
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24f1:f400:18:1fcd:351:7bc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
5da042d5812f163384470df8b5fbca46e8364922c47407a8dbdcf114066fc6ab

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 01:25:59 GMT
content-encoding
gzip
via
1.1 74e6dd86eff86d5443ebe1a2ced7df88.cloudfront.net (CloudFront)
last-modified
Wed, 20 Jul 2022 00:57:56 GMT
server
nginx
x-amz-cf-pop
JFK50-P4
age
53032
etag
W/"62d75314-5d6b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-amz-cf-id
jv46VHtDGqQlmAsbcqPcdjaDc3XIDDixBKSHP0RG1qpfxZVnQipDyQ==
expires
Thu, 15 Dec 2022 01:25:59 GMT
js
www.googletagmanager.com/gtag/ 		112 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-17178859-1
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2008 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d2d21c1890d39a55b85f2a66d4924d24b37fdb0c1808f3269f0aa6d75bf8611b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 16:09:51 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
44711
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 14 Dec 2022 16:09:51 GMT
ads-prebid-banner-proper-outbrain.js
wegotthiscovered.com/wp-content/themes/old-wgtc-theme/js/ 		25 B
142 B 		Script
General
Check archive.org
Download Go to
Full URL
https://wegotthiscovered.com/wp-content/themes/old-wgtc-theme/js/ads-prebid-banner-proper-outbrain.js
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:354c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
de0b6a85183e77b27669137f81e9807c2f1c35fd0c1b3012055e3cf0da2f16fa

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 16:09:50 GMT
cf-cache-status
HIT
age
2359838
cf-polished
origSize=27
x-cache
hit
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
25
x-rq
yyz1 0 4 9980
cf-bgj
minify
last-modified
Tue, 08 Nov 2022 04:53:58 GMT
server
cloudflare
etag
"6369e0e6-1b"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
779834cc7978c33d-EWR
expires
Fri, 17 Nov 2023 08:39:12 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		144 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9356934496955375
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4601b36b8b64b04fe6389f96ac1e622838f3a35cbc0d06b3768352a9ac51668a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wegotthiscovered.com/
Origin
https://wegotthiscovered.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 16:09:51 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49449
x-xss-protection
0
server
cafe
etag
10448611351555569360
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 14 Dec 2022 16:09:51 GMT
tag
btloader.com/ 		14 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://btloader.com/tag?o=5645585240555520&upapi=true
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:68b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
851e2fb668e4e3377b812469ffef63f5afa4ca2f7015819712137c864dd66acd

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 16:09:51 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 14 Dec 2022 15:13:45 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3212
etag
W/"074128a2093eaa7e56bd466236833c2e"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VKh2C7eW0PqLIe4YLrKYJrYcJfAEKeCaWelrVr8jSUnVR5OU9P83rPQMvNttToGqyR2CgYYVjVLuxFdfhtnzcbglka7GXdtBYpAAloBkWkE69Kzbm8sbQDos%2F1hmzAZkNvA3JHjlK61tAg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=300, must-revalidate, stale-if-error=86400
cf-ray
779834cdefbef98d-YYZ
ad-manager.min.js
hb.vntsm.com/v3/live/ 		1 MB
323 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.vntsm.com/v3/live/ad-manager.min.js
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c454::1 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
BunnyCDN-NY1-885 /
Resource Hash
8b8d403c9eb135e14319d46c0883805e49cafa8237fe605d2248682118448240

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 16:09:51 GMT
content-encoding
br
cdn-edgestorageid
885
cdn-cachedat
12/12/2022 14:59:24
cdn-pullzone
131999
last-modified
Mon, 12 Dec 2022 12:46:23 GMT
server
BunnyCDN-NY1-885
cdn-proxyver
1.03
cdn-requestpullcode
200
etag
W/"7124a8176e83aa0e54eec9de47628fb6"
vary
Accept-Encoding, Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
5d6cd18c-1b61-4922-947b-91a6b9ea7b00
access-control-expose-headers
x-geo-subdivision,X-Geo,cdn-requestcountrycode,Content-Type,x-bl
cache-control
public, max-age=86400
x-bl
0
cdn-requestid
fb014b8348a5254e4d93783481e2ee17
cdn-requestcountrycode
CA
access-control-allow-headers
cdn-requestcountrycode,Content-Type,x-bl,ref_url
cdn-status
200
cdn-requestpullsuccess
True
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5ce1b8b6bc9ae8900b96861eb134e6b4db73075cff0e8e3a230327d75cdbe18
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 16:09:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27539
x-xss-protection
0
server
sffe
etag
"1421 / 217 of 1000 / last-modified: 1670587517"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 14 Dec 2022 16:09:51 GMT
logo.png
wegotthiscovered.com/wp-content/themes/old-wgtc-theme/img/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/themes/old-wgtc-theme/img/logo.png
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:354c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2f95a880e5801bccf9bd22a13baeae155794995fdbabfe419427757ecdaa1449

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 16:09:51 GMT
cf-cache-status
HIT
age
2359838
cf-polished
origFmt=png, origSize=4277
x-cache
hit
content-disposition
inline; filename="logo.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3710
x-rq
yyz1 0 4 9980
cf-bgj
imgq:100,h2pri
last-modified
Tue, 08 Nov 2022 04:53:58 GMT
server
cloudflare
etag
W/"6369e0e6-10b5"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
779834cd9b1be710-EWR
expires
Fri, 17 Nov 2023 08:39:13 GMT
Avengers-Endgame.jpg-copy.png
wegotthiscovered.com/wp-content/uploads/2022/12/ 		268 KB
269 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/12/Avengers-Endgame.jpg-copy.png?w=650&h=350&crop=1
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:354c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8d8ffde5e537818fee234fd0ff800c8dc1fb255a1dd5e9d147c038757b37448

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 16:09:51 GMT
cf-cache-status
HIT
age
492
x-cache
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
274874
x-rq
yyz1 91 52 443
last-modified
Wed, 14 Dec 2022 15:50:21 GMT
server
cloudflare
etag
"52de2fff1e3fbe16"
vary
Accept, Accept-Encoding
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
779834cd9b1de710-EWR
expires
Thu, 14 Dec 2023 15:50:21 GMT
scream-vi-trailer-screengrab-1.jpg
wegotthiscovered.com/wp-content/uploads/2022/12/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/12/scream-vi-trailer-screengrab-1.jpg?w=325&h=190&crop=1
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:354c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cfe5a298a800dc055925b5cc1d18da389962ca2f3c7adc05e72245a4beb85894

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 16:09:51 GMT
cf-cache-status
HIT
age
493
x-cache
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
8438
x-rq
yyz1 80 86 443
last-modified
Wed, 14 Dec 2022 15:50:21 GMT
server
cloudflare
etag
"9f59305b78174627"
vary
Accept, Accept-Encoding
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
779834cd9b1ee710-EWR
expires
Thu, 14 Dec 2023 15:50:21 GMT
Spider-man-Across-the-spider-verse.jpg
wegotthiscovered.com/wp-content/uploads/2022/12/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/12/Spider-man-Across-the-spider-verse.jpg?w=325&h=190&crop=1
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:354c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
478129a73b00c5423319d39ea23ccf09489204c024d9009c5ea09f71750cfbe6

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 16:09:51 GMT
cf-cache-status
HIT
age
3065
x-cache
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
5686
x-rq
yyz1 87 95 443
last-modified
Wed, 14 Dec 2022 15:13:57 GMT
server
cloudflare
etag
"895eeba17d8f0f9b"
vary
Accept, Accept-Encoding
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
779834cd9b1fe710-EWR
expires
Thu, 14 Dec 2023 15:13:57 GMT
Eisenberg_Lex-e1671030273646.jpg
wegotthiscovered.com/wp-content/uploads/2022/12/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/12/Eisenberg_Lex-e1671030273646.jpg?w=225&h=135&crop=1
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:354c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
27c58e8388abd7ae5008d39c31768fa71af80580be954530b64d451078fc7f64

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 16:09:51 GMT
cf-cache-status
HIT
age
3336
cf-polished
origSize=5585, status=vary_header_present
x-cache
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
5395
x-rq
yyz1 86 215 443
cf-bgj
imgq:100,h2pri
last-modified
Wed, 14 Dec 2022 15:05:42 GMT
server
cloudflare
etag
"27ee19e20bde3cd8"
vary
Accept, Accept-Encoding
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
779834cd9b20e710-EWR
expires
Thu, 14 Dec 2023 15:05:42 GMT
ghostface-scream.jpg
wegotthiscovered.com/wp-content/uploads/2022/01/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/01/ghostface-scream.jpg?w=225&h=135&crop=1
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:354c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
68f74a43e9af5674dccba8769c8c10532bf5d86eb2f49380fbb51b9038cc49c0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 16:09:51 GMT
cf-cache-status
HIT
age
87864
x-cache
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
10914
x-rq
yyz1 80 86 443
last-modified
Tue, 13 Dec 2022 15:27:05 GMT
server
cloudflare
etag
"95bd37e9aea8eac8"
vary
Accept, Accept-Encoding
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
779834cd9b22e710-EWR
expires
Wed, 13 Dec 2023 15:27:05 GMT
tom-holland-peter-parker-muc.jpg
wegotthiscovered.com/wp-content/uploads/2022/12/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/12/tom-holland-peter-parker-muc.jpg?w=225&h=135&crop=1
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:354c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ea5fcf9ae18e12726f8bf7cb32271d62e558686acbceef63ed6ce63228d4319a

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 16:09:51 GMT
cf-cache-status
HIT
age
13374
x-cache
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4090
x-rq
yyz1 80 86 443
last-modified
Wed, 14 Dec 2022 11:19:38 GMT
server
cloudflare
etag
"a8b4116f354115de"
vary
Accept, Accept-Encoding
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
779834cd9b27e710-EWR
expires
Thu, 14 Dec 2023 11:19:38 GMT
maika-monroe-significant-other.jpg
wegotthiscovered.com/wp-content/uploads/2022/12/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/12/maika-monroe-significant-other.jpg?w=225&h=135&crop=1
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:354c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b8ee8cd272145326850d4124a1cad6209097b35b69f965dd14728d51e0d7c8bb

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 16:09:51 GMT
cf-cache-status
HIT
age
10862
x-cache
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
7252
x-rq
yyz1 80 130 443
last-modified
Wed, 14 Dec 2022 10:57:43 GMT
server
cloudflare
etag
"5daa08a34948e425"
vary
Accept, Accept-Encoding
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
779834cd9b28e710-EWR
expires
Thu, 14 Dec 2023 10:57:43 GMT
disney-castle.png
wegotthiscovered.com/wp-content/uploads/2022/11/ 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/11/disney-castle.png?w=225&h=135&crop=1
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:354c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0770178df0a390c23a92f83293cc9e963983faa20d07a539517c44c9caf6e52b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 16:09:51 GMT
cf-cache-status
HIT
age
10862
x-cache
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
38738
x-rq
yyz1 80 130 443
last-modified
Wed, 14 Dec 2022 10:42:29 GMT
server
cloudflare
etag
"26976f0f321d45e7"
vary
Accept, Accept-Encoding
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
779834cd9b29e710-EWR
expires
Thu, 14 Dec 2023 10:42:29 GMT
Necrosword.jpg
wegotthiscovered.com/wp-content/uploads/2022/11/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/11/Necrosword.jpg?w=225&h=135&crop=1
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:354c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b008543d46a0cc49a785921f08d6b32b22fd05e2c4cabd56cd0f2816b4c9866

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 16:09:51 GMT
cf-cache-status
HIT
age
15094
x-cache
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
17930
x-rq
yyz1 86 167 443
last-modified
Wed, 14 Dec 2022 10:07:39 GMT
server
cloudflare
etag
"3268307297150fb8"
vary
Accept, Accept-Encoding
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
779834cd9b2be710-EWR
expires
Thu, 14 Dec 2023 10:07:39 GMT
emancipation-1.jpg
wegotthiscovered.com/wp-content/uploads/2022/11/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/11/emancipation-1.jpg?w=225&h=135&crop=1
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:354c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a6e74e28e7c2639043434dc2dcb2d33bbe9a7b1422e84b87454ff5dac0c465f8

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 16:09:51 GMT
cf-cache-status
HIT
age
535833
x-cache
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
10496
x-rq
yyz1 86 83 443
last-modified
Wed, 07 Dec 2022 19:00:08 GMT
server
cloudflare
etag
"30a19d15d69fdef7"
vary
Accept, Accept-Encoding
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
779834cd9b2de710-EWR
expires
Thu, 07 Dec 2023 19:00:08 GMT
anthony-hopkins-westworld.jpg
wegotthiscovered.com/wp-content/uploads/2022/06/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/06/anthony-hopkins-westworld.jpg?w=650&h=350&crop=1
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:354c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7e6ee8afaccd6f4abf21b016857ff0d3c3dd5c1603c488eac76aab78ecde00f8

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 16:09:51 GMT
cf-cache-status
HIT
age
1940
x-cache
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
20460
x-rq
yyz1 80 86 443
last-modified
Wed, 14 Dec 2022 15:37:28 GMT
server
cloudflare
etag
"8884028047f030f8"
vary
Accept, Accept-Encoding
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
779834cd9b31e710-EWR
expires
Thu, 14 Dec 2023 15:37:28 GMT
Kate-Hudson.jpg
wegotthiscovered.com/wp-content/uploads/2022/12/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/12/Kate-Hudson.jpg?w=325&h=190&crop=1
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:354c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
600a6ebf8b066b0472de7633f0775ce4dff7049294a134963a9734664e6c7b06

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 16:09:51 GMT
cf-cache-status
HIT
age
1940
x-cache
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
15940
x-rq
yyz1 80 86 443
last-modified
Wed, 14 Dec 2022 15:37:28 GMT
server
cloudflare
etag
"734453fcc72d6a87"
vary
Accept, Accept-Encoding
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
779834cd9b33e710-EWR
expires
Thu, 14 Dec 2023 15:37:28 GMT
house-of-the-dragon.jpg
wegotthiscovered.com/wp-content/uploads/2022/10/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/10/house-of-the-dragon.jpg?w=325&h=190&crop=1
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:354c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d6481485632094afd3948944ea0e38ea3d995e0774eef9d6ae67e48344f8d125

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 16:09:51 GMT
cf-cache-status
HIT
age
4786
x-cache
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
14908
x-rq
yyz1 91 52 443
last-modified
Wed, 14 Dec 2022 14:44:01 GMT
server
cloudflare
etag
"cf8976c131b7effc"
vary
Accept, Accept-Encoding
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
779834cd9b35e710-EWR
expires
Thu, 14 Dec 2023 14:44:01 GMT
jupiters-legacy.jpg
wegotthiscovered.com/wp-content/uploads/2022/12/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/12/jupiters-legacy.jpg?w=225&h=135&crop=1
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:354c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
540bb5ff477e4b811fa0722ee00721505135327e268dd6fba8a706795cc8a613

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 16:09:51 GMT
cf-cache-status
HIT
age
10862
x-cache
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
7614
x-rq
yyz1 80 130 443
last-modified
Wed, 14 Dec 2022 11:16:46 GMT
server
cloudflare
etag
"66fac6c29fc3677a"
vary
Accept, Accept-Encoding
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
779834cd9b37e710-EWR
expires
Thu, 14 Dec 2023 11:16:46 GMT
star-wars-obi-wan-darth-vader.webp
wegotthiscovered.com/wp-content/uploads/2022/12/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/12/star-wars-obi-wan-darth-vader.webp?w=225&h=135&crop=1
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:354c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
88baff455d98aaf93be259edf782979e5705afd920e904fc421aae5744759be8

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 16:09:51 GMT
cf-cache-status
HIT
age
18377
x-cache
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
10354
x-rq
yyz1 91 52 443
last-modified
Wed, 14 Dec 2022 10:07:39 GMT
server
cloudflare
etag
"703c8569de9c13b4"
vary
Accept, Accept-Encoding
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
779834cd9b38e710-EWR
expires
Thu, 14 Dec 2023 10:07:39 GMT
warrior-nun.jpg
wegotthiscovered.com/wp-content/uploads/2022/12/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/12/warrior-nun.jpg?w=225&h=135&crop=1
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:354c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
65727f856f604fa30932b2512fcdf6fc24e47309112285c9e0536d450690f62c

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 16:09:51 GMT
cf-cache-status
HIT
age
13384
cf-polished
origSize=9704, status=vary_header_present
x-cache
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9631
x-rq
yyz1 86 83 443
cf-bgj
imgq:100,h2pri
last-modified
Wed, 14 Dec 2022 10:02:36 GMT
server
cloudflare
etag
"77735cf892acd9d4"
vary
Accept, Accept-Encoding
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
779834cd9b3ae710-EWR
expires
Thu, 14 Dec 2023 10:02:36 GMT
DB084B16-B0C4-4C85-AB8D-3517CFF19D6A.jpeg
wegotthiscovered.com/wp-content/uploads/2022/12/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/12/DB084B16-B0C4-4C85-AB8D-3517CFF19D6A.jpeg?w=225&h=135&crop=1
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:354c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
42eb0f84f617c657f9b11b98a356ee65f9ba11d48ba70da7e425c44371c23b3c

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 16:09:51 GMT
cf-cache-status
HIT
age
58361
x-cache
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
11196
x-rq
yyz1 91 52 443
last-modified
Tue, 13 Dec 2022 23:36:57 GMT
server
cloudflare
etag
"874364db0a1f18f4"
vary
Accept, Accept-Encoding
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
779834cd9b3be710-EWR
expires
Wed, 13 Dec 2023 23:36:57 GMT
2CAFB166-D9DD-4EDA-AFBF-4AC68121072A.jpeg
wegotthiscovered.com/wp-content/uploads/2022/12/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/12/2CAFB166-D9DD-4EDA-AFBF-4AC68121072A.jpeg?w=225&h=135&crop=1
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:354c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
66fa651c937579ec05c8732193ffc1a1bb1158fb2e713af24f0cbdc5e3456a0f

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 16:09:51 GMT
cf-cache-status
HIT
age
146372
x-cache
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6902
x-rq
yyz1 80 86 443
last-modified
Mon, 12 Dec 2022 23:24:17 GMT
server
cloudflare
etag
"9a840ef24b8d89c6"
vary
Accept, Accept-Encoding
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
779834cd9b3ce710-EWR
expires
Tue, 12 Dec 2023 23:24:17 GMT
sitcom-feature.png
wegotthiscovered.com/wp-content/uploads/2022/12/ 		49 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/12/sitcom-feature.png?w=225&h=135&crop=1
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:354c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
30552efd2564e172b0b8c73f4b5d3b6f43c0e955f3e1836aafb8492aedc15eb0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 16:09:51 GMT
cf-cache-status
HIT
age
328202
cf-polished
status=not_needed
x-cache
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
50583
x-rq
yyz1 80 86 443
cf-bgj
imgq:100,h2pri
last-modified
Sat, 10 Dec 2022 20:59:13 GMT
server
cloudflare
etag
"c2dd72d471cab74c"
vary
Accept, Accept-Encoding
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
779834cd9b3de710-EWR
expires
Sun, 10 Dec 2023 20:59:13 GMT
HDM-2.jpg
wegotthiscovered.com/wp-content/uploads/2022/12/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/12/HDM-2.jpg?w=225&h=135&crop=1
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:354c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
05dd8f60c440c7c134fd33a6f239fb71fdbaec2d7029fba2f9040e1d90beae11

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 16:09:51 GMT
cf-cache-status
HIT
age
623198
x-cache
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
15704
x-rq
yyz1 87 95 443
last-modified
Wed, 07 Dec 2022 11:01:07 GMT
server
cloudflare
etag
"d5775af3b5018e7a"
vary
Accept, Accept-Encoding
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
779834cd9b3fe710-EWR
expires
Thu, 07 Dec 2023 11:01:07 GMT
The-Ellen-Shows-DJ-Stephen.jpg
wegotthiscovered.com/wp-content/uploads/2022/12/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/12/The-Ellen-Shows-DJ-Stephen.jpg?w=650&h=350&crop=1
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:354c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
45f69322d6b7464235f5d9a622681798949d85ad8bd70f960c7247e7c4d2b834

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 16:09:51 GMT
cf-cache-status
HIT
age
2371
x-cache
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
23672
x-rq
yyz1 80 130 443
last-modified
Wed, 14 Dec 2022 15:27:19 GMT
server
cloudflare
etag
"dbc3494c0db83f5e"
vary
Accept, Accept-Encoding
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
779834cd9b40e710-EWR
expires
Thu, 14 Dec 2023 15:27:19 GMT
jay-leno-GettyImages-1245044697.jpg
wegotthiscovered.com/wp-content/uploads/2022/12/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/12/jay-leno-GettyImages-1245044697.jpg?w=325&h=190&crop=1
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:354c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e6282211723318f60d51ebeef2347fc9623d6e7b0b73e5827700a34f36ee6b19

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 16:09:51 GMT
cf-cache-status
HIT
age
2371
x-cache
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
13742
x-rq
yyz1 80 86 443
last-modified
Wed, 14 Dec 2022 15:27:19 GMT
server
cloudflare
etag
"ce16c32f5ce86318"
vary
Accept, Accept-Encoding
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
779834cd9b42e710-EWR
expires
Thu, 14 Dec 2023 15:27:19 GMT
andrew-tate.jpg
wegotthiscovered.com/wp-content/uploads/2022/08/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/08/andrew-tate.jpg?w=325&h=190&crop=1
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:354c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cac75d57c1eec435eeaf8209524f09eb2c187be30299766f09279439ea5d62f5

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 16:09:51 GMT
cf-cache-status
HIT
age
4786
x-cache
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
18968
x-rq
yyz1 80 86 443
last-modified
Wed, 14 Dec 2022 14:44:01 GMT
server
cloudflare
etag
"8947b0c6580901dd"
vary
Accept, Accept-Encoding
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
779834cd9b45e710-EWR
expires
Thu, 14 Dec 2023 14:44:01 GMT
michael-b-jordan-afc-bournmouth-ryan-reynolds-wrexham-afc.jpg
wegotthiscovered.com/wp-content/uploads/2022/12/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/12/michael-b-jordan-afc-bournmouth-ryan-reynolds-wrexham-afc.jpg?w=225&h=135&crop=1
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:354c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7af087300c6d3d3b2c1783e3210dbc70be2a145b0289beab7e98e8e672cd374a

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 16:09:51 GMT
cf-cache-status
HIT
age
7253
x-cache
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
8144
x-rq
yyz1 80 130 443
last-modified
Wed, 14 Dec 2022 09:52:50 GMT
server
cloudflare
etag
"3a89188688f81e68"
vary
Accept, Accept-Encoding
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
779834cd9b46e710-EWR
expires
Thu, 14 Dec 2023 09:52:50 GMT
Oscar-Isaac.jpg
wegotthiscovered.com/wp-content/uploads/2022/12/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/12/Oscar-Isaac.jpg?w=225&h=135&crop=1
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:354c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c9afa1223e8b8bf94b4d489255203589550cdc0d4d829ed8ecee81fedcd9767

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 16:09:51 GMT
cf-cache-status
HIT
age
32879
x-cache
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6858
x-rq
yyz1 80 130 443
last-modified
Wed, 14 Dec 2022 06:55:59 GMT
server
cloudflare
etag
"74a4fca61fe200a5"
vary
Accept, Accept-Encoding
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
779834cd9b47e710-EWR
expires
Thu, 14 Dec 2023 06:55:59 GMT
Lobo-image.jpg
wegotthiscovered.com/wp-content/uploads/2022/12/ 		81 KB
81 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/12/Lobo-image.jpg?w=650&h=350&crop=1
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:354c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
06f0d1be1947fc59872925a3ee863bb3dcc2f56451450152e2f4e4d20c312c23

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 16:09:51 GMT
cf-cache-status
HIT
age
44585
x-cache
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
82922
x-rq
yyz1 80 130 443
last-modified
Wed, 14 Dec 2022 03:29:16 GMT
server
cloudflare
etag
"9ca53bf238879ebb"
vary
Accept, Accept-Encoding
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
779834cd9b48e710-EWR
expires
Thu, 14 Dec 2023 03:29:16 GMT
image_2022-08-17_143633909.png
wegotthiscovered.com/wp-content/uploads/2022/08/ 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/08/image_2022-08-17_143633909.png?w=325&h=190&crop=1
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:354c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d2240c44aafbda4bf54a35430c06c39ebf9cccfa5106e8f39204e33a67a87996

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 16:09:51 GMT
cf-cache-status
HIT
age
137591
x-cache
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44692
x-rq
yyz1 80 130 443
last-modified
Tue, 13 Dec 2022 01:43:44 GMT
server
cloudflare
etag
"bcd2c79436232694"
vary
Accept, Accept-Encoding
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
779834cd9b49e710-EWR
expires
Wed, 13 Dec 2023 01:43:44 GMT
Adam-Warlock-Guardians-of-the-Galaxy-Vol.-3.jpg.jpg
wegotthiscovered.com/wp-content/uploads/2022/12/ 		64 KB
65 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/12/Adam-Warlock-Guardians-of-the-Galaxy-Vol.-3.jpg.jpg?w=325&h=190&crop=1
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:354c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1e8e0e86ec3301c6f2cc790e8da9218d34d5d20f42e206b30ef8832578e403df

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 16:09:51 GMT
cf-cache-status
HIT
age
159672
x-cache
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
65890
x-rq
yyz1 87 95 443
last-modified
Mon, 12 Dec 2022 19:40:36 GMT
server
cloudflare
etag
"c58ccb2f42a6c4a8"
vary
Accept, Accept-Encoding
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
779834cd9b4ae710-EWR
expires
Tue, 12 Dec 2023 19:40:36 GMT
GettyImages-1358934131-1.jpg
wegotthiscovered.com/wp-content/uploads/2022/12/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/12/GettyImages-1358934131-1.jpg?w=225&h=135&crop=1
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:354c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
786696b33500f2b1a986d169cd9d0cd17bf8654b9b2fc63212ee4ac128a9d463

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 16:09:51 GMT
cf-cache-status
HIT
age
319771
cf-polished
origSize=11943, status=vary_header_present
x-cache
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
11899
x-rq
yyz1 86 83 443
cf-bgj
imgq:100,h2pri
last-modified
Sat, 10 Dec 2022 22:25:23 GMT
server
cloudflare
etag
"553750512a400575"
vary
Accept, Accept-Encoding
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
779834cd9b4be710-EWR
expires
Sun, 10 Dec 2023 22:25:23 GMT
dakota-north-james-bond.jpg
wegotthiscovered.com/wp-content/uploads/2022/12/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/12/dakota-north-james-bond.jpg?w=225&h=135&crop=1
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:354c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f58fb9d38cd0cd85f5cf72407f050aeafe92e3058b815de04a920b052ad9d51a

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 16:09:51 GMT
cf-cache-status
HIT
age
512758
x-cache
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9648
x-rq
yyz1 80 130 443
last-modified
Thu, 08 Dec 2022 17:30:49 GMT
server
cloudflare
etag
"dcbc0cdefc05f2e8"
vary
Accept, Accept-Encoding
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
779834cd9b4ce710-EWR
expires
Fri, 08 Dec 2023 17:30:49 GMT
the-flash-gorilla-grodd.jpg
wegotthiscovered.com/wp-content/uploads/2022/12/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/12/the-flash-gorilla-grodd.jpg?w=225&h=135&crop=1
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:354c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
71bed7bfcc309a0f2dafd8cb60831b05de51feaae79533a91134017be9c296b4

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 16:09:51 GMT
cf-cache-status
HIT
age
160458
x-cache
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
14620
x-rq
yyz1 86 167 443
last-modified
Wed, 07 Dec 2022 10:28:44 GMT
server
cloudflare
etag
"46b055d7a27606b9"
vary
Accept, Accept-Encoding
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
779834cd9b4fe710-EWR
expires
Thu, 07 Dec 2023 10:28:44 GMT
GettyImages-1171729082.jpg
wegotthiscovered.com/wp-content/uploads/2022/12/ 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/12/GettyImages-1171729082.jpg?w=650&h=350&crop=1
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:354c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bda0264636478906b614aa48123a9612eb8de2ff5849d7384eb38521a5c4ff5c

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 16:09:51 GMT
cf-cache-status
HIT
age
15094
x-cache
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
20940
x-rq
yyz1 91 52 443
last-modified
Wed, 14 Dec 2022 09:25:06 GMT
server
cloudflare
etag
"694f6ab51ffc0a34"
vary
Accept, Accept-Encoding
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
779834cd9b50e710-EWR
expires
Thu, 14 Dec 2023 09:25:06 GMT
Fortnite-metallica-1.jpg
wegotthiscovered.com/wp-content/uploads/2022/12/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/12/Fortnite-metallica-1.jpg?w=325&h=190&crop=1
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:354c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
80e27520202eb4c675af3d99d556b1073769da5bbe93eadc8df75432abdb186d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 16:09:51 GMT
cf-cache-status
HIT
age
15094
x-cache
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
13730
x-rq
yyz1 87 131 443
last-modified
Wed, 14 Dec 2022 09:25:06 GMT
server
cloudflare
etag
"23d66f4cc81fe2e4"
vary
Accept, Accept-Encoding
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
779834cd9b51e710-EWR
expires
Thu, 14 Dec 2023 09:25:06 GMT
Hogwarts-Legacy-2.jpg
wegotthiscovered.com/wp-content/uploads/2022/11/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/11/Hogwarts-Legacy-2.jpg?w=325&h=190&crop=1
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:354c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
06e4018fb9dffc806374d2f59111fa35b628b9e6d21d8a1b3ce4891e946ca521

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 16:09:51 GMT
cf-cache-status
HIT
age
37878
x-cache
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
7980
x-rq
yyz1 80 86 443
last-modified
Wed, 14 Dec 2022 05:36:29 GMT
server
cloudflare
etag
"ed2a9fac9a0318ac"
vary
Accept, Accept-Encoding
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
779834cd9b53e710-EWR
expires
Thu, 14 Dec 2023 05:36:29 GMT
Marvels-Spider-Man-2.jpg
wegotthiscovered.com/wp-content/uploads/2022/12/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/12/Marvels-Spider-Man-2.jpg?w=225&h=135&crop=1
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:354c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db055fa3be0f826bfdfaf6321e6813dc6955878dd2b8e80338396b534a2a0123

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 16:09:51 GMT
cf-cache-status
HIT
age
123654
x-cache
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
11560
x-rq
yyz1 80 86 443
last-modified
Tue, 06 Dec 2022 02:18:00 GMT
server
cloudflare
etag
"fcbff6bd1ee3194f"
vary
Accept, Accept-Encoding
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
779834cd9b54e710-EWR
expires
Wed, 06 Dec 2023 02:18:00 GMT
black-christmas-video-game.jpg
wegotthiscovered.com/wp-content/uploads/2022/12/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/12/black-christmas-video-game.jpg?w=225&h=135&crop=1
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:354c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6b24624aa852df3a9efc7e13490fbc1c9fea5a5bbf7d3103561af6c7398b40a3

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 16:09:51 GMT
cf-cache-status
HIT
age
139142
x-cache
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4774
x-rq
yyz1 80 86 443
last-modified
Tue, 13 Dec 2022 01:25:06 GMT
server
cloudflare
etag
"4aaab7e599b61d7c"
vary
Accept, Accept-Encoding
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
779834cd9b55e710-EWR
expires
Wed, 13 Dec 2023 01:25:06 GMT
Mr-Beast-YouTube.jpg
wegotthiscovered.com/wp-content/uploads/2022/12/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/12/Mr-Beast-YouTube.jpg?w=225&h=135&crop=1
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:354c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e2a25b3a202e41dbc95ffc4acddaaad6de6da2dcb74e49cfd0506b1a916dcd3e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 16:09:51 GMT
cf-cache-status
HIT
age
141493
x-cache
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
16220
x-rq
yyz1 86 237 443
last-modified
Tue, 13 Dec 2022 00:40:41 GMT
server
cloudflare
etag
"4106de4f506698ea"
vary
Accept, Accept-Encoding
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
779834cd9b56e710-EWR
expires
Wed, 13 Dec 2023 00:40:41 GMT
Ash-Ketchum-Goh-Pokemon-1.jpg
wegotthiscovered.com/wp-content/uploads/2022/07/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/07/Ash-Ketchum-Goh-Pokemon-1.jpg?w=225&h=135&crop=1
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:354c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
21d85ffec14e59671a01257e794d4e5e9375cbb1762065ca854fa4b73fd47134

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 16:09:51 GMT
cf-cache-status
HIT
age
174380
cf-polished
origSize=6567, status=vary_header_present
x-cache
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6362
x-rq
yyz1 80 86 443
cf-bgj
imgq:100,h2pri
last-modified
Mon, 28 Nov 2022 13:39:13 GMT
server
cloudflare
etag
"0a0b693f2190b713"
vary
Accept, Accept-Encoding
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
779834cd9b59e710-EWR
expires
Tue, 28 Nov 2023 13:39:13 GMT
black-adam-12.jpg
wegotthiscovered.com/wp-content/uploads/2022/10/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/10/black-adam-12.jpg?w=225&h=135&crop=1
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:354c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4ea10e0e05177fbd7fe9b538f3123b1f4934480a4ccb5e2ff0366adc2f4a13ea

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 16:09:51 GMT
cf-cache-status
HIT
age
225671
x-cache
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
13684
x-rq
yyz1 87 107 443
last-modified
Wed, 16 Nov 2022 05:40:22 GMT
server
cloudflare
etag
"704e25fcebb37844"
vary
Accept, Accept-Encoding
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
779834cd9b5ae710-EWR
expires
Thu, 16 Nov 2023 05:40:22 GMT
Microsoft-Activision.jpg
wegotthiscovered.com/wp-content/uploads/2022/12/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/12/Microsoft-Activision.jpg?w=225&h=135&crop=1
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:354c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
099a78f00e58c8c54141e6d4cedc560e5f51b750124b17ac6fe13cd176e0bb4d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 16:09:51 GMT
cf-cache-status
HIT
age
211207
x-cache
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
10806
x-rq
yyz1 87 95 443
last-modified
Mon, 12 Dec 2022 05:00:53 GMT
server
cloudflare
etag
"281b9d4421421d2f"
vary
Accept, Accept-Encoding
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
779834cd9b5be710-EWR
expires
Tue, 12 Dec 2023 05:00:53 GMT
20221206214043_1.jpg
wegotthiscovered.com/wp-content/uploads/2022/12/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/12/20221206214043_1.jpg?w=225&h=135&crop=1
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:354c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c0f7cb6e0621abdd2742bd08cfd91b6798d49b3ee03590a32ab2cb40eceb3f8

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 16:09:51 GMT
cf-cache-status
HIT
age
67452
x-cache
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
10626
x-rq
yyz1 80 86 443
last-modified
Tue, 13 Dec 2022 21:23:31 GMT
server
cloudflare
etag
"235c37e2eacf4b1d"
vary
Accept, Accept-Encoding
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
779834cdcb5ee710-EWR
expires
Wed, 13 Dec 2023 21:23:31 GMT
Pokemon-scarlet-and-violet-4.jpg
wegotthiscovered.com/wp-content/uploads/2022/11/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/11/Pokemon-scarlet-and-violet-4.jpg?w=225&h=135&crop=1
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:354c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db1c2b662ffc9e6309d4eadf7f80f63ba929159c46e91b9ab7d9a6f2d86e04c4

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 16:09:51 GMT
cf-cache-status
HIT
age
239851
x-cache
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
10228
x-rq
yyz1 80 86 443
last-modified
Thu, 01 Dec 2022 04:17:41 GMT
server
cloudflare
etag
"16a691f69e862cef"
vary
Accept, Accept-Encoding
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
779834cdcb60e710-EWR
expires
Fri, 01 Dec 2023 04:17:41 GMT
Warhammer-40K-Darktide-Flamethrower.jpg
wegotthiscovered.com/wp-content/uploads/2022/11/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/11/Warhammer-40K-Darktide-Flamethrower.jpg?w=225&h=135&crop=1
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:354c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3d6c7c116e6231a6569d1bbb056c22f8865fc2d63c88063a411bd4d22f69f6bb

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 16:09:51 GMT
cf-cache-status
HIT
age
414779
x-cache
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
14526
x-rq
yyz1 80 130 443
last-modified
Thu, 08 Dec 2022 19:45:44 GMT
server
cloudflare
etag
"faddf47282c47fe2"
vary
Accept, Accept-Encoding
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
779834cdcb61e710-EWR
expires
Fri, 08 Dec 2023 19:45:44 GMT
Need-for-Speed-Unbound-Key-Art.jpg
wegotthiscovered.com/wp-content/uploads/2022/12/ 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/12/Need-for-Speed-Unbound-Key-Art.jpg?w=225&h=135&crop=1
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:354c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4204bb1454b371e66462d878e4941170c2d1815bf49aa5739669439abe284858

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 16:09:51 GMT
cf-cache-status
HIT
age
582764
x-cache
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
18786
x-rq
yyz1 80 86 443
last-modified
Wed, 07 Dec 2022 22:14:45 GMT
server
cloudflare
etag
"ef4c91f34d9538ee"
vary
Accept, Accept-Encoding
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
779834cdcb62e710-EWR
expires
Thu, 07 Dec 2023 22:14:45 GMT
the-callisto-protocol-bosses.png
wegotthiscovered.com/wp-content/uploads/2022/12/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/12/the-callisto-protocol-bosses.png?w=225&h=135&crop=1
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:354c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7370a8bfe246b1c317cb0a63eac51447c1ffe81d3420fbbde8efb43711258e3b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 16:09:51 GMT
cf-cache-status
HIT
age
612355
x-cache
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
26262
x-rq
yyz1 87 203 443
last-modified
Wed, 07 Dec 2022 14:00:42 GMT
server
cloudflare
etag
"e38d08213817bf6a"
vary
Accept, Accept-Encoding
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
779834cdcb63e710-EWR
expires
Thu, 07 Dec 2023 14:00:42 GMT
Hocus_Pocus_Spell_Funko_Pop_Funkoween.png
wegotthiscovered.com/wp-content/uploads/2022/05/ 		65 KB
65 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/05/Hocus_Pocus_Spell_Funko_Pop_Funkoween.png?w=650&h=350&crop=1
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:354c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
086dd026ecedc20dff23d61987ed06ffd0752432dce7a1872f236a9e8d475e67

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 16:09:51 GMT
cf-cache-status
HIT
age
232591
x-cache
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
66664
x-rq
yyz1 87 203 443
last-modified
Sun, 11 Dec 2022 23:33:20 GMT
server
cloudflare
etag
"79dc39c3c9470250"
vary
Accept, Accept-Encoding
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
779834cdcb65e710-EWR
expires
Mon, 11 Dec 2023 23:33:20 GMT
cbbc-lauren-layfield.jpg
wegotthiscovered.com/wp-content/uploads/2022/12/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/12/cbbc-lauren-layfield.jpg?w=325&h=190&crop=1
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:354c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
222aa4e80fb0eaaf8d38b567eadf239d79f425c452e90b3d12c90ef23193510f

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 16:09:51 GMT
cf-cache-status
HIT
age
232591
x-cache
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
7712
x-rq
yyz1 80 130 443
last-modified
Sun, 11 Dec 2022 23:33:20 GMT
server
cloudflare
etag
"2f71d16e87a614ad"
vary
Accept, Accept-Encoding
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
779834cdcb66e710-EWR
expires
Mon, 11 Dec 2023 23:33:20 GMT
ajax-loader.gif
wegotthiscovered.com/wp-content/themes/old-wgtc-theme/img/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/themes/old-wgtc-theme/img/ajax-loader.gif
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:354c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9003eb7e3040cdb9591230348da3f8342778da4f6ba8b2ce9deafa8970caba4a

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 16:09:51 GMT
cf-cache-status
HIT
age
2359413
cf-polished
origSize=1737, status=webp_bigger
x-cache
hit
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1669
x-rq
yyz1 0 4 9980
cf-bgj
imgq:100,h2pri
last-modified
Tue, 08 Nov 2022 04:53:57 GMT
server
cloudflare
etag
W/"6369e0e5-6c9"
vary
Accept-Encoding
content-type
image/gif
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
779834cdcb67e710-EWR
expires
Fri, 17 Nov 2023 08:39:41 GMT
/
wegotthiscovered.com/_static/ 		48 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wegotthiscovered.com/_static/??-eJydkdFOwzAMRX+INEzV2BPiW7LETVwSe8QO1f6erNuEhCgIHh37Hvve2OVkkHxuAcTOYrG4CJLZBQhDQRpmebB9xjMpkNpTbhFJ7OQ8jF05IaGCEV85Z3Pt2g60GY8d+Nagng06+Tdn3pgZpkZekWkTvUBk1YTi+R0qBBNdzpdzbvSproJwWbFE9ff+Fi+1Ws+KBap1IqBrXp75FeGnpL6VXYMZPDfSwAv9GfD5+FWmCUr/S87BrK7W+jePm6LboUdnkpPkk6N4d/tSnndPh8fxsB/3u/kDgS7cyw==
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:354c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6448fd1cb28f03fc7d7523861e09bcaa77dd33544175456ff60e130f7a3e1605

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 16:09:50 GMT
content-encoding
br
cf-cache-status
HIT
age
626296
cf-polished
origSize=65747
x-cache
miss
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-rq
yyz1 0 4 9980
last-modified
Wed, 07 Dec 2022 01:09:11 GMT
cf-bgj
minify
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000
cf-apo-via
tcache
cf-ray
779834cd4ac7e710-EWR
all.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/all.js?ver=6.1.1
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f034:11a:face:b00c:0:3 Dallas, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
036abecf63800b52d0ae86b4cb5541c949d79a2fa0d645bce2bc5825fc0aedd5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 14 Dec 2022 16:09:51 GMT
content-md5
OLUBxuAFck1xyChN6VJlmQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1685
x-fb-rlafr
0
x-fb-debug
5MSNoCO3VP7Ufln2jEVp3LD55OpsCtHpPCNtSvtcEhopUXKW5bw7Y5t+woydFn33u0qUsZ5w0Mdv+RodDb0ZIg==
x-fb-trip-id
1718053925
x-fb-content-md5
6c15609ff243e1de45ce4de55b1b5e3c
cross-origin-opener-policy
same-origin-allow-popups
etag
"9d37e9c2b726b9180513b20b9e3cccf3"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin
*
priority
u=3,i
expires
Wed, 14 Dec 2022 16:27:56 GMT
main.js
wegotthiscovered.com/wp-content/plugins/aawp/assets/dist/js/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wegotthiscovered.com/wp-content/plugins/aawp/assets/dist/js/main.js?m=1670375350g
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:354c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
324229580a277a2f43dabaa9aee2042c1e8197bcf0a8e2fe6fc5aa077f0d14e8

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 16:09:51 GMT
content-encoding
br
cf-cache-status
HIT
age
635097
cf-polished
origSize=6293
x-cache
miss
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-rq
yyz1 0 4 9980
cf-bgj
minify
last-modified
Wed, 23 Nov 2022 02:07:31 GMT
server
cloudflare
etag
W/"637d8063-1895"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
779834cd5acfe710-EWR
expires
Thu, 07 Dec 2023 07:06:56 GMT
e-202250.js
stats.wp.com/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stats.wp.com/e-202250.js
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-nc
HIT yyz
date
Wed, 14 Dec 2022 16:09:51 GMT
content-encoding
br
server
nginx
etag
W/"61beb56a-3508"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
expires
Mon, 04 Dec 2023 06:19:30 GMT
popup.js
wegotthiscovered.com/wp-content/themes/old-wgtc-theme/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wegotthiscovered.com/wp-content/themes/old-wgtc-theme/js/popup.js?v=2
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:354c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2eff9682459cdf09edbdc26d40a2ebe4ebe9a89398676952d0b06c1630452789

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 16:09:51 GMT
content-encoding
br
cf-cache-status
HIT
age
2359837
cf-polished
origSize=6341
x-cache
hit
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-rq
yyz1 0 4 9980
cf-bgj
minify
last-modified
Tue, 08 Nov 2022 04:53:58 GMT
server
cloudflare
etag
W/"6369e0e6-18c5"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
779834cd9b08e710-EWR
expires
Fri, 17 Nov 2023 08:39:13 GMT
jquery.cookie.js
wegotthiscovered.com/wp-content/themes/old-wgtc-theme/js/jquery/ 		1 KB
986 B 		Script
General
Check archive.org
Download Go to
Full URL
https://wegotthiscovered.com/wp-content/themes/old-wgtc-theme/js/jquery/jquery.cookie.js
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:354c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c3f05412b273a3c32bf550bf721db6302d8c8c8692d25b847f278ef67693195d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 16:09:51 GMT
content-encoding
br
cf-cache-status
HIT
age
2359838
cf-polished
origSize=1838
x-cache
hit
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-rq
yyz1 0 4 9980
cf-bgj
minify
last-modified
Tue, 08 Nov 2022 04:53:58 GMT
server
cloudflare
etag
W/"6369e0e6-72e"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
779834cd9b09e710-EWR
expires
Fri, 17 Nov 2023 08:39:13 GMT
jquery.tweet.js
wegotthiscovered.com/wp-content/themes/old-wgtc-theme/js/jquery/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wegotthiscovered.com/wp-content/themes/old-wgtc-theme/js/jquery/jquery.tweet.js
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:354c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d7f23b706c2051cd14bbfdc75b158a623e575846b2a34cf308709793fb72f5e8

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 16:09:51 GMT
content-encoding
br
cf-cache-status
HIT
age
2359837
cf-polished
origSize=14391
x-cache
hit
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-rq
yyz1 0 4 9980
cf-bgj
minify
last-modified
Tue, 08 Nov 2022 04:53:58 GMT
server
cloudflare
etag
W/"6369e0e6-3837"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
779834cd9b0de710-EWR
expires
Fri, 17 Nov 2023 08:39:13 GMT
jquery.localscroll.js
wegotthiscovered.com/wp-content/themes/old-wgtc-theme/js/jquery/ 		1 KB
917 B 		Script
General
Check archive.org
Download Go to
Full URL
https://wegotthiscovered.com/wp-content/themes/old-wgtc-theme/js/jquery/jquery.localscroll.js
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:354c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3c0a69d6de03571afb770c25f2216665c272ff731e3699ca3a2caf80d730f93

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 16:09:51 GMT
content-encoding
br
cf-cache-status
HIT
age
2359837
cf-polished
origSize=1552
x-cache
hit
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-rq
yyz1 0 4 9980
cf-bgj
minify
last-modified
Tue, 08 Nov 2022 04:53:58 GMT
server
cloudflare
etag
W/"6369e0e6-610"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
779834cd9b0ee710-EWR
expires
Fri, 17 Nov 2023 08:39:13 GMT
jquery.bxslider.css
wegotthiscovered.com/wp-content/themes/old-wgtc-theme/js/jquery/bxslider4.2.5/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://wegotthiscovered.com/wp-content/themes/old-wgtc-theme/js/jquery/bxslider4.2.5/jquery.bxslider.css
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:354c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7952a34f886e3cef6c4522009e3abebb3b7f8254955848f6ef064a915fa9ed23

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 16:09:51 GMT
content-encoding
br
cf-cache-status
HIT
age
2359837
cf-polished
origSize=4102
x-cache
hit
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-rq
yyz1 0 4 9980
cf-bgj
minify
last-modified
Tue, 08 Nov 2022 04:53:58 GMT
server
cloudflare
etag
W/"6369e0e6-1006"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=31536000
cf-ray
779834cd9b10e710-EWR
expires
Fri, 17 Nov 2023 08:39:13 GMT
search.js
wegotthiscovered.com/wp-content/themes/old-wgtc-theme/js/ 		554 B
506 B 		Script
General
Check archive.org
Download Go to
Full URL
https://wegotthiscovered.com/wp-content/themes/old-wgtc-theme/js/search.js
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:354c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
507c27740d49f6b21e854adb09f4f2b4e482ce1e2d043e3d71d25a652543465d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 16:09:51 GMT
content-encoding
br
cf-cache-status
HIT
age
2359837
cf-polished
origSize=720
x-cache
hit
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-rq
yyz1 0 4 9980
cf-bgj
minify
last-modified
Tue, 08 Nov 2022 04:53:58 GMT
server
cloudflare
etag
W/"6369e0e6-2d0"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
779834cd9b12e710-EWR
expires
Fri, 17 Nov 2023 08:39:13 GMT
jquery.bxslider.js
wegotthiscovered.com/wp-content/themes/old-wgtc-theme/js/jquery/bxslider4.2.5/ 		33 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wegotthiscovered.com/wp-content/themes/old-wgtc-theme/js/jquery/bxslider4.2.5/jquery.bxslider.js?=4
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:354c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
51308cfc2cee270e6819ae124d2eb4eec815637c9ac20f0b4a44b20ff0c41689

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 16:09:51 GMT
content-encoding
br
cf-cache-status
HIT
age
2359837
cf-polished
origSize=65727
x-cache
hit
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-rq
yyz1 0 4 9980
cf-bgj
minify
last-modified
Tue, 08 Nov 2022 04:53:58 GMT
server
cloudflare
etag
W/"6369e0e6-100bf"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
779834cd9b15e710-EWR
expires
Fri, 17 Nov 2023 08:39:13 GMT
lazyload.min.js
wegotthiscovered.com/wp-content/themes/old-wgtc-theme/js/lazyload/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wegotthiscovered.com/wp-content/themes/old-wgtc-theme/js/lazyload/lazyload.min.js
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:354c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e576f12e82c468567e420386b68476ff7045815976395bc6baad1a822c7368a7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 16:09:51 GMT
x-rq
yyz1 0 4 9980
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 08 Nov 2022 04:53:58 GMT
server
cloudflare
age
2359837
etag
W/"6369e0e6-d35"
vary
Accept-Encoding
x-cache
hit
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
779834cd9b16e710-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Fri, 17 Nov 2023 08:39:13 GMT
jquery.jcarousel-core.min.js
wegotthiscovered.com/wp-content/themes/old-wgtc-theme/js/jquery/ 		17 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wegotthiscovered.com/wp-content/themes/old-wgtc-theme/js/jquery/jquery.jcarousel-core.min.js
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:354c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d8ba6e00e79f5d4ffc5e3f634123c36823648e601c5d6465d27c65e7797d2807

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 16:09:51 GMT
x-rq
yyz1 0 4 9980
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 08 Nov 2022 04:53:58 GMT
server
cloudflare
age
2359837
etag
W/"6369e0e6-4435"
vary
Accept-Encoding
x-cache
hit
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
779834cd9b17e710-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Fri, 17 Nov 2023 08:39:13 GMT
jquery.viewport.js
wegotthiscovered.com/wp-content/themes/old-wgtc-theme/js/jquery/ 		1 KB
602 B 		Script
General
Check archive.org
Download Go to
Full URL
https://wegotthiscovered.com/wp-content/themes/old-wgtc-theme/js/jquery/jquery.viewport.js
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:354c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c51fffe2be6f1a72b6d297c12af42ddea28f64b60d1d75a7fe774114dd6942a3

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 16:09:51 GMT
content-encoding
br
cf-cache-status
HIT
age
2359838
x-cache
hit
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-rq
yyz1 0 4 9980
cf-bgj
minify
last-modified
Tue, 08 Nov 2022 04:53:58 GMT
server
cloudflare
etag
W/"6369e0e6-4b2"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
779834cd9b18e710-EWR
expires
Fri, 17 Nov 2023 08:39:13 GMT
amp-form-0.1.js
cdn.ampproject.org/v0/ 		49 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-form-0.1.js
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::2001 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
09d1c64dad7f557453c639d73ee51bf6aaa2bb92a23d1231620fd1d8807ad6f4
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Wed, 14 Dec 2022 16:09:51 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14971
x-xss-protection
0
server
sffe
etag
"5030ac295dc1523e"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 14 Dec 2022 16:09:51 GMT
face3.js
wegotthiscovered.com/wp-content/themes/old-wgtc-theme/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wegotthiscovered.com/wp-content/themes/old-wgtc-theme/js/face3.js?v=4.90
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:354c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d709873b2dd3058fdb02f9325eb522bd13420e9aa57fa9d1c99723ce6947e517

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 16:09:51 GMT
content-encoding
br
cf-cache-status
HIT
age
2359837
cf-polished
origSize=5006
x-cache
miss
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-rq
yyz1 0 4 9980
cf-bgj
minify
last-modified
Thu, 10 Nov 2022 05:09:29 GMT
server
cloudflare
etag
W/"636c8789-138e"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
779834cd9b1ae710-EWR
expires
Fri, 17 Nov 2023 08:39:13 GMT
selectivizr-min.js
cdnjs.cloudflare.com/ajax/libs/selectivizr/1.0.2/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/selectivizr/1.0.2/selectivizr-min.js
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f1f17fea7cee4a9ae74981b2930b10a3aafd713f4564080def24e5fb8342a338
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 16:09:51 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1877994
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2152
last-modified
Mon, 04 May 2020 16:16:11 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03fcb-12e4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6Go3AuNQCuImbxtGaBgfY%2F2RrurWyokOsTSmD5XPH1BFoucJNEjiyoowS7nCJmtZKT6IEd7La7jA2sAbMwOUDkSFwtAT8fpwbbqe6r6fYtbwQeqL8Tq4PMMygKwFrpcTBeSl1SH4yzeYaGUUkpKM2p9E"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
779834cdcefcca47-YUL
expires
Mon, 04 Dec 2023 16:09:51 GMT
modernizr-1.7.min.js
cdnjs.cloudflare.com/ajax/libs/modernizr/1.7/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/modernizr/1.7/modernizr-1.7.min.js
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
954e385ecd6ed2ab0cb91dc0333ea1b3cf1bdcfe309d4857e7181324cb8dc25b
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 16:09:51 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
4028856
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3215
last-modified
Mon, 04 May 2020 16:13:26 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03f26-233d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tUEM9vHNOO0BBioWyDhaVj0Q1mjfJQppgw1rbGTh%2F4OeXulrPIWFppdh%2BVOQFjRRfoXWwh%2BykVnxqmfKBU2VquRQktUSHOhWxE2TM8ifFtgedjJ5S6%2BHq70lFZLzd1saKuoP%2FUz8Awjg73S52oghI9%2Fq"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
779834cdcf0dca47-YUL
expires
Mon, 04 Dec 2023 16:09:51 GMT
114526X1684673.skimlinks.js
s.skimresources.com/js/ 		51 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.skimresources.com/js/114526X1684673.skimlinks.js
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
AmazonS3 /
Resource Hash
3f6a66df92b935a20d2eee51009e55c68bb225d674c133fe43b5004b41014984

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 16:09:51 GMT
content-encoding
gzip
x-sp-metadata
HS256.CN+G6JwGEokBCiQ1ZmQxYjZkMC0yNWM4LTRiNTgtOTdmOC1mNjAxNGQyYWE2YzIQsNrb5pK18AIaBgjP6uecBiIOMTQ5LjU2LjE1My4xNzgo8sUDMAM4BEIWVExTX0FFU18xMjhfR0NNX1NIQTI1NlogM2U5YjIwNjEwMDk4YjZjOWJmZjk1Mzg1NmU1ODAxNmEaLAgBEiQ4YTVmYmY1Mi1lMGNiLTQ4MTctYjlmNS02ZmViZTRhNjZkZTYYqpgB.Io0//xil7ZzVa4sAx6hdlljeT7HNBuUTxZcuxQ2d9hM=
last-modified
Mon, 12 Dec 2022 13:43:01 GMT
server
AmazonS3
x-amz-request-id
8CA8RET6R4T1FPDH
etag
"df80697fc1ecfd6f19dd5c5dc8178ce2"
x-hw
1671034191.cds052.dc2.hn,1671034191.cds032.dc2.c
content-type
application/octet-stream
cache-control
max-age=3600
accept-ranges
bytes
content-length
19498
x-amz-id-2
0ZPcFi5dlvbpsSYAPNRww3/OHtC9QefTicjsUCKpW9geSmSOAyIiaiR2UjauYZF6aumUsulPxEk=
vaafb692b2aea4879b33c060e79fe94621666317369993
static.cloudflareinsights.com/beacon.min.js/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:3865 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0f48c5678ce459a596423b0e55344e7ad8eb3d3b1b27c54cd76a9d4cee7dd6c3

Request headers

Referer
https://wegotthiscovered.com/
Origin
https://wegotthiscovered.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 16:09:51 GMT
content-encoding
gzip
last-modified
Fri, 21 Oct 2022 01:56:09 GMT
server
cloudflare
etag
W/2022.10.1
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
779834ce8f3a5589-EWR
chartbeat.js
static.chartbeat.com/js/ 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.chartbeat.com/js/chartbeat.js
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24f1:f400:18:1fcd:351:7bc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
7b307f2ce73aec07bfa1ab1d6462f491de0497c8819b1d6fed66eda9638a3530

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 07:43:28 GMT
content-encoding
gzip
via
1.1 74e6dd86eff86d5443ebe1a2ced7df88.cloudfront.net (CloudFront)
last-modified
Thu, 08 Dec 2022 17:25:10 GMT
server
nginx
x-amz-cf-pop
JFK50-P4
age
30383
etag
W/"63921df6-9377"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-amz-cf-id
WkGzE1WBjFDHO6VEy70X3Jc0vS6dMYQujWUQl3Z6Coo8zZahONdWfQ==
expires
Thu, 15 Dec 2022 07:43:28 GMT
plow.lite.js
wegotthiscovered.com/ 		40 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wegotthiscovered.com/plow.lite.js
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:354c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f2b68c2435eda0b3e644072ac97ee5a6ba8314656c025612ca4226c5695789d5

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 16:09:51 GMT
content-encoding
br
server
cloudflare
cf-ray
779834cdcb68e710-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
vary
Accept-Encoding
content-type
text/plain;charset=UTF-8
web-vitals.iife.js
unpkg.com/web-vitals@3.1.0/dist/
Redirect Chain
  • https://unpkg.com/web-vitals/dist/web-vitals.iife.js
  • https://unpkg.com/web-vitals@3.1.0/dist/web-vitals.iife.js
7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/web-vitals@3.1.0/dist/web-vitals.iife.js
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Server
2606:4700::6810:7caf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48c97b0cfa2e71392fa58921505b2b8aad8f7496cd049ba4331fca8e8db8c485
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 16:09:51 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
2472257
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01GHZ0N59DWJWGE3MTVNDRN464-yul
server
cloudflare
etag
W/"1b9c-Ooy//WAzbji1e0z3xvTKf9F/+q0"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
779834cdd9e07142-YUL

Redirect headers

date
Wed, 14 Dec 2022 16:09:51 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
fly-request-id
01GM8P85FXMM5Z5FA6QE3SDT1W-yul
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
140
vary
Accept, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
location
/web-vitals@3.1.0/dist/web-vitals.iife.js
cache-control
public, s-maxage=600, max-age=60
cf-ray
779834cda9737142-YUL
gtm.js
www.googletagmanager.com/ 		220 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NWJQJXJ
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2008 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
9bebc0d3987cc82f051bb03a32feb9bc432bdef8cf717824858487f35335e2ad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 16:09:51 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
75235
x-xss-protection
0
last-modified
Wed, 14 Dec 2022 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 14 Dec 2022 16:09:51 GMT
wegotthiscovered.min.js
global.proper.io/ 		36 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://global.proper.io/wegotthiscovered.min.js
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:4e22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d18458a69d1a5a33608e1e33801932109f8bcd371085220943374cf825a3e797

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 16:09:51 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 23 Nov 2022 23:19:37 GMT
server
cloudflare
age
1788576
etag
W/"637eaa89-9098"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=300
cf-ray
779834ce8e007138-YUL
expires
Wed, 14 Dec 2022 16:14:51 GMT
beacon.js
sb.scorecardresearch.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.47.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-47-92.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 04:45:25 GMT
content-encoding
gzip
via
1.1 043cf9310ff19c0e58a0b6e76877f570.cloudfront.net (CloudFront)
last-modified
Tue, 28 Jun 2022 13:19:23 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P1
age
41066
x-amz-server-side-encryption
AES256
etag
W/"eaf85c1c6758e84acfe134efd70e9373"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
qQShiej6fEv6LLNHM9YtC3y4kMSiFt0LhCZ7H8RcuEf8BphsYc3nmg==
atrk.js
certify-js.alexametrics.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://certify-js.alexametrics.com/atrk.js
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.139.29.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-29-104.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5e84ce936bc3e3844a5d9efb3ac7d28107fa17234fa2a6c2bf3491fc284f0d4f

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Mon, 27 Jun 2022 17:35:44 GMT
Content-Encoding
gzip
Via
1.1 d50d90bbddca57e02d6288d86c88470a.cloudfront.net (CloudFront)
Last-Modified
Tue, 27 Apr 2021 18:03:54 GMT
Server
AmazonS3
X-Amz-Cf-Pop
JFK50-P2
Age
14682848
ETag
W/"d89453438fbf10dcf4c13265c40d5160"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
X-Cache
Hit from cloudfront
Cache-Control
max-age=26920000
Connection
keep-alive
X-Amz-Cf-Id
AOy32RqFWNRHae7YxVPNG0TfoJPoDGtInhb2Ec3T5q_PmSoiCE-ZQQ==
fbevents.js
connect.facebook.net/en_US/ 		103 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f034:11a:face:b00c:0:3 Dallas, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
5d9d7e78e22202af03b2d09ad31952e031e3423006cba4a29fd506c5664c7761
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 14 Dec 2022 16:09:51 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27320
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
1+TJiBRG6aXwHSuwOef0Ksd0ATp420GzT1RKWuOxESBGvnd65cPnhjOtOBw8eaRZ3JCS5wP/k/YldQpbE9QulA==
x-fb-trip-id
1718053925
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
v2vrjgGqflcUvVGu3AjyLMOGAXT0bOhD9RGWW2u9n587yFk4ET7PnHt8X11-C5AsE
superficialeyes.com/ 		582 KB
100 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://superficialeyes.com/v2vrjgGqflcUvVGu3AjyLMOGAXT0bOhD9RGWW2u9n587yFk4ET7PnHt8X11-C5AsE
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:2b56::1 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
5f344a0446fdc8f2aede25db971bfe3d59cda52984c4eff42730ea0fddb111cf
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; preload
content-encoding
br
via
1.1 google
date
Wed, 14 Dec 2022 16:09:51 GMT
x-datacenter
gce-us-east1
etag
"d3241f4bc659b83317945ca5a78a047d6019261944f62c082c4a7ca23f6c68cc"
x-buildname
hoothoot
vary
Accept-Encoding, Accept-Language
x-hostname
fen-hoothoot-us-east1-jfx4
content-type
text/javascript; charset=utf-8
cache-control
private, must-revalidate, max-age=21600
x-buildnumber
718439402
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
v2jltJrHqG_ZP_OW2oPEQQcRZfkj9fqNRmQkea3mD7AYbCHJcxNiuERHPUOQvux6fk4xk5IkOGcpr5tMUUA
terrifictooth.com/ 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://terrifictooth.com/v2jltJrHqG_ZP_OW2oPEQQcRZfkj9fqNRmQkea3mD7AYbCHJcxNiuERHPUOQvux6fk4xk5IkOGcpr5tMUUA
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:809c::1 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
7d66cbfb7e1aa072a9e80351aa6f13022f0a799a8976f1d454ab6ffff3704b28
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; preload
content-encoding
gzip
via
1.1 google
date
Wed, 14 Dec 2022 16:09:51 GMT
x-datacenter
gce-us-east1
etag
"5cace30f5ed58bc36950e924f7b81f1cf784da56f36d288866bba909219bc091"
x-buildname
hoothoot
vary
Accept-Encoding, Accept-Language
x-hostname
fen-hoothoot-us-east1-jfx4
content-type
text/javascript; charset=utf-8
cache-control
private, must-revalidate, max-age=21600
x-buildnumber
718439402
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
TK3IWkUHHAIjg75cFRf3bXL8LICs13Fv40pKlN4NNSeSASwcEWlWHYg.woff2
wegotthiscovered.com/fonts.gstatic.com/s/oswald/v49/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://wegotthiscovered.com/fonts.gstatic.com/s/oswald/v49/TK3IWkUHHAIjg75cFRf3bXL8LICs13Fv40pKlN4NNSeSASwcEWlWHYg.woff2
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:354c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
24559cb630d9fc7ad4c9c2ceb19663a2dacdc44af12c572d7f08a28e1e74218a

Request headers

Referer
https://wegotthiscovered.com/
Origin
https://wegotthiscovered.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 16:09:51 GMT
cf-cache-status
HIT
last-modified
Mon, 18 Jul 2022 19:23:35 GMT
server
cloudflare
age
2359571
vary
Accept-Encoding
content-type
font/woff2
cache-control
public, max-age=2592000
cf-apo-via
proxy
accept-ranges
bytes
cf-ray
779834cdcb69e710-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
17928
wgtc.woff2
wegotthiscovered.com/wp-content/themes/old-wgtc-theme/font/icons/ 		4 KB
4 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://wegotthiscovered.com/wp-content/themes/old-wgtc-theme/font/icons/wgtc.woff2?15410951
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:354c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c57c4d05d08dad65bc6935b48f240ba3b7a31897805b4def998917a8dcb6ad7

Request headers

Referer
https://wegotthiscovered.com/
Origin
https://wegotthiscovered.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 16:09:51 GMT
cf-cache-status
HIT
age
2359838
x-cache
hit
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-rq
yyz1 0 4 9980
last-modified
Tue, 15 Nov 2022 04:58:14 GMT
server
cloudflare
etag
W/"63731c66-10d0"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
max-age=31536000
cf-ray
779834cdcb6ae710-EWR
expires
Fri, 17 Nov 2023 08:39:13 GMT
z7NFdQDnbTkabZAIOl9il_O6KJj73e7Ff1GhDuXMRw.woff2
wegotthiscovered.com/fonts.gstatic.com/s/opensanscondensed/v23/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://wegotthiscovered.com/fonts.gstatic.com/s/opensanscondensed/v23/z7NFdQDnbTkabZAIOl9il_O6KJj73e7Ff1GhDuXMRw.woff2
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:354c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6b0b111ca14c2147a0f0cb51f1317290eb5ec19b4a9bea595a5ad7ffb7d9661a

Request headers

Referer
https://wegotthiscovered.com/
Origin
https://wegotthiscovered.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 16:09:51 GMT
cf-cache-status
HIT
last-modified
Tue, 19 Apr 2022 18:08:11 GMT
server
cloudflare
age
2359571
vary
Accept-Encoding
content-type
font/woff2
cache-control
public, max-age=2592000
cf-apo-via
proxy
accept-ranges
bytes
cf-ray
779834cdcb6be710-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
14964
main-sprite.svg
wegotthiscovered.com/wp-content/themes/old-wgtc-theme/img/ 		8 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/themes/old-wgtc-theme/img/main-sprite.svg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/_static/??-eJyNj0ESwiAMRS8kxk6nduV4FqS0MpOSDAky3t60K5ds+IT/XxKgsQuUNWYFxrqlLNCoLFyiiGPiir6Yigp4kWgSxCLMV9ML/OH6jnsUIFxc2zS4swbRL8bOrM1kypI+vUDlxWtvOJltmx8P57UTO767oxMKyaN7VVVjjUEqa8XOJqu553Hkn/tjuM+3cZ7GafgBameP8g==
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:354c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a63e5cadd935b4e0f99d4e3813d01b5c71f7348fa8ada43d7e46ac9caa57939a

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://wegotthiscovered.com/_static/??-eJyNj0ESwiAMRS8kxk6nduV4FqS0MpOSDAky3t60K5ds+IT/XxKgsQuUNWYFxrqlLNCoLFyiiGPiir6Yigp4kWgSxCLMV9ML/OH6jnsUIFxc2zS4swbRL8bOrM1kypI+vUDlxWtvOJltmx8P57UTO767oxMKyaN7VVVjjUEqa8XOJqu553Hkn/tjuM+3cZ7GafgBameP8g==
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 16:09:51 GMT
x-rq
yyz1 0 4 9980
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 15 Nov 2022 04:58:14 GMT
server
cloudflare
age
2359444
etag
W/"63731c66-1e33"
vary
Accept-Encoding
x-cache
hit
content-type
image/svg+xml
cache-control
max-age=31536000
cf-ray
779834cdcb6ce710-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Fri, 17 Nov 2023 08:39:16 GMT
z7NFdQDnbTkabZAIOl9il_O6KJj73e7Ff0GmDuXMRw.woff2
wegotthiscovered.com/fonts.gstatic.com/s/opensanscondensed/v23/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://wegotthiscovered.com/fonts.gstatic.com/s/opensanscondensed/v23/z7NFdQDnbTkabZAIOl9il_O6KJj73e7Ff0GmDuXMRw.woff2
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:354c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0aa6a7045a55ddcb25bbee4d1edcb864081cf59f7fc9bdc1ada22a32ed4ad3ad

Request headers

Referer
https://wegotthiscovered.com/
Origin
https://wegotthiscovered.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 16:09:51 GMT
cf-cache-status
HIT
last-modified
Tue, 19 Apr 2022 18:08:32 GMT
server
cloudflare
age
2359571
vary
Accept-Encoding
content-type
font/woff2
cache-control
public, max-age=2592000
cf-apo-via
proxy
accept-ranges
bytes
cf-ray
779834cdcb6fe710-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
16324
warrior-nun.jpg
wegotthiscovered.com/wp-content/uploads/2022/12/ 		82 KB
83 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/12/warrior-nun.jpg?w=1067
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:354c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e7aa1c95b7440b1faff5aeee164e277fc9344c905c2f8d79f5eafc8417d77d80

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 16:09:51 GMT
cf-cache-status
HIT
age
19119
x-cache
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
84454
x-rq
yyz1 86 83 443
last-modified
Wed, 14 Dec 2022 10:09:19 GMT
server
cloudflare
etag
"86189bb3e5407de9"
vary
Accept, Accept-Encoding
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
779834cdfb99e710-EWR
expires
Thu, 14 Dec 2023 10:09:19 GMT
Necrosword.jpg
wegotthiscovered.com/wp-content/uploads/2022/11/ 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/11/Necrosword.jpg?w=325&h=190&crop=1
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:354c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
626d005f820b0d6b53420810b7a4efbabed3d501f7e5438d82b12e9c42b0ac0e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 16:09:51 GMT
cf-cache-status
HIT
age
18377
x-cache
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
29896
x-rq
yyz1 86 167 443
last-modified
Wed, 14 Dec 2022 10:09:24 GMT
server
cloudflare
etag
"cda05ac2501c7f30"
vary
Accept, Accept-Encoding
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
779834cdfb9be710-EWR
expires
Thu, 14 Dec 2023 10:09:24 GMT
GettyImages-1410904283.jpg
wegotthiscovered.com/wp-content/uploads/2022/12/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/12/GettyImages-1410904283.jpg?w=325&h=190&crop=1
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:354c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
83abaa6eb98a17fff51ce87d3a792ee302ca559663be384c5f8a8127ab684e11

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 16:09:51 GMT
cf-cache-status
HIT
age
16706
x-cache
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
16186
x-rq
yyz1 80 130 443
last-modified
Wed, 14 Dec 2022 09:57:09 GMT
server
cloudflare
etag
"385edf9ca2b4e841"
vary
Accept, Accept-Encoding
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
779834cdfb9de710-EWR
expires
Thu, 14 Dec 2023 09:57:09 GMT
collide-2016.jpg
wegotthiscovered.com/wp-content/uploads/2022/12/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/12/collide-2016.jpg?w=325&h=190&crop=1
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:354c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2f37d0a67990c79a9d1d9b8eae98a805c2513fba9521ab6d69a2cff4c0304825

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 16:09:51 GMT
cf-cache-status
HIT
age
19119
x-cache
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
19466
x-rq
yyz1 80 130 443
last-modified
Wed, 14 Dec 2022 10:04:49 GMT
server
cloudflare
etag
"04c092a80d002d6d"
vary
Accept, Accept-Encoding
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
779834cdfba3e710-EWR
expires
Thu, 14 Dec 2023 10:04:49 GMT
patty-jenkins-wonder-woman.jpg
wegotthiscovered.com/wp-content/uploads/2022/12/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/12/patty-jenkins-wonder-woman.jpg?w=325&h=190&crop=1
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:354c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
76d3a44a02cca6d4be4ee708af308da26518ea004574691234c24f088cad79c6

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 16:09:51 GMT
cf-cache-status
HIT
age
16705
x-cache
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
21080
x-rq
yyz1 80 86 443
last-modified
Wed, 14 Dec 2022 09:58:38 GMT
server
cloudflare
etag
"564ff01079f9be7b"
vary
Accept, Accept-Encoding
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
779834cdfba6e710-EWR
expires
Thu, 14 Dec 2023 09:58:38 GMT
mystery-men-1.jpg
wegotthiscovered.com/wp-content/uploads/2022/12/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/12/mystery-men-1.jpg?w=325&h=190&crop=1
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:354c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
059406876eca603c411d5f773bc3629d03ab3002a84254b59c7b43f879b5e878

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 16:09:51 GMT
cf-cache-status
HIT
age
16705
x-cache
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
17706
x-rq
yyz1 87 107 443
last-modified
Wed, 14 Dec 2022 10:00:12 GMT
server
cloudflare
etag
"ba82b8573352f8e0"
vary
Accept, Accept-Encoding
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
779834cdfba9e710-EWR
expires
Thu, 14 Dec 2023 10:00:12 GMT
the-monkey-king-2.jpg
wegotthiscovered.com/wp-content/uploads/2022/12/ 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/12/the-monkey-king-2.jpg?w=325&h=190&crop=1
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:354c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c13f1e98a9c184fdee744fa302649c12ebb49647bc9e4b9ffb6513bd8b9be405

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 16:09:51 GMT
cf-cache-status
HIT
age
19118
x-cache
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
29648
x-rq
yyz1 80 86 443
last-modified
Wed, 14 Dec 2022 09:57:41 GMT
server
cloudflare
etag
"9bc1d2f55b8b435e"
vary
Accept, Accept-Encoding
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
779834cdfbaae710-EWR
expires
Thu, 14 Dec 2023 09:57:41 GMT
/
r.skimresources.com/api/ 		149 B
376 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://r.skimresources.com/api/
Requested by
Host: s.skimresources.com
URL: https://s.skimresources.com/js/114526X1684673.skimlinks.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.59.101 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
101.59.190.35.bc.googleusercontent.com
Software
openresty/1.19.9.1 /
Resource Hash
8e38f6323f4b878878451b1f5da0c46e964fca4cf61e1d0d4e8a179dcfe34279
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://wegotthiscovered.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Wed, 14 Dec 2022 16:09:51 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-encoding
gzip
server
openresty/1.19.9.1
via
1.1 google
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://wegotthiscovered.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
robots.txt
t.skimresources.com/api/v2/ Frame 9110 		0
134 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.skimresources.com/api/v2/robots.txt?__skimjs_preflight__please_ignore__=true&rnd=0.5844727282495852
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.67.47 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
47.67.201.35.bc.googleusercontent.com
Software
Python/3.10 aiohttp/3.8.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 16:09:51 GMT
via
1.1 google
server
Python/3.10 aiohttp/3.8.3
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/plain charset=UTF-8
px.gif
p.skimresources.com/ 		43 B
102 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.skimresources.com/px.gif?ch=1&rn=0.1172548516534695
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.91.160 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
160.91.190.35.bc.googleusercontent.com
Software
Skimlinks Pixel 1.0 /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

p3p
policyref="http://skimlinks.com/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
date
Wed, 14 Dec 2022 16:09:51 GMT
via
1.1 google
server
Skimlinks Pixel 1.0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
content-type
image/gif
px.gif
p.skimresources.com/ 		43 B
276 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.skimresources.com/px.gif?ch=2&rn=0.1172548516534695
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.91.160 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
160.91.190.35.bc.googleusercontent.com
Software
Skimlinks Pixel 1.0 /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

p3p
policyref="http://skimlinks.com/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
date
Wed, 14 Dec 2022 16:09:51 GMT
via
1.1 google
server
Skimlinks Pixel 1.0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
content-type
image/gif
/
mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/ 		171 B
484 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/?host=wegotthiscovered.com&domain=wegotthiscovered.com&path=%2F
Requested by
Host: static.chartbeat.com
URL: https://static.chartbeat.com/js/chartbeat_mab.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:400::714 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d350d82a519c5fac452e82405846a81ec7a521c645567be99070ca8d613ac1ce

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-cache-hits
1
date
Wed, 14 Dec 2022 16:09:51 GMT
content-encoding
gzip
via
1.1 varnish (Varnish/6.0), 1.1 varnish
age
3562
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
130
x-served-by
cache-yul12826-YUL
x-timer
S1671034191.416194,VS0,VE1
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, s-maxage=0
accept-ranges
bytes
expires
Mon, 12 Dec 2022 15:10:29 GMT
js
www.googletagmanager.com/gtag/ 		216 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-VRDHJCSX1H&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-17178859-1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2008 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
13a7797d409b01536f29f5a444cec06faf2947aa74cd9aca533fe92363456fe4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 16:09:51 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
76838
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 14 Dec 2022 16:09:51 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-17178859-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:807::200e Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 14 Dec 2022 15:46:25 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
1406
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Wed, 14 Dec 2022 17:46:25 GMT
g.gif
pixel.wp.com/ 		50 B
93 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.wp.com/g.gif?v=ext&blog=210963106&post=0&tz=-5&srv=wegotthiscovered.com&hp=vip&j=1%3A11.6&host=wegotthiscovered.com&ref=&fcp=1442&rand=0.2920629352100641
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 14 Dec 2022 16:09:51 GMT
cache-control
no-cache
server
nginx
content-length
50
content-type
image/gif
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212060101/ 		356 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212060101/show_ads_impl_fy2021.js?bust=31071250
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9356934496955375
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3e7b0e35f880e5a73512f62d8c6efb4bec35d0c2f4b9969a58c7ec3d421169f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 16:09:51 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
120008
x-xss-protection
0
server
cafe
etag
1397868052149555294
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Wed, 14 Dec 2022 16:09:51 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20221207/r20190131/ Frame 8A68 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20221207/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9356934496955375
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wegotthiscovered.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
77680
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
br
content-length
4242
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 13 Dec 2022 18:35:11 GMT
etag
10353107486223812946
expires
Tue, 27 Dec 2022 18:35:11 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
all.js
connect.facebook.net/en_US/ 		308 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/all.js?hash=8a6ef6d619b3af3dac372e78f67ca696
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js?ver=6.1.1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f034:11a:face:b00c:0:3 Dallas, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ed47f6da6cbefcd926b0a130707a814c2f0e9762101e11a07fa520aa1343b3a1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://wegotthiscovered.com/
Origin
https://wegotthiscovered.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 14 Dec 2022 16:09:51 GMT
content-md5
fHeqvPmjLwtL15zfs12jyg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
88308
x-fb-rlafr
0
x-fb-debug
x5gmdtNNkSGFTb8TTU/8wqoh0g/4sVoTjk9h46OIuvEyV6v49k1jLS8z0oadYKsEzAEgzHHX7mOqU0ABVGHy5A==
x-fb-content-md5
4c48b5f7dc863d24ebddc58edf365d91
cross-origin-opener-policy
same-origin-allow-popups
etag
"365791214f03a65774b7980a855c46d5"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin
*
priority
u=3,i
expires
Thu, 14 Dec 2023 15:01:32 GMT
pubads_impl_2022120501.js
securepubads.g.doubleclick.net/gpt/ 		380 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1e288c4dc57f72a69a497baef524f41c57e1c6a414b09a5bde22cd5b2f1b7cdf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Sun, 11 Dec 2022 20:36:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
243228
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131905
x-xss-protection
0
last-modified
Mon, 05 Dec 2022 09:36:10 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 11 Dec 2023 20:36:03 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		456 B
203 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=wegotthiscovered.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
90e57343faa5f8c7e1714cc1c70ff55d76a5f795ad0ccdc94579cddf20226453
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 16:09:51 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
178
x-xss-protection
0
expires
Wed, 14 Dec 2022 16:09:51 GMT
226866098399083
connect.facebook.net/signals/config/ 		293 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/226866098399083?v=2.9.89&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f034:11a:face:b00c:0:3 Dallas, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
147115ce7aa4a4b2960cc9a0272e384211f1ab74f80b4125b986c6c6061d8d74
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 14 Dec 2022 16:09:51 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
86061
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
gXVrbStzOF94mwCkN6wzWXeHoGlWmZNW9bG02tplOViYTtkmDeemUedzvhbl4hnVc0RJq15zHyWFyAwFSEdhqg==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
optimize.js
www.googleoptimize.com/ 		107 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleoptimize.com/optimize.js?id=OPT-T7VG35Z
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NWJQJXJ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::200e Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d6d11018e0f28c80722e3167fb1818a23e547c93f74cdd2740680ea5e58a3578
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 16:09:51 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42965
x-xss-protection
0
last-modified
Wed, 14 Dec 2022 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 14 Dec 2022 16:09:51 GMT
cgl7jat8wh
www.clarity.ms/tag/ 		883 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/tag/cgl7jat8wh?ref=gtm
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NWJQJXJ
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::40 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
a4ed759cecf69a8d851312063ad201117eb8ee046f11ff6141f35196a3ec398e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-type
application/x-javascript
date
Wed, 14 Dec 2022 16:09:50 GMT
cache-control
no-cache, no-store
expires
-1
x-azure-ref
0T/WZYwAAAABbuKCOMG4ESpFrHuA4tAw3VEVCMzFFREdFMDcwNgA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache
CONFIG_NOCACHE
request-context
appId=cid-v1:e55edbbe-e22b-46b4-8313-9ee2a4e71d12
/
geoip.gamurs.workers.dev/ 		235 B
620 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://geoip.gamurs.workers.dev/
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:4cfe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a1738cf6e0962bdf3a04c6dc4adbac1a5eea6bc9d07de8d5ba8df34827492d10

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 16:09:51 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fl4nBnDo6LsxWF33DTKlZgLtsNMsMOWCFZ2xHY4qEFIsDYTzjMqqUQzsmNfZT5%2Bp50t9%2F6sMvCbyWjE7qU3duz4PYrWueKGKqpxjbkCza%2FEhu9EzkGI5%2B7EuaIp30l8qjgjBhFM5vifm4zvLKeVCq4JtPZKvcd4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
*
cf-ray
779834d05ec819db-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
atrk.gif
certify.alexametrics.com/ 		0
0
x.png
redirect.prod.experiment.routing.cloudfront.aws.a2z.com/ 		0
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://redirect.prod.experiment.routing.cloudfront.aws.a2z.com/x.png
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.13.1.121 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-13-1-121.us-east-2.compute.amazonaws.com
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 16:09:51 GMT
server
Server
ajax-loader-2.gif
wegotthiscovered.com/wp-content/themes/old-wgtc-theme/img/ 		613 B
924 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/themes/old-wgtc-theme/img/ajax-loader-2.gif
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/_static/??-eJyNj0ESwiAMRS8kxk6nduV4FqS0MpOSDAky3t60K5ds+IT/XxKgsQuUNWYFxrqlLNCoLFyiiGPiir6Yigp4kWgSxCLMV9ML/OH6jnsUIFxc2zS4swbRL8bOrM1kypI+vUDlxWtvOJltmx8P57UTO767oxMKyaN7VVVjjUEqa8XOJqu553Hkn/tjuM+3cZ7GafgBameP8g==
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:354c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5e9e8ae4b52da14c2647bcd0d9697ccb862c5e8cf6f617bbecb1153beb33e950

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://wegotthiscovered.com/_static/??-eJyNj0ESwiAMRS8kxk6nduV4FqS0MpOSDAky3t60K5ds+IT/XxKgsQuUNWYFxrqlLNCoLFyiiGPiir6Yigp4kWgSxCLMV9ML/OH6jnsUIFxc2zS4swbRL8bOrM1kypI+vUDlxWtvOJltmx8P57UTO767oxMKyaN7VVVjjUEqa8XOJqu553Hkn/tjuM+3cZ7GafgBameP8g==
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 16:09:51 GMT
cf-cache-status
HIT
age
2357370
cf-polished
origSize=673, status=webp_bigger
x-cache
hit
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
613
x-rq
yyz1 0 4 9980
cf-bgj
imgq:100,h2pri
last-modified
Tue, 08 Nov 2022 04:53:57 GMT
server
cloudflare
etag
W/"6369e0e5-2a1"
vary
Accept-Encoding
content-type
image/gif
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
779834d00d99e710-EWR
expires
Fri, 17 Nov 2023 08:39:55 GMT
carousel-ctrls.svg
wegotthiscovered.com/wp-content/themes/old-wgtc-theme/img/ 		750 B
691 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/themes/old-wgtc-theme/img/carousel-ctrls.svg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/_static/??-eJyNj0ESwiAMRS8kxk6nduV4FqS0MpOSDAky3t60K5ds+IT/XxKgsQuUNWYFxrqlLNCoLFyiiGPiir6Yigp4kWgSxCLMV9ML/OH6jnsUIFxc2zS4swbRL8bOrM1kypI+vUDlxWtvOJltmx8P57UTO767oxMKyaN7VVVjjUEqa8XOJqu553Hkn/tjuM+3cZ7GafgBameP8g==
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:354c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3cbfa45685b4ad91c14f3256742155082ef47dc59fb6838faff5329877c5ad9d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://wegotthiscovered.com/_static/??-eJyNj0ESwiAMRS8kxk6nduV4FqS0MpOSDAky3t60K5ds+IT/XxKgsQuUNWYFxrqlLNCoLFyiiGPiir6Yigp4kWgSxCLMV9ML/OH6jnsUIFxc2zS4swbRL8bOrM1kypI+vUDlxWtvOJltmx8P57UTO767oxMKyaN7VVVjjUEqa8XOJqu553Hkn/tjuM+3cZ7GafgBameP8g==
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 16:09:51 GMT
x-rq
yyz1 0 4 9980
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 15 Nov 2022 04:58:14 GMT
server
cloudflare
age
2357370
etag
W/"63731c66-2ee"
vary
Accept-Encoding
x-cache
hit
content-type
image/svg+xml
cache-control
max-age=31536000
cf-ray
779834d01dabe710-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Fri, 17 Nov 2023 08:39:55 GMT
ping
ping.chartbeat.net/ 		43 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ping.chartbeat.net/ping?h=wegotthiscovered.com&p=%2F&u=xaEJ5DtKnkmCYvtmh&d=wegotthiscovered.com&g=66987&g0=No%20Section&g1=No%20Author&n=1&f=00001&c=0&x=0&m=0&y=7941&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&PA=https%3A%2F%2Fwegotthiscovered.com%2F&b=1857&t=DHALh9nOoZFD-PVg8DuV4IPBhnR6L&V=139&i=Movie%20News%2C%20Gaming%20News%2C%20Blu-Ray%20News%2C%20Music%20News%2C%20and%20TV%20News%20%7C%20We%20Got%20This%20Covered&tz=0&sn=1&sv=B_5yDWB23t61BtJhFvcBdNoBuHnja&sd=1&im=067b0fff&_
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.213.167.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-213-167-233.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 14 Dec 2022 16:09:51 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
latest.js
global.proper.io/payloads/ 		553 KB
139 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://global.proper.io/payloads/latest.js
Requested by
Host: global.proper.io
URL: https://global.proper.io/wegotthiscovered.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:4e22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
859a885aa32847000c002c0bce5c07ff72d2958242524ce7e42796965f2f6166

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 16:09:51 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 22 Nov 2022 17:09:31 GMT
server
cloudflare
age
1892546
etag
W/"637d024b-8a3ec"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=300
cf-ray
779834d069b47138-YUL
expires
Wed, 14 Dec 2022 16:14:51 GMT
px.gif
abcheck.proper.io/ 		842 B
980 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://abcheck.proper.io/px.gif?ch=1&rn=9.889722151696352
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:4e22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48d611c460406f0653185a1447f5bf797eec3afa7c080b74205f4a8ea2729f3c

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 16:09:51 GMT
cf-cache-status
MISS
last-modified
Thu, 06 Jan 2022 18:51:44 GMT
server
cloudflare
x-amz-request-id
RY1JX5S56B20CT1A
etag
"04b36c8411ae7bf7a8c369fa94b30e56"
vary
Accept-Encoding
content-type
image/gif
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
779834d09a077138-YUL
content-length
842
x-amz-id-2
XFZsyi1+jAeFSKtPBK9ARd5P3Y6l9v3R563dg5PbvVFI9bPwMtnSwKuwYFEzm7vnWP2PwuyawPQ=
expires
Wed, 14 Dec 2022 20:09:51 GMT
px.gif
abcheck.proper.io/ 		842 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://abcheck.proper.io/px.gif?ch=2&rn=9.889722151696352
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:4e22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48d611c460406f0653185a1447f5bf797eec3afa7c080b74205f4a8ea2729f3c

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 16:09:51 GMT
cf-cache-status
MISS
last-modified
Thu, 06 Jan 2022 18:51:44 GMT
server
cloudflare
x-amz-request-id
RY1TCBAXY6D53XS9
etag
"04b36c8411ae7bf7a8c369fa94b30e56"
vary
Accept-Encoding
content-type
image/gif
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
779834d09a047138-YUL
content-length
842
x-amz-id-2
05aLoL9KoCuHiyYEBjTy66fROJKSPou5Og9A0A2fLYWPmipVFgqpiJ3YngkNUuyRHJHOy6XITM0=
expires
Wed, 14 Dec 2022 20:09:51 GMT
skeleton.js
static.adsafeprotected.com/ 		17 B
467 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/skeleton.js
Requested by
Host: superficialeyes.com
URL: https://superficialeyes.com/v2vrjgGqflcUvVGu3AjyLMOGAXT0bOhD9RGWW2u9n587yFk4ET7PnHt8X11-C5AsE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21dd:5200:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 10:06:40 GMT
x-amz-version-id
nylqTweorRThFHMBJSrf_fHcWx3KVKN3
via
1.1 b759e26bde22770788987f2078515d9a.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-C2
age
7797792
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
17
last-modified
Mon, 17 Aug 2020 23:54:35 GMT
server
AmazonS3
etag
"53fab767ecbd3bf07990b10246befbd4"
content-type
application/javascript
cache-control
max-age=315360000
accept-ranges
bytes
x-amz-cf-id
GqdOZjeHKB9YF4oyOucg119TZ4TjL7SoJcyRwK7CKicIRXoRKh0BGQ==
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=2&c2=6035334&cs_it=b3&cv=3.8.0.210223&ns__t=1671034191323&ns_c=UTF-8&gdpr=0&gdpr_p1t=&gdpr_li=&gdpr_purps=&gdpr_pcc=&cs_cmp_nc=1&cs_cmp_id=9&cs_cmp_sv=4&cs_cmp...
  • https://sb.scorecardresearch.com/b2?c1=2&c2=6035334&cs_it=b3&cv=3.8.0.210223&ns__t=1671034191323&ns_c=UTF-8&gdpr=0&gdpr_p1t=&gdpr_li=&gdpr_purps=&gdpr_pcc=&cs_cmp_nc=1&cs_cmp_id=9&cs_cmp_sv=4&cs_cm...
0
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=2&c2=6035334&cs_it=b3&cv=3.8.0.210223&ns__t=1671034191323&ns_c=UTF-8&gdpr=0&gdpr_p1t=&gdpr_li=&gdpr_purps=&gdpr_pcc=&cs_cmp_nc=1&cs_cmp_id=9&cs_cmp_sv=4&cs_cmp_rt=155&c7=https%3A%2F%2Fwegotthiscovered.com%2F&c8=Movie%20News%2C%20Gaming%20News%2C%20Blu-Ray%20News%2C%20Music%20News%2C%20and%20TV%20News%20%7C%20We%20Got%20This%20Covered&c9=
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Server
108.139.47.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-47-92.jfk50.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 16:09:51 GMT
via
1.1 043cf9310ff19c0e58a0b6e76877f570.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P1
x-amz-cf-id
UHOkfXkjd3BfkMxAGakTYScz_9BA99vQInhhMRLIrV4o9YdvwRsP5g==
x-cache
Miss from cloudfront

Redirect headers

location
/b2?c1=2&c2=6035334&cs_it=b3&cv=3.8.0.210223&ns__t=1671034191323&ns_c=UTF-8&gdpr=0&gdpr_p1t=&gdpr_li=&gdpr_purps=&gdpr_pcc=&cs_cmp_nc=1&cs_cmp_id=9&cs_cmp_sv=4&cs_cmp_rt=155&c7=https%3A%2F%2Fwegotthiscovered.com%2F&c8=Movie%20News%2C%20Gaming%20News%2C%20Blu-Ray%20News%2C%20Music%20News%2C%20and%20TV%20News%20%7C%20We%20Got%20This%20Covered&c9=
date
Wed, 14 Dec 2022 16:09:51 GMT
via
1.1 043cf9310ff19c0e58a0b6e76877f570.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P1
content-length
0
x-amz-cf-id
t3tfhjeuyfOElxlNq5iYWN-fYsvc2P7vvWSHp8rNOHeNCtLO9LRdSw==
x-cache
Miss from cloudfront
collect
analytics.google.com/g/ 		0
350 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-VRDHJCSX1H&gtm=2oebu0&_p=1569105561&_gaz=1&cid=424637361.1671034192&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1671034191&sct=1&seg=0&dl=https%3A%2F%2Fwegotthiscovered.com%2F&dt=Movie%20News%2C%20Gaming%20News%2C%20Blu-Ray%20News%2C%20Music%20News%2C%20and%20TV%20News%20%7C%20We%20Got%20This%20Covered&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VRDHJCSX1H&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 16:09:51 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://wegotthiscovered.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
350 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-VRDHJCSX1H&cid=424637361.1671034192&gtm=2oebu0&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VRDHJCSX1H&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 16:09:51 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://wegotthiscovered.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.ca/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ca/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-VRDHJCSX1H&cid=424637361.1671034192&gtm=2oebu0&aip=1&z=1507107642
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2003 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 16:09:51 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
6218c65ecebca94c45e3c774.enc
hb.vntsm.com/v2/live/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://hb.vntsm.com/v2/live/6218c65ecebca94c45e3c774.enc
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c454::1 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
BunnyCDN-NY1-885 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
ref_url
Access-Control-Request-Method
GET
Origin
https://wegotthiscovered.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-headers
cdn-requestcountrycode,Content-Type,x-bl,ref_url
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
*
access-control-expose-headers
x-geo-subdivision,X-Geo,cdn-requestcountrycode,Content-Type,x-bl
cache-control
public, max-age=86400
cdn-cache
HIT
cdn-pullzone
131999
cdn-requestcountrycode
CA
cdn-requestid
2660f1097cf1667dfc543e60f909b159
cdn-uid
5d6cd18c-1b61-4922-947b-91a6b9ea7b00
content-type
application/octet-stream
date
Wed, 14 Dec 2022 16:09:51 GMT
server
BunnyCDN-NY1-885
x-bl
0
content.html
hb.vntsm.io/ 		32 B
669 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hb.vntsm.io/content.html
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2f8e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce8368e5b8e9f2f066acc6284578c00021aea742c4c7c7ec2836c232a5f8b1f8

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 16:09:51 GMT
cf-cache-status
HIT
x-amz-request-id
MTZCWMEAHWS93P00
age
1599
content-length
32
x-amz-id-2
iGBvHxTKmZXV/rRBYBPvWLtvzIGq0AZnBnPs9d/yLVutxxNzAceF3RQvXPu6aYAlgtfDnB+YjL4=
last-modified
Thu, 14 Oct 2021 10:47:47 GMT
server
cloudflare
etag
"2f58b9ff601fd509249a9e7628a21c33"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
content-type
text/html
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin, origin, Origin
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
779834d27e7ae839-EWR
6218c65ecebca94c45e3c774.enc
hb.vntsm.com/v2/live/ 		8 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.vntsm.com/v2/live/6218c65ecebca94c45e3c774.enc
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c454::1 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
BunnyCDN-NY1-885 /
Resource Hash
b5cf3c1e88f1fa0dbbcf17a91699d3b05da3ac779dcc160deb9f1160781365b4

Request headers

Referer
https://wegotthiscovered.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
ref_url
aHR0cHM6Ly93ZWdvdHRoaXNjb3ZlcmVkLmNvbS8=

Response headers

date
Wed, 14 Dec 2022 16:09:51 GMT
content-encoding
br
cdn-edgestorageid
885
cdn-cachedat
12/12/2022 14:59:27
cdn-pullzone
131999
last-modified
Wed, 29 Jun 2022 12:35:47 GMT
server
BunnyCDN-NY1-885
cdn-proxyver
1.03
cdn-requestpullcode
200
etag
W/"c73b6e4cf93f120c13d96afbf7dd90d3"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
text/plain
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
5d6cd18c-1b61-4922-947b-91a6b9ea7b00
access-control-expose-headers
x-geo-subdivision,X-Geo,cdn-requestcountrycode,Content-Type,x-bl
access-control-allow-credentials
true
x-bl
0
cache-control
public, max-age=86400
cdn-requestid
f110194be0153cc4aec4d449869b59a6
cdn-requestcountrycode
CA
access-control-allow-headers
cdn-requestcountrycode,Content-Type,x-bl,ref_url
cdn-status
200
cdn-requestpullsuccess
True
cookie.js
partner.googleadservices.com/gampad/ 		407 B
702 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=wegotthiscovered.com&callback=_gfp_s_&client=ca-pub-9356934496955375&gpid_exp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212060101/show_ads_impl_fy2021.js?bust=31071250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
13c38f304ff37b086d6054a4ad38925ff59895af6f7744beaa73e45fb076bd72
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 16:09:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
257
x-xss-protection
0
integrator.js
adservice.google.ca/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.ca/adsid/integrator.js?domain=wegotthiscovered.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212060101/show_ads_impl_fy2021.js?bust=31071250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 16:09:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=wegotthiscovered.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212060101/show_ads_impl_fy2021.js?bust=31071250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 16:09:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fwegotthiscovered.com%2F&tn=DIV&id=mainHeader&cls=header%20sticky&ign=false&pw=1600&ph=1200&x=0&y=0
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 16:09:51 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 5FBD 		0
19 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-9356934496955375&output=html&adk=2018173897&adf=1110508544&lmt=1671034191&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&plas=212x945_l%7C212x945_r&format=0x0&url=https%3A%2F%2Fwegotthiscovered.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671034191235&bpp=4&bdt=579&idt=445&shv=r20221207&mjsv=m202212060101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4155275238978&frm=20&pv=2&ga_vid=424637361.1671034192&ga_sid=1671034192&ga_hid=1569105561&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777877%2C31071250%2C44779793%2C44780792&oid=2&pvsid=891223950869516&tmod=689586137&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=481
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212060101/show_ads_impl_fy2021.js?bust=31071250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wegotthiscovered.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 14 Dec 2022 16:09:51 GMT
expires
Wed, 14 Dec 2022 16:09:51 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
page
t.skimresources.com/api/v2/ 		22 B
43 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.skimresources.com/api/v2/page
Requested by
Host: s.skimresources.com
URL: https://s.skimresources.com/js/114526X1684673.skimlinks.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.201.67.47 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
47.67.201.35.bc.googleusercontent.com
Software
Python/3.10 aiohttp/3.8.3 /
Resource Hash
fcc83a5b6aef86420c1ad553167106df96bd0ff4192ffe52b1647599948edbcf
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://wegotthiscovered.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 16:09:51 GMT
via
1.1 google
x-content-type-options
nosniff
server
Python/3.10 aiohttp/3.8.3
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain; charset=utf-8, application/javascript
access-control-allow-origin
https://wegotthiscovered.com
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
content-length
22
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1569105561&t=pageview&_s=1&dl=https%3A%2F%2Fwegotthiscovered.com%2F&ul=en-us&de=UTF-8&dt=Movie%20News%2C%20Gaming%20News%2C%20Blu-Ray%20News%2C%20Music%20News%2C%20and%20TV%20News%20%7C%20We%20Got%20This%20Covered&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABQAAAACAAI~&jid=1328037937&gjid=175238798&cid=424637361.1671034192&tid=UA-17178859-1&_gid=160960581.1671034192&_r=1&gtm=2oubu0&z=941543760
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:807::200e Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://wegotthiscovered.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 16:09:51 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://wegotthiscovered.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j98&a=1569105561&t=event&ni=1&_s=2&dl=https%3A%2F%2Fwegotthiscovered.com%2F&ul=en-us&de=UTF-8&dt=Movie%20News%2C%20Gaming%20News%2C%20Blu-Ray%20News%2C%20Music%20News%2C%20and%20TV%20News%20%7C%20We%20Got%20This%20Covered&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ad%20Block&ea=Allowed&_u=YADAAUABQAAAACAAI~&jid=&gjid=&cid=424637361.1671034192&tid=UA-17178859-1&_gid=160960581.1671034192&gtm=2oubu0&z=1828944762
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:807::200e Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 02:43:46 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
48365
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
clarity.js
www.clarity.ms/eus2/s/0.7.0/ 		55 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/eus2/s/0.7.0/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/cgl7jat8wh?ref=gtm
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::40 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
ba43671fe8efa561dc6d7c35d5dc8f95d9ec360c0d1d6c6f085a70dbef723b72

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 16:09:51 GMT
content-encoding
br
last-modified
Wed, 01 Jun 2022 12:22:22 GMT
server
Microsoft-IIS/10.0
x-azure-ref-originshield
0e/SZYwAAAAACIorRiy6OTKDKelabw0D5RVdSMzBFREdFMTUxOQA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
etag
"1d90e4b8624997b"
x-azure-ref
0T/WZYwAAAACxyAVSMl9gTapWsNvoC1ErVEVCMzFFREdFMDcwNgA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache
TCP_HIT
content-type
application/javascript;charset=utf-8
cache-control
public,max-age=86400
accept-ranges
bytes
request-context
appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
ats.js
ats.rlcdn.com/ 		109 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ats.rlcdn.com/ats.js
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.93.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-93-28.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4b05d7f4339a505c65d2fcb1b21addd2a13a0c155ddf7ca766d1e7203b2b6cae

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 10:04:45 GMT
x-amz-version-id
qhkEQKrW4Gg_gxbK41emvSsDXWYdvDMl
content-encoding
br
via
1.1 c7705692ed008dad7e46e32f966aa3fe.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P8
age
21907
x-amz-server-side-encryption
AES256
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:eu-west-1:469675294282:build/ATSLibrary-prod:598424ed-c6de-48e8-8068-45662e39c3ce
x-cache
Hit from cloudfront
x-amz-meta-codebuild-content-md5
58acf9e97c03c481f490be71338f7f57
last-modified
Tue, 17 May 2022 11:35:33 GMT
server
AmazonS3
etag
W/"148e21f812b555a13b2a9c6b616141f4"
vary
Accept-Encoding
x-amz-meta-codebuild-content-sha256
57180e34d853b9e6be67670dae22a049fb237e6bca37c60f7ba138272a8487cc
content-type
application/x-javascript
cache-control
must-revalidate,public,max-age=86400
x-amz-cf-id
YLVKFktkHdFEh0Ch1Nu_qTGyYr_wKtUOkGusLyj69ns4ejosPPFJWA==
loader.js
cdn.taboola.com/libtrc/skimlinks-publishers/ 		79 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/skimlinks-publishers/loader.js
Requested by
Host: s.skimresources.com
URL: https://s.skimresources.com/js/114526X1684673.skimlinks.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
313b448adc116d1b17fafad0d3195fc836784293a51087e5beb2331e2b2533b2

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-amz-version-id
3BOuEeN_G_a4_CJI3X66AF7kQYNRK.4v
content-encoding
gzip
via
1.1 varnish
date
Wed, 14 Dec 2022 16:09:51 GMT
x-amz-request-id
WA5VFKJKDMHSTSZM
age
3770
x-cache
HIT
x-from-cache
1
x-envoy-upstream-service-time
5
content-length
21602
x-amz-id-2
JRn45NkV5+Sp+BlS7OcJVyHd5QaEV4FItO8e8MnEwF3CnP8c/NW12aeI+6Jr5QaFzElBtNdJueY=
x-served-by
cache-yul12821-YUL
last-modified
Wed, 14 Dec 2022 15:05:16 UTC
server
nginx
x-timer
S1671034192.929952,VS0,VE0
etag
"e81795f0165bc8c7532a524308a66f0fab10829b"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
abp
31
cache-control
private,max-age=14400
accept-ranges
bytes
x-cache-hits
21
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=226866098399083&ev=PageView&dl=https%3A%2F%2Fwegotthiscovered.com%2F&rl=&if=false&ts=1671034191898&sw=1600&sh=1200&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1671034191897.1940044330&it=1671034191308&coo=false&exp=a1&rqm=GET
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 14 Dec 2022 16:09:51 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
liveView.php
live.primis.tech/live/ 		0
0
quant.js
secure.quantserve.com/ 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800b:21:c1e8:5385:5098:6bf0 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
10c055e552cd4e8121eded0e5227a20534bfc3484aacecd99b553c069a332f53

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 16:09:52 GMT
content-encoding
gzip
etag
"KvGSi9leJgKNKEGESzHjYw=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Wed, 21 Dec 2022 16:09:52 GMT
apstag.js
c.amazon-adsystem.com/aax2/ 		178 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.144.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-144-76.ewr52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1c1e1c3ae7f9b71951f0539bbea7738054c26fee2e896ebb54f253db765d4c84

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 15:35:59 GMT
content-encoding
gzip
via
1.1 e453cfec7ab7b0f50057381607edb486.cloudfront.net (CloudFront), 1.1 c00308f66532ff493ccf2757d4085e0c.cloudfront.net (CloudFront)
last-modified
Wed, 07 Dec 2022 21:39:33 GMT
server
AmazonS3
x-amz-cf-pop
IAD89-P2, EWR52-C2
age
2034
x-amz-server-side-encryption
AES256
etag
W/"909ff158818033daa43a2d271ecda3db"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-id
p5oYAvKlnk2Sxy9looioqlPhce908lHSzGNn3DoKMKExANeJYAa9CQ==
usersync
usync.proper.io/v1/
Redirect Chain
  • https://ce.lijit.com/merge?pid=263069&3pid=b11784ec-3e01-4aa3-93d1-ad5261985a8a&location=https%3A%2F%2Fusync.proper.io%2Fv1%2Fusersync%3Fbidder%3Dsovrn%26proper_uid%3Db11784ec-3e01-4aa3-93d1-ad5261...
  • https://ce.lijit.com/merge?pid=263069&3pid=b11784ec-3e01-4aa3-93d1-ad5261985a8a&location=https%3A%2F%2Fusync.proper.io%2Fv1%2Fusersync%3Fbidder%3Dsovrn%26proper_uid%3Db11784ec-3e01-4aa3-93d1-ad5261...
  • https://usync.proper.io/v1/usersync?bidder=sovrn&proper_uid=b11784ec-3e01-4aa3-93d1-ad5261985a8a&uid=F0MJZRZHbpf7bCPATJW_DVk3
167 B
362 B 		Script
General
Check archive.org
Download Go to
Full URL
https://usync.proper.io/v1/usersync?bidder=sovrn&proper_uid=b11784ec-3e01-4aa3-93d1-ad5261985a8a&uid=F0MJZRZHbpf7bCPATJW_DVk3
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Server
52.33.102.212 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-33-102-212.us-west-2.compute.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
b33c3a811b7e36665caadd8fe94360e223503f1b2330c970924c59c26faf818f

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 14 Dec 2022 16:09:52 GMT
server
nginx/1.18.0
content-length
167
content-type
text/javascript

Redirect headers

Pragma
no-cache
Date
Wed, 14 Dec 2022 16:09:52 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Location
https://usync.proper.io/v1/usersync?bidder=sovrn&proper_uid=b11784ec-3e01-4aa3-93d1-ad5261985a8a&uid=F0MJZRZHbpf7bCPATJW_DVk3
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap1ewr1
Content-Length
0
Expires
Fri, 20 Mar 2009 00:00:00 GMT
cookie
cm.adform.net/
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?cb=https%3A%2F%2Fusync.proper.io%2Fv1%2Fusersync%3Fbidder%3Dadaptmx%26proper_uid%3Db11784ec-3e01-4aa3-93d1-ad5261985a8a%26uid%3D&&callback=window.proper_70a75f16_2e...
  • https://ssum.casalemedia.com/usermatchredir?s=191503&gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F12842%3Fgdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26A%3D2c37949...
  • https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F12842%3Fgdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26A%3D2c379494-1969-40d4-bfd5-8fbd6da4c741%26bidder%3Di...
  • https://prebid.a-mo.net/cchain/0/12842?gdpr=&gdpr_consent=&us_privacy=&A=2c379494-1969-40d4-bfd5-8fbd6da4c741&bidder=index_rtb&cbx=aHR0cHM6Ly91c3luYy5wcm9wZXIuaW8vdjEvdXNlcnN5bmM_YmlkZGVyPWFkYXB0bX...
  • https://cm.adform.net/cookie?gdpr=0&gdpr_consent=&redirect_url=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F2%2F12842%3Fgdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26A%3D2c379494-1969-40d4-bfd5-8fbd6da4c...
43 B
106 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cm.adform.net/cookie?gdpr=0&gdpr_consent=&redirect_url=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F2%2F12842%3Fgdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26A%3D2c379494-1969-40d4-bfd5-8fbd6da4c741%26bidder%3Dadform%26cbx%3DaHR0cHM6Ly91c3luYy5wcm9wZXIuaW8vdjEvdXNlcnN5bmM_YmlkZGVyPWFkYXB0bXgmcHJvcGVyX3VpZD1iMTE3ODRlYy0zZTAxLTRhYTMtOTNkMS1hZDUyNjE5ODVhOGEmdWlkPQ%253D%253D%26uid%3D%24UID
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Server
37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
f4eef8263281c0b26486637831251059757bc3fdc4c3a48045a8ef8646b36e8f

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 16:09:52 GMT
server
nginx
content-length
43
content-type
image/gif

Redirect headers

location
https://cm.adform.net/cookie?gdpr=0&gdpr_consent=&redirect_url=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F2%2F12842%3Fgdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26A%3D2c379494-1969-40d4-bfd5-8fbd6da4c741%26bidder%3Dadform%26cbx%3DaHR0cHM6Ly91c3luYy5wcm9wZXIuaW8vdjEvdXNlcnN5bmM_YmlkZGVyPWFkYXB0bXgmcHJvcGVyX3VpZD1iMTE3ODRlYy0zZTAxLTRhYTMtOTNkMS1hZDUyNjE5ODVhOGEmdWlkPQ%253D%253D%26uid%3D%24UID
date
Wed, 14 Dec 2022 16:09:52 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
2
server
envoy
content-length
0
usersync
usync.proper.io/v1/
Redirect Chain
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fusync.proper.io%2Fv1%2Fusersync%3Fbidder%3Dmediagrid%26proper_uid%3Db11784ec-3e01-4aa3-93d1-ad5261985a8a%26uid%3D%24%7BBSW_UUID%7D?&callback=window....
  • https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fusync.proper.io%2Fv1%2Fusersync%3Fbidder%3Dmediagrid%26proper_uid%3Db11784ec-3e01-4aa3-93d1-ad5261985a8a%26uid%3D%24%7BBSW_UUID%7D?&callback=w...
  • https://usync.proper.io/v1/usersync?bidder=mediagrid&proper_uid=b11784ec-3e01-4aa3-93d1-ad5261985a8a&uid=7b5323bb-b935-48d8-9c26-c80be97a43e2
183 B
386 B 		Script
General
Check archive.org
Download Go to
Full URL
https://usync.proper.io/v1/usersync?bidder=mediagrid&proper_uid=b11784ec-3e01-4aa3-93d1-ad5261985a8a&uid=7b5323bb-b935-48d8-9c26-c80be97a43e2
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Server
52.33.102.212 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-33-102-212.us-west-2.compute.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
6e28542d69305d06c4494f2a6b355708fc289bd64c0da7b8f79badc967d6e603

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 14 Dec 2022 16:09:52 GMT
server
nginx/1.18.0
content-length
183
content-type
text/javascript

Redirect headers

Location
https://usync.proper.io/v1/usersync?bidder=mediagrid&proper_uid=b11784ec-3e01-4aa3-93d1-ad5261985a8a&uid=7b5323bb-b935-48d8-9c26-c80be97a43e2
Date
Wed, 14 Dec 2022 16:09:52 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
445.json
id5-sync.com/g/v2/ 		461 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/445.json
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.119 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533570.ip-162-19-138.eu
Software
/
Resource Hash
34c4d35d1e639e20ee6babf51f4ae34c0de97fff3a89af5210f51dee292a110c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://wegotthiscovered.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 14 Dec 2022 16:09:52 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://wegotthiscovered.com
p3p
CP="CAO PSA OUR"
access-control-allow-credentials
true
envelope
api.rlcdn.com/api/identity/ 		0
256 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.rlcdn.com/api/identity/envelope?pid=72
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.155.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
137.155.120.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 16:09:52 GMT
via
1.1 google
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://wegotthiscovered.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-headers
Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
content-length
0
bidding
bids.proper.io/api/ 		0
171 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bids.proper.io/api/bidding
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.37.90.245 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-37-90-245.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://wegotthiscovered.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 14 Dec 2022 16:09:52 GMT
Connection
keep-alive
Content-Length
0
Content-Type
application/octet-stream
main.js
player.propervideo.io/new_rtp/ 		125 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.propervideo.io/new_rtp/main.js
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:9fea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
66eec5ff1f5907c3bfb3d9fc41b7a9dba1cb34f81ee6cd1dc5f07da29ba5e977

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 16:09:52 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Tue, 06 Sep 2022 22:53:16 GMT
server
cloudflare
age
1284693
cf-polished
origSize=191558
etag
W/"6317cf5c-2ec46"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=300
cf-ray
779834d43c057148-YUL
expires
Wed, 14 Dec 2022 16:14:52 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		541 B
306 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=891223950869516&correlator=39082913500780&eid=44780792&output=ldjh&gdfp_req=1&vrg=2022120501&ptt=17&impl=fifs&gdpr=0&us_privacy=1---&iu_parts=143457427%2Cwgtc_pskin&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=2&adks=36737190&didk=391414628&sfv=1-0-40&sc=1&cookie_enabled=1&arp=1&abxe=1&dt=1671034192031&lmt=1671034192&dlt=1671034190656&idt=1336&adxs=55&adys=10499&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwegotthiscovered.com%2F&frm=20&vis=1&psz=1600x10598&msz=1490x0&fws=0&ohw=0&ga_vid=424637361.1671034192&ga_sid=1671034192&ga_hid=1569105561&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
435fba17c8a0a8084a4466cd53202f4aaec58e10ad916c21ecf804cf2e8fbad1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 16:09:52 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
275
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://wegotthiscovered.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
ea3ccfae25b80120287108a10cf363b0.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 3349 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ea3ccfae25b80120287108a10cf363b0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80b::2001 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wegotthiscovered.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 14 Dec 2022 16:09:52 GMT
expires
Thu, 14 Dec 2023 16:09:52 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
tp2
spc.wegotthiscovered.com//com.snowplowanalytics.snowplow/ 		2 B
20 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://spc.wegotthiscovered.com//com.snowplowanalytics.snowplow/tp2
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/plow.lite.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.157.206 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
206.157.120.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://wegotthiscovered.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

date
Wed, 14 Dec 2022 16:09:52 GMT
via
1.1 google
server
Google Frontend
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-origin
https://wegotthiscovered.com
x-cloud-trace-context
677599cd875647171c35493452f1edce
access-control-allow-credentials
true
content-type
text/plain; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
tp2
spc.wegotthiscovered.com//com.snowplowanalytics.snowplow/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://spc.wegotthiscovered.com//com.snowplowanalytics.snowplow/tp2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.157.206 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
206.157.120.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://wegotthiscovered.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, SP-Anonymous
access-control-allow-origin
https://wegotthiscovered.com
access-control-max-age
5
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Wed, 14 Dec 2022 16:09:52 GMT
server
Google Frontend
via
1.1 google
x-cloud-trace-context
9ff6f140fccb5969aca48ee9d38de748
collect
stats.g.doubleclick.net/j/ 		1 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-17178859-1&cid=424637361.1671034192&jid=1328037937&gjid=175238798&_gid=160960581.1671034192&_u=YADAAUAAQAAAACAAI~&z=442184638
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://wegotthiscovered.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Wed, 14 Dec 2022 16:09:52 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://wegotthiscovered.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.4.33.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-33-45.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://wegotthiscovered.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://wegotthiscovered.com
access-control-max-age
600
age
0
content-length
0
date
Wed, 14 Dec 2022 16:09:52 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.4.33.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-33-45.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://wegotthiscovered.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://wegotthiscovered.com
access-control-max-age
600
age
0
content-length
0
date
Wed, 14 Dec 2022 16:09:52 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.4.33.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-33-45.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://wegotthiscovered.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://wegotthiscovered.com
access-control-max-age
600
age
0
content-length
0
date
Wed, 14 Dec 2022 16:09:52 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.4.33.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-33-45.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://wegotthiscovered.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://wegotthiscovered.com
access-control-max-age
600
age
0
content-length
0
date
Wed, 14 Dec 2022 16:09:52 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.4.33.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-33-45.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://wegotthiscovered.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://wegotthiscovered.com
access-control-max-age
600
age
0
content-length
0
date
Wed, 14 Dec 2022 16:09:52 GMT
server
ATS/9.1.10.25
translator
hbopenbid.pubmatic.com/ 		0
119 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://wegotthiscovered.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://wegotthiscovered.com
date
Wed, 14 Dec 2022 16:09:51 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/ 		244 B
942 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.161.208 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
806.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
db9c8c3eb52f72b43a2a4376a91e0865e2e9fd8a3d232b2b539e8cdc193e5360
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://wegotthiscovered.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Wed, 14 Dec 2022 16:09:52 GMT
AN-X-Request-Uuid
3ed572da-aaa3-4ba6-9aab-fb615d041f2c
Server
nginx/1.21.3
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://wegotthiscovered.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
149.56.153.178; 149.56.153.178; 806.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
244
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
24
web.hb.ad.cpe.dotomi.com/s2s/header/ 		589 B
889 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://web.hb.ad.cpe.dotomi.com/s2s/header/24
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2606:ae80:1471:17::1140 , United States, ASN25751 (VALUECLICK, US),
Reverse DNS
Software
nginx /
Resource Hash
f20501a635ee0666394692c96a11fa9f26cc9d5c85aceed6ab35a9635f7e2a65

Request headers

Referer
https://wegotthiscovered.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 16:09:52 GMT
server
nginx
content-type
application/json
access-control-allow-origin
https://wegotthiscovered.com
cache-control
no-cache
access-control-allow-credentials
true
content-length
589
expires
0
avjp
propermedia-d.openx.net/v/1.0/ 		106 B
296 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://propermedia-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwegotthiscovered.com%2F&ch=UTF-8&res=1600x1200x24&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=409d4d26-a167-40fc-9ad8-49b04a266e8a&pubcid=b11784ec-3e01-4aa3-93d1-ad5261985a8a&nocache=1671034192094&auid=557731210&aumfs=1000&vwd=400&vht=300&vmimes=video%2Fmp4%2Capplication%2Fjavascript&openrtb=%5Bobject%20Object%5D&vos=101&schain=1.0%2C1!proper.io%2C09983aa5-787b-11eb-8272-06ef03bc0096%2C1&x_gdpr_f=1&_pubcid=b11784ec-3e01-4aa3-93d1-ad5261985a8a
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 16:09:52 GMT
via
1.1 google
server
OXGW/0.0.0
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://wegotthiscovered.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
avjp
propermedia-d.openx.net/v/1.0/ 		106 B
510 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://propermedia-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwegotthiscovered.com%2F&ch=UTF-8&res=1600x1200x24&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=b4853400-5dbf-4340-9881-ce0df5943c9b&pubcid=b11784ec-3e01-4aa3-93d1-ad5261985a8a&nocache=1671034192095&auid=557731212&aumfs=1000&vwd=400&vht=300&vmimes=video%2Fmp4%2Capplication%2Fjavascript&openrtb=%5Bobject%20Object%5D&vos=101&schain=1.0%2C1!proper.io%2C09983aa5-787b-11eb-8272-06ef03bc0096%2C1&x_gdpr_f=1&_pubcid=b11784ec-3e01-4aa3-93d1-ad5261985a8a
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 16:09:52 GMT
via
1.1 google
server
OXGW/0.0.0
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://wegotthiscovered.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		715 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=8777&site_id=378212&zone_id=2088034&size_id=15%3B2%3B15%3B15%3B15&alt_size_ids=2%3B%3B%3B%3B10&rp_floor=0.1&rp_secure=1&tk_flint=pbjs_lite_v3.2.0&x_source.tid=8235e8a8-219a-4fdc-b6d8-7a5abedb5547%3B8dec297b-86c1-46ae-b0ae-9282edd649d7%3B9c12cb59-bd22-4301-a69c-ee1029faa8dd%3Bc2b6f99c-514b-4dea-b6d4-b142fa271c17%3B02eff023-d4ff-4ab5-883c-5e41ff077025&p_screen_res=1600x1200&tg_fl.eid=2088034-4%3B2088034-5%3B2088034-1%3B2088034-2%3B2088034-3&rf=https%3A%2F%2Fwegotthiscovered.com%2F&x_source.pchain=proper.io%3A09983aa5-787b-11eb-8272-06ef03bc0096&ppuid=b11784ec-3e01-4aa3-93d1-ad5261985a8a&eid_pubcid.org=b11784ec-3e01-4aa3-93d1-ad5261985a8a%5E1&rp_schain=1.0%2C1!proper.io%2C09983aa5-787b-11eb-8272-06ef03bc0096%2C1&slots=5&rand=0.2543169545718065
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:200::32 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
95dada8d5f7796df414b855556156b53187c4282a072755760e189102f8c11bb

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 16:09:52 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://wegotthiscovered.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
mvo
tag.1rx.io/rmp/251630/0/ 		0
167 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.1rx.io/rmp/251630/0/mvo?z=1r&hbv=7.22,2.1
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.127.204.162 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://wegotthiscovered.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://wegotthiscovered.com
pragma
no-cache
date
Wed, 14 Dec 2022 16:09:52 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
imp
g2.gumgum.com/hbid/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?pi=3&lt=1671034192101&t=mluwmihh&maxw=728&maxh=90&si=302235&bf=728x90&fp=0.1&fpc=USD&pubcid=b11784ec-3e01-4aa3-93d1-ad5261985a8a&schain=1.0%2C1!proper.io%2C09983aa5-787b-11eb-8272-06ef03bc0096%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwegotthiscovered.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%227.22.0%22%7D&ogu=https%3A%2F%2Fwegotthiscovered.com%2F&ns=10240&_t=Wed%20Dec%2014%202022%2016:09:52%20GMT+0000%20(GMT)
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.214.159.165 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-214-159-165.compute-1.amazonaws.com
Software
nginx /
Resource Hash
0fc5a210637cd6739073bb898a0c5bd9355cebe861be00d0bd0adf57992a9dfe

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 16:09:52 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://wegotthiscovered.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
imp
g2.gumgum.com/hbid/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?pi=3&lt=1671034192102&t=mluwmihh&maxw=728&maxh=90&si=302236&bf=728x90&fp=0.1&fpc=USD&pubcid=b11784ec-3e01-4aa3-93d1-ad5261985a8a&schain=1.0%2C1!proper.io%2C09983aa5-787b-11eb-8272-06ef03bc0096%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwegotthiscovered.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%227.22.0%22%7D&ogu=https%3A%2F%2Fwegotthiscovered.com%2F&ns=10240&_t=Wed%20Dec%2014%202022%2016:09:52%20GMT+0000%20(GMT)
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.214.159.165 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-214-159-165.compute-1.amazonaws.com
Software
nginx /
Resource Hash
4ee09c44b9a166187ef85a03059b395b4818edce39c06bddf7fb1663a83af9ab

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 16:09:52 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://wegotthiscovered.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
imp
g2.gumgum.com/hbid/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?pi=3&lt=1671034192102&t=mluwmihh&maxw=970&maxh=90&si=302229&bf=970x90&fp=0.1&fpc=USD&pubcid=b11784ec-3e01-4aa3-93d1-ad5261985a8a&schain=1.0%2C1!proper.io%2C09983aa5-787b-11eb-8272-06ef03bc0096%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwegotthiscovered.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%227.22.0%22%7D&ogu=https%3A%2F%2Fwegotthiscovered.com%2F&ns=10240&_t=Wed%20Dec%2014%202022%2016:09:52%20GMT+0000%20(GMT)
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.214.159.165 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-214-159-165.compute-1.amazonaws.com
Software
nginx /
Resource Hash
f7e489a205bd11ea63eeda166db4345c049e7e999ad5cb23dbc53c52d9808782

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 16:09:52 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://wegotthiscovered.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
imp
g2.gumgum.com/hbid/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?pi=3&lt=1671034192102&t=mluwmihh&maxw=300&maxh=250&si=302230&bf=300x250&fp=0.1&fpc=USD&pubcid=b11784ec-3e01-4aa3-93d1-ad5261985a8a&schain=1.0%2C1!proper.io%2C09983aa5-787b-11eb-8272-06ef03bc0096%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwegotthiscovered.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%227.22.0%22%7D&ogu=https%3A%2F%2Fwegotthiscovered.com%2F&ns=10240&_t=Wed%20Dec%2014%202022%2016:09:52%20GMT+0000%20(GMT)
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.214.159.165 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-214-159-165.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e9f425689b3fb127f05744923a75a92e2fe5847e54fe448b3f4bc4366a59fda7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 16:09:52 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://wegotthiscovered.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
imp
g2.gumgum.com/hbid/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?pi=3&lt=1671034192110&t=mluwmihh&maxw=300&maxh=250&si=302231&bf=300x250&fp=0.1&fpc=USD&pubcid=b11784ec-3e01-4aa3-93d1-ad5261985a8a&schain=1.0%2C1!proper.io%2C09983aa5-787b-11eb-8272-06ef03bc0096%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwegotthiscovered.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%227.22.0%22%7D&ogu=https%3A%2F%2Fwegotthiscovered.com%2F&ns=10240&_t=Wed%20Dec%2014%202022%2016:09:52%20GMT+0000%20(GMT)
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.214.159.165 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-214-159-165.compute-1.amazonaws.com
Software
nginx /
Resource Hash
50bf5576e0baf9b7fc719a43faeddccae330da1132faf33aec2d8fc495e6dd4f

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 16:09:52 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://wegotthiscovered.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
imp
g2.gumgum.com/hbid/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?pi=3&lt=1671034192111&t=mluwmihh&maxw=300&maxh=250&si=302232&bf=300x250&fp=0.1&fpc=USD&pubcid=b11784ec-3e01-4aa3-93d1-ad5261985a8a&schain=1.0%2C1!proper.io%2C09983aa5-787b-11eb-8272-06ef03bc0096%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwegotthiscovered.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%227.22.0%22%7D&ogu=https%3A%2F%2Fwegotthiscovered.com%2F&ns=10240&_t=Wed%20Dec%2014%202022%2016:09:52%20GMT+0000%20(GMT)
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.214.159.165 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-214-159-165.compute-1.amazonaws.com
Software
nginx /
Resource Hash
3a0412bc34cb83dada6a2063dc399118cbd592025e9234aa984c025796d8d9c1

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 16:09:52 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://wegotthiscovered.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
imp
g2.gumgum.com/hbid/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?pi=3&lt=1671034192111&t=mluwmihh&maxw=300&maxh=250&si=302233&bf=300x250&fp=0.1&fpc=USD&pubcid=b11784ec-3e01-4aa3-93d1-ad5261985a8a&schain=1.0%2C1!proper.io%2C09983aa5-787b-11eb-8272-06ef03bc0096%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwegotthiscovered.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%227.22.0%22%7D&ogu=https%3A%2F%2Fwegotthiscovered.com%2F&ns=10240&_t=Wed%20Dec%2014%202022%2016:09:52%20GMT+0000%20(GMT)
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.214.159.165 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-214-159-165.compute-1.amazonaws.com
Software
nginx /
Resource Hash
6d6cd61d84b9c93b0d1fbebe245e31aa7a3733a1bffdcc189d104f33a40ee2e7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 16:09:52 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://wegotthiscovered.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
imp
g2.gumgum.com/hbid/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?pi=3&lt=1671034192111&t=mluwmihh&maxw=300&maxh=600&si=302223&bf=300x600&fp=1&fpc=USD&pubcid=b11784ec-3e01-4aa3-93d1-ad5261985a8a&schain=1.0%2C1!proper.io%2C09983aa5-787b-11eb-8272-06ef03bc0096%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwegotthiscovered.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%227.22.0%22%7D&ogu=https%3A%2F%2Fwegotthiscovered.com%2F&ns=10240&_t=Wed%20Dec%2014%202022%2016:09:52%20GMT+0000%20(GMT)
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.214.159.165 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-214-159-165.compute-1.amazonaws.com
Software
nginx /
Resource Hash
f9d2741f93e8e29417fce92a672a2a24029cad28575703ad3943944202dc06ee

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 16:09:52 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://wegotthiscovered.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
bid.json
reachms.bfmio.com/ 		0
221 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://reachms.bfmio.com/bid.json?exchange_id=eb1985cf-693d-419b-ee26-3d1a81c96314
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.233.114.209 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-233-114-209.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://wegotthiscovered.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://wegotthiscovered.com
date
Wed, 14 Dec 2022 16:09:52 GMT
access-control-expose-headers
location
access-control-allow-credentials
true
vary
Origin
expires
Thu, 01 Jan 1970 00:00:00 GMT
bid.json
reachms.bfmio.com/ 		0
219 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://reachms.bfmio.com/bid.json?exchange_id=eb1985cf-693d-419b-ee26-3d1a81c96314
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.233.114.209 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-233-114-209.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://wegotthiscovered.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://wegotthiscovered.com
date
Wed, 14 Dec 2022 16:09:52 GMT
access-control-expose-headers
location
access-control-allow-credentials
true
vary
Origin
expires
Thu, 01 Jan 1970 00:00:00 GMT
mvo
tag.1rx.io/rmp/251629/0/ 		0
167 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.1rx.io/rmp/251629/0/mvo?z=1r&hbv=7.22,2.1
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.127.204.162 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://wegotthiscovered.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://wegotthiscovered.com
pragma
no-cache
date
Wed, 14 Dec 2022 16:09:52 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
bid-request
a.teads.tv/hb/ 		16 B
507 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.205.73.36 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-73-36.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://wegotthiscovered.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 16:09:52 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://wegotthiscovered.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Wed, 14 Dec 2022 16:09:52 GMT
prebid
ib.adnxs.com/ut/v3/ 		598 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.161.208 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
806.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
619b9327d536cb0f4bc85d49afc70e9bd9503b7255655483093d8fd69ddd5a16
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://wegotthiscovered.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Wed, 14 Dec 2022 16:09:52 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
149.56.153.178; 149.56.153.178; 806.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
5ef149fa-a7e2-42a7-be6a-7912064e1f15
Server
nginx/1.21.3
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://wegotthiscovered.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
262 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=52Yh7Ui7pc8ss6U6rL4I8hAR&bidId=52Yh7Ui7pc8ss6U6rL4I8hAR&bidfloor=0.1&instant_play_capable=true&hbSource=prebid&hbVersion=3.0.0&strVersion=3.2.0&shduid=b11784ec-3e01-4aa3-93d1-ad5261985a8a&pubcid=b11784ec-3e01-4aa3-93d1-ad5261985a8a&schain=%7B%22ver%22%3A%221.0%22%2C%22nodes%22%3A%5B%7B%22hp%22%3A1%2C%22asi%22%3A%22proper.io%22%2C%22sid%22%3A%2209983aa5-787b-11eb-8272-06ef03bc0096%22%7D%5D%2C%22complete%22%3A1%7D
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.20.61.58 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-20-61-58.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://wegotthiscovered.com
Date
Wed, 14 Dec 2022 16:09:52 GMT
Cache-Control
private, no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Vary
Origin
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
262 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=P0jqdJh1F5oblGVOhUmtzsOJ&bidId=P0jqdJh1F5oblGVOhUmtzsOJ&bidfloor=0.1&instant_play_capable=true&hbSource=prebid&hbVersion=3.0.0&strVersion=3.2.0&shduid=b11784ec-3e01-4aa3-93d1-ad5261985a8a&pubcid=b11784ec-3e01-4aa3-93d1-ad5261985a8a&schain=%7B%22ver%22%3A%221.0%22%2C%22nodes%22%3A%5B%7B%22hp%22%3A1%2C%22asi%22%3A%22proper.io%22%2C%22sid%22%3A%2209983aa5-787b-11eb-8272-06ef03bc0096%22%7D%5D%2C%22complete%22%3A1%7D
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.20.61.58 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-20-61-58.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://wegotthiscovered.com
Date
Wed, 14 Dec 2022 16:09:52 GMT
Cache-Control
private, no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Vary
Origin
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
262 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=4odmH6fmUmDvYMQLfkysCZmO&bidId=4odmH6fmUmDvYMQLfkysCZmO&bidfloor=0.1&instant_play_capable=true&hbSource=prebid&hbVersion=3.0.0&strVersion=3.2.0&shduid=b11784ec-3e01-4aa3-93d1-ad5261985a8a&pubcid=b11784ec-3e01-4aa3-93d1-ad5261985a8a&schain=%7B%22ver%22%3A%221.0%22%2C%22nodes%22%3A%5B%7B%22hp%22%3A1%2C%22asi%22%3A%22proper.io%22%2C%22sid%22%3A%2209983aa5-787b-11eb-8272-06ef03bc0096%22%7D%5D%2C%22complete%22%3A1%7D
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.20.61.58 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-20-61-58.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://wegotthiscovered.com
Date
Wed, 14 Dec 2022 16:09:52 GMT
Cache-Control
private, no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Vary
Origin
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
262 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=d1yhXU1BdmCwBzRjjNpeSjw9&bidId=d1yhXU1BdmCwBzRjjNpeSjw9&bidfloor=0.1&instant_play_capable=true&hbSource=prebid&hbVersion=3.0.0&strVersion=3.2.0&shduid=b11784ec-3e01-4aa3-93d1-ad5261985a8a&pubcid=b11784ec-3e01-4aa3-93d1-ad5261985a8a&schain=%7B%22ver%22%3A%221.0%22%2C%22nodes%22%3A%5B%7B%22hp%22%3A1%2C%22asi%22%3A%22proper.io%22%2C%22sid%22%3A%2209983aa5-787b-11eb-8272-06ef03bc0096%22%7D%5D%2C%22complete%22%3A1%7D
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.20.61.58 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-20-61-58.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://wegotthiscovered.com
Date
Wed, 14 Dec 2022 16:09:52 GMT
Cache-Control
private, no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Vary
Origin
arj
propermedia-d.openx.net/w/1.0/ 		174 B
383 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://propermedia-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwegotthiscovered.com%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tws=1600x1200&aus=728x90%2C300x250%7C728x90%7C300x250%7C300x250%7C300x250%2C300x600&auid=544108942%2C544108943%2C544108949%2C544108950%2C544108953&aumfs=100%2C100%2C100%2C100%2C100&dddid=e3455cc9-880c-40cd-855d-0a79ba421770%2C5de622f1-bf2a-4e48-933c-af750e38ddd0%2Cf32b8c72-0217-4522-9418-dbe47af3275f%2C98487c11-4cb0-41bf-802a-82df7c09fa68%2C33614782-5ec7-4d9f-a6c3-490b33d6a9d4&divIds=openx-0dd5f772-837b-4ce0-ac35-dc2ca55d955e%2Copenx-c9341453-add5-4aed-8be0-00ea1c1f17b1%2Copenx-31270ca5-4f95-4545-9bb2-d173bd9a120a%2Copenx-796aae4d-7164-4601-badb-904e106db639%2Copenx-0324cc56-7a35-4e53-a674-893125e22a86&be=1&bc=hb_pb_3.0.1&nocache=1671034192120&schain=1.0%2C1!proper.io%2C09983aa5-787b-11eb-8272-06ef03bc0096%2C1&x_gdpr_f=1&pubcid=b11784ec-3e01-4aa3-93d1-ad5261985a8a
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
cf6258597c31e9c1def50b211048660b5e3d33fe2525859cf343567ccad9ffd6

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 16:09:52 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://wegotthiscovered.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
165
expires
Mon, 26 Jul 1997 05:00:00 GMT
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
468 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.4.33.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-33-45.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
9421d7b4c9e13291da7ada9b5103ed83fab92e157f3650731a3d3580f1deb3fc

Request headers

Referer
https://wegotthiscovered.com/
x-openrtb-version
2.5
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 14 Dec 2022 16:09:52 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://wegotthiscovered.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
265 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.4.33.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-33-45.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
9421d7b4c9e13291da7ada9b5103ed83fab92e157f3650731a3d3580f1deb3fc

Request headers

Referer
https://wegotthiscovered.com/
x-openrtb-version
2.5
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 14 Dec 2022 16:09:52 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://wegotthiscovered.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
264 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.4.33.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-33-45.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
9421d7b4c9e13291da7ada9b5103ed83fab92e157f3650731a3d3580f1deb3fc

Request headers

Referer
https://wegotthiscovered.com/
x-openrtb-version
2.5
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 14 Dec 2022 16:09:52 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://wegotthiscovered.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
265 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.4.33.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-33-45.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
9421d7b4c9e13291da7ada9b5103ed83fab92e157f3650731a3d3580f1deb3fc

Request headers

Referer
https://wegotthiscovered.com/
x-openrtb-version
2.5
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 14 Dec 2022 16:09:52 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://wegotthiscovered.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
264 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.4.33.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-33-45.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
9421d7b4c9e13291da7ada9b5103ed83fab92e157f3650731a3d3580f1deb3fc

Request headers

Referer
https://wegotthiscovered.com/
x-openrtb-version
2.5
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 14 Dec 2022 16:09:52 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://wegotthiscovered.com
access-control-allow-credentials
true
content-length
66
328786
search.spotxchange.com/openrtb/2.3/dados/ 		0
956 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/328786
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.35.249.142 Ashburn, United States, ASN11742 (SPOTX-IAD, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://wegotthiscovered.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 14 Dec 2022 16:09:52 GMT
x-spotx-timing-spotmarket-primary
0.003465
x-spotx-timing-transform
0.000276
x-spotx-timing-spotmarket
0.003465
x-spotx-timing-page-require
0.000396
x-fe
574
x-spotx-timing-page-misc
0.003105
x-spotx-timing-page-cookie
0.000027
x-spotx-timing-page
0.008327
pragma
no-cache
x-spotx-timing-page-context
0.000275
last-modified
Wed, 14 Dec 2022 16:09:52 GMT
access-control-allow-methods
POST, GET, PATCH, DELETE, OPTIONS
content-type
application/json
access-control-allow-origin
https://wegotthiscovered.com
x-spotx-timing-page-exception
0.000000
cache-control
no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-credentials
true
x-spotx-timing-page-uri
0.000012
x-spotx-timing-spotmarket-secondary
0.000000
x-spotx-timing-page-mux
0.000771
access-control-allow-headers
expires
Thu, 01 Jan 1970 00:00:00 GMT
328786
search.spotxchange.com/openrtb/2.3/dados/ 		0
957 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/328786
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.35.249.142 Ashburn, United States, ASN11742 (SPOTX-IAD, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://wegotthiscovered.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 14 Dec 2022 16:09:52 GMT
x-spotx-timing-spotmarket-primary
0.002916
x-spotx-timing-transform
0.000265
x-spotx-timing-spotmarket
0.002916
x-spotx-timing-page-require
0.000319
x-fe
420
x-spotx-timing-page-misc
0.002797
x-spotx-timing-page-cookie
0.000030
x-spotx-timing-page
0.007370
pragma
no-cache
x-spotx-timing-page-context
0.000233
last-modified
Wed, 14 Dec 2022 16:09:52 GMT
access-control-allow-methods
POST, GET, PATCH, DELETE, OPTIONS
content-type
application/json
access-control-allow-origin
https://wegotthiscovered.com
x-spotx-timing-page-exception
0.000001
cache-control
no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-credentials
true
x-spotx-timing-page-uri
0.000011
x-spotx-timing-spotmarket-secondary
0.000000
x-spotx-timing-page-mux
0.000798
access-control-allow-headers
expires
Thu, 01 Jan 1970 00:00:00 GMT
hb
ssc.33across.com/api/v1/ 		139 B
211 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
129523d3fa08bfec1190be345218cb980d077a4d11fb5e9fb578832302a2eac5

Request headers

Referer
https://wegotthiscovered.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 14 Dec 2022 16:09:52 GMT
content-encoding
gzip
via
1.1 google
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
status
200 OK
access-control-allow-origin
https://wegotthiscovered.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
hb
ssc.33across.com/api/v1/ 		139 B
210 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
fdb4e82e93f162ae5713c48ee3309488b6d425a47d1392acd79d5adea2e0e596

Request headers

Referer
https://wegotthiscovered.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 14 Dec 2022 16:09:52 GMT
content-encoding
gzip
via
1.1 google
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
status
200 OK
access-control-allow-origin
https://wegotthiscovered.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
hb
ssc.33across.com/api/v1/ 		139 B
396 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
84a390a4496f54d948493672c14e692c2236c7f36fed2f9fe95adee642d11d95

Request headers

Referer
https://wegotthiscovered.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 14 Dec 2022 16:09:52 GMT
content-encoding
gzip
via
1.1 google
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
status
200 OK
access-control-allow-origin
https://wegotthiscovered.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
hb
ssc.33across.com/api/v1/ 		139 B
211 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
f17612227f3ae442e3374db86b35348d69c1bdbd86199e731140f20f01d67aa3

Request headers

Referer
https://wegotthiscovered.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 14 Dec 2022 16:09:52 GMT
content-encoding
gzip
via
1.1 google
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
status
200 OK
access-control-allow-origin
https://wegotthiscovered.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
hb
ssc.33across.com/api/v1/ 		139 B
219 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
48f615bf516a15322392d61080278697d33fcb2cdca5d359c3eacc791d73915b

Request headers

Referer
https://wegotthiscovered.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 14 Dec 2022 16:09:52 GMT
content-encoding
gzip
via
1.1 google
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
status
200 OK
access-control-allow-origin
https://wegotthiscovered.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
prebid
prebid.media.net/rtb/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUW4K2MG
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
56684c7045d7a5b581aee5d4a5b6ab8b91030bcce3ee10fd30488ead7fcbdc69

Request headers

Referer
https://wegotthiscovered.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 16:09:52 GMT
content-encoding
gzip
via
1.1 google
server
nginx
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://wegotthiscovered.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
expires
Wed, 14 Dec 2022 16:09:52 GMT
translator
hbopenbid.pubmatic.com/ 		0
63 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://wegotthiscovered.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://wegotthiscovered.com
date
Wed, 14 Dec 2022 16:09:52 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
v1
prg.smartadserver.com/prebid/ 		934 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.105.12.145 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
62459ff207a967d3a92e09c97e8a62b6b60120f7a1b81851955609036bfcee42

Request headers

Referer
https://wegotthiscovered.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 16:09:51 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://wegotthiscovered.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
v1
prg.smartadserver.com/prebid/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.105.12.145 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
00f5fa0e6c3959313e1d293bae4933d3a1b66b4bd67b1a36566def89da9185db

Request headers

Referer
https://wegotthiscovered.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 16:09:51 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://wegotthiscovered.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
v1
prg.smartadserver.com/prebid/ 		835 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.105.12.145 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
5d60188e1893cab2a9d74afe3bf745d181a2dfa0bafe196c9328269c83600f41

Request headers

Referer
https://wegotthiscovered.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 16:09:52 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://wegotthiscovered.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
v1
prg.smartadserver.com/prebid/ 		950 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.105.12.145 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
bae55ddb2e1f410e5a36630dfafa976d4c99a1949dc0b6b162aa1e5c0aa2d2dd

Request headers

Referer
https://wegotthiscovered.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 16:09:51 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://wegotthiscovered.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
v1
prg.smartadserver.com/prebid/ 		0
342 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.105.12.145 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://wegotthiscovered.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 16:09:51 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://wegotthiscovered.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
v1
prg.smartadserver.com/prebid/ 		0
342 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.105.12.145 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://wegotthiscovered.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 16:09:51 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://wegotthiscovered.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
trinity.json
apex.go.sonobi.com/ 		256 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%222c7f33dec4dac1aef181%22%3A%222c7f33dec4dac1aef181%7C728x90%7C0.1%22%2C%22d3a5634c22c38b36c65c%22%3A%22d3a5634c22c38b36c65c%7C728x90%7C0.1%22%2C%22703655e503a7d7375380%22%3A%22703655e503a7d7375380%7C300x250%7C0.1%22%2C%22f9db147c25e11d5b246b%22%3A%22f9db147c25e11d5b246b%7C300x250%7C0.1%22%2C%228be984380e9d3e24214d%22%3A%228be984380e9d3e24214d%7C300x250%7C0.1%22%2C%22e75905403a42ff80ec58%22%3A%22e75905403a42ff80ec58%7C300x250%7C0.1%22%2C%22915ace92796b2155a77c%22%3A%22915ace92796b2155a77c%7C300x600%7C1%22%7D&ref=https%3A%2F%2Fwegotthiscovered.com%2F&s=e20f95e0-2886-463c-ba83-2d69dc5be3b3&pv=219e516a-56e5-46bf-9bd9-a42a610d6a86&vp=desktop&lib_name=prebid&lib_v=7.22.0&us=1&ius=1&userid=%7B%22pubcid%22%3A%22b11784ec-3e01-4aa3-93d1-ad5261985a8a%22%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22b11784ec-3e01-4aa3-93d1-ad5261985a8a%22%2C%22atype%22%3A1%7D%5D%7D%5D&schain=%7B%22ver%22%3A%221.0%22%2C%22nodes%22%3A%5B%7B%22hp%22%3A1%2C%22asi%22%3A%22proper.io%22%2C%22sid%22%3A%2209983aa5-787b-11eb-8272-06ef03bc0096%22%2C%22rid%22%3A%22faf2c2d1-cad4-4ae7-b5c9-1686a2570e1e%22%7D%5D%2C%22complete%22%3A1%7D
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.166.1.14 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
b1a5a09a0eedf9c9ddfb180ed20a70542b785e8b3531cd3f22f36a82e88e3d3c
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 14 Dec 2022 16:09:52 GMT
Content-Encoding
gzip
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-186
Content-Type
application/json
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
https://wegotthiscovered.com
Cache-Control
no-cache, no-store, private
Access-Control-Allow-Credentials
true
Tcn
Choice
Content-Length
197
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
cygnus
htlb.casalemedia.com/ 		58 B
592 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=684068&r=%7B%22id%22%3A%22d2885d47-52d3-4cf6-bec4-a162fb33a006%22%2C%22site%22%3A%7B%22ref%22%3A%22%22%2C%22page%22%3A%22https%3A%2F%2Fwegotthiscovered.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22sn%22%3A0%2C%22ls%22%3Atrue%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22728x90-1-E7EW9%22%2C%22bidfloor%22%3A0.1%2C%22bidfloorcur%22%3A%22USD%22%2C%22ext%22%3A%7B%22sid%22%3A%22728x90-1-E7EW9%22%2C%22siteID%22%3A%22684068%22%7D%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22bidfloor%22%3A0.1%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%22728x90-2-S6igG%22%2C%22bidfloor%22%3A0.1%2C%22bidfloorcur%22%3A%22USD%22%2C%22ext%22%3A%7B%22sid%22%3A%22728x90-2-S6igG%22%2C%22siteID%22%3A%22684068%22%7D%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22bidfloor%22%3A0.1%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%22970x90-1-YwbEb%22%2C%22bidfloor%22%3A0.1%2C%22bidfloorcur%22%3A%22USD%22%2C%22ext%22%3A%7B%22sid%22%3A%22970x90-1-YwbEb%22%2C%22siteID%22%3A%22684068%22%7D%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A970%2C%22h%22%3A90%2C%22ext%22%3A%7B%22bidfloor%22%3A0.1%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%22300x250-1-dr9nr%22%2C%22bidfloor%22%3A0.1%2C%22bidfloorcur%22%3A%22USD%22%2C%22ext%22%3A%7B%22sid%22%3A%22300x250-1-dr9nr%22%2C%22siteID%22%3A%22684068%22%7D%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22bidfloor%22%3A0.1%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%22300x250-2-kP1qr%22%2C%22bidfloor%22%3A0.1%2C%22bidfloorcur%22%3A%22USD%22%2C%22ext%22%3A%7B%22sid%22%3A%22300x250-2-kP1qr%22%2C%22siteID%22%3A%22684068%22%7D%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22bidfloor%22%3A0.1%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%22300x250-3-FweoB%22%2C%22bidfloor%22%3A0.1%2C%22bidfloorcur%22%3A%22USD%22%2C%22ext%22%3A%7B%22sid%22%3A%22300x250-3-FweoB%22%2C%22siteID%22%3A%22684068%22%7D%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22bidfloor%22%3A0.1%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%22300x250-4-TlWNX%22%2C%22bidfloor%22%3A0.1%2C%22bidfloorcur%22%3A%22USD%22%2C%22ext%22%3A%7B%22sid%22%3A%22300x250-4-TlWNX%22%2C%22siteID%22%3A%22684068%22%7D%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22bidfloor%22%3A0.1%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%22300x600-1-DAWmI%22%2C%22bidfloor%22%3A1%2C%22bidfloorcur%22%3A%22USD%22%2C%22ext%22%3A%7B%22sid%22%3A%22300x600-1-DAWmI%22%2C%22siteID%22%3A%22684068%22%7D%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A600%2C%22ext%22%3A%7B%22bidfloor%22%3A1%7D%7D%5D%7D%7D%5D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22b11784ec-3e01-4aa3-93d1-ad5261985a8a%22%7D%5D%7D%5D%7D%2C%22source%22%3A%7B%22tid%22%3A%228ec2b4ed-be56-4c8f-b04a-e3cab5eac097%22%2C%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22nodes%22%3A%5B%7B%22hp%22%3A1%2C%22asi%22%3A%22proper.io%22%2C%22sid%22%3A%2209983aa5-787b-11eb-8272-06ef03bc0096%22%2C%22rid%22%3A%22faf2c2d1-cad4-4ae7-b5c9-1686a2570e1e%22%7D%5D%2C%22complete%22%3A1%7D%7D%7D%7D&v=7.2&ac=j&sd=1
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
70e981c0be6b446ed823c1b8164238ab6902c736de80fd8bbc50a649d176e28e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 16:09:52 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UBvH3r4pQJ38p3zpC1YDJSRbeoqFQ3vOX0pAVV55lHlbupv5ZKiN3gg2AFA6jKNCyMi3JeBtf92APZHp09n2Ht7QjPbHFXjebTPTsOMFHQxpk7OTUzTaDZcL2UqBHNOTCcG%2B5NKj"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://wegotthiscovered.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
779834d53ea953fb-YYZ
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
0
auction
tlx.3lift.com/header/ 		19 B
510 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=7.22.0&referrer=https%3A%2F%2Fwegotthiscovered.com%2F&tmax=550
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.223.224.44 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-223-224-44.compute-1.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://wegotthiscovered.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 16:09:52 GMT
accept-ch
sec-ch-ua-mobile,sec-ch-save-data,sec-ch-device-memory,sec-ch-dpr,sec-ch-ua-full-version,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-viewport-width,sec-ch-ua-platform,sec-ch-viewport-height,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua,sec-ch-ua-bitness,sec-ch-prefers-color-scheme,sec-ch-width,sec-ch-ect,user-agent,sec-ch-downlink
content-type
application/json; charset=utf-8
access-control-allow-origin
https://wegotthiscovered.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
bid
ap.lijit.com/rtb/ 		115 B
643 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.22.0
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
63.251.114.182 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
abf13b5296ec64f020b1d5389976e99e598a569ed25d6bd4e5a71507a8af3bfb

Request headers

Referer
https://wegotthiscovered.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Wed, 14 Dec 2022 16:09:52 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://wegotthiscovered.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap7ewr1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
111
cdb
bidder.criteo.com/ 		0
222 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.22.0&cb=96007674435&im=1
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://wegotthiscovered.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 14 Dec 2022 16:09:51 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://wegotthiscovered.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
v2lbkPgTg6IE9CcrpFhhn-OtZjbanrwmZZ0FINJw0fMDcmwdAta7LNpD081q4Uptr8f-N2AeK
superficialeyes.com/ 		183 B
210 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://superficialeyes.com/v2lbkPgTg6IE9CcrpFhhn-OtZjbanrwmZZ0FINJw0fMDcmwdAta7LNpD081q4Uptr8f-N2AeK
Requested by
Host: superficialeyes.com
URL: https://superficialeyes.com/v2vrjgGqflcUvVGu3AjyLMOGAXT0bOhD9RGWW2u9n587yFk4ET7PnHt8X11-C5AsE
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:0:2b56::1 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
be7c93cf39a00ab05ae2ae580945d914372f1826e7b6c5df64c1e03adc2a644e
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://wegotthiscovered.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
date
Wed, 14 Dec 2022 16:09:52 GMT
via
1.1 google
x-buildnumber
718439402
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
183
x-datacenter
gce-us-east1
x-buildname
hoothoot
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://wegotthiscovered.com
x-hostname
fen-hoothoot-us-east1-jfx4
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
expires
Wed, 14 Dec 2022 16:09:51 GMT
px.gif
ad-delivery.net/ 		43 B
949 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad-delivery.net/px.gif?ch=2
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4513 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 16:09:52 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1919697
x-guploader-uploadid
ADPycdskBf6KyyAWUsWpDOUy2Qow3MjJEIilNuJf56c5RtamWOK8UETs20gNJJIThWQRsvBxGlVP3RIB6sJ0j-GnGugA8g
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
x-goog-generation
1620242732037093
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers
*, Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KBR2HixMvxSHFobE8fTtw%2BhTWKjOdVeVP%2BXMYgjj8owF9ndHVmSrQ%2BSIP%2FGd7Wv%2FsChN8t115GgMe%2BaYV9Mzqdwy6ToQIxOVUC5EtqWobx8w3wB6brbu%2FLBDFeQppJfLhM%2BFFhZhUJSI3%2B53IA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
779834d5db8fa210-YYZ
expires
Tue, 22 Nov 2022 11:14:14 GMT
rules-p-mEzuYq24VEJ-3.js
rules.quantcount.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-mEzuYq24VEJ-3.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21dd:c000:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2541943eb1b759367d198f4b470134d85aadc1bf18a48da5e49de3c61b9a59ac

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 16:00:24 GMT
content-encoding
gzip
via
1.1 343d70dd2c23b73057116d47a342c588.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-C2
age
569
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
last-modified
Fri, 14 Oct 2022 00:52:56 GMT
server
AmazonS3
etag
W/"bc35b7c476efec25f5c48ba8fb7b9906"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
x-amz-cf-id
S58h3BRpbSBeWIahW4Y6PLY7iD427vcq0AdN3VxtqJvimv1EtRLDBw==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.144.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-144-76.ewr52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 02:43:31 GMT
x-amz-version-id
KO0V33_zzBQMkGMaMpLupHqINiAUum0D
content-encoding
gzip
via
1.1 0d3bc0372b2119705524079214a98b3e.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR52-C2
age
48382
x-cache
Hit from cloudfront
last-modified
Wed, 07 Dec 2022 02:43:04 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
ab-ksjqCDO_0xPyUHOn22zavRf03D6iKuNmMnxdqbUE09QHNPMnwow==
config
c.amazon-adsystem.com/cdn/prod/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwegotthiscovered.com&pubid=cb3b5777-430d-4622-b7fc-358cfa27d518
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.144.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-144-76.ewr52.r.cloudfront.net
Software
Server /
Resource Hash
0e9c1e427a5e80c2866377d7efcf372713fe8de95427f06e0fcfedfe1e3cd12a

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 11:01:48 GMT
via
1.1 c00308f66532ff493ccf2757d4085e0c.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
EWR52-C2
age
18484
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://wegotthiscovered.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
1378
x-amz-cf-id
SLz8A-GHxxlSLmf9e_8EuYE_-N-ugxw-upHT4HezNBXvcBGq5ApGTw==
bid
aax-dtb-cf.amazon-adsystem.com/e/dtb/ 		207 B
651 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwegotthiscovered.com%2F&pid=aCgubsrI40syV&cb=0&ws=1600x1200&v=22.1201.834&t=550&slots=%5B%7B%22sd%22%3A%22desktop-4%22%2C%22s%22%3A%5B%22728x90%22%2C%22300x250%22%5D%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A10%7D%2C%7B%22sd%22%3A%22desktop-5%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A10%7D%2C%7B%22sd%22%3A%22desktop-7%22%2C%22s%22%3A%5B%22970x90%22%5D%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A10%7D%2C%7B%22sd%22%3A%22desktop-1%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A10%7D%2C%7B%22sd%22%3A%22desktop-2%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A10%7D%2C%7B%22sd%22%3A%22desktop-3%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A10%7D%5D&schain=1.0%2C1!proper.io%2C09983aa5-787b-11eb-8272-06ef03bc0096%2C1%2Cfaf2c2d1-cad4-4ae7-b5c9-1686a2570e1e%2C%2C&pubid=cb3b5777-430d-4622-b7fc-358cfa27d518&gdpre=0&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.50.211 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-50-211.jfk50.r.cloudfront.net
Software
Server /
Resource Hash
66e468ad56a6ee9df37d4aa7ada39d86ab4c29c4493f111c8895549accdcaf84
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 16:09:52 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 043cf9310ff19c0e58a0b6e76877f570.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
JFK50-P1
x-amz-rid
7WX5D8TCK30EYE06CJ2H
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://wegotthiscovered.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
207
x-amz-cf-id
1Eo5WVRGGyQAlJ68iNhwrBJMsh0-YgDExpVZHtKB3qvQM6vqCKfD4w==
bid
aax-dtb-cf.amazon-adsystem.com/e/dtb/ 		207 B
652 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwegotthiscovered.com%2F&pid=aCgubsrI40syV&cb=1&ws=1600x1200&v=22.1201.834&t=550&slots=%5B%7B%22fc%22%3A%22USD%22%2C%22fp%22%3A100%2C%22id%22%3A%22Outstream_400x300%22%2C%22mt%22%3A%22v%22%7D%2C%7B%22fc%22%3A%22USD%22%2C%22fp%22%3A100%2C%22id%22%3A%22Outstream_400x300%22%2C%22mt%22%3A%22v%22%7D%5D&schain=1.0%2C1!proper.io%2C09983aa5-787b-11eb-8272-06ef03bc0096%2C1%2Cfaf2c2d1-cad4-4ae7-b5c9-1686a2570e1e%2C%2C&pubid=cb3b5777-430d-4622-b7fc-358cfa27d518&gdpre=0&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.50.211 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-50-211.jfk50.r.cloudfront.net
Software
Server /
Resource Hash
b130d3879710e6eccbf6de6c54db32bcef09d82ecc23d81fe034ee3f472c0394
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 16:09:52 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 043cf9310ff19c0e58a0b6e76877f570.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
JFK50-P1
x-amz-rid
C26XRCFHJQ2P3TNQCTNE
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://wegotthiscovered.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
207
x-amz-cf-id
oY6gtHak3vq4fYtOOZBMkiPvDQwfCzO9ElhyBHo5blhouMHISqp-UQ==
/
geo.privacymanager.io/ 		30 B
595 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://geo.privacymanager.io/
Requested by
Host: ats.rlcdn.com
URL: https://ats.rlcdn.com/ats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.61.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-61-52.ewr53.r.cloudfront.net
Software
/
Resource Hash
70fd869f92915eb3c9f85d2d2b5a473ba45239ae463b35267642335337c46f06

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 11:12:29 GMT
via
1.1 477f2815176dbf316918cf19d9dc3eb6.cloudfront.net (CloudFront), 1.1 bf49d89d8a3c52a5998a7b465717a00e.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD55-P4, EWR53-P1
age
17843
x-amzn-requestid
df6847c4-f952-427c-8142-53fdd7da14ce
x-amzn-trace-id
Root=1-6399af9d-6fa12c8f4e23bcfc2b3afa73;Sampled=0
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type
application/json
access-control-allow-origin
*
x-cache
Hit from cloudfront
x-amz-apigw-id
dIhgmEKaDoEFjyw=
content-length
30
x-amz-cf-id
5uNwBICXz-Mcrb0l9s09AYadoSuF1keBClCtae_xHpzaIYSNNsDX-A==
access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
impl.20221213-28-RELEASE.js
cdn.taboola.com/libtrc/ 		697 KB
145 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/impl.20221213-28-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/skimlinks-publishers/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
f164ec8de5881a65f775c90a18557a2ca67a4ef51f35aed61135683efe18baf1

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-amz-version-id
Lrl1e2Aw8HzCg9OgpbTX6ln5I5_T3ZPx
content-encoding
br
via
1.1 varnish
date
Wed, 14 Dec 2022 16:09:52 GMT
x-amz-request-id
S3JYF2EN3SCBJW9T
age
2036
x-cache
HIT
content-length
147906
x-amz-id-2
vxYmOEYEXTIA0NKByXOjJG7sJnZhP6dpsuBWb0iJTUWFC3IO5EstCOArVOkRHn7YKilsmKX7NcE=
x-served-by
cache-yul12821-YUL
last-modified
Tue, 13 Dec 2022 15:34:28 GMT
server
AmazonS3-br
x-timer
S1671034192.341532,VS0,VE0
etag
"a4495474400267464c5d5703cfb4ef74"
vary
Accept-Encoding
content-type
application/javascript
abp
55
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
6619
pubcid.min.js
secure.cdn.fastclick.net/js/pubcid/latest/ 		53 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.64.59.24 Minneapolis, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-64-59-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
0767c070293f17944c5246f47d8c610131ee16556a032dc3b5820bdac5ec725f

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 16:09:52 GMT
content-encoding
gzip
last-modified
Thu, 13 Oct 2022 18:14:48 GMT
server
Apache
etag
"d4ed-5eaee7c12df48-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
17131
expires
Wed, 14 Dec 2022 16:24:52 GMT
sync.min.js
tags.crwdcntrl.net/lt/c/16576/ 		32 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.128.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-128-28.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c7ad2fb033696f6b193dc1e4ef7d353c1d9a4d4a39772bdd0b44175704986ef8

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 05:58:03 GMT
via
1.1 609b92127df3778f333c9eba7213368e.cloudfront.net (CloudFront)
last-modified
Mon, 21 Nov 2022 18:55:24 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P4
age
36710
x-amz-server-side-encryption
AES256
etag
"51c5af7d71728569b41d03503fff2de7"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age: 86400
accept-ranges
bytes
content-length
32463
x-amz-cf-id
sgLrHYS2ezEmVBsytbmwqpLoF1fz30YynYKjlwbfALXyYCwv93H4Yw==
id5-api.js
cdn.id5-sync.com/api/1.0/ 		57 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:266a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
39fae3dc476aaaa594e2c963401633dd5d02eccb3c175eda03912cfe0f91c92e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 16:09:52 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 24 Nov 2022 12:48:29 GMT
server
cloudflare
x-amz-request-id
6MMXV7VACT18W137
age
1429
etag
W/"9ee82d693d1e83b3a37ee20226716f78"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
779834d6bab0e855-EWR
x-amz-id-2
DZTPGuRy+DDq32wKetlmF1ekiYltAt9FkK6YRLip8ia1gTA63RIG0OZ7UMQ5C7ieqcgcvUHvzf4=
v2dqw1ssNnzbhJDCpid0f2cBB5QLijgSOoenYDrfI-RzgXaK5HDnY_MVicf_lL7Dk_lPXpWSW
superficialeyes.com/ 		3 B
27 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://superficialeyes.com/v2dqw1ssNnzbhJDCpid0f2cBB5QLijgSOoenYDrfI-RzgXaK5HDnY_MVicf_lL7Dk_lPXpWSW
Requested by
Host: superficialeyes.com
URL: https://superficialeyes.com/v2vrjgGqflcUvVGu3AjyLMOGAXT0bOhD9RGWW2u9n587yFk4ET7PnHt8X11-C5AsE
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:0:2b56::1 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://wegotthiscovered.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
date
Wed, 14 Dec 2022 16:09:52 GMT
via
1.1 google
x-buildnumber
718439402
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
x-datacenter
gce-us-east1
x-buildname
hoothoot
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://wegotthiscovered.com
x-hostname
fen-hoothoot-us-east1-jfx4
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
pixel;r=1707582488;labels=type.article;rf=0;a=p-mEzuYq24VEJ-3;url=https%3A%2F%2Fwegotthiscovered.com%2F;uht=2;fpan=1;fpa=P0-1996995736-1671034192237;pbc=;ns=0;ce=1;qjs=1;qv=b2bd41b7-20221206125257;...
pixel.quantserve.com/ 		35 B
371 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=1707582488;labels=type.article;rf=0;a=p-mEzuYq24VEJ-3;url=https%3A%2F%2Fwegotthiscovered.com%2F;uht=2;fpan=1;fpa=P0-1996995736-1671034192237;pbc=;ns=0;ce=1;qjs=1;qv=b2bd41b7-20221206125257;cm=;gdpr=0;us_privacy=1---;ref=;d=wegotthiscovered.com;dst=0;et=1671034192384;tzo=0;ogl=locale.en_US%2Ctype.article%2Ctitle.We%20Got%20This%20Covered%2Cdescription.All%20the%20latest%20news%252C%20trailers%20%26%20reviews%20for%20movies%252C%20video%20games%252C%20music%20and%20TV%252E%2Curl.https%3A%2F%2Fwegotthiscovered%252Ecom%2F%2Csite_name.We%20Got%20This%20Covered;ses=030aa91d-65a3-4799-b117-e43a839c90e9
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800b:21:c1e8:5385:5098:6bf0 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 16:09:52 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
collect
b.clarity.ms/ 		0
167 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://b.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/eus2/s/0.7.0/clarity.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.75.32.255 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://wegotthiscovered.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-origin
https://wegotthiscovered.com
date
Wed, 14 Dec 2022 16:09:52 GMT
access-control-allow-credentials
true
server
Microsoft-IIS/10.0
vary
Origin
request-context
appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
/
www.facebook.com/tr/ 		0
18 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=226866098399083&ev=Microdata&dl=https%3A%2F%2Fwegotthiscovered.com%2F&rl=&if=false&ts=1671034192409&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Movie%20News%2C%20Gaming%20News%2C%20Blu-Ray%20News%2C%20Music%20News%2C%20and%20TV%20News%20%7C%20We%20Got%20This%20Covered%22%2C%22meta%3Akeywords%22%3A%22%22%2C%22meta%3Adescription%22%3A%22All%20the%20latest%20news%2C%20trailers%20%26%20reviews%20for%20movies%2C%20video%20games%2C%20music%20and%20TV.%22%7D&cd[OpenGraph]=%7B%22og%3Alocale%22%3A%22en_US%22%2C%22og%3Atype%22%3A%22article%22%2C%22og%3Atitle%22%3A%22We%20Got%20This%20Covered%22%2C%22og%3Adescription%22%3A%22All%20the%20latest%20news%2C%20trailers%20%26%20reviews%20for%20movies%2C%20video%20games%2C%20music%20and%20TV.%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fwegotthiscovered.com%2F%22%2C%22og%3Asite_name%22%3A%22We%20Got%20This%20Covered%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5B%7B%22%40context%22%3A%22https%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Organization%22%2C%22%40id%22%3A%22https%3A%2F%2Fwegotthiscovered.com%23Organization%22%2C%22name%22%3A%22We%20Got%20This%20Covered%22%2C%22url%22%3A%22https%3A%2F%2Fwegotthiscovered.com%22%2C%22sameAs%22%3A%5B%5D%2C%22logo%22%3A%7B%22%40type%22%3A%22ImageObject%22%2C%22url%22%3A%22https%3A%2F%2Fwegotthiscovered.com%2Fwp-content%2Fuploads%2F2022%2F03%2FWGTC-Featured-Image-Logo.png%22%2C%22width%22%3A%221200%22%2C%22height%22%3A%22675%22%7D%7D%5D%2C%7B%22%40context%22%3A%22https%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22WebSite%22%2C%22url%22%3A%22https%3A%2F%2Fwegotthiscovered.com%22%2C%22potentialAction%22%3A%7B%22%40type%22%3A%22SearchAction%22%2C%22target%22%3A%22https%3A%2F%2Fwegotthiscovered.com%2F%3Fs%3D%7Bsearch_term_string%7D%26submit%3D%22%2C%22query-input%22%3A%22required%20name%3Dsearch_term_string%22%7D%7D%5D&sw=1600&sh=1200&v=2.9.89&r=stable&ec=1&o=30&fbp=fb.1.1671034191897.1940044330&it=1671034191308&coo=false&es=automatic&tm=3&exp=a0&rqm=GET
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 14 Dec 2022 16:09:52 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
priority
u=3,i
json
trc.taboola.com/skimlinks-publishers/trc/3/ 		5 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/skimlinks-publishers/trc/3/json?tim=16%3A09%3A52.428&lti=deflated&data=%7B%22id%22%3A668%2C%22ii%22%3A%22%2F%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1670947306464%2C%22vi%22%3A1671034192426%2C%22cv%22%3A%2220221213-28-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwegotthiscovered.com%2F%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22cmps%22%3A0%2C%22ga%22%3Afalse%2C%22ccpa_ps%22%3A%221---%22%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22https%3A%2F%2Fwegotthiscovered.com%2F%22%2C%22vpi%22%3A%22%2F%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A10615%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Aabp%3D0%22%2C%22uip%22%3A%22SkimlinksPublisher%22%2C%22orig_uip%22%3A%22SkimlinksPublisher%22%2C%22cd%22%3A10498.953125%2C%22mw%22%3A1490%7D%5D%2C%22cacheKey%22%3A%22text%3D%2F%2CSkimlinksPublisher%3Drbox-tracking%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20221213-28-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
d2fb26f4e38f82e1187c4ff03d08b8d6fd58c5aa140770fb79e47b3a8d622689

Request headers

Referer
https://wegotthiscovered.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
20
date
Wed, 14 Dec 2022 16:09:52 GMT
content-encoding
gzip
via
1.1 varnish
x-served-by
cache-yul12821-YUL
server
nginx
x-timer
S1671034192.447799,VS0,VE20
vary
Accept-Encoding
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://wegotthiscovered.com
content-type
application/javascript; charset=utf-8
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
iu3
s.amazon-adsystem.com/ Frame 1897
Redirect Chain
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=gg_n-mediagrid_n-LoopMe_n-MediaNet_n-smaato_n-sharethrough_pm-db5_ym_rbd_ppt_n-vmg_sovrn_3lift_n-Outbrain
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=gg_n-mediagrid_n-LoopMe_n-MediaNet_n-smaato_n-sharethrough_pm-db5_ym_rbd_ppt_n-vmg_sovrn_3lift_n-Outbrain&dcc=t
377 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=gg_n-mediagrid_n-LoopMe_n-MediaNet_n-smaato_n-sharethrough_pm-db5_ym_rbd_ppt_n-vmg_sovrn_3lift_n-Outbrain&dcc=t
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
bc944fdca87cfee48ac104e863be9555f4d4a7e1ddc06d78a79ad29b2c65dbd3
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://wegotthiscovered.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
377
Content-Type
text/html;charset=ISO-8859-1
Date
Wed, 14 Dec 2022 16:09:52 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
DDR5PJTFJ0S2AC838ESM

Redirect headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Date
Wed, 14 Dec 2022 16:09:52 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=gg_n-mediagrid_n-LoopMe_n-MediaNet_n-smaato_n-sharethrough_pm-db5_ym_rbd_ppt_n-vmg_sovrn_3lift_n-Outbrain&dcc=t
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
2Q20E1GAZZX2X39ZYDP6
debug
us-trc-events.taboola.com/skimlinks-publishers/log/2/ 		0
90 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-trc-events.taboola.com/skimlinks-publishers/log/2/debug?tim=16%3A09%3A52.496&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20rbox-tracking&llvl=2&id=2379&cv=20221213-28-RELEASE&lt=deflated&pct=1
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 16:09:52 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
18890
map
bcp.crwdcntrl.net/6/ 		227 B
688 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.204.129.69 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-204-129-69.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
a49fbd768a45317b310b7eec82d121e1887f5ce690a001f44de7eeb4a4e98f22

Request headers

Referer
https://wegotthiscovered.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 16:09:52 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://wegotthiscovered.com
cache-control
no-cache
x-server
10.40.32.45
access-control-allow-credentials
true
content-length
227
expires
0
v1
lb.eu-1-id5-sync.com/lb/ 		33 B
407 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.116 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533567.ip-162-19-138.eu
Software
/
Resource Hash
c8b1636e6318bd2bf9a0e13caeb35c735a1dde3ac17542cd9115dd3fb0a13b1d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://wegotthiscovered.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://wegotthiscovered.com
date
Wed, 14 Dec 2022 16:09:52 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
v1
lbs.eu-1-id5-sync.com/lbs/ 		54 B
235 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lbs.eu-1-id5-sync.com/lbs/v1
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2001:41d0:701:1000::31ee , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
f6be2bfaf5dd3c4aa391e7966964fd920cee751c75474c39affd32ada8425841

Request headers

Referer
https://wegotthiscovered.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://wegotthiscovered.com
date
Wed, 14 Dec 2022 16:09:52 GMT
content-length
54
vary
Origin
content-type
application/json
pr
s.amazon-adsystem.com/v3/ Frame 0AC6 		3 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-LoopMe_n-MediaNet_n-smaato_n-sharethrough_pm-db5_ym_rbd_ppt_n-vmg_sovrn_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=gg_n-mediagrid_n-LoopMe_n-MediaNet_n-smaato_n-sharethrough_pm-db5_ym_rbd_ppt_n-vmg_sovrn_3lift_n-Outbrain&dcc=t
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
a41fc0dee8f6c88b2bd740dee605b24e697fa800cff91cd907a00c3914dc5ed7
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=gg_n-mediagrid_n-LoopMe_n-MediaNet_n-smaato_n-sharethrough_pm-db5_ym_rbd_ppt_n-vmg_sovrn_3lift_n-Outbrain&dcc=t
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
3340
Content-Type
text/html;charset=ISO-8859-1
Date
Wed, 14 Dec 2022 16:09:52 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
FTN6CQHYZSX3Z8ENJWSK
ecm3
s.amazon-adsystem.com/ Frame 0AC6
Redirect Chain
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dmediagrid.com%26id%3D%24%7BBSW_UUID%7D?gdpr=0
  • https://s.amazon-adsystem.com/ecm3?ex=mediagrid.com&id=7b5323bb-b935-48d8-9c26-c80be97a43e2
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=mediagrid.com&id=7b5323bb-b935-48d8-9c26-c80be97a43e2
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-LoopMe_n-MediaNet_n-smaato_n-sharethrough_pm-db5_ym_rbd_ppt_n-vmg_sovrn_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 14 Dec 2022 16:09:52 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
1MGPGKART7EMD8HHV1Z8
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=mediagrid.com&id=7b5323bb-b935-48d8-9c26-c80be97a43e2
Date
Wed, 14 Dec 2022 16:09:52 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
ecm3
s.amazon-adsystem.com/ Frame 0AC6
Redirect Chain
  • https://csync.loopme.me/?pubid=11405&redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dloopme.com%26id%3D%7Bviewer_token%7D&gdpr=0
  • https://s.amazon-adsystem.com/ecm3?ex=loopme.com&id=ed49b2e6-f8c1-4c12-a691-e3917b81df89&gdpr=0
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=loopme.com&id=ed49b2e6-f8c1-4c12-a691-e3917b81df89&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-LoopMe_n-MediaNet_n-smaato_n-sharethrough_pm-db5_ym_rbd_ppt_n-vmg_sovrn_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 14 Dec 2022 16:09:53 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
NMZZC8QBD1W0FNQQX2E2
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.amazon-adsystem.com/ecm3?ex=loopme.com&id=ed49b2e6-f8c1-4c12-a691-e3917b81df89&gdpr=0
date
Wed, 14 Dec 2022 16:09:52 GMT
server
_
content-length
0
ecm3
s.amazon-adsystem.com/ Frame 0AC6
Redirect Chain
  • https://cs.media.net/cksync?cs=31&type=tam&redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dmedia.net%26id%3D%3Cvsid%3E&gdpr=0
  • https://s.amazon-adsystem.com/ecm3?ex=media.net&id=3140357921454604000V10
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=media.net&id=3140357921454604000V10
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-LoopMe_n-MediaNet_n-smaato_n-sharethrough_pm-db5_ym_rbd_ppt_n-vmg_sovrn_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 14 Dec 2022 16:09:52 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
2Q52TDR51FQ6PFR58DBQ
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 14 Dec 2022 16:09:52 GMT
Server
Apache
P3P
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Location
https://s.amazon-adsystem.com/ecm3?ex=media.net&id=3140357921454604000V10
Content-Type
text/html
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
154
X-MNET-HL2
E
Expires
Wed, 14 Dec 2022 16:09:52 GMT
ecm3
s.amazon-adsystem.com/ Frame 0AC6
Redirect Chain
  • https://s.ad.smaato.net/c/?adExInit=aps&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsmaato.com%26id%3D%24UID
  • https://s.amazon-adsystem.com/ecm3?ex=smaato.com&id=42595f74
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=smaato.com&id=42595f74
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-LoopMe_n-MediaNet_n-smaato_n-sharethrough_pm-db5_ym_rbd_ppt_n-vmg_sovrn_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 14 Dec 2022 16:09:52 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
AHP5WQ7M70CNS9HRHQHF
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date
Wed, 14 Dec 2022 16:09:52 GMT
via
1.1 957a0e737a088bdc07cb5cc9dcc9e826.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
EWR53-P1
x-cache
FunctionGeneratedResponse from cloudfront
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://s.amazon-adsystem.com/ecm3?ex=smaato.com&id=42595f74
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
o4JWiQH8hffUNxor4LtdVV06h02H4cVr4c035MAxldMxLoMnoej74g==
ecm3
s.amazon-adsystem.com/ Frame 0AC6
Redirect Chain
  • https://b1sync.zemanta.com/usersync/amazon_tam/?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Doutbrain.com%26id%3D__ZUID__&gdpr=0
  • https://stags.bluekai.com/site/23178?id=mTbM_PDZkUnOk2sN-Eq5&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS64ZOMFWWC6TPNYWWCZDTPFZXIZLNFZRW63JPMVRW2MZ7...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS64ZOMFWWC6TPNYWWCZDTPFZXIZLNFZRW63JPMVRW2MZ7MV4D233VORRHEYLJNYXGG33NEZSXQY3IMFXGOZJ5MFWWC6TPNZPXIYLNEZTWI4DSHUYCM2LEHVWVIYSNL5IEI...
  • https://s.amazon-adsystem.com/ecm3?ex=outbrain.com&gdpr=0&id=mTbM_PDZkUnOk2sN-Eq5
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=outbrain.com&gdpr=0&id=mTbM_PDZkUnOk2sN-Eq5
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-LoopMe_n-MediaNet_n-smaato_n-sharethrough_pm-db5_ym_rbd_ppt_n-vmg_sovrn_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 14 Dec 2022 16:09:53 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
HBZJAVJZTK0JKYCY2B56
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 14 Dec 2022 16:09:53 GMT
Content-Type
text/html; charset=utf-8
Location
https://s.amazon-adsystem.com/ecm3?ex=outbrain.com&gdpr=0&id=mTbM_PDZkUnOk2sN-Eq5
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
112
Expires
Thu, 01 Dec 1994 16:00:00 GMT
amzns2s
rtb.gumgum.com/usync/ Frame 65A2 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-LoopMe_n-MediaNet_n-smaato_n-sharethrough_pm-db5_ym_rbd_ppt_n-vmg_sovrn_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.175.61.209 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-175-61-209.compute-1.amazonaws.com
Software
nginx /
Resource Hash
8ce6ab2f5815a324ff562308147a3e9ed3ac46f4df5b6fcf56ad3c060d137500

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Wed, 14 Dec 2022 16:09:52 GMT
etag
W/"0601182dd53d2acd5d37d959a5266ce86"
server
nginx
timing-allow-origin
*
/
match.sharethrough.com/jwumXNuB/v1/ Frame 48F7 		427 B
612 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D%24UID&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-LoopMe_n-MediaNet_n-smaato_n-sharethrough_pm-db5_ym_rbd_ppt_n-vmg_sovrn_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.173.157.165 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-173-157-165.compute-1.amazonaws.com
Software
/
Resource Hash
1940f97b96c251675cc40e5875fb640913b417ca45ab8c363863ee58a00312c0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

content-length
427
date
Wed, 14 Dec 2022 16:09:52 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame ADC9 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-LoopMe_n-MediaNet_n-smaato_n-sharethrough_pm-db5_ym_rbd_ppt_n-vmg_sovrn_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.87.164.200 Minneapolis, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-87-164-200.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=146476
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Wed, 14 Dec 2022 16:09:52 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Fri, 16 Dec 2022 08:51:08 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
unused62
8096267
vary
Accept-Encoding
tamptsync
sync-amz.ads.yieldmo.com/ Frame CCFA 		862 B
743 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-LoopMe_n-MediaNet_n-smaato_n-sharethrough_pm-db5_ym_rbd_ppt_n-vmg_sovrn_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.234.237.11 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-234-237-11.compute-1.amazonaws.com
Software
/
Resource Hash
12eb3890b61da157d8044feabebf3cb2933c3f56021c574f6b09c3d2d65ca1cb

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

access-control-allow-headers
Cache-Control, Pragma, *
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
*
content-encoding
gzip
content-type
text/html;charset=utf-8
date
Wed, 14 Dec 2022 16:09:52 GMT
pragma
no-cache
vary
accept-encoding
usync.html
eus.rubiconproject.com/ Frame B19B 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-LoopMe_n-MediaNet_n-smaato_n-sharethrough_pm-db5_ym_rbd_ppt_n-vmg_sovrn_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.105.42.146 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-105-42-146.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 14 Dec 2022 16:09:52 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
visitormatch
bh.contextweb.com/ Frame 9900
Redirect Chain
  • https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint
  • https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint&reat=1
828 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint&reat=1
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-LoopMe_n-MediaNet_n-smaato_n-sharethrough_pm-db5_ym_rbd_ppt_n-vmg_sovrn_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.148.27.139 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
Jetty(9.4.14.v20181114) /
Resource Hash
9b5cc0e590256437c678adb00f7a78568534bb8ff9e7854a70af48e2c18502ea
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
private, max-age=0, no-cache, no-store
content-language
en-CA
content-length
828
content-type
text/html;charset=iso-8859-1
cw-server
bh-deployment-stage-0
expires
-1
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
server
Jetty(9.4.14.v20181114)
strict-transport-security
max-age=15768000

Redirect headers

cache-control
private, max-age=0, no-cache, no-store
content-language
en-CA
cw-server
bh-deployment-stage-0
expires
-1
location
/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint&reat=1
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
server
Jetty(9.4.14.v20181114)
strict-transport-security
max-age=15768000
ecm3
s.amazon-adsystem.com/ Frame 88FE
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58251/sync?redir=true&gdpr=0
  • https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS1lZlZSRWdkRTJ1Szh3NndLWnJETDhLajlBT0Z5ZEUyWX5B&gdpr=0&gdpr_consent=
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS1lZlZSRWdkRTJ1Szh3NndLWnJETDhLajlBT0Z5ZEUyWX5B&gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-LoopMe_n-MediaNet_n-smaato_n-sharethrough_pm-db5_ym_rbd_ppt_n-vmg_sovrn_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Wed, 14 Dec 2022 16:09:52 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
0M4MBQHG5AMYT62D0PDW

Redirect headers

age
0
content-length
0
date
Wed, 14 Dec 2022 16:09:52 GMT
location
https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS1lZlZSRWdkRTJ1Szh3NndLWnJETDhLajlBT0Z5ZEUyWX5B&gdpr=0&gdpr_consent=
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
server
ATS/9.1.10.25
strict-transport-security
max-age=31536000
amazon
ap.lijit.com/beacon/ Frame A85B 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/beacon/amazon?url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%24UID&ex=sovrn.com&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-LoopMe_n-MediaNet_n-smaato_n-sharethrough_pm-db5_ym_rbd_ppt_n-vmg_sovrn_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
63.251.114.182 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
ff0498de679043562f7b391e9e4b562bb9dbd86a81d4e950b8c61fc393b56c37

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Content-Length
1135
Content-Type
text/html
Date
Wed, 14 Dec 2022 16:09:52 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
X-Sovrn-Pod
ad_ap7ewr1
ecm3
s.amazon-adsystem.com/ Frame D64D
Redirect Chain
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID&gdpr=0
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID
  • https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=1250384648292139624446
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=1250384648292139624446
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-LoopMe_n-MediaNet_n-smaato_n-sharethrough_pm-db5_ym_rbd_ppt_n-vmg_sovrn_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Wed, 14 Dec 2022 16:09:52 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
XK3N32VQAQ9S4XGG2RBY

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Wed, 14 Dec 2022 16:09:52 GMT
location
https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=1250384648292139624446
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
ecm3
s.amazon-adsystem.com/ Frame A85B 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=F0MJZRZHbpf7bCPATJW_DVk3&ex=sovrn.com&gdpr=0&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%24UID&ex=sovrn.com&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 14 Dec 2022 16:09:52 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
E3KWN9M1F7PJ34XWZ0TR
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
merge
ce.lijit.com/ Frame A85B
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=fmx&gdpr=0&gdpr_consent=
  • https://p.rfihub.com/cm?in=1&pub=20513&ssp=fmx
  • https://x.bidswitch.net/sync?dsp_id=119&user_id=970314636365225337&expires=30&ssp=fmx
  • https://ce.lijit.com/merge?pid=26&3pid=7b5323bb-b935-48d8-9c26-c80be97a43e2&gdpr=&gdpr_consent=
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=26&3pid=7b5323bb-b935-48d8-9c26-c80be97a43e2&gdpr=&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%24UID&ex=sovrn.com&gdpr=0
Protocol
HTTP/1.1
Server
72.251.238.254 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 14 Dec 2022 16:09:52 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap1ewr1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Location
//ce.lijit.com/merge?pid=26&3pid=7b5323bb-b935-48d8-9c26-c80be97a43e2&gdpr=&gdpr_consent=
Date
Wed, 14 Dec 2022 16:09:52 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
merge
ce.lijit.com/ Frame A85B
Redirect Chain
  • https://cms.quantserve.com/pixel/p-CXt61zNBpKUt1.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=43&gdpr=0&gdpr_consent=&us_privacy=&3pid=IIxyAHCKfgk7iXMIJoxmCXeILl87jHtdJI2FrXbg
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=43&gdpr=0&gdpr_consent=&us_privacy=&3pid=IIxyAHCKfgk7iXMIJoxmCXeILl87jHtdJI2FrXbg
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%24UID&ex=sovrn.com&gdpr=0
Protocol
HTTP/1.1
Server
72.251.238.254 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 14 Dec 2022 16:09:52 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap1ewr1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 14 Dec 2022 16:09:52 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://ce.lijit.com/merge?pid=43&gdpr=0&gdpr_consent=&us_privacy=&3pid=IIxyAHCKfgk7iXMIJoxmCXeILl87jHtdJI2FrXbg
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
amazon
ap.lijit.com/beacon/ Frame A85B 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/beacon/amazon?gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%24UID&ex=sovrn.com&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
63.251.114.182 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ap.lijit.com/beacon/amazon?url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%24UID&ex=sovrn.com&gdpr=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

X-Sovrn-Pod
ad_ap7ewr1
Date
Wed, 14 Dec 2022 16:09:52 GMT
merge
ce.lijit.com/ Frame A85B
Redirect Chain
  • https://sync.1rx.io/usersync2/sovrn?gdpr=0&gdpr_consent=
  • https://sync.1rx.io/usersync2/sovrn?zcc=1&cb=1671034192841
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=7230906578
  • https://sync.1rx.io/usersync/tradedesk/997c6bb6-4d6a-4c32-99f1-9938e3153312
  • https://sync.targeting.unrulymedia.com/csync/RX-77fec9f2-4673-4ae3-bc03-e59e362dc17d-005?redir=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D56%263pid%3DRX-77fec9f2-4673-4ae3-bc03-e59e362dc17d-005
  • https://ce.lijit.com/merge?pid=56&3pid=RX-77fec9f2-4673-4ae3-bc03-e59e362dc17d-005
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=56&3pid=RX-77fec9f2-4673-4ae3-bc03-e59e362dc17d-005
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%24UID&ex=sovrn.com&gdpr=0
Protocol
HTTP/1.1
Server
72.251.238.254 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 14 Dec 2022 16:09:53 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap1ewr1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Date
Wed, 14 Dec 2022 16:09:53 GMT
Server
Tengine
ETag
RX77fec9f246734ae3bc03e59e362dc17d005
Transfer-Encoding
chunked
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Location
https://ce.lijit.com/merge?pid=56&3pid=RX-77fec9f2-4673-4ae3-bc03-e59e362dc17d-005
Content-Type
text/html
Connection
keep-alive
merge
ce.lijit.com/ Frame A85B
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=sovrn&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=80&3pid=LBNUM2RU-1L-EX1I&gdpr=0
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=80&3pid=LBNUM2RU-1L-EX1I&gdpr=0
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%24UID&ex=sovrn.com&gdpr=0
Protocol
HTTP/1.1
Server
72.251.238.254 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 14 Dec 2022 16:09:52 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap1ewr1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ce.lijit.com/merge?pid=80&3pid=LBNUM2RU-1L-EX1I&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
c52bde874ac36e8646ae455e9e84952e
Expires
0
integrator.js
adservice.google.ca/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.ca/adsid/integrator.js?domain=wegotthiscovered.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 16:09:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=wegotthiscovered.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 16:09:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		109 KB
23 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=891223950869516&correlator=1176340210395570&eid=44780792&output=ldjh&gdfp_req=1&vrg=2022120501&ptt=17&impl=fifs&gdpr=0&us_privacy=1---&tfcd=0&iu_parts=5376056%3A143457427%2Cwegotthiscovered_side_1%2Cdynamic_1%2Cwegotthiscovered_side_2%2Cwegotthiscovered_side_3%2Cwegotthiscovered_sticky_1&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F3%2F2%2C%2F0%2F4%2F2%2C%2F0%2F5&prev_iu_szs=1x1%7C300x250%7C300x50%7C300x100%2C1x1%7C300x250%7C300x50%7C300x100%2C1x1%7C300x250%7C300x600%7C300x50%7C300x100%2C1x1%7C728x90%7C970x90%7C320x50%7C300x50&ifi=3&adks=3702255727%2C1390808738%2C3366092902%2C2087247537&didk=1365886904~1365898040~1365909473~1126633514&sfv=1-0-40&prev_scp=proper_slot%3D2.01%26proper_floor%3D0.10%26proper_bidder%3Dwegotthiscovered_floor%26proper_bid%3D0.10%26refresh_count%3D0%7Cproper_slot%3D3.01%26proper_floor%3D0.10%26proper_bidder%3Dwegotthiscovered_floor%26proper_bid%3D0.10%26refresh_count%3D0%7Cproper_slot%3D4.01%26proper_floor_300x600%3D1.00%26proper_floor_400x300%3D1.00%26proper_floor%3D0.10%26proper_bidder%3Dwegotthiscovered_floor%26proper_bid%3D1.00%26refresh_count%3D0%7Cproper_slot%3D20%26proper_sticky%3Dtrue%26proper_floor%3D0.10%26proper_bidder%3Dwegotthiscovered_floor%26proper_bid%3D0.10%26refresh_count%3D0&eri=1&cust_params=post_id%3Dunknown%26member%3Dno%26category%3D%26split_version%3D19126%26proper_site%3Dwegotthiscovered%26proper_page%3D1%26s_depth%3D1%26tags%3Dhome-page&ppid=b11784ec-3e01-4aa3-93d1-ad5261985a8a&sc=1&cookie=ID%3Df625a354f2c6f5f0-22bd0e3309d90036%3AT%3D1671034191%3ART%3D1671034191%3AS%3DALNI_MYzTCPFmg77hQyTg5EdDfILdPBefQ&gpic=UID%3D000008d3fb633253%3AT%3D1671034191%3ART%3D1671034191%3AS%3DALNI_MZub_YG3unlQP5DLhwp0AxGApWv1g&arp=1&abxe=1&dt=1671034192797&lmt=1671034192&dlt=1671034190656&idt=1336&adxs=1049%2C1049%2C1049%2C-12245933&adys=875%2C1165%2C1455%2C-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C2%7C-1&ucis=2%7C3%7C4%7C5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwegotthiscovered.com%2F&frm=20&vis=1&psz=302x-1%7C302x-1%7C302x-1%7C0x-1&msz=300x-1%7C300x-1%7C300x-1%7C0x-1&fws=516%2C516%2C516%2C640&ohw=342%2C342%2C342%2C0&ga_vid=424637361.1671034192&ga_sid=1671034192&ga_hid=1569105561&ga_fc=true
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1915f88ee10f1c95270b31631031553c2ea8502d1e433c9960133903797a20e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 16:09:53 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23320
x-xss-protection
0
google-lineitem-id
5939835007,-1,941646136,6174082972
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138383905474,-1,132197348656,138415966537
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://wegotthiscovered.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame B19B 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.105.42.146 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-105-42-146.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
43fc246a1a30bd53204d8e01df9cd7d9cde0cb23ce78506d12b54e4248d1f806

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east&gdpr=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Wed, 14 Dec 2022 16:09:52 GMT
Content-Encoding
gzip
Last-Modified
Wed, 14 Dec 2022 06:48:13 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=52683
Connection
keep-alive
Content-Length
10065
Expires
Thu, 15 Dec 2022 06:47:55 GMT
usersync
usersync.gumgum.com/ Frame 65A2
Redirect Chain
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
  • https://usersync.gumgum.com/usersync?b=apn&i=1981009107925892549
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=apn&i=1981009107925892549
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
HTTP/1.1
Server
3.213.224.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-213-224-199.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Wed, 14 Dec 2022 16:09:52 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
Date
Wed, 14 Dec 2022 16:09:52 GMT
AN-X-Request-Uuid
2a7bcaca-b13f-41f3-a91a-7abe45024a44
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://usersync.gumgum.com/usersync?b=apn&i=1981009107925892549
Connection
keep-alive
X-Proxy-Origin
149.56.153.178; 149.56.153.178; 564.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame 65A2
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=u_7ccab554-a39a-4127-bf74-eada98538b7c&gdpr=0&gdpr_consent=&us_privacy=
  • https://beacon.lynx.cognitivlabs.com/bidSwitch.gif?bidswitch_ssp_id=gumgum2&bsw_custom_parameter=7b5323bb-b935-48d8-9c26-c80be97a43e2
  • https://x.bidswitch.net/sync?dsp_id=425&user_group=1&expires=365&user_id=6feb1287-f053-4db3-ad86-95b45ce03a78&ssp=gumgum2&bsw_param=7b5323bb-b935-48d8-9c26-c80be97a43e2
  • https://usersync.gumgum.com/usersync?b=bsw&i=7b5323bb-b935-48d8-9c26-c80be97a43e2
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=bsw&i=7b5323bb-b935-48d8-9c26-c80be97a43e2
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
HTTP/1.1
Server
3.213.224.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-213-224-199.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Wed, 14 Dec 2022 16:09:53 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
//usersync.gumgum.com/usersync?b=bsw&i=7b5323bb-b935-48d8-9c26-c80be97a43e2
Date
Wed, 14 Dec 2022 16:09:52 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
usersync
usersync.gumgum.com/ Frame 65A2
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sta&i=0-f23d63d8-e932-44b7-4405-2b19d3d242f3$ip$149.56.153.178
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sta&i=0-f23d63d8-e932-44b7-4405-2b19d3d242f3$ip$149.56.153.178
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
HTTP/1.1
Server
3.213.224.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-213-224-199.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Wed, 14 Dec 2022 16:09:53 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=sta&i=0-f23d63d8-e932-44b7-4405-2b19d3d242f3$ip$149.56.153.178
Date
Wed, 14 Dec 2022 16:09:52 GMT
Connection
keep-alive
Content-Length
128
Content-Type
text/html; charset=utf-8
usersync
usersync.gumgum.com/ Frame 65A2
Redirect Chain
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=u_7ccab554-a39a-4127-bf74-eada98538b7c&gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__
  • https://stags.bluekai.com/site/23178?id=mTbM_PDZkUnOk2sN-Eq5&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LO...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT23KUMJGV6UCELJVVK3SPNMZHGTRNIVYTK
  • https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=mTbM_PDZkUnOk2sN-Eq5
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=mTbM_PDZkUnOk2sN-Eq5
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
HTTP/1.1
Server
3.213.224.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-213-224-199.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Wed, 14 Dec 2022 16:09:53 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
Date
Wed, 14 Dec 2022 16:09:53 GMT
Content-Type
text/html; charset=utf-8
Location
https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=mTbM_PDZkUnOk2sN-Eq5
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
103
Expires
Thu, 01 Dec 1994 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame 65A2
Redirect Chain
  • https://sync.1rx.io/usersync2/floor6?gdpr=0&gdpr_consent=&dspret=1&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3D%5BRX_UUID%5D
  • https://sync.1rx.io/usersync2/floor6?zcc=1&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3D%5BRX_UUID%5D&cb=1671034192886
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6052485174
  • https://sync.1rx.io/usersync/tradedesk/93c076c2-e894-440e-8e6d-f5adaa53e805
  • https://sync.targeting.unrulymedia.com/csync/RX-3c49f9d5-efde-48bf-9333-85d620ba79bc-005?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-3c49f9d5-efde-48bf-9333-85d620ba79bc-005
  • https://usersync.gumgum.com/usersync?b=rhy&i=RX-3c49f9d5-efde-48bf-9333-85d620ba79bc-005
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=rhy&i=RX-3c49f9d5-efde-48bf-9333-85d620ba79bc-005
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
HTTP/1.1
Server
3.213.224.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-213-224-199.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Wed, 14 Dec 2022 16:09:54 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Date
Wed, 14 Dec 2022 16:09:54 GMT
Server
Tengine
ETag
RX3c49f9d5efde48bf933385d620ba79bc005
Transfer-Encoding
chunked
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Location
https://usersync.gumgum.com/usersync?b=rhy&i=RX-3c49f9d5-efde-48bf-9333-85d620ba79bc-005
Content-Type
text/html
Connection
keep-alive
usersync
usersync.gumgum.com/ Frame 65A2
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
  • https://usersync.gumgum.com/usersync?b=pln&i=27cPaxkCOrgI&ev=1&pid=558355
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=pln&i=27cPaxkCOrgI&ev=1&pid=558355
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
HTTP/1.1
Server
3.213.224.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-213-224-199.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Wed, 14 Dec 2022 16:09:52 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
location
https://usersync.gumgum.com/usersync?b=pln&i=27cPaxkCOrgI&ev=1&pid=558355
content-language
en-CA
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-stage-0
expires
-1
cookie-sync
sync.outbrain.com/ Frame 65A2
Redirect Chain
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobR...
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%28dcJ9KM2cma4T8SA9mgNPDetSv4ujerJuo7Hp5adzZk5y_Up-XVuAGDr5tYPt-8gh%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%...
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=u_7ccab554-a39a-4127-bf74-eada98538b7c&obuid=ENC(dcJ9KM2cma4T8SA9mgNPDetSv4ujerJuo7Hp5adzZk5y_Up-XVuAGDr5tYPt-8gh)
  • https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51
  • https://cs.emxdgt.com/um?gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING&us_privacy=$CCPA&redirect=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Demx%26uid%3D%24UID%26obUid%3DdcJ9KM2cma4T8SA9mg...
  • https://sync.outbrain.com/cookie-sync?p=emx&uid=1981009107925892549brt53561671034192977898b4&obUid=dcJ9KM2cma4T8SA9mgNPDetSv4ujerJuo7Hp5adzZk5y_Up-XVuAGDr5tYPt-8gh&gdpr=$GDPR_APPLIES&gdpr_consent=$...
0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=emx&uid=1981009107925892549brt53561671034192977898b4&obUid=dcJ9KM2cma4T8SA9mgNPDetSv4ujerJuo7Hp5adzZk5y_Up-XVuAGDr5tYPt-8gh&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING&us_privacy=$CCPA
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
HTTP/1.1
Server
64.202.112.127 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Wed, 14 Dec 2022 16:09:53 GMT
Cache-Control
no-cache
X-TraceId
32c4e0d4a93a01057bc7356a939f7ecd
Content-Length
0

Redirect headers

location
https://sync.outbrain.com/cookie-sync?p=emx&uid=1981009107925892549brt53561671034192977898b4&obUid=dcJ9KM2cma4T8SA9mgNPDetSv4ujerJuo7Hp5adzZk5y_Up-XVuAGDr5tYPt-8gh&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING&us_privacy=$CCPA
date
Wed, 14 Dec 2022 16:09:52 GMT
content-length
0
content-type
text/html
usersync
usersync.gumgum.com/ Frame 65A2
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://usersync.gumgum.com/usersync?b=opx&i=95861fc5-bf93-4d02-ae7c-7557cdef6831
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=opx&i=95861fc5-bf93-4d02-ae7c-7557cdef6831
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
HTTP/1.1
Server
3.213.224.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-213-224-199.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Wed, 14 Dec 2022 16:09:52 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Wed, 14 Dec 2022 16:09:52 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://usersync.gumgum.com/usersync?b=opx&i=95861fc5-bf93-4d02-ae7c-7557cdef6831
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
usersync
usersync.gumgum.com/ Frame 65A2
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=oth&i=y-mZqqlcxE2pdCxmDYaIER.AxO8Qv__eOT.x5g~A
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=oth&i=y-mZqqlcxE2pdCxmDYaIER.AxO8Qv__eOT.x5g~A
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
HTTP/1.1
Server
3.213.224.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-213-224-199.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Wed, 14 Dec 2022 16:09:53 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Wed, 14 Dec 2022 16:09:52 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://usersync.gumgum.com/usersync?b=oth&i=y-mZqqlcxE2pdCxmDYaIER.AxO8Qv__eOT.x5g~A
content-length
0
usersync
usersync.gumgum.com/ Frame 65A2
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync...
  • https://usersync.gumgum.com/usersync?b=vnt&i=afa8db5b-44ca-4d73-8160-48f9204a24d4
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=vnt&i=afa8db5b-44ca-4d73-8160-48f9204a24d4
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
HTTP/1.1
Server
3.213.224.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-213-224-199.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Wed, 14 Dec 2022 16:09:53 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=vnt&i=afa8db5b-44ca-4d73-8160-48f9204a24d4
Date
Wed, 14 Dec 2022 16:09:52 GMT
Connection
keep-alive
X-CI-RTID
8edc4017-bf92-4356-a693-af3e1383f9bb
Content-Length
108
Content-Type
text/html; charset=utf-8
usersync
usersync.gumgum.com/ Frame 65A2
Redirect Chain
  • https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D
  • https://usersync.gumgum.com/usersync?b=snc&i=4D3DF0D7BAC9425DB7F50065A2D4D6E6
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=snc&i=4D3DF0D7BAC9425DB7F50065A2D4D6E6
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
HTTP/1.1
Server
3.213.224.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-213-224-199.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Wed, 14 Dec 2022 16:09:53 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Wed, 14 Dec 2022 16:09:52 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
845316368
location
https://usersync.gumgum.com/usersync?b=snc&i=4D3DF0D7BAC9425DB7F50065A2D4D6E6
access-control-allow-origin
https://rtb.gumgum.com/
access-control-allow-credentials
true
content-length
0
142
match.deepintent.com/usersync/ Frame 65A2 		0
223 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
c /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-type
image/gif
date
Wed, 14 Dec 2022 16:09:52 GMT
server
c
content-length
0
p3p
policyref='http://cdn.deepintent.com/p3p.xml', CP='NON CUR DEV TAI'
usersync
usersync.gumgum.com/ Frame 65A2
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://usersync.gumgum.com/usersync?b=idi&i=01bbe14e-4143-40c8-aba8-d1ec7ffbb6ed
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=idi&i=01bbe14e-4143-40c8-aba8-d1ec7ffbb6ed
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
HTTP/1.1
Server
3.213.224.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-213-224-199.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Wed, 14 Dec 2022 16:09:53 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=idi&i=01bbe14e-4143-40c8-aba8-d1ec7ffbb6ed
access-control-allow-origin
*
date
Wed, 14 Dec 2022 16:09:53 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
usersync
usersync.gumgum.com/ Frame 65A2
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sad&i=9124950748540668363
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sad&i=9124950748540668363
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
HTTP/1.1
Server
3.213.224.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-213-224-199.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Wed, 14 Dec 2022 16:09:53 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=sad&i=9124950748540668363
date
Wed, 14 Dec 2022 16:09:52 GMT
content-length
0
ecm3
s.amazon-adsystem.com/ Frame 65A2 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=gg.com&id=u_7ccab554-a39a-4127-bf74-eada98538b7c
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 14 Dec 2022 16:09:53 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
ETB9KX756EPHTZ2EXWDW
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
ecm3
s.amazon-adsystem.com/ Frame 48F7 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=sharethrough.com&id=ac15e60e-659d-4e84-9964-4aac17101b91
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D%24UID&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 14 Dec 2022 16:09:52 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
CXRRWMRJXMGV3P6PSB0P
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
v1
match.sharethrough.com/sync/ Frame 48F7
Redirect Chain
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=1
  • https://ssum.casalemedia.com/usermatchredir?s=186046&cb=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3DGM7HYz3VFjuymbiqnJLyjuPy%26source_user_id%3D__UID__
  • https://match.sharethrough.com/sync/v1?source_id=GM7HYz3VFjuymbiqnJLyjuPy&source_user_id=Y5n1UI-ukMrIm6KlMC8NBQAA%26097
68 B
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=GM7HYz3VFjuymbiqnJLyjuPy&source_user_id=Y5n1UI-ukMrIm6KlMC8NBQAA%26097
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D%24UID&gdpr=0
Protocol
H2
Server
35.173.157.165 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-173-157-165.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 16:09:52 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Wed, 14 Dec 2022 16:09:52 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ejqq4nEJSupLh7L3oQnCtp0RxQ3ZQJ2UprdqF9BBHCwNgyQQKopmLZW1TkfyTk7vOjkTh2cZeRfhaEM%2FyV3m2CDDWXj7VrLqW3lAdNdL1I4Bn9W%2Bi5cwaizsOrTJUvxZqx3e0WYP"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://match.sharethrough.com/sync/v1?source_id=GM7HYz3VFjuymbiqnJLyjuPy&source_user_id=Y5n1UI-ukMrIm6KlMC8NBQAA%26097
cache-control
no-cache
cf-ray
779834d98b7a5425-YYZ
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
v1
match.sharethrough.com/sync/ Frame 48F7
Redirect Chain
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=2
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=93c076c2-e894-440e-8e6d-f5adaa53e805&gdpr=0&gdpr_consent=
68 B
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=93c076c2-e894-440e-8e6d-f5adaa53e805&gdpr=0&gdpr_consent=
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D%24UID&gdpr=0
Protocol
H2
Server
35.173.157.165 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-173-157-165.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 16:09:52 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Wed, 14 Dec 2022 16:09:52 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=93c076c2-e894-440e-8e6d-f5adaa53e805&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
323
v1
match.sharethrough.com/sync/ Frame 48F7
Redirect Chain
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=3
  • https://ssum.casalemedia.com/usermatchredir?s=186046&cb=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3DGM7HYz3VFjuymbiqnJLyjuPy%26source_user_id%3D__UID__
  • https://match.sharethrough.com/sync/v1?source_id=GM7HYz3VFjuymbiqnJLyjuPy&source_user_id=Y5n1UI-ukMrIm6KlMC8NBQAA%26097
68 B
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=GM7HYz3VFjuymbiqnJLyjuPy&source_user_id=Y5n1UI-ukMrIm6KlMC8NBQAA%26097
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D%24UID&gdpr=0
Protocol
H2
Server
35.173.157.165 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-173-157-165.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 16:09:52 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Wed, 14 Dec 2022 16:09:52 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uOVSDjj9TYrnfLKJU0lwThdUcEmhYs%2FR3g51qJMbiab7mOXIbaYXVDTDsxBzgdVNWbB2vE%2FOQXTpVMA16HDgiF13knUfgPkyMSADQT7daEms%2Bw1C4eBF%2B2zpW7Om3JDbPSbip5Uq"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://match.sharethrough.com/sync/v1?source_id=GM7HYz3VFjuymbiqnJLyjuPy&source_user_id=Y5n1UI-ukMrIm6KlMC8NBQAA%26097
cache-control
no-cache
cf-ray
779834d9bbc75425-YYZ
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
v1
match.sharethrough.com/sync/ Frame 48F7
Redirect Chain
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=4
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=93c076c2-e894-440e-8e6d-f5adaa53e805&gdpr=0&gdpr_consent=
68 B
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=93c076c2-e894-440e-8e6d-f5adaa53e805&gdpr=0&gdpr_consent=
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D%24UID&gdpr=0
Protocol
H2
Server
35.173.157.165 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-173-157-165.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 16:09:52 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Wed, 14 Dec 2022 16:09:52 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=93c076c2-e894-440e-8e6d-f5adaa53e805&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
323
rtset
bh.contextweb.com/bh/ Frame 9900
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=eE01Nm13cWx6V0hLc0YxTWhFNk1pQQ&gdpr=0&gdpr_consent=
  • https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=0&gdpr_consent=&ev=CAESEPE6d2IFMRvu0yzzkJRl2-0&google_cver=1
49 B
651 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=0&gdpr_consent=&ev=CAESEPE6d2IFMRvu0yzzkJRl2-0&google_cver=1
Requested by
Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint&reat=1
Protocol
H2
Server
198.148.27.139 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
Jetty(9.4.14.v20181114) /
Resource Hash
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bh.contextweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language
en-CA
content-type
image/gif;charset=iso-8859-1
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-stage-0
expires
-1

Redirect headers

pragma
no-cache
date
Wed, 14 Dec 2022 16:09:52 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=0&gdpr_consent=&ev=CAESEPE6d2IFMRvu0yzzkJRl2-0&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
335
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rtset
bh.contextweb.com/bh/ Frame 9900
Redirect Chain
  • https://pulsepoint-match.dotomi.com/match/bounce/current?networkId=14200&version=1&nuid=
  • https://bh.contextweb.com/bh/rtset?do=add&pid=530912&ev=AQELLgBqvmfkuAIPy-PDAQEBAQE&expiration=1671120592&nuid=
49 B
679 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bh.contextweb.com/bh/rtset?do=add&pid=530912&ev=AQELLgBqvmfkuAIPy-PDAQEBAQE&expiration=1671120592&nuid=
Requested by
Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint&reat=1
Protocol
H2
Server
198.148.27.139 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
Jetty(9.4.14.v20181114) /
Resource Hash
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bh.contextweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language
en-CA
content-type
image/gif;charset=iso-8859-1
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-stage-0
expires
-1

Redirect headers

pragma
no-cache
date
Wed, 14 Dec 2022 16:09:52 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://bh.contextweb.com/bh/rtset?do=add&pid=530912&ev=AQELLgBqvmfkuAIPy-PDAQEBAQE&expiration=1671120592&nuid=
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
ecm3
s.amazon-adsystem.com/ Frame 9900 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=27cPaxkCOrgI&ex=Pulsepoint
Requested by
Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint&reat=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bh.contextweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 14 Dec 2022 16:09:52 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
PD1MEJPAJD26AMBFR339
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
ecm3
s.amazon-adsystem.com/ Frame CCFA 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=ym.com&id=g207b11377a8a9056498&gdpr=0
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync-amz.ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 14 Dec 2022 16:09:52 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
GCKVEMJTTVPWMSMSTA4H
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame CCFA 		170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo_dbm&google_hm=ZzIwN2IxMTM3N2E4YTkwNTY0OTg=
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.41.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync-amz.ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 16:09:52 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
ads.yieldmo.com/v000/ Frame CCFA
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=yieldmo
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=yieldmo
  • https://ads.yieldmo.com/v000/sync?pn_id=mf&userid=444423ab-625a-4b88-8a2d-0db6b44631cc&gdpr=&gdpr_pd=&gdpr_consent=
43 B
658 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/v000/sync?pn_id=mf&userid=444423ab-625a-4b88-8a2d-0db6b44631cc&gdpr=&gdpr_pd=&gdpr_consent=
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID&gdpr=0
Protocol
H2
Server
52.207.45.74 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-45-74.compute-1.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync-amz.ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Wed, 14 Dec 2022 16:09:53 GMT
content-type
image/gif
content-length
43
access-control-allow-methods
GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma

Redirect headers

location
//ads.yieldmo.com/v000/sync?pn_id=mf&userid=444423ab-625a-4b88-8a2d-0db6b44631cc&gdpr=&gdpr_pd=&gdpr_consent=
date
Wed, 14 Dec 2022 16:09:53 GMT
cache-control
no-cache, no-store, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sync
ads.yieldmo.com/ Frame CCFA
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=21
  • https://ads.yieldmo.com/sync?pn_id=stk&userid=WHLlBE6uTaJQmgHiIBBCPZU4mbI&gdpr=&gdpr_consent=
43 B
333 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/sync?pn_id=stk&userid=WHLlBE6uTaJQmgHiIBBCPZU4mbI&gdpr=&gdpr_consent=
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID&gdpr=0
Protocol
H2
Server
52.207.45.74 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-45-74.compute-1.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync-amz.ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Wed, 14 Dec 2022 16:09:53 GMT
content-type
image/gif
content-length
43
access-control-allow-methods
GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma

Redirect headers

Location
https://ads.yieldmo.com/sync?pn_id=stk&userid=WHLlBE6uTaJQmgHiIBBCPZU4mbI&gdpr=&gdpr_consent=
Date
Wed, 14 Dec 2022 16:09:52 GMT
Connection
keep-alive
Content-Length
128
Content-Type
text/html; charset=utf-8
sync
sync-adform.ads.yieldmo.com/ Frame CCFA
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=1283
  • https://c1.adform.net/serving/cookie/match?CC=1&party=1283
  • https://sync-adform.ads.yieldmo.com/sync?pn_id=adfm&id=2517055552523061229
43 B
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-adform.ads.yieldmo.com/sync?pn_id=adfm&id=2517055552523061229
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID&gdpr=0
Protocol
H2
Server
34.234.237.11 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-234-237-11.compute-1.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync-amz.ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Wed, 14 Dec 2022 16:09:53 GMT
content-type
image/gif
content-length
43
access-control-allow-methods
GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma

Redirect headers

pragma
no-cache
date
Wed, 14 Dec 2022 16:09:52 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
location
https://sync-adform.ads.yieldmo.com/sync?pn_id=adfm&id=2517055552523061229
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
sync
ads.yieldmo.com/v000/ Frame CCFA
Redirect Chain
  • https://ib.adnxs.com/getuid?https://ads.yieldmo.com/v000/sync?userid=$UID&pn_id=an
  • https://ads.yieldmo.com/v000/sync?userid=1981009107925892549&pn_id=an
43 B
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/v000/sync?userid=1981009107925892549&pn_id=an
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID&gdpr=0
Protocol
H2
Server
52.207.45.74 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-45-74.compute-1.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync-amz.ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Wed, 14 Dec 2022 16:09:53 GMT
content-type
image/gif
content-length
43
access-control-allow-methods
GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma

Redirect headers

Pragma
no-cache
Date
Wed, 14 Dec 2022 16:09:52 GMT
AN-X-Request-Uuid
a15693e6-3c8c-44a9-95ca-7fbd24ac520d
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://ads.yieldmo.com/v000/sync?userid=1981009107925892549&pn_id=an
Connection
keep-alive
X-Proxy-Origin
149.56.153.178; 149.56.153.178; 806.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame 1DA5
Redirect Chain
  • https://sync.inmobi.com/oRTB?gdpr_consent=&gdpr=0&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dinm%26i%3D%7BID5UID%7D
  • https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=0&callback=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dinm%26i%3D%7BID5UID%7D
  • https://usersync.gumgum.com/usersync?b=inm&i=ID5-98c07V5StUEuuA9u2inNrd1e0jZ3TUrJTvgPKqDCYw
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=inm&i=ID5-98c07V5StUEuuA9u2inNrd1e0jZ3TUrJTvgPKqDCYw
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
3.213.224.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-213-224-199.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Wed, 14 Dec 2022 16:09:53 GMT
Expires
0
Pragma
no-cache

Redirect headers

date
Wed, 14 Dec 2022 16:09:52 GMT
location
https://usersync.gumgum.com/usersync?b=inm&i=ID5-98c07V5StUEuuA9u2inNrd1e0jZ3TUrJTvgPKqDCYw
p3p
CP="CAO PSA OUR"
strict-transport-security
max-age=63072000; includeSubDomains; preload
transfer-encoding
chunked
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 531D 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.87.164.200 Minneapolis, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-87-164-200.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=146476
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Wed, 14 Dec 2022 16:09:52 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Fri, 16 Dec 2022 08:51:08 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
unused62
8096267
vary
Accept-Encoding
usersync
usersync.gumgum.com/ Frame 7E91
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=ttd&i=997c6bb6-4d6a-4c32-99f1-9938e3153312
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=ttd&i=997c6bb6-4d6a-4c32-99f1-9938e3153312
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
3.213.224.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-213-224-199.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Wed, 14 Dec 2022 16:09:53 GMT
Expires
0
Pragma
no-cache

Redirect headers

cache-control
private,no-cache, must-revalidate
content-length
193
content-type
text/html
date
Wed, 14 Dec 2022 16:09:52 GMT
location
https://usersync.gumgum.com/usersync?b=ttd&i=997c6bb6-4d6a-4c32-99f1-9938e3153312
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319
usersync
usersync.gumgum.com/ Frame EB71
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2fusersync.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d
  • https://usersync.gumgum.com/usersync?b=mmh&i=06da6399-f551-4a00-926c-8d29a9ba9bf9&gdpr=0&gdpr_consent=
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=mmh&i=06da6399-f551-4a00-926c-8d29a9ba9bf9&gdpr=0&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
3.213.224.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-213-224-199.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Wed, 14 Dec 2022 16:09:53 GMT
Expires
0
Pragma
no-cache

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Wed, 14 Dec 2022 16:09:52 GMT
Expires
Wed, 14 Dec 2022 16:09:51 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 180 1fd3e2d master ord-pixel-x55 config:1.0.0
location
https://usersync.gumgum.com/usersync?b=mmh&i=06da6399-f551-4a00-926c-8d29a9ba9bf9&gdpr=0&gdpr_consent=
usersync
usersync.gumgum.com/ Frame 0E77
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
  • https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=Y5n1UAAD-IvXyAAp
  • https://usersync.gumgum.com/usersync?b=atm&i=Y5n1UAAD-IvXyAAp&gdpr=0&gdpr_consent=&_test=Y5n1UAAD-IvXyAAp
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=atm&i=Y5n1UAAD-IvXyAAp&gdpr=0&gdpr_consent=&_test=Y5n1UAAD-IvXyAAp
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
3.213.224.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-213-224-199.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Wed, 14 Dec 2022 16:09:52 GMT
Expires
0
Pragma
no-cache

Redirect headers

accept-ranges
bytes
cache-control
no-cache
content-length
0
date
Wed, 14 Dec 2022 16:09:52 GMT
location
https://usersync.gumgum.com/usersync?b=atm&i=Y5n1UAAD-IvXyAAp&gdpr=0&gdpr_consent=&_test=Y5n1UAAD-IvXyAAp
pragma
no-cache
retry-after
0
server
Varnish
via
1.1 varnish
x-cache
HIT
x-cache-hits
0
x-served-by
cache-yul12833-YUL
x-timer
S1671034193.937621,VS0,VE0
pixel
cm.g.doubleclick.net/ Frame D666 		170 B
232 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=dV83Y2NhYjU1NC1hMzlhLTQxMjctYmY3NC1lYWRhOTg1MzhiN2M=&gdpr=0&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.41.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-length
170
content-type
image/png
cross-origin-resource-policy
cross-origin
date
Wed, 14 Dec 2022 16:09:52 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
usersync
usersync.gumgum.com/ Frame F1C2
Redirect Chain
  • https://cs.emxdgt.com/um?redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID&gdpr=0&gdpr_consent=
  • https://ib.adnxs.com/getuid?https://cs.emxdgt.com/umcheck?apnxid=$UID&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24EMXUID&b64_redirect=aHR0cHM6Ly91c2Vyc3luYy5ndW1ndW0uY2...
  • https://cs.emxdgt.com/umcheck?apnxid=1981009107925892549&redirect=https://usersync.gumgum.com/usersync?b=emx&i=$EMXUID&b64_redirect=aHR0cHM6Ly91c2Vyc3luYy5ndW1ndW0uY29tL3VzZXJzeW5jP2I9ZW14Jmk9JEVNW...
  • https://usersync.gumgum.com/usersync?b=emx&i=1981009107925892549brt53561671034192977898b4
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=emx&i=1981009107925892549brt53561671034192977898b4
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
3.213.224.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-213-224-199.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Wed, 14 Dec 2022 16:09:53 GMT
Expires
0
Pragma
no-cache

Redirect headers

content-length
0
content-type
text/html
date
Wed, 14 Dec 2022 16:09:52 GMT
location
https://usersync.gumgum.com/usersync?b=emx&i=1981009107925892549brt53561671034192977898b4
usersync
usersync.gumgum.com/ Frame E394
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=gumgum
  • https://usersync.gumgum.com/usersync?b=sus&i=Y5n1UcCo5uYAAN4rASAAAAAA
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=sus&i=Y5n1UcCo5uYAAN4rASAAAAAA
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
3.213.224.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-213-224-199.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Wed, 14 Dec 2022 16:09:53 GMT
Expires
0
Pragma
no-cache

Redirect headers

Cache-Control
private
Connection
keep-alive
Content-Length
0
Date
Wed, 14 Dec 2022 16:09:53 GMT
Location
https://usersync.gumgum.com/usersync?b=sus&i=Y5n1UcCo5uYAAN4rASAAAAAA
P3P
CP="See also http://www.scaleout.jp/privacy/"
Server
nginx
X-SO-Ads-Time
1
X-SO-Cluster-ID
0
X-SO-HostName
m-ad272.dc4p.scaleout.jp
X-SO-IP
149.56.153.178
X-SO-Key
Y5n1UcCo5uYAAN4rASAAAAAA
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":0,"gdpr":false,"ipv4":"149.56.153.178","key":"Y5n1UcCo5uYAAN4rASAAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"m-ad272"}
X-SO-LB-Hostname
a-tgng40015.dc2p.scaleout.jp
X-SO-Upstream-ID
m-ad272
usersync
usersync.gumgum.com/ Frame FB0C
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=189872&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D
  • https://usersync.gumgum.com/usersync?b=iex&i=Y5n1UI-ukMrIm6KlMC8NBQAA%26097
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=iex&i=Y5n1UI-ukMrIm6KlMC8NBQAA%26097
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
3.213.224.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-213-224-199.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Wed, 14 Dec 2022 16:09:53 GMT
Expires
0
Pragma
no-cache

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
779834d9cbf55425-YYZ
content-length
0
date
Wed, 14 Dec 2022 16:09:52 GMT
expires
0
location
https://usersync.gumgum.com/usersync?b=iex&i=Y5n1UI-ukMrIm6KlMC8NBQAA%26097
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qg9wnTY0696z3hWK2Uf%2BNLGRU%2F6pTpDNSAvTE6%2FHlMMCz6MLtYKBEmDTddT1eD%2BAKNDOXxLurYhqvVP0F46uwDkfm6a79dk1fSDyLsKhqT3N5aI%2Bfs95MhfEwsfgwXagPCpBbLSLq9IdpA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usersync
usersync.gumgum.com/ Frame 7FE9
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1
  • https://usersync.gumgum.com/usersync?b=rth&i=mg3D0MDulkFhBL7sQERK&pi=gumgum&tc=1
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=rth&i=mg3D0MDulkFhBL7sQERK&pi=gumgum&tc=1
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
3.213.224.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-213-224-199.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Wed, 14 Dec 2022 16:09:53 GMT
Expires
0
Pragma
no-cache

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Wed, 14 Dec 2022 16:09:53 GMT Wed, 14 Dec 2022 16:09:53 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://usersync.gumgum.com/usersync?b=rth&i=mg3D0MDulkFhBL7sQERK&pi=gumgum&tc=1
pragma
no-cache
usync.html
eus.rubiconproject.com/ Frame 67FE
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
  • https://eus.rubiconproject.com/usync.html?p=gumgum
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.105.42.146 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-105-42-146.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 14 Dec 2022 16:09:53 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Wed, 14 Dec 2022 16:09:52 GMT
location
https://eus.rubiconproject.com/usync.html?p=gumgum
server
AkamaiGHost
445.json
id5-sync.com/g/v2/ 		456 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/445.json
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.119 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533570.ip-162-19-138.eu
Software
/
Resource Hash
b79da6bd9e1b5bbfdb757f8600e88f42f82e49667fc27bf31a9319598cc18031
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://wegotthiscovered.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 14 Dec 2022 16:09:52 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://wegotthiscovered.com
p3p
CP="CAO PSA OUR"
access-control-allow-credentials
true
ecm3
s.amazon-adsystem.com/ Frame B19B
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=a9us&gdpr=0&gdpr=0&us_privacy=1---&khaos=LBNUM2RU-1L-EX1I
  • https://s.amazon-adsystem.com/ecm3?id=LBNUM2RU-1L-EX1I&ex=d-rubiconproject.com&status=ok&gdpr=0&us_privacy=1---
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=LBNUM2RU-1L-EX1I&ex=d-rubiconproject.com&status=ok&gdpr=0&us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east&gdpr=0
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 14 Dec 2022 16:09:52 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
RXQVZA33Y9W9S6VTMQK1
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://s.amazon-adsystem.com/ecm3?id=LBNUM2RU-1L-EX1I&ex=d-rubiconproject.com&status=ok&gdpr=0&us_privacy=1---
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
c52bde874ac36e8646ae455e9e84952e
Expires
0
PugMaster
image6.pubmatic.com/AdServer/ Frame ADC9 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=40086775&p=156011&s=165626&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.81 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
1635b2a914d39d150d79bf6cf3209f806a8f42cfab5ad9989ac3e12608cec6e9

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Wed, 14 Dec 2022 16:09:51 GMT
content-length
1577
content-type
text/html; charset=UTF-8
s2s
eb.proper.io/ 		353 B
856 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://eb.proper.io/s2s
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:4e22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc7056a045f58051e90d939cf2dd0fe43e8be1ced9a597dcf07f64fc866c8c6d

Request headers

Referer
https://wegotthiscovered.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 16:09:53 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://wegotthiscovered.com
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-timing
dur:545
cf-ray
779834da3bc27138-YUL
expires
-1
pixel
cm.g.doubleclick.net/ Frame B19B
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470&gdpr=0&us_privacy=1---
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEJOVU0yUlUtMUwtRVgxSQ==&gdpr=0&us_privacy=1---
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEJOVU0yUlUtMUwtRVgxSQ==&gdpr=0&us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east&gdpr=0
Protocol
H3
Server
142.251.41.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 16:09:53 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEJOVU0yUlUtMUwtRVgxSQ==&gdpr=0&us_privacy=1---
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
10af108baa8103fb427a2cc0433d74a0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame B19B
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=0&us_privacy=1---
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/HBUGNBIHK7PjEqizB_mSnMn5EUdSAgOZEtemQ7w0kco?csrc=&gdpr=0&us_privacy=1---
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-kenKwIJE2oLIFWgV2gyNkuutsIeMcTEL8qCDiQ--~A
42 B
711 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-kenKwIJE2oLIFWgV2gyNkuutsIeMcTEL8qCDiQ--~A
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east&gdpr=0
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
8eb2d9eeed9b9c468975d0ba24565e5b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Wed, 14 Dec 2022 16:09:53 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-kenKwIJE2oLIFWgV2gyNkuutsIeMcTEL8qCDiQ--~A
content-length
0
tap.php
pixel.rubiconproject.com/ Frame B19B
Redirect Chain
  • https://match.adsrvr.org/track/cmf/rubicon?gdpr=0&us_privacy=1---
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=93c076c2-e894-440e-8e6d-f5adaa53e805&gdpr=0&gdpr_consent=&expires=30
42 B
711 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=93c076c2-e894-440e-8e6d-f5adaa53e805&gdpr=0&gdpr_consent=&expires=30
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east&gdpr=0
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
d5a7ef20801cf5cb1ee516b6110e672f
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Wed, 14 Dec 2022 16:09:53 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=93c076c2-e894-440e-8e6d-f5adaa53e805&gdpr=0&gdpr_consent=&expires=30
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
289
setuid
px.ads.linkedin.com/ Frame B19B
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584&gdpr=0&us_privacy=1---
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LBNUM2RU-1L-EX1I&gdpr=0&us_privacy=1---
0
575 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LBNUM2RU-1L-EX1I&gdpr=0&us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east&gdpr=0
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 16:09:52 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: 17203EC7927C4452AC4DEB8E6BD48B90 Ref B: YTO01EDGE0715 Ref C: 2022-12-14T16:09:53Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
x-li-proto
http/2
content-length
0
x-li-uuid
AAXvy/d+M4wIjZy3dWDSIQ==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LBNUM2RU-1L-EX1I&gdpr=0&us_privacy=1---
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
10af108baa8103fb427a2cc0433d74a0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
s.amazon-adsystem.com/ Frame B19B
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0&us_privacy=1---
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=3tO7YZczTpCKKUK8FhHQIg&rk=usync-na&gdpr=0
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=3tO7YZczTpCKKUK8FhHQIg&gdpr=0
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=3tO7YZczTpCKKUK8FhHQIg&gdpr=0
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east&gdpr=0
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 14 Dec 2022 16:09:53 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
8ADF3AQENG6BNTJHK95A
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=3tO7YZczTpCKKUK8FhHQIg&gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
83041abbe8494cb29eff3083edd6dff6
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame B19B
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=0&us_privacy=1---
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MDIyYTg1ZWRlZmUzNTE0YmFkMmFlNTZiNzdjYzIyZDYyOWE5OGE4OA&gdpr=0&us_privacy=1---
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MDIyYTg1ZWRlZmUzNTE0YmFkMmFlNTZiNzdjYzIyZDYyOWE5OGE4OA&gdpr=0&us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east&gdpr=0
Protocol
H3
Server
142.251.41.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 16:09:53 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MDIyYTg1ZWRlZmUzNTE0YmFkMmFlNTZiNzdjYzIyZDYyOWE5OGE4OA&gdpr=0&us_privacy=1---
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
10af108baa8103fb427a2cc0433d74a0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame B19B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr=0&us_privacy=1---
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESENYF5Y6XeK7-ejVvYxSdbYU&google_cver=1
42 B
711 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESENYF5Y6XeK7-ejVvYxSdbYU&google_cver=1
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east&gdpr=0
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
78008fe701b681dce86a72fc23cacc40
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Wed, 14 Dec 2022 16:09:53 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESENYF5Y6XeK7-ejVvYxSdbYU&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
337
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
aax-eu.amazon-adsystem.com/s/ Frame B19B 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0&us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.239.33.159 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 14 Dec 2022 16:09:53 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
KMCZ3R8HR9ZZW849X8VA
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 0899
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y5n1UAAD-IvXyAAp&gdpr=0&gdpr_consent=
1 B
451 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y5n1UAAD-IvXyAAp&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Wed, 14 Dec 2022 16:09:51 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ranges
bytes
cache-control
no-cache
content-length
0
date
Wed, 14 Dec 2022 16:09:53 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y5n1UAAD-IvXyAAp&gdpr=0&gdpr_consent=
pragma
no-cache
retry-after
0
server
Varnish
via
1.1 varnish
x-cache
HIT
x-cache-hits
0
x-served-by
cache-yul12833-YUL
x-timer
S1671034193.020150,VS0,VE0
ecm3
s.amazon-adsystem.com/ Frame C14C 		43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=PM_UIDA4AEF537-FE6F-4C13-8C83-341BA583EED8
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Wed, 14 Dec 2022 16:09:53 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
SWXXSVNY5A31PSMW800R
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame ADC9
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=pK71N_5vTBOMgzQbpYPu2A%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-LoopMe_n-MediaNet_n-smaato_n-sharethrough_pm-db5_ym_rbd_ppt_n-vmg_sovrn_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Server
184.87.164.200 Minneapolis, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-87-164-200.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

unused62
8096267
date
Wed, 14 Dec 2022 16:09:53 GMT
content-encoding
gzip
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
server
Apache/2.2.15 (CentOS)
etag
"1300708-3de4-5d6ef246ef4cf"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-type
text/html; charset=UTF-8
cache-control
max-age=146475
accept-ranges
bytes
content-length
5549
expires
Fri, 16 Dec 2022 08:51:08 GMT

Redirect headers

pragma
no-cache
date
Wed, 14 Dec 2022 16:09:53 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
bpi.rtactivate.com/tag/ Frame ADC9 		43 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bpi.rtactivate.com/tag/?id=20909&user_id=A4AEF537-FE6F-4C13-8C83-341BA583EED8&gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-LoopMe_n-MediaNet_n-smaato_n-sharethrough_pm-db5_ym_rbd_ppt_n-vmg_sovrn_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.198.16.210 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-198-16-210.compute-1.amazonaws.com
Software
awselb/2.0 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 16:09:53 GMT
server
awselb/2.0
content-length
43
content-type
image/gif
4d2d7caa475b4e09b5e2c7ee08f3f644
i.liadm.com/s/e/75145/0/ Frame ADC9
Redirect Chain
  • https://i.liadm.com/s/75145?bidder_id=195755&bidder_uuid=A4AEF537-FE6F-4C13-8C83-341BA583EED8
  • https://i.liadm.com/s/75145?bidder_id=195755&bidder_uuid=A4AEF537-FE6F-4C13-8C83-341BA583EED8&_li_chk=true&previous_uuid=69456f9ee88840a9a0818ec6cdc784c8
  • https://sync.mathtag.com/sync/img?mt_exid=36&redir=https%3A%2F%2Fi.liadm.com%2Fs%2Fe%2F75145%2F0%2F4d2d7caa475b4e09b5e2c7ee08f3f644%3Fmpid%3D7156%26muid%3D%5BMM_UUID%5D&69456f9e-e888-40a9-a081-8ec6...
  • https://i.liadm.com/s/e/75145/0/4d2d7caa475b4e09b5e2c7ee08f3f644?mpid=7156&muid=06da6399-f551-4a00-926c-8d29a9ba9bf9
43 B
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.liadm.com/s/e/75145/0/4d2d7caa475b4e09b5e2c7ee08f3f644?mpid=7156&muid=06da6399-f551-4a00-926c-8d29a9ba9bf9
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-LoopMe_n-MediaNet_n-smaato_n-sharethrough_pm-db5_ym_rbd_ppt_n-vmg_sovrn_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Server
54.243.212.30 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-243-212-30.compute-1.amazonaws.com
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Wed, 14 Dec 2022 16:09:53 GMT
Cache-Control
no-store
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
43
Request-Time
1
Content-Type
image/gif

Redirect headers

Date
Wed, 14 Dec 2022 16:09:53 GMT
Server
MT3 180 1fd3e2d master ord-pixel-x8 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://i.liadm.com/s/e/75145/0/4d2d7caa475b4e09b5e2c7ee08f3f644?mpid=7156&muid=06da6399-f551-4a00-926c-8d29a9ba9bf9
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Wed, 14 Dec 2022 16:09:52 GMT
receive
pixel.tapad.com/idsync/ex/ Frame ADC9
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=A4AEF537-FE6F-4C13-8C83-341BA583EED8
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3371&partner_device_id=A4AEF537-FE6F-4C13-8C83-341BA583EED8
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=6c551e27-dcdd-4dc1-8730-3eee73720388%252C&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=93c076c2-e894-440e-8e6d-f5adaa53e805&ttd_puid=6c551e27-dcdd-4dc1-8730-3eee73720388%2C
95 B
122 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=93c076c2-e894-440e-8e6d-f5adaa53e805&ttd_puid=6c551e27-dcdd-4dc1-8730-3eee73720388%2C
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-LoopMe_n-MediaNet_n-smaato_n-sharethrough_pm-db5_ym_rbd_ppt_n-vmg_sovrn_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H3
Server
107.178.246.49 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
49.246.178.107.bc.googleusercontent.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 16:09:53 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
content-type
image/png
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

pragma
no-cache
date
Wed, 14 Dec 2022 16:09:53 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=93c076c2-e894-440e-8e6d-f5adaa53e805&ttd_puid=6c551e27-dcdd-4dc1-8730-3eee73720388%2C
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
353
Pug
image2.pubmatic.com/AdServer/ Frame ADC9
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QTRBRUY1MzctRkU2Ri00QzEzLThDODMtMzQxQkE1ODNFRUQ4&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-LoopMe_n-MediaNet_n-smaato_n-sharethrough_pm-db5_ym_rbd_ppt_n-vmg_sovrn_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Wed, 14 Dec 2022 16:09:53 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 14 Dec 2022 16:09:53 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame ADC9
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEP_x4-th1p1N3k6F8dn8YP8&google_cver=1
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEP_x4-th1p1N3k6F8dn8YP8&google_cver=1
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-LoopMe_n-MediaNet_n-smaato_n-sharethrough_pm-db5_ym_rbd_ppt_n-vmg_sovrn_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Redirect headers

pragma
no-cache
date
Wed, 14 Dec 2022 16:09:53 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEP_x4-th1p1N3k6F8dn8YP8&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame ADC9
Redirect Chain
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:17BD8B118D044169A1A34790A1D678EB
42 B
288 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:17BD8B118D044169A1A34790A1D678EB
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-LoopMe_n-MediaNet_n-smaato_n-sharethrough_pm-db5_ym_rbd_ppt_n-vmg_sovrn_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Wed, 14 Dec 2022 16:09:53 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

date
Wed, 14 Dec 2022 16:09:53 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:17BD8B118D044169A1A34790A1D678EB
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Tue, 13 Dec 2022 16:09:53 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame ADC9
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8139544075377708909&gdpr=0&gdpr_consent=&us_privacy=
1 B
255 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8139544075377708909&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-LoopMe_n-MediaNet_n-smaato_n-sharethrough_pm-db5_ym_rbd_ppt_n-vmg_sovrn_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Wed, 14 Dec 2022 16:09:53 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8139544075377708909&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Wed, 14 Dec 2022 16:09:52 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Pug
simage2.pubmatic.com/AdServer/ Frame ADC9
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=93c076c2-e894-440e-8e6d-f5adaa53e805&gdpr=0&gdpr_consent=
42 B
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=93c076c2-e894-440e-8e6d-f5adaa53e805&gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-LoopMe_n-MediaNet_n-smaato_n-sharethrough_pm-db5_ym_rbd_ppt_n-vmg_sovrn_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Wed, 14 Dec 2022 16:09:51 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 14 Dec 2022 16:09:53 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=93c076c2-e894-440e-8e6d-f5adaa53e805&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
355
usync.js
eus.rubiconproject.com/ Frame 67FE 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.105.42.146 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-105-42-146.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
43fc246a1a30bd53204d8e01df9cd7d9cde0cb23ce78506d12b54e4248d1f806

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Wed, 14 Dec 2022 16:09:53 GMT
Content-Encoding
gzip
Last-Modified
Wed, 14 Dec 2022 06:48:13 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=52682
Connection
keep-alive
Content-Length
10065
Expires
Thu, 15 Dec 2022 06:47:55 GMT
usersync
usersync.gumgum.com/ Frame 67FE
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&gdpr_consent=undefined&gdpr=0&us_privacy=1---&khaos=LBNUM2RU-1L-EX1I
  • https://usersync.gumgum.com/usersync?b=mag&i=LBNUM2RU-1L-EX1I&gdpr=0&gdpr_consent=undefined&us_privacy=1---
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=mag&i=LBNUM2RU-1L-EX1I&gdpr=0&gdpr_consent=undefined&us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Server
3.213.224.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-213-224-199.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Wed, 14 Dec 2022 16:09:53 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://usersync.gumgum.com/usersync?b=mag&i=LBNUM2RU-1L-EX1I&gdpr=0&gdpr_consent=undefined&us_privacy=1---
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
f72efbd84733ea5ba734e4e8fe0395a3
Expires
0
publishertag.prebid.130.js
static.criteo.net/js/ld/ 		88 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.130.js
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
a26695adab8d7538059dd2a25948c481f5a8fffefee171985a305f9fea9dd628
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 16:09:53 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Sat, 17 Sep 2022 19:59:55 GMT
server
nginx
etag
W/"6326273b-16120"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 15 Dec 2022 16:09:53 GMT
publishertag.prebid.js
static.criteo.net/js/ld/ 		89 KB
29 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
61c1317e433c125a2ebbbdaf22fc3a0b3606bcb0c9cfea151425adf7b5195f48
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 16:09:53 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Mon, 24 Oct 2022 11:21:19 GMT
server
nginx
etag
W/"6356752f-16294"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 15 Dec 2022 16:09:53 GMT
collect
b.clarity.ms/ 		0
48 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://b.clarity.ms/collect
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.75.32.255 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://wegotthiscovered.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-origin
https://wegotthiscovered.com
date
Wed, 14 Dec 2022 16:09:53 GMT
access-control-allow-credentials
true
server
Microsoft-IIS/10.0
vary
Origin
request-context
appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
bulk
trc.taboola.com/skimlinks-publishers/log/3/ 		0
236 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/skimlinks-publishers/log/3/bulk?route=US%3AUS%3AV&lti=deflated&bulkSize=1
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://wegotthiscovered.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
19
pragma
no-cache
date
Wed, 14 Dec 2022 16:09:53 GMT
via
1.1 varnish
x-served-by
cache-yul12821-YUL
server
nginx
x-timer
S1671034194.523245,VS0,VE19
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://wegotthiscovered.com
content-type
image/gif
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
view
securepubads.g.doubleclick.net/pcs/ Frame 9EEA 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssmTlttatbk8pa9MCgUxgMf906MU7TAFX9U_rvP2uZtwmW8VmJOL1Y8D4y7xn43iYmNSqgl43sRrJnlZnuv_ckdeZNC8dVsNnHFeOSp9rzzCECwXioUpDXiwLT_If4w-w0yGgl7Iqf4__kNMFEZ_5KocCz5vzjW-Yd-wx7A942upRwioMGE6MRiWlMAmnPNcjE_7QYVyEwFMKM0aNENlbgCr6kKEkXMZskKR2MquR1nZK_fz5khc9PXFhjqNJuZJn8VWpP1xJm0mBsDW0VDibSMc0nI4hUEDCUC_qmdy8aiWo84M6Z4OUwDCEuH8k2LYyQzNCB4BftWeHz35DAF4olMPSndGCms95Nl9n66x09dEGAxmlMAlryT&sai=AMfl-YR7oJJeFBrmh6XqxAlbqcFYb3VrMG-R8ipFaRE7OIS0j0rphT7YfFljNv8gFBUjSYuAqnT7AjIxEiQXH2uK88BnOwEGyFuvFpFLg1tR56V1V0SJwsYbKKvqNvWzXL2ScA&sig=Cg0ArKJSzLRFEQDb-D7hEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 16:09:53 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
1dfb15a8ef06a02090ddb11c5d0a0b5a.js
scripts.cleverwebserver.com/ 		141 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scripts.cleverwebserver.com/1dfb15a8ef06a02090ddb11c5d0a0b5a.js
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:19f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
30852fe0f71b85630f398104f3bc91a54882aea0b88b10105580ededaed2cad0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 16:09:53 GMT
x-amz-version-id
YHjtAye0v1Eu4w_CWvQwmo3YbBiltefV
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 14 Nov 2022 23:37:54 GMT
server
cloudflare
x-amz-request-id
RVPBQKY8JY4Y728Y
age
1666
etag
W/"426e28b4ac0f28e91e9ba554b426c21f"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=1800
cf-ray
779834de2cf9ca4f-YUL
x-amz-id-2
yZhU+gEE8OtEwLl7w9QAlF3GO8GcjKDisHKnQEHupJe4MdiD/hIzZmojeOlgaNeGK543xnejy2Y=
expires
Wed, 14 Dec 2022 16:39:53 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 9EEA 		153 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 16:09:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47725
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1670417373259609"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 14 Dec 2022 16:09:53 GMT
amp4ads-v0.mjs
cdn.ampproject.org/rtv/032211111611000/ Frame 822E 		221 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/032211111611000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2001 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3f55c14576b73b1fa761c9722153509875403c18b3a6916045fd146f3e3a6a00
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 07 Dec 2022 18:40:54 GMT
age
595739
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
61627
x-xss-protection
0
server
sffe
etag
"0be482f0352f4793"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 07 Dec 2023 18:40:54 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/032211111611000/v0/ Frame 822E 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/032211111611000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2001 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4529063318c99582948589c202835d859092d2a24e417f4f0a3ccfe8211ad37e
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 14 Dec 2022 00:19:50 GMT
age
57003
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5201
x-xss-protection
0
server
sffe
etag
"0e2d67a193799b94"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 14 Dec 2023 00:19:50 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/032211111611000/v0/ Frame 822E 		94 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/032211111611000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2001 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b7b74f18b90d3a161b71d0fef3b4de6db5cdb3732dfaa445740bfd2042f78b9f
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 14 Dec 2022 00:19:50 GMT
age
57003
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28866
x-xss-protection
0
server
sffe
etag
"61003bcde0ed5887"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 14 Dec 2023 00:19:50 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/032211111611000/v0/ Frame 822E 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/032211111611000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2001 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b3b63fa8f90f3f8b30a8c57665c86ad065073211f0f55a51d3b6f8cee295e3aa
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 14 Dec 2022 00:19:50 GMT
age
57003
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1906
x-xss-protection
0
server
sffe
etag
"d44263764bdab45e"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 14 Dec 2023 00:19:50 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/032211111611000/v0/ Frame 822E 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/032211111611000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2001 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
99c69003f1b475f64a578b13fdfd566cc32c9ec0d7e51aabfe5c2b58de70918f
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 14 Dec 2022 00:19:50 GMT
age
57003
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12947
x-xss-protection
0
server
sffe
etag
"9cd92599851d18a1"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 14 Dec 2023 00:19:50 GMT
truncated
/ Frame 822E 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
93d649f48a0c38b2a8bd785c48fd68a6a71c05f2ffdff835a8bf8cf0f0d21f99

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame FAFD 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuw0M-ZoBm9U48URiCgiiAtmMDpqicIZgpjZkQM_zv1OSXbCsLSC1JlZHBKeOR2tj0I9QWLoI9qJHu8mMwbJeC1LxmCr_jVBDSUZAeVhWK1byNES6lJH7FdxLDb_Qj1hwtibSHOStYBoGXgJRaDiTqv1NjgeESRaEpMFhwD2ilUOWdv75yJ4VOJwtlCtHuUZRMaonc8GQxm1bTZRoHQ_k2XKn7G8xWr_o0aNM3zkZp_bvu7yu2-GKlBJRH4UfQJifSqD51s51xT_6ZQ6ZtlTy2KBFlQMzbKUbOWiDK0Nw0QSE7RpYHdlnLs1MOdK_TEh_mnTU0IsDtncFIJRwDNVQD62pWDBBXrxJMRvA&sai=AMfl-YRqey3p9Mwz6zFH1maVuA5wjvMBw-JRhlC_0UxxgjNwoskw3bLM9X15VmmG93-ioomdAA6nEHMuuHzcnYcgtbhkxaIQEmhCRWGActVuWD1z_rjkH2O0gHv8JIzsvX5n7A&sig=Cg0ArKJSzIo172T5RZlTEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 16:09:53 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame FAFD 		153 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 16:09:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47725
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1670417373259609"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 14 Dec 2022 16:09:53 GMT
container.html
ea3ccfae25b80120287108a10cf363b0.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 4D1C 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ea3ccfae25b80120287108a10cf363b0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::2001 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wegotthiscovered.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 14 Dec 2022 16:09:52 GMT
expires
Thu, 14 Dec 2023 16:09:52 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
1524919094755220963
tpc.googlesyndication.com/simgad/ Frame 822E 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/1524919094755220963?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qmVEMJJZ50GkeD-xvBkD8Ng1XVIhA
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80b::2001 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e6ccc89f54af82af65c5ffc73d58f540dd99f2e4c42360a239bf9df81adc7639
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 17:30:09 GMT
x-content-type-options
nosniff
age
81584
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35950
x-xss-protection
0
last-modified
Mon, 05 Dec 2022 17:21:32 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 13 Dec 2023 17:30:09 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 822E 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80b::2001 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 04:17:51 GMT
x-content-type-options
nosniff
server
cafe
age
42722
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Thu, 15 Dec 2022 04:17:51 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 822E 		295 B
399 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80b::2001 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 05:44:31 GMT
x-content-type-options
nosniff
server
cafe
age
37522
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Thu, 15 Dec 2022 05:44:31 GMT
l
www.google.com/ads/measurement/ Frame 822E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTlzboZV_EWv9xyRoek0ONw8AvLrkNYDDv5mZ7shiXYpQIk-inlCQkwl0dNn2Z07Ku-IQ_6btMgSAIVLGpG9bTIlfIEZg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80b::2004 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ Frame 822E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=Cwbx9UPWZY-fvNZWSoPMPpbS7kA2C0vz1bea7w87dEI7_wbKKDhABINjqtiBg_eiigfADoAGcr_uoAsgBAuACAKgDAcgDCKoEgwJP0GpWKZLIW5BDSJnPHJ5yn4kBcbuAo1kCT_n39jUqVNS1-4uMzizUYm3fO_53QJBeTjsjXEs13BgXlucP0MlvyFL99czCKt54oQ_0Bq1ZB2BT0YQ33tVyhA75Z-ISZBNgu8hBGTtc2i6DCFG-Vt7stes_OE5D5bY49bxLx28ZIbeQWttQibahlXMNP03a64R9uiWcGwTjceDBo6i0Bi1U79mkyXBbFZcfhA_zFuYetvNljEWHChCzz8jmJWAWp6mklo3B75VK2fNPkILc7qFvYkmsR7nW8eTgdAZmoxH9_-A0oU6agq5i-t4pZt8io-p3QlCHO5ax7YdMgchZgIb1FP7WwASZ6JmOpwTgBAGSBQQIBBgBkgUECAUYBKAGAoAHzNCE1wGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBD7sgnSCA8IgGEQARgdMgKKAjoCgEDyCBthZHgtc3Vic3luLTU1MzU1MjE3NzY4ODY3MjmACgPICwHYEw3QFQGYFgGAFwGyFx4KHAgAEhRwdWItNjg5NzkwMjE5MTcxNDgzMxjQnBI&sigh=q9qvHh3vOVI&uach_m=[UACH]&cid=CAQSPADq26N9h07GtanbV1Y4kasVdnVq_9_TcAi4sVXbGG7VlYOhGYS8RTMlhbb-8eXVinEg1jVUhGa4hpPkKxgBIBM
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 4D1C 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: ea3ccfae25b80120287108a10cf363b0.safeframe.googlesyndication.com
URL: https://ea3ccfae25b80120287108a10cf363b0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::2001 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ea3ccfae25b80120287108a10cf363b0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 06:22:13 GMT
content-encoding
br
x-content-type-options
nosniff
age
208060
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 12 Dec 2023 06:22:13 GMT
infolinks_main.js
resources.infolinks.com/js/ Frame 4D1C 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.infolinks.com/js/infolinks_main.js
Requested by
Host: ea3ccfae25b80120287108a10cf363b0.safeframe.googlesyndication.com
URL: https://ea3ccfae25b80120287108a10cf363b0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e57f8fc39e638ada44a2f367a9a6444a34797de331e57fa52239c2dfaeed200

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ea3ccfae25b80120287108a10cf363b0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 16:09:53 GMT
via
1.1 google
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 14 Dec 2022 13:41:18 GMT
server
cloudflare
age
8910
etag
W/"dbd-5efc9e4265bbc"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600
cf-ray
779834df1a4ba1fe-YYZ
expires
Wed, 14 Dec 2022 14:41:23 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 4D1C 		153 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: ea3ccfae25b80120287108a10cf363b0.safeframe.googlesyndication.com
URL: https://ea3ccfae25b80120287108a10cf363b0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ea3ccfae25b80120287108a10cf363b0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 16:09:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47725
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1670417373259609"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 14 Dec 2022 16:09:53 GMT
/
ui.cleverwebserver.com/ 		160 B
199 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ui.cleverwebserver.com/
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:19f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
54f1a51ad6b038a2ed853cacfc7957caffb32e173ff7b38f888bab3072fc303b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 16:09:53 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
779834deede7ca4f-YUL
content-type
application/javascript
si
googleads.g.doubleclick.net/pagead/drt/ Frame 822E
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Server
2607:f8b0:4006:820::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Redirect headers

date
Wed, 14 Dec 2022 16:09:53 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
truncated
/ Frame 9EEA 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
096d621782e614a315bbd32e3012b71cbfc53f045dd11148dcaeaae120119872

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 9EEA 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvugKN3AAoYSGzkTfpdVA4Xvh2yv52jS5pArClGLeR0-DmD0zyTJBPDIVzdsPZED1DlbE4Fx1yYTJv5HAuKM1tr0LNteu5o4Xb7CMxuKdKlzKTcYUNeW0e2TZIA9PKWDsNKUM9covQPZV4zHBCVMsycjpOkl1REjY88AwDI71QeuSvTlHJO1T1t0nZaptOyn9tArB6qZCJr773ErnhHCLlJ8cKmrAzMyh6R_CKfCEmUVrGBmjItwdsDWPJpCCCwKctaYYLO5WgdXSPv0XDxmBa9OzvX0tFS5g34LHT4ihSzpZxVkznwC2WpU938qA9S14BBYYOTmllj10OunGnm2WbONVC3S7vyDIWxMPFa&sai=AMfl-YRHwe0HR97Aqlc1iZAvnxrO1kevQ8IBT03FQC4HIOkwOx-LDfcjyE5JIcmcWOi6WblhGJHTKRYEkJGHaS2Amq2LxzS4eOyE_KqtIjiIz86EUEFBiauJSV0GnF8YRCMtUw&sig=Cg0ArKJSzA8lG0GzgwZSEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 16:09:53 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Wed, 14 Dec 2022 16:09:53 GMT
truncated
/ Frame FAFD 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7ac823c458408460553fdc1c060ef7057848334dd3f637531540e49c8929ecb8

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame FAFD 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuqUZAnhUmXwgwqHM1X0flcnmH8UvrcxBegJ1KOM71ueF4DH4bkWObd68Fxw_y00EuooDV9rNs7mR8Dv2sNu2t5_0XGzIJxcULE1LUFc45mAvjZaxVzXcglNTeM1EhHyRpd0JA04nySL6aUYqBgvNqaR7YJ8saEDlYYe24FdC8J4Xsrq6ZiL5GIJEBavDErSWMRAUqO5aQcaJuSwmwMg11u-0L6To0VczTeqHsTWPGbD3gsUYJ9JjPQQMntKW9rUcjwTOrqGamZfhPCH4ZnRWsvK-R8-v__jv3rzc-hT7BtgdHOmRjvuPO4G7q_Ts1AbKzs8lJTd7EH4CXrUjgs3TemzuElfZ8zGKhp-Xxc&sai=AMfl-YScq-56-DztqbBPEzybUBbmGVeUKga5uv3MSM426z9NpvUoYvQ73_rOP2j6MjocnR4ygrEy4jm4IddTkSi85vA1F0Rn9e3KKHIdC_jMxE03sRBofsnWigWIWKyuN-xyfg&sig=Cg0ArKJSzLxHp3glgZFEEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 16:09:53 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Wed, 14 Dec 2022 16:09:53 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 4D1C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssMVVZ9teOrVYgXXLhNmJcrjdRkMItxqq4f74V15ntAN5g23VsHtF9izfPr664CNprUELDb-aAS6LddantGmxDEwZDtSgo2MhRIJBZeAA5AzLXZQswmbiglT2LQW_bAXFRvGmLQzjdohhnfJlwP47SCmymXhJKoghqz5ild0Lc20Yqjw4YVIqJyDTh6xKiPzDmdkHcBWLK-xC8FBnpPHoQdFJxtGDEvSoTAqLqkbp621vW3y5KkNHSIWn6hdmIynekGFJJKRJaA5YON_nFDTnMkRG_DD4_XjkpnmcrQrUTobwArsD9TWoWuCw-iQA08PTqKuX_l3w7BxuSM3HRGsYeiXNBqcf5O0LeFSZpKKR6PJw&sai=AMfl-YRkbKH047oiCY28Vj_DcQEpK4YUanfTVD_UztP5WXEVYXZm-QFsWAOz0r5pMSrxk0Qqan_apzCd2gL6sucZEluVH5La9TyO_A5Ab-sMcwNeiiSxrgOs_uuWTnrfcvfF1w&sig=Cg0ArKJSzH70MoOyE0V-EAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: ea3ccfae25b80120287108a10cf363b0.safeframe.googlesyndication.com
URL: https://ea3ccfae25b80120287108a10cf363b0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ea3ccfae25b80120287108a10cf363b0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 16:09:53 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
bidding
bids.proper.io/api/ 		0
171 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bids.proper.io/api/bidding
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.37.90.245 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-37-90-245.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://wegotthiscovered.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 14 Dec 2022 16:09:53 GMT
Connection
keep-alive
Content-Length
0
Content-Type
application/octet-stream
ice.js
resources.infolinks.com/js/1836.008-3.025/ Frame 4D1C 		183 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.infolinks.com/js/1836.008-3.025/ice.js
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
355a62053bbcbac95922087fef7241841a1db3883a69265d5361e4a3c7dbaaf5

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ea3ccfae25b80120287108a10cf363b0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 16:09:53 GMT
via
1.1 google
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 01 Dec 2022 12:53:37 GMT
server
cloudflare
age
7212
etag
W/"2dae8-5eec3b5a63671"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
779834e02cada1fe-YYZ
expires
Fri, 13 Jan 2023 14:09:41 GMT
truncated
/ Frame 4D1C 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5d5b79939af62dd9d17e38274045635f9190de4abdffa175c18da6e5845341db

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type
image/png
/
call.cleverwebserver.com/ 		43 B
156 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://call.cleverwebserver.com/?id=48965&c=CA&r=QC&l=277&b=Chrome&os=Win10&mob=0&v=1.28.0&ref=aHR0cHM6Ly93ZWdvdHRoaXNjb3ZlcmVkLmNvbS8%3D&ruri=&iv=-1&ctr=CA
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:19f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 16:09:54 GMT
strict-transport-security
max-age=15724800; includeSubDomains
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
779834e0a845ca4f-YUL
content-length
43
content-type
image/gif
manage
router.infolinks.com/usync/ Frame D722 		0
66 B 		Document
General
Check archive.org
Download Go to
Full URL
https://router.infolinks.com/usync/manage?pid=null&wsid=0&pdom=ea3ccfae25b80120287108a10cf363b0.safeframe.googlesyndication.com&purl=https%3A%2F%2Fea3ccfae25b80120287108a10cf363b0.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1836.008-3.025/ice.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ea3ccfae25b80120287108a10cf363b0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cf-cache-status
DYNAMIC
cf-ray
779834e0ede8a1fe-YYZ
content-length
0
date
Wed, 14 Dec 2022 16:09:54 GMT
server
cloudflare
via
1.1 google
view
securepubads.g.doubleclick.net/pcs/ Frame 4D1C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvC_AVVsEogQ_mlV_t4LAMEOWu4ESlREUYk1VIT_a0e68g5zLC6EiVjmhiq8fJ3B_NBvrrkjPhRNBCi9xLZg7ZOpH5HVEfolWSXb4GSVXixvgooudCA33WOm65gNn9tjKrL-kav5r8hEZzr3sEkcj3lm5ej5qq16HlM-TtVQTapLSRqJTP2M2CQCFU3Dtu8VH0CMpE1vy36IJ78-R3EETySLiWvCkZRZ-4v0vrTjkbV_z0cEWV0TrEeTsoyfmQz37rOtkmYLqEcGmKPw_t0alEEkgpk4tcRoi4JVCFutLEP-efz_wTgbzPT8MR49Li4N9LYhk_VPGv9YUU2cx2BJDOVstmYcw&sai=AMfl-YQQlL80vm13cqTKxr71NuwldEkF2-sTFUs005dGkYSDhK_TTWoLsBVYb_DhV3UVgkFjCOxFDe8f8Dzk-o2e2xGCNYy6WquzAPbRXfDjueYbR3Wmxd2ODjkt8-BcvEdv1w&sig=Cg0ArKJSzA4GGTAlC4rdEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ea3ccfae25b80120287108a10cf363b0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 16:09:54 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Wed, 14 Dec 2022 16:09:54 GMT
/
sync.taboola.com/sg/nativortb-network/1/rtb-h/ Frame 2A26
Redirect Chain
  • https://jadserve.postrelease.com/suid/101956?ntv_r=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fnativortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3DNTV_USER_ID
  • https://sync.taboola.com/sg/nativortb-network/1/rtb-h/?taboola_hm=f9e5c081-fe81-4535-b631-31dddabfd978
0
221 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/nativortb-network/1/rtb-h/?taboola_hm=f9e5c081-fe81-4535-b631-31dddabfd978
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 16:09:54 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
19275

Redirect headers

pragma
no-cache
date
Wed, 14 Dec 2022 16:09:54 GMT
server
nginx/1.12.1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://sync.taboola.com/sg/nativortb-network/1/rtb-h/?taboola_hm=f9e5c081-fe81-4535-b631-31dddabfd978
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
0
expires
Mon, 1 Jan 1990 12:00:00 GMT
rtb-h
match.taboola.com/sg/supershiprtb-display-network/1/ Frame 2A26
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=taboola
  • https://sync.taboola.com/sg/supershiprtb-display-network/1/rtb-h?taboola_hm=Y5n1UcCo5uYAAN4rASAAAAAA
  • https://match.taboola.com/sg/supershiprtb-display-network/1/rtb-h?taboola_hm=Y5n1UcCo5uYAAN4rASAAAAAA&tbid=a3e0988e-1f42-483f-bead-3fa183d011e7-tucta937ad0&query=taboola_hm%3DY5n1UcCo5uYAAN4rASAAAA...
0
53 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.taboola.com/sg/supershiprtb-display-network/1/rtb-h?taboola_hm=Y5n1UcCo5uYAAN4rASAAAAAA&tbid=a3e0988e-1f42-483f-bead-3fa183d011e7-tucta937ad0&query=taboola_hm%3DY5n1UcCo5uYAAN4rASAAAAAA&isDirect=0
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-cache-hits
0
date
Wed, 14 Dec 2022 16:09:54 GMT
via
1.1 varnish
server
nginx
x-timer
S1671034195.740489,VS0,VE18
x-cache
MISS
accept-ranges
bytes
content-length
0
x-served-by
cache-yul12821-YUL

Redirect headers

location
https://match.taboola.com/sg/supershiprtb-display-network/1/rtb-h?taboola_hm=Y5n1UcCo5uYAAN4rASAAAAAA&tbid=a3e0988e-1f42-483f-bead-3fa183d011e7-tucta937ad0&query=taboola_hm%3DY5n1UcCo5uYAAN4rASAAAAAA&isDirect=0
date
Wed, 14 Dec 2022 16:09:54 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
21456
/
sync.taboola.com/sg/stroerrtbeur-network/1/rtb-h/ Frame 2A26
Redirect Chain
  • https://ih.adscale.de/su?gdpr=0&gdpr_consent=&tpid=22688&cburl=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fstroerrtbeur-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D__STROEER_USER_ID__
  • https://ih.adscale.de/su?gdpr=0&gdpr_consent=&tpid=22688&cburl=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fstroerrtbeur-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D__STROEER_USER_ID__&nut&uu=1091dbfd0cc849fab7...
  • https://sync.taboola.com/sg/stroerrtbeur-network/1/rtb-h/?taboola_hm=1091dbfd0cc849fab7ca09fc29ababf1
0
221 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/stroerrtbeur-network/1/rtb-h/?taboola_hm=1091dbfd0cc849fab7ca09fc29ababf1
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 16:09:54 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
27210

Redirect headers

location
https://sync.taboola.com/sg/stroerrtbeur-network/1/rtb-h/?taboola_hm=1091dbfd0cc849fab7ca09fc29ababf1
date
Wed, 14 Dec 2022 16:09:54 GMT
content-length
0
sync
ssbsync.smartadserver.com/api/ Frame 2A26 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=4
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.187.193.179 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers
/
trc.taboola.com/sg/rubicon-network-display/1/rtb-h/ Frame 2A26
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=16698
  • https://trc.taboola.com/sg/rubicon-network-display/1/rtb-h/?taboola_hm=LBNUM2RU-1L-EX1I
0
203 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/rubicon-network-display/1/rtb-h/?taboola_hm=LBNUM2RU-1L-EX1I
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-vcl-time-ms
19
date
Wed, 14 Dec 2022 16:09:54 GMT
via
1.1 varnish
x-cache-hits
0
server
nginx
x-timer
S1671034195.569716,VS0,VE19
x-cache
MISS
accept-ranges
bytes
x-served-by
cache-yul12821-YUL

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://trc.taboola.com/sg/rubicon-network-display/1/rtb-h/?taboola_hm=LBNUM2RU-1L-EX1I
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
c3b5432477546c086cd062707f625a76
Expires
0
/
trc.taboola.com/sg/google-network/1/rtb-h/ Frame 2A26
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc
  • https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEPxVR15Zn2HqKoDCD2zoroc&google_cver=1
0
59 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEPxVR15Zn2HqKoDCD2zoroc&google_cver=1
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-vcl-time-ms
18
date
Wed, 14 Dec 2022 16:09:54 GMT
via
1.1 varnish
x-cache-hits
0
server
nginx
x-timer
S1671034195.577290,VS0,VE18
x-cache
MISS
accept-ranges
bytes
content-length
0
x-served-by
cache-yul12821-YUL

Redirect headers

pragma
no-cache
date
Wed, 14 Dec 2022 16:09:54 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEPxVR15Zn2HqKoDCD2zoroc&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
304
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 2A26 		42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=a3e0988e-1f42-483f-bead-3fa183d011e7-tucta937ad0:$UID
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Wed, 14 Dec 2022 16:09:53 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
pixel
cm.g.doubleclick.net/ Frame 2A26
Redirect Chain
  • https://sync.taboola.com/sg/google-network/1/rtb?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dtaboola_dbm%26google_sc%26gdpr%3D0%26gdpr_consent%3D&orig=trc
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=a3e0988e-1f42-483f-bead-3fa183d011e7-tucta937ad0
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=a3e0988e-1f42-483f-bead-3fa183d011e7-tucta937ad0
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Server
142.251.41.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 16:09:54 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=a3e0988e-1f42-483f-bead-3fa183d011e7-tucta937ad0
date
Wed, 14 Dec 2022 16:09:54 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
18828
/
trc.taboola.com/sg/thetradedesk-network/1/rtb-h/ Frame 2A26
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1
  • https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=93c076c2-e894-440e-8e6d-f5adaa53e805
0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=93c076c2-e894-440e-8e6d-f5adaa53e805
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-vcl-time-ms
19
date
Wed, 14 Dec 2022 16:09:54 GMT
via
1.1 varnish
x-cache-hits
0
server
nginx
x-timer
S1671034195.569700,VS0,VE19
x-cache
MISS
accept-ranges
bytes
content-length
0
x-served-by
cache-yul12821-YUL

Redirect headers

pragma
no-cache
date
Wed, 14 Dec 2022 16:09:54 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=93c076c2-e894-440e-8e6d-f5adaa53e805
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
239
merge
ce.lijit.com/ Frame 2A26 		43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=42&3pid=a3e0988e-1f42-483f-bead-3fa183d011e7-tucta937ad0&us_privacy=1---&gdpr=0&gdpr_consent=
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.238.254 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 14 Dec 2022 16:09:54 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap1ewr1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT
rtset
bh.contextweb.com/bh/ Frame 2A26 		49 B
735 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bh.contextweb.com/bh/rtset?do=add&pid=553204&ev=a3e0988e-1f42-483f-bead-3fa183d011e7-tucta937ad0
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.148.27.139 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
Jetty(9.4.14.v20181114) /
Resource Hash
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language
en-CA
content-type
image/gif;charset=iso-8859-1
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-stage-0
expires
-1
/
rtb-csync.smartadserver.com/redir/ Frame 2A26 		43 B
438 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=107&partneruserid=a3e0988e-1f42-483f-bead-3fa183d011e7-tucta937ad0&gdpr=0&gdpr_consent=
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.187.193.204 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 14 Dec 2022 16:09:53 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
put
e1.emxdgt.com/ Frame 2A26 		43 B
312 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e1.emxdgt.com/put?d=d41&uid=a3e0988e-1f42-483f-bead-3fa183d011e7-tucta937ad0
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
44.209.207.157 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-209-207-157.compute-1.amazonaws.com
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 16:09:53 GMT
content-length
43
content-type
image/gif
/
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame 2A26
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=29&p=282&cp=taboolaortb&cu=1&url=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fcriteortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%40%40CRITEO_USERID%40%40
  • https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=80becde9-4329-4c56-beef-32b3459c8116
0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=80becde9-4329-4c56-beef-32b3459c8116
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 16:09:54 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
20934

Redirect headers

pragma
no-cache
date
Wed, 14 Dec 2022 16:09:54 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=80becde9-4329-4c56-beef-32b3459c8116
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2293403
content-length
0
expires
Wed, 14 Dec 2022 00:00:00 GMT
/
sync.taboola.com/sg/id5-network/1/rtb-h/ Frame 2A26
Redirect Chain
  • https://id5-sync.com/s/464/9.gif?puid=a3e0988e-1f42-483f-bead-3fa183d011e7-tucta937ad0&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fid5-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D...
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F434%2F6%2F2.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&consent=
  • https://id5-sync.com/c/464/434/6/2.gif?puid=dab1d30c-63ac-4954-8a7d-b1d1c4b75e7b&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/id5/1/get?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F112%2F5%2F3.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D
  • https://id5-sync.com/c/464/112/5/3.gif?puid=3D8AC039F37BDE77&gdpr=0&gdpr_consent=
  • https://ib.adnxs.com/getuid?https://id5-sync.com/c/464/2/4/4.gif?puid=$UID&gdpr=0&gdpr_consent=
  • https://id5-sync.com/c/464/2/4/4.gif?puid=1981009107925892549&gdpr=0&gdpr_consent=
  • https://sync.mathtag.com/sync/img?mt_exid=10089&mt_exuid=ID5-98c07V5StUEuuA9u2inNrd1e0jZ3TUrJTvgPKqDCYw&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F3%2F3%2F5.gif%3Fpuid%3D%5BUUID%5D%26gdpr%3D0%26g...
  • https://id5-sync.com/c/464/3/3/5.gif?puid=06da6399-f551-4a00-926c-8d29a9ba9bf9&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F108%2F2%2F6.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_con...
  • https://id5-sync.com/c/464/108/2/6.gif?puid=6c551e27-dcdd-4dc1-8730-3eee73720388&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://id5-sync.com/k/264.gif?puid=93c076c2-e894-440e-8e6d-f5adaa53e805&ttl=%%TTL%%
  • https://rtb.gumgum.com/getuid/id5?r=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F441%2F0%2F8.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
  • https://id5-sync.com/c/464/441/0/8.gif?puid=u_7ccab554-a39a-4127-bf74-eada98538b7c&gdpr=0&gdpr_consent=
  • https://sync.taboola.com/sg/id5-network/1/rtb-h/?taboola_hm=ID5-98c07V5StUEuuA9u2inNrd1e0jZ3TUrJTvgPKqDCYw
0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/id5-network/1/rtb-h/?taboola_hm=ID5-98c07V5StUEuuA9u2inNrd1e0jZ3TUrJTvgPKqDCYw
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 16:09:59 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
26147

Redirect headers

location
https://sync.taboola.com/sg/id5-network/1/rtb-h/?taboola_hm=ID5-98c07V5StUEuuA9u2inNrd1e0jZ3TUrJTvgPKqDCYw
date
Wed, 14 Dec 2022 16:09:59 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
transfer-encoding
chunked
p3p
CP="CAO PSA OUR"
rtb-h
sync-t1.taboola.com/sg/bidswitch-network/1/ Frame 2A26
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=taboola&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://sync-dmp.mobtrakk.com/match/bidswitch?id=${user_id}&gdpr=0&consent=&usp=1---&ssp=taboola&bsw=7b5323bb-b935-48d8-9c26-c80be97a43e2
  • https://sync-dmp.mobtrakk.com/match/bidswitch?id=%24%7Buser_id%7D&gdpr=0&consent=&usp=1---&ssp=taboola&bsw=7b5323bb-b935-48d8-9c26-c80be97a43e2&chk=1
  • https://x.bidswitch.net/sync?dsp_id=457&user_id=MTdjODYxYTI3OWYxYWMw&gdpr=0&gdpr_consent=&us_privacy=1---&ssp=taboola&bsw_param=7b5323bb-b935-48d8-9c26-c80be97a43e2
  • https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=7b5323bb-b935-48d8-9c26-c80be97a43e2
0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=7b5323bb-b935-48d8-9c26-c80be97a43e2
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 16:09:54 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
22144

Redirect headers

Location
//sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=7b5323bb-b935-48d8-9c26-c80be97a43e2
Date
Wed, 14 Dec 2022 16:09:54 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
rtb-h
match.taboola.com/sg/mediaforcebidder-network/1/ Frame 2A26
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=taboola
  • https://sync.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=444423ab-625a-4b88-8a2d-0db6b44631cc
  • https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=444423ab-625a-4b88-8a2d-0db6b44631cc&tbid=a3e0988e-1f42-483f-bead-3fa183d011e7-tucta937ad0&query=taboola_hm%3D444423ab-625a-...
0
54 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=444423ab-625a-4b88-8a2d-0db6b44631cc&tbid=a3e0988e-1f42-483f-bead-3fa183d011e7-tucta937ad0&query=taboola_hm%3D444423ab-625a-4b88-8a2d-0db6b44631cc&isDirect=0
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-cache-hits
0
date
Wed, 14 Dec 2022 16:09:54 GMT
via
1.1 varnish
server
nginx
x-timer
S1671034195.605028,VS0,VE12
x-cache
MISS
accept-ranges
bytes
content-length
0
x-served-by
cache-yul12821-YUL

Redirect headers

location
https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=444423ab-625a-4b88-8a2d-0db6b44631cc&tbid=a3e0988e-1f42-483f-bead-3fa183d011e7-tucta937ad0&query=taboola_hm%3D444423ab-625a-4b88-8a2d-0db6b44631cc&isDirect=0
date
Wed, 14 Dec 2022 16:09:54 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
18859
sd
u.openx.net/w/1.0/ Frame 2A26 		43 B
114 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u.openx.net/w/1.0/sd?id=543998486&val=a3e0988e-1f42-483f-bead-3fa183d011e7-tucta937ad0&gdpr=0&gdpr_consent=
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 16:09:54 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT
xuid
eb2.3lift.com/ Frame 2A26 		37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=7772&xuid=a3e0988e-1f42-483f-bead-3fa183d011e7-tucta937ad0&dongle=tbla
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-type
image/gif
date
Wed, 14 Dec 2022 16:09:54 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
sync
visitor.omnitagjs.com/visitor/ Frame 2A26 		49 B
342 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=54ac1f569912e3c4967bf7b5df910a44&name=TABOOLA&visitor=[BUYER_USERID]&external=true
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
195.244.31.10 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 16:09:54 GMT
x-content-type-options
nosniff
server
ayl-lb-usa02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
3
content-length
49
expires
0
rtb-h
sync.taboola.com/sg/stackadaptrtb-network/1/ Frame 2A26
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=140
  • https://sync.taboola.com/sg/stackadaptrtb-network/1/rtb-h?taboola_hm=WHLlBE6uTaJQmgHiIBBCPZU4mbI
0
221 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/stackadaptrtb-network/1/rtb-h?taboola_hm=WHLlBE6uTaJQmgHiIBBCPZU4mbI
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 16:09:54 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
19740

Redirect headers

Location
https://sync.taboola.com/sg/stackadaptrtb-network/1/rtb-h?taboola_hm=WHLlBE6uTaJQmgHiIBBCPZU4mbI
Date
Wed, 14 Dec 2022 16:09:54 GMT
Connection
keep-alive
Content-Length
119
Content-Type
text/html; charset=utf-8
match
ads.betweendigital.com/ Frame 2A26
Redirect Chain
  • https://x.bidswitch.net/sync?dsp_id=453&user_id=a3e0988e-1f42-483f-bead-3fa183d011e7-tucta937ad0&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://ads.betweendigital.com/match?bidder_id=22&external_user_id=7b5323bb-b935-48d8-9c26-c80be97a43e2
  • https://ads.betweendigital.com/match?bidder_id=22&external_user_id=7b5323bb-b935-48d8-9c26-c80be97a43e2&crf=1
68 B
607 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.betweendigital.com/match?bidder_id=22&external_user_id=7b5323bb-b935-48d8-9c26-c80be97a43e2&crf=1
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Server
96.46.186.57 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
68
content-type
image/png

Redirect headers

location
/match?bidder_id=22&external_user_id=7b5323bb-b935-48d8-9c26-c80be97a43e2&crf=1
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
sync
t.adx.opera.com/ Frame 2A26 		35 B
466 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.adx.opera.com/sync?vendor=60151&uid=a3e0988e-1f42-483f-bead-3fa183d011e7-tucta937ad0
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
82.145.213.8 , Norway, ASN39832 (NO-OPERA, NO),
Reverse DNS
n-sysadmin-jumpbox-03.feednews.opera.technology
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 16:09:54 GMT
server
nginx
access-control-allow-methods
POST, GET
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
/
sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/ Frame 2A26
Redirect Chain
  • https://u.openx.net/w/1.0/cm?gdpr=0&gdpr_consent=&ph=295bf259-a378-4089-aae8-a2a995ba8627&id=37f45540-fa88-4005-bf73-8a7ac39467e3&r=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fopenxrtb-network%2F1%2Fr...
  • https://sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/?gdpr=0&us_privacy=1---&orig=video&taboola_hm=e5815896-7d87-4403-bba9-643ca4c2cdc3
0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/?gdpr=0&us_privacy=1---&orig=video&taboola_hm=e5815896-7d87-4403-bba9-643ca4c2cdc3
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 16:09:54 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
21456

Redirect headers

date
Wed, 14 Dec 2022 16:09:54 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/?gdpr=0&us_privacy=1---&orig=video&taboola_hm=e5815896-7d87-4403-bba9-643ca4c2cdc3
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
cds-pips.js
cdn.taboola.com/scripts/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/cds-pips.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20221213-28-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3e7d49f24d56db02c7baca8ae3a17555c2e527571450e8c24c77b453407e267a

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-amz-version-id
z5FoayaLm_Bvew3pbkytkoHczFCvkPwT
content-encoding
gzip
via
1.1 varnish
date
Wed, 14 Dec 2022 16:09:54 GMT
x-amz-request-id
ZAK4FD2E2P8MSSD3
age
481
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1340
x-amz-id-2
V0c8gILtYp37FWXhcXdQojKeSQFpHITDXRHuVnvWCLK7rCdcoYnpLZyoXbDe/nSz/8OPQX7zNUM=
x-served-by
cache-yul12821-YUL
last-modified
Wed, 12 Oct 2022 13:57:57 GMT
server
AmazonS3
x-timer
S1671034195.541310,VS0,VE0
etag
"383fa66d2a0a09f4a6e64a9593ad43bb"
vary
Accept-Encoding
content-type
application/javascript
abp
67
cache-control
private, max-age=3600
accept-ranges
bytes
x-cache-hits
3154
eid-encv2.es5.js
cdn.taboola.com/scripts/ 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/eid-encv2.es5.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20221213-28-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
eb2ab5b5cdfb45aad4d8911147a322e9546a12881682d80eaaa9040e77d63288

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-amz-version-id
5Ow5rm4wA7Q0UhOZ9VP078H429HAqiL6
content-encoding
gzip
via
1.1 varnish
date
Wed, 14 Dec 2022 16:09:54 GMT
x-amz-request-id
RFD2FRMF7DZAS35J
age
19686
x-cache
HIT
x-amz-replication-status
PENDING
content-length
5616
x-amz-id-2
wpNhWRpRg6FuwtwFMNz74CDW+tNOyXNNoR+JL3SuHJYSNsIDWfWyFqYvMdscWWERxSt8OF+Tui8=
x-served-by
cache-yul12821-YUL
last-modified
Wed, 14 Dec 2022 10:39:25 GMT
server
AmazonS3
x-timer
S1671034195.541295,VS0,VE0
etag
"ff9bbfda54628457069031e22f7300f5"
vary
Accept-Encoding
content-type
application/javascript
abp
67
cache-control
private,max-age=14400
accept-ranges
bytes
x-cache-hits
121896
/
pips.taboola.com/ 		64 B
243 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pips.taboola.com/
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
a6d9fa8ea6ae772a57fd764ef36294cfe3ebfb8b5667f50e0af86c0959131355

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-served-by
cache-yul12821-YUL
date
Wed, 14 Dec 2022 16:09:54 GMT
via
1.1 varnish
server
Varnish
access-control-allow-methods
GET
x-cache
HIT
access-control-allow-origin
https://wegotthiscovered.com
cache-control
no-store
accept-ranges
bytes
content-length
64
retry-after
0
x-cache-hits
0
/
cds.taboola.com/ 		0
82 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cds.taboola.com/?uid=a3e0988e-1f42-483f-bead-3fa183d011e7-tucta937ad0&uad=1cc56e5fc3be68bfe3398b740ea6292fb445def0bfa8ba3d41b377aee41bf6b7&mbl=ZmFsc2U=
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 14 Dec 2022 16:09:54 GMT
cache-control
no-store
server
nginx
activeview
pagead2.googlesyndication.com/pcs/ Frame 9EEA 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvClJ2Di5gUnquvfmTRGsxaQiSEUgPDYMsHgDSOOC6e0NBksKm38sagoHmorULTlJ6ltQnwklGRcqb76lipJXVyw_WcxFJSQcEt4ylKA8oNo4ldKPC1&sig=Cg0ArKJSzFaN9olbLyWmEAE&id=lidar2&mcvt=1000&p=865,1199,866,1200&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221207&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=3702255727&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1671034193564&rpt=276&isd=0&lsd=0&met=ce&wmsd=0&pbe=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 16:09:54 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 822E 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssV6U-MkCYPhkReQ4p6sfZ85YJX56_avQyAOh1UAxpDuWujpdm-1VGGxUFtbt1WK2uy4MM9WMhmEMuxTvMFGNHQo5kG2RtNleamGcjyOs2X0Awq0kpGrWoJS39zZ9jVkH2irhI&sai=AMfl-YTn2vRjlp8phNGbOU-iSy8oO0E9rhPdQWJg_Cd7yVgofNpuWIMmxYEwyNJkJECRWXFXo-H80BMU8F1_reFjtPZs0CEIrTTn0mITorLkVsUbcu_d1GC0FtkfVSn9Rtg&sig=Cg0ArKJSzOyV0iy8ROVZEAE&cid=CAQSPADq26N9h07GtanbV1Y4kasVdnVq_9_TcAi4sVXbGG7VlYOhGYS8RTMlhbb-8eXVinEg1jVUhGa4hpPkKxgBIBM&id=ampim&o=1049,1040&d=300,250&ss=1600,1200&bs=1600,1200&mcvt=1001&mtos=0,0,1001,1001,1001&tos=0,0,1001,0,0&tfs=390&tls=1391&g=63.999998569488525&h=63.999998569488525&tt=1391&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 16:09:55 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame ADC9 		0
260 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156011&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.84 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 16:09:53 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
activeview
pagead2.googlesyndication.com/pcs/ Frame 4D1C 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu3JPisp1Qvae97rmdwBRlzYh8uG6aMAi4tYwJljfSYdHZOyanoSOgyRAEmquR_fvlg4ADU9_gSJ_eyVWYPVMnMtagG79EmEWMnOluKXEXsAB2M2KSp&sig=Cg0ArKJSzPadLDLNuT2SEAE&id=lidar2&mcvt=1001&p=1110,315,1200,1285&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20221207&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=19&adk=2087247537&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1671034193626&rpt=496&isd=0&lsd=0&met=ce&wmsd=0&pbe=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ea3ccfae25b80120287108a10cf363b0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 16:09:55 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 531D 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=42274520&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.81 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
d86d5b1ab5c0ca59bd7410cf5fac277d26a2172660f05133fb2ca61018714d42

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Wed, 14 Dec 2022 14:55:03 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
dcm
s.amazon-adsystem.com/ Frame AD56 		43 B
855 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=A4AEF537-FE6F-4C13-8C83-341BA583EED8&redir=true&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Wed, 14 Dec 2022 16:09:55 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
YVTV1T46TPG7Y51GNX6Q
Pug
simage2.pubmatic.com/AdServer/ Frame B576
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:06da6399-f551-4a00-926c-8d29a9ba9bf9&gdpr=0&gdpr_consent=
42 B
405 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:06da6399-f551-4a00-926c-8d29a9ba9bf9&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 14 Dec 2022 16:09:54 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Wed, 14 Dec 2022 16:09:55 GMT
Expires
Wed, 14 Dec 2022 16:09:54 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 180 1fd3e2d master ord-pixel-x28 config:1.0.0
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:06da6399-f551-4a00-926c-8d29a9ba9bf9&gdpr=0&gdpr_consent=
Pug
image2.pubmatic.com/AdServer/ Frame EAE3
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFDTGNrN0hNLXNBQUI4NmhjLTdKQQ&gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Csyn%2Cpp%2Cpm&bee_sync_current_partner=adx&b...
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Csyn%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AACLck7HM-sAAB86hc-7JA&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsyn%252Cpp%252C...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=syn%2Cpp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=9124950748540668363&gdpr=0&gdpr_consent=
  • https://sync.technoratimedia.com/services?srv=cs&pid=73&uid=AACLck7HM-sAAB86hc-7JA&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D9124950748540668363%26gdpr%3D0%26gdpr_cons...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=9124950748540668363&gdpr=0&gdpr_consent=&bee_sync_partners=pp,pm&bee_sync_current_partner=syn&bee_sync_initiator=adx&bee_sync_hop_count=3
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AACLck7HM-sAAB86hc-7JA&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D9124950748540668363%26gdpr%3D0%26bee_sync_pa...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=9124950748540668363&gdpr=0&bee_sync_partners=pm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=4&ev=AACLck7HM-sAAB86hc-7J...
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AACLck7HM-sAAB86hc-7JA&gdpr=0
42 B
278 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AACLck7HM-sAAB86hc-7JA&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 14 Dec 2022 16:09:56 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
0
Date
Wed, 14 Dec 2022 16:09:56 GMT
Server
gunicorn
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AACLck7HM-sAAB86hc-7JA&gdpr=0
strict-transport-security
max-age=2592000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame 7E90
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1981009107925892549&gdpr=0&gdpr_consent=
42 B
297 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1981009107925892549&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 14 Dec 2022 16:09:56 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

AN-X-Request-Uuid
925343d6-f1ff-4a56-902b-b118fa104e60
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=utf-8
Date
Wed, 14 Dec 2022 16:09:55 GMT
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1981009107925892549&gdpr=0&gdpr_consent=
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma
no-cache
Server
nginx/1.21.3
X-Proxy-Origin
149.56.153.178; 149.56.153.178; 806.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
X-XSS-Protection
0
usersync
usersync.gumgum.com/ Frame B2EA 		35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=pbm&i=A4AEF537-FE6F-4C13-8C83-341BA583EED8
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
3.213.224.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-213-224-199.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Wed, 14 Dec 2022 16:09:55 GMT
Expires
0
Pragma
no-cache
qmap
sync.crwdcntrl.net/ Frame 531D 		49 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=A4AEF537-FE6F-4C13-8C83-341BA583EED8&gdpr=0&gdpr_consent=
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.204.129.69 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-204-129-69.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 16:09:56 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.2.160
content-length
49
expires
0
/
io.narrative.io/ Frame 531D
Redirect Chain
  • https://io.narrative.io/?companyId=673&id=pubmatic_id:A4AEF537-FE6F-4C13-8C83-341BA583EED8
  • https://io.narrative.io/?io.narrative.guid.v2=c0264590-7bc9-11ed-a2b2-0ecbf2332f6f&companyId=673&id=pubmatic_id:A4AEF537-FE6F-4C13-8C83-341BA583EED8
0
247 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://io.narrative.io/?io.narrative.guid.v2=c0264590-7bc9-11ed-a2b2-0ecbf2332f6f&companyId=673&id=pubmatic_id:A4AEF537-FE6F-4C13-8C83-341BA583EED8
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
HTTP/1.1
Server
54.147.12.232 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-147-12-232.compute-1.amazonaws.com
Software
nginx/1.22.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Wed, 14 Dec 2022 16:09:56 GMT
Cache-Control
no-cache
Server
nginx/1.22.0
Connection
keep-alive

Redirect headers

Location
https://io.narrative.io/?io.narrative.guid.v2=c0264590-7bc9-11ed-a2b2-0ecbf2332f6f&companyId=673&id=pubmatic_id:A4AEF537-FE6F-4C13-8C83-341BA583EED8
Date
Wed, 14 Dec 2022 16:09:56 GMT
Server
nginx/1.22.0
Connection
keep-alive
Content-Length
0
g.pixel
aa.agkn.com/adscores/ Frame 531D 		43 B
656 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aa.agkn.com/adscores/g.pixel?sid=9212308278&puid=A4AEF537-FE6F-4C13-8C83-341BA583EED8
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.214.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-214-50.ewr50.r.cloudfront.net
Software
AAWebServer /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 16:09:56 GMT
via
1.1 00fd85d5c5d5bd788f272591be9ecbca.cloudfront.net (CloudFront)
server
AAWebServer
x-amz-cf-pop
EWR50-C1
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
x-cache
Miss from cloudfront
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length
43
x-amz-cf-id
4x35nijbHQthZHXtsWRUrIN1W37sNanF2bGGrK5E7B0XHmAExH2wrw==
expires
0
info2
uipglob.semasio.net/pubmatic/1/ Frame 531D
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=A4AEF537-FE6F-4C13-8C83-341BA583EED8&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=A4AEF537-FE6F-4C13-8C83-341BA583EED8&sInitiator=external&gdpr=0&gdpr_consent=
42 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=A4AEF537-FE6F-4C13-8C83-341BA583EED8&sInitiator=external&gdpr=0&gdpr_consent=
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
HTTP/1.1
Server
50.57.31.206 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 14 Dec 2022 16:09:56 GMT
Frontend-ID
3
P3P
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
Content-Type
image/gif
UIP-Response-Status
Ok
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Origin
*
Content-Length
42
Routing-Server-ID
-1
Expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 14 Dec 2022 16:09:56 GMT
Frontend-ID
15
P3P
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
Location
/pubmatic/1/info2?sType=sync&sExtCookieId=A4AEF537-FE6F-4C13-8C83-341BA583EED8&sInitiator=external&gdpr=0&gdpr_consent=
UIP-Response-Status
Ok
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Content-Length
0
Routing-Server-ID
-1
Expires
Sat, 01 Jan 2011 12:00:00 GMT
A4AEF537-FE6F-4C13-8C83-341BA583EED8
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 531D 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/A4AEF537-FE6F-4C13-8C83-341BA583EED8?gdpr=0&gdpr_consent=
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a02:67f9:8537:7e0c:43ee Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 16:09:55 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
SPug
image4.pubmatic.com/AdServer/ Frame 531D
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=A4AEF537-FE6F-4C13-8C83-341BA583EED8&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-wgrztsJE2uVig39VOC6gOGRrb5eqJfQ-~A&gdpr=0&gdpr_consent=
0
128 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-wgrztsJE2uVig39VOC6gOGRrb5eqJfQ-~A&gdpr=0&gdpr_consent=
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Server
8.28.7.84 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 16:09:54 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-wgrztsJE2uVig39VOC6gOGRrb5eqJfQ-~A&gdpr=0&gdpr_consent=
date
Wed, 14 Dec 2022 16:09:55 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Pug
simage2.pubmatic.com/AdServer/ Frame 531D
Redirect Chain
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=A4AEF537-FE6F-4C13-8C83-341BA583EED8&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AQELLgBqvmfkuAIPy-PDAQEBAQE&expiration=1671120596&nuid=A4AEF537-FE6F-4C13-8C83-341BA583EED8&...
42 B
269 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AQELLgBqvmfkuAIPy-PDAQEBAQE&expiration=1671120596&nuid=A4AEF537-FE6F-4C13-8C83-341BA583EED8&gdpr_consent=&gdpr=0
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Wed, 14 Dec 2022 16:09:56 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 14 Dec 2022 16:09:55 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AQELLgBqvmfkuAIPy-PDAQEBAQE&expiration=1671120596&nuid=A4AEF537-FE6F-4C13-8C83-341BA583EED8&gdpr_consent=&gdpr=0
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
Pug
simage2.pubmatic.com/AdServer/ Frame 531D
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_cons...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=afa8db5b-44ca-4d73-8160-48f9204a24d4&gdpr=0&gdpr_consent=
1 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=afa8db5b-44ca-4d73-8160-48f9204a24d4&gdpr=0&gdpr_consent=
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Wed, 14 Dec 2022 16:09:56 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=afa8db5b-44ca-4d73-8160-48f9204a24d4&gdpr=0&gdpr_consent=
Date
Wed, 14 Dec 2022 16:09:55 GMT
Connection
keep-alive
X-CI-RTID
c9cfb732-cb2c-466f-b928-4b1ac0d5fb16
Content-Length
205
Content-Type
text/html; charset=utf-8
sn.ashx
pmp.mxptint.net/ Frame 531D
Redirect Chain
  • https://pmp.mxptint.net/sn.ashx?&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjc0NCZ0bD0xNTc2ODAw&piggybackCookie=R1B341_FAE3DAA2_57C7B014&r=https://pmp.mxptint.net/sn.ashx?ak=1
  • https://pmp.mxptint.net/sn.ashx?ak=1
43 B
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pmp.mxptint.net/sn.ashx?ak=1
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
HTTP/1.1
Server
204.2.255.233 , United States, ASN2914 (NTT-LTD-2914, US),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
Security Headers
Name Value
Strict-Transport-Security max-age=-354020996; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Expires
-1
Pragma
no-cache
Date
Wed, 14 Dec 2022 16:09:55 GMT
Cache-Control
no-cache
Strict-Transport-Security
max-age=-354020996; includeSubDomains
Content-Length
43
Content-Type
image/gif

Redirect headers

location
https://pmp.mxptint.net/sn.ashx?ak=1
date
Wed, 14 Dec 2022 16:09:54 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
CookieSyncPubMatic&gdpr=0&gdpr_consent=
rtb.adentifi.com/ Frame 531D 		0
35 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieSyncPubMatic&gdpr=0&gdpr_consent=
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.215.244.255 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-215-244-255.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 16:09:56 GMT
async_usersync.html
acdn.adnxs.com/dmp/ Frame 8334 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://wegotthiscovered.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
59123
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Wed, 14 Dec 2022 16:09:56 GMT
ETag
W/"623de86a-cf34"
Expires
Sat, 10 Dec 2022 23:44:27 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
70, 312567
X-Served-By
cache-lga13626-LGA, cache-yul12830-YUL
X-Timer
S1671034197.640860,VS0,VE0
usync.html
eus.rubiconproject.com/ Frame 9873 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?gdpr_consent=undefined
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.105.42.146 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-105-42-146.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://wegotthiscovered.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 14 Dec 2022 16:09:56 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
iframe
sync.teads.tv/ Frame 1072 		153 B
314 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.teads.tv/iframe?gdprIab=%7B%22status%22%3A0%7D
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.221.200.33 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-221-200-33.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.9 /
Resource Hash
716a727e47216ad28191f60fb09d59015b1bcb3df8cc32b5bb94f73d534a5732

Request headers

Referer
https://wegotthiscovered.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store
content-length
153
content-type
text/html; charset=UTF-8
date
Wed, 14 Dec 2022 16:09:56 GMT
expires
Wed, 14 Dec 2022 16:09:56 GMT
pragma
no-cache
server
akka-http/10.2.9
async_usersync.html
acdn.adnxs.com/dmp/ Frame 4629 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://wegotthiscovered.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
59123
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Wed, 14 Dec 2022 16:09:56 GMT
ETag
W/"623de86a-cf34"
Expires
Sat, 10 Dec 2022 23:44:27 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
70, 311730
X-Served-By
cache-lga13626-LGA, cache-yul12832-YUL
X-Timer
S1671034197.640461,VS0,VE0
showad.js
ads.pubmatic.com/AdServer/js/ Frame A8FE 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.87.164.200 Minneapolis, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-87-164-200.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d073fb4f4eec190af7bf7282c4fecca1001c25616f87f23d5aaa8dbe16d37e2d

Request headers

Referer
https://wegotthiscovered.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=165060
content-encoding
gzip
content-length
13946
content-type
text/html
date
Wed, 14 Dec 2022 16:09:56 GMT
expires
Fri, 16 Dec 2022 14:00:56 GMT
last-modified
Tue, 05 Jul 2022 05:32:20 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
collect
analytics.google.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-VRDHJCSX1H&gtm=2oebu0&_p=1569105561&cid=424637361.1671034192&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1671034191&sct=1&seg=0&dl=https%3A%2F%2Fwegotthiscovered.com%2F&dt=Movie%20News%2C%20Gaming%20News%2C%20Blu-Ray%20News%2C%20Music%20News%2C%20and%20TV%20News%20%7C%20We%20Got%20This%20Covered&en=Allowed&_ee=1&ep.event_category=Ad%20Block&ep.non_interaction=true&_et=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VRDHJCSX1H&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:34::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 16:09:56 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://wegotthiscovered.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame 9873 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr_consent=undefined
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.105.42.146 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-105-42-146.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
43fc246a1a30bd53204d8e01df9cd7d9cde0cb23ce78506d12b54e4248d1f806

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?gdpr_consent=undefined
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Wed, 14 Dec 2022 16:09:56 GMT
Content-Encoding
gzip
Last-Modified
Wed, 14 Dec 2022 06:48:13 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=52679
Connection
keep-alive
Content-Length
10065
Expires
Thu, 15 Dec 2022 06:47:55 GMT
async_usersync
ib.adnxs.com/ Frame 8334 		0
745 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.161.208 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
806.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 14 Dec 2022 16:09:56 GMT
AN-X-Request-Uuid
5eec8623-b12b-468e-8e0b-41343928105f
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
149.56.153.178; 149.56.153.178; 806.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 4629 		0
745 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.161.208 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
806.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 14 Dec 2022 16:09:56 GMT
AN-X-Request-Uuid
71cc989e-98f7-4000-985d-119e6c786c32
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
149.56.153.178; 149.56.153.178; 806.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame 531D 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=0&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.84 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 16:09:57 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
sync
eb2.3lift.com/ Frame 6824 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
19120df5a4883992e222df90303056fe9d5215a119842fa5e3e3c5a159c0e451

Request headers

Referer
https://wegotthiscovered.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
1148
content-type
text/html; charset=utf-8
date
Wed, 14 Dec 2022 16:09:58 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
pd
us-u.openx.net/w/1.0/ Frame A157 		1 KB
672 B 		Document
General
Check archive.org
Download Go to
Full URL
https://us-u.openx.net/w/1.0/pd?plm=10&ph=d7066e05-92d3-4e83-b4f2-cbee552a2f6b&gdpr=0?gdpr=0&gdpr_consent=
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
76202646fadbc2b406c75475881e421491cdbfb6e6162d77913fb28742ec5549

Request headers

Referer
https://wegotthiscovered.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
653
content-type
text/html
date
Wed, 14 Dec 2022 16:09:58 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
v2
de.tynt.com/deb/ Frame EB4A
Redirect Chain
  • https://de.tynt.com/deb/v2?m=xch&rt=html&id=ahOcs-0hSr66bCaKj0P0Le&gdpr_consent=undefined&us_privacy=undefined
  • https://de.tynt.com/deb/v2?m=xch&rt=html&id=ahOcs-0hSr66bCaKj0P0Le&gdpr_consent=undefined&us_privacy=undefined&b=1
1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://de.tynt.com/deb/v2?m=xch&rt=html&id=ahOcs-0hSr66bCaKj0P0Le&gdpr_consent=undefined&us_privacy=undefined&b=1
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.31 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
9dc6694045b8f11e2049e75025e3eb1ee68ea60ad0a4d060808dfd4361f1b711

Request headers

Referer
https://wegotthiscovered.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-length
1392
content-type
text/html
date
Wed, 14 Dec 2022 16:09:57 GMT
expires
Sat, 26 Jul 1997 05:00:00 GMT
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
referrer-policy
unsafe-url

Redirect headers

accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-length
0
date
Wed, 14 Dec 2022 16:09:57 GMT
expires
Sat, 26 Jul 1997 05:00:00 GMT
location
https://de.tynt.com/deb/v2?m=xch&rt=html&id=ahOcs-0hSr66bCaKj0P0Le&gdpr_consent=undefined&us_privacy=undefined&b=1
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
referrer-policy
unsafe-url
/
rtb-csync.smartadserver.com/redir/
Redirect Chain
  • https://ad.turn.com/r/cs?pid=33&redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D32%26partneruserid%3D%23USER_ID%23%26gdpr%3D%23GDPR_APPLICABLE%23%26gdpr_consent%...
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=32&partneruserid=8139544075377708909&gdpr=0&gdpr_consent=
43 B
488 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=32&partneruserid=8139544075377708909&gdpr=0&gdpr_consent=
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
HTTP/1.1
Server
199.187.193.204 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 14 Dec 2022 16:09:57 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=32&partneruserid=8139544075377708909&gdpr=0&gdpr_consent=
pragma
no-cache
date
Wed, 14 Dec 2022 16:09:57 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
redir
rtb-csync.smartadserver.com/
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/sas?gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AACLck7HM-sAAB86hc-7JA&gdpr=0
43 B
465 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AACLck7HM-sAAB86hc-7JA&gdpr=0
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
HTTP/1.1
Server
199.187.193.204 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 14 Dec 2022 16:09:57 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

location
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AACLck7HM-sAAB86hc-7JA&gdpr=0
Date
Wed, 14 Dec 2022 16:09:58 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
sync
ups.analytics.yahoo.com/ups/58294/ Frame A157 		0
331 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58294/sync?_origin=1&uid=4c7f383c-4fec-4f1d-9a20-a4b0921c9d1e
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=d7066e05-92d3-4e83-b4f2-cbee552a2f6b&gdpr=0?gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.218.90.66 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-218-90-66.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 16:09:58 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
458249.gif
idsync.rlcdn.com/ Frame A157
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fid.rlcdn.com%2F464246.gif%3Fpartner_uid%3D
  • https://id.rlcdn.com/464246.gif?partner_uid=377dc4d3-5ac1-4334-967e-e5493c2408af
  • https://id.rlcdn.com/1000.gif?memo=CPaqHBIvCisIARCUaxokMzc3ZGM0ZDMtNWFjMS00MzM0LTk2N2UtZTU0OTNjMjQwOGFmEAAaDQjW6uecBhIFCOgHEABCAEoA
  • https://pippio.com/api/sync?pid=5324&it=1&iv=ff75b5cc7711b9600666fb44a089677b04d1ade96e403bebe24830ead1640f8a791426b5417dce21&_=2
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlBmZjc1YjVjYzc3MTFiOTYwMDY2NmZiNDRhMDg5Njc3YjA0ZDFhZGU5NmU0MDNiZWJlMjQ4MzBlYWQxNjQwZjhhNzkxNDI2YjU...
  • https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlBmZjc1YjVjYzc3MTFiOTYwMDY2NmZiNDRhMDg5Njc3YjA0ZDFhZGU5NmU0MDNiZWJlMjQ4MzBlYWQxNjQwZjhhNzkxNDI2YjU0MTdkY2UyMRAAGgwI1urnnAYSBAgCEABCAEoA&goog...
  • https://tags.rd.linksynergy.com/rcs?ns=lr&uid3=
  • https://idsync.rlcdn.com/458249.gif?partner_uid=76d39e1e-a106-41f9-b99a-24c46ff273f2
42 B
318 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/458249.gif?partner_uid=76d39e1e-a106-41f9-b99a-24c46ff273f2
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=d7066e05-92d3-4e83-b4f2-cbee552a2f6b&gdpr=0?gdpr=0&gdpr_consent=
Protocol
H2
Server
35.190.60.146 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 16:09:59 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

location
https://idsync.rlcdn.com/458249.gif?partner_uid=76d39e1e-a106-41f9-b99a-24c46ff273f2
date
Wed, 14 Dec 2022 16:09:59 GMT
via
1.1 google
x-samesite
secure
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
111
content-type
text/html; charset=utf-8
sd
us-u.openx.net/w/1.0/ Frame A157
Redirect Chain
  • https://ib.adnxs.com/getuid?https://us-u.openx.net/w/1.0/sd?id=537072399&val=$UID
  • https://us-u.openx.net/w/1.0/sd?id=537072399&val=1981009107925892549
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072399&val=1981009107925892549
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=d7066e05-92d3-4e83-b4f2-cbee552a2f6b&gdpr=0?gdpr=0&gdpr_consent=
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 16:09:58 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 14 Dec 2022 16:09:58 GMT
AN-X-Request-Uuid
0c629307-3570-42da-9449-a55472d8981a
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://us-u.openx.net/w/1.0/sd?id=537072399&val=1981009107925892549
Connection
keep-alive
X-Proxy-Origin
149.56.153.178; 149.56.153.178; 806.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame A157 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=3a6dc7c8-8b2c-ceae-0909-e72d6d8ca297
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=d7066e05-92d3-4e83-b4f2-cbee552a2f6b&gdpr=0?gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 14 Dec 2022 16:09:58 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
D6X426DE2ET000V9BW1V
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame A157
Redirect Chain
  • https://ad.turn.com/r/cs?pid=9&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=8139544075377708909&gdpr=0&gdpr_consent=&us_privacy=
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073061&val=8139544075377708909&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=d7066e05-92d3-4e83-b4f2-cbee552a2f6b&gdpr=0?gdpr=0&gdpr_consent=
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 16:09:58 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537073061&val=8139544075377708909&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Wed, 14 Dec 2022 16:09:57 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
sd
us-u.openx.net/w/1.0/ Frame A157
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=Y5n1UAAD-IvXyAAp
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537148856&val=Y5n1UAAD-IvXyAAp
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=d7066e05-92d3-4e83-b4f2-cbee552a2f6b&gdpr=0?gdpr=0&gdpr_consent=
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 16:09:58 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

x-served-by
cache-yul12833-YUL
pragma
no-cache
date
Wed, 14 Dec 2022 16:09:58 GMT
via
1.1 varnish
server
Varnish
x-timer
S1671034198.140444,VS0,VE0
x-cache
HIT
location
https://us-u.openx.net/w/1.0/sd?id=537148856&val=Y5n1UAAD-IvXyAAp
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
f67cddf1-072a-e71d-f8d0-734ffae8a43e
pr-bh.ybp.yahoo.com/sync/openx/ Frame A157 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/openx/f67cddf1-072a-e71d-f8d0-734ffae8a43e?gdpr=0
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=d7066e05-92d3-4e83-b4f2-cbee552a2f6b&gdpr=0?gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a02:67f9:8537:7e0c:43ee Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 16:09:58 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
sd
us-u.openx.net/w/1.0/ Frame A157
Redirect Chain
  • https://match.adsrvr.org/track/cmf/openx?oxid=62bbbbb5-9786-7554-c907-65ba05bf6977&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=93c076c2-e894-440e-8e6d-f5adaa53e805&ttd_puid=62bbbbb5-9786-7554-c907-65ba05bf6977&gdpr=0&gdpr_consent=
43 B
62 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072971&val=93c076c2-e894-440e-8e6d-f5adaa53e805&ttd_puid=62bbbbb5-9786-7554-c907-65ba05bf6977&gdpr=0&gdpr_consent=
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=d7066e05-92d3-4e83-b4f2-cbee552a2f6b&gdpr=0?gdpr=0&gdpr_consent=
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 16:09:58 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 14 Dec 2022 16:09:58 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072971&val=93c076c2-e894-440e-8e6d-f5adaa53e805&ttd_puid=62bbbbb5-9786-7554-c907-65ba05bf6977&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
335
pixel
cm.g.doubleclick.net/ Frame A157 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NGVkNDY4N2YtNWVmMS0yYmYwLWRjZTctM2YwM2NmNWRhNzE3
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=d7066e05-92d3-4e83-b4f2-cbee552a2f6b&gdpr=0?gdpr=0&gdpr_consent=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.41.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 16:09:58 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame A157
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEM3j-XB-yQ-7k6zXA9k3hUs&google_cver=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEM3j-XB-yQ-7k6zXA9k3hUs&google_cver=1
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=d7066e05-92d3-4e83-b4f2-cbee552a2f6b&gdpr=0?gdpr=0&gdpr_consent=
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 16:09:58 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 14 Dec 2022 16:09:58 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEM3j-XB-yQ-7k6zXA9k3hUs&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
xuid
eb2.3lift.com/ Frame 6824
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3658&xuid=93c076c2-e894-440e-8e6d-f5adaa53e805&dongle=0cfd
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3658&xuid=93c076c2-e894-440e-8e6d-f5adaa53e805&dongle=0cfd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-type
image/gif
date
Wed, 14 Dec 2022 16:09:58 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Wed, 14 Dec 2022 16:09:58 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://eb2.3lift.com/xuid?mid=3658&xuid=93c076c2-e894-440e-8e6d-f5adaa53e805&dongle=0cfd
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
209
ebda
eb2.3lift.com/ Frame 6824
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTI1MDM4NDY0ODI5MjEzOTYyNDQ0Ng%3D%3D
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 16:09:58 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 14 Dec 2022 16:09:58 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
248
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
xuid
eb2.3lift.com/ Frame 6824
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEOc5EWzSOtKqL72Tfch6N3s&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEOc5EWzSOtKqL72Tfch6N3s&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-type
image/gif
date
Wed, 14 Dec 2022 16:09:58 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Wed, 14 Dec 2022 16:09:58 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEOc5EWzSOtKqL72Tfch6N3s&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
332
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 6824
Redirect Chain
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTI1MDM4NDY0ODI5MjEzOTYyNDQ0Ng%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTI1MDM4NDY0ODI5MjEzOTYyNDQ0Ng%3D%3D
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H3
Server
142.251.41.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 16:09:58 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTI1MDM4NDY0ODI5MjEzOTYyNDQ0Ng%3D%3D
date
Wed, 14 Dec 2022 16:09:58 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
p.adsymptotic.com/d/px/ Frame 6824
Redirect Chain
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=1250384648292139624446&dbredirect=true&gdpr=0&consent=
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=1250384648292139624446&dbredirect=true&gdpr=0&consent=&cookiesTest=true
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=bdf3d054-9e72-43cf-bcec-95ea68c8feed&_noobservation=1
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=bdf3d054-9e72-43cf-bcec-95ea68c8feed&_noobservation=1&_expected_cookie=36ee054...
43 B
141 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=bdf3d054-9e72-43cf-bcec-95ea68c8feed&_noobservation=1&_expected_cookie=36ee0540ec463dfeabb96006db715474
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
104.18.99.194 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

p3p
CP='NON DSP COR CONi OUR BUS CNT'
date
Wed, 14 Dec 2022 16:09:58 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
779834ff5c0fa1f2-YYZ
content-length
43
content-type
image/gif

Redirect headers

location
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=bdf3d054-9e72-43cf-bcec-95ea68c8feed&_noobservation=1&_expected_cookie=36ee0540ec463dfeabb96006db715474
date
Wed, 14 Dec 2022 16:09:58 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
779834ff0b87a1f2-YYZ
content-length
0
xuid
eb2.3lift.com/ Frame 6824
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=1250384648292139624446&gdpr=0&gdpr_consent=
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=7b5323bb-b935-48d8-9c26-c80be97a43e2&ssp=triplelift&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2910&partner_device_id=10594366285420205050&gdpr=0&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.vi...
  • https://odr.mookie1.com/t/v2?tagid=V2_948118&src.visitorid=6c551e27-dcdd-4dc1-8730-3eee73720388&ssp=triplelift&gdpr_consent=&gdpr=0
  • https://aa.agkn.com/adscores/g.pixel?sid=9212302828&puid=10594366285420205050&ssp=triplelift&gdpr=0&gdpr_consent=
  • https://odr.mookie1.com/t/v2?tagid=V2_785409&src.visitorId=212630604365010256035&ssp=triplelift&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=419&user_id=10594366285420205050&ssp=triplelift&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2409&xuid=7b5323bb-b935-48d8-9c26-c80be97a43e2&dongle=d3d3&gdpr=0&gdpr_consent=&gdpr_pd=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2409&xuid=7b5323bb-b935-48d8-9c26-c80be97a43e2&dongle=d3d3&gdpr=0&gdpr_consent=&gdpr_pd=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-type
image/gif
date
Wed, 14 Dec 2022 16:09:58 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location
//eb2.3lift.com/xuid?mid=2409&xuid=7b5323bb-b935-48d8-9c26-c80be97a43e2&dongle=d3d3&gdpr=0&gdpr_consent=&gdpr_pd=
Date
Wed, 14 Dec 2022 16:09:58 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
xuid
eb2.3lift.com/ Frame 6824
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/1250384648292139624446?gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-lkOQp0tE2oRTo2fbHMfRg4pid12e1ETgBu5oVCOz4Q--~A&dongle=0883
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2662&xuid=y-lkOQp0tE2oRTo2fbHMfRg4pid12e1ETgBu5oVCOz4Q--~A&dongle=0883
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-type
image/gif
date
Wed, 14 Dec 2022 16:09:58 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Wed, 14 Dec 2022 16:09:58 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://eb2.3lift.com/xuid?mid=2662&xuid=y-lkOQp0tE2oRTo2fbHMfRg4pid12e1ETgBu5oVCOz4Q--~A&dongle=0883
content-length
0
757c0557066e95cfd4c7
s.amazon-adsystem.com/x/ Frame 6824 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=0&gdpr_consent=&uid=1250384648292139624446
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers
c.gif
c.bing.com/ Frame 6824 		42 B
667 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bing.com/c.gif?xid=1250384648292139624446&Red3=TLMS_pd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 -, , ASN (),
Reverse DNS
Software
/ ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 16:09:57 GMT
last-modified
Tue, 13 Dec 2022 22:44:52 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 1DA30328A4D6457799A22B1F6EEA4AFF Ref B: YTO01EDGE0421 Ref C: 2022-12-14T16:09:58Z
etag
"8723e58344fd91:0"
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-type
image/gif
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42
xuid
eb2.3lift.com/ Frame 6824
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3335&xuid=1981009107925892549&dongle=4d58&gdpr=0&gdpr_consent=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3335&xuid=1981009107925892549&dongle=4d58&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-type
image/gif
date
Wed, 14 Dec 2022 16:09:58 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Pragma
no-cache
Date
Wed, 14 Dec 2022 16:09:58 GMT
AN-X-Request-Uuid
d79d94bd-23b5-4e71-87f2-2fa76489a86c
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://eb2.3lift.com/xuid?mid=3335&xuid=1981009107925892549&dongle=4d58&gdpr=0&gdpr_consent=
Connection
keep-alive
X-Proxy-Origin
149.56.153.178; 149.56.153.178; 806.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usync.html
eus.rubiconproject.com/ Frame 418F
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=33across&endpoint=us-east&us_privacy=
  • https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/v2?m=xch&rt=html&id=ahOcs-0hSr66bCaKj0P0Le&gdpr_consent=undefined&us_privacy=undefined&b=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.105.42.146 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-105-42-146.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://de.tynt.com/deb/v2?m=xch&rt=html&id=ahOcs-0hSr66bCaKj0P0Le&gdpr_consent=undefined&us_privacy=undefined&b=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 14 Dec 2022 16:09:58 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Wed, 14 Dec 2022 16:09:58 GMT
location
https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
server
AkamaiGHost
match
events-ssc.33across.com/ Frame EB4A
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=the33across&us_privacy=
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=the33across&bsw_param=7b5323bb-b935-48d8-9c26-c80be97a43e2&google_hm=N2I1MzIzYmItYjkzNS00OGQ4LTljMjYtYzgwYmU5N2E0...
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEARzBDXd_Cu5P5Tjv8vrnEM&google_cver=1&ssp=the33across&bsw_param=7b5323bb-b935-48d8-9c26-c80be97a43e2
  • https://ssc-cms.33across.com/ps/?xi=10&us_privacy=&xu=7b5323bb-b935-48d8-9c26-c80be97a43e2
  • https://events-ssc.33across.com/match?bidder_id=10&external_user_id=7b5323bb-b935-48d8-9c26-c80be97a43e2&ts=1671034198&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
126 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=10&external_user_id=7b5323bb-b935-48d8-9c26-c80be97a43e2&ts=1671034198&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/v2?m=xch&rt=html&id=ahOcs-0hSr66bCaKj0P0Le&gdpr_consent=undefined&us_privacy=undefined&b=1
Protocol
H2
Server
34.117.239.71 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://de.tynt.com/deb/v2?m=xch&rt=html&id=ahOcs-0hSr66bCaKj0P0Le&gdpr_consent=undefined&us_privacy=undefined&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 16:09:58 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Wed, 14 Dec 2022 16:09:58 GMT
referrer-policy
unsafe-url
server
33XP010
x-33x-status
8000000008200000C
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=10&external_user_id=7b5323bb-b935-48d8-9c26-c80be97a43e2&ts=1671034198&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
events-ssc.33across.com/ Frame EB4A
Redirect Chain
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1671034198221.3&ri=1&ru=https%3A%2F%2Fsync.mathtag.com%2Fsync%2Fimg%3Fus_privacy%3D%24%7BUS_PRIVACY%7D%26mt_exid%3D73%26redir%3Dhttps%253A%252F%252Fe...
  • https://sync.mathtag.com/sync/img?us_privacy=&mt_exid=73&redir=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D1%26external_user_id%3D%5BMM_UUID%5D
  • https://events-ssc.33across.com/match?liv=g&us_privacy=&bidder_id=1&external_user_id=06da6399-f551-4a00-926c-8d29a9ba9bf9
68 B
126 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?liv=g&us_privacy=&bidder_id=1&external_user_id=06da6399-f551-4a00-926c-8d29a9ba9bf9
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/v2?m=xch&rt=html&id=ahOcs-0hSr66bCaKj0P0Le&gdpr_consent=undefined&us_privacy=undefined&b=1
Protocol
H2
Server
34.117.239.71 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://de.tynt.com/deb/v2?m=xch&rt=html&id=ahOcs-0hSr66bCaKj0P0Le&gdpr_consent=undefined&us_privacy=undefined&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 16:09:58 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

Date
Wed, 14 Dec 2022 16:09:58 GMT
Server
MT3 180 1fd3e2d master ord-pixel-x50 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://events-ssc.33across.com/match?liv=g&us_privacy=&bidder_id=1&external_user_id=06da6399-f551-4a00-926c-8d29a9ba9bf9
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Wed, 14 Dec 2022 16:09:57 GMT
match
events-ssc.33across.com/ Frame EB4A
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58350/sync?redir=true
  • https://ssc-cms.33across.com/ps/?xi=99&us_privacy=&xu=y-mYNYk7pE2uFQ2xmI.1NglLg3Tq0eoqwL~A
  • https://events-ssc.33across.com/match?bidder_id=99&external_user_id=y-mYNYk7pE2uFQ2xmI.1NglLg3Tq0eoqwL%7EA&ts=1671034198&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
126 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=99&external_user_id=y-mYNYk7pE2uFQ2xmI.1NglLg3Tq0eoqwL%7EA&ts=1671034198&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/v2?m=xch&rt=html&id=ahOcs-0hSr66bCaKj0P0Le&gdpr_consent=undefined&us_privacy=undefined&b=1
Protocol
H2
Server
34.117.239.71 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://de.tynt.com/deb/v2?m=xch&rt=html&id=ahOcs-0hSr66bCaKj0P0Le&gdpr_consent=undefined&us_privacy=undefined&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 16:09:58 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Wed, 14 Dec 2022 16:09:58 GMT
referrer-policy
unsafe-url
server
33XP018
x-33x-status
8000000008200000C
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=99&external_user_id=y-mYNYk7pE2uFQ2xmI.1NglLg3Tq0eoqwL%7EA&ts=1671034198&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
events-ssc.33across.com/ Frame EB4A
Redirect Chain
  • https://33across-match.dotomi.com/match/bounce/current?networkId=78390&version=1&us_privacy=
  • https://ssc-cms.33across.com/ps?xi=64&xu=AQELLgBqvmfkuAIPy-PDAQEBAQE&expiration=1671120598&us_privacy=
  • https://events-ssc.33across.com/match?bidder_id=64&external_user_id=AQELLgBqvmfkuAIPy-PDAQEBAQE&ts=1671034198&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
126 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=64&external_user_id=AQELLgBqvmfkuAIPy-PDAQEBAQE&ts=1671034198&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/v2?m=xch&rt=html&id=ahOcs-0hSr66bCaKj0P0Le&gdpr_consent=undefined&us_privacy=undefined&b=1
Protocol
H2
Server
34.117.239.71 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://de.tynt.com/deb/v2?m=xch&rt=html&id=ahOcs-0hSr66bCaKj0P0Le&gdpr_consent=undefined&us_privacy=undefined&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 16:09:58 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Wed, 14 Dec 2022 16:09:58 GMT
referrer-policy
unsafe-url
server
33XP020
x-33x-status
8000000008200000C
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=64&external_user_id=AQELLgBqvmfkuAIPy-PDAQEBAQE&ts=1671034198&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
events-ssc.33across.com/ Frame EB4A
Redirect Chain
  • https://eb2.3lift.com/getuid?gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fus_privacy%3D%26xi%3D33%26xu%3D%24UID
  • https://ssc-cms.33across.com/ps/?us_privacy=&xi=33&xu=1250384648292139624446
  • https://events-ssc.33across.com/match?bidder_id=33&external_user_id=1250384648292139624446&ts=1671034198&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=33&external_user_id=1250384648292139624446&ts=1671034198&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/v2?m=xch&rt=html&id=ahOcs-0hSr66bCaKj0P0Le&gdpr_consent=undefined&us_privacy=undefined&b=1
Protocol
H2
Server
34.117.239.71 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://de.tynt.com/deb/v2?m=xch&rt=html&id=ahOcs-0hSr66bCaKj0P0Le&gdpr_consent=undefined&us_privacy=undefined&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 16:09:58 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Wed, 14 Dec 2022 16:09:58 GMT
referrer-policy
unsafe-url
server
33XP016
x-33x-status
8000000008200000C
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=33&external_user_id=1250384648292139624446&ts=1671034198&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
usync.js
eus.rubiconproject.com/ Frame 418F 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.105.42.146 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-105-42-146.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
43fc246a1a30bd53204d8e01df9cd7d9cde0cb23ce78506d12b54e4248d1f806

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Wed, 14 Dec 2022 16:09:58 GMT
Content-Encoding
gzip
Last-Modified
Wed, 14 Dec 2022 06:48:13 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=52677
Connection
keep-alive
Content-Length
10065
Expires
Thu, 15 Dec 2022 06:47:55 GMT
match
events-ssc.33across.com/ Frame 418F
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=33across&us_privacy=&gdpr_consent=undefined&gdpr=0&us_privacy=1---&khaos=LBNUM2RU-1L-EX1I
  • https://ssc-cms.33across.com/ps/?xi=1&xu=LBNUM2RU-1L-EX1I&gdpr=0&gdpr_consent=undefined
  • https://events-ssc.33across.com/match?bidder_id=30&external_user_id=LBNUM2RU-1L-EX1I&ts=1671034198&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=30&external_user_id=LBNUM2RU-1L-EX1I&ts=1671034198&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Protocol
H3
Server
34.117.239.71 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 16:09:59 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Wed, 14 Dec 2022 16:09:58 GMT
referrer-policy
unsafe-url
server
33XP002
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=30&external_user_id=LBNUM2RU-1L-EX1I&ts=1671034198&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
pixel
cm.g.doubleclick.net/
Redirect Chain
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=134&partneruserid=OB_OK&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmart_adserver_eb%26google_hm%3DSMART_USER_ID_...
  • https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_hm=OTEyNDk1MDc0ODU0MDY2ODM2Mw==&gdpr=0&gdpr_consent=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_hm=OTEyNDk1MDc0ODU0MDY2ODM2Mw==&gdpr=0&gdpr_consent=
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Server
142.251.41.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 16:09:59 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_hm=OTEyNDk1MDc0ODU0MDY2ODM2Mw==&gdpr=0&gdpr_consent=
pragma
no-cache
date
Wed, 14 Dec 2022 16:09:58 GMT
cache-control
no-cache,no-store
content-length
0
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
/
rtb-csync.smartadserver.com/redir/
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=39&redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D25%26partneruserid%3D%5BMM_UUID%5D&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=25&partneruserid=06da6399-f551-4a00-926c-8d29a9ba9bf9&gdpr=0&gdpr_consent=
43 B
528 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=25&partneruserid=06da6399-f551-4a00-926c-8d29a9ba9bf9&gdpr=0&gdpr_consent=
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
HTTP/1.1
Server
199.187.193.204 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 14 Dec 2022 16:09:59 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

Date
Wed, 14 Dec 2022 16:09:59 GMT
Server
MT3 180 1fd3e2d master ord-pixel-x4 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=25&partneruserid=06da6399-f551-4a00-926c-8d29a9ba9bf9&gdpr=0&gdpr_consent=
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Wed, 14 Dec 2022 16:09:58 GMT
v1
match.sharethrough.com/sync/
Redirect Chain
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=139&partneruserid=0&redirurl=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3D98KUz37ype9D3X2sf9ovgeTt%26source_user_id%3DS...
  • https://match.sharethrough.com/sync/v1?source_id=98KUz37ype9D3X2sf9ovgeTt&source_user_id=9124950748540668363&gdpr=0&gdpr_consent=
68 B
280 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=98KUz37ype9D3X2sf9ovgeTt&source_user_id=9124950748540668363&gdpr=0&gdpr_consent=
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Server
35.173.157.165 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-173-157-165.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 16:09:59 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

location
https://match.sharethrough.com/sync/v1?source_id=98KUz37ype9D3X2sf9ovgeTt&source_user_id=9124950748540668363&gdpr=0&gdpr_consent=
pragma
no-cache
date
Wed, 14 Dec 2022 16:09:58 GMT
cache-control
no-cache,no-store
content-length
0
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
/
rtb-csync.smartadserver.com/redir/
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/gjIEMT18?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D94%26partneruserid%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=94&partneruserid=Y5n1UAAD-IvXyAAp&gdpr=0&gdpr_consent=
43 B
508 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=94&partneruserid=Y5n1UAAD-IvXyAAp&gdpr=0&gdpr_consent=
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
HTTP/1.1
Server
199.187.193.204 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 14 Dec 2022 16:09:58 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

x-served-by
cache-yul12833-YUL
pragma
no-cache
date
Wed, 14 Dec 2022 16:09:59 GMT
via
1.1 varnish
server
Varnish
x-timer
S1671034200.589607,VS0,VE0
x-cache
HIT
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=94&partneruserid=Y5n1UAAD-IvXyAAp&gdpr=0&gdpr_consent=
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
smartadserver
cs.admanmedia.com/sync/ 		0
0
PugMaster
image6.pubmatic.com/AdServer/ Frame A8FE 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=4178633&p=109126&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.81 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
6245ad6cbfa982ce86918b146205d677a52c7f2723255e35afffb7f997c95c99

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Wed, 14 Dec 2022 16:09:59 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
match
c1.adform.net/serving/cookie/ Frame 8CB6 		35 B
467 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?party=14&cid=A4AEF537-FE6F-4C13-8C83-341BA583EED8&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.167.164.49 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Wed, 14 Dec 2022 16:09:59 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame C3DE
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
42 B
95 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 14 Dec 2022 16:09:58 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

cache-control
no-cache
content-length
0
cross-origin-resource-policy
cross-origin
date
Wed, 14 Dec 2022 16:09:58 GMT
expires
Wed, 14 Dec 2022 00:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
6165957
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
Pug
image2.pubmatic.com/AdServer/ Frame 7ACE
Redirect Chain
  • https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw&piggybackCookie=di_0911f15f9cf946e793d50
42 B
278 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw&piggybackCookie=di_0911f15f9cf946e793d50
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 14 Dec 2022 16:09:59 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
content-type
image/gif
date
Wed, 14 Dec 2022 16:09:58 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw&piggybackCookie=di_0911f15f9cf946e793d50
p3p
policyref='http://cdn.deepintent.com/p3p.xml', CP='NON CUR DEV TAI'
server
c
Pug
image2.pubmatic.com/AdServer/ Frame 9D46
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=w4KHY5OEi2rYh4ZrxYKTapSG2zzYgo4-x4PSpyxs
42 B
340 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=w4KHY5OEi2rYh4ZrxYKTapSG2zzYgo4-x4PSpyxs
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 14 Dec 2022 16:09:59 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
date
Wed, 14 Dec 2022 16:09:59 GMT
expires
Fri, 04 Aug 1978 12:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=w4KHY5OEi2rYh4ZrxYKTapSG2zzYgo4-x4PSpyxs
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma
no-cache
strict-transport-security
max-age=86400
Pug
simage2.pubmatic.com/AdServer/ Frame 798A
Redirect Chain
  • https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
  • https://cm.adgrx.com/bridge.gif?AG_PID=pubmatic&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=c264b1de-7bc9-11ed-a828-3609417223ba
42 B
243 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=c264b1de-7bc9-11ed-a828-3609417223ba
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 14 Dec 2022 16:09:59 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
content-length
0
content-type
image/gif
date
Wed, 14 Dec 2022 16:09:59 GMT
expires
Thu, 23 Sep 2004 17:42:04 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=c264b1de-7bc9-11ed-a828-3609417223ba
p3p
CP="NOI OTC OTP OUR NOR"
pragma
no-cache
server
Cowboy
x-realserver-nx
lga-delivery-6
Pug
simage2.pubmatic.com/AdServer/ Frame 604C
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=WHLlBE6uTaJQmgHiIBBCPZU4mbI
42 B
380 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=WHLlBE6uTaJQmgHiIBBCPZU4mbI
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 14 Dec 2022 16:09:59 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
159
Content-Type
text/html; charset=utf-8
Date
Wed, 14 Dec 2022 16:09:59 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=WHLlBE6uTaJQmgHiIBBCPZU4mbI
i.match
s.tribalfusion.com/z/ Frame E041
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...
43 B
439 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:19ad -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
77983505adbbecfa-YUL
content-length
43
content-type
image/gif; charset=utf-8
date
Wed, 14 Dec 2022 16:10:00 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
302

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
77983504dc98ecfa-YUL
content-type
text/html
date
Wed, 14 Dec 2022 16:09:59 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
206
x-reuse-index
5248
Pug
simage2.pubmatic.com/AdServer/ Frame C765
Redirect Chain
  • https://ums.acuityplatform.com/tum?umid=6
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=720184224890
42 B
208 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=720184224890
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 14 Dec 2022 16:09:59 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Content-Length
0
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=720184224890
Pug
simage2.pubmatic.com/AdServer/ Frame A232
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:l7LKkdlB1P5ukv5&gdpr=0&gdpr_consent=
42 B
345 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:l7LKkdlB1P5ukv5&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 14 Dec 2022 16:09:59 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Date
Wed, 14 Dec 2022 16:09:59 GMT
Expires
Fri, 01 Jan 1990 00:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:l7LKkdlB1P5ukv5&gdpr=0&gdpr_consent=
Pragma
no-cache
Server
PingMatch/595ea14#595ea1444a96c0bdac4aa333a73d7028cf966fc7 i-009092e089c0885aa@us-east-1d@dxedge-app-us-east-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
sync
x.bidswitch.net/ Frame 2BD1
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-3c49f9d5-efde-48bf-9333-85d620ba79bc-005&rndcb=6503377067
0
0
Pug
simage2.pubmatic.com/AdServer/ Frame BF59
Redirect Chain
  • https://ad.mrtnsvr.com/sync/pubmatic
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=hUBXFPxtp
42 B
207 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=hUBXFPxtp
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 14 Dec 2022 16:09:59 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
141
content-type
text/html; charset=utf-8
date
Wed, 14 Dec 2022 16:09:59 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=hUBXFPxtp
vary
Origin
via
1.1 google
/
csync.loopme.me/ Frame 71A4 		0
0
Pug
simage2.pubmatic.com/AdServer/ Frame 3D3A
Redirect Chain
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=6feb1287-f053-4db3-ad86-95b45ce03a78&r=https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=$...
568 B
642 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=6feb1287-f053-4db3-ad86-95b45ce03a78&r=https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
7921a6035cc8a0981a5dee737dd3d29b150ddd48407717d3fca4b6376f2b0e70

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

content-length
568
content-type
text/html; charset=UTF-8
date
Wed, 14 Dec 2022 16:09:58 GMT
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
0
Date
Wed, 14 Dec 2022 16:09:59 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=6feb1287-f053-4db3-ad86-95b45ce03a78&r=https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=${PUBMATIC_UID}
Server
Kestrel
Pug
simage2.pubmatic.com/AdServer/ Frame CE06
Redirect Chain
  • https://px.owneriq.net/epm?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=$UID
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fsimage2.pubmatic.com%2fAdServer%2fPug%3fvcode%3dbz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw%26piggybackCookie%3dQ7243205991984157157&uid=Q724320599198415...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7243205991984157157
568 B
642 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7243205991984157157
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
7921a6035cc8a0981a5dee737dd3d29b150ddd48407717d3fca4b6376f2b0e70

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

content-length
568
content-type
text/html; charset=UTF-8
date
Wed, 14 Dec 2022 16:09:59 GMT
server
nginx

Redirect headers

Cache-Control
max-age=31089
Connection
keep-alive
Content-Length
154
Content-Type
text/html
Date
Wed, 14 Dec 2022 16:09:59 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7243205991984157157
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
Apache/2.4.6 (CentOS)
Vary
Accept-Encoding
X-Powered-By
PHP/7.3.33
pubmatic
gocm.c.appier.net/ Frame 8E6B 		0
0
pub
matching.truffle.bid/sync/ Frame A1BF 		0
0
cm
ipac.ctnsnet.com/int/ Frame 7A08 		43 B
369 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.193.173 -, , ASN (),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
43
content-type
image/gif
date
Wed, 14 Dec 2022 16:09:59 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
CP="NOI DSP COR NID CUR OUR NOR"
pragma
no-cache
server
Apache-Coyote/1.1
via
1.1 google
cookiesync
core.iprom.net/ Frame 2A5E 		0
0
Pug
image2.pubmatic.com/AdServer/ Frame 9B01
Redirect Chain
  • https://mweb.ck.inmobi.com/sync/15?redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA%3D%3D%26piggybackCookie%3D%24DSP_CKID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA==&piggybackCookie=63240202-9f70-46b2-8343-02c6696d9969
1 B
72 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA==&piggybackCookie=63240202-9f70-46b2-8343-02c6696d9969
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Wed, 14 Dec 2022 16:09:59 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
date
Wed, 14 Dec 2022 16:09:59 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA==&piggybackCookie=63240202-9f70-46b2-8343-02c6696d9969
strict-transport-security
max-age=15724800; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame 0677
Redirect Chain
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:17BD8B118D044169A1A34790A1D678EB&gdpr=0&gdpr_consent=
1 B
72 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:17BD8B118D044169A1A34790A1D678EB&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Wed, 14 Dec 2022 16:09:59 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
content-length
142
content-type
text/html
date
Wed, 14 Dec 2022 16:09:59 GMT
expires
Tue, 13 Dec 2022 16:09:59 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:17BD8B118D044169A1A34790A1D678EB&gdpr=0&gdpr_consent=
server
openresty
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
Artemis
aud.pubmatic.com/AdServer/ Frame A8FE
Redirect Chain
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=A4AEF537-FE6F-4C13-8C83-341BA583EED8&gdpr=
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=A4AEF537-FE6F-4C13-8C83-341BA583EED8&gdpr=&fbounce=1
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=A4AEF537-FE6F-4C13-8C83-341BA583EED8&addseg=10,33,39
0
0
/
pixel.onaudience.com/ Frame A8FE 		0
0
SPug
image4.pubmatic.com/AdServer/ Frame A8FE
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=06da6399-f551-4a00-926c-8d29a9ba9bf9
0
128 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=06da6399-f551-4a00-926c-8d29a9ba9bf9
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Server
8.28.7.84 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 16:09:59 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Wed, 14 Dec 2022 16:09:59 GMT
Server
MT3 180 1fd3e2d master ord-pixel-x55 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=06da6399-f551-4a00-926c-8d29a9ba9bf9
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Wed, 14 Dec 2022 16:09:58 GMT
cs
a.usbrowserspeed.com/ Frame A8FE
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://a.clickcertain.com/px/img/bidswitch/?bidswitch_ssp_id=pubmatic&bs_uid=7b5323bb-b935-48d8-9c26-c80be97a43e2
  • https://a.usbrowserspeed.com/cs?puid=4b0d9783-8471-5573-8768-cd7fb94aa89c&pid=lc&r=https%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2fimg%2fbidswitch%2f%3fdone%3dtrue%26bidswitch_ssp_id%3dpubmatic
0
0
Pug
image2.pubmatic.com/AdServer/ Frame A8FE
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=91d45063-b98e-4447-b436-7865e3b30670-6399f557-4341&gdpr=0&gdpr_consent=
42 B
312 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=91d45063-b98e-4447-b436-7865e3b30670-6399f557-4341&gdpr=0&gdpr_consent=
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Wed, 14 Dec 2022 16:09:59 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 14 Dec 2022 16:09:59 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=91d45063-b98e-4447-b436-7865e3b30670-6399f557-4341&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame A8FE
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=2517055552523061229
42 B
218 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=2517055552523061229
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Wed, 14 Dec 2022 16:09:59 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 14 Dec 2022 16:09:59 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=2517055552523061229
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
Pug
simage2.pubmatic.com/AdServer/ Frame A8FE
Redirect Chain
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=1981009107925892549
42 B
100 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=1981009107925892549
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Wed, 14 Dec 2022 16:09:58 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Wed, 14 Dec 2022 16:09:59 GMT
AN-X-Request-Uuid
f9b36ccc-cf5d-4dfd-8cca-7ddd4dae68ee
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=1981009107925892549
Connection
keep-alive
X-Proxy-Origin
149.56.153.178; 149.56.153.178; 564.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
pubmaticmatch
match.adsby.bidtheatre.com/ Frame A8FE 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
certify.alexametrics.com
URL
https://certify.alexametrics.com/atrk.gif?frame_height=1200&frame_width=1600&iframe=0&title=Movie%20News%2C%20Gaming%20News%2C%20Blu-Ray%20News%2C%20Music%20News%2C%20and%20TV%20News%20%7C%20We%20Got%20This%20Covered&time=1671034191325&time_zone_offset=0&screen_params=1600x1200x24&java_enabled=0&cookie_enabled=1&ref_url=&host_url=https%3A%2F%2Fwegotthiscovered.com%2F&random_number=13613140152&sess_cookie=7d97f07a18511663ddc66430a4e&sess_cookie_flag=1&user_cookie=7d97f07a18511663ddc66430a4e&user_cookie_flag=1&dynamic=true&domain=wegotthiscovered.com&account=FMu/w1hNdI20fn&jsv=20130128&user_lang=en-US
Domain
live.primis.tech
URL
https://live.primis.tech/live/liveView.php?s=108034&cbuster=%%CACHEBUSTER%%&playerApiId=primisPlayer
Domain
cs.admanmedia.com
URL
https://cs.admanmedia.com/sync/smartadserver?us_privacy=&coppa=&gdpr=0&gdpr_consent=
Domain
x.bidswitch.net
URL
https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-3c49f9d5-efde-48bf-9333-85d620ba79bc-005&rndcb=6503377067
Domain
csync.loopme.me
URL
https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
Domain
gocm.c.appier.net
URL
https://gocm.c.appier.net/pubmatic
Domain
matching.truffle.bid
URL
https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Domain
core.iprom.net
URL
https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Domain
aud.pubmatic.com
URL
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=A4AEF537-FE6F-4C13-8C83-341BA583EED8&addseg=10,33,39
Domain
pixel.onaudience.com
URL
https://pixel.onaudience.com/?partner=214&mapped=A4AEF537-FE6F-4C13-8C83-341BA583EED8&gdpr=0&gdpr_consent=
Domain
a.usbrowserspeed.com
URL
https://a.usbrowserspeed.com/cs?puid=4b0d9783-8471-5573-8768-cd7fb94aa89c&pid=lc&r=https%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2fimg%2fbidswitch%2f%3fdone%3dtrue%26bidswitch_ssp_id%3dpubmatic
Domain
match.adsby.bidtheatre.com
URL
https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=

Verdicts & Comments Add Verdict or Comment

386 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| oncontentvisibilityautostatechange string| ANDROID string| BLACKBERRY string| IPAD string| IPHONE string| IPOD string| MOBILE string| NOKIA string| SYMBIAN string| WINDOWS_PHONE string| WINDOWS string| MAC string| LINUX string| OTHER object| MOBILE_ARRAY object| DESKTOP_ARRAY function| getDeviceType function| isDesktopDevice function| is_mobile string| gtm4wp_datalayer_name object| dataLayer function| Swiper undefined| $ function| jQuery object| wpp_params object| WordPressPopularPosts object| _sf_async_config object| GlobalSnowplowNamespace function| snowplow object| dataLayer_content object| special_ops object| propertag function| gtag object| _comscore object| _atrk_opts function| fbq function| _fbq function| admiral object| googletag function| __tcfapi function| __uspapi boolean| haveWeGotAds object| WGTCADS number| postBottom object| $sidebar object| $topStickySideAnchor object| $topStickySideContainer object| $topStickySideUnits object| $stickySideAnchor object| $stickySideContainer object| $stickySideUnits function| addStickySidebar boolean| _add_1 boolean| _end_1 boolean| _finish_1 object| infiniteScroll object| hurrytimer_ajax_object function| getArticle function| getArticlePage function| _createForOfIteratorHelper function| _unsupportedIterableToArray function| _arrayLikeToArray function| _classCallCheck function| _defineProperties function| _createClass function| HurrytimerAction function| _typeof function| HurrytimerCampaign number| square_loaded number| top_loaded number| fullscreen number| delay string| hash boolean| gallery_square_ad_ready boolean| gallery_banner_ad_ready boolean| hover_loaded function| load_gallery_square_ad function| load_gallery_banner_ad function| unload_gallery_ads function| EvEmitter function| imagesLoaded function| wgtcLoadGallery object| Cookies object| _stq function| popup undefined| newsletterCookieValue string| string object| myPopup object| webVitals object| __bt_tag_d object| __bt_tag_am object| __bt_intrnl object| _cb_shared object| pSUPERFLY_mab object| _cbq object| pSUPERFLY object| google_tag_manager object| Modernizr string| ggv2id function| get_real_link object| __SKIM_JS_GLOBAL__ object| skimlinksAPI object| google_tag_data string| GoogleAnalyticsObject function| ga function| st_go function| linktracker_init object| wpcom object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_reactive_ads_global_state object| adsbygoogle boolean| _gfp_a_ object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter object| FB object| __cfBeacon string| google_user_agent_client_hint function| clarity object| COMSCORE function| udm_ function| atrk boolean| _atrk_fired number| topLimit object| carouselSlider object| properSpecialOps boolean| payload_loaded function| 4dm1r11545242527 object| AMP object| ns_p object| _cbm function| onYouTubeIframeAPIReady object| gaGlobal object| webpackChunkad_manager object| vmpbjs object| _pbjsGlobals number| __VM_COUNT function| $___render object| ADAGIO string| nobidVersion object| nobid function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ object| google_image_requests function| processGoogleToken number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| gaplugins object| gaData object| __buffer object| __VM object| _taboola object| gtmDataLayer object| google_optimize object| _0x1ac4 function| _0x2ad4 function| _0x32639f object| ProperMedia object| _qevents function| proper_log function| proper_debug_console function| proper_debug_overlay function| proper_display function| proper_render function| disableSlotRefresh function| logMatchingResponse function| properSpaNewPage function| properSpaNewSection function| properSpaNewPageView function| properSpaNewPageReset function| properInfNewPage function| properBuildSlots function| properDeleteSlot function| properDestroyDfpSlot function| proper_remnant function| runATS function| publisherAudiencesOptOut function| refreshAuctionAndSlotsByName object| TraceKit function| UAParser object| properStorage string| PBJS_USER_ID_OPTOUT_NAME object| device string| PUB_COMMON string| EXP_SUFFIX string| COOKIE string| LOCAL_STORAGE string| MODULE_NAME number| GVLID object| amazon_crid_map number| accountId number| alias_accountId string| proper_ad_page_uuid object| apstag object| link1 object| link2 function| proper_cbe5e8fd_3de5b774_1 function| proper_70a75f16_2e7d06f8_2 function| proper_f8f25056_9af1d7ff_3 number| proper_rps string| proper_ad_session_uuid object| propervideotag string| x object| userId string| placementId object| Criteo function| quantserve function| __qc object| ezt object| _qoptions boolean| apstagLOADED object| ProperMediaVideo function| propervideo_log function| propervideo_display object| ats object| TRC object| _tblConsole undefined| msg object| lotame_sync_16576 function| __trcCopyProps function| __trcFromError function| __trcClientTimestamp function| __trcLog function| __trcError function| __trcDebug function| __trcInfo function| __trcWarn function| __trcWarnUsingBeacon function| __trcDOMWalker function| __trcJSONify function| __trcUnJSONify function| __trcTrim function| __trcGetElementsByClass function| __trcToArray function| __trcObjectCreate function| PageManager function| addHashParam number| trc_debug_level string| trc_article_id object| TRCImpl number| taboola_view_id object| placementData function| lotameIsCompatible function| sync16576_ba function| sync16576_b undefined| sync16576_c undefined| sync16576_ca undefined| sync16576_d function| sync16576_e object| sync16576_g function| sync16576_da function| sync16576_ea object| sync16576_ object| sync16576_ha object| sync16576_o object| sync16576_ta object| sync16576_K function| sync16576_aa function| sync16576_a function| sync16576_f function| sync16576_h function| sync16576_i function| sync16576_j function| sync16576_k function| sync16576_ga function| sync16576_fa function| sync16576_l function| sync16576_m function| sync16576_n function| sync16576_p function| sync16576_ia function| sync16576_ja function| sync16576_r function| sync16576_ka function| sync16576_s function| sync16576_t function| sync16576_q function| sync16576_u function| sync16576_la function| sync16576_v function| sync16576_w function| sync16576_x function| sync16576_y function| sync16576_z function| sync16576_A function| sync16576_B function| sync16576_D function| sync16576_E function| sync16576_F function| sync16576_C function| sync16576_ma function| sync16576_G function| sync16576_H function| sync16576_na function| sync16576_oa function| sync16576_I function| sync16576_J function| sync16576_pa function| sync16576_qa function| sync16576_ra function| sync16576_sa function| sync16576_L function| sync16576_M function| sync16576_N function| sync16576_O function| sync16576_P function| sync16576_Q function| sync16576_R function| sync16576_S function| sync16576_T function| sync16576_U function| sync16576_V function| sync16576_W function| sync16576_Z function| sync16576_X function| sync16576__ function| sync16576_Y function| sync16576_0 function| sync16576_1 function| sync16576_2 function| sync16576_3 function| sync16576_8 function| sync16576_ua function| sync16576_4 function| sync16576_6 function| sync16576_va function| sync16576_wa function| sync16576_9 function| sync16576_7 function| sync16576_5 function| sync16576_xa function| sync16576_ya function| sync16576_za function| sync16576_Aa function| sync16576_$ function| sync16576_Ba function| sync16576_Ca function| sync16576_Da function| sync16576_Ea function| setImmediate function| clearImmediate object| ID5 object| PublisherCommonId object| criteo_syncframe_state object| criteo_pubtag object| criteo_pubtag_prebid_130 object| Criteo_prebid_130 object| CleverCore boolean| CleverCoreLoaded object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| ebData

202 Cookies

Domain/Path Name / Value
.taboola.com/skimlinks-publishers/ Name: taboola_session_id
Value: v2_1de7a789d6f036f8b90d3d1caa1e752d_a3e0988e-1f42-483f-bead-3fa183d011e7-tucta937ad0_1671034192_1671034192_CNawjgYQsJRZGKqEmYvRMCABKAEwJjiJ6AdA6vUHSKfL2QNQrswHWABgAGiQ8oHT17O4ql1wAQ
.3lift.com/sync Name: sync
Value: CgoIoQEQ0rCZi9EwCgoIgQIQ0rCZi9EwCgoI4gEQ0rCZi9EwCgoI5gEQ0rCZi9EwCgoIhwIQ0rCZi9EwCgkICRDSsJmL0TAKCQg6ENKwmYvRMAoKCIwCENKwmYvRMAoJCF8Q0rCZi9EwCgkIHxDSsJmL0TA=
i.liadm.com/s Name: _li_ss
Value: MgUIBhD6Ew
wegotthiscovered.com/ Name: newsletter-popup
Value: 2
.wegotthiscovered.com/ Name: _cb
Value: xaEJ5DtKnkmCYvtmh
.wegotthiscovered.com/ Name: _chartbeat2
Value: .1671034191278.1671034191278.1.B_5yDWB23t61BtJhFvcBdNoBuHnja.1
.wegotthiscovered.com/ Name: _cb_svref
Value: null
.wegotthiscovered.com/ Name: __asc
Value: 7d97f07a18511663ddc66430a4e
.wegotthiscovered.com/ Name: __auc
Value: 7d97f07a18511663ddc66430a4e
.wegotthiscovered.com/ Name: usprivacy
Value: 1---
www.clarity.ms/ Name: CLID
Value: 4efc1dc4f2694da1906e6e39c1d39bd0.20221214.20231214
.scorecardresearch.com/ Name: UID
Value: 17F131f57e26f8e9597e5621671034191
.wegotthiscovered.com/ Name: _ga_VRDHJCSX1H
Value: GS1.1.1671034191.1.0.1671034191.60.0.0
.wegotthiscovered.com/ Name: _ga
Value: GA1.2.424637361.1671034192
.wegotthiscovered.com/ Name: _gid
Value: GA1.2.160960581.1671034192
.wegotthiscovered.com/ Name: _gat_gtag_UA_17178859_1
Value: 1
.wegotthiscovered.com/ Name: _fbp
Value: fb.1.1671034191897.1940044330
cdn.taboola.com/ Name: abLdr
Value: 31
wegotthiscovered.com/ Name: _lr_retry_request
Value: true
wegotthiscovered.com/ Name: _lr_env_src_ats
Value: false
.lijit.com/ Name: ljt_reader
Value: F0MJZRZHbpf7bCPATJW_DVk3
wegotthiscovered.com/ Name: _sp_ses.1618
Value: *
.prebid.a-mo.net/ Name: _sv3_2
Value: 1
.a-mo.net/ Name: amuid2
Value: 2c379494-1969-40d4-bfd5-8fbd6da4c741
.prebid.a-mo.net/ Name: sd_amuid2
Value: 2c379494-1969-40d4-bfd5-8fbd6da4c741
wegotthiscovered.com/ Name: _sp_id.1618
Value: 94a9f6e0-1f2c-4a80-9769-d74c4542cf1e.1671034192.1.1671034192..cd04febe-e078-4e21-b53a-8bbf58040b85..b5c6f39d-ff58-43c3-b8c2-99a04864cf5d.1671034192048.1
.bidswitch.net/ Name: tuuid
Value: 7b5323bb-b935-48d8-9c26-c80be97a43e2
.bidswitch.net/ Name: c
Value: 1671034192
.bidswitch.net/ Name: tuuid_lu
Value: 1671034192
.doubleclick.net/ Name: IDE
Value: AHWqTUn5nxjaMAs0LZ22T5Hp8pPqo4OHCarcimFFJq5dEm07_35TZH8JcXJrcjFq_BU
.lijit.com/ Name: _ljtrtb_263069
Value: b11784ec-3e01-4aa3-93d1-ad5261985a8a
.openx.net/ Name: i
Value: b11784ec-3e01-4aa3-93d1-ad5261985a8a|1671034192
.wegotthiscovered.com/ Name: __gpi
Value: UID=000008d3fb633253:T=1671034191:RT=1671034191:S=ALNI_MZub_YG3unlQP5DLhwp0AxGApWv1g
.spotxchange.com/ Name: audience
Value: bdd72c51-7bc9-11ed-bd94-1fcd69590003
.wegotthiscovered.com/ Name: _sp_cookie
Value: b0554a40-2d88-4fa8-844f-e47262517f6e
.gumgum.com/ Name: cs
Value: true
.gumgum.com/ Name: loc
Value: OkD6KCdmh_BQUvb_UV4sfwVbbCcZSoDbg46fY9BL6n66HBs9VsZZfbyEEstj6rZa4hNJeODTsrRyrpDalL1a_rdRipBZ-W2arPu1ZvSLcHEqa9jqS-Y2Xw
.go.sonobi.com/ Name: __uis
Value: dab1d30c-63ac-4954-8a7d-b1d1c4b75e7b
.go.sonobi.com/ Name: _usd_wegotthiscovered.com
Value: 219e516a-56e5-46bf-9bd9-a42a610d6a86
.go.sonobi.com/ Name: HAPLB8A
Value: s85186|Y5n1U
.dotomi.com/ Name: DotomiUser
Value: 733806826569000377$3$248177346$$1
.gumgum.com/ Name: vst
Value: u_7ccab554-a39a-4127-bf74-eada98538b7c
.smartadserver.com/ Name: pbw
Value: %24b%3d16999%3b%24o%3d11100
.smartadserver.com/ Name: vs
Value: 519499=5233929
.smartadserver.com/ Name: TestIfCookie
Value: ok
.smartadserver.com/ Name: TestIfCookieP
Value: ok
.smartadserver.com/ Name: sasd
Value: %24qc%3D1308948106%3B%24ql%3DHigh%3B%24qpc%3D28700%3B%24qt%3D124_1509_77271t%3B%24dma%3D0
.casalemedia.com/ Name: CMID
Value: Y5n1UI-ukMrIm6KlMC8NBQAA
.casalemedia.com/ Name: CMPS
Value: 097
.casalemedia.com/ Name: CMPRO
Value: 097
.wegotthiscovered.com/ Name: _clck
Value: 1nc446d|1|f7e|0
.teads.tv/ Name: tt_viewer
Value: af9a0825-6181-4ab6-a04e-59b01a3d38aa
.smartadserver.com/ Name: pid
Value: 9124950748540668363
.smartadserver.com/ Name: sasd2
Value: q=%24qc%3D1308948106%3B%24ql%3DHigh%3B%24qpc%3D28700%3B%24qt%3D124_1509_77271t%3B%24dma%3D0&c=1&l=1501522464&lo=384595258&lt=638066309922414605&o=1
.wegotthiscovered.com/ Name: _awl
Value: 2.1671034192.0.5-e1d232a60eefcbc3d2a08392388ddf35-6763652d75732d6561737431-0
.yahoo.com/ Name: A3
Value: d=AQABBFD1mWMCEARUSGKEpuS9lZC83pvGyeUFEgEBAQFGm2OjYwAAAAAA_eMAAA&S=AQAAAtyM1YVoCXSr6XotZEJUa28
.quantserve.com/ Name: mc
Value: 6399f550-68103-0a7ef-30d22
wegotthiscovered.com/ Name: _lr_geo_location
Value: CA
.adnxs.com/ Name: icu
Value: ChgIt-19EAoYASABKAEw0OrnnAY4AUABSAEQ0OrnnAYYAA..
.adnxs.com/ Name: uuid2
Value: 1981009107925892549
.taboola.com/ Name: t_gid
Value: a3e0988e-1f42-483f-bead-3fa183d011e7-tucta937ad0
.wegotthiscovered.com/ Name: __qca
Value: P0-1996995736-1671034192237
wegotthiscovered.com/ Name: trc_cookie_storage
Value: taboola%2520global%253Auser-id%3Da3e0988e-1f42-483f-bead-3fa183d011e7-tucta937ad0
.proper.io/ Name: sovrn
Value: F0MJZRZHbpf7bCPATJW_DVk3
.proper.io/ Name: mediagrid
Value: 7b5323bb-b935-48d8-9c26-c80be97a43e2
.prebid.a-mo.net/ Name: _sv3_8
Value: 1
.wegotthiscovered.com/ Name: _clsk
Value: k5ehla|1671034192524|1|0|b.clarity.ms/collect
.rubiconproject.com/ Name: khaos
Value: LBNUM2RU-1L-EX1I
.crwdcntrl.net/ Name: _cc_dc
Value: 0
.crwdcntrl.net/ Name: _cc_id
Value: 8f1cb1c8ef353679f12635c21c7789ad
.wegotthiscovered.com/ Name: _cc_id
Value: 8f1cb1c8ef353679f12635c21c7789ad
.wegotthiscovered.com/ Name: panoramaId_expiry
Value: 1671638992592
.wegotthiscovered.com/ Name: panoramaId
Value: 027bd8e50444fd3ea3011bd65e5b16d5393806ba4b7c0639353e2ddd2a058c35
.amazon-adsystem.com/ Name: ad-id
Value: AzXYAJkBcEGmvqJTjpvZolM
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.lijit.com/ Name: ljtrtbexp
Value: eJyrVrIwULIyNDM3MjIxNrc00lEyNbQwRxMxQ%2BUbQfiGBubmxiC%2BiTGyfC0AvmMQzQ%3D%3D
.quantserve.com/ Name: d
Value: EGsBDQHnJ9-owQA
.contextweb.com/ Name: V
Value: 27cPaxkCOrgI
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: c2568db091a8d71d
.3lift.com/ Name: tluid
Value: 1250384648292139624446
.smaato.net/ Name: SCM
Value: 42595f74
.smaato.net/ Name: SCMaps
Value: 42595f74
.sharethrough.com/ Name: stx_user_id
Value: ac15e60e-659d-4e84-9964-4aac17101b91
.zemanta.com/ Name: zuid
Value: mTbM_PDZkUnOk2sN-Eq5
.lijit.com/ Name: _ljtrtb_43
Value: IIxyAHCKfgk7iXMIJoxmCXeILl87jHtdJI2FrXbg
.yieldmo.com/ Name: yieldmo_id
Value: g207b11377a8a9056498%7C1671034192802%7C0%7C
.media.net/ Name: visitor-id
Value: 3140357921454604000V10
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSsjQ3MDY0MTMGQlMjI1NjY3MhPkNdp_xUl3CfqvDC0pRcAF-pmV4kAAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSsjQ3MDY0MTMGQlMjI1NjY3MhPkNdp_xUl3CfqvDC0pRcAF-pmV4kAAAA
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_1vFwmtoZm5oYGxiaGlkaWgJAGIYXzsQAAAA
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~Y5n1UAAD-IvXyAAp
.technoratimedia.com/ Name: tads_uid
Value: 4D3DF0D7BAC9425DB7F50065A2D4D6E6
.technoratimedia.com/ Name: tads_uid_cd
Value: 20221214160952+0000
.technoratimedia.com/ Name: tads_zora
Value: 2
.adform.net/ Name: C
Value: 1
.ipredictive.com/ Name: cu
Value: afa8db5b-44ca-4d73-8160-48f9204a24d4|1671034192943
beacon.lynx.cognitivlabs.com/ Name: UID
Value: 6feb1287-f053-4db3-ad86-95b45ce03a78
beacon.lynx.cognitivlabs.com/ Name: ss
Value: 1%2BdywCDO4UJRSIKbBqoRZ4ZuXD3dSu6ONnu8QOfTGpKcy5UihViT5jTaSibVrRIYnAKJTilkbXKcYu5M5GGWmg%3D%3D
.adform.net/ Name: uid
Value: 2517055552523061229
.outbrain.com/ Name: obuid
Value: 95a8c67a-5805-4376-850e-13467d10cb0e
.adsrvr.org/ Name: TDID
Value: 93c076c2-e894-440e-8e6d-f5adaa53e805
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-5872e504-4eae-4da2-509a-01e22010423d.yFaLRBMzrrcHuDivBThF%2BGDVq7J5N0clXJh%2BO5aZSbc
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AWHLlBE6uTaJQmgHiIBBCPZU4mbI.pvqm611z8dSlSRTwYfrtoS%2BV6ykD%2BqxngGhwY5oFUDg
.lijit.com/ Name: _ljtrtb_80
Value: LBNUM2RU-1L-EX1I
.mathtag.com/ Name: uuid
Value: 06da6399-f551-4a00-926c-8d29a9ba9bf9
.casalemedia.com/ Name: CMTS
Value: 3853
.emxdgt.com/ Name: uid
Value: 53561671034192977898b4
.lijit.com/ Name: _ljtrtb_26
Value: 7b5323bb-b935-48d8-9c26-c80be97a43e2
.pubmatic.com/ Name: KADUSERCOOKIE
Value: A4AEF537-FE6F-4C13-8C83-341BA583EED8
.csync.loopme.me/ Name: viewer_token
Value: ed49b2e6-f8c1-4c12-a691-e3917b81df89
.mfadsrvr.com/ Name: tuuid
Value: 444423ab-625a-4b88-8a2d-0db6b44631cc
.mfadsrvr.com/ Name: c
Value: 1671034193
.mfadsrvr.com/ Name: tuuid_lu
Value: 1671034193
.ads.yieldmo.com/ Name: ptran
Value: 1981009107925892549
.ads.yieldmo.com/ Name: ptrstk
Value: WHLlBE6uTaJQmgHiIBBCPZU4mbI
.ads.yieldmo.com/ Name: ptradfm
Value: 2517055552523061229
.deepintent.com/ Name: CDIUSER
Value: di_0911f15f9cf946e793d50
.tapad.com/ Name: TapAd_TS
Value: 1671034193080
.tapad.com/ Name: TapAd_DID
Value: 6c551e27-dcdd-4dc1-8730-3eee73720388
.360yield.com/ Name: tuuid
Value: 01bbe14e-4143-40c8-aba8-d1ec7ffbb6ed
.360yield.com/ Name: tuuid_lu
Value: 1671034193
.liadm.com/ Name: lidid
Value: 69456f9e-e888-40a9-a081-8ec6cdc784c8
.emxdgt.com/ Name: apn_id
Value: 1981009107925892549
.pubmatic.com/ Name: KRTBCOOKIE_218
Value: 4056-Y5n1UAAD-IvXyAAp&KRTB&22978-Y5n1UAAD-IvXyAAp&KRTB&23194-Y5n1UAAD-IvXyAAp&KRTB&23209-Y5n1UAAD-IvXyAAp
.pubmatic.com/ Name: KRTBCOOKIE_377
Value: 6810-93c076c2-e894-440e-8e6d-f5adaa53e805&KRTB&22918-93c076c2-e894-440e-8e6d-f5adaa53e805&KRTB&23031-93c076c2-e894-440e-8e6d-f5adaa53e805
.ads.yieldmo.com/ Name: ptrmf
Value: 444423ab-625a-4b88-8a2d-0db6b44631cc
.lijit.com/ Name: _ljtrtb_56
Value: RX-77fec9f2-4673-4ae3-bc03-e59e362dc17d-005
.simpli.fi/ Name: suid
Value: 17BD8B118D044169A1A34790A1D678EB
.creativecdn.com/ Name: u
Value: mg3D0MDulkFhBL7sQERK
.creativecdn.com/ Name: ts
Value: 1671034193
.pubmatic.com/ Name: KRTBCOOKIE_148
Value: 19421-uid:17BD8B118D044169A1A34790A1D678EB
.turn.com/ Name: uid
Value: 8139544075377708909
.bluekai.com/ Name: bku
Value: ikG99acNZVw64AGk
.bluekai.com/ Name: bkpa
Value: KJhz0X+uQp9D9BYFuUKt2ASGZTbMCjOYqLYuC1nsTEUvXn9ur3C4ffChT4g1t5CrSE59+fFcobfjMbgY+XxgKMlawPC88lX83fk+r77dLuyUuIQp9DS9PP+fZIgN5prV6NvrbXIH9nFS5gSl3uq93rcS2ZPcQBUk1aHkl4XI0CoYw4AYdwMQvUTXobTMaJ3YObb/Wz2Of9iJeZxQkYK5fJdF1MXHQYjnLH98uC6z3mvGlKpFCRgMvK5IWgfbCPj9/TNCRah2XWPGEWEEHsnO9lVuH8mgSwUKUmq2dzX9d+8Hay==
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-8139544075377708909&KRTB&23150-8139544075377708909
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value: 1!8368
.id5-sync.com/ Name: cf
Value:
.id5-sync.com/ Name: cip
Value:
.id5-sync.com/ Name: cnac
Value:
.id5-sync.com/ Name: car
Value:
.id5-sync.com/ Name: gdpr
Value:
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&1c0a2f71-3fe3-4843-87de-16232186d526"
.linkedin.com/ Name: lidc
Value: "b=OGST02:s=O:r=O:a=O:p=O:g=2816:u=1:x=1:i=1671034193:t=1671120593:v=2:sig=AQFrXO-ZqqSJzG3IL-GyP_Tdgay8b_16"
.socdm.com/ Name: SOC
Value: Y5n1UcCo5uYAAN4rASAAAAAA
.wegotthiscovered.com/ Name: __gads
Value: ID=f625a354f2c6f5f0-22bd0e3309d90036:T=1671034191:S=ALNI_MYzTCPFmg77hQyTg5EdDfILdPBefQ
.proper.io/ Name: __cf_bm
Value: N4BH4Kw38oZXX.aUmIbIbZh8vwhGPC3rIIxTOvraxo8-1671034191-0-AZDsC4HTYWxOAWukLV%2FhxBH%2FSpbTde9yvHfVBS2J8YSOewDdLmQPg1VVEoD92HqCGTMcqpoTHukclrn8nhVPsVZTXidX76KiXNATcH2fKWCe
.wegotthiscovered.com/ Name: properSessionStorage
Value: eyJ1dWlkIjoiOTMwZDlhMGYtYWM5ZC00NDNmLWIyMjktZTM1OTM3N2IwNmIyIiwiZGVwdGgiOjEsInJlZmVycmVyIjoiIiwiZ2NsaWQiOiIiLCJmYmNsaWQiOiIiLCJ1dG1fY2FtcGFpZ24iOiIiLCJ1dG1fc291cmNlIjoiIiwidXRtX21lZGl1bSI6IiIsInV0bV90ZXJtIjoiIiwidXRtX2NvbnRlbnQiOiIiLCJ1dG1fdGVtcGxhdGUiOiIiLCJ1dG1fcmVmZXJyZXIiOiIiLCJ1dG1fYWRzZXQiOiIiLCJ1dG1fc3ViaWQiOiIiLCJyZXZlbnVlIjowLjAwMDExLCJiaWRfYXZnIjp7fSwibm9fYmlkX2NudCI6e30sImF1Y3Rpb25fY291bnQiOjEsImxhc3RfdGhyZXNob2xkIjowfQ%3D%3D
.doubleclick.net/ Name: DSID
Value: NO_DATA
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-3c49f9d5-efde-48bf-9333-85d620ba79bc-005%22%7D
.rubiconproject.com/ Name: audit
Value: 1|mFVHqHkj5bEevWORW5dVaO1WuCoMxA8a+JUixCbOKdq47UN8FIGhNAkJnv2+x6LgUnIxMaXCV1C6LOgRSoE8jgBEIu7Oo5ZO6+drdjRKtphODfdpCQj8Cd1PNrebWf4Y/Vtt7hKIOSQ=
.lijit.com/ Name: ljtrtb
Value: eJwdzM1qQjEQhuF7ydqBZCbJJN21ohh77EIQss3PHKk%2FFEoXluK9G7t9eb7vTzmvXtQ%2BA%2FMsLc4I1jOBLUJQmyYQF4U89ma4g9ZOLRQ%2BJ1wdIdUKNZIDG3qA2NBDC7pK5GJJ8N%2BS9nH4agwHKw1ItBn%2FhSBSN1C6Q29icCWU4YMednr7OOxwfwAzwSqbNLql0VO6%2Fb5ulu%2Fz8cyfeZe2X7frMkuaLoFPm5%2B%2BTbj%2BzvWo7g%2BiKzf6
.lijit.com/ Name: _ljtrtb_42
Value: a3e0988e-1f42-483f-bead-3fa183d011e7-tucta937ad0
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-3c49f9d5-efde-48bf-9333-85d620ba79bc-005%22%7D
.mfadsrvr.com/ Name: ssh
Value: !taboola,1671034194!yieldmo,1671034193
.emxdgt.com/ Name: dt
Value: 348
.postrelease.com/ Name: visitor
Value: f9e5c081-fe81-4535-b631-31dddabfd978
.postrelease.com/ Name: status
Value: 1
.criteo.com/ Name: uid
Value: 80becde9-4329-4c56-beef-32b3459c8116
.id5-sync.com/ Name: id5
Value: 2ab93549-42d8-705d-b03c-51d354a93c10#1671034192246#4
.id5-sync.com/ Name: 3pi
Value: 464#1671034194639#943185237#a3e0988e-1f42-483f-bead-3fa183d011e7-tucta937ad0
.id5-sync.com/ Name: callback
Value: https%3A%2F%2Fsync.taboola.com%2Fsg%2Fid5-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%7BID5UID%7D
.omnitagjs.com/ Name: ayl_visitor
Value: 0dda35a23d9584078f8c1f217d0ee89d
sync-dmp.mobtrakk.com/ Name: chk
Value: 1
.betweendigital.com/ Name: dc
Value: was1
.betweendigital.com/ Name: tuuid
Value: cfb91168-f0d1-535c-88d8-2727eb41d274
.betweendigital.com/ Name: ss
Value: 1
sync-dmp.mobtrakk.com/ Name: pid
Value: MTdjODYxYTI3OWYxYWMw
.betweendigital.com/ Name: ut
Value: Y5n1UwAGErCpgoHEosi7gd4tWGCmmwxmfxHQXA==
.adscale.de/ Name: uu
Value: 1091dbfd0cc849fab7ca09fc29ababf1
.adscale.de/ Name: cct
Value: 1671034194893
.adx.opera.com/ Name: UID
Value: OPUed01171f835f446688c4e5cc3268b8af
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 2
.pubmatic.com/ Name: pi
Value: 0:4
.pubmatic.com/ Name: DPSync3
Value: 1671580800%3A248_253_252%7C1672185600%3A245_236_228_226_201
.pubmatic.com/ Name: SyncRTB3
Value: 1672185600%3A48_220_7_166_3_54_21_13_104_178_22_250_71%7C1671580800%3A223_2_15
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-1981009107925892549&KRTB&23339-1981009107925892549
.pubmatic.com/ Name: KRTBCOOKIE_279
Value: 22890-afa8db5b-44ca-4d73-8160-48f9204a24d4&KRTB&23011-afa8db5b-44ca-4d73-8160-48f9204a24d4&KRTB&23355-afa8db5b-44ca-4d73-8160-48f9204a24d4
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:06da6399-f551-4a00-926c-8d29a9ba9bf9&KRTB&16736-uid:06da6399-f551-4a00-926c-8d29a9ba9bf9&KRTB&23019-uid:06da6399-f551-4a00-926c-8d29a9ba9bf9&KRTB&23208-uid:06da6399-f551-4a00-926c-8d29a9ba9bf9
.pubmatic.com/ Name: KRTBCOOKIE_32
Value: 11175-AQELLgBqvmfkuAIPy-PDAQEBAQE&KRTB&22713-AQELLgBqvmfkuAIPy-PDAQEBAQE&KRTB&22715-AQELLgBqvmfkuAIPy-PDAQEBAQE
io.narrative.io/ Name: io.narrative.guid.v2
Value: c0264590-7bc9-11ed-a2b2-0ecbf2332f6f
.agkn.com/ Name: ab
Value: 0001%3AvPtSrMfVcIW7R9wN%2BlH6bpoFjboCg1uq
.bidr.io/ Name: bito
Value: AACLck7HM-sAAB86hc-7JA
.bidr.io/ Name: bitoIsSecure
Value: ok
.semasio.net/ Name: SEUNCY
Value: 3D8AC039F37BDE77
.mxptint.net/ Name: mxpim
Value: R1B341_FAE3DAA2_57C7B014.1.00000000000000006399F554
.pubmatic.com/ Name: KRTBCOOKIE_52
Value: 22772-R1B341_FAE3DAA2_57C7B014&KRTB&23092-R1B341_FAE3DAA2_57C7B014
.smartadserver.com/ Name: csync
Value: 107:a3e0988e-1f42-483f-bead-3fa183d011e7-tucta937ad0|127:AACLck7HM-sAAB86hc-7JA
.technoratimedia.com/ Name: tads_uidp_73
Value: AACLck7HM-sAAB86hc-7JA
.contextweb.com/ Name: pb_rtb_ev
Value: 3-1hsb|4is.0.CAESEPE6d2IFMRvu0yzzkJRl2-0|7TY.0|2N.0.AQELLgBqvmfkuAIPy-PDAQEBAQE|3oy.0|7bq.0.1|5Ql.0.a3e0988e-1f42-483f-bead-3fa183d011e7-tucta937ad0|7dN.0.AACLck7HM-sAAB86hc-7JA
.pubmatic.com/ Name: KRTBCOOKIE_699
Value: 22727-AACLck7HM-sAAB86hc-7JA
.pubmatic.com/ Name: PugT
Value: 1671034196
.pubmatic.com/ Name: SPugT
Value: 1671034197
.openx.net/ Name: pd
Value: v2|1671034198|vMbwgag2gKvPhEkWgyiK
.analytics.yahoo.com/ Name: IDSYNC
Value: "18y3~28ug:18z8~28ug:18za~28ug"
.adsrvr.org/ Name: TDCPM
Value: CAESGwoMc2hhcmV0aHJvdWdoEgsI1KL5rPX9rjsQBRIWCgdydWJpY29uEgsI4KW1rfX9rjsQBRIUCgV0YXBhZBILCL6F9a71_a47EAUYASACKAIyCwj4rIfpi_6uOxAFOAFaBzA1NGYzMm9gAg..
.openx.net/ Name: univ_id
Value: 537072971|93c076c2-e894-440e-8e6d-f5adaa53e805|1671034198168805
.tynt.com/ Name: uid
Value: F6nZ2GOZ9Vaccnl1SYnrwQ==
.rlcdn.com/ Name: rlas3
Value: eRujWkreNelIPJZGxXfF+9P/Io2N7eS4D5uxg5F2zAY=
.rlcdn.com/ Name: pxrc
Value: CAA=
.bing.com/ Name: MUID
Value: 2E808E5F2B016A372B1D9C252A2B6BF5
.c.bing.com/ Name: MR
Value: 0

8 Console Messages

Source Level URL
Text
network error URL: https://certify.alexametrics.com/atrk.gif?frame_height=1200&frame_width=1600&iframe=0&title=Movie%20News%2C%20Gaming%20News%2C%20Blu-Ray%20News%2C%20Music%20News%2C%20and%20TV%20News%20%7C%20We%20Got%20This%20Covered&time=1671034191325&time_zone_offset=0&screen_params=1600x1200x24&java_enabled=0&cookie_enabled=1&ref_url=&host_url=https%3A%2F%2Fwegotthiscovered.com%2F&random_number=13613140152&sess_cookie=7d97f07a18511663ddc66430a4e&sess_cookie_flag=1&user_cookie=7d97f07a18511663ddc66430a4e&user_cookie_flag=1&dynamic=true&domain=wegotthiscovered.com&account=FMu/w1hNdI20fn&jsv=20130128&user_lang=en-US
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://api.rlcdn.com/api/identity/envelope?pid=72
Message:
Failed to load resource: the server responded with a status of 451 ()
security error URL: https://wegotthiscovered.com/
Message:
Refused to execute script from 'https://cm.adform.net/cookie?gdpr=0&gdpr_consent=&redirect_url=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F2%2F12842%3Fgdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26A%3D2c379494-1969-40d4-bfd5-8fbd6da4c741%26bidder%3Dadform%26cbx%3DaHR0cHM6Ly91c3luYy5wcm9wZXIuaW8vdjEvdXNlcnN5bmM_YmlkZGVyPWFkYXB0bXgmcHJvcGVyX3VpZD1iMTE3ODRlYy0zZTAxLTRhYTMtOTNkMS1hZDUyNjE5ODVhOGEmdWlkPQ%253D%253D%26uid%3D%24UID' because its MIME type ('image/gif') is not executable.
network error URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEP_x4-th1p1N3k6F8dn8YP8&google_cver=1
Message:
Failed to load resource: the server responded with a status of 502 ()
other warning URL: https://cdn.ampproject.org/rtv/032211111611000/v0/amp-ad-exit-0.1.mjs(Line 1)
Message:
Unrecognized feature: 'attribution-reporting'.
network error URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=6feb1287-f053-4db3-ad86-95b45ce03a78&r=https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=${PUBMATIC_UID}
Message:
Failed to load resource: the server responded with a status of 502 ()
network error URL: https://cs.admanmedia.com/sync/smartadserver?us_privacy=&coppa=&gdpr=0&gdpr_consent=
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7243205991984157157
Message:
Failed to load resource: the server responded with a status of 502 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

33across-match.dotomi.com
a.teads.tv
a.tribalfusion.com
a.usbrowserspeed.com
aa.agkn.com
aax-dtb-cf.amazon-adsystem.com
aax-eu.amazon-adsystem.com
abcheck.proper.io
acdn.adnxs.com
ad-delivery.net
ad.360yield.com
ad.mrtnsvr.com
ad.turn.com
ads.betweendigital.com
ads.playground.xyz
ads.pubmatic.com
ads.yieldmo.com
adservice.google.ca
adservice.google.com
analytics.google.com
ap.lijit.com
apex.go.sonobi.com
api.rlcdn.com
ats.rlcdn.com
aud.pubmatic.com
b.clarity.ms
b1sync.zemanta.com
bcp.crwdcntrl.net
beacon.lynx.cognitivlabs.com
bh.contextweb.com
bidder.criteo.com
bids.proper.io
bpi.rtactivate.com
btloader.com
btlr.sharethrough.com
c.amazon-adsystem.com
c.bing.com
c1.adform.net
c2shb.pubgw.yahoo.com
call.cleverwebserver.com
cdn.ampproject.org
cdn.id5-sync.com
cdn.taboola.com
cdnjs.cloudflare.com
cds.taboola.com
ce.lijit.com
certify-js.alexametrics.com
certify.alexametrics.com
cm.adform.net
cm.adgrx.com
cm.g.doubleclick.net
cms.quantserve.com
connect.facebook.net
core.iprom.net
creativecdn.com
cs.admanmedia.com
cs.emxdgt.com
cs.media.net
csync.loopme.me
de.tynt.com
dis.criteo.com
e1.emxdgt.com
ea3ccfae25b80120287108a10cf363b0.safeframe.googlesyndication.com
eb.proper.io
eb2.3lift.com
eus.rubiconproject.com
events-ssc.33across.com
fastlane.rubiconproject.com
fonts.gstatic.com
g2.gumgum.com
geo.privacymanager.io
geoip.gamurs.workers.dev
global.proper.io
gocm.c.appier.net
googleads.g.doubleclick.net
hb.vntsm.com
hb.vntsm.io
hbopenbid.pubmatic.com
htlb.casalemedia.com
i.liadm.com
ib.adnxs.com
id.rlcdn.com
id5-sync.com
idsync.rlcdn.com
ih.adscale.de
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
io.narrative.io
ipac.ctnsnet.com
jadserve.postrelease.com
lb.eu-1-id5-sync.com
lbs.eu-1-id5-sync.com
live.primis.tech
mab.chartbeat.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
match.sharethrough.com
match.taboola.com
matching.truffle.bid
mweb.ck.inmobi.com
odr.mookie1.com
p.adsymptotic.com
p.rfihub.com
p.skimresources.com
pagead2.googlesyndication.com
partner.googleadservices.com
ping.chartbeat.net
pippio.com
pips.taboola.com
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel.onaudience.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.tapad.com
pixel.wp.com
player.propervideo.io
pm.w55c.net
pmp.mxptint.net
pr-bh.ybp.yahoo.com
prebid.a-mo.net
prebid.media.net
prg.smartadserver.com
propermedia-d.openx.net
pubmatic-match.dotomi.com
pulsepoint-match.dotomi.com
px.ads.linkedin.com
px.owneriq.net
r.skimresources.com
reachms.bfmio.com
redirect.prod.experiment.routing.cloudfront.aws.a2z.com
resources.infolinks.com
router.infolinks.com
rtb-csync.smartadserver.com
rtb.adentifi.com
rtb.gumgum.com
rtb.mfadsrvr.com
rules.quantcount.com
s.ad.smaato.net
s.amazon-adsystem.com
s.skimresources.com
s.tribalfusion.com
sb.scorecardresearch.com
scripts.cleverwebserver.com
search.spotxchange.com
secure-assets.rubiconproject.com
secure.adnxs.com
secure.cdn.fastclick.net
secure.quantserve.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
spc.wegotthiscovered.com
ssbsync.smartadserver.com
ssc-cms.33across.com
ssc.33across.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
stags.bluekai.com
static.adsafeprotected.com
static.chartbeat.com
static.cloudflareinsights.com
static.criteo.net
stats.g.doubleclick.net
stats.wp.com
superficialeyes.com
sync-adform.ads.yieldmo.com
sync-amz.ads.yieldmo.com
sync-dmp.mobtrakk.com
sync-t1.taboola.com
sync-tm.everesttech.net
sync.1rx.io
sync.crwdcntrl.net
sync.go.sonobi.com
sync.inmobi.com
sync.ipredictive.com
sync.mathtag.com
sync.outbrain.com
sync.srv.stackadapt.com
sync.taboola.com
sync.targeting.unrulymedia.com
sync.teads.tv
sync.technoratimedia.com
t.adx.opera.com
t.skimresources.com
tag.1rx.io
tags.crwdcntrl.net
tags.rd.linksynergy.com
terrifictooth.com
tg.socdm.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
trc.taboola.com
u.openx.net
ui.cleverwebserver.com
uipglob.semasio.net
um.simpli.fi
ums.acuityplatform.com
unpkg.com
ups.analytics.yahoo.com
us-trc-events.taboola.com
us-u.openx.net
usersync.gumgum.com
usync.proper.io
visitor.omnitagjs.com
web.hb.ad.cpe.dotomi.com
wegotthiscovered.com
www.clarity.ms
www.facebook.com
www.google-analytics.com
www.google.ca
www.google.com
www.googleoptimize.com
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
a.usbrowserspeed.com
aud.pubmatic.com
certify.alexametrics.com
core.iprom.net
cs.admanmedia.com
csync.loopme.me
gocm.c.appier.net
live.primis.tech
match.adsby.bidtheatre.com
matching.truffle.bid
pixel.onaudience.com
x.bidswitch.net
104.105.42.146
104.18.99.194
104.36.115.111
104.45.178.220
104.64.59.24
107.178.246.49
107.178.254.65
108.138.128.28
108.139.29.104
108.139.47.92
108.139.50.211
13.225.214.50
13.35.93.28
141.226.224.32
141.226.224.48
142.251.41.2
143.204.144.76
145.40.89.200
15.197.193.217
150.136.26.45
151.101.129.108
151.101.129.44
151.101.66.49
151.139.128.10
162.19.138.116
162.19.138.119
162.248.18.37
169.197.150.7
172.64.154.237
172.66.41.9
173.231.178.82
18.213.167.233
18.214.159.165
184.87.164.200
184.87.164.21
185.167.164.49
185.184.8.90
192.0.76.3
192.35.249.142
195.244.31.10
198.148.27.139
199.127.204.162
199.127.204.171
199.187.193.179
199.187.193.204
199.38.167.131
20.127.253.7
20.75.32.255
2001:41d0:701:1000::31ee
2001:4860:4802:34::181
202.241.208.56
204.2.255.233
207.198.113.87
209.54.182.161
216.200.232.253
23.10.88.241
23.105.12.145
23.20.61.58
23.205.73.36
23.221.200.33
23.23.131.203
23.3.115.129
2600:1901:0:2b56::1
2600:1901:0:809c::1
2600:1f18:4e9:5a02:67f9:8537:7e0c:43ee
2600:9000:21dd:5200:8:48e:53c0:93a1
2600:9000:21dd:c000:6:44e3:f8c0:93a1
2600:9000:2209:fc00:1b:5138:8a40:93a1
2600:9000:24f1:f400:18:1fcd:351:7bc1
2602:803:c002:200::32
2606:4700:10::6816:2f8e
2606:4700:10::6816:354c
2606:4700:10::ac43:266a
2606:4700:20::681a:68b
2606:4700:20::ac43:4513
2606:4700:3032::6815:4cfe
2606:4700::6810:3865
2606:4700::6810:7caf
2606:4700::6811:190e
2606:4700::6811:4e22
2606:4700::6812:19ad
2606:4700::6812:19f6
2606:4700::6812:9fea
2606:ae80:1471:13::730
2606:ae80:1471:17::1140
2607:f8b0:4004:c1b::9c
2607:f8b0:4006:807::200e
2607:f8b0:4006:809::2002
2607:f8b0:4006:80b::2001
2607:f8b0:4006:80b::2004
2607:f8b0:4006:80c::2002
2607:f8b0:4006:816::200e
2607:f8b0:4006:820::2002
2607:f8b0:4006:820::2003
2607:f8b0:4006:821::2001
2607:f8b0:4006:821::2002
2607:f8b0:4006:822::2002
2607:f8b0:4006:823::2003
2607:f8b0:4006:824::2008
2620:100:a001::4
2620:112:f002:bbbb::21
2620:116:800b:21:c1e8:5385:5098:6bf0
2620:1ec:21::14
2620:1ec:46::40
2620:1ec:c11::200
2a02:2638:1::1a
2a02:6ea0:c454::1
2a03:2880:f034:11a:face:b00c:0:3
2a03:2880:f112:83:face:b00c:0:25de
2a04:4e42:400::714
2a04:4e42::300
3.13.1.121
3.135.132.32
3.213.224.199
3.215.244.255
3.218.90.66
3.223.224.44
3.225.42.26
3.233.114.209
34.102.163.6
34.102.253.54
34.107.148.139
34.117.239.71
34.120.155.137
34.120.157.206
34.149.20.76
34.170.123.2
34.199.177.9
34.200.16.206
34.234.237.11
34.98.67.3
35.157.85.119
35.173.157.165
35.175.61.209
35.186.193.173
35.190.59.101
35.190.60.146
35.190.90.30
35.190.91.160
35.201.67.47
35.207.24.140
35.211.178.172
35.214.223.115
35.244.159.8
35.71.139.29
37.157.4.29
44.209.207.157
50.57.31.206
52.204.129.69
52.207.45.74
52.33.102.212
52.37.90.245
52.4.33.45
52.85.61.52
54.147.12.232
54.160.14.168
54.198.16.210
54.235.152.67
54.239.33.159
54.243.212.30
54.88.76.203
63.251.114.182
64.202.112.127
67.202.105.21
67.202.105.31
68.67.161.208
68.67.179.113
69.166.1.14
69.173.151.100
69.90.254.78
70.42.32.95
72.251.238.254
72.34.250.75
74.119.119.150
8.28.7.81
8.28.7.84
8.43.72.97
8.43.72.98
82.145.213.8
96.46.186.57
00b41ce5405f76a61dac043edc9fc8635a1f4f6498efa64f03ea2157f5215c1b
00f5fa0e6c3959313e1d293bae4933d3a1b66b4bd67b1a36566def89da9185db
036abecf63800b52d0ae86b4cb5541c949d79a2fa0d645bce2bc5825fc0aedd5
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
059406876eca603c411d5f773bc3629d03ab3002a84254b59c7b43f879b5e878
05dd8f60c440c7c134fd33a6f239fb71fdbaec2d7029fba2f9040e1d90beae11
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
06e4018fb9dffc806374d2f59111fa35b628b9e6d21d8a1b3ce4891e946ca521
06f0d1be1947fc59872925a3ee863bb3dcc2f56451450152e2f4e4d20c312c23
0767c070293f17944c5246f47d8c610131ee16556a032dc3b5820bdac5ec725f
0770178df0a390c23a92f83293cc9e963983faa20d07a539517c44c9caf6e52b
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
086dd026ecedc20dff23d61987ed06ffd0752432dce7a1872f236a9e8d475e67
096d621782e614a315bbd32e3012b71cbfc53f045dd11148dcaeaae120119872
099a78f00e58c8c54141e6d4cedc560e5f51b750124b17ac6fe13cd176e0bb4d
09d1c64dad7f557453c639d73ee51bf6aaa2bb92a23d1231620fd1d8807ad6f4
0aa6a7045a55ddcb25bbee4d1edcb864081cf59f7fc9bdc1ada22a32ed4ad3ad
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0e9c1e427a5e80c2866377d7efcf372713fe8de95427f06e0fcfedfe1e3cd12a
0f48c5678ce459a596423b0e55344e7ad8eb3d3b1b27c54cd76a9d4cee7dd6c3
0fc5a210637cd6739073bb898a0c5bd9355cebe861be00d0bd0adf57992a9dfe
10c055e552cd4e8121eded0e5227a20534bfc3484aacecd99b553c069a332f53
129523d3fa08bfec1190be345218cb980d077a4d11fb5e9fb578832302a2eac5
12eb3890b61da157d8044feabebf3cb2933c3f56021c574f6b09c3d2d65ca1cb
13a7797d409b01536f29f5a444cec06faf2947aa74cd9aca533fe92363456fe4
13c38f304ff37b086d6054a4ad38925ff59895af6f7744beaa73e45fb076bd72
147115ce7aa4a4b2960cc9a0272e384211f1ab74f80b4125b986c6c6061d8d74
1491de1b31182d38593bcf660c99bc6018af8e192d91663f67ec9d045a3b5ccc
1635b2a914d39d150d79bf6cf3209f806a8f42cfab5ad9989ac3e12608cec6e9
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
19120df5a4883992e222df90303056fe9d5215a119842fa5e3e3c5a159c0e451
1915f88ee10f1c95270b31631031553c2ea8502d1e433c9960133903797a20e0
1940f97b96c251675cc40e5875fb640913b417ca45ab8c363863ee58a00312c0
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
1c1e1c3ae7f9b71951f0539bbea7738054c26fee2e896ebb54f253db765d4c84
1e288c4dc57f72a69a497baef524f41c57e1c6a414b09a5bde22cd5b2f1b7cdf
1e8e0e86ec3301c6f2cc790e8da9218d34d5d20f42e206b30ef8832578e403df
21d85ffec14e59671a01257e794d4e5e9375cbb1762065ca854fa4b73fd47134
222aa4e80fb0eaaf8d38b567eadf239d79f425c452e90b3d12c90ef23193510f
24559cb630d9fc7ad4c9c2ceb19663a2dacdc44af12c572d7f08a28e1e74218a
2541943eb1b759367d198f4b470134d85aadc1bf18a48da5e49de3c61b9a59ac
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
27c58e8388abd7ae5008d39c31768fa71af80580be954530b64d451078fc7f64
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2eff9682459cdf09edbdc26d40a2ebe4ebe9a89398676952d0b06c1630452789
2f37d0a67990c79a9d1d9b8eae98a805c2513fba9521ab6d69a2cff4c0304825
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
2f95a880e5801bccf9bd22a13baeae155794995fdbabfe419427757ecdaa1449
30552efd2564e172b0b8c73f4b5d3b6f43c0e955f3e1836aafb8492aedc15eb0
30852fe0f71b85630f398104f3bc91a54882aea0b88b10105580ededaed2cad0
313b448adc116d1b17fafad0d3195fc836784293a51087e5beb2331e2b2533b2
324229580a277a2f43dabaa9aee2042c1e8197bcf0a8e2fe6fc5aa077f0d14e8
34c4d35d1e639e20ee6babf51f4ae34c0de97fff3a89af5210f51dee292a110c
355a62053bbcbac95922087fef7241841a1db3883a69265d5361e4a3c7dbaaf5
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
39fae3dc476aaaa594e2c963401633dd5d02eccb3c175eda03912cfe0f91c92e
3a0412bc34cb83dada6a2063dc399118cbd592025e9234aa984c025796d8d9c1
3cbfa45685b4ad91c14f3256742155082ef47dc59fb6838faff5329877c5ad9d
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3d6c7c116e6231a6569d1bbb056c22f8865fc2d63c88063a411bd4d22f69f6bb
3e7b0e35f880e5a73512f62d8c6efb4bec35d0c2f4b9969a58c7ec3d421169f2
3e7d49f24d56db02c7baca8ae3a17555c2e527571450e8c24c77b453407e267a
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3f55c14576b73b1fa761c9722153509875403c18b3a6916045fd146f3e3a6a00
3f6a66df92b935a20d2eee51009e55c68bb225d674c133fe43b5004b41014984
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
4204bb1454b371e66462d878e4941170c2d1815bf49aa5739669439abe284858
42eb0f84f617c657f9b11b98a356ee65f9ba11d48ba70da7e425c44371c23b3c
435fba17c8a0a8084a4466cd53202f4aaec58e10ad916c21ecf804cf2e8fbad1
43fc246a1a30bd53204d8e01df9cd7d9cde0cb23ce78506d12b54e4248d1f806
4529063318c99582948589c202835d859092d2a24e417f4f0a3ccfe8211ad37e
45f69322d6b7464235f5d9a622681798949d85ad8bd70f960c7247e7c4d2b834
4601b36b8b64b04fe6389f96ac1e622838f3a35cbc0d06b3768352a9ac51668a
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
478129a73b00c5423319d39ea23ccf09489204c024d9009c5ea09f71750cfbe6
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48c97b0cfa2e71392fa58921505b2b8aad8f7496cd049ba4331fca8e8db8c485
48d611c460406f0653185a1447f5bf797eec3afa7c080b74205f4a8ea2729f3c
48f615bf516a15322392d61080278697d33fcb2cdca5d359c3eacc791d73915b
4b008543d46a0cc49a785921f08d6b32b22fd05e2c4cabd56cd0f2816b4c9866
4b05d7f4339a505c65d2fcb1b21addd2a13a0c155ddf7ca766d1e7203b2b6cae
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4ea10e0e05177fbd7fe9b538f3123b1f4934480a4ccb5e2ff0366adc2f4a13ea
4ee09c44b9a166187ef85a03059b395b4818edce39c06bddf7fb1663a83af9ab
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
507c27740d49f6b21e854adb09f4f2b4e482ce1e2d043e3d71d25a652543465d
50bf5576e0baf9b7fc719a43faeddccae330da1132faf33aec2d8fc495e6dd4f
51308cfc2cee270e6819ae124d2eb4eec815637c9ac20f0b4a44b20ff0c41689
540bb5ff477e4b811fa0722ee00721505135327e268dd6fba8a706795cc8a613
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54f1a51ad6b038a2ed853cacfc7957caffb32e173ff7b38f888bab3072fc303b
56684c7045d7a5b581aee5d4a5b6ab8b91030bcce3ee10fd30488ead7fcbdc69
57ba6e1bdb4acee34e54dc147acabd1d0573218dbe12fc0fdf9148d45eacbbed
5d5b79939af62dd9d17e38274045635f9190de4abdffa175c18da6e5845341db
5d60188e1893cab2a9d74afe3bf745d181a2dfa0bafe196c9328269c83600f41
5d9d7e78e22202af03b2d09ad31952e031e3423006cba4a29fd506c5664c7761
5da042d5812f163384470df8b5fbca46e8364922c47407a8dbdcf114066fc6ab
5e84ce936bc3e3844a5d9efb3ac7d28107fa17234fa2a6c2bf3491fc284f0d4f
5e9e8ae4b52da14c2647bcd0d9697ccb862c5e8cf6f617bbecb1153beb33e950
5edd0ddaff1ddef48bcde89d64bb675de67f7a64fab3e6d69a932a73c8119498
5f344a0446fdc8f2aede25db971bfe3d59cda52984c4eff42730ea0fddb111cf
600a6ebf8b066b0472de7633f0775ce4dff7049294a134963a9734664e6c7b06
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824
619b9327d536cb0f4bc85d49afc70e9bd9503b7255655483093d8fd69ddd5a16
61c1317e433c125a2ebbbdaf22fc3a0b3606bcb0c9cfea151425adf7b5195f48
62459ff207a967d3a92e09c97e8a62b6b60120f7a1b81851955609036bfcee42
6245ad6cbfa982ce86918b146205d677a52c7f2723255e35afffb7f997c95c99
626d005f820b0d6b53420810b7a4efbabed3d501f7e5438d82b12e9c42b0ac0e
6448fd1cb28f03fc7d7523861e09bcaa77dd33544175456ff60e130f7a3e1605
65727f856f604fa30932b2512fcdf6fc24e47309112285c9e0536d450690f62c
66e468ad56a6ee9df37d4aa7ada39d86ab4c29c4493f111c8895549accdcaf84
66eec5ff1f5907c3bfb3d9fc41b7a9dba1cb34f81ee6cd1dc5f07da29ba5e977
66fa651c937579ec05c8732193ffc1a1bb1158fb2e713af24f0cbdc5e3456a0f
68116287d6b99feff98ad41fa01cdc251f12b52e253bab507ed2eaa7a363e2b5
68f74a43e9af5674dccba8769c8c10532bf5d86eb2f49380fbb51b9038cc49c0
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b0b111ca14c2147a0f0cb51f1317290eb5ec19b4a9bea595a5ad7ffb7d9661a
6b24624aa852df3a9efc7e13490fbc1c9fea5a5bbf7d3103561af6c7398b40a3
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d6cd61d84b9c93b0d1fbebe245e31aa7a3733a1bffdcc189d104f33a40ee2e7
6e28542d69305d06c4494f2a6b355708fc289bd64c0da7b8f79badc967d6e603
6e57f8fc39e638ada44a2f367a9a6444a34797de331e57fa52239c2dfaeed200
70e981c0be6b446ed823c1b8164238ab6902c736de80fd8bbc50a649d176e28e
70fd869f92915eb3c9f85d2d2b5a473ba45239ae463b35267642335337c46f06
716a727e47216ad28191f60fb09d59015b1bcb3df8cc32b5bb94f73d534a5732
71bed7bfcc309a0f2dafd8cb60831b05de51feaae79533a91134017be9c296b4
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658
7370a8bfe246b1c317cb0a63eac51447c1ffe81d3420fbbde8efb43711258e3b
7374a169b675ad5c3ac6167edda9c8fe05fe5315b6728815db2f091cc7712af6
76202646fadbc2b406c75475881e421491cdbfb6e6162d77913fb28742ec5549
76d3a44a02cca6d4be4ee708af308da26518ea004574691234c24f088cad79c6
786696b33500f2b1a986d169cd9d0cd17bf8654b9b2fc63212ee4ac128a9d463
7921a6035cc8a0981a5dee737dd3d29b150ddd48407717d3fca4b6376f2b0e70
7952a34f886e3cef6c4522009e3abebb3b7f8254955848f6ef064a915fa9ed23
7ac823c458408460553fdc1c060ef7057848334dd3f637531540e49c8929ecb8
7af087300c6d3d3b2c1783e3210dbc70be2a145b0289beab7e98e8e672cd374a
7b307f2ce73aec07bfa1ab1d6462f491de0497c8819b1d6fed66eda9638a3530
7c0f7cb6e0621abdd2742bd08cfd91b6798d49b3ee03590a32ab2cb40eceb3f8
7c57c4d05d08dad65bc6935b48f240ba3b7a31897805b4def998917a8dcb6ad7
7c9afa1223e8b8bf94b4d489255203589550cdc0d4d829ed8ecee81fedcd9767
7d66cbfb7e1aa072a9e80351aa6f13022f0a799a8976f1d454ab6ffff3704b28
7e6ee8afaccd6f4abf21b016857ff0d3c3dd5c1603c488eac76aab78ecde00f8
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
80e27520202eb4c675af3d99d556b1073769da5bbe93eadc8df75432abdb186d
81b683dd9d42cd417d7d9b29ab60b1d30c8f3b6d0cd6dde6587725805559a7d2
82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302
82ef200ece01e84b0387a394dd784b93e1a677f8b2efed9d6b79f61d3084121a
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83abaa6eb98a17fff51ce87d3a792ee302ca559663be384c5f8a8127ab684e11
84a390a4496f54d948493672c14e692c2236c7f36fed2f9fe95adee642d11d95
851e2fb668e4e3377b812469ffef63f5afa4ca2f7015819712137c864dd66acd
859a885aa32847000c002c0bce5c07ff72d2958242524ce7e42796965f2f6166
85c96fbb69c7238228745f7653c4c883a1055b6503b7dd5ef2811315afd35c8d
88baff455d98aaf93be259edf782979e5705afd920e904fc421aae5744759be8
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8b8d403c9eb135e14319d46c0883805e49cafa8237fe605d2248682118448240
8ce6ab2f5815a324ff562308147a3e9ed3ac46f4df5b6fcf56ad3c060d137500
8e38f6323f4b878878451b1f5da0c46e964fca4cf61e1d0d4e8a179dcfe34279
9003eb7e3040cdb9591230348da3f8342778da4f6ba8b2ce9deafa8970caba4a
90e57343faa5f8c7e1714cc1c70ff55d76a5f795ad0ccdc94579cddf20226453
925b41942342b99e4fa069f40103f35a3dc23b3ba25a01621394935b27205aae
93d649f48a0c38b2a8bd785c48fd68a6a71c05f2ffdff835a8bf8cf0f0d21f99
9421d7b4c9e13291da7ada9b5103ed83fab92e157f3650731a3d3580f1deb3fc
954e385ecd6ed2ab0cb91dc0333ea1b3cf1bdcfe309d4857e7181324cb8dc25b
95dada8d5f7796df414b855556156b53187c4282a072755760e189102f8c11bb
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
99c69003f1b475f64a578b13fdfd566cc32c9ec0d7e51aabfe5c2b58de70918f
9b5cc0e590256437c678adb00f7a78568534bb8ff9e7854a70af48e2c18502ea
9bebc0d3987cc82f051bb03a32feb9bc432bdef8cf717824858487f35335e2ad
9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
9dc6694045b8f11e2049e75025e3eb1ee68ea60ad0a4d060808dfd4361f1b711
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1738cf6e0962bdf3a04c6dc4adbac1a5eea6bc9d07de8d5ba8df34827492d10
a26695adab8d7538059dd2a25948c481f5a8fffefee171985a305f9fea9dd628
a41fc0dee8f6c88b2bd740dee605b24e697fa800cff91cd907a00c3914dc5ed7
a49fbd768a45317b310b7eec82d121e1887f5ce690a001f44de7eeb4a4e98f22
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4ed759cecf69a8d851312063ad201117eb8ee046f11ff6141f35196a3ec398e
a63e5cadd935b4e0f99d4e3813d01b5c71f7348fa8ada43d7e46ac9caa57939a
a6d9fa8ea6ae772a57fd764ef36294cfe3ebfb8b5667f50e0af86c0959131355
a6e74e28e7c2639043434dc2dcb2d33bbe9a7b1422e84b87454ff5dac0c465f8
a8245304d559698c5788e5a75fd94974adfaade8522376c86458f41356480279
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
abf13b5296ec64f020b1d5389976e99e598a569ed25d6bd4e5a71507a8af3bfb
ace4208545fb0ff5ea87fbe1470d3bf0af8e73d7d52fea869966c4b9d8c78a60
b08cc9bd79f873cbf3a9468010074bd1c2ede4524d993a1f42edb1778fa3657a
b130d3879710e6eccbf6de6c54db32bcef09d82ecc23d81fe034ee3f472c0394
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1a5a09a0eedf9c9ddfb180ed20a70542b785e8b3531cd3f22f36a82e88e3d3c
b33c3a811b7e36665caadd8fe94360e223503f1b2330c970924c59c26faf818f
b3b63fa8f90f3f8b30a8c57665c86ad065073211f0f55a51d3b6f8cee295e3aa
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b5cf3c1e88f1fa0dbbcf17a91699d3b05da3ac779dcc160deb9f1160781365b4
b79da6bd9e1b5bbfdb757f8600e88f42f82e49667fc27bf31a9319598cc18031
b7b74f18b90d3a161b71d0fef3b4de6db5cdb3732dfaa445740bfd2042f78b9f
b8ee8cd272145326850d4124a1cad6209097b35b69f965dd14728d51e0d7c8bb
ba43671fe8efa561dc6d7c35d5dc8f95d9ec360c0d1d6c6f085a70dbef723b72
bae55ddb2e1f410e5a36630dfafa976d4c99a1949dc0b6b162aa1e5c0aa2d2dd
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bc7056a045f58051e90d939cf2dd0fe43e8be1ced9a597dcf07f64fc866c8c6d
bc944fdca87cfee48ac104e863be9555f4d4a7e1ddc06d78a79ad29b2c65dbd3
bda0264636478906b614aa48123a9612eb8de2ff5849d7384eb38521a5c4ff5c
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05
be7c93cf39a00ab05ae2ae580945d914372f1826e7b6c5df64c1e03adc2a644e
c13f1e98a9c184fdee744fa302649c12ebb49647bc9e4b9ffb6513bd8b9be405
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c3f05412b273a3c32bf550bf721db6302d8c8c8692d25b847f278ef67693195d
c51fffe2be6f1a72b6d297c12af42ddea28f64b60d1d75a7fe774114dd6942a3
c7ad2fb033696f6b193dc1e4ef7d353c1d9a4d4a39772bdd0b44175704986ef8
c8b1636e6318bd2bf9a0e13caeb35c735a1dde3ac17542cd9115dd3fb0a13b1d
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cac75d57c1eec435eeaf8209524f09eb2c187be30299766f09279439ea5d62f5
ce8368e5b8e9f2f066acc6284578c00021aea742c4c7c7ec2836c232a5f8b1f8
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf6258597c31e9c1def50b211048660b5e3d33fe2525859cf343567ccad9ffd6
cfe5a298a800dc055925b5cc1d18da389962ca2f3c7adc05e72245a4beb85894
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
d073fb4f4eec190af7bf7282c4fecca1001c25616f87f23d5aaa8dbe16d37e2d
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
d18458a69d1a5a33608e1e33801932109f8bcd371085220943374cf825a3e797
d2240c44aafbda4bf54a35430c06c39ebf9cccfa5106e8f39204e33a67a87996
d2d21c1890d39a55b85f2a66d4924d24b37fdb0c1808f3269f0aa6d75bf8611b
d2fb26f4e38f82e1187c4ff03d08b8d6fd58c5aa140770fb79e47b3a8d622689
d350d82a519c5fac452e82405846a81ec7a521c645567be99070ca8d613ac1ce
d39403de1ec71ed2f8605a302c8255f0a13f426e05c7cfa4ecaf40aadb27c665
d6481485632094afd3948944ea0e38ea3d995e0774eef9d6ae67e48344f8d125
d6d11018e0f28c80722e3167fb1818a23e547c93f74cdd2740680ea5e58a3578
d709873b2dd3058fdb02f9325eb522bd13420e9aa57fa9d1c99723ce6947e517
d7f23b706c2051cd14bbfdc75b158a623e575846b2a34cf308709793fb72f5e8
d86d5b1ab5c0ca59bd7410cf5fac277d26a2172660f05133fb2ca61018714d42
d8ba6e00e79f5d4ffc5e3f634123c36823648e601c5d6465d27c65e7797d2807
db055fa3be0f826bfdfaf6321e6813dc6955878dd2b8e80338396b534a2a0123
db1c2b662ffc9e6309d4eadf7f80f63ba929159c46e91b9ab7d9a6f2d86e04c4
db9c8c3eb52f72b43a2a4376a91e0865e2e9fd8a3d232b2b539e8cdc193e5360
dc2640d75f466c31ca17f93e8296c690c483356be18853494420f481df791c1b
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de0b6a85183e77b27669137f81e9807c2f1c35fd0c1b3012055e3cf0da2f16fa
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e2a25b3a202e41dbc95ffc4acddaaad6de6da2dcb74e49cfd0506b1a916dcd3e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3c0a69d6de03571afb770c25f2216665c272ff731e3699ca3a2caf80d730f93
e576f12e82c468567e420386b68476ff7045815976395bc6baad1a822c7368a7
e6282211723318f60d51ebeef2347fc9623d6e7b0b73e5827700a34f36ee6b19
e6ccc89f54af82af65c5ffc73d58f540dd99f2e4c42360a239bf9df81adc7639
e7aa1c95b7440b1faff5aeee164e277fc9344c905c2f8d79f5eafc8417d77d80
e8d8ffde5e537818fee234fd0ff800c8dc1fb255a1dd5e9d147c038757b37448
e9f425689b3fb127f05744923a75a92e2fe5847e54fe448b3f4bc4366a59fda7
ea5fcf9ae18e12726f8bf7cb32271d62e558686acbceef63ed6ce63228d4319a
eb2ab5b5cdfb45aad4d8911147a322e9546a12881682d80eaaa9040e77d63288
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ed47f6da6cbefcd926b0a130707a814c2f0e9762101e11a07fa520aa1343b3a1
ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f164ec8de5881a65f775c90a18557a2ca67a4ef51f35aed61135683efe18baf1
f17612227f3ae442e3374db86b35348d69c1bdbd86199e731140f20f01d67aa3
f1f17fea7cee4a9ae74981b2930b10a3aafd713f4564080def24e5fb8342a338
f20501a635ee0666394692c96a11fa9f26cc9d5c85aceed6ab35a9635f7e2a65
f2b68c2435eda0b3e644072ac97ee5a6ba8314656c025612ca4226c5695789d5
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f4eef8263281c0b26486637831251059757bc3fdc4c3a48045a8ef8646b36e8f
f58fb9d38cd0cd85f5cf72407f050aeafe92e3058b815de04a920b052ad9d51a
f5ce1b8b6bc9ae8900b96861eb134e6b4db73075cff0e8e3a230327d75cdbe18
f677ee2d82dfb11f08175f673cf3f065b0d5e491b4485e01259a492715c746e2
f6be2bfaf5dd3c4aa391e7966964fd920cee751c75474c39affd32ada8425841
f7e489a205bd11ea63eeda166db4345c049e7e999ad5cb23dbc53c52d9808782
f9d2741f93e8e29417fce92a672a2a24029cad28575703ad3943944202dc06ee
fbcc6b13cee9c1b9b9b97f4070d9127a7dafc3a725b1b0cd80ebd3e1096e7668
fcc83a5b6aef86420c1ad553167106df96bd0ff4192ffe52b1647599948edbcf
fdb4e82e93f162ae5713c48ee3309488b6d425a47d1392acd79d5adea2e0e596
ff0498de679043562f7b391e9e4b562bb9dbd86a81d4e950b8c61fc393b56c37